<script type="text/javascript"> </script> <script src="http://pagead2.googlesyndication.com/pagead/show_ads.js" type="text/javascript"></script>
afterboot 是OpenBSD自带的man手册,目的是指导管理员在安装了OpenBSD之后如何管理的快速入门。非常值得一读。
AFTERBOOT(8) OpenBSD System Manager's Manual AFTERBOOT(8)
NAME
afterboot - things to check after the first complete boot
DESCRIPTION
Starting out
This document attempts to list items for the system administrator to
check and set up after the installation and first complete boot of the
system. The idea is to create a list of items that can be checked off so
that you have a warm fuzzy feeling that something obvious has not been
missed. A basic knowledge of UNIX is assumed, otherwise type:
# help
Complete instructions for correcting and fixing items is not provided.
There are manual pages and other methodologies available for doing that.
For example, to view the man page for the ls(1) command, type:
# man 1 ls
Administrators will rapidly become more familiar with OpenBSD if they get
used to using the high quality manual pages.
Errata
By the time that you have installed your system, it is quite likely that
bugs in the release have been found. All significant and easily fixed
problems will be reported at http://www.openbsd.org/errata.html. The web
page will mention if a problem is security related. It is recommended
that you check this page regularly.
Login
Log in as ``root''. You can do so on the console, or over the network
using ssh(1). If you wish to deny root logins over the network, edit the
/etc/ssh/sshd_config file and set PermitRootLogin to ``no'' (see
sshd_config(5)).
For security reasons, it is bad practice to log in as root during regular
use and maintenance of the system. Instead, administrators are encour-
aged to add a ``regular'' user, add said user to the ``wheel'' group,
then use the su(1) and sudo(8) commands when root privileges are re-
quired. This process is described in more detail later.
Root password
Change the password for the root user. (Note that throughout the docu-
mentation, the term ``superuser'' is a synonym for the root user.)
Choose a password that has digits and special characters (not space) as
well as from the upper and lower case alphabet. Do not choose any word
in any language. It is common for an intruder to use dictionary attacks.
Type the command /usr/bin/passwd to change it.
It is a good idea to always specify the full path name for both the
passwd(1) and su(1) commands as this inhibits the possibility of files
placed in your execution PATH for most shells. Furthermore, the superus-
er's PATH should never contain the current directory (``.'').
System date
Check the system date with the date(1) command. If needed, change the
date, and/or change the symbolic link of /etc/localtime to the correct
time zone in the /usr/share/zoneinfo directory.
Examples:
Set the current date to January 27th, 1999 3:04pm:
# date 199901271504
Set the time zone to Atlantic Standard Time:
# ln -fs /usr/share/zoneinfo/Canada/Atlantic /etc/localtime
Check hostname
Use the hostname command to verify that the name of your machine is cor-
rect. See the man page for hostname(1) if it needs to be changed. You
will also need to edit the /etc/myname file to have it stick around for
the next reboot.
V