For that pre-installation task of choosing a name for your server,
see the ancient RFC 1178 Choosing a Name for Your Computer. I prefer
to name my servers after trees.
After you have set up an ordinary user who can su to the root user
(i.e., is a member of the wheel group in FreeBSD), you should disable
root logins, by adding the following line:
PermitRootLogin no
to your /etc/ssh/sshd_config file.
If you are slightly more adventurous, you could deny password logins
by the root user, but allow root to login using an SSH key:
PermitRootLogin prohibit-password
If you are less adventurous, you could deny password logins to everyone
and require all users to login using an SSH key:
PubkeyAuthentication yes # This is often the default
PasswordAuthentication no # This is often the default
ChallengeResponseAuthentication no # This is often NOT the default
Of course, you should make sure that key logins are working before
disabling password logins. Even after you disable
ChallengeResponseAuthentication you should probably leave UsePAM
set to yes, because PAM controls more than login authentication.
To enable key login for a user, add the user's SSH public key to the file:
Some initial tasks you might need to do on some VPSs with minimal
Debian installations: dpkg-reconfigure locales, install bsdutils,
debian-keyring, debian-archive-keyring, dialog, apt-utils, man-db,
manpages and openssl. You might also want to run ssh-keygen -A, which
generates host keys for any key type that does not already exist. (In
some rare cases, you may need to change the permissions of /dev/tty to
0666 in order to get mksh to work.)
Lower the system load average under FreeBSD:
# sysctl kern.eventtimer.periodic=1
You can make the above sysctl change permanent by adding the line:
kern.eventtimer.periodic=1
to your /etc/sysctl.conf file.
To completely disable sendmail in FreeBSD, add the following lines:
post-up /sbin/ip -6 route add 0:0:0::1 dev ens3
post-up /sbin/ip -6 route add default via 0:0:0::1 dev ens3
pre-down /sbin/ip -6 route del default via 0:0:0::1 dev ens3
pre-down /sbin/ip -6 route del 0:0:0::1 dev ens3
fdisk /dev/sdb
p - print partition table
d - delete partition
n - create new partition
- default start block
- end block: +4320M
w - write new partition table and exit
fsck -fy /dev/sdb1
fdisk /dev/sdb
p - print partition table
n - create whatever new partitions you need
Install pygopherd. The default configuration (on Debian systems found
at /etc/pygopherd/pygopherd.conf, on FreeBSD systems found at
/usr/local/etc/pygopherd/pygopherd.conf) should work fine but read it
anyway so that you understand what pygopherd is doing. Pygopherd will
serve files from the /var/gopher directory. All files in that directory
(and its subdirectories) must belong to owner gopher and group gopher.
Under FreeBSD, an easy way to start the gopher server automatically on
system reboots is to add to the root user’s crontab:
@reboot /usr/local/bin/pygopherd
One thing to notice here is the contrast between the simplicity of
setting up a gopher server and the complexity of setting up a web
server.
BUCKTOOTH
If you've installed the bucktooth server instead of pygopherd, you
can disable bucktooth with: