All posts by Sumarsono

An Introduction to Basic FreeBSD Maintenance

Introduction

When administering FreeBSD servers, it is important to understand the basic maintenance procedures that will help you keep your systems in good shape.

In this guide, we will be covering the basic processes needed to keep your server up-to-date and functioning properly. We will be covering how to update the base operating system that the FreeBSD team maintains. We will also discuss how to update and maintain optional software installed through the ports or packages systems.

If you need help getting started with FreeBSD, follow our guide here.

Updating the Base FreeBSD Operating System

One important thing to realize when working with FreeBSD is that the base operating system is built and managed separate from the other software on the system. This provides a number of benefits and allows the FreeBSD team to carefully test and develop the core functionality of the system.

Note: Read the note at the bottom of this section regarding a bug in the current update procedure before proceeding.

When you start using your server, there is a good chance that security updates have been published to the base system. To query the FreeBSD project’s servers for these updates, download any new files, and install them on your system, type the following command: Continue reading An Introduction to Basic FreeBSD Maintenance

Recommended Steps for New FreeBSD 10.1 Servers

Introduction

When setting up a new FreeBSD server, there are a number of optional steps you can take to get your server into a more production-friendly state. In this guide, we will cover some of the most common examples.

We will go over how to set up a simple, easy-to-configure firewall that denies most traffic. We will also make sure that your server’s time zone accurately reflects its location. We will set up NTP polling in order to keep the server’s time accurate and, finally, we will demonstrate how to add some extra swap space to your server.

Before you get started with this guide, you should log in and configure your shell environment the way you’d like it. You can find out how to do this by following this guide.

How To Configure a Simple IPFW Firewall

The first task that we will tackle is setting up a simple firewall to secure our server.

FreeBSD actually supports and includes three separate firewalls, each with their own strengths and weaknesses. These are called pf, ipfw, and ipfilter. In this guide, we will be using ipfw because we can easily get up-and-running with a secure, stateful firewall. Continue reading Recommended Steps for New FreeBSD 10.1 Servers

How To Configure SSH Key-Based Authentication on a FreeBSD Server

Introduction

SSH, or secure shell, is a network protocol that provides a secure, encrypted way to communicate with and administer your servers. As SSH is the most common way of working with a FreeBSD server, you will want to familiarize yourself with the different ways that you can authenticate and log in to your server. While there are several ways of logging into a FreeBSD server, this tutorial will focus on setting up and using SSH keys for authentication.

How SSH Keys Work

An SSH server can authenticate clients using a variety of methods. The most common methods include password and SSH key authentication. While passwords do provide a barrier against unauthorized access, using SSH keys is generally much more secure.

The issue with passwords is that they are typically are created manually, without sufficient length or complexity in content. Therefore, they can be susceptible to being compromised by brute force attacks. SSH keys provide a reliably secure alternative. Continue reading How To Configure SSH Key-Based Authentication on a FreeBSD Server

How To Get Started with FreeBSD 10.1

How To Get Started with FreeBSD 10.1

Introduction

FreeBSD is a secure, high performance operating system that is suitable for a variety of server roles. In this guide, we will cover some basic information about how to get started with a FreeBSD server.

Step One — Log In with SSH

The first step you need to take to begin configuring your FreeBSD server is to log in.

On DigitalOcean, you must provide a public SSH key when creating a FreeBSD server. This key is added to the server instance, allowing you to securely login from your home computer using the associated private key. To learn more about how to use SSH keys with FreeBSD on DigitalOcean, follow this guide.

To login to your server, you will need to know your server’s public IP address. For DigitalOcean Droplets, you can find this information in the control panel. The main user account available on FreeBSD servers created through DigitalOcean is called freebsd. This user account is configured with sudo privileges, allowing you to complete administrative tasks.

To log into your FreeBSD server, use the ssh command. You will need to specify the freebsd user account along with your server’s public IP address: Continue reading How To Get Started with FreeBSD 10.1

A Comparative Introduction to FreeBSD for Linux Users

Introduction

FreeBSD is a free and open source Unix-like operating system and a popular server platform. While FreeBSD and other BSD-based systems share much in common with systems like Linux, there are points where these two families diverge in important ways.

In this guide, we will briefly discuss some commonalities between FreeBSD and Linux before moving on to a more extended discussion on the important differences between them. Many of the points below can accurately be applied to the greater family of BSD-derived systems, but as a consequence of our focus, we will be referring mainly to FreeBSD as a representative of the family. Continue reading A Comparative Introduction to FreeBSD for Linux Users

How To Use Git Branches

This article is the third installment in the “Using Git” series. It assumes that you have read both the installation article and the article on how to use git effectively.

