FreeBSD installation ( macOS )

Install FreeBSD on macOS

Install FreeBSD using parallels desktop

disc vs did

https://forums.freebsd.org/threads/difference-between-disc-1-and-dvd-1.54329/

Add new VM on parallels desktop

  1. navigate to controll panel and select add new VM
  2. continue
  3. create new VM from ISO file
  4. continue step
  5. ignore alert and select other OS (not other linux)

Install FreeBSD

refernce to : NYCU NASA install FreeBSD pdf

ssh into FreeBSD ( login to FreeBSD via macOS terminal )

  1. type ifconfig command to check current device IP
  2. ssh into FreeBSD just like logging into other VPS
  3. successful login

Homework

prerequisites

  • judge user & group setting
  • wireGuard VPN

homework

General task

  • SSH Public Key and judge User : The task is to setup correct ssh configuration so that judge server could ssh into our VM as judge user to test our evironment setting . The public key could be download from OJ( online judge ) , then we have to copy public key from our local workspace ( macOS for me ) to FreeBSD VM ( which also can be seen as remote server )

By using ssh-copy-id or scp command , the public key can be sent to VM . Another solutiuon is using curl command to dowdload public key directly from OJ . As for configuration file of wiredGuard can be sent to VM via scp command . ( or using curl )

  • Install FreeBSD 13.1-RELEASE and apply the security patch : After installing FreeBSD , run freebsd-version would get 13.1-RELEASE as result ( without p7 tag after ) , so we have to update the system to latest patch . By running freebsd-update fetch install command to get latest patch .
  • Time Zone : Time Zone have already setup during bsdintall

User & Group task

Using adduser ( user must have root user’s credential ) to create new user and also setting user’s group meanwhile .

For the requirement of judge user could run sudo command without password , we have to config sudoer file . ( user must have root user’s credential )

  1. Using visudo command : config sudoer file directly via vi editor
  2. Edit sudoer file via vim : The default sudoer file is located at /usr/local/etc/sudoers , so we could edit sudoer file using vim instead of vi ( which is more easy to use ) .

WireGuard

Copy the configuration file into /usr/local/etc/wireguard/ using scp. And start VPN tunnel using wg-quick command.

https://www.wireguard.com/install/#freebsd-kmod-userspace-go-tools

commands

  • freebsd-update fetch install : update system to latest patch version
  • shutdown -p now
  • reboot
  • su :
    • su - USERNAME : change to USERNAME ( the whole environment will change )
    • su USERNAME : change to USERNAME ( reserve some previous user information )
  • groups USERNAME : check USERNAME’s groups
  • adduser
  • rmuser
  • pw group mod GROUP_NAME -m USERNAME : add USERNAME user to GROUP_NAME group
  • visudo : edit sudoer config file
    • sudoer file defult location : /usr/local/etc/sudoers
  • wg-quick
    • wg-quick up /path/to/file.conf
    • /usr/local/etc/wiredguard/vpnName.conf ( defult config file location )
  • scp
    • scp /path/to/local-server/file User@Host:/path/to/remove-server/dir
  • ssh-copy-id
    • ssh-copy-id -i /path/to/keyGenFile.pub User@Host
  • service sshd restart

Weird Bug ?

Bug Situation: After setting up wiredGuard and authorized_keys , the judge server could ping VM but can’t ssh into MV .

I have tried remove .ssh/authorized_keys and download public key from judge server serverl times , however the judge server still not can ssh into VM.

Solution:

My friend Owen remove the whole .ssh directory and create .ssh directory , copy authorized_keys then solve this condition .

Reference