Install FreeBSD 14.1 (Short and Sweet Version)
The FreeBSD Handbook has an extensive chapter on installing FreeBSD that covers a wide range of scenarios with descriptions of each possible choice. Its an invaluable resource maintained by volunteer contributors.
After performing a few installs, these are my personal notes of steps taken and choices made. A distilled, short and sweet version of the above Handbook.
This is how I do it...
1. Setup
- Target device is
amd64architecture with UEFI boot - FreeBSD is the sole OS on a single disk
- Native full disk encryption with ZFS
2. Download
The latest RELEASE amd64 install images are available here: release/amd64
Download:
FreeBSD-14.1-RELEASE-amd64-disc1.isoCHECKSUM.SHA256-FreeBSD-14.1-RELEASE-amd64.
On a Linux-based system, verify the image by running:
$ sha256sum -c --ignore-missing CHECKSUM.SHA256-FreeBSD-14.1-RELEASE-amd64
FreeBSD-14.1-RELEASE-amd64-disc1.iso: OK
$ sync
3. Prepare install media
Prepare a USB storage device as an installer. Write the install image to an unmounted USB storage device using the dd command as root.
BE VERY CAREFUL TO NOTE THE PROPER DEVICE. ALL DATA ON THE DEVICE WILL BE OVERWRITTEN.
Example: On a Linux system, if a USB stick appears as sdx1, then write the installer to sdx (no partition number):
$ sudo dd if=/path/to/FreeBSD-14.1-RELEASE-amd64-disc1.iso of=/dev/sdx bs=1M conv=sync
4. Install
Insert and boot install media on target device.
Install FreeBSD using the text-based installation program bsdinstall
Steps:
[Enter]forBoot Multi user- Choose
[Install] - Keymap Selection: Default is
USkeyboard map. Example: I prefer the Colemak layout:(*) Colemak ergonomic alternative - Set Hostname:
<new_name_for_device>.localdomain - Optional system components to install:
[*] kernel-dbg[*] lib32[*] ports[*] src
- Partitioning:
Auto (ZFS) Guided Root-on-ZFS - ZFS Configure Options: Keep default options, adding ...
- Pool Type/Disks:
stripe: 1 disk[*] ada0for SATA,[*] nda0for NVME
- Encrypt Disks?
YES - Swap Size
<1.5x of RAM> - Encrypt Swap?
YES - Enter encryption passphrase. Retype to confirm.
- Pool Type/Disks:
- New password for root. Retype to confirm.
- Select network interface:
<ethernet>. Example:em0is an Intel device- Configure IPv4 for this interface?
[ Yes ]- Use DHCP?
[ Yes ]
- Use DHCP?
- Configure IPv6 for this interface?
[ No ] - Resolver Configuration
- Search
home - IPv4 DNS #1
<ip_address> - IPv4 DNS #2
<ip_address>
- Search
- Configure IPv4 for this interface?
- Clock set to UTC?
[ Yes ] - Time Zone Selector:
<region>. Example:America - Canada - Eastern EDT - Set Date
- Set Time
[ Skip ](NTP will set on reboot) - Services to be started at boot:
[*] local_unbound[*] sshd[*] ntpd[*] powerd(for laptops)[*] dumpdev
- System security hardening options: select all
- Add user?
< Yes >- Username
- Full name
- Uid:
<enter> - Login group:
<enter> - Other groups?:
wheel - Login class:
<enter> - Shell:
sh - Home directory:
<enter> - Home directory permissions:
<enter> - Enable ZFS encryption?:
no - Use password-based authentication?
yes - Use an empty password?
no - Use a random password?
no - Enter password. Retype to confirm.
- Lock out account after creation?
no - Add another user?
no
- Final Configuration:
Exit - Manual Configuration:
< No > [ Reboot ]
5. First boot
NOTE: Keyboard at boot reverts back to default US keyboard.
User is prompted for the passphrase to unlock the encrypted root partition. Upon success, boot resumes to...
login:
Welcome to FreeBSD!
Read boot messages after login:
$ less /var/run/dmesg.boot
Show the version of FreeBSD installed:
$ freebsd-version ; uname -a
List system partitions:
$ gpart show
6. Shutdown
Switch to root, then power off the system:
$ su
Password:
# shutdown -p now
7. After the install
Now what? These are some extra steps I take after installing FreeBSD.
You can like, share, or comment on this post on Mastodon 💬
» Next: 8 things I do after installing FreeBSD
« Previous: Secure remote access to FreeBSD devices using SSH keys