Search results for tag #openbsd
You have installed #OpenBSD, now what? https://nxdomain.no/~peter/openbsd_installed_now_for_the_daily_tasks.html
My wife says that the BSDs are always in my head...
#FreeBSD #OpenBSD #NetBSD #DragonFlyBSD #RunBSD
Alt...
A man with short brown hair and a receding hairline (me) is seated at a wooden table with his arms crossed and a smile on his face. He is wearing a light blue button-up shirt and a wristwatch. On his forehead, he has a sticker with the FreeBSD logo, which features a red devil mascot and the text "FreeBSD". The background is plain with some dark-colored chairs and a partially visible brick wall.
Looks like today is, at least partially, patch day for the clown computing cluster.
Beginning the upgrade to #OpenBSD v7.6
So, it seems that #OpenBSD fully supports arm64 on Apple Silicon. Including the proprietary WiFi chipset. Even browsers like #UngoogledChromium are in packages.
Any technical reason why I should not go with OBSD for a Macbook M1/M2? Asking for a friend, ofcourse.
Hey you 
Are you Dutch or relatively close to The Netherlands? You might want to keep the 9th of November free in your calendar - as we are going to have another BSD-NL full day conference 
It will be in Utrecht, at the Maximus brewery. We do have a mandatory registration - but it'll be on our selfhosted Pretix. Because fuck big tech!
More details will follow very, very soon 
#OpenBSD #HardenedBSD #SecBSD #FreeBSD #NetBSD #DragonflyBSD #RUNBSD #Awesome #Meetup
LibreSSL 4.0 introduces portable changes, bug fixes, and internal cleanups. Now supporting OpenBSD 7.6, improving TLS, X.509, and RSA key handling.
https://linuxiac.com/libressl-4-0-debuts-with-enhanced-security-and-bug-fixes/
We are not doing the things because they are easy but because they are a fucking nuisance and we want them to be easy. #OpenBSD
Latest 𝗩𝗮𝗹𝘂𝗮𝗯𝗹𝗲 𝗡𝗲𝘄𝘀 - 𝟮𝟬𝟮𝟰/𝟭𝟬/𝟭𝟰 (Valuable News - 2024/10/14) available.
https://vermaden.wordpress.com/2024/10/14/valuable-news-2024-10-14/
Past releases: https://vermaden.wordpress.com/news/
#verblog #vernews #news #bsd #freebsd #openbsd #netbsd #linux #unix #zfs #opnsense #ghostbsd #solaris #vermadenday
This is what I came up with to tell when the ksh co-process exited, but I don't love it.
Does anyone know how to trap when a ksh co-process exits? I can trap the CHLD signal, but can't figure out how to know the PID of the child that exited.
From The Register: Version 7.6 – the 'OpenBSD of Theseus' – released
https://www.theregister.com/2024/10/10/version_76_openbsd_of_theseus/
#OpenBSD 7.6 Released With AVX-512, Initial Support For #Snapdragon X Elite SoCs
Update on the #ilo amd64 #assembly implementation on #openbsd 7.6: I've decided to stop making direct system calls, and will instead go through libc for the handful of kernel interactions (just open, close, read, write, lseek, and exit) needed.
It's not quite as nice from a dependency standpoint, but will work more reliably going forward (esp. since there's no guarantees on syscalls not being removed/altered in the future) and I don't really want to need to update the vm source for each new release of OpenBSD.
I'll also be making use of pledge() and unveil() in the updated code.
Oh, @BoxyBSD has a self-service portal now!
I just wrote a ssh alike service where BoxyBSD users can connect to and manage their own #BSD based VMs, hosted on my BoxyBSD platform. You can now also reset you VM or connect to the console.
Currently, I do not have that much time to provide support for my BoxyBSD project and as a result I created this self-service tool. Hope it helps even it's still far from being perfect.
#FreeBSD #OpenBSD #NetBSD #RunBSD #BSD #BSDCafe #BSDCommunity
OpenBSD 7.6 has been released:
https://www.openbsd.org/76.html
A few versions back I experienced trouble setting up encrypted root. But installing OpenBSD today - with encrypted disk - it was all smooth sailing!
Time to explore (on Thinkpad T430s)!
