FreeBSD 14 xài thuật toán băm mật khẩu là SHA512.
Không giống như Linux lưu mật khẩu đã băm vằm nhừ nát trong shadow file là /etc/shadow, FreeBSD băm mật khẩu xong bỏ vào cái nồi kho thịt là /etc/master.passwd.
# cat /etc/os-release
NAME=FreeBSD
VERSION="14.0-RELEASE-p6"
VERSION_ID="14.0"
ID=freebsd
ANSI_COLOR="0;31"
PRETTY_NAME="FreeBSD 14.0-RELEASE-p6"
CPE_NAME="cpe:/o:freebsd:freebsd:14.0"
HOME_URL="https://FreeBSD.org/"
BUG_REPORT_URL="https://bugs.FreeBSD.org/"
# cat /etc/master.passwd
root:$6$WKd78aKOVbkolKdx$2lT7uy7l0Mo4trbzkv.9lrNzk.fw7xelGsT5ZByXd4AkNuDuTtmX37MtyXnsfTjp6IfejYe97E9um6bpP0MGk.:0:0::0:0:Charlie &:/root:/bin/sh
toor:*:0:0::0:0:Bourne-again Superuser:/root:
daemon:*:1:1::0:0:Owner of many system processes:/root:/usr/sbin/nologin
operator:*:2:5::0:0:System &:/:/usr/sbin/nologin
bin:*:3:7::0:0:Binaries Commands and Source:/:/usr/sbin/nologin
tty:*:4:65533::0:0:Tty Sandbox:/:/usr/sbin/nologin
kmem:*:5:65533::0:0:KMem Sandbox:/:/usr/sbin/nologin
games:*:7:13::0:0:Games pseudo-user:/:/usr/sbin/nologin
news:*:8:8::0:0:News Subsystem:/:/usr/sbin/nologin
man:*:9:9::0:0:Mister Man Pages:/usr/share/man:/usr/sbin/nologin
sshd:*:22:22::0:0:Secure Shell Daemon:/var/empty:/usr/sbin/nologin
smmsp:*:25:25::0:0:Sendmail Submission User:/var/spool/clientmqueue:/usr/sbin/nologin
mailnull:*:26:26::0:0:Sendmail Default User:/var/spool/mqueue:/usr/sbin/nologin
bind:*:53:53::0:0:Bind Sandbox:/:/usr/sbin/nologin
unbound:*:59:59::0:0:Unbound DNS Resolver:/var/unbound:/usr/sbin/nologin
proxy:*:62:62::0:0:Packet Filter pseudo-user:/nonexistent:/usr/sbin/nologin
_pflogd:*:64:64::0:0:pflogd privsep user:/var/empty:/usr/sbin/nologin
_dhcp:*:65:65::0:0:dhcp programs:/var/empty:/usr/sbin/nologin
uucp:*:66:66::0:0:UUCP pseudo-user:/var/spool/uucppublic:/usr/local/libexec/uucp/uucico
pop:*:68:6::0:0:Post Office Owner:/nonexistent:/usr/sbin/nologin
auditdistd:*:78:77::0:0:Auditdistd unprivileged user:/var/empty:/usr/sbin/nologin
www:*:80:80::0:0:World Wide Web Owner:/nonexistent:/usr/sbin/nologin
ntpd:*:123:123::0:0:NTP Daemon:/var/db/ntp:/usr/sbin/nologin
_ypldap:*:160:160::0:0:YP LDAP unprivileged user:/var/empty:/usr/sbin/nologin
hast:*:845:845::0:0:HAST unprivileged user:/var/empty:/usr/sbin/nologin
tests:*:977:977::0:0:Unprivileged user for tests:/nonexistent:/usr/sbin/nologin
nobody:*:65534:65534::0:0:Unprivileged user:/nonexistent:/usr/sbin/nologin
hieu:$6$LWpljTsFVRwRtAtl$Mif5QVtbRFHJhYnM1aXx9UKKYr3rG/IBpqWz7OqT4AFsXCtPEkkvBsB4knm6c5.1UB6P/A3.5A/dDKVxVRBgG/:1001:1001::0:0:hieu:/home/hieu:/bin/sh
git_daemon:*:964:964::0:0:git daemon:/nonexistent:/usr/sbin/nologin
messagebus:*:556:556::0:0:D-BUS Daemon User:/nonexistent:/usr/sbin/nologin
polkitd:*:565:565::0:0:Polkit Daemon User:/var/empty:/usr/sbin/nologin
avahi:*:558:558::0:0:Avahi Daemon User:/nonexistent:/usr/sbin/nologin
cups:*:193:193::0:0:Cups Owner:/nonexistent:/usr/sbin/nologin
