Netralex

How to install Podman on Debian 13 (Trixie)

A quick look at installing Podman on Debian 13 (Trixie) and what to expect when running containers with this daemonless alternative to Docker.

#podman

#debian

#tutorial

Published on Feb 26, 2026

Introduction

Have you ever faced difficulties in scaling up? Did you want to save time and effort in migrating your services as a developer? Ever wondered why docker needs root privileges and find this a security risk? Podman solves these issues and many more.

Today, you will learn how to install Podman on Debian 13 (Trixie). Podman is a daemonless container engine that runs securely without root privileges, serving as a drop in replacement for Docker. It enables easy deployment of self-hosted apps from public registries, or your own custom Containerfile (or Dockerfile).

In this article, we will cover installing Podman on Debian. Check out our friends at Skhron (Tor), perfect for spinning up a VPS to self-host privacy apps securely with Podman. Use coupon 8GRW1O18UK for a 10% recurring discount on any VPS plan.

Installing Podman

Podman can be easily installed directly via apt. To add compose functionality, install the extra podman-compose package alongside it.

sudo apt update && sudo apt install podman podman-compose

Podman recommends always using fully qualified image names including the registry server (full dns name), namespace, image name, and tag (e.g. lscr.io/linuxserver/qbittorrent:libtorrentv1).

When using short names, there is always an inherent risk that the image being pulled could be spoofed or pulled from a different source with the wrong version that expected.

Unqualified Search Registries

Debian 13 (Trixie) doesn’t come with any unqualified search registries enabled by default. To use unqualified search registries to pull images (like podman run qbittorrent:libtorrentv1), you need to enable them in /etc/containers/registries.conf. Add something like:

unqualified-search-registries = ["docker.io", "lscr.io", ]

Running your first container

After following these steps, you should be able to run your first container image.

podman run --rm quay.io/podman/hello:latest

Rootless

While Podman runs just fine out-of-the-box like Docker does with root privileges, some tweaks enable smooth rootless operations making your setup even more secure. A rootless Podman setup has a couple limitations that you have to work around:

  • Rootless can’t bind to ports below 1024 without some tweaking.
  • Limited network modes available.
  • Limited reduced CPU/memory enforcement.
  • No storage quota support.
  • No access to AppArmor/SELinux policies.

Stay updated for new self-hosted, privacy focused and news worthy tutorials and articles via RSS. Questions? Contact Us.