Sidebar
OpenBSD
As the next release is slowly cooking, I'd like to mention an artist that I love: @pmjv, or *prahou*. He's been dedicated to submitting awesome artwork about his universe, here at /c/unix_surrealism, which features many openbsd related comics (puffy being an important protagonist). I was thus wondering how an artist could pretend at submitting an artwork for the next release ? Is it a shortlist ? Do you simply upload some on the mail list ?
Upcoming EuroBSDCon OpenBSD talk Confidential Computing with OpenBSD by Hans-Jörg Höxer Confidential computing is a family of techniques to enhance security\ and confidentiality for data in use. One technical approach is strong\ isolation for virtual machines. AMDs Secure Encrypted Virtualization (SEV) offers several feature sets\ for isolation of guest virtual machines from an non-trusted host hypervisor\ and operating system. These feature sets include memory encryption,\ encryption of guest state including CPU registers and an attestation\ framework. In this talk we will explore some of the AMD SEV feature sets. We will\ describe how to use them to run OpenBSD as both * a confidential guest VM and * a host hypervisor providing a confidential execution environment. Topics covered are CPU feature detection, low level kernel initialization,\ memory management, virtio(4) device drivers and the virtual machine\ daemon vmd(8). [](https://events.eurobsdcon.org/2024/speaker/ZZNGCU/) I](https://events.eurobsdcon.org/2024/speaker/ZZNGCU/) Tickets are still available and this talk will be streamed and recorded for later release.
Upcoming EuroBSDCon OpenBSD talk Building a SD-WAN appliance suitable for an Australian Health Sector NFP/NGO by Jason Tubnor Latrobe Community Health Service (LCHS) - AS139466 - is a Not for Profit (NFP)/Non-Government Organisation (NGO) headquartered in Victoria, Australia. The organisation consists of 40 offices and 2 data centres across the States of Victoria and New South Wales with over 1,500 employees. All LCHS infrastructure is designed and managed in-house without the use of large-scale cloud infrastructure. Since 2015, BSD Unix has been used for various workloads within the organisation. This talk focuses on our next generation SD-WAN appliance built on OpenBSD technology using commodity hardware. Topics will include the network topology, design choices, various OpenBSD VPN and routing technologies and orchestrating build, deployment and management across the fleet using Ansible. [](https://events.eurobsdcon.org/2024/speaker/SKMHNM/) [Jason Tubnor](https://events.eurobsdcon.org/2024/speaker/SKMHNM/) Tickets are still available and this talk will be streamed and recorded for later release.
Upcoming EuroBSDCon OpenBSD talk A Packet's Journey Through the OpenBSD Network Stack by Alexander Bluhm When debugging network issues, it is important to understand when\ certain things happen. Tcpdump provides valuable insight, pf\ transforms packets, pseudo devices add features, and netstat counters\ show action. The call graph of the functions within the kernel is\ the base to comprehend the relation between these sources of\ information. The layering of kernel code in hardware drivers, pseudo devices,\ IP processing, forwarding and protocol layer is explained. The\ kernel provides the socket interface to userland processes. Packet\ forwarding happens within the kernel. Bridge code uses certain\ shortcuts. pf is a swiss knife that can manipulate traffic in\ multiple layers. IPsec has an independent interface that overrides\ routing. Routing itself and neighbor discovery is a necessary step\ that has its tentacles everywhere. Checksum calculation can be\ performed by hardware offloading. By using examples with a single packets, their way through the\ kernel is shown. The possible branches, configuration options, and\ measurement output are put in correlation. [](https://events.eurobsdcon.org/2024/speaker/88AJR9/) [Alexander Bluhm](https://events.eurobsdcon.org/2024/speaker/88AJR9/) Tickets are still available and this talk will be streamed and recorded for later release.
