Thank you for sending your enquiry! One of our team members will contact you shortly.
Thank you for sending your booking! One of our team members will contact you shortly.
Course Outline
Debian Distribution
What is Debian?
- Choosing a Debian version
- Debian support and help
- Debian community engagement
Console Basics
- The shell prompt
- The shell prompt under X
- The root account and root shell prompt (su, sudo, running programs as root under X)
- GUI system administration tools
- Virtual consoles
- Exiting the command prompt
- Shutting down the system
- Recovering a functional console
- Additional package suggestions for new users
- Creating an extra user account
- Configuring sudo
The Filesystem
- Filesystem permissions
- Control of permissions for newly created files: umask
- Permissions for groups of users (group)
- Timestamps
- Links
- Named pipes (FIFOs)
- Sockets
- Device files
- Special device files
- procfs and sysfs
Midnight Commander (MC)
- Customizing MC for government use
- Starting MC
- Using the file manager in MC
- Command-line tricks in MC
- The internal editor in MC
- The internal viewer in MC
- Auto-start features of MC
- FTP virtual filesystem of MC
The Basic Unix-like Work Environment
- The login shell for government systems
- Customizing bash for enhanced security
- Special key strokes for efficient navigation
- The pager for document viewing
- Setting a default text editor for consistency
- Exiting vim securely
- Recording the shell activities for audit purposes
- Basic Unix commands for system management
The Simple Shell Command
- Command execution and environment variables in government systems
- The "$LANG" variable for language settings
- The "$PATH" variable for command search paths
- The "$HOME" variable for user directories
- Command line options for customization
- Shell globbing for file pattern matching
- Return value of the command for error handling
- Typical command sequences and shell redirection for workflow automation
- Command aliasing for efficiency
Unix-like Text Processing
- Unix text tools for data manipulation
- Regular expressions for pattern matching
- Replacement expressions for data transformation
- Global substitution with regular expressions for bulk changes
- Extracting data from text file tables for reporting
- Script snippets for piping commands for complex operations
Debian Package Management
Debian Package Management Prerequisites
- Package configuration for government systems
- Basic precautions to ensure system integrity
- Life with eternal upgrades and security updates
- Basics of the Debian archive structure
- Understanding package dependencies for seamless integration
- The event flow of the package management process
- First response to package management issues for quick resolution
Basic Package Management Operations
- Using apt-get/apt-cache vs. aptitude for government systems
- Basic package management operations with the command line for efficiency
- Interactive use of aptitude for detailed control
- Key bindings of aptitude for faster navigation
- Package views under aptitude for organized management
- Search method options with aptitude for precise queries
- The aptitude regex formula for advanced searches
- Dependency resolution of aptitude for conflict-free installations
- Package activity logs for audit trails
Examples of Aptitude Operations
- Listing packages with regex matching on package names for targeted actions
- Browsing with the regex matching for efficient exploration
- Purging removed packages to free up space
- Tidying auto/manual install status for cleaner system management
- System-wide upgrades for security and functionality updates
Advanced Package Management Operations
- Advanced package management operations with the command line for complex tasks
- Verification of installed package files for integrity checks
- Safeguarding against package problems for system stability
- Searching on the package metadata for detailed information
Debian Package Management Internals
- Archive metadata for transparent operations
- The top-level "Release" file and authenticity verification for security
- Archive-level "Release" files for comprehensive data
- Fetching of the metadata for the package for up-to-date information
- The package state for APT for tracking installations
- The package state for aptitude for detailed management
- Local copies of the fetched packages for offline access
- Debian package file names for easy identification
- The dpkg command for low-level operations
- The update-alternative command for managing alternatives
- The dpkg-statoverride command for special permissions
- The dpkg-divert command for redirection
Recovery from a Broken System
- Incompatibility with old user configuration and resolution strategies
- Different packages with overlapping files and conflict resolution
- Fixing broken package scripts for system repairs
- Rescue operations with the dpkg command for critical fixes
- Recovering package selection data for system restoration
Tips for Package Management
- How to pick Debian packages for government systems
- Packages from mixed sources of archives for diverse needs
- Tweaking candidate version for specific requirements
- Updates and Backports for staying current
