Migrated from OpenSuSE to Debian on my main machine today

This morning, I hadn’t planned on that, but….

I had a need to edit a PDF. I know that Firefox has the ability to do so; and I filled in information. But then it asked for a signature and initials – I have those in .jpeg form, but Firefox didn’t have the buttons for inserting images. Whoops: Firefox ESR version 115 doesn’t have that, because that showed up in Firefox 119.

Well, it has been a while since Tumbleweed was disappointing because of a lack of KWin tiling script support. I had downgraded from Tumbleweed to Leap 15.6. Maybe I should try Tumbleweed again.

Also, I’d been listening to the FLOSS Weekly podcast over on Hackaday, and their guest Brodie Robertson had mentioned Tumbleweed Slowroll as something new. I kind of liked the idea, so I tried a few steps.

These are list here, at the official page:

 zypper ar https://download.opensuse.org/slowroll/repo/oss/ temp
zypper in openSUSE-repos-Slowroll -openSUSE-repos-Tumbleweed
rm /etc/zypp/repos.d/*.repo # or backup
zypper dup

This got me an empty screen with a blinking cursor. Yay. Not.

I downloaded the Slowroll ISO and put it on a USB stick.

I used the BIOS to choose the USB stick to boot off of, and got the “Install” option. Sure, that can be a little drastic, but I’ve done this many times before. Mostly, it is a little annoying to find that I don’t have an application installed that I’d like to use at the moment. But because my /home is physically on a different drive, I’m safe to not lose any data (reasonable precautions taken).

I go to install Slowroll, and it reboots before starting the installation. The motherboard logo briefly shows, and then I’m back at the “Install” menu item again.

I’ve got a boot loop.

Great. Just great.

Did I mention that I dearly love systemd and journalctl (not). Back in the good old days, something would append to /var/log/messages, and I’d have a chance to figure out what went wrong. But with systemd, the journal is new every boot, and although I can successfully boot to a previous read-only snapshot, there’s nothing there from an aborted installation. Nothing at all. There’s only the current boot messages (which being from a successful snapshot tell me nothing).

Okay, maybe there’s something wrong on my boot drive. Physically disconnect the /home disk drive, boot off of a gparted ISO, and delete every partition on the boot / OS drive.

Try the Slowroll ISO USB again.

I’ve still got a boot loop.

Just great.

I’ve been building some Debian machines, as servers, so I can practice WordPress migrations. I pop in that USB stick, and Debian installs fine.

I still have to wrangle bringing in my /home disk drive and mounting it as /home, but at least it will work.

And here we are, a few hours later, on Debian with KDE. Thunderbird looks pretty different.

It was a little disconcerting that KDE > System Settings > Display and Monitor > Display Configuration > Scale works on each display independently of each other. OpenSuSE applied the scale to both screens simultaneously. I can see why it could make sense that one monitor (say a 4K monitor) might have a different scale factor than another way smaller one. But it was unexpected, so disconcerting. It can be really hard for me to read the screen when the screen is at 100% scale on both large monitors.

It is mildly amusing to me that I get to do How to make Ubuntu have a nice bash shell like OpenSuSE all over again, but for my main machine this time.

New Debian install; ssh and sudo changes

Similar to what I wrote in New OpenSuSE Tumbleweed cannot ssh in but this time with Debian. This has to be done from a physical console login on the machine (or if it was a VM, from the hosting company’s console login desktop service). I’m logged in as root.

apt-get install vim

Debian is pretty bare-metal, man. This is probably good from a security and stability point-of-view.

cd /etc/ssh/
cd /etc/ssh/

Find PermitRootLogin and uncomment it, and change it to yes

Find #PubkeyAuthentication yes and uncomment it.

Find #AuthorizedKeysFile     .ssh/authorized_keys .ssh/authorized_keys2 and uncomment it and remove the second file authorized_keys2

Find PasswordAuthentication no and uncomment it and change it to yesnote that this is temporary!

Save and exit the sshd_config file. I’m not sure which service(s) would need to be restarted here, so I issue the reboot now command and watch the machine reboot. Today’s hardware is amazingly fast, compared to what we lived with a decade ago.

Now, from my remote machine, I ssh in as root. I get asked about accepting the private key, and get prompted for the password. Once I get in, I know I’m good to proceed to the next step.

ssh-copy-id root@host.domain

I get asked to put in my password again, and now public key logins are enabled, instead of password-based logins.

I log in as root again, but this time without a password. At this point, I do some customizations per How to make Ubuntu have a nice bash shell like OpenSuSE (although this is Debian). One nice thing is that ~/.bashrc already had aliases ready for ll being an alias for ls -l

Something I don’t understand is why I cannot copy / paste from the Debian ssh session. My guess is that is has something to do with LS_OPTIONS in the bashrc file. Anyway….

I still needed to add alias ..='cd ..' though.

I log out.

I log in as a non-root user, with a password.

ssh-copy-id user@host.domain

I log in as the non-root user, without a password. Same thing: I add the customizations I like, where I can edit with vim, from doing a less on a file, the .. alias for changing directory up one, and using PageUp to search history. I log out.

I log in as root again. Now, I need to give my non-root user sudo rights.

adduser whatever-the-non-root-user-is sudo

Back to editing /etc/ssh/sshd_config

Find PermitRootLogin and uncomment it, and change it to no

Find PasswordAuthentication yes and uncomment it and change it to no

And then I save and exit the file and reboot the box.

Now I can ssh as the non-root user, and I cannot log in via ssh as root. Also, no-one can attempt to log in with just a password. This is good.