Emby Server for FreeBSD

logoembyThis short tutorial by Emby will show you how to get it set up on FreeBSD.


pkg install mediabrowser

Configure FFMpeg

# Update FreeBSD ports tree
portsnap fetch update

# Remove default FFMpeg package
pkg delete -f ffmpeg

# Reinstall FFMpeg from ports with lame option enabled
cd /usr/ports/multimedia/ffmpeg
make config
# enable the lame option
# enable the ass subtitles option
make install clean


service mediabrowser start

To enable MediaBrowser service (will automatically run at boot):
sysrc mediabrowser_enable="YES"

Original post: http://emby.media/downloads/freebsd-server/

Verisign Announces vBSDcon 2015

vBSDcon, hosted by Verisign, has been announced and is being held on September 11-13 in Reston, Virginia.

Following the success of the inaugural vBSDcon, Verisign has elected to host a
second vBSDcon in Reston, Va at the Sheraton Reston hotel the weekend of
September 11, 2015. vBSDcon is a technical conference focused on the BSD
family of operating systems including, but not limited to, FreeBSD, OpenBSD,
NetBSD, and others. Any user, developer, engineer, or innovator involved with
any of the BSD family of operating systems will want to mark these dates.
vBSDcon will feature plenary talks, Birds of a Feather discussions, lightning
talks, and much more. Full details are available at http://www.vBSDcon.com/.
Additionally, While vBSDcon currently does not operate an “official” call for
presentations, proposals will be accepted until June. Anyone wishing to submit
a talk is invited to do so by emailing vbsd…@verisign.com. The event agenda
is expected to be finalized and published in mid-June.

We look forward to seeing you September 11, 2015!

Original announcement: https://www.mail-archive.com/freebsd-announce@freebsd.org/msg00644.html

How to Resize Your Existing FreeBSD Root Partition/Slice Safely Without Re-Installing on Amazon EC2

gpu_amazon_ec2_logoThis tutorial by user shows us how to resize/slice an existing root partition, without reinstalling FreeBSD, on Amazon EC2.

Original post: http://gg.edu.vn/how-to-resize-your-existing-freebsd-root-partitionslice-safely-without-re-installing/

@A: Daniel Morante

There comes a time when your FreeBSD root partition is just too small to be of any use. You’ve already moved /var, /usr, and /tmp to separate disks and there just isn’t anything else you can delete. The problem being that you initially created the partition to be too small when FreeBSD was first setup.

There are some guides out there that suggest to backup and start over. Others will tell you to use a dump and restore method. All that is too complicated and too much work for us lazy system administrators. Fortunately with recent versions of FreeBSD (9.0 and above) there is a handy little tool called “gpart”.


  • FreeBSD 9.0 or later (if you have a lesser version, you might be able to get away with using a 9.x live CD)
  • FreeBSD 9.x or later boot-only media. (ISO or flash image)
  • Extra or unused space on the drive where the root partition is stored.
  • A backup of your most precious files stored on this system
  • This guide assumes you are using a single non-RAID IDE/SATA or SCSI disk. Device names may be different and extra drivers may need to be loaded for other types of disks.

    [Read more…]

FreeBSD 1st Quarter 2015 Status Report

freebsd-logo-largeThe developers of FreeBSD have posted their quarterly status report. Follow the link below to hear reports from FreeBSD Bugmeister, Ports Collection, and the FreeBSD Core Team.


This report covers FreeBSD-related projects between January and March 2015. This is the first of four reports planned for 2015.

The first quarter of 2015 was another productive quarter for the FreeBSD project and community. FreeBSD is being used in research projects, and those projects are making their way back into FreeBSD as new and exciting features, bringing improved network performance and security features to the system. Work continues to improve support for more architectures and architecture features, including progress towards the goal of making ARM (32- and 64-bit) a Tier 1 platform in FreeBSD 11. The toolchain is receiving updates, with new versions of clang/LLVM in place, migrations to ELF Tool Chain tools, and updates to the LLDB and gdb debuggers. Work by ports teams and kernel developers is maintaining and improving the state of FreeBSD as a desktop operating system. The pkg team is continuing to make binary packages easier to use and upgrade.

Thanks to all the reporters for the excellent work!

The deadline for submissions covering the period from April to June 2015 is July 7th, 2015.

View the full report: https://www.freebsd.org/news/status/report-2015-01-2015-03.html

Increase disk space in FreeBSD

This short tutorial by user  shows us how to increase your disk space in FreeBSD.

I use gpart to manage disk partitions in FreeBSD, because it works, and is much easier than the old bsdlabel shenanigans. Increasing the size of the last partition on a disk is easy:

  • Power down
  • resize disk (e.g. increase virtual machine’s disk allocation)
  • boot into single user mode
gpart recover da0
gpart show -p da0
gpart resize -i 5 da0
gpart show -p da0
growfs /dev/da0p5
  • reboot

Original post: https://gregoryo.wordpress.com/2015/04/30/increase-disk-space-in-freebsd/

How To Use OPIE to Get One-Time Passwords for FreeBSD 10.1

This tutorial by FreeBSD user Hathy A (DigitalOcean) shows us how to set up “one-time” passwords on FreeBSD 10.1, a method to keep secure from unwanted access.

