Slashdot Mirror

As follows...

Chris Coleman chrisc@vmunix.com says:I" have registered bsdports.org. Now I will be taking applications to work on the project.

If you have CVS access to an existing BSD ports/pkg_src tree, it will be summarily granted.

If you wish to donate resources to the project, please contact me. I see this as a community effort."

I have OpenBSD 2.6 on a 486dx33 running in the kind of configuration you are looking for. I choose Open as that is what I had used before. Speed is a non-issue if you are just passing packets. Even my cheap ISA ne2000 cards can keep up with the cable modem. Even if you want to serve a few pages with apache or ftp a 486 is up to the task. If you want a system that you can install and forget, OpenBSD may be a better choice then FreeBSD. The 3 years without a remote exploit in the default install (which includes apache and sendmail) is comforting. I assume that FreeBSD can be secure as well, but they have always said that performance was their main concern whereas OpenBSD has always said that security is their main concern.

Compared to Linux I prefer OpenBSD as a gateway. I really like IPFilter and IPNat over IPchains. I find the configuration files much easier to read. For example the following blocks and logs all attempts to telnet to my gateway:

block in log from any to <my_ip> proto tcp port telnet flags S

IPFilter and IPNat do lack the proxies that come with Linux IP-MASQ. Generally this is not a problem as the IPFilter 'keep state' rule and IPNat seem to be smarter then Linux IP-MASQ. However I have not used Linux as a gateway for over a year so I could be wrong. If you IRC get the tircproxy package (look on freshmeat.net) and set it up as a tranparent proxy. Tircproxy proxies DCC connections and I recommend it to anyone using using IP-MASQ or *BSD IPNat

A good OpenBSD resource site is www.deadly.org

I have upgraded to 2.7-beta and I'm glad to see that ethernet bridging seems to be performing better.

How can you substantiate this? The BSD community is by far the most active by scale.

when ./ posts a .00000000001 upgrade to the freaking linux kernel you sheep come out droves.

Amen to that brother! Slashdot is VERY Linux-centric. Just look at the way the ignorant zealots flocked to the Slackware story over this. Stigma is all that matters rather than maturity and performance. Anything that is remotely BSD is crucified on slashdot plus most BSD users avoid slashdot because of its one-sidedness. if you want the current BSD news check out OpenBSD Journal, Daily Daemon News, FreeBSD'zine, FreeBSD Diary, FreeBSD Rocks and OpenBSD Explained

At first much of the BSDI codebase will remain proprietary. It will only be freed as it is integrated with FreeBSD. There are some parts of the codebase that cannot be freed because the code was written under a contract that does not permit disclosure.

According the Karels the only thing that will remain proprietary is the kernel...for now. And a lot of the things they can't just put under a BSDL comes from things under NDA's.

Who are "they" ?
.: "They" are the OpenBSD core team represented by Theo de Raadt.

What's this document about ?
.: I received a lot of request to tell my side of the story, since it's impossible to reply to all people in detail, I decided to setup this page to answer the most common questions.

Why did you register openssh.org ?
.: The company I work part-time for allowed me to investigate the kickstart of a open/free ssh server client combo that was compatible with ssh1 and could run on Linux/Solaris.

The project title was, guess what ... 'openssh' ...

I learned from LWN that there was an other group working on an openssh version so I contacted Theo de Raadt and asked if he was interested in developing a port for Linux/Solaris. He told me that they were only interested in developing a version for OpenBSD.

I registered openssh.org and was trying to find someone to do the porting. Unrelated to my activities Damien Miller started a succesful porting effort for Linux/Solaris, so there was no necessety for my search to continue.

Why didn't you give away openssh.org to openbsd ?
.: Actually I tried. I mailed Theo de Raadt and told him I was willing to give control of the opensh.org to them provided they added links to other open/free ssh projects on 'their openssh.org' page.

Then why do you still have openssh.org?
.: Theo de Raadt first agreed and suggested I register http://www.freessh.org, which I promptly did, but later he canceled the deal telling me:
"We're not going to get ripped off by someone we don't trust".

What happend then (part 1) ?
.: Theo sent me some nasty emails and I didn't hear from him again untill the 1st of March. I offered other openssh developers the use of www,cvs,ftp and mail, but they declined. As a service to the community I rewrote the openssh.org URL to openssh.com so people would be transfered to that domain automaticly.

What happend then (part 2) ?
.: Theo sent me an email demanding I remove the mx records for openssh.org. Theo must have known this demand was impossible since rfc822 requires that postmaster@domain is a valid email address. Without mx this is not the case, and I would violate this requirement.

We exchanged some email about/with the word please and we summarized the November email exchange.

And then ?
.: Theo sent me a message telling me he would post a banner on openssh.com to warn people, he would post a message to BUGTRAQ and there would be story on slashdot.org. Handing over the domain would stop that.