- Automatic download and upgrade of packages for streamlined maintenance
- Limiting download bandwidth for APT to manage resources
- Emergency downgrading for critical situations
- Identifying who uploaded the package for accountability
- The equivs package for creating virtual dependencies
- Porting a package to the stable system for compatibility
- Proxy server for APT for secure access
- Small public package archive for specialized needs
- Recording and copying system configuration for backups
- Converting or installing an alien binary package for flexibility
- Extracting a package without dpkg for quick access
- Further readings for in-depth knowledge of package management
The System Initialization
- An overview of the boot process for government systems
- BIOS, boot loader, and mini-Debian system initialization
- The meaning of runlevels for system states
- The configuration of runlevels for customized operations
- A runlevel management example for practical application
- The default parameter for each init script for consistent behavior
- Setting the hostname for identification
- Configuring the filesystem for optimal performance
- Network interface initialization for connectivity
- Network service initialization for functionality
- The system message logs for monitoring
- The kernel message logs for low-level insights
- The udev system for device management
- The kernel module initialization for hardware support
Authentication and Security
- Normal Unix authentication for secure access
- Managing account and password information for user management
- Good password practices for enhanced security
- Creating encrypted passwords for secure storage
- PAM (Pluggable Authentication Modules) and NSS (Name Service Switch) for flexible authentication
- Configuration files accessed by PAM and NSS for system integration
- The modern centralized system management for scalability
- Understanding why GNU su does not support the wheel group for security reasons
- Stricter password rules for enhanced protection
- Other access controls for comprehensive security
- Using sudo for privilege escalation
- SELinux and Apparmor for advanced security policies
- Restricting access to server services for controlled environments
- Security of authentication mechanisms for government systems
- Secure password transmission over the Internet for remote access
- Secure Shell (SSH) for encrypted connections
- Extra security measures for Internet-facing systems for government use
- Securing the root password for administrative accounts
Network Setup
The Basic Network Infrastructure
- The domain name system (DNS) for network identification
- The hostname resolution for accessible communication
- The network interface naming conventions for clarity
- The network address range for local area networks (LANs)
- Network device support for hardware compatibility
The Modern Network Configuration for Desktops
- GUI network configuration tools for user-friendly setup
The Low-Level Network Configuration
- Iproute2 commands for advanced networking
- Safe low-level network operations for system stability
Network Optimization
- Finding the optimal Maximum Transmission Unit (MTU) for performance
- Setting the MTU for network efficiency
- WAN TCP optimization for long-distance communication
Netfilter Infrastructure
Network Applications
The Mail System
- Basics of modern mail services for government operations
- A mail configuration strategy for workstations for streamlined communications
Mail Transport Agent (MTA) and Mail User Agent (MUA)
- An overview of exim4 for efficient mail transport
- Basic MUA - Mutt for user-friendly email management
Mail Delivery Agent (MDA) with Filter
- Configuring maildrop for filtered delivery
- Configuring procmail for advanced filtering
- Redelivering mbox contents for backup and archiving
POP3/IMAP4 Server
The Remote Access Server and Utility (SSH)
- Basics of SSH for secure remote access
- Port forwarding for SMTP/POP3 tunneling for encrypted communication
- Connecting without remote passwords for convenience
- Dealing with alien SSH clients for compatibility
- Setting up ssh-agent for key management
- Shutting down the remote system on SSH for administrative tasks
- Troubleshooting SSH for problem resolution
Other Network Application Servers
Other Network Application Clients
The Diagnosis of System Daemons
The X Window System
- Setting up a desktop environment for government use
- The server/client relationship in the X Window System
- The X server for graphical display
- Starting the X Window System for user access
- Starting an X session with gdm for secure logins
- Customizing the X session (classic method) for tailored experiences
- Customizing the X session (new method) for modern configurations
- Connecting a remote X client via SSH for secure access
- Secure X terminal via the Internet for remote work
- X applications for productivity
- X office applications for document management
- X utility applications for system tools
System Tips
The Screen Program
- Use scenarios for screen(1) for enhanced terminal sessions
- Key bindings for the screen command for efficient navigation
Data Recording and Presentation
- The log daemon for system logging
