HYDRA Documentation
  • Introduction to Hydra Chain
  • HydraGon
    • Migrate to HydraGon
    • Staking Calculator
  • Legacy Hydra
  • FAQ
  • Hydra web wallet
    • Create New Wallet
      • Key File Option
      • Mnemonic Words Option
    • Access Your Wallet
      • From Mnemonic Words
      • From Private Key
      • From Key File
    • Send and Receive Assets
      • Receive Assets
      • Send Assets
    • Add HRC20 Token
    • Setup Offline Wallet
  • Hydra web browser extension
    • How to integrate with dApps
  • Hydra for Beginners
  • Ledger Nano Guide
  • Hydra Bridge
  • HydraDEX
    • Adding and Removing Liquidity
    • Liquidity Mining on HydraDEX
  • Useful Links (Legacy)
  • Essentials
    • UTXOs Accounting
    • Test & Main Networks
    • Desktop wallet basic usage
    • Wallet Encrypt, Backup and Restore
    • Hydra Core Wallet Commands
    • Adding Nodes
    • Encrypt and Unlock Hydra Wallet
    • Wallet Recovery With Salvagewallet
    • bech32 support
    • Repositories
    • Hydra Exchange Usage Guide
    • How to Add Options
    • How to Use bootstrap.dat
    • Command Lines (RPC API)
    • Guidance of Hydra Deployment and RPC Settings
    • How to Build Hydra on Raspbian
  • HRC20 Tokens
    • HRC20 Token
    • HRC20 Raw Transactions
    • HRC20 With Hydrachainjs
    • HRC20 DApp
  • HRC721 Tokens
    • HRC721 Token - How to deploy
  • How Transactions Work
  • Hydra Economy (Legacy)
    • The Flexible Supply Mechanism
    • Legacy Staking Calculator
  • Installation Guides
  • Guide for Linux
  • Guide for Raspberry Pi
  • Guide for MacOS
  • Staking HYDRA Coins
    • Setting up Staking
    • Staking with Windows VPS on AWS
    • Staking with Linux on DigitalOcean VPS
    • How to Stake Hydra on Linux
    • Stake With Linux VPS
    • How to Stake on FreeBSD
    • Hydra node health check
    • Superstaking
    • Delegating to Superstaker
    • Delegating via Mobile App or Web Browser
    • Lydra Basics
    • Understanding LYDRA — Key Concepts and Dynamics
  • Hydra Chain Core Team
  • KYC/AML Policy
  • Privacy Policy
  • API Documentation
    • Explorer API (in work)
      • General Blockchain Info
      • Fetching Transaction History for HYDRA and HRC20 tokens
      • Block Info
      • Transaction Info
    • Hydra DEX API
  • Community Tools
    • Github repository
    • Docker image for Hydra Node
    • Hydradex.org Custom Lists
  • Security Audits Hydra Bridge
Powered by GitBook
On this page
  • Isolating Hydrad in a FreeBSD jail
  • FreeBSD version used for this tutorial is 11.2, download it from the official FreeBSD mirrors:
  • Installing FreeBSD
  • Create user
  • Host:
  • /etc/sysctl.conf
  • Allow sockets and upgrades in jail
  • /etc/rc.conf
  • Resource limits for Jails
  • /boot/loader.conf
  • Creating our Jail for staking
  • Now we've created our jail for staking Hydra, let's fetch and install FreeBSD on it!
  • /etc/jail.conf
  • Hydra Jail:
  • /etc/rc.conf
  • Add dns nameservers to /etc/resolv.conf
  • Installing Hydra
  • Running Hydra
  • Security tips

Was this helpful?

  1. Staking HYDRA Coins

How to Stake on FreeBSD

PreviousStake With Linux VPSNextHydra node health check

Last updated 4 months ago

Was this helpful?

FreeBSD is a very powerful operating system, it has a great history of reliability, security and stability. Here we show how it can be used to stake Hydra in a secure way.

Isolating Hydrad in a FreeBSD jail

FreeBSD jails are a very powerful feature, in summary, your jail instance is more protected as it's like having a separate OS just for Hydra with reduced privileges.

Here's a good read on Jails:

FreeBSD version used for this tutorial is 11.2, download it from the official FreeBSD mirrors:

Installing FreeBSD

Important: Make sure to install and enable NTP, it's necesary to stay synchronized to network clocks.