So what did you do ?
.: Nothing, I was surprised someone was trying to coerce me.

Did other people contact you ?
.: I received a sudden influx of messages most cc'ed to openssh@openssh.com requesting me to hand over openssh.org, some seemed to believe I was reading their mail, while others were angry they couldn't receive mail @openssh.org. Since I offered the use of www,cvs,ftp and mail to the openssh developers this strikes me as strange.

How is mail for openssh.org setup than ?
.: It's a virtual host that only accepts mail for postmaster@openssh.org, root@openssh.org, webmaster@openssh.org, all other mail will bounce. Since the mx points to the same host that used to run the remailer@replay.com, and still runs the remailer@hr13.zedz.net, sendmail is setup with 'LOGLEVEL=0', so not only do I not receive bounced mails, I don't even get a logfile of people who tried to send mail.

What do you think of the OpenBSD Announcement ?
.: They recommend caution since "there could be privacy issues, possibly data mining or building a mailing list of security conscious users". I feel this was sent 'in the spur of the moment'. If I wanted a to build a mailinglist of security conscious users or was dataming, the only thing I would have to do is mail all the users of the ZedZ ftp-site. As for the privacy issues, I've provided and still provide ways to anonymously access the Internet. But you decide.

Why do I suddenly get a seperate page at openssh.org ?
.: Damien Miller laid out his concerns about the seamless redirect from the openssh.org URL to the openbsd.com URL and requested me to remove the rewrite and to setup a seperate page. Which I did.

What happens next ?
.: I'm disappointed in the behaviour of one or two people but since my main goal is and always will be the spread of encryption products and the use of those products by end users, hence the building of the ZedZ ftp site, I'm willing to 'get over' that.

In order to facilitate the community I suggest to the OpenSSH/OpenBSD group that they supply me with a zone file and a secondary for openssh.org. I will instruct the primary DNS to fetch the zone file from the OpenSSH controlled secondary. It's up to the OpenSSH/OpenBSD group to configure the layout of the domain. If at a later stage 'the wounds' are healed and a mutual understanding, maybe even a mutual appreciation has been reached it's not impossible that the domain will be donated to the OpenSSH Project.

Since OpenBSD already uses ftp.zedz.net as primary ftp site for rsaref and cfs for instance (under it's old name utopia.hacktic.nl) this seems a reasonable and acceptable compromise to me.

Other whishes ?
.: A public apology from Theo would be nice. Also the OpenSSH.com site is very OpenBSD centric a change that would level the exposure of other OS's would be welcomed, but it's up to their webteam to decide.

Other things ?
.: Not at the moment.

How can I contact you ?
.: Just mail me at adejoode@zedz.net

Exit! Stage Left!

Who are "they" ?
.: "They" are the OpenBSD core team represented by Theo de Raadt.

What's this document about ?
.: I received a lot of request to tell my side of the story, since it's impossible to reply to all people in detail, I decided to setup this page to answer the most common questions.

Why did you register openssh.org ?
.: The company I work part-time for allowed me to investigate the kickstart of a open/free ssh server client combo that was compatible with ssh1 and could run on Linux/Solaris.

The project title was, guess what ... 'openssh' ...

I learned from LWN that there was an other group working on an openssh version so I contacted Theo de Raadt and asked if he was interested in developing a port for Linux/Solaris. He told me that they were only interested in developing a version for OpenBSD.

I registered openssh.org and was trying to find someone to do the porting. Unrelated to my activities Damien Miller started a succesful porting effort for Linux/Solaris, so there was no necessety for my search to continue.

Why didn't you give away openssh.org to openbsd ?
.: Actually I tried. I mailed Theo de Raadt and told him I was willing to give control of the opensh.org to them provided they added links to other open/free ssh projects on 'their openssh.org' page.

Then why do you still have openssh.org?
.: Theo de Raadt first agreed and suggested I register http://www.freessh.org, which I promptly did, but later he canceled the deal telling me:
"We're not going to get ripped off by someone we don't trust".

What happend then (part 1) ?
.: Theo sent me some nasty emails and I didn't hear from him again untill the 1st of March. I offered other openssh developers the use of www,cvs,ftp and mail, but they declined. As a service to the community I rewrote the openssh.org URL to openssh.com so people would be transfered to that domain automaticly.

What happend then (part 2) ?
.: Theo sent me an email demanding I remove the mx records for openssh.org. Theo must have known this demand was impossible since rfc822 requires that postmaster@domain is a valid email address. Without mx this is not the case, and I would violate this requirement.

We exchanged some email about/with the word please and we summarized the November email exchange.

And then ?
.: Theo sent me a message telling me he would post a banner on openssh.com to warn people, he would post a message to BUGTRAQ and there would be story on slashdot.org. Handing over the domain would stop that.

