Difference between revisions of "OpenBSD Post Install Steps"
(Created page with "Category:OpenBSD == Introduction == Everything on this page needs to be done as root, unless specified, so login as root, or su to root. su - === Vultr.com === Vultr...") |
(→Vultr.com) |
||
| Line 9: | Line 9: | ||
=== Vultr.com === | === Vultr.com === | ||
| − | Vultr.com doesn't install ssh keys, you will need to log-in as root with the | + | Vultr.com doesn't install ssh keys, you will need to log-in as root with the autogenerated password, then install your ssh key. |
# As root | # As root | ||
| Line 15: | Line 15: | ||
echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJnkro8LT0TS+NTOIB787wfqIwv2VTmXXYsnsoVk71UE aram@horizon.local' >> /root/.ssh/authorized_keys | echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJnkro8LT0TS+NTOIB787wfqIwv2VTmXXYsnsoVk71UE aram@horizon.local' >> /root/.ssh/authorized_keys | ||
| − | Change the | + | Change the autogenerated password: |
usermod -p `jot -r -c 30 a z | rs -g0 0 30 | encrypt` root | usermod -p `jot -r -c 30 a z | rs -g0 0 30 | encrypt` root | ||
Revision as of 16:15, 2 January 2019
Contents
Introduction
Everything on this page needs to be done as root, unless specified, so login as root, or su to root.
su -
Vultr.com
Vultr.com doesn't install ssh keys, you will need to log-in as root with the autogenerated password, then install your ssh key.
# As root echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIANJ9BKKslS9Zqp1dRWL1nRiLmFp7nGvP06zPJ4L7cES aram@emerald.local' >> /root/.ssh/authorized_keys echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJnkro8LT0TS+NTOIB787wfqIwv2VTmXXYsnsoVk71UE aram@horizon.local' >> /root/.ssh/authorized_keys
Change the autogenerated password:
usermod -p `jot -r -c 30 a z | rs -g0 0 30 | encrypt` root
Update the software
echo 'https://cdn.openbsd.org/pub/OpenBSD' > /etc/installurl syspatch
Install basic software
pkg_add bash rsync
Create a user
This will create a user with a random password that can do passwordless doas:
useradd -m -g staff -L staff -c 'Aram Hăvărneanu' -s /usr/local/bin/bash -p `jot -r -c 30 a z | rs -g0 0 30 | encrypt` aram
Enable passwordless doas for the staff group:
cat <<EOF > /etc/doas.conf permit nopass :staff permit nopass keepenv root EOF
SSH
For ssh access, use su to switch from root to the user and then add ssh keys.
su - aram # as a user mkdir -p .ssh echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIANJ9BKKslS9Zqp1dRWL1nRiLmFp7nGvP06zPJ4L7cES aram@emerald.local' >> .ssh/authorized_keys echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJnkro8LT0TS+NTOIB787wfqIwv2VTmXXYsnsoVk71UE aram@horizon.local' >> .ssh/authorized_keys
