# Single User mode : keymap for FreeBSD VT Console



## Wozzeck.Live (Mar 8, 2019)

Hello All,

Looking in the forum I am very surprised that no solution has been posted since FreeBSD switched to VT Console.
This can be a real problem for many users using non US keyboard, to type some complex "root" password in single user mode, before being able to switch keyboard with :

`kbdcontrol`

As a reminder, with the former "SC" console (or 'syscons'), the solution was to recompile the kernel.

Looking for  :


```
device atkbd
```

We added :


```
options         ATKBD_DFLT_KEYMAP
makeoptions     ATKBD_DFLT_KEYMAP=german.iso
```




Frankly, I haven't tried again with FreeBSD 12, but this solution is known to not work anymore in VT console with FreeBSD 10 & 11.
Anyway, the following solution works, and should work at less  since FreeBSD 11 (I can't remember for FreeBSD 10)

In the Kernel config, let's look for the following section :


```
device kbdmux
```

Add :


```
options        KBDMUX_DEFLT_KEYMAP
makeoptions    KBDMUX_DEFLT_KEYMAP=fr.acc
```

Example is done for French keyboard

I am not totally sure but I think KBDMUX options should work for both SC and VT consoles.
KBDMUX being a master multiplexer driver, I suppose atkbd and ukbd apply to slave devices.
So, you can't apply both former and new method.... if I remember correctly my tests.

Running in  SC console, kernel will look for matching keymap file in :
/usr/share/syscons/keymaps

Running in VT console, kernel will look for matching keymap file in :
/usr/share/vt/keymaps

If you still need to switch between 'SC' and 'VT', try to find a common layout both present in 'syscons' and 'vt' directories



NOTE :

- In single user mode, password protection is activated by switching the console to insecure in /etc/ttys
So along with a full drive encryption, the workstation may be fully protected. Activation of encryption without switching the console to insecure is useless as anybody could easily change passwords of all users booting in single user mode.

- Many people here have nothing else to say... "I use a Qwerty keyboard". I just remind you that you are not alone in the world. There are many people who are not using qwerty keyboard, as Russians, Japaneses, Chineses....


----------



## Emrion (Mar 8, 2019)

Unless I'm mistaken, the single user mode do not ask for a password nor even an user. It drops you in a root shell. I speak of the default behaviour.

To be honnest, I keep near my keyboard a printed US keyboard layout. It saved me several times.


----------



## tommiie (Mar 8, 2019)

I started buying US qwerty keyboards instead of using my regional layout (azerty for Belgium). Even my laptops have the qwerty layout.


----------



## tommiie (Mar 8, 2019)

Mine wasn't a useless comment at all. What might appear to be "useless" to you, can be very useful to someone else.

PS: you mentioned a french layout in your post, which is azerty. So you can easily swith to qwerty. Russian and japanese character keyboards are fun for a dekstop, but not for a server.


----------



## ucomp (Mar 8, 2019)

Hardcore Hackers learn the en_US keyboard shortcuts of their regional keyboards.
O.K., can be quite annoying for root-pwds like this :
7OIHX/WE(/§(GC-ß)49O(CWQ-----??p9oö8mcqru38cnö3öoäldkjnsoö<
but ensures that our brains  remain well ventilated


----------



## Emrion (Mar 9, 2019)

I compiled a custom kernel on 12.0-STABLE following your indications and that works well, if you replace KBDMUX_D*E*FLT_KEYMAP by KBDMUX_DFLT_KEYMAP.

It can be of some use, thanks for that.

However, I prefer to use GENERIC kernels in RELEASE versions so I can update the whole system with `freebsd-update`. The keyboard layout problem can be easily circumvented with the tips you have in above replies. Moreover, personally I think I will never encrypt a disk because it's a more chance to lose a system in case of problems. Same thing applies for setting insecure the single user console.


----------