Upcoming EuroBSDCon OpenBSD talk OpenBSD vs. IPv6 by Florian Obser ** .ical](https://events.eurobsdcon.org/2024/talk/AV78U9.ics)09-21, 17:45–18:30 (Europe/Dublin), Foyer B ** We will give an overview of past, present and future work on IPv6 in OpenBSD. We will show how we replaced KAME stack code in both the kernel as well as userland with modern, privilege separated daemons for stateless address auto configuration. slaacd(8) runs on the host to solicit router advertisements and configures addresses and routes. rad(8) runs on the router to send router advertisements. A newly written daemon for DHCPv6, dhcp6leased(8), requests prefixes from an upstream ISP which then can be used by rad(8) for router advertisements. Next we will show the new IPv6 source address selection in the kernel, including support for the infamous Rule 5.5 of RFC 6724. In ongoing and future work we will touch on client-side address translation using pf(4)'s af-to feature to support the 464XLAT transition mechanism for v6-mostly networks. [](https://events.eurobsdcon.org/2024/speaker/VFCFRB/) [Florian Obser](https://events.eurobsdcon.org/2024/speaker/VFCFRB/)
Upcoming EuroBSDCon OpenBSD talk Global anycast using OpenBSD on a budget by Rob Keizer This talk goes over using OpenBSD as the basis for a highly available globally distributed public anycast network. Distributed decision systems corosync, consul, and raft (using Elixir) are discussed, as are highly available distributed storage and routing systems, all on OpenBSD, all on a budget. [](https://events.eurobsdcon.org/2024/speaker/7J9KC3/) [Rob Keizer](https://events.eurobsdcon.org/2024/speaker/7J9KC3/)
Upcoming EuroBSDCon OpenBSD talk Why rewrite fw\_update(8)? By Andrew Hewus Fresh OpenBSD provides the fw\_update(8) utility to handle installing firmware for hardware from manufacturers whose licensing isn't compatible with our base system. We will take a trip into the history of fw\_update(8), its structure and why it exists. A recent rewrite provides an illustration of the value OpenBSD places on simplicity and user experience. [](https://events.eurobsdcon.org/2024/speaker/WMAPDT/) [Andrew Hewus Fresh](https://events.eurobsdcon.org/2024/speaker/WMAPDT/) Tickets are still available and this talk will be streamed and recorded for later release.
Upcoming EuroBSDCon talk: vmd's multi-process device emulation: 2 releases later by Dave Voutila [** .ical](https://events.eurobsdcon.org/2024/talk/H7G3CS.ics)09-21, 14:45–15:30 (Europe/Dublin), Foyer B ** In OpenBSD 7.4, the native hypervisor, [vmd(8)](https://man.openbsd.org/vmd.8)became the only open source type-2 hypervisor to default to using a multi-process, privilege separated model for emulating block and network devices. This talk provides a look at the inspiration from Oracle's [contributions](https://blogs.oracle.com/linux/post/multiprocess-qemu-breaking-up-is-hard-to-do) to QEMU as a means of multi-layered defense, a review of the challenges and changes required to OpenBSD across 7.4 and 7.5, and a look at the road ahead.
Upcoming OpenBSD talk: Puffy does Realtime Hypermedia by Patrick Marchand Modern web development is intrinsically tied to javascript and frameworks have been pushing us further and further away from the initial model of the internet as a web of documents. In response to this, libraries like htmx and data-star have arisen to demonstrate ways to use hypermedia to create interactive applications. Hypermedia as the engine of application state (HATEOS) is a driving principle of these new libraries and by allowing the backend to drive the state of the frontend directly without requiring the user to write javascript code, they make it possible to do hypermedia on whatever you like (Otherwise known as the HOWL stack). That means that with nothing but the OpenBSD base install and a small javascript shim (12kb at the time of writing), we can write realtime hypermedia applications. We will explore the case of a small web application that monitors the state of it's server and offers real time updates of it's metrics. [](https://events.eurobsdcon.org/2024/speaker/WM8TBW/) [Patrick Marchand](https://events.eurobsdcon.org/2024/speaker/WM8TBW/) Tickets are still available and this talk will be streamed and recorded for later release.