colord:*:970:970::0:0:colord color management daemon:/nonexistent:/usr/sbin/nologin
webcamd:*:145:145::0:0:Webcamd user:/var/empty:/usr/sbin/nologin
pulse:*:563:563::0:0:PulseAudio System User:/nonexistent:/usr/sbin/nologin
cyrus:*:60:60::0:0:the cyrus mail server:/nonexistent:/usr/sbin/nologin
mysql:*:88:88::0:0:MySQL Daemon:/var/db/mysql:/usr/sbin/nologin
saned:*:194:194::0:0:SANE Scanner Daemon:/nonexistent:/bin/sh
sddm:*:219:219::0:0:SDDM Display Manager user:/var/lib/sddm:/usr/sbin/nologinFile định nghĩa thuật toán băm mật khẩu mặc định trong FreeBSD 14 là /etc/login.conf
cat /etc/login.conf
# login.conf - login class capabilities database.
#
# Remember to rebuild the database after each change to this file:
#
# cap_mkdb /etc/login.conf
#
# This file controls resource limits, accounting limits and
# default user environment settings.
#
#
# Default settings effectively disable resource limits, see the
# examples below for a starting point to enable them.
# defaults
# These settings are used by login(1) by default for classless users
# Note that entries like "cputime" set both "cputime-cur" and "cputime-max"
#
# Note that since a colon ':' is used to separate capability entries,
# a \c escape sequence must be used to embed a literal colon in the
# value or name of a capability (see the ``CGETNUM AND CGETSTR SYNTAX
# AND SEMANTICS'' section of getcap(3) for more escape sequences).
default:\
:passwd_format=sha512:\
:copyright=/etc/COPYRIGHT:\
:welcome=/var/run/motd:\
:setenv=BLOCKSIZE=K:\
:mail=/var/mail/$:\
:path=/sbin /bin /usr/sbin /usr/bin /usr/local/sbin /usr/local/bin ~/bin:\
:nologin=/var/run/nologin:\
:cputime=unlimited:\
:datasize=unlimited:\
:stacksize=unlimited:\
:memorylocked=64K:\
:memoryuse=unlimited:\
:filesize=unlimited:\
:coredumpsize=unlimited:\
:openfiles=unlimited:\
:maxproc=unlimited:\
:sbsize=unlimited:\
:vmemoryuse=unlimited:\
:swapuse=unlimited:\
:pseudoterminals=unlimited:\
:kqueues=unlimited:\
:umtxp=unlimited:\
:priority=0:\
:ignoretime@:\
:umask=022:\
:charset=UTF-8:\
:lang=C.UTF-8:
#
# A collection of common class names - forward them all to 'default'
# (login would normally do this anyway, but having a class name
# here suppresses the diagnostic)
#
standard:\
:tc=default:
xuser:\
:tc=default:
staff:\
:tc=default:
# This PATH may be clobbered by individual applications. Notably, by default,
# rc(8), service(8), and cron(8) will all override it with a default PATH that
# may not include /usr/local/sbin and /usr/local/bin when starting services or
# jobs.
daemon:\
:path=/sbin /bin /usr/sbin /usr/bin /usr/local/sbin /usr/local/bin:\
:mail@:\
:memorylocked=128M:\
:tc=default:
news:\
:tc=default:
dialer:\
:tc=default:
#
# Root can always login
#
# N.B. login_getpwclass(3) will use this entry for the root account,
# in preference to 'default'.
root:\
:ignorenologin:\
:memorylocked=unlimited:\
:tc=default:
