Changes

Jump to: navigation, search

OpenBSD Post Install Steps

1,579 bytes added, 16:11, 2 January 2019
Created page with "Category:OpenBSD == Introduction == Everything on this page needs to be done as root, unless specified, so login as root, or su to root. su - === Vultr.com === Vultr..."
[[Category:OpenBSD]]

== Introduction ==

Everything on this page needs to be done as root, unless specified, so login as root, or su to root.

su -

=== Vultr.com ===

Vultr.com doesn't install ssh keys, you will need to log-in as root with the generated password, then install your ssh key.

# As root
echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIANJ9BKKslS9Zqp1dRWL1nRiLmFp7nGvP06zPJ4L7cES aram@emerald.local' >> /root/.ssh/authorized_keys
echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJnkro8LT0TS+NTOIB787wfqIwv2VTmXXYsnsoVk71UE aram@horizon.local' >> /root/.ssh/authorized_keys

Change the generated password:
usermod -p `jot -r -c 30 a z | rs -g0 0 30 | encrypt` root

== Update the software ==

echo 'https://cdn.openbsd.org/pub/OpenBSD' > /etc/installurl
syspatch

== Install basic software ==

pkg_add bash rsync

== Create a user ==

This will create a user with a random password that can do passwordless doas:

useradd -m -g staff -L staff -c 'Aram Hăvărneanu' -s /usr/local/bin/bash -p `jot -r -c 30 a z | rs -g0 0 30 | encrypt` aram

Enable passwordless doas for the staff group:

cat <<EOF > /etc/doas.conf
permit nopass :staff
permit nopass keepenv root
EOF

=== SSH ===

For ssh access, use su to switch from root to the user and then add ssh keys.

su - aram
# as a user
mkdir -p .ssh
echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIANJ9BKKslS9Zqp1dRWL1nRiLmFp7nGvP06zPJ4L7cES aram@emerald.local' >> .ssh/authorized_keys
echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJnkro8LT0TS+NTOIB787wfqIwv2VTmXXYsnsoVk71UE aram@horizon.local' >> .ssh/authorized_keys

Navigation menu