Difference between revisions of "FreeBSD Post Install Steps"

From Aram's Wiki
Jump to: navigation, search
(SSH)
 
(5 intermediate revisions by the same user not shown)
Line 18: Line 18:
 
== Install basic software ==
 
== Install basic software ==
  
  pkg install -y bash sudo rsync
+
  pkg install -y bash sudo rsync tmux
  
 
=== ZFS ===
 
=== ZFS ===
Line 34: Line 34:
  
 
  pw useradd -n aram -c 'Aram Havarneanu' -g staff -G wheel -m -s /usr/local/bin/bash -L staff -w random
 
  pw useradd -n aram -c 'Aram Havarneanu' -g staff -G wheel -m -s /usr/local/bin/bash -L staff -w random
 +
 +
Enable passwordless sudo for the staff group:
 +
 +
echo '%staff ALL=(ALL) NOPASSWD:ALL' > /usr/local/etc/sudoers.d/91-staff-no-password
  
 
=== SSH ===
 
=== SSH ===
Line 42: Line 46:
 
  # as a user
 
  # as a user
 
  mkdir -p .ssh
 
  mkdir -p .ssh
echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIANJ9BKKslS9Zqp1dRWL1nRiLmFp7nGvP06zPJ4L7cES aram@emerald.local' >> .ssh/authorized_keys
 
 
  echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJnkro8LT0TS+NTOIB787wfqIwv2VTmXXYsnsoVk71UE aram@horizon.local' >> .ssh/authorized_keys
 
  echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJnkro8LT0TS+NTOIB787wfqIwv2VTmXXYsnsoVk71UE aram@horizon.local' >> .ssh/authorized_keys
 +
echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC8dcfsqZJWTNTCfATbD6WiZyWoK3AiihynONRjCrtMw aram@oceanic.local' >> .ssh/authorized_keys
 +
echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMRc0UWKrFpCv/EOUo2jpEQt+C/pa0tc1rUWKgjbKTp7 aram@edengate.local' >> .ssh/authorized_keys
 +
chmod 700 .ssh
 +
chmod 644 .ssh/authorized_keys

Latest revision as of 15:32, 8 February 2023


Introduction

Everything on this page needs to be done as root, unless specified, so su to root.

su -

Set hostname

echo 'hostname="phoenix.xw.is"' >> /etc/rc.conf

Update the software

freebsd-update fetch
freebsd-update install

Install basic software

pkg install -y bash sudo rsync tmux

ZFS

If you don't have ZFS root (e.g. cloud computing), you might want to create a separate ZFS pool.

echo 'zfs_enable="YES"' >>/etc/rc.conf
service zfs start
zpool create -m /tank tank xbd1
zfs set compression=on tank

Create a user

This will create a user with a random password that can do passwordless sudo:

pw useradd -n aram -c 'Aram Havarneanu' -g staff -G wheel -m -s /usr/local/bin/bash -L staff -w random

Enable passwordless sudo for the staff group:

echo '%staff ALL=(ALL) NOPASSWD:ALL' > /usr/local/etc/sudoers.d/91-staff-no-password

SSH

For ssh access, use su to switch from root to the user and then add ssh keys.

su - aram
# as a user
mkdir -p .ssh
echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIJnkro8LT0TS+NTOIB787wfqIwv2VTmXXYsnsoVk71UE aram@horizon.local' >> .ssh/authorized_keys
echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC8dcfsqZJWTNTCfATbD6WiZyWoK3AiihynONRjCrtMw aram@oceanic.local' >> .ssh/authorized_keys
echo 'ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIMRc0UWKrFpCv/EOUo2jpEQt+C/pa0tc1rUWKgjbKTp7 aram@edengate.local' >> .ssh/authorized_keys
chmod 700 .ssh
chmod 644 .ssh/authorized_keys