# Utils: ssh - obvious mg - debloated emacs - even smaller than nvi/nex! tmux - a lot of people don't realize this is an OpenBSD project - session retention doas - configuring sudo feels horrible after configuring doas - invaluable in ports pf - ironic that this is most popular outside of OpenBSD (PFSense) ifconfig - command line interface translates directly to configuration files login.conf/login - anything on PenguinOS seems insane by comparison - especially oom killer sndio - actually works - hopefully this gets popular outside of OpenBSD ;) ;) ;) vmm/vmd - still in its early stages, but I love it got (technically not an OpenBSD project, but adjacent) - debloated git - partial git compatibility # Library Functions/Syscalls: pledge & unveil - interesting new approach to jails - set and forget, no interaction needed on the user's end - with exceptions like chromium & firefox strtonum - far nicer than strto* functions in stdlib malloc - now with use after free and leak detection! who needs valgrind?
The download page leads to install75.img, but the front page still says 7.4.
github.com
For anyone wanting to have a nice little cli tool to search the OpenBSD packages repository. Also, there are emojis and much more.
cross-posted from: https://lemmy.srcbeat.com/post/13468 > Running a slightly modified version of Lemmy based on 0.18.5. Needed to upgrade a few of the dependencies. The worst was a segfault from the Rust crate [jsonwebtoken](https://crates.io/crates/jsonwebtoken)!
Just spreading love for `sysupgrade(8)`. I had a private server running 7.2 dutyfully serving a PHP software for a local organisation for the past 4 years. Our provider suffered an outage which brought the server down for a few hours. When it got back up, I decided to use this outage to upgrade it to 7.4. Two `sysupgrade` and one `pkg_add -u` later, the server is up and running again, without further intervention needed. I did it all from my phone, in a train with a a laggy connection. Thanks OpenBSD for caring this much about your users ! 🐡♥️
I am a bit surprised no one posted this here yet, but OpenBSD 7.4 was released: https://www.openbsd.org/74.html
How long does it usually take for you to unhibernate after a ZZZ? I timed my laptop where it stops at the "unhibernating @ block xxxxxx length xxxMB", and these are my times: length 65MB: 1m 47s length 285MB: 3m 29s Are these normal times? Setting vm.swapencrypt.enable=0 makes no difference, and according to dmesg "acpi0: sleep states S0 S3 S4 S5".
Hello, I've tried to find someone else using OpenBSD in various places for a while now, but with no success, so I'm hoping someone will read this. I'm wondering what your output is from file(1) on a file you know has text encoded as UTF-8. On my system (7.3-stable) the output is "Non-ISO extended-ASCII text", and I'm trying to figure out if this is how it should be, or if I did something wrong setting up the system. So, if you have a computer with OpenBSD and a minute to spare, could you try running file(1) on a UTF-8 file and see if it identifies it as UTF-8 or "Non-ISO extended-ASCII text"? Thanks in advance
Considering that OpenBSD's `umb(4)` and `umsm(4)` drivers support cards like the Quectel EC25, which comes in a USB variant, I was wondering if it was (at least in theory) possible to make calls using OpenBSD. I know you can get to the internet and send SMS with the smstools port, but what about calling ?
OpenBSD 7.3 + vmd(8) - alpine linux - NixOS - OpenBSD 7.3 -current ( for testings)
I would like to add a new keyboard layout ([FR - AZERTY AFNOR](http://norme-azerty.fr)). What is the correct way to do it ? Ideally I would like to use it for everything: - full disk encryption - TTY - xenodm - xenocara session For now, I updated `/usr/X11R6/share/X11/xkb/symbols/fr` to add the variant, which I load in xenodm and my xsession using `setxkbmap`. However I feel like it's not "clean" as it should be done with `wsconsctl` . So what is the correct way to do it ?
Hey everyone, I decided after many year to try again to slap OpenBSD on my old Acer Aspire one. The Wifi adapter is not supported, but I was thinking about using my phone to get network connectivity out of it. Unfortunately I'm hitting a strange behavior: `ifconfig urndis0 autoconf` works as expected, and I get an IP over DHCP. Ping and DNS resolution work as expected, but when I try any TCP connection, the connectivity simply stops working, and I cannot even ping the gateway anymore. `dmesg` doesn't say anything about it. Has anyone encountered this already ?