Updated 03-Aug-2025
APT -- Advanced Package Tool -- is all that is needed for most application installations when there are repositories which are regularly updated for packages of interest.
Note that apt essentially makes irrelevant apt-get so there is no reason for that redundancy any longer.
Note: Use aptitude when dealing with packages that have upgrade/downgrade issues, as aptitude provides better options for resolving issues. Use the -f flag with aptitude if the downgrading is out of hand.
If packages are kept back, simply install them directly with the install command. Use -f to force dependency upgrade.
Additional Note: Use apt or aptitude to install .deb packages including the ./ before packagename, as in:
> sudo apt install ./packagename
stable, backports, testing, unstable repos
For a stable system, using stable (or oldstable) and backports ensures stability. However, it doesn't deal with new hardware issues, or any kind of additional functionality, such as adding updated applications. For this, it is a matter of tracking down external packages, or using the testing or unstable repositories.
> Note that mixing repos is discouraged by debian and may result in breakage. See also choosing a distribution.
Currently, my main desktop is tied to an oldstable release to keep an older printer working properly.
I do expect to be running Debian 10, and Debian 11 (aka stable and test)more or less parallel (backup desktop, server, primary desktop).
Apt pinning
Upgrading the linux kernel using apt
Update Repositories
sudo apt update -y
sudo apt update -y -t stretch-backports
Upgrade Applications
sudo apt upgrade -y --fix-missing
sudo apt upgrade -y -t stretch-backports --fix-missing
Broken Dependencies
sudo apt install -f
also
sudo apt --fix-broken install
Upgrade Distributon (e.g, Debian Stable)
sudo apt dist-upgrade -y --fix-missing
Clean, Autoclean, Check, Autoremove
All these commands can be run from apt. In particular, autoremove is a good option to keep things tidy.
sudo apt autoremove -y
Purge and Remove
To seriously remove things, do:
sudo apt --purge remove package-name
Sources
Sources are found in a few places:
sudo nano /etc/apt/sources.list
Current stable/backports sources:
(Note Trixie will be released on 09 AUG 2025, but backports do not currently exist, hence the need to comment them out.)
deb http://deb.debian.org/debian/ trixie main contrib non-free non-free-firmware non-free
deb-src http://deb.debian.org/debian/ trixie main contrib non-free non-free-firmware
deb http://security.debian.org/debian-security trixie-security main contrib non-free non-free-firmware
deb-src http://security.debian.org/debian-security trixie-security main contrib non-free non-free-firmware
deb http://deb.debian.org/debian/ trixie-updates main contrib non-free non-free-firmware
deb-src http://deb.debian.org/debian/ trixie-updates main contrib non-free non-free-firmware
## deb http://deb.debian.org/debian/ trixie-backports main contrib non-free non-free-firmware
## deb-src http://deb.debian.org/debian/ trixie-backports main contrib non-free non-free-firmware
ls /etc/apt/sources.list.d
Current additional sources (note, see extrepo below for making these obsolete):
docker.list
vivaldi.list
Extrepo
Note: as of late Trixie beta I've removed Extrepo and am going with some straight *.list -> *.sources files, as there are only two that I use (SyncThing and VSCodium) and I can't get SyncThing to work because of lag on the Extrepo updates. See above under modernize-sources.
Extrepo allows one to enable known external repositories, using a tool extrepo. Extrepo writes the necessary keys (to /usr/share/extrepo/offline-data/debian/...) and repositories (to /etc/apt/sources.list.d/...).
Install from apt, then enable and update various sources, for example:
sudo extrepo enable nginx
sudo extrepo enable vscodium
sudo extrepo enable syncthing
sudo extrepo enable sury
sudo extrepo update nginx
sudo extrepo update vscodium
sudo extrepo update syncthing
sudo extrepo update sury
Note: I seem to have to run these commands twice through, to get it to enable and update, at least the first time.
extrepo architecture error
Sometimes there is an architecture error, such as noted in this merge request: , if it isn't removed upstream, simply edit the repository file found in /etc/apt/sources.list.d/... and remove the offending architectures.
see also
Debian Fasttrack
For making non-standard packages available to stable users (not using standard testing distribution).
rmadison
Note the use of rmadison which is a utility found in devscripts. To install:
sudo apt install devscripts
Use the command rmadison to find all available versions of an application across all debian repositories, e.g., rmadison inkscape will result in:
inkscape | 0.92.4-3 | oldoldstable | source, amd64, arm64, armhf, i386
inkscape | 1.0.2-4~bpo10+1 | buster-backports | source, amd64, arm64, armel, armhf, i386, mips, mips64el, mipsel, ppc64el, s390x
inkscape | 1.0.2-4~bpo10+1 | buster-backports-debug | source
inkscape | 1.0.2-4 | oldstable | source, amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
inkscape | 1.2.2-2~bpo11+1 | bullseye-backports | source, amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
inkscape | 1.2.2-2~bpo11+1 | bullseye-backports-debug | source
inkscape | 1.2.2-2 | stable | source
inkscape | 1.2.2-2+b1 | stable | amd64, arm64, armel, armhf, i386, mips64el, mipsel, ppc64el, s390x
inkscape | 1.2.2-7 | testing | source
inkscape | 1.2.2-7 | unstable | source
inkscape | 1.2.2-7 | unstable-debug | source
inkscape | 1.2.2-7+b1 | testing | amd64, arm64, armel, armhf, i386, mips64el, ppc64el, riscv64, s390x
inkscape | 1.2.2-7+b1 | unstable | mips64el, riscv64
inkscape | 1.2.2-8 | buildd-unstable | source, amd64, arm64, armel, armhf, i386, ppc64el, s390x
inkscape | 1.2.2-8 | unstable | source, amd64, arm64, armel, armhf, i386, ppc64el, s390x
inkscape | 1.2.2-8 | unstable-debug | source
inkscape | 1.4-3 | experimental | source, amd64, armel, armhf, mips64el
inkscape | 1.4-3 | experimental-debug | source
Can I use PPAs in Debian?
