Working with machines running on debian is great - debian is a distribution that focuses on stable environments. Providing stability comes - as everything - with a cost: Packages provided with a distribution are not latest & greatest, they are proven.
Using debian backports is a good way to install newer package versions that are compiled for debian stable.
If you require features provided with newer versions - like newer kernels - you might want to update the kernel. This is especially required when the desired features are integrated into the kernel, like a specific filesystem driver or similar.
To update kernel to newer versions on debian you might use debian backports reposority which provides packages that will be contained in upcoming debian releases.
You are running Debian stable, because you prefer the Debian stable tree. It runs great, there is just one problem: the software is a little bit outdated compared to other distributions. This is where backports come in.
Backports are packages taken from the next Debian release (called "testing"), adjusted and recompiled for usage on Debian stable. Because the package is also present in the next Debian release, you can easily upgrade your stable+backports system once the next Debian release comes out. (In a few cases, usually for security updates, backports are also created from the Debian unstable distribution.)
Backports cannot be tested as extensively as Debian stable, and backports are provided on an as-is basis, with risk of incompatibilities with other components in Debian stable. Use with care!
It is therefore recommended to only select single backported packages that fit your needs, and not use all available backports.
Integrating backports is straight forward and done by adding the backports repository to apt sources.
Beside common repositories you can see that debian backports has been added (second line).
If you prefer to create a dedicate source file, feel free to go this way:
Using this way you don't fiddle with the source.list file directly.
Updating the kernel
Having added the repository we now run apt update to get metadata and search for a kernel we want to install:
Determining the desired kernel version
We're working on a server environment with enabled secure boot. The matching kernel package can be located using the following search criteria:
- linux-image = Kernel
- signed = Kernel is signed
- cloud = Kernel for cloud ("server") edition
Searching for the newest available kernel in the output shown above you might spot kernel 5.9 which is available - which we don't want to use as it's not signed. Therefore our best match is linux-image-5.8.0-0.bpo.2-cloud-amd64 linux-headers-5.8.0-0.bpo.2-cloud-amd64.
Installing the kernel is done easily:
Applying the kernel version requires a reboot. When completed, you're set and can use the new version.