Date: Fri, 26 Feb 2016 06:56:36 -0800 From: Robert Ayrapetyan <robert.ayrapetyan@gmail.com> To: Terje Elde <terje@elde.net> Cc: freebsd-security@freebsd.org Subject: Re: verify FreeBSD installation Message-ID: <56D067A4.2060200@gmail.com> In-Reply-To: <0977BC22-D5FC-42FB-B75F-455215479F86@elde.net> References: <56CD2EE3.5080009@gmail.com> <A6D06224-5502-4CAC-A88D-951E25466D51@elde.net> <56CFE7AE.3080507@gmail.com> <0977BC22-D5FC-42FB-B75F-455215479F86@elde.net>
next in thread | previous in thread | raw e-mail | index | archive | help
I'm using a following very simple and clear way instead of mfsBSD: - Reboot into "rescue mode" (feature provided by any hoster) - SSH to remote machine rebooted in "rescue mode" and run two commands: - wget ftp://ftp.freebsd.org/pub/FreeBSD/releases/amd64/amd64 /ISO-IMAGES/10.2/FreeBSD-10.2-RELEASE-amd64-bootonly.iso - kvm -curses -m 13000 -hda /dev/sda -hdb /dev/sdb -cdrom ~/FreeBSD-10.2-RELEASE-amd64-bootonly.iso -boot d That's all lol ). From this moment you just follow standard FreeBSD installation procedure (I prefer ZfsOnRoot mode). On 02/25/16 23:30, Terje Elde wrote: > > > On 26 Feb 2016, at 06:50, Robert Ayrapetyan > <robert.ayrapetyan@gmail.com> wrote: > > > > Yeah, finally I've decided to re-install from an official iso. > > I've found some services in crontab I didn't liked at all - they > were submitting a lot of info to a third-party servers (officially for > monitoring purposes). > > p.s. Under "instance" I mean a dedicated unmanaged server. > > With a dedicated unmanaged, a reinstall would be my preference as > well. There's an interesting option for this, called mfsBSD. It can be > a bit of hassle to set it up the first time (just a bit), but once > it's up, it'll give you an image that you can simply dd onto the > harddrive(s), and boot from. It then runs only in memory, no longer > dependent on the drives, and allows you to ssh in, and do an install > just like you would from a dvd. > > The reason that it can be a slight hassle, is that unless your > provider has DHCP, you'd have to configure IP etc in the image, so > it'd be able to bring up networking correctly. > > Other options that can be interesting for setups like this, is using > geli for disk-encryption. > > Terje >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?56D067A4.2060200>