Install FreeBSD as normal, however, the following hardening settings are recommended during install:

Create user

Create a user with permissions "operator wheel"

Please remember to do all these commands as root

Host:

/etc/sysctl.conf

Allow sockets and upgrades in jail

security.jail.allow_raw_sockets=1

security.jail.chflags_allowed=1

/etc/rc.conf

firewall_enable="YES"

firewall_quiet="YES"

firewall_type="workstation"

firewall_myservices="22 3888"

firewall_allowservices="any"

firewall_logdeny="YES"

jail_enable="YES"

Notice that we've added some settings for firewall, these will enable IPFW and basic settings to secure our Jail, allowing only ports 22(ssh) and 3888(Hydra) to be accessed.

Resource limits for Jails

/boot/loader.conf

kern.racct.enable=1

jail_enable="YES"

Creating our Jail for staking

zfs create -o mountpoint=/jail zroot/jail

(Change zroot for whatever name you chose for your zfs pool)

zfs create -o mountpoint=/jail/hydra zroot/jail/hydra

Now we've created our jail for staking Hydra, let's fetch and install FreeBSD on it!

cd /jail/hydra/ && fetch -o - http://ftp.freebsd.org/pub/FreeBSD/releases/amd64/11.2-RELEASE/base.txz | tar --unlink -xpJf - -C /jail/hydra

We've now installed FreeBSD into /jail/hydra

Typing ls /jail/hydra/ should show the filesystem of our Hydra FreeBSD Jail

Now, let's create the jail configuration file:

/etc/jail.conf

hydra {

host.hostname = hydra.local;

ip4.addr = 192.168.0.99;

interface = em0;

path = /jail/hydra;

exec.start = "/bin/sh /etc/rc";

exec.stop = "/bin/sh /etc/rc.shutdown";

exec.clean;

mount.devfs;

allow.raw_sockets;

allow.sysvipc;

}

Ok now it's time to launch our jail!

service jail start hydra

We've just started our Hydra jail, We can now get into our Hydra jail to finish configuration, install Hydra and launch the wallet.

jexec hydra /bin/csh

cp /usr/share/zoneinfo/YOURTIMEZONE/ /etc/localtime This is very important, if the time info is incorrect, we'll produce orphan blocks or will be unable to sync

Create our basic /etc/rc.conf for our Hydra Jail

Hydra Jail:

/etc/rc.conf

syslogd_flags="-s -s"

sshd_enable=YES

clear_tmp_enable=YES

clear_tmp_X=YES

extra_netfs_types=NFS

dumpdev=NO

update_motd=NO

keyrate=fast sendmail_enable=NONE

sendmail_submit_enable=NO

sendmail_outbound_enable=NO

sendmail_msp_queue_enable=NO

Add dns nameservers to /etc/resolv.conf

echo "nameserver 8.8.8.8" >> /etc/resolv.conf

echo "nameserver 8.8.4.4" >> /etc/resolv.conf

Installing Hydra

Now that we've got our jail up and running, we need to install Hydra. There's 2 options on doing this, we can use the pkg repository or the powerful FreeBSD ports which are usually updated faster:

pkg repository

pkg update -f pkg install -y hydra

FreeBSD ports

portsnap fetch extract cd /usr/ports/net-p2p/hydra && make install clean

The above will ask for a lot of configuration options, it might be better to use make config-recursive to set all options before compiling. If you want to use default settings just type cd /usr/ports/net-p2p/hydra && make install clean BATCH="YES"

Running Hydra

Launching Hydra is just like in any other *NIX operating system, however there's a minor difference here due to how FreeBSD jails work. First, we need to create a hydra.conf file with the following contents:

This config is necessary, otherwise calling the daemon will return errors.

Then we can launch withhydrad -daemon

Security tips

  • Set up firewall on host (you cannot setup a firewall inside a jail) and enable only the ports you need (22 and 3338) This is done in the host rc.conf at the top of this tutorial

  • Disable history, this will completely disable console history and it's a way to help secure your staking box, type the following on your FreeBSD console: unset history; unset savehist

  • Secure SSH:

    1. Disable password authentication

  • If using the FreeBSD box on your home network, force it to listen on local network only.

https://www.freebsd.org/doc/handbook/jails.html
https://www.freebsd.org/doc/handbook/eresources-web.html