Original post: https://www.digitalocean.com/community/tutorials/how-to-use-opie-to-get-one-time-passwords-for-freebsd-10-1


SSH is the most popular way to log in to a server remotely. It is a cryptographic protocol that protects your password against man-in-the-middle and replay attacks.

You must keep in mind, though, that SSH protects your data only while it is in transit. Attackers can discover your SSH password by other means, such as by using keyloggers or strategically placed cameras.

As long as you use a trusted computer (say, one that belongs to you or your company), and do so from a safe location, you don’t have to worry about such attacks. However, sometimes you might need to use a public computer. To protect your passwords in such scenarios, FreeBSD comes with a security feature called One-time Passwords In Everything, or OPIE.

In this tutorial, you will learn how to generate and use one-time passwords to log in to your remote FreeBSD server. You can pregenerate one or more one-time passwords when you’re in a safe location, and save them for later when you access your server from a less secure location. That way, even if your one-time password gets logged, it won’t ever be useful to an attacker.


In order to follow this tutorial, you will need:

  • A FreeBSD 10.1 server which is accessible over SSH
  • A user who is allowed to switch to root; the default freebsd user on DigitalOcean is fine

[Read more…]

Mumblehard Malware Infects Thousands of Linux and FreeBSD Servers

A recent vulnerability has been found, affecting thousands of Linux and FreeBSD servers around the world. Norse encourages FreeBSD sysadmins to take proper measures to remedy this exploit. Check the whitepaper for more details.


Researchers have documented a newly discovered family of malware that infected thousands of Linux and FreeBSD servers, making them part of a massive spam distribution campaign.

The unusually sophisticated malware, dubbed Mumblehard, has two main components which are both written in Perl and leverage the same custom packer which is written in assembly language to produce ELF binaries that work to obfuscate the source code.

“Our analysis and research also shows a strong link between Mumblehard and Yellsoft. Yellsoft sells software, written in Perl, designed to send bulk e-mails. This program is called DirectMailer,” the researchers said.

“The first link between them is that the IP addresses used as C&C servers for both the backdoor and spamming components are located in the same range as the web server hosting yellsoft.net. The second link is that we have found pirated copies of DirectMailer online that actually silently install the Mumblehard backdoor when run. The pirated copies were also obfuscated by the same packer used by Mumblehard’s malicious components.”

The team discovered Mumblehard after a system administrator reported that a server had been blacklisted for sending spam, and they proceeded to dump the memory of a process that was connecting to different SMTP servers.

“The memory dump clearly showed it to be a Perl interpreter. We investigated and found the executable file in the /tmp directory. We started analyzing this ELF binary and discovered what we now call Mumblehard,” the researchers explained.

“We got interested in this threat because the way the Perl scripts used by the cybercriminals are packed inside ELF executables is uncommon and more complex than the average server threat.”

Key findings in the analysis include:

  • Perl scripts were packed inside ELF binaries written in assembly language, showing a higher level of sophistication than average
  • A total of 8,867 unique IP addresses were seen in our sinkhole over a 7-month period
  • The highest number of unique IP addresses seen in a single day is as high as 3,292
  • Mumblehard has been active since at least 2009
  • Among the compromised machines, web servers are the most susceptible to being infected
  • There is a strong link between Mumblehard and Yellsoft, an online company selling software to send bulk e-mail messages

“Victims should look for unsolicited cronjob entries for all the users on their servers. This is the mechanism used by the Mumblehard backdoor to activate the backdoor every 15 minutes.” the researchers noted.

“The backdoor is usually installed in /tmp or /var/tmp. Mounting the tmp directory with the noexec option prevents the backdoor from starting in the first place.”

A detailed white paper on Mumblehard is available here (PDF).

Original post: http://blog.norsecorp.com/2015/04/30/mumblehard-malware-infects-thousands-of-linux-and-freebsd-servers/

How To Customize and Recompile Your Kernel on FreeBSD 10.1

This tutorial by Michael Ragusa of DigitalOcean shows us how to customize and recompile your kernel on FreeBSD 10.1.

Original link: https://www.digitalocean.com/community/tutorials/how-to-customize-and-recompile-your-kernel-on-freebsd-10-1


The FreeBSD operating system utilizes the GENERIC kernel by default. This is a default configuration used to support a large variety of hardware out of the box. However, there are many different reasons for compiling a custom kernel, which include security, enhanced functionality, or better performance.

FreeBSD utilizes two branches of code for its operating system: stable and current. Stable is the current code release that is that is production ready. Current is the latest code release from the development team and has some of the latest bleeding edge features but is more prone to bugs and system instability. This guide will utilize the stable branch.

In this tutorial, we will recompile a FreeBSD kernel with a custom configuration.


To follow this tutorial, all you will need is:

  • One FreeBSD 10.1 Droplet.

If you’re new to FreeBSD, you can check out the Getting Started with FreeBSD series of tutorials.

Step 1 — Obtaining the Source Code

[Read more…]