1. Home > Operating_system >

FreeBSD (System Setup)

The system installation is complete, now we start to set it up.

The newly installed system does not have a password. We log in directly as root. # sysinstall Set up the system. Select [Configure] to enter [Root Password] to set the root password. [Networking] Select [sshd] to enable SSH remote login, so that we can set up the system on the terminal instead of switching back and forth in VMware, which is convenient! Select [Exit] to exit the setting interface. Before setting the system network settings, you can check some network card numbers # ifconfig -alnc0: flags=108843 mtu 1500plip0: flags=108810 mtu 1500lo0 : flags=8049 mtu 16384inet 127.0.0.1 netmask 0xff000000# ee /etc/rc.conf add: ifconfig_lnc0="inet 192.168.10.20 netmask 255.255.255.0" # IP address and subnet mask defaultrouter ="192.168.10.10" # Default gateway hostname="www.rd.bj" # Machine name# ee /etc/hosts Add: 192.168.10.20 www.rd.bj # Mapping IP and machine name# ee /etc/ Add in resolv.conf: nameserver 127.0.0.1 is done, the basic network settings have been completed, let's reboot the machine to make the settings take effect. Then we can operate on the terminal. Configure the SSH service, the purpose is to allow the root user to log in. (Because this is an experimental system, let root log in. If it is a production system, it is still prohibited to do so. You can log in with a user with less authority and use su to go to root. # ee /etc/ssh/sshd_config PermitRootLogin is set to yes and UseDNS is set to no, the purpose is to prohibit DNS query, this will be faster when SSH login. Set UsePAM to yes# /etc/rc.d/sshd restart #Restart the ssh service The above configuration is to use It is not relevant for an experimental system to log in with a password. But if it is used in a production system, the security risks are still relatively large. Here, I will add a little bit to log in to the system using key authentication. First of all , The SSH terminal tool I chose is: SecureCRT, which can be used to produce public keys. Then generate the required files according to the wizard, and select [DSA] for the key type. Please keep in mind the pass phrase you entered in this process (in fact This is what you will enter when you log in later, which is equivalent to a password you set yourself.) After the wizard is completed, two files will be generated, the default is Identity and Identity.pub. Now start to configure the server, with the above The basis of password login, we first upload Identity.pub to the server, here we can use another tool SecureFx, she and SecureCRT cooperate very well. The uploaded directory is /root/.ssh/ (because we want to use root Log in, so upload to root’s home directory). If there is no .ssh directory in the home directory, you can create one yourself. # mkdir /root/.ssh convert the uploaded public key into an Openssl format public key and import it to In the authorized_keys file # ssh-keygen -X -f Identity.pub >> authorized_keys# chmod 0640 authorized_keys #Only allow the owner to read and write# rm -rf Identity.pub# ee ee /etc/ssh/sshd_config Set PubkeyAuthentication to yes    will AuthorizedKeysFile. Remove the # number before ssh/authorized_keys # /etc/rc.d/sshd restart #Restart the ssh service. Now, go back to the SecureCRT terminal and log in again. She will prompt you to enter the pass phrase. SSH to This is the end of the configuration. I think the way of using key authentication should make us rest assured. The network problem is solved. Now, next, we will upgrade and compile the kernel with the system. First, let's upgrade the system. System upgrade (src and ports) To upgrade the system, we must use a software: cvsup, we can use the CD installation (in the second CD), which saves time. # sysinstall select [Configure] to enter [Packages] -> [CD/DVD] -> [devel] Select [X] cvsup-without-gui-16.1h_2 and then select [OK], return to the previous interface, select [Install] , And wait for the installation to complete. After installing CVSUP, the default is to install cvsup# under /usr/local/bin. After rehashcvsup is installed, we can upgrade the src and ports directories of our system. # cd /usr/share/examples/cvsup# lscvs-supfile # Upgrade CVSUP's own doc-supfile # Operating system documentation upgrade file gnats-supfile # FreeBSD BUG database ports-supfile # Ports upgrade file stable-supfile # The stable version of FreeBSD Upgrade standard-supfile # The latest version of FreeBSD upgrade we first upgrade the ports, configure the ports-supfile file # ee ports-supfile change the part: *default host=cvsup.cn.FreeBSD.org #CVS server, choose a hurry Server saves time *default base=/usr # The storage directory of cvsup receiving files

*default prefix=/usr*default release=cvs tag= . *Default delete use-rel-suffix# To update all Ports, please pay attention to this. The default value is it, and all Ports will be updated. # If you only need to update a certain Ports directory, add # in front of it and comment it out# After commenting the ports-all, remove the # in front of the directory that needs to be updated later. This is a single update of ports-all. After setting the configuration file, save and exit and execute: # cvsup -g -L 2 ports-supfile After updating the ports , We use the same method to update src. For the stability of the server, we choose stable-supfile as our update configuration file. Change the parameters in the configuration file in the same way as above, and execute after saving and exiting: # cvsup -g -L 2 stable-supfile

This article is published by www.internetweblist.com and does not represent the position of www.internetweblist.com/:http://www.internetweblist.com/Operating_system/31328.html

Contact Us

Online consultation:click here to give a message