FreeBSD 13.2 试玩

刚刚看到 Amazon Lightsail 除了 FreeBSD 12 镜像之外,现在终于提供 FreeBSD 13 的镜像了,赶紧把之前的老版本删了,重新开了一个 13 版本的 Instance 。为了以后参考方便,写一点折腾记录。

通过 SSH 连接 FreeBSD 13.2 实例

首先 Lightsail 默认在系统创建了一个名为 ec2-user 的用户名,需要下载官方提供的证书,

sudo chmod 400 Downloads/LightsailDefaultKey-us-west-2.pem

然后就可以在 macOS 自带的终端通过 ssh 连接服务器了。

ssh -i Downloads/LightsailDefaultKey-us-west-2.pem

出现下面的画面表示连接成功,通过执行 su – 命令可以切换到 root 用户。

Last login: Wed Nov  8 07:11:50 2023 from

Welcome to FreeBSD!

Release Notes, Errata:
Security Advisories:
FreeBSD Handbook:
Questions List:
FreeBSD Forums:

Documents installed with the system are in the /usr/local/share/doc/freebsd/
directory, or can be installed later with:  pkg install en-freebsd-doc
For other languages, replace "en" with a language code like de or fr.

Show the version of FreeBSD installed:  freebsd-version ; uname -a
Please include that output and any error messages when posting questions.
Introduction to manual pages:  man man
FreeBSD directory layout:      man hier

To change this login announcement, see motd(5).
To set a custom ZFS property on the mypool pool, you need to provide it
using the "key1:key2=value" syntax, where the colon (:) is used as the
separator and identifier from the built-in ZFS properties:

# zfs set warranty:expires=2038-01-19 mypool

The custom property is applied to all datasets and can be queried like any
built-in properties using zfs get:

zfs get warranty:expires mypool

To reset the value of a custom property, use the inherit subcommand:

# zfs inherit warranty:expires mypool

Removing a custom property from a pool is done using the -r flag to the
"zfs inherit" command:

# zfs inherit -r warranty:expires mypool

		-- Benedict Reuschling <>
ec2-user@freebsd:~ $ su
root@freebsd:/home/ec2-user #


使用 adduser 命令新建一个用户:

root@freebsd:/home/ec2-user # adduser
Username: pengjiayou
Full name: Charles Peng
Uid (Leave empty for default):
Login group [pengjiayou]:
Login group is pengjiayou. Invite pengjiayou into other groups? []: wheel
Login class [default]:
Shell (sh csh tcsh nologin) [sh]:
Home directory [/home/pengjiayou]:
Home directory permissions (Leave empty for default):
Use password-based authentication? [yes]: yes
Use an empty password? (yes/no) [no]: no
Use a random password? (yes/no) [no]: no
Enter password:
Enter password again:
Lock out the account after creation? [no]:
Username   : pengjiayou
Password   : *****
Full Name  : Charles Peng
Uid        : 1004
Class      :
Groups     : pengjiayou wheel
Home       : /home/pengjiayou
Home Mode  :
Shell      : /bin/sh
Locked     : no
OK? (yes/no): yes
adduser: INFO: Successfully added (pengjiayou) to the user database.
Add another user? (yes/no): no

查一下,新建的用户加入了 wheel 组

root@freebsd:/home/ec2-user # id pengjiayou
uid=1004(pengjiayou) gid=1004(pengjiayou) groups=1004(pengjiayou),0(wheel)

通过本地 ssh 秘钥连接服务器

在 macOS 上执行下面的命令列出本地 ssh 秘钥,复制到剪切板

cat ~/.ssh/

在 FreeBSD 13 上切换到刚刚新建的用户

su - pengjiayou

新建 .ssh 文件夹

mkdir -p ~/.ssh

使用自带的 ee 编辑器把刚刚复制的内容粘贴到 ~/.ssh/authorized_keys 文件中

ee ~/.ssh/authorized_keys

接着就可以使用 ssh 连接服务器了。


安装 doas 以普通用户执行 root 命令

doas 和 sudo 差不多,FreeBSD 下我更喜欢用 doas ,先切换到 root 用户

pengjiayou@freebsd:~ $ su -
root@freebsd:~ #

安装 doas

pkg install doas

执行以下 doas ,表示安装成功了

root@freebsd:~ # doas
usage: doas [-nSs] [-a style] [-C config] [-u user] command [args]

编辑 /usr/local/etc/doas.conf 文件

ee /usr/local/etc/doas.conf


permit nopass keepenv :pengjiayou

切换回新建的用户,然后用 doas 测试一下

root@freebsd:~ # su - pengjiayou
You can delete a range of ZFS snapshots (a-z) in multiple ways.
The following will delete d and all earlier snapshots:

zfs destroy mypool/data@%d

To delete d and all later snapshots:

zfs destroy mypool/data@d%

To delete all dataset snapshots:

zfs destroy mypool/data@%

Make sure to let ZFS perform a dry run (-n option) first and display (-v) what
it would do to confirm that the delete operation is removing exactly what you
		-- Benedict Reuschling <>
pengjiayou@freebsd:~ $ doas pkg update
Updating FreeBSD repository catalogue...
FreeBSD repository is up to date.
All repositories are up to date.



Leave a Reply

Your email address will not be published. Required fields are marked *