Alt...
Neofetch displays stats on a fresh OpenBSD install.
Switching customers from Linux to BSD because boring is good
https://www.theregister.com/2024/10/08/switching_from_linux_to_bsd/
#RunBSD #FreeBSD #NetBSD #OpenBSD #BSD #EuroBSDCon #EuroBSDCon24 #EuroBSDCon2024 #EBC24
OpendBSD 7.6 brings a ton of improvements, but these two caught my eye for immediate use 😊
> Allow users to define tables inside an anchor in the same way they can define global tables in pf.conf(5)
> sshd(8) will now penalise clients that connect without completing authentication, crash the server or perform other unwelcome activities. This behaviour is controlled via the PerSourcePenalties and PerSourcePenaltyExemptList sshd_config(5) options.
OpenBSD 7.6 has been released with support for Qualcomm Snapdragon X Elite, kernel improvements, updated DRM (Linux 6.6.52), support for Meteor Lake, VMM/VMD improvements, better hardware support
#OpenBSD 7.6 merchandise (t-shirts, hoodies) are once again available on https://openbsdstore.com!
Many thanks to Job Snijders (& artist Sue Doeksen!) 
Good morning, #fediverse!
OpenBSD 7.6 has been released, and most of my OpenBSD servers have already been upgraded.
Everything's been smooth and linear, as usual.
#OpenBSD 7.6 Released With AVX-512, Initial Support For Snapdragon X Elite SoCs 
Is it perhaps time for some #OpenBSD #76HYPE! 
#OpenBSD 7.6 has a cool new bootloader feature, configurable in boot.conf(5), "machine idle [secs]", which will poweroff your machine when idling at the bootloader.
https://bsd.network/@brynet/112333726672623664
A longstanding issue with MSI interrupts in OpenBSD's azalia(4) audio driver on AMD chipsets has been fixed!
https://bsd.network/@brynet/112458299293388956
OpenBSD 7.6 will have some support for many Snapdragon X Elite laptops, starting with patrick@'s initial bringup on the Lenovo Yoga Slim 7x ~24 hours after the new hardware launched, also:
• ThinkPad T14s
• Asus Vivobook S15
• Samsung Galaxy Book4 Edge
• HP OmniBook X
https://bsd.network/@brynet/112645328344890243
Hardware accelerated video decode/encode (VA-API) support was added, libva imported.
https://bsd.network/@brynet/112813702107946930
Jonathan Gray (jsg@) backported support for Intel Meteor Lake (14th Gen) graphics, drm drivers updated to Linux 6.6.y/6.6.52, from 6.6.19.
https://bsd.network/@brynet/112952017130589350
System call pinning "pinsyscalls(2)" is now mandatory.
https://bsd.network/@brynet/112997987653463724
Many common USB mice should no constantly detaches/reattach, spamming the console.
https://bsd.network/@brynet/113034445342767163
AMD #SEV encrypted memory guests in #OpenBSD vmm(4)/vmd(8), added by Hans-Jörg Höxer (hshoexer@)
https://bsd.network/@brynet/113119843773088900
It's now possible to get some NVMe controller/namespace information on #OpenBSD using bioctl(8), as well as useful NVMe SMART data, like temperature, available spare sectors, device endurance via sysctl(1).
https://bsd.network/@brynet/113130520504973726
OpenBSD 7.6 has initial suspend-to-idle (S0/S0ix) "s2idle" support on amd64
https://bsd.network/@brynet/113177313717726815
..and much more for users to discover when 7.6 releases this month! 
UPDATE: Found a solution!
On #OpenBSD 7.6, I’m trying to have multiple MAC addresses on the same interface so that my Livebox hands out multiple IP (v4 and v6) addresses with DHCP.
From what I understand, vlan(4) is the way to go (e.g. with “ifconfig vlan10001 create parent igc0 lladdr 8a:76:e8:f3:00:01 autoconf”) but the interface won’t get any address.
pf(4) isn’t at fault. And the odd thing is: tcpdump -i vlan10001 only shows outgoing packets, tcpdump -i igc0 only the incoming ones. Weird.
Latest 𝗩𝗮𝗹𝘂𝗮𝗯𝗹𝗲 𝗡𝗲𝘄𝘀 - 𝟮𝟬𝟮𝟰/𝟭𝟬/𝟬𝟳 (Valuable News - 2024/10/07) available.
https://vermaden.wordpress.com/2024/10/07/valuable-news-2024-10-07/
Past releases: https://vermaden.wordpress.com/news/
#verblog #vernews #news #bsd #freebsd #openbsd #netbsd #linux #unix #zfs #opnsense #ghostbsd #solaris #vermadenday
I had the pleasure of being interviewed as well, sharing some insights about the EuroBSDCon talk and the project behind the BSD Cafe.
Thank you, @Tubsta@soc.feditime.com and @bsdnow@bsd.network for the opportunity!
Heads up #2: #OpenBSD -currrent snapshots for at least i386/amd64 are broken, wait a few days before trying to upgrade. It might be a good idea to wait for -current packages to start flowing again anyway. 
@jwildeboer Slack & Discord are walled gardens. Unusable for proper OpenSource projects.
IMHO your approach in toot 1 is a good way
#bash #sh #zsh #ksh #csh #100DaysOfCode #Linux #freeBSD #netBSD #openBSD #POSIX #Programming
The slides, the video, and the text behind my presentation at EuroBSDCon 2024 - 'Why and how we're migrating many of our servers from Linux to the BSDs.'
https://it-notes.dragas.net/2024/10/03/i-solve-problems-eurobsdcon/
#ITNotes #FreeBSD #OpenBSD #NetBSD #RunBSD #IT #SysAdmin #EuroBSDCon #EBC24 #EuroBSDCon24 #EuroBSDCon2024 #NoteHUB
#OpenBSD 7.6 looks really really good right now... 🤓
https://www.openbsd.org/76.html
That and @brynet little recap are very good signs of things to come! 
I do note that a lot of people run snac on #OpenBSD (which is great) but not many on #Slackware ... Perhaps I need to reactivate ye old pile of webpages for that? 😉
Heads up: #OpenBSD snapshots that are rolling out for several architectures are now post-7.6 -current, be aware. If you upgrade, downgrading to release is NOT supported.
Latest 𝗩𝗮𝗹𝘂𝗮𝗯𝗹𝗲 𝗡𝗲𝘄𝘀 - 𝟮𝟬𝟮𝟰/𝟬𝟵/𝟯𝟬 (Valuable News - 2024/09/30) available.
https://vermaden.wordpress.com/2024/09/30/valuable-news-2024-09-30/
Past releases: https://vermaden.wordpress.com/news/
#verblog #vernews #news #bsd #freebsd #openbsd #netbsd #linux #unix #zfs #opnsense #ghostbsd #solaris #vermadenday
After dinner, I decided to fire up my desktop computer, which has been shut down for months and primarily focused on gaming. I installed an old 500GB SSD, a 1TB spinning disk, and set up FreeBSD and OpenBSD. With my Nvidia graphics card, FreeBSD showed better video performance, and I had everything I needed installed in just over ten minutes. Even the suspend function from the Plasma menu works, and the system resumes correctly.
Tomorrow, when I have some free time, I’ll try another project: installing FreeBSD on an old PC I salvaged and prepping it for my father-in-law. He only uses Firefox (max two tabs at a time), a printer, and LibreOffice. I think that will be enough. I'm considering whether to go with FreeBSD or OpenBSD for that.
Our proposal for the Fosdem BSD devroom is almost ready, but it would be nice to find someone from the #OpenBSD project to join @bentsukun and me in the BSD devroom organization.
For many years, my mobile devices have automatically connected via Wireguard to my external OpenBSD VPS when I'm away from home. It's typically configured to route only my main VPNs (allowing remote intervention if necessary) and to set the DNS, similar to what I've described here: https://it-notes.dragas.net/2023/04/03/make-your-own-vpn-wireguard-ipv6-and-ad-blocking-included/
The goal is to have complete access to my networks and to use DNS that filters out unwanted content and ads.
It works very well, and the browsing experience is optimal.
In Dublin, I decided to route all traffic through that VPS. Since I often connect to open Wi-Fi networks (in hotels, at conferences, in pubs, etc.), I preferred to keep everything active. Moreover, at that point, I was still appearing to websites with my Italian IP, which reduced issues with streaming, etc.