- Log analyzers for detailed insights
- Recording shell activities cleanly for audit purposes
- Customized display of text data for readability
- Customized display of time and date for clarity
- Colorized shell echo for visual differentiation
- Colorized commands for enhanced visibility
- Recording editor activities for complex repeats
- Recording the graphic image of an X application for documentation
- Recording changes in configuration files for version control
Data Storage Tips
- Disk partition configuration for optimal use
- Accessing partitions using UUID for consistent identification
- Filesystem configuration for performance and reliability
- Creating and checking filesystem integrity for data protection
- Optimizing the filesystem with mount options for enhanced performance
- Optimizing the filesystem via superblock settings for advanced tuning
- Optimizing hard disk operations for improved efficiency
- Using SMART to predict hard disk failures for proactive maintenance
- Expanding usable storage space via Logical Volume Management (LVM)
- Expanding usable storage space by mounting another partition for additional capacity
- Expanding usable storage space using symbolic links for flexible access
- Expanding usable storage space using aufs for layered filesystems
Data Encryption Tips
- Encrypting removable disks with dm-crypt/LUKS for secure data transport
- Encrypting swap partitions with dm-crypt for enhanced security
- Automatically encrypting files with eCryptfs for transparent encryption
- Automatically mounting eCryptfs for seamless access
Monitoring, Controlling, and Starting Program Activities
- Timing a process for performance analysis
- The scheduling priority for resource management
- The ps command for process monitoring
- The top command for real-time system monitoring
- Listing files opened by a process for diagnostic purposes
- Tracing program activities for debugging
- Identifying processes using files or sockets for security checks
- Repeating a command with a constant interval for periodic tasks
- Repeating a command looping over files for batch processing
- Starting a program from the GUI for user-friendly access
- Customizing programs to be started for tailored configurations
- Killing a process for system maintenance
- Scheduling tasks once for one-time operations
- Scheduling tasks regularly for automated maintenance
- Using the Alt-SysRq key for emergency system management
System Maintenance Tips
- Determining who is on the system for user tracking
- Warning everyone before system changes for communication
- Identifying hardware components for system configuration
- Configuring hardware settings for optimal performance
- Managing system and hardware time for synchronization
- Configuring terminal settings for user preferences
- Setting up the sound infrastructure for multimedia applications
- Disabling the screen saver for continuous operation
- Disabling beep sounds for a quiet environment
- Monitoring memory usage for system health
- Conducting system security and integrity checks for compliance
The Kernel
- Kernel parameters for performance tuning
- Kernel headers for module development
- Compiling the kernel and related modules for customized systems
- Compiling the kernel source using the Debian standard method for consistency
- Compiling the module source using the Debian standard method for integration
- Managing non-free hardware drivers for specialized needs
Virtualized System
- Virtualization tools for efficient resource utilization
- The virtualization workflow for deployment and management
- Mounting the virtual disk image file for data access
- Using chroot for isolated environments
- Managing multiple desktop systems for user convenience
Data Management
Sharing, Copying, and Archiving
- Archive and compression tools for efficient storage
- Copy and synchronization tools for data integrity
- Idioms for the archive for consistent practices
- Idioms for the copy for reliable operations
- Idioms for selecting files for targeted actions
- Backup and recovery strategies for data protection
- Backup utility suites for comprehensive solutions
- An example script for system backup for government use
- A copy script for data backup for regular maintenance
- Removable storage devices for portable backups
- Sharing data via network for collaborative work
- Archive media for long-term storage
The Binary Data
- Viewing and editing binary data for specialized tasks
- Manipulating files without mounting disk for direct access
- Data redundancy strategies for reliability
- Data file recovery and forensic analysis for incident response
- Splitting a large file into smaller files for easier management
- Clearing file contents for secure deletion
- Creating dummy files for testing purposes
- Erasing an entire hard disk for secure disposal
- Erasing unused areas of a hard disk for data sanitization
- Undeleting deleted but still open files for recovery
- Searching all hardlinks for file management
- Invisible disk space consumption and its causes for system optimization
Data Security Infrastructure
- Key management for GnuPG (signing and encrypting) for secure communications
- The MD5 sum for data integrity verification
Requirements
None for government
35 Hours