#
# Russian Users Accounts. Setup proper environment variables.
#
russian|Russian Users Accounts:\
:charset=UTF-8:\
:lang=ru_RU.UTF-8:\
:tc=default:
######################################################################
######################################################################
##
## Example entries
##
######################################################################
######################################################################
## Example defaults
## These settings are used by login(1) by default for classless users
## Note that entries like "cputime" set both "cputime-cur" and "cputime-max"
#
#default:\
# :cputime=infinity:\
# :datasize-cur=22M:\
# :stacksize-cur=8M:\
# :memorylocked-cur=10M:\
# :memoryuse-cur=30M:\
# :filesize=infinity:\
# :coredumpsize=infinity:\
# :maxproc-cur=64:\
# :openfiles-cur=64:\
# :priority=0:\
# :requirehome@:\
# :umask=022:\
# :tc=auth-defaults:
#
#
##
## standard - standard user defaults
##
#standard:\
# :copyright=/etc/COPYRIGHT:\
# :welcome=/var/run/motd:\
# :setenv=BLOCKSIZE=K:\
# :mail=/var/mail/$:\
# :path=~/bin /bin /usr/bin /usr/local/bin:\
# :manpath=/usr/share/man /usr/local/man:\
# :nologin=/var/run/nologin:\
# :cputime=1h30m:\
# :datasize=8M:\
# :vmemoryuse=100M:\
# :stacksize=2M:\
# :memorylocked=4M:\
# :memoryuse=8M:\
# :filesize=8M:\
# :coredumpsize=8M:\
# :openfiles=24:\
# :maxproc=32:\
# :priority=0:\
# :requirehome:\
# :passwordtime=90d:\
# :umask=002:\
# :ignoretime@:\
# :tc=default:
#
#
##
## users of X (needs more resources!)
##
#xuser:\
# :manpath=/usr/share/man /usr/local/man:\
# :cputime=4h:\
# :datasize=12M:\
# :vmemoryuse=infinity:\
# :stacksize=4M:\
# :filesize=8M:\
# :memoryuse=16M:\
# :openfiles=32:\
# :maxproc=48:\
# :tc=standard:
#
#
##
## Staff users - few restrictions and allow login anytime
##
#staff:\
# :ignorenologin:\
# :ignoretime:\
# :requirehome@:\
# :accounted@:\
# :path=~/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\
# :umask=022:\
# :tc=standard:
#
#
##
## root - fallback for root logins
##
#root:\
# :path=~/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\
# :cputime=infinity:\
# :datasize=infinity:\
# :stacksize=infinity:\
# :memorylocked=infinity:\
# :memoryuse=infinity:\
# :filesize=infinity:\
# :coredumpsize=infinity:\
# :openfiles=infinity:\
# :maxproc=infinity:\
# :memoryuse-cur=32M:\
# :maxproc-cur=64:\
# :openfiles-cur=1024:\
# :priority=0:\
# :requirehome@:\
# :umask=022:\
# :tc=auth-root-defaults:
#
#
##
## Settings used by /etc/rc
##
#daemon:\
# :coredumpsize@:\
# :coredumpsize-cur=0:\
# :datasize=infinity:\
# :datasize-cur@:\
# :maxproc=512:\
# :maxproc-cur@:\
# :memoryuse-cur=64M:\
# :memorylocked-cur=64M:\
# :openfiles=1024:\
# :openfiles-cur@:\
# :stacksize=16M:\
# :stacksize-cur@:\
# :tc=default:
#
#
##
## Settings used by news subsystem
##
#news:\
# :path=/usr/local/news/bin /bin /sbin /usr/bin /usr/sbin /usr/local/bin /usr/local/sbin:\
# :cputime=infinity:\
# :filesize=128M:\
# :datasize-cur=64M:\
# :stacksize-cur=32M:\
# :coredumpsize-cur=0:\
# :maxmemorysize-cur=128M:\
# :memorylocked=32M:\
# :maxproc=128:\
# :openfiles=256:\
# :tc=default:
#
#
##
## The dialer class should be used for a dialup PPP account
## Welcome messages/news suppressed
##
#dialer:\
