how to setup free bsd

1.install

2.use pkg

3.set up xorg

4.get a DE

using bsd install

after turning on your pc and getting to the bsd installer you need to set your key map just pick your keymap this is one of the quickest parts

you can then test your keyboard in the next step

now set your host name which is what you want your pc to be called ex: jackspc

now pick what components to install (i install all of it) this is what they do:

base-dbg - Base tools like cat and ls, among many others, with debug symbols activated.

kernel-dbg - Kernel and modules with debug symbols activated.

lib32-dbg - Compatibility libraries for running 32-bit applications on a 64-bit version of FreeBSD with debug symbols activate.

lib32 - Compatibility libraries for running 32-bit applications on a 64-bit version of FreeBSD.

ports - The FreeBSD Ports Collection is a collection of files which automates the downloading, compiling and installation of third-party software packages. Installing Applications: Packages and Ports discusses how to use the Ports Collection.

src - The complete FreeBSD source code for both the kernel and the userland. Although not required for the majority of applications, it may be required to build device drivers, kernel modules, or some applications from the Ports Collection. It is also used for developing FreeBSD itself. The full source tree requires 1 GB of disk space and recompiling the entire FreeBSD system requires an additional 5 GB of space.

tests - FreeBSD Test Suite.

after that set allocate ssd/disk space

just use auto (zfs)

pick your disk and write to it or use a partition

then install and pick your pool type (i use stripe) this is what they all do:

stripe - Striping provides maximum storage of all connected devices, but no redundancy. If just one disk fails the data on the pool is lost irrevocably.

mirror - Mirroring stores a complete copy of all data on every disk. Mirroring provides good read performance because data is read from all disks in parallel. Write performance is slower as the data must be written to all disks in the pool. Allows all but one disk to fail. This option requires at least two disks.

raid10 - Striped mirrors. Provides the best performance, but the least storage. This option needs at least an even number of disks and a minimum of four disks.

raidz1 - Single Redundant RAID. Allow one disk to fail concurrently. This option needs at least three disks.

raidz2 - Double Redundant RAID. Allows two disks to fail concurrently. This option needs at least four disks.

raidz3 - Triple Redundant RAID. Allows three disks to fail concurrently. This option needs at least five disks.

for a desktop without any super important files use stripe if not then pick what you need

then pick your disks

now name the pool (zroot is fine)

pick your swap (when your ram is maxed out it will off load stuff to your swap)

after this you can pick a password for your disk encryption (this wont happen if you didnt choose to encrypt your disk)

the next few things a easy just do them

new pick a password

it is easy to use wifi just type in the password and on ethernet just use DHCP on ipv4 you can also use SLAAC on ipvc

after set you time zone date and all that stuff

now pick the stuff you want to start on boot this is waht they do:

local_unbound - Enable the DNS local unbound. It is necessary to keep in mind that this is a configuration only meant for use as a local caching forwarding resolver. If the objective is to set up a resolver for the entire network, install dns/unbound.

sshd - The Secure Shell (SSH) daemon is used to remotely access a system over an encrypted connection. Only enable this service if the system should be available for remote logins.

moused - Enable this service if the mouse will be used from the command-line system console.

ntpdate - Enable automatic clock synchronization at boot time. Note that the functionality of this program is now available in the ntpd(8) daemon and the ntpdate(8) utility will soon be retired.

ntpd - The Network Time Protocol (NTP) daemon for automatic clock synchronization. Enable this service when wanting to synchronise the system clock with a remote time server or pool.

powerd - System power control utility for power control and energy saving.

dumpdev - Crash dumps are useful when debugging issues with the system, so users are encouraged to enable them.

now you can harden your system this is what the harding tools do

hide_uids - Hide processes running as other users (UID). This prevents unprivileged users from seeing running processes from other users.

hide_gids - Hide processes running as other groups (GID). This prevents unprivileged users from seeing running processes from other groups.

hide_jail - Hide processes running in jails. This prevents unprivileged users from seeing processes running inside jails.

read_msgbuf - Disable reading kernel message buffer for unprivileged users. Prevent unprivileged users from using dmesg(8) to view messages from the kernel’s log buffer.

proc_debug - Disable process debugging facilities for unprivileged users. Disables a variety of unprivileged inter-process debugging services, including some procfs functionality, ptrace(), and ktrace(). Please note that this will also prevent debugging tools such as lldb(1), truss(1) and procstat(1), as well as some built-in debugging facilities in certain scripting languages like PHP.

random_pid - Randomize the PID of processes.

clear_tmp - Clean /tmp when the system starts up.

disable_syslogd - Disable opening the syslogd network socket. By default, FreeBSD runs syslogd in a secure way with -s. This prevents the daemon from listening for incoming UDP requests on port 514. With this option enabled, syslogd will instead run with -ss, which prevents syslogd from opening any port. For more information, see syslogd(8).

disable_sendmail - Disable the sendmail mail transport agent.

secure_console - Make the command prompt request the root password when entering single-user mode.

disable_ddtrace - DTrace can run in a mode that affects the running kernel. Destructive actions may not be used unless explicitly enabled. Use -w to enable this option when using DTrace. For more information, see dtrace(1).

enable_aslr - Enable address layout randomization. For more information about address layout randomization the Wikipedia article can be consulted.

now you can add users

then you can make any last changes to the system

Add User

Root Password

Hostname

Network

Services

System Hardening

Time Zone

Handbook - Download and install the FreeBSD Handbook

on the next screen you can reboot shutdown or go in to a live cd

using pkg