Difference between revisions of "FreeBSD Post Install Steps"

From Aram's Wiki
Jump to: navigation, search
(SSH)
(SSH)
 
(10 intermediate revisions by the same user not shown)
Line 1: Line 1:
 +
[[Category:FreeBSD]]
 +
 +
== Introduction ==
 +
 
Everything on this page needs to be done as root, unless specified, so su to root.
 
Everything on this page needs to be done as root, unless specified, so su to root.
  
 
  su -
 
  su -
 +
 +
== Set hostname ==
 +
 +
echo 'hostname="phoenix.xw.is"' >> /etc/rc.conf
 +
 +
== Update the software ==
 +
 +
freebsd-update fetch
 +
freebsd-update install
  
 
== Install basic software ==
 
== Install basic software ==
  
  pkg install -y bash sudo rsync
+
  pkg install -y bash sudo rsync tmux
  
 
=== ZFS ===
 
=== ZFS ===
  
If you have a ZFS root (e.g. cloud computing), you might want to have a separate ZFS pool.
+
If you don't have ZFS root (e.g. cloud computing), you might want to create a separate ZFS pool.
  
 
  echo 'zfs_enable="YES"' >>/etc/rc.conf
 
  echo 'zfs_enable="YES"' >>/etc/rc.conf
Line 21: Line 34:
  
 
  pw useradd -n aram -c 'Aram Havarneanu' -g staff -G wheel -m -s /usr/local/bin/bash -L staff -w random
 
  pw useradd -n aram -c 'Aram Havarneanu' -g staff -G wheel -m -s /usr/local/bin/bash -L staff -w random
 +
 +
Enable passwordless sudo for the staff group:
 +
 +
echo '%staff ALL=(ALL) NOPASSWD:ALL' > /usr/local/etc/sudoers.d/91-staff-no-password
  
 
=== SSH ===
 
=== SSH ===
Line 29: Line 46:
 
  # as a user
 
  # as a user
 
  mkdir -p .ssh
 
  mkdir -p .ssh
  echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIANJ9BKKslS9Zqp1dRWL1nRiLmFp7nGvP06zPJ4L7cES aram@emerald.local' >> .ssh/authorized_keys
+
  echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJnkro8LT0TS+NTOIB787wfqIwv2VTmXXYsnsoVk71UE aram@horizon.local' >> .ssh/authorized_keys
 +
echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC8dcfsqZJWTNTCfATbD6WiZyWoK3AiihynONRjCrtMw aram@oceanic.local' >> .ssh/authorized_keys
 +
echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMRc0UWKrFpCv/EOUo2jpEQt+C/pa0tc1rUWKgjbKTp7 aram@edengate.local' >> .ssh/authorized_keys
 +
chmod 700 .ssh
 +
chmod 644 .ssh/authorized_keys

Latest revision as of 15:32, 8 February 2023


Introduction

Everything on this page needs to be done as root, unless specified, so su to root.

su -

Set hostname

echo 'hostname="phoenix.xw.is"' >> /etc/rc.conf

Update the software

freebsd-update fetch
freebsd-update install

Install basic software

pkg install -y bash sudo rsync tmux

ZFS

If you don't have ZFS root (e.g. cloud computing), you might want to create a separate ZFS pool.

echo 'zfs_enable="YES"' >>/etc/rc.conf
service zfs start
zpool create -m /tank tank xbd1
zfs set compression=on tank

Create a user

This will create a user with a random password that can do passwordless sudo:

pw useradd -n aram -c 'Aram Havarneanu' -g staff -G wheel -m -s /usr/local/bin/bash -L staff -w random

Enable passwordless sudo for the staff group:

echo '%staff ALL=(ALL) NOPASSWD:ALL' > /usr/local/etc/sudoers.d/91-staff-no-password

SSH

For ssh access, use su to switch from root to the user and then add ssh keys.

su - aram
# as a user
mkdir -p .ssh
echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJnkro8LT0TS+NTOIB787wfqIwv2VTmXXYsnsoVk71UE aram@horizon.local' >> .ssh/authorized_keys
echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC8dcfsqZJWTNTCfATbD6WiZyWoK3AiihynONRjCrtMw aram@oceanic.local' >> .ssh/authorized_keys
echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMRc0UWKrFpCv/EOUo2jpEQt+C/pa0tc1rUWKgjbKTp7 aram@edengate.local' >> .ssh/authorized_keys
chmod 700 .ssh
chmod 644 .ssh/authorized_keys