Well, sort of, but should you? Only if really needed.
modernize-sources
This puts sources.list and all third-party *.list files into a modern format. Accomplish this with the command:
sudo apt modernize-sources
Some things end up with errors, which is largely due to an incompatibility or lack of .gpg and .asc files. For example, SyncThing and Vivaldi tend to have these problems. Basically, re-import the .asc and/or .gpg files then update the *.sources file to include the proper Signed-By: location.
Syncthing source
/etc/apt/sources.list.d/syncthing.sources
Types: deb
URIs: https://apt.syncthing.net/
Suites: syncthing
Components: stable
Signed-By: /etc/apt/keyrings/syncthing-archive-keyring.gpg
- Install Syncthing
*.gpg
sudo mkdir -p /etc/apt/keyrings
sudo curl -L -o /etc/apt/keyrings/syncthing-archive-keyring.gpg https://syncthing.net/release-key.gpg
Vivaldi source
/etc/apt/sources.list.d/vivaldi.sources
Types: deb
URIs: https://repo.vivaldi.com/stable/deb/
Architectures: amd64
Suites: stable
Components: main
Signed-By: /etc/apt/trusted.gpg.d/vivaldi-browser.gpg
- Install Vivaldi
*.gpg
sudo wget -qO- https://repo.vivaldi.com/archive/linux_signing_key.pub | gpg --dearmor | sudo dd of=/etc/apt/trusted.gpg.d/vivaldi-browser.gpg
VSCodium source
/etc/apt/sources.list.d/vscodium.sources
Suites: vscodium
Uris: https://paulcarroty.gitlab.io/vscodium-deb-rpm-repo/debs/
Architectures: amd64 arm64
Components: main
Types: deb
Signed-By: /usr/share/keyrings/vscodium-archive-keyring.gpg
- Install VSCodium
*.gpg
wget -qO - https://gitlab.com/paulcarroty/vscodium-deb-rpm-repo/raw/master/pub.gpg \
| gpg --dearmor \
| sudo dd of=/usr/share/keyrings/vscodium-archive-keyring.gpg
Debian source (Trixie)
- Note this is without Backports as they don't yet exist (as of this writing).
# Modernized from /etc/apt/sources.list
Types: deb deb-src
URIs: http://deb.debian.org/debian/
Suites: trixie
Components: main contrib non-free non-free-firmware
Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg
# Modernized from /etc/apt/sources.list
Types: deb deb-src
URIs: http://security.debian.org/debian-security/
Suites: trixie-security
Components: main contrib non-free non-free-firmware
Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg
# Modernized from /etc/apt/sources.list
Types: deb deb-src
URIs: http://deb.debian.org/debian/
Suites: trixie-updates
Components: main contrib non-free non-free-firmware
Signed-By: /usr/share/keyrings/debian-archive-keyring.gpg
PHP source
/etc/apt/sources.list.d/php.sources
Types: deb
URIs: https://packages.sury.org/php/
Suites: trixie
Components: main
Signed-By: /usr/share/keyrings/debsuryorg-archive-keyring.gpg
- Install PHP
*.listand*.gpg
sudo curl -sSLo /tmp/debsuryorg-archive-keyring.deb https://packages.sury.org/debsuryorg-archive-keyring.deb
sudo dpkg -i /tmp/debsuryorg-archive-keyring.deb
sudo sh -c 'echo "deb [signed-by=/usr/share/keyrings/debsuryorg-archive-keyring.gpg] https://packages.sury.org/php/ $(lsb_release -sc) main" > /etc/apt/sources.list.d/php.list'
sudo apt modernize-sources
Docker source
/etc/apt/sources.list.d/docker.sources
Types: deb
URIs: https://download.docker.com/linux/debian/
Suites: trixie
Components: stable
Signed-By: /etc/apt/keyrings/docker.asc
- Install Docker
*.listand*.gpg
sudo curl -fsSL https://download.docker.com/linux/debian/gpg -o /etc/apt/keyrings/docker.asc
sudo chmod a+r /etc/apt/keyrings/docker.asc
Resources
- How do I install a .deb file via the command line?
- How can I run Debian stable but install some packages from testing?
- Chapter 2. Debian package management - packages from mixed source of archives
- How to install some packages from “unstable” Debian on a computer running “stable” Debian?
- Apt Configuration
Note: mixing repositories is not needed and generally discouraged (called franken-distributions). Stable for servers, testing for desktop.