Archive for the ‘Unix – FreeBSD’ Category

FreeBSD 10.3 OpenVPN Server

July 13, 2017

How to install an OpenVPN Server and allow all traffic (including internet) thru the VPN server.

Setup –
FreeBSD 10.3 Server behind a PFSense box
Windows 10 client

I followed this guys site …


Also follow OpenVPN documentation on “pushing” DNS and routes if you want, link is below. You’ll need to add the line below to your openvpn.conf file to push all traffic thru the VPN server as a gateway…

push "redirect-gateway def1"


He is spot on, in his write up but two things he doesn’t tell you. You have to turn up either PF or IPFW and NAT. Also, he doesn’t make you aware of the “tls ta.key” setting. You can disable this or enable it in the openvpn.conf file. The “ta.key” has to be copied to both client and server. I disabled mine as after reading, its not a big security threat.

Once installed and you can connect to your server from your client, its time to turn up a NAT.

I used PF. Follow the FreeBSD Handbook setup for PF. Below is my pf.conf file. It is very simple. I do not have any firewall features because my server already sits behind a firewall.

nat on re0 from any to any -> (re0)

pass in all
pass out all keep state

pass in on tun0 from tun0:network to re0:network keep state
pass out on re0 from tun0:network to re0:network keep state

Once your NAT and PF is working, you should be good to go.

FreeBSD delete pool mountpoints/data set

March 11, 2016

zfs destroy POOL/mountpoint

use destroy -r or -R if there are other sub mounts.

refer to this Sun cheatsheet Sun ZFS Cheatsheet

FreeBSD 10.2 – USB thumb drive full; but isn’t.

March 10, 2016

Command: df -h
Filesystem Size Used Avail Capacity Mounted on

/dev/da0p2 111G 111G -8.9G 109% /

Command: du -hs * | sort -h
root@nas:/ # du -hs * | sort -h

0B home
0B sys
3.5K dev
4.0K entropy
4.0K proc
8.0K media
8.0K mnt
36K tmp
128K root
276K libexec
1.2M bin
2.8M etc
6.5M sbin
7.9M rescue
9.5M lib
481M boot
491M var
1.8G usr

root@nas:/ #

Finally found a thread on here after searching some more…
Ran the following command and it repaired blocks
# fsck_ffs -f /dev/da0p2
Rebooted and all is fixed.

Move ZFS pool from FreeNAS 9.3 to FreeBSD 10.2

January 12, 2016

Got tired of FreeNAS 9.3 being flaky and overkill. Don’t need all that it offers anyways. I had two 3TB hard drives that are a mirror group. ZFS will automatically see these disk.

zfs_enable=”YES” in /etc/rc.conf

zpool import = shows mounts available

zpool import (pool name)

zpool export (pool name) = to umount the drives.

zfs set mountpoint=/dir/dir (pool name)

zfs will remember the set mount point for the next reboot. All good.

FreeBSD 10.1 with MATE Desktop, Slim DM, X11vnc

May 20, 2015

MATE is a great desktop and seems to be very stable and quick with FreeBSD.  Follow the link below on setting it up, this person gives a good basic tutorial.

A more in depth install is covered here…

If you want to get Slim to auto login, you can do that be editing the slim conf file…

# ee /usr/local/etc/slim.conf

down towards the end, uncomment the “default_user” field and to the right, put your default user name.  Then just below that, uncomment auto_login and set it to “yes”.

I also wanted to get Remote Desktop working so I could VNC into my box.  X11vnc is the best for this.  It will use the current display.

# pkg install x11vnc

# x11vnc -storepasswd    (then put your password in, it will put it in a file .vnc/passwd)

# ee   (create a script to enable VNC server to listen and stay on even after you disconnect)

#!/usr/local/bin/bash    or    (  #!/bin/sh   if you are using default shell )

x11vnc -rfbauth ~/.vnc/passwd -forever -display :0 &

##### exit and save the file.

# chmod a+x

# ./

You are good to go, you’ll see an output but just hit enter key to clear it.

If you want VNC to come up at start up, on your desktop go to System > Preference > Startup Applications.  There put in a name for your App, the directory to the we just made and a comment if you want.  Thats it.  Not it will start up every time you reboot.

