Initial System Update
# Update base system
freebsd-update fetch
freebsd-update install
# Bootstrap pkg package manager
pkg bootstrap
# Update packages
pkg update
pkg upgrade
User Setup
# Create a regular user (interactive)
adduser
# Add user to wheel group for sudo
pw groupmod wheel -m yourusername
# Install and configure sudo
pkg install sudo
visudo
# Uncomment: %wheel ALL=(ALL) ALL
Essential Packages
# Install essentials
pkg install vim nano # Editors
pkg install bash # Bash shell
pkg install git # Version control
pkg install htop # Process viewer
pkg install curl wget # HTTP clients
pkg install tmux # Terminal multiplexer
pkg install rsync # File sync
# Change default shell to bash
chsh -s /usr/local/bin/bash
# Or add to ~/.profile for login shell
echo 'export SHELL=/usr/local/bin/bash' >> ~/.profile
exec /usr/local/bin/bash
SSH Configuration
# Enable SSH server
sysrc sshd_enable="YES"
service sshd start
# Harden SSH (/etc/ssh/sshd_config)
PermitRootLogin no
PasswordAuthentication no # After setting up keys
Time Zone and NTP
# Set timezone (interactive)
tzsetup
# Or manually
cp /usr/share/zoneinfo/America/Denver /etc/localtime
# Enable NTP
sysrc ntpd_enable="YES"
service ntpd start
Firewall Setup (PF)
# Enable PF firewall
sysrc pf_enable="YES"
sysrc pflog_enable="YES"
# Create basic ruleset /etc/pf.conf
cat > /etc/pf.conf << 'EOF'
# Macros
ext_if = "em0" # Change to your interface
# Options
set skip on lo0
set block-policy drop
# Normalization
scrub in all
# Default deny
block all
# Allow outbound
pass out quick on $ext_if
# Allow SSH
pass in on $ext_if proto tcp to port 22
# Allow ICMP ping
pass in on $ext_if inet proto icmp icmp-type echoreq
EOF
# Start firewall
service pf start
Enable ZFS (if not already)
# ZFS is usually configured at install
# Check ZFS pools
zpool list
zfs list
# If you need to import existing pool
zpool import
# Enable ZFS services
sysrc zfs_enable="YES"
System Maintenance Cron
# FreeBSD has periodic scripts
# Enable daily/weekly/monthly maintenance
# Already enabled by default, check /etc/periodic.conf
# View default tasks
cat /etc/defaults/periodic.conf
beginner | Getting Started | Updated 2025-01-15
- freebsd
- installation
- setup
- configuration
- post-install