headerImage

Contents

Introduction

This article will walk you through setting up a generic Pentium box to be a FreeBSD server suitable for a small embedded systems development team. Your box will need to have the following basic items:

You can get a computer like this for about $100 from any used computer dealer, or you might already have most of the parts lying around.

Installation

For a first-time installation, I'd suggest getting the FreeBSD 4.10 Production release rather than the FreeBSD 5.1 New Technology release. Everything you need to start off with is available from the 4.10-i386-mini.iso image available from this list of FreeBSD Mirrors

Don't do anything until you have had a good look at the Installation Chapter of the FreeSD Handbook. Take an evening and read over the installation guide carefully.

If possible boot the machine and enter the BIOS setup screens. Set the system clock to UTC time, and set the BIOS defaults to non-PNP OS and to the most conservative (if possible) optimizations.

Also, take the time to run a system check on things like memory and the hard drive using the utilities available on the Ultimate Boot CD. I use MemTest86 and whatever drive tester is appropriate for my drive. Then I set up CPUBurn to run at least overnight to really cook things.

Once you are ready to install FreeBSD, just follow along with the Installation Chapter of the FreeBSD Handbook. My primary goal is to make a minimal useful installation. The following points are choices I made in the installation procedure. For convenience, the section headers point to the right places in the FreeBSD Installation Guide.

Starting the Installation
At this point, choose "Custom" to begin the installation sequence. I'm using custom instead of standard because you can change things if you make a mistake, which won't happen because we're careful.
Organizing Disk Space
I've decided that my box is going to run BSD exclusively, and there's only one hard drive, so I just choose the auto-defaults. Make sure that the soft updates flag is set for the file system partitions.
With regards to partitions, if you have a VERY large hard disk (say >20GB) available, it might make more sense to partition things like this: 
  4GB mounted as /
512MB swap
  4GB mounted as /home
  4GB mounted as /var
  4GB mounted as /usr
 rest mounted as /snapshot
Finally, I let the Standard Boot Loader install itself. There's no need for the FreeBSD Boot Manager becasue we're only ever going to boot FreeBSD.
Select the Distribution Set
At this point I chose "User" to get full binaries and docs, and no source. I think this gives us the most flexibility for a remote, headless box. Remember, we don't need X because we're going to use this box over the network. Besides, it's too easy to not really underatand what's going on and break stuff using a GUI - we are command line wizards!
Installing the Ports Collection
To minimize the amount of crap on the hard drive, choose "No" here. There's no need to add any extra packages to the box right now.
Network Device Configuration
If you have a network card, you'll want to set it up for IPV4 addressing at a fixed location on your network. The details of networking are beyond the scope of this tutorial. I have my box set up at a fixed location on my internal 192.168.1.x network behind my wireless access point/router.
If you do not have a domain yet, then don't fill anything in for domain. Do, however, fill in at least one of your ISP (or local network's) nameserver adresses. If you don't do it now, you won't be able to access the external Internet. Don't worry if you haven't got this information right now, we can fix it later.
Configure Gateway - Timezone
We're going to lock down the box eventually, but while we're going through the initial setup, just answer "No" to any questions until we get to the time zone settings. The default medium security profile gives us SSH (a secure remote login shell) and sendmail by default.
As far as the timezone value goes, I'll have to assume you know what your time zone is!
Linux Compatibility and Packages
The Linux compatibility will be turned off on this machine, and you can probably answer "No" to the rest of the questions. Don't install any additional packages just yet. Remember, we're trying to get the minimum amount of stuff onto this machine.
Adding Users and Groups
You'll want to add a user so that you can log into the server. The SSH system will not let you log in as root but you will need to be able to become root to do some system maintenance. The easiest way to do do this is to add a user called sysadmin and put them in the wheel group, which lets them become root by issuing the su command.
As far as choosing a shell, I like csh because it gives me an easy to use history via the cursor keys, but use whatever you are comfortable with.
Setting the root Password and Finishing Up
Finally, set the root password to something and exit the install procedure. You'll be asked to remove the CD from the drive and then the computer will reboot.
As part of the initial boot sequence, sendmail will try to set itself up and may have trouble resolving your network address if you're not connected to your network, or if your domain name isn't set. Just hit CTRL-C to abort the sendmail startup.
Congratulations! You've installed FreeBSD. If you are not greeted with the login: prompt, then something has gone wrong. Your best hope of fixing things is by looking at the FreeBSD Install Troubleshooting guide pages.

System Checkout

We're about to go headless, which means ditching the keyboard and monitor, but before we do, it's probably a good idea to make sure we can at least talk to the box, and it would even better if the box could talk to the rest of the network.

The checkout procedure assumes that the install went well, and that you have some other computers on your local area network. I'm going to use my local area network address (192.168.1.x) in the examples. Use whatever you have for your local adress if it's different.

First log in to your machine as sysadmin and see if you can ping another machine on your network: 

ping 192.168.1.x

where x is the adress of some other machine that you know is on your network. Type CTRL-C to stop pinging. You should see something like: 

PING 192.168.1.100 (192.168.1.100): 56 data bytes
64 bytes from 192.168.1.100: icmp_seq=0 ttl=64 time=7.269 ms
64 bytes from 192.168.1.100: icmp_seq=0 ttl=64 time=3.929 ms
64 bytes from 192.168.1.100: icmp_seq=0 ttl=64 time=3.669 ms
64 bytes from 192.168.1.100: icmp_seq=0 ttl=64 time=3.640 ms
64 bytes from 192.168.1.100: icmp_seq=0 ttl=64 time=4.326 ms
^C
--- 192.168.1.100 ping statistics ---
5 packets transmitted, 5 packets received, 0% packet loss
round-trip min/avg/max/stddev = 3.640/4.567/7.269/1.373 ms

Next, go to another computer on your network (It can be a Windows machine) and see if you can ping the FreeBSD box you just finished setting up. Under Windows, you can use the same command line, with the address of your new machine, of course) and see something like this: 

Pinging 192.168.1.201 with 32 bytes of data:

Reply from 192.168.1.201: bytes=32 time<10ms TTL=64
Reply from 192.168.1.201: bytes=32 time=10ms TTL=64
Reply from 192.168.1.201: bytes=32 time<10ms TTL=64
Reply from 192.168.1.201: bytes=32 time<10ms TTL=64

Ping statistics for 192.168.1.201:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum =  10ms, Average =  2ms

Finally, check the ssh keys that were generated when the machine booted for the first time. You're sysadmin now, so elevate yourself to root and type the following command: 

ssh-keygen -l -f /etc/ssh/ssh_host_key.pub

The result will look like this, which is the fingerprint of the key on my machine. 

1024 1e:f1:cc:8e:bb:8b:bd:e0:6e:74:c1:bf:8d:59:9b:43 /etc/ssh/ssh_host_dsa_key.pub

Write this number down. We'll need it later to verify that the remote login is working properly.

The default security profile enables sendmail, but it won't work properly on systems that do not have a domain name. And you really don't need the headache of administering the sendmail system. To disable it, you can edit /etc/rc.conf and make sure the following line: 

sendmail_enable="YES"

is changed to: 

sendmail_enable="NONE"

If you've got this far, you're in good shape for the next installment, which is setting up your Windows workstation to access the FreeBSD server. If you're already running a *nix workstation on your desk, then you can skip it and move on.

In any case, turn off the machine from the root account by typing 

shutdown -h now

When the screen says it is safe to do so, power down the machine. Now you can move it to its final location, but maybe you'll want to leave it out for a while if this is your first BSD box - just in case.