Once FreeBSD is installed, bsdinstall will prompt to configure several options before booting into the newly installed system. This section describes these configuration options.
Once the system has booted,
bsdconfig provides a menu-driven method for
configuring the system using these and additional
password must be set. While entering the password, the
characters being typed are not displayed on the screen. After
the password has been entered, it must be entered again. This
helps prevent typing errors.
Next, a list of the network interfaces found on the computer is shown. Select the interface to configure.
The network configuration menus will be skipped if the network was previously configured as part of a bootonly installation.
If an Ethernet interface is selected, the installer will skip ahead to the menu shown in Figure2.35, “Choose IPv4 Networking”. If a wireless network interface is chosen, the system will instead scan for wireless access points:
Wireless networks are identified by a Service Set Identifier (SSID), a short, unique name given to each network. SSIDs found during the scan are listed, followed by a description of the encryption types available for that network. If the desired SSID does not appear in the list, selectto scan again. If the desired network still does not appear, check for problems with antenna connections or try moving the computer closer to the access point. Rescan after each change is made.
Next, enter the encryption information for connecting to the selected wireless network. WPA2 encryption is strongly recommended as older encryption types, like WEP, offer little security. If the network uses WPA2, input the password, also known as the Pre-Shared Key (PSK). For security reasons, the characters typed into the input box are displayed as asterisks.
Next, choose whether or not an IPv4 address should be configured on the Ethernet or wireless interface:
There are two methods of IPv4 configuration. DHCP will automatically configure the network interface correctly and should be used if the network provides a DHCP server. Otherwise, the addressing information needs to be input manually as a static configuration.
Do not enter random network information as it will not work. If a DHCP server is not available, obtain the information listed in Required Network Information from the network administrator or Internet service provider.
If a DHCP server is available, selectin the next menu to automatically configure the network interface. The installer will appear to pause for a minute or so as it finds the DHCP server and obtains the addressing information for the system.
If a DHCP server is not available, selectand input the following addressing information in this menu:
IP Address- The IPv4 address assigned to this computer. The address must be unique and not already in use by another piece of equipment on the local network.
Subnet Mask- The subnet mask for the network.
Default Router- The IP address of the network's default gateway.
The next screen will ask if the interface should be configured for IPv6. If IPv6 is available and desired, chooseto select it.
IPv6 also has two methods of configuration. StateLess Address AutoConfiguration (SLAAC) will automatically request the correct configuration information from a local router. Refer to http://tools.ietf.org/html/rfc4862 for more information. Static configuration requires manual entry of network information.
If an IPv6 router is available, selectin the next menu to automatically configure the network interface. The installer will appear to pause for a minute or so as it finds the router and obtains the addressing information for the system.
If an IPv6 router is not available, selectand input the following addressing information in this menu:
IPv6 Address- The IPv6 address assigned to this computer. The address must be unique and not already in use by another piece of equipment on the local network.
Default Router- The IPv6 address of the network's default gateway.
The last network configuration menu is used to configure
the Domain Name System (DNS) resolver,
which converts hostnames to and from network addresses. If
DHCP or SLAAC was used
to autoconfigure the network interface, the
Configuration values may already be filled in.
Otherwise, enter the local network's domain name in the
DNS #2 are the IPv4
and/or IPv6 addresses of the
DNS servers. At least one
DNS server is required.
The next menu asks if the system clock uses UTC or local time. When in doubt, selectto choose the more commonly-used local time.
The next series of menus are used to determine the correct local time by selecting the geographic region, country, and time zone. Setting the time zone allows the system to automatically correct for regional time changes, such as daylight savings time, and perform other time zone related functions properly.
The example shown here is for a machine located in the Eastern time zone of the United States. The selections will vary according to the geographical location.
The appropriate region is selected using the arrow keys and then pressing Enter.
Select the appropriate country using the arrow keys and press Enter.
The appropriate time zone is selected using the arrow keys and pressing Enter.
Confirm the abbreviation for the time zone is correct. If it is, press Enter to continue with the post-installation configuration.
The next menu is used to configure which system services will be started whenever the system boots. All of these services are optional. Only start the services that are needed for the system to function.
Here is a summary of the services which can be enabled in this menu:
sshd- The Secure Shell (SSH) daemon is used to remotely access a system over an encrypted connection. Only enable this service if the system should be available for remote logins.
moused- Enable this service if the mouse will be used from the command-line system console.
ntpd- The Network Time Protocol (NTP) daemon for automatic clock synchronization. Enable this service if there is a Windows, Kerberos, or LDAP server on the network.
powerd- System power control utility for power control and energy saving.
The next menu is used to configure whether or not crash dumps should be enabled. Enabling crash dumps can be useful in debugging issues with the system, so users are encouraged to enable crash dumps.
The next menu prompts to create at least one user account.
It is recommended to login to the system using a user account
rather than as
When logged in as
root, there are essentially no
limits or protection on what can be done. Logging in as a
normal user is safer and more secure.
Selectto add new users.
Follow the prompts and input the requested information for
the user account. The example shown in Figure2.50, “Enter User Information” creates the
asample user account.
Here is a summary of the information to input:
Username- The name the user will enter to log in. A common convention is to use the first letter of the first name combined with the last name, as long as each username is unique for the system. The username is case sensitive and should not contain any spaces.
Full name- The user's full name. This can contain spaces and is used as a description for the user account.
Uid- User ID. Typically, this is left blank so the system will assign a value.
Login group- The user's group. Typically this is left blank to accept the default.
Invite- Additional groups to which the user will be added as a member. If the user needs administrative access, type
userinto other groups?
Login class- Typically left blank for the default.
Shell- Type in one of the listed values to set the interactive shell for the user. Refer to Section3.9, “Shells” for more information about shells.
Home directory- The user's home directory. The default is usually correct.
Home directory permissions- Permissions on the user's home directory. The default is usually correct.
Use password-based authentication?- Typically
yesso that the user is prompted to input their password at login.
Use an empty password?- Typically
noas it is insecure to have a blank password.
Use a random password?- Typically
noso that the user can set their own password in the next prompt.
Enter password- The password for this user. Characters typed will not show on the screen.
Enter password again- The password must be typed again for verification.
Lock out the account after creation?- Typically
noso that the user can login.
After entering everything, a summary is shown for review.
If a mistake was made, enter
no and try
again. If everything is correct, enter
to create the new user.
If there are more users to add, answer the
another user? question with
no to finish
adding users and continue the installation.
For more information on adding users and user management, see Section3.3, “Users and Basic Account Management”.
After everything has been installed and configured, a final chance is provided to modify settings.
Use this menu to make any changes or do any additional configuration before completing the installation.
Add User- Described in Section2.8.6, “Add Users”.
Root Password- Described in Section2.8.1, “Setting the
Hostname- Described in Section2.5.2, “Setting the Hostname”.
Network- Described in Section2.8.2, “Configuring Network Interfaces”.
Services- Described in Section2.8.4, “Enabling Services”.
Time Zone- Described in Section2.8.3, “Setting the Time Zone”.
Handbook- Download and install the FreeBSD Handbook.
After any final configuration is complete, select.
bsdinstall will prompt if there are any additional configuration that needs to be done before rebooting into the new system. Select to exit to a shell within the new system or to proceed to the last step of the installation.
If further configuration or special setup is needed, selectto boot the install media into Live CD mode.
If the installation is complete, selectto reboot the computer and start the new FreeBSD system. Do not forget to remove the FreeBSD install media or the computer may boot from it again.
As FreeBSD boots, informational messages are displayed.
After the system finishes booting, a login prompt is
displayed. At the
login: prompt, enter the
username added during the installation. Avoid logging in as
root. Refer to
Section126.96.36.199, “The Superuser Account” for instructions on how to
become the superuser when administrative access is
The messages that appeared during boot can be reviewed by
pressing Scroll-Lock to turn on the
scroll-back buffer. The PgUp,
PgDn, and arrow keys can be used to scroll
back through the messages. When finished, press
Scroll-Lock again to unlock the display and
return to the console. To review these messages once the
system has been up for some time, type
/var/run/dmesg.boot from a command prompt. Press
q to return to the command line after
If sshd was enabled in Figure2.47, “Selecting Additional Services to Enable”, the first boot may be a bit slower as the system will generate the RSA and DSA keys. Subsequent boots will be faster. The fingerprints of the keys will be displayed, as seen in this example:
Generating public/private rsa1 key pair. Your identification has been saved in /etc/ssh/ssh_host_key. Your public key has been saved in /etc/ssh/ssh_host_key.pub. The key fingerprint is: 10:a0:f5:af:93:ae:a3:1a:b2:bb:3c:35:d9:5a:b3:f3 firstname.lastname@example.org The key's randomart image is: +--[RSA1 1024]----+ | o.. | | o . . | | . o | | o | | o S | | + + o | |o . + * | |o+ ..+ . | |==o..o+E | +-----------------+ Generating public/private dsa key pair. Your identification has been saved in /etc/ssh/ssh_host_dsa_key. Your public key has been saved in /etc/ssh/ssh_host_dsa_key.pub. The key fingerprint is: 7e:1c:ce:dc:8a:3a:18:13:5b:34:b5:cf:d9:d1:47:b2 email@example.com The key's randomart image is: +--[ DSA 1024]----+ | .. . .| | o . . + | | . .. . E .| | . . o o . . | | + S = . | | + . = o | | + . * . | | . . o . | | .o. . | +-----------------+ Starting sshd.
Refer to Section13.8, “OpenSSH” for more information about fingerprints and SSH.
FreeBSD does not install a graphical environment by default. Refer to Chapter5, The X Window System for more information about installing and configuring a graphical window manager.
Proper shutdown of a FreeBSD computer helps protect data and
hardware from damage. Do not turn off the power
before the system has been properly shut down! If
the user is a member of the
wheel group, become the
superuser by typing
su at the command line
and entering the
root password. Then, type
shutdown -p now and the system will shut
down cleanly, and if the hardware supports it, turn itself