Everything worked perfectly, and I didn't notice any significant increase in battery consumption. The hotel had all Ruckus equipment (with excellent Wi-Fi coverage), while the conference used Cisco, and the coverage there was also generally good.
The Wireguard implementation on OpenBSD has proven to be, as always, extremely stable and reliable.
OpenBSD is running great on the Orange PI One. Performance is quite good, too, considering the hardware - and the boot time is short.
I'll be using it for a couple of days for a specific task, then...who knows?
Still waiting for the FTTH, with the /48 ipv6 - that will change a lot of things, here.
Major change to sysupgrade(8) behaviour https://www.undeadly.org/cgi?action=article;sid=20240925110946 #openbsd #sysupgrade #pkg_add #upgrading #current #newrelease #development
My blog is hosted and served from three different locations: an httpd and relayd stack on OpenBSD, a FreeBSD jail, and a Raspberry Pi Zero W powered by NetBSD - and they all contain all the files.
The VM on OpenBSD is located in the Netherlands at OpenBSD Amsterdam, a provider offering OpenBSD VMs on OpenBSD hosts, contributing a portion of earnings to the OpenBSD Foundation. Their setup is transparent and well-documented, enabling full understanding of the underlying infrastructure.
Varnish is configured across the various hosts to use all three resources as backends, ensuring that data remains accessible to the reverse proxies even if two of the servers go down.
And, in the event that all three go down, the reverse proxies will continue to serve the cached versions for days.
#ITNotes #RunBSD #FreeBSD #OpenBSD #NetBSD #Varnish #VarnishCache
#OpenBSD now enforcing no invalid NUL characters in shell scripts
https://www.undeadly.org/cgi?action=article;sid=20240924105732
There was a "Network Management with the OpenBSD Packet Filter Toolset" tutorial session at @EuroBSDCon 2024, here are the updated slides: https://nxdomain.no/~peter/pf_fullday.pdf #openbsd #pf #networking #security #tcpip #ipv6 #ipv4 #ssh #spam #packetfilter #eurobsdcon
#OpenBSD now enforcing no invalid NUL characters in shell scripts https://www.undeadly.org/cgi?action=article;sid=20240924105732 #Unix
OpenBSD -current is now "7.6-current" https://www.undeadly.org/cgi?action=article;sid=20240924163845 #openbsd #current #development #security #newrelease
OpenBSD now enforcing no invalid NUL characters in shell scripts https://www.undeadly.org/cgi?action=article;sid=20240924105732 #openbsd #shells #shellscripts #ksh #development #nul #nulchar #nulbyte #invalidchar
Slides for Hans-Jörg Höxer (hshoexer@)'s talk "Confidential Computing with OpenBSD" yesterday at #EuroBSDcon 2024.
https://www.openbsd.org/papers/eurobsdcon2024-hshoexer-confidential-computing.pdf
In case you were at Euro BSD and did not notice, #OpenBSD released 4 additional patches for 7.5:
007: In libexpat add integer range checks. CVE-2024-45490 CVE-2024-45491 CVE-2024-45492
008: Avoid possible mbuf double free in NFS client & server implementation. Do not use uninitialized variable in error handling of NFS server.
009: In readdir name validation exclude any '/' to avoid unexpected directory traversal on untrusted file systems.
010: Invalid ELF files could result in kernel crash.
Latest 𝗩𝗮𝗹𝘂𝗮𝗯𝗹𝗲 𝗡𝗲𝘄𝘀 - 𝟮𝟬𝟮𝟰/𝟬𝟵/𝟮𝟯 (Valuable News - 2024/09/23) available.
https://vermaden.wordpress.com/2024/09/23/valuable-news-2024-09-23/
Past releases: https://vermaden.wordpress.com/news/
#verblog #vernews #news #bsd #freebsd #openbsd #netbsd #linux #unix #zfs #opnsense #ghostbsd #solaris #vermadenday
SSH ProxyCommand example: Going through one host to reach another server https://www.cyberciti.biz/faq/linux-unix-ssh-proxycommand-passing-through-one-host-gateway-server/ #unix #linux #openbsd #freebsd
Alt...