# :hushlogin:\
# :requirehome@:\
# :cputime=unlimited:\
# :filesize=2M:\
# :datasize=2M:\
# :stacksize=4M:\
# :coredumpsize=0:\
# :memoryuse=4M:\
# :memorylocked=1M:\
# :maxproc=16:\
# :openfiles=32:\
# :tc=standard:
#
#
##
## Site full-time 24/7 PPP connection
## - no time accounting, restricted to access via dialin lines
##
#site:\
# :ignoretime:\
# :passwordtime@:\
# :refreshtime@:\
# :refreshperiod@:\
# :sessionlimit@:\
# :autodelete@:\
# :expireperiod@:\
# :graceexpire@:\
# :gracetime@:\
# :warnexpire@:\
# :warnpassword@:\
# :idletime@:\
# :sessiontime@:\
# :daytime@:\
# :weektime@:\
# :monthtime@:\
# :warntime@:\
# :accounted@:\
# :tc=dialer:\
# :tc=staff:
#
#
##
## Example standard accounting entries for subscriber levels
##
#
#subscriber|Subscribers:\
# :accounted:\
# :refreshtime=180d:\
# :refreshperiod@:\
# :sessionlimit@:\
# :autodelete=30d:\
# :expireperiod=180d:\
# :graceexpire=7d:\
# :gracetime=10m:\
# :warnexpire=7d:\
# :warnpassword=7d:\
# :idletime=30m:\
# :sessiontime=4h:\
# :daytime=6h:\
# :weektime=40h:\
# :monthtime=120h:\
# :warntime=4h:\
# :tc=standard:
#
#
##
## Subscriber accounts. These accounts have their login times
## accounted and have access limits applied.
##
#subppp|PPP Subscriber Accounts:\
# :tc=dialer:\
# :tc=subscriber:
#
#
#subshell|Shell Subscriber Accounts:\
# :tc=subscriber:
#
##
## If you want some of the accounts to use traditional UNIX DES based
## password hashes.
##
#des_users:\
# :passwd_format=des:\
# :tc=default:Điều thú vị là FreeBSD 14 vẫn xài lệnh ifconfig chứ không phải lệnh ss trong gói iproute như trên Linux.
ifconfig
le0: flags=1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP> metric 0 mtu 1500
options=8<VLAN_MTU>
ether 00:0c:29:06:cd:e5
inet 192.168.71.132 netmask 0xffffff00 broadcast 192.168.71.255
inet6 fe80::20c:29ff:fe06:cde5%le0 prefixlen 64 scopeid 0x1
media: Ethernet autoselect
status: active
nd6 options=23<PERFORMNUD,ACCEPT_RTADV,AUTO_LINKLOCAL>
lo0: flags=1008049<UP,LOOPBACK,RUNNING,MULTICAST,LOWER_UP> metric 0 mtu 16384
options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
inet 127.0.0.1 netmask 0xff000000
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x2
groups: lo
nd6 options=21<PERFORMNUD,AUTO_LINKLOCAL>Làm việc trên màn hình Unix terminal trắng đen là công việc chính của System Administrator, System Engineer ngày xưa hay DevOps, DevSecOps bi giờ theo từ ngữ của người Tây hay gọi thì khá là chán phèo.
Để bài viết có hình ảnh màu sắc đẹp hơn, hấp dẫn hơn bạn cần cài KDE Desktop lên FreeBSD 14.
KDE Desktop Environment có chương trình Konsole mô phỏng Unix terminal.
Các bạn có thể Google với các từ bên dưới và làm coi mất bao lâu nhen.
FreeBSD 14 cài KDE Desktop
FreeBSD 14 cài môi trường KDE Desktop
FreeBSD 14 cài KDE
Installing KDE on FreeBSD 14
FreeBSD 14 install KDE desktop environment
FreeBSD install KDE desktop environment