Last active
May 1, 2025 13:43
-
-
Save monsieurp/72bdd83d3ff562648963f991a91dda4b to your computer and use it in GitHub Desktop.
Install FreeBSD 14.1 with UFSv2 and GELI encryption on a UEFI based system.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| These are my notes for installing FreeBSD on a UEFI based system using the UFSv2 filesystem and encrypting it with GELI. | |
| ## Introduction | |
| I've set up Windows 11 on my Lenovo x280. I now want to install FreeBSD alongside Windows 11. | |
| I've already replaced the default UEFI boot manager with rEFInd. Now comes the FreeBSD installation. Let's go. | |
| ## Commands | |
| 1. Create a bootable FreeBSD amd64 USB key. Go to https://www.freebsd.org and download the latest release. | |
| 2. Burn the image onto a USB disk (dd or rufus). Make sure to enable the UEFI mode if you burn the ISO with rufus. | |
| 3. Boot off of the USB key and into the FreeBSD live system. | |
| 4. At the FreeBSD blue installer menu, choose "Shell". Let's get down to work. | |
| I'm installing FreeBSD alongside Windows 11. Hence I don't have to create and format an EFI partion since Windows | |
| already created it. I will have to mount it and install the FreeBSD EFI bootloader. | |
| 5. Mount the EFI partition. | |
| mount_msdosfs /dev/nda0p1 /mnt | |
| 6. Create a directory in the EFI partiton to store the bootloader. | |
| mkdir /mnt/EFI/freebsd | |
| 7. Copy the bootloader. | |
| cp /boot/loader.efi /mnt/EFI/freebsd/ | |
| 8. Unmount | |
| umount /mnt | |
| We're done with the EFI bootloader part. Let's move on to creating FreeBSD partitions, formatting them | |
| and installing FreeBSD. | |
| 9. Create FreeBSD partitons. | |
| gpart add -t freebsd-swap -l freebsd-swap -a 4k -s 4G nda0 | |
| gpart add -t freebsd-ufs -l freebsd-root -a 4k -s 4G nda0 | |
| gpart add -t freebsd-ufs -l freebsd-var -a 4k -s 4G nda0 | |
| gpart add -t freebsd-ufs -l freebsd-tmp -a 4k -s 1G nda0 | |
| gpart add -t freebsd-ufs -l freebsd-usr -a 4k nda0 | |
| 10. Encrypt them with GELI. | |
| geli onetime -l 256 nda0p6 | |
| geli init -g -l 256 -s 4096 nda0p7 nda0p8 nda0p9 nda0p10 | |
| geli attach nda0p7 nda0p8 nda0p9 nda0p10 | |
| 11. Format them. | |
| newfs -jU -L freebsd-root /dev/nda0p7.eli | |
| newfs -L freebsd-var /dev/nda0p8.eli | |
| newfs -L freebsd-tmp /dev/nda0p9.eli | |
| newfs -jU -L freebsd-usr /dev/nda0p10.eli | |
| 12. Create FS layout. | |
| mkdir /tmp/fbsd | |
| mount /dev/nda0p7.eli /tmp/fbsd | |
| mkdir /tmp/fbsd/var | |
| mkdir /tmp/fbsd/tmp | |
| mkdir /tmp/fbsd/usr | |
| mount /dev/nda0p8.eli /tmp/fbsd/var | |
| mount /dev/nda0p9.eli /tmp/fbsd/tmp | |
| mount /dev/nda0p10.eli /tmp/fbsd/usr | |
| 13. Extract FreeBSD. | |
| tar xvzpf /usr/freebsd-dist/kernel.txz -C /tmp/fbsd | |
| tar xvzpf /usr/freebsd-dist/base.txz -C /tmp/fbsd | |
| 14. Configure fstab. | |
| chroot /tmp/fbsd | |
| cat > /etc/fstab | |
| /dev/nda0p7.eli / ufs rw 1 1 | |
| /dev/nda0p6.eli none swap sw 0 0 | |
| /dev/nda0p8.eli /var ufs rw 1 1 | |
| /dev/nda0p9.eli /tmp ufs rw 1 1 | |
| /dev/nda0p10.eli /usr ufs rw 1 1 | |
| ^D | |
| 15. Enable GELI in the /boot/loader.conf file and set root partition to boot from. | |
| cat > /boot/loader.conf | |
| geom_eli_load="YES" | |
| vfs.root.mountfrom="ufs:nda0p7.eli" | |
| ^D | |
| 16. Configure /etc/rc.conf. | |
| cat > /etc/rc.conf | |
| hostname="foobar" | |
| keymap="us.acc.kbd" | |
| syslogd_flags="-ss" | |
| sshd_enable="YES" | |
| moused_enable="YES" | |
| clear_tmp_enable="YES" | |
| ^D | |
| 17. Set root password. | |
| passwd root | |
| 18. Exit chroot and reboot. | |
| exit | |
| init 6 | |
| You're done. Congratulations! Enjoy! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment