Enable SSHD on FreeBSD

I believe most system admin does remote access to the server. Who doesn’t enable SSHD on FreeBSD? Almost every new FreeBSD installation, the first thing I will do after installation is enable SSHD Service on FreeBSD. Start the service and remote access from laptop, with a cup of coffee!

To enable SSHD on FreeBSD

  • Edit the file: vi /etc/rc.conf
  • Add: sshd_enable=”YES”
  • To start sshd service: /etc/rc.d/sshd start

If it’s the first time you enable SSHD, it will generate the keys for the first time.

Disabled Sendmail Service on FreeBSD

Disabled Sendmail Service on FreeBSD is slightly different compare to Linux. We usually disabled Sendmail Service and configure exim on FreeBSD. Sendmail service can be disabled via /etc/rc.conf.

Put these lines into /etc/rc.conf


sendmail_enable="NONE" 

After that restart sendmail service


/etc/rc.d/sendmail restart

If you would like sendmail to be able to host outgoing email. Put these lines in /etc/rc.conf


sendmail_enable="NO" 

After that restart sendmail service


/etc/rc.d/sendmail restart

Turn on DNS Query Log on Bind

You are running a recursive DNS server and would like to find out the statistic of your user browser behavior (Whether they browse Facebook or Google?). Turn on DNS query logs will allow you to find out the statistic. To turn on DNS query log in Bind, configure lines below on named.conf


logging{
        channel query_logging {
                file "/var/log/query.log" versions 3 size 10m;
                severity debug 3;
                print-time yes;
                print-severity yes;
                print-category yes;
        };

        category queries {
                query_logging;
        };
};

To turn on query logging while DNS service is running; you need to to rndc querylog and check the status with rndc status


shell> rndc querylog
shell> rndc status 
version: 9.x.x
number of zones: 1200
debug level: 3
xfers running: 0
xfers deferred: 0
soa queries in progress: 0
query logging is ON
recursive clients: 0/0/1000
tcp clients: 0/100
server is up and running

query logging is ON indicates that DNS query logging is activated.

Create Root Privilege User on MySQL

By default, MySQL root privileges user is “root”, I always remove “root” userid once I got MySQL installed, mainly for security purpose, secondly I do not want stupid thing happened like someone able to brute force into MySQL database.

You can create “root” alike privilege user in MySQL by following the step below;

  • Access to mysql /usr/local/bin/mysql
  • mysql> GRANT ALL PRIVILEGES ON *.* TO ‘yourusername’@’localhost’ IDENTIFIED BY ‘yourpasswordhere’ WITH GRANT OPTION;
  • mysql> flush privileges;
  • mysql> quit;

You can add a few more privileges user if you have more than 1 person to admin MySQL Database.

Reset MySQL Root Password

Very often, once we didn’t log on to MySQL database for some time, I guess most of us will forgot the root password. Can we reset the root password? Obviously… Nothing is Impossible :P

Follow the steps below to reset MySQL’s Root Password;

  • Stop MySQL Service
  • Start MySQL Service in Safe Mode: /usr/local/bin/mysqld_safe –skip-grant-tables&
  • Connect to MySQL /usr/local/bin/mysql
  • mysql> use mysql;
  • mysql> UPDATE user set password=password(‘newpassword’) where user=’root’ and host=’localhost’;
  • mysql> flush privileges;
  • mysql> quit;
  • Stop MySQL Service Again
  • Start MySQL Service in normal mode

Log in to MySQL with your newly created password.