ssh jumphost example
Some comments I have seen after the story about #openbsd -current cranking its version number https://www.undeadly.org/cgi?action=article;sid=20240918052239 suggest that reposting my daily chores of running an OpenBSD system post https://nxdomain.no/~peter/openbsd_installed_now_for_the_daily_tasks.html (or https://bsdly.blogspot.com/2024/09/you-have-installed-openbsd-now-for.html if pretty formatting is worth the trackers) could be useful #openbsd #current #newrelease #newvers.sh #development #excitingnews
authlog
(ft. the tome of pf: https://nostarch.com/pf3 by @pitrh )
#unix_surrealism #openbsd #technomage #pf #comic #runbsd
Alt...
Girl and Puffy approach an ancient machine. A tome of PF lies nearby.
The screen of the machine is printing thousands of lines.
Girl turns to Puffy and asks: "all those lines... who are they?"
Puffy: "Enslaved souls of unsuspecting machines. Forever cursed to haunt open ports."
#EuroBSDCon2024 (#EuroBSDCon) is starting in a few days!
If you see beginners & newcomers at the conference, guide them to #BoxyBSD to offer them completely free #BSD based VMs, where they can learn in practical and choose between #FreeBSD, #OpenBSD, #NetBSD, #DragonflyBSD, #MidnightBSD or even #OpenIndiana (for some corner cases and our friends).
Happy BSD‘ing!
#runbsd
Latest 𝗩𝗮𝗹𝘂𝗮𝗯𝗹𝗲 𝗡𝗲𝘄𝘀 - 𝟮𝟬𝟮𝟰/𝟬𝟵/𝟭𝟲 (Valuable News - 2024/09/16) available.
https://vermaden.wordpress.com/2024/09/16/valuable-news-2024-09-16/
Past releases: https://vermaden.wordpress.com/news/
#verblog #vernews #news #bsd #freebsd #openbsd #netbsd #linux #unix #zfs #opnsense #ghostbsd #solaris #vermadenday
Last day to get your prepub copy of "Run Your Own Mail Server" and benefit the BSD conference A/V team. 5PM EDT, it's GONE!
Auction at https://mwl.io/archives/23758
#ryoms #freebsd #openbsd #netbsd #bsdcan #eurobsdcon #asiabsdcon #sysadmin
The BSD A/V team needs gear to livestream and record conference talks.
I'm auctioning off a prepub hardcover of "Run Your Own Mail Server" to support their efforts. You want this book before anyone else, here's how you get it.
Current bid €337. Ends Sunday, 5PM EDT.
Please boost for a good cause!
#ryoms #sysadmin #freebsd #openbsd #netbsd #bsdcan #eurobsdcon #asiabsdcon
Trying not to do too much programming today, but I did submit a small patch to c5 (a small #forth written in C, see https://github.com/CCurl/c5) to allow it to build on #OpenBSD and #FreeBSD. I might try to redo the Makefile for it to remove the need to use gmake.
The BSD A/V Team needs equipment to stream and record conference talks.
I'm auctioning off a pre-publication hardcover of "Run Your Own Mail Server" to support their fundraising. The current bid is €337, about $373. Ends Sunday night, ships Monday if you send your money!
Bid at https://mwl.io/archives/23758
And seriously, you don't want "Anonymous Bidder" to win, do you? CRUSH THEM FOR A GOOD CAUSE! 
#ryoms #freebsd #netbsd #openbsd #bsdcan #eurobsdcon #asiabsdcon
Is your network congested or in danger of becoming overloaded?
In "Yes, You Too Can Be An Evil Network Overlord - On The Cheap With OpenBSD, pflow And nfsen" https://nxdomain.no/~peter/yes_you_too_can_be_an_evil_network_verlord.html you may find hints on how to solve that problem. #AppFlow #netflow #metadata #networkmonitoring #pflow #Surveillance #OpenBSD #IPFIX #nfsen #monitoring #congestion
Another great episode of the #BSDNow podcast it out!
