OpenBSD Archive

Linux Supporters Fiddle While OpenSSH Burns

"Even if you don't use OpenBSD, you're likely to be benefiting from it unknowingly. If you're using Solaris, SCO UnixWare, OS X, SUSE Linux, or Red Hat Enterprise Linux, chances are you're using the OpenBSD-developed OpenSSH for secure shell access to remote machines. If so many are using this software, why are so few paying for it? Official responses (and non-responses) from Sun Microsystems, IBM, Novell, and Red Hat are below, but if you're one of the freeloaders who hasn't contributed to OpenBSD or OpenSSH, what's your excuse?"

OpenBSD 3.9 Adds Sensor Framework

OpenBSD 3.9 will include a new sensor framework to allow system administrators to monitor the environmental conditions of servers running OpenBSD. OpenBSD 3.9, which is scheduled for release on 1 May, includes support for the sensors and the sensor management tools used on a number of architectures, Theo de Raadt, the founder and lead developer of OpenBSD, told ZDNet UK earlier this week.

OpenBSD Asks for Donations; Pre-Order OpenBSD 3.9

OpenBSD has asked for donations: "To fulfill most development goals OpenBSD should be generating about $100K USD. With that amount of money the project can finance 1 large and 4 small hackathons per year. Pay the bills and a part-time developer to mind the shop when Theo isn't around. In an ideal world we would have a sponsor per hackathon and the CD sales would be paying for other expenses." On a very related note, pre-orders for OpenBSD 3.9 are now available.

Implementing IPsec on OpenBSD

"This IPv4-centric document is meant both as an overview to the IP Security Protocol (IPsec) and as an introduction to OpenBSD's implementation of it. By the end the reader will have learned how to set up various types of IPsec installations on OpenBSD. Each type of installation includes guidance regarding firewall protection using, of course, the unsurpassed OpenBSD packet filter."

The Design of OpenBGPd

"I started OpenBGP two years ago, after getting completely fed up with Zebra, which we were running before. There were lots of bugs, bad configuration language, performance problems, and since I don't speak Japanese - I had problems understanding the documentation. Zebra makes heavy use of cooperative threads, which leads to it's main problem: combined with the central event queue, Zebra can lose sessions while busy. Zebra successor, Quagga, caught up and apparently fixed many of the bugs. However, they still used the Zebra's design, which I think is wrong. So, the issues are kind of unfixable."

OpenBSD 3.9 Needs Testing

"That's it for 3.9! Tree locks are upon us so unless something critical breaks, nothing will go in anymore. For me and Jordan this means to stop ACPI development until the tree is unlocked. So now it is of to test, test, test! That goes for you too; if you are reading this you should stop and install snapshots on as many machines and architectures as possible. We always appreciate test reports from folks in the field."

Anonymity on a Disk: Anonym.OS

To many privacy geeks, it's the holy grail - a totally anonymous and secure computer so easy to use you can hand it to your grandmother and send her off on her own to the local Starbucks. Titled Anonym.OS, the system is a type of disk called a 'live CD' - meaning it's a complete solution for using a computer without touching the hard drive. Developers say Anonym.OS is likely the first live CD based on the security-heavy OpenBSD operating system.

Blocking Skype Using Squid and OpenBSD

"After much digging online for an effective way to stop this pesky application that is highly de-centralised and a big pain to blocked, I finally found a way to do it. It has been working perfectly fine on our corporate network, and we have had no complaints of users being denied access to legitimate web destinations (that are in compliance with our security policy of course)."

Trying Out the New OpenBSD 3.8

"Yesterday OpenBSD, the proactively secure Unix-like operating system, released version 3.8, featuring several improvements to networking, RAID management tools, and increased security. At you can download installation files or order the official three-disc CD set, which supports 16 processor architectures out of the box. I took this new release as an opportunity to perform my first ever OpenBSD install." Read more here.

OpenBSD 3.8 Released

"We are pleased to announce the official release of OpenBSD 3.8. This is our 18th release on CD-ROM (and 19th via FTP). We remain proud of OpenBSD's record of eight years with only a single remote hole in the default install. As in our previous releases, 3.8 provides significant improvements, including new features, in nearly all areas of the system."

Firewalling with OpenBSD PF

"I've updated the Firewalling with PF manuscript, mainly for the tutorial I gave at the AUUG2005 conference. New sections: Info on bruteforce protection; Wireless net setup; authpf with wireless net. Updates to the spamd section and traceroute section."

IPMI Introduced on OpenBSD

OpenBSD has a brand new IPMI implementation. The ipmi term Intelligent Platform Management refers to autonomous monitoring and recovery features implemented directly in platform management hardware and firmware. The key characteristics of Intelligent Platform Management is that inventory, monitoring, logging, and recovery control functions are available independent of the main processor, BIOS, and operating system.

OpenBSD 3.8: Hackers of the Lost RAID

It's release time again for OpenBSD! The upcoming 3.8 will include some wonderful features for network gurus (trunking, tracking wireless roaming users, interface groups, a new ipsec configuration tool, and failover of ipsec links), a great rework of malloc() that will provide further security protections by default, and the first version of bioctl--a universal RAID management interface.

OpenBSD MacPPC G5 Support in Progress

"Theo announced on -misc today that work is in progress to add G5 support to the macppc port. G5 machines will be running in 32-bit mode but there is the possibility of a macppc64 port to follow to take advantage of these 64-bit processors. All Apple models are being targetted (iMac, Power Mac, and Xserve) so if you have such a machine and wish to run OpenBSD NetBSD OpenBSD on it, your dreams are about to come true. As Theo stresses, this is very much a work in progress and not everything is supported or stable at this point in time."