Difference between revisions of "FreeBSD Post Install Steps"
(→SSH) |
|||
(5 intermediate revisions by the same user not shown) | |||
Line 18: | Line 18: | ||
== Install basic software == | == Install basic software == | ||
− | pkg install -y bash sudo rsync | + | pkg install -y bash sudo rsync tmux |
=== ZFS === | === ZFS === | ||
Line 34: | Line 34: | ||
pw useradd -n aram -c 'Aram Havarneanu' -g staff -G wheel -m -s /usr/local/bin/bash -L staff -w random | pw useradd -n aram -c 'Aram Havarneanu' -g staff -G wheel -m -s /usr/local/bin/bash -L staff -w random | ||
+ | |||
+ | Enable passwordless sudo for the staff group: | ||
+ | |||
+ | echo '%staff ALL=(ALL) NOPASSWD:ALL' > /usr/local/etc/sudoers.d/91-staff-no-password | ||
=== SSH === | === SSH === | ||
Line 42: | Line 46: | ||
# as a user | # as a user | ||
mkdir -p .ssh | mkdir -p .ssh | ||
− | |||
echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJnkro8LT0TS+NTOIB787wfqIwv2VTmXXYsnsoVk71UE aram@horizon.local' >> .ssh/authorized_keys | echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJnkro8LT0TS+NTOIB787wfqIwv2VTmXXYsnsoVk71UE aram@horizon.local' >> .ssh/authorized_keys | ||
+ | echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC8dcfsqZJWTNTCfATbD6WiZyWoK3AiihynONRjCrtMw aram@oceanic.local' >> .ssh/authorized_keys | ||
+ | echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMRc0UWKrFpCv/EOUo2jpEQt+C/pa0tc1rUWKgjbKTp7 aram@edengate.local' >> .ssh/authorized_keys | ||
+ | chmod 700 .ssh | ||
+ | chmod 644 .ssh/authorized_keys |
Latest revision as of 15:32, 8 February 2023
Contents
Introduction
Everything on this page needs to be done as root, unless specified, so su to root.
su -
Set hostname
echo 'hostname="phoenix.xw.is"' >> /etc/rc.conf
Update the software
freebsd-update fetch freebsd-update install
Install basic software
pkg install -y bash sudo rsync tmux
ZFS
If you don't have ZFS root (e.g. cloud computing), you might want to create a separate ZFS pool.
echo 'zfs_enable="YES"' >>/etc/rc.conf service zfs start zpool create -m /tank tank xbd1 zfs set compression=on tank
Create a user
This will create a user with a random password that can do passwordless sudo:
pw useradd -n aram -c 'Aram Havarneanu' -g staff -G wheel -m -s /usr/local/bin/bash -L staff -w random
Enable passwordless sudo for the staff group:
echo '%staff ALL=(ALL) NOPASSWD:ALL' > /usr/local/etc/sudoers.d/91-staff-no-password
SSH
For ssh access, use su to switch from root to the user and then add ssh keys.
su - aram # as a user mkdir -p .ssh echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJnkro8LT0TS+NTOIB787wfqIwv2VTmXXYsnsoVk71UE aram@horizon.local' >> .ssh/authorized_keys echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC8dcfsqZJWTNTCfATbD6WiZyWoK3AiihynONRjCrtMw aram@oceanic.local' >> .ssh/authorized_keys echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMRc0UWKrFpCv/EOUo2jpEQt+C/pa0tc1rUWKgjbKTp7 aram@edengate.local' >> .ssh/authorized_keys chmod 700 .ssh chmod 644 .ssh/authorized_keys