8 things I do after installing FreeBSD
After installing FreeBSD, these are some extra steps I take right away to get a system off to a good start!
1. Use a larger font in console
I find the default font size in the vconsole pretty small for my eyes on a 1920x1080-or-greater display. The base system includes a selection of console fonts in /usr/share/vt/fonts.
Try a different, larger font size ...
# vidcontrol -f terminus-b32
Here is a nice selection of terminus fonts of different sizes, converted for use in the FreeBSD console. Download, unpack, and place the fonts in /usr/share/vt/fonts.
Try the different sizes ...
# vidcontrol -f ter-u24
Make a selection permanent by adding to /etc/rc.conf ...
allscreens_flags="-f ter-u24"
Link: Fix small font in FreeBSD
2. Upgrade system
Run pkg-upgrade(8) to compare installed versions of packages to the versions in the ports tree, and generate a list of packages due for an upgrade ...
# pkg upgrade
3. Bash
Install the bash shell ...
# pkg install bash bash-completion coreutils
Enable the bash-completion library by first creating the ~/.bashrc file, then adding ...
[[ $PS1 && -f /usr/local/share/bash-completion/bash_completion.sh ]] && source /usr/local/share/bash-completion/bash_completion.sh
Create the ~/.bash_profile file, adding ...
source $HOME/.bashrc
Run chsh -s to directly set the specified shell without opening an editor. To change the shell to bash ...
$ chsh -s /usr/local/bin/bash
Log out and back in to start using the new shell.
4. Alias for root
As of FreeBSD 14.0, the default mail transport agent (MTA) is now the Dragonfly Mail Agent (dma(8)) rather than sendmail(8).
Rather than login to root to collect system mail, I forward the root user's mail to a non-root user's inbox.
Open the file /etc/aliases and look for the following line ...
# root: me@my.domain
Uncomment that line and replace me@my.domain with a username (example: foo) ...
root: foo
Let the MTA know about the change by running ...
# newaliases
Test whether mail is indeed being forwarded by using the mail command to send root a message ...
$ mail root
Subject: Test new alias
Is it working?
Press CTRL-d to exit and send message.
It works!
$ mail
Mail version 8.1 6/6/93. Type ? for help.
"/var/mail/foo": 1 message 1 new
>N 1 foo@foobox.myfbsd Sun Dec 10 15:34 15/467 "Test new alias"
Link: How to Forward Root’s Mail
5. Extra Groups
Add my existing user to a group with pw groupmod <group_name> -m <username>.
Example: I grant privileges to shutdown/reboot the system to my non-root user account by adding user foo to the operator group ...
# pw groupmod operator -m foo
6. Package Manager: pkg
FreeBSD's base system contains a minimal pkg(7) command. Upon first use, it will download the full-featured pkg(8) tarball, install it, and bootstrap the local package database.
Example: I install the additional documentation package en-freebsd-doc (replace en with the language prefix of choice) ...
# pkg install en-freebsd-doc
The package management tool is not yet installed on your system.
Do you want to fetch and install it now? [y/N]: y
Bootstrapping pkg from pkg+http://pkg.FreeBSD.org/FreeBSD:14:amd64/quarterly, please wait...
[...]
7. SSH Keys
Disable password logins and switch to SSH key-based authentication to secure access to remote machines.
See: Secure remote access to FreeBSD servers using SSH keys
8. Execute commands as root: doas
Command doas(1) is a sudo alternative ported from OpenBSD. It's ideal for single-user systems that don't require the elaborate features - and more complex configuration - of sudo.
Install ...
# pkg install doas
A sample configuration exists at /usr/local/etc/doas.conf.sample.
Create the /usr/local/etc/doas.conf file and grant (example) user foo the privileges of root without asking for a password when executing the doas command ...
permit nopass foo as root
Now I can run commands as my user that would normally require root ...
$ doas pkg install <some_package>
You can like, share, or comment on this post on Mastodon 💬
» Next: Encrypt a swap partition
« Previous: Secure remote access to FreeBSD servers using SSH keys