...
Here, we replicate the relevant parts of the present installation as a starting point.
Base virtual machine preparation
Imported ~/Documents/Debian9-base.ova as Debian9-base_8021x, re-initializing all MAC addresses
Added eth adapter 2, re-init MAC
CPU, increase to 2
added eth1 mac address to server DHCP config, 192.168.10.52
server shwl add 52
Code Block |
---|
Debian 9 amd64 installation
- Hostname:
debian9-base
- User accounts (username password):
ls last
root last
- Partitioning:
--- Physical:
------ 1GB RAID boot flag
------ 29GB RAID
--- RAID:
------ md0: ext3 /boot
------ md1: LVM - part of volume group debian9-base
--- LVM (VG/LV):
------ debian9-base/root: 18.6GB ext4 /
------ debian9-base/swap: 3.72GB swap area
- Up to date as of 2017-09-27
- sources.list includes:
Sections: main contrib non-free
Additional repository: backports
- Apt-cacher configured as per Last School site (Proxy credentials will need to be entered in /etc/apt/apt.conf.d/02proxy by user)
- SSH access installed and enabled
- Gnome and Firefox configured to auto-detect proxy settings
- Extra software installed:
vlc gimp emacs fonts-indic tcpdump iperf exfat-utils wireshark
- One network interface as bridged adapter, cable connected. |
Added a second ethernet adapter in settings, connected to "Not attached", re-initialized its MAC address
Increased the allocated CPUs to 2
enp0s3 - Adapter 1 - Bridged adapter
enp0s8 - Adapter 2 - Not attached
Booted, disconnected eth2 because of errors
Logged in to GUI, connected DHCP
Code Block |
---|
rm /etc/apt/apt.conf.d/02proxy apt-get update |
...
apt-get upgrade |
reboot VM
rm 02proxy
set better Rebooted the virtual machine
Set strong passwords for ls and root passwordsusersinstalled
Installed my ssh pub public key in root's .ssh/authorized_keys file.
Code Block |
---|
apt-get install shorewall apt-get install ipset mv /etc/shorewall{,-orig} mkdir /etc/shorewall root@server.lastschl:~# scp /etc/shorewall/* root@192.168.10.52:/etc/shorewall/ #commented all entries related to loc and vpn zones (including dynamic zone man) in all files #removed all MAC addresses of wifi clients |
...