In the world of version control systems, GIT is arguably one of the best in terms of flexbility. It’s very easy to learn the syntax and to figure out how git can best serve your workflow and your environment.

This tutorial will teach you how to create two branches (master and develop) and how to merge code from the development stage to production.

A branch, at its core, is a unique series of code changes with a unique name. Each repository can have one or more branches.

By default, the first branch is called “master”.

Viewing branches

Prior to creating new branches, we want to see all the branches that exist. We can view all existing branches by typing the following: Continue reading How To Use Git Branches

How To Use Git Effectively

This article assumes that you have git installed and that your global configuration settings (namely username and email) are properly set. If this is not the case, please refer to the git introduction tutorial.

Git is a very useful piece of software to help streamline development for programming projects. It comes with no language requirements nor file structure requirements, leaving it open for the developers to decide how they want to structure their workflow.

Before using git for your development, it’s a good idea to plan out your workflow. The workflow decision is typically based on the size and scale of your project. To gain a basic understanding of git for now, a simple, single-branch workflow will suffice. By default, the first branch on any git project is called “master”. In a following tutorial in this series, you will learn how to create other branches.

Let’s create our first project and call it “testing”. (If you already have a project that you want to import to git you can skip down to that section.)

Creating your workspace

Just like you want to have a good, clean work environment, the same idea applies to where you do your coding, especially if you’re going to contribute to a number of projects at the same time. A good suggestion might be to have a folder called git in your home directory which has subfolders for each of your individual projects. Continue reading How To Use Git Effectively

How To Install Git on Ubuntu 14.04

Introduction

An indispensable tool in modern software development is some kind of version control system. Version control systems allow you to keep track of your software at the source level. You can track changes, revert to previous stages, and branch to create alternate versions of files and directories.

One of the most popular version control systems is git, a distributed version control system. Many projects maintain their files in a git repository, and sites like GitHub and Bitbucket have made sharing and contributing to code simple and valuable.

In this guide, we will demonstrate how to install git on an Ubuntu 14.04 VPS instance. We will cover how to install the software in two different ways, each of which have benefits.

This tutorial assumes you are signed in as a non-root user which you can learn how to create here. Continue reading How To Install Git on Ubuntu 14.04

How To Use NSD, an Authoritative-Only DNS Server, on Ubuntu 14.04

Introduction

Setting up a DNS server to be responsible for domain names can be a complex task even for seasoned administrators. DNS zone management is a vital duty, but can be bewildering, especially when attempting to get started.

Software like the Bind DNS server is incredibly flexible and can be configured to operate as many of the components in the overall DNS hierarchy. However, that flexibility also means that Bind is not optimized for any one task. This has a few side effects.

Most of the time there are huge chunks of functionality that your configuration has no need for. This additional complexity makes management more difficult. It also means that the software itself will be less responsive for any one task.

To solve this problem, alternative DNS servers have been created that specialize in a single area of DNS resolution. A piece of software known as NSD is an authoritative-only DNS server that is ideal for managing DNS zones authoritatively. Without the need to ever worry about recursion or caching, this server operates with high performance and a lower footprint.

In this guide, we will demonstrate how to install and configure NSD to securely administer our DNS zones on Ubuntu 14.04 servers. Continue reading How To Use NSD, an Authoritative-Only DNS Server, on Ubuntu 14.04

How To Configure BIND as a Private Network DNS Server on Ubuntu 14.04

Introduction

An important part of managing server configuration and infrastructure includes maintaining an easy way to look up network interfaces and IP addresses by name, by setting up a proper Domain Name System (DNS). Using fully qualified domain names (FQDNs), instead of IP addresses, to specify network addresses eases the configuration of services and applications, and increases the maintainability of configuration files. Setting up your own DNS for your private network is a great way to improve the management of your servers.

In this tutorial, we will go over how to set up an internal DNS server, using the BIND name server software (BIND9) on Ubuntu 14.04, that can be used by your Virtual Private Servers (VPS) to resolve private host names and private IP addresses. This provides a central way to manage your internal hostnames and private IP addresses, which is indispensable when your environment expands to more than a few hosts.

The CentOS version of this tutorial can be found here.

Prerequisites

To complete this tutorial, you will need the following:

  • Some servers that are running in the same datacenter and have private networking enabled
  • A new VPS to serve as the Primary DNS server, ns1
  • Optional: A new VPS to serve as a Secondary DNS server, ns2
  • Root access to all of the above (steps 1-4 here)

If you are unfamiliar with DNS concepts, it is recommended that you read at least the first three parts of our Introduction to Managing DNS. Continue reading How To Configure BIND as a Private Network DNS Server on Ubuntu 14.04