FreeBSD 10.1 on HP EliteBook 8440p

March 2, 2015

I did a simple setup for FreeBSD on this laptop. I’ve not gotten around to playing with ACPI events such as battery and lid closing. This laptop is purely for BSD Certification testing and playing around with the other BSD’s.

What I can tell you is that everything worked straight from the install with a few addition/tweaks.

Install – You’ll need the UEFI boot images. Even if UEFI is disabled in the bios, it still will not work. Also set the hard drive settings to IDE instead of AHCI.
Wifi – Intel N600 chipset. Just follow the Wireless document in the handbook. Fully supported.
Xorg – NVIDIA drivers. You’ll need to install NVIDIA-drivers-340 and NVIDID-xconfig.

Thats all I have so far because thats all I really need on it for the time being.

OpenBSD 5.6 and VirtualBox

March 2, 2015

So apparently OpenBSD on Virtualbox needs VT enabled in the BIOS or you can’t install it. If you keep getting an error or you can’t press “I” during setup to initial the install, this is why. Go into your BIOS and enable Virtual Technology.

PF Sense & Netgate APU board

December 22, 2014

This guy has a good tutorial…  click here


Download the latest embedded image from PF Sense.  You’ll want the 64bit option.

You’ll need to write the image to your SD card.  Depends on your OS.

Windows – download WriteDiskImage

Mac – $ sudo gzcat pfsense-XXX.img.gz | dd of=/dev/disk[n] bs=16k        (unmount the disk, unmountDisk /dev/diskN)

The default serial speed on the board is 115200 but you can set you terminal to 9600.  You’ll see gibberish.  Set your terminal you are using.

FreeBSD – cu -l /dev/cuau0 -s 9600 -t     ( to exit type:   ~. )

Linux – use minicom

Plug in your serial cable and power cable.  Lets do this.

When you see a message about ‘Booting [/boot/kernel/kernel]’ press CTRL-C until it drops to an ‘OK’ prompt.

Type:  set

Type:  boot

Assign your interfaces.  I suggest you do auto config.

Log in to the webgui and go to Diagnostics menu –> edit file.

Click the browse button.  Click on the /boot folder.   Click the /default folder.  Click the loader.conf.   Click load at the type.

Add this line:”10000″

Save it.

Now go System –>  Advanced.    Down near the bottom.  Change your console speed to 115200.  Click save down at the bottom.



FreeBSD 10 – sFTP setup

May 21, 2014


First off, sFTP doesnt actually use FTP protocol or associate with it.  It’s pretty much like SCP but with other features.  It uses port 22 as well.  The one unique thing about it is that the user or group you specify in the sshd_config for sFTP will not be able to log in with SSH.  That user will only be able to sFTP into the server.

Pretty simple to setup.

ee /etc/ssh/sshd_config

scroll down to the bottom and put this in…

Match User sftpuser                (specify “group” instead of user if you wanted)
ChrootDirectory /home/%u
X11Forwarding no
AllowTcpForwarding no
ForceCommand internal-sftp


Thats it.

# service sshd restart.

Create your user.

Root must be the owner of the home directory.  It should be by default.

Create another directory inside the new users home for them to access.

mkdir /home/sftpuser/files

chown root:sftpuser /home/sftpuser

chown sftpuser:sftpuser /home/sftpuser/files


You are done!  Have fun!

FreeBSD 10 ssh key authenication

May 21, 2014


# ssh-keygen -t rsa  (uses default 2048, want higher?  use -b 4096)

Enter a passphrase.

cat >> .ssh/authorized_keys

ee /etc/ssh/sshd_config  

Comment out (#) the line ChallengeResponseAuthenication and change it to "no" (without the quotes)

service sshd restart

Copy the id_rsa (private key) to your laptop/desktop or whatever computers you use.   drop it into the .ssh directory of your system directory.  Have Windows?  point to it in Putty.  I believe most distro's will read the id_rsa as a default key file so you may need to change its name if you SSH to other servers.  for example...I have a server named I would ssh user@web01 -i web01.priv  <--- is my private key.