@cstross Kevin's (@kfury) advice is absolutely sound. Here is my bit doing just that, and unless #openbsd #packetfilter is your thing, it is quite safe to scroll to the very end for the conclusion: https://nxdomain.no/~peter/blogposts/chatgpt_writes_pf.conf.html (also https://bsdly.blogspot.com/2023/06/i-asked-chatgpt-to-write-pfconf-to-spec.html if tracking by G is worth the nicer formatting)
A great refresher on using email clients over web & thus power hungry browser interfaces by the Mozilla Thunderbird people
#Linux #freeBSD #netBSD #openBSD #UUCP #POP3 #IMAP #OpenSource #POSIX #programming #UA
https://blog.thunderbird.net/2024/09/why-use-a-mail-client-vs-webmail/
Support for AMD #SEV encrypted memory guests in #OpenBSD vmm(4)/vmd(8) is now enabled in -current!
This follows kernel SEV guest mode support, and SEV host support added to ccp(4) in July, later split off into a new psp(4) driver.
To enable SEV for a guest use the parameter "sev" in the guest's vm section in vm.conf.
Be sure not to miss Hans-Jörg Höxer (hshoexer@)'s talk "Confidential Computing with #OpenBSD" at #EuroBSDcon 2024 in Dublin!
https://events.eurobsdcon.org/2024/talk/BCAN3P/
In this talk we will explore some of the AMD SEV feature sets. We will describe how to use them to run OpenBSD as both
• a confidential guest VM and
• a host hypervisor providing a confidential execution environment.
The BSD A/V team needs some kit, so I'm auctioning off a pre-release "Run Your Own Mail Server" hardcover for them. Current bid is 233€, about $257. If you want a copy before release, this is your chance!
#ryoms #sysadmin #freebsd #openbsd #netbsd #bsdcan #eurobsdcon #asiabsdcon
"Run Your Own Mail Server" auction to benefit the BSD Conference A/V team:
The book isn't commercially available, but I have a spare hardcover. You want it before it's out? This is your chance, and it helps a good cause! #bsdcan #eurobsdcon #asiabsdcan #freebsd #netbsd #openbsd #hardenedbsd #sysadmin
(ETA: please boost!)
Whenever I see the a "How to protect your #SSH server against #bruteforce attacks" post or article centered on some #Linux woodo, I always think to post about how easy it is to deal with those on #OpenBSD and #FreeBSD with #PF add #statetracking options: As in https://home.nuug.no/~peter/pf/en/bruteforce.html, supplemented with https://nxdomain.no/~peter/forcing_the_password_gropers_through_a_smaller_hole.html, alternatively the PF tutorial https://nxdomain.no/~peter/pf_fullday.pdf and of course The Book of PF, https://nostarch.com/pf3
Also the slowpoke version: https://nxdomain.no/~peter/hailmary_lessons_learned.html
Advanced #Programming in the #UNIX Environment
Week 1, UNIX History
From Space Travel on a PDP-7 at Bell Labs in New Jersey to AT&T System V and the _B_erkeley _S_oftware _D_istribution, the Unix Wars, USL v. BSDi, the birth of #NetBSD (with the later fork into #OpenBSD) and #FreeBSD, the parallel development of GNU at MIT and its adoption of the new #Linux kernel, and how we ended up with Unix on your fridge, car, and mobile phone.
Ten years plus on "Effective Spam and Malware Countermeasures - Network Noise Reduction Using Free Tools" https://nxdomain.no/~peter/effective_spam_and_malware_countermeasures.html still seems to be relevant (mod that we never got #IPv6 greylisting done) #malware #networksecurity #antispam #OpenBSD #internetsecurity, #networking #mailsecurity #packetfilter #countermeasures #networkmail #PF #greylisting #spam #FreeBSD
Latest 𝗩𝗮𝗹𝘂𝗮𝗯𝗹𝗲 𝗡𝗲𝘄𝘀 - 𝟮𝟬𝟮𝟰/𝟬𝟵/𝟬𝟵 (Valuable News - 2024/09/09) available.
https://vermaden.wordpress.com/2024/09/09/valuable-news-2024-09-09/
Past releases: https://vermaden.wordpress.com/news/
#verblog #vernews #news #bsd #freebsd #openbsd #netbsd #linux #unix #zfs #opnsense #ghostbsd #solaris #vermadenday