So what did you do ?
.: Nothing, I was surprised someone was trying to coerce me.

Did other people contact you ?
.: I received a sudden influx of messages most cc'ed to openssh@openssh.com requesting me to hand over openssh.org, some seemed to believe I was reading their mail, while others were angry they couldn't receive mail @openssh.org. Since I offered the use of www,cvs,ftp and mail to the openssh developers this strikes me as strange.

How is mail for openssh.org setup than ?
.: It's a virtual host that only accepts mail for postmaster@openssh.org, root@openssh.org, webmaster@openssh.org, all other mail will bounce. Since the mx points to the same host that used to run the remailer@replay.com, and still runs the remailer@hr13.zedz.net, sendmail is setup with 'LOGLEVEL=0', so not only do I not receive bounced mails, I don't even get a logfile of people who tried to send mail.

What do you think of the OpenBSD Announcement ?
.: They recommend caution since "there could be privacy issues, possibly data mining or building a mailing list of security conscious users". I feel this was sent 'in the spur of the moment'. If I wanted a to build a mailinglist of security conscious users or was dataming, the only thing I would have to do is mail all the users of the ZedZ ftp-site. As for the privacy issues, I've provided and still provide ways to anonymously access the Internet. But you decide.

Why do I suddenly get a seperate page at openssh.org ?
.: Damien Miller laid out his concerns about the seamless redirect from the openssh.org URL to the openbsd.com URL and requested me to remove the rewrite and to setup a seperate page. Which I did.

What happens next ?
.: I'm disappointed in the behaviour of one or two people but since my main goal is and always will be the spread of encryption products and the use of those products by end users, hence the building of the ZedZ ftp site, I'm willing to 'get over' that.

In order to facilitate the community I suggest to the OpenSSH/OpenBSD group that they supply me with a zone file and a secondary for openssh.org. I will instruct the primary DNS to fetch the zone file from the OpenSSH controlled secondary. It's up to the OpenSSH/OpenBSD group to configure the layout of the domain. If at a later stage 'the wounds' are healed and a mutual understanding, maybe even a mutual appreciation has been reached it's not impossible that the domain will be donated to the OpenSSH Project.

Since OpenBSD already uses ftp.zedz.net as primary ftp site for rsaref and cfs for instance (under it's old name utopia.hacktic.nl) this seems a reasonable and acceptable compromise to me.

Other whishes ?
.: A public apology from Theo would be nice. Also the OpenSSH.com site is very OpenBSD centric a change that would level the exposure of other OS's would be welcomed, but it's up to their webteam to decide.

Other things ?
.: Not at the moment.

How can I contact you ?
.: Just mail me at adejoode@zedz.net

Exit! Stage Left!

Who are "they" ?
.: "They" are the OpenBSD core team represented by Theo de Raadt.

What's this document about ?
.: I received a lot of request to tell my side of the story, since it's impossible to reply to all people in detail, I decided to setup this page to answer the most common questions.

Why did you register openssh.org ?
.: The company I work part-time for allowed me to investigate the kickstart of a open/free ssh server client combo that was compatible with ssh1 and could run on Linux/Solaris.

The project title was, guess what ... 'openssh' ...

I learned from LWN that there was an other group working on an openssh version so I contacted Theo de Raadt and asked if he was interested in developing a port for Linux/Solaris. He told me that they were only interested in developing a version for OpenBSD.

I registered openssh.org and was trying to find someone to do the porting. Unrelated to my activities Damien Miller started a succesful porting effort for Linux/Solaris, so there was no necessety for my search to continue.

Why didn't you give away openssh.org to openbsd ?
.: Actually I tried. I mailed Theo de Raadt and told him I was willing to give control of the opensh.org to them provided they added links to other open/free ssh projects on 'their openssh.org' page.

Then why do you still have openssh.org?
.: Theo de Raadt first agreed and suggested I register http://www.freessh.org, which I promptly did, but later he canceled the deal telling me:
"We're not going to get ripped off by someone we don't trust".

What happend then (part 1) ?
.: Theo sent me some nasty emails and I didn't hear from him again untill the 1st of March. I offered other openssh developers the use of www,cvs,ftp and mail, but they declined. As a service to the community I rewrote the openssh.org URL to openssh.com so people would be transfered to that domain automaticly.

What happend then (part 2) ?
.: Theo sent me an email demanding I remove the mx records for openssh.org. Theo must have known this demand was impossible since rfc822 requires that postmaster@domain is a valid email address. Without mx this is not the case, and I would violate this requirement.

We exchanged some email about/with the word please and we summarized the November email exchange.

And then ?
.: Theo sent me a message telling me he would post a banner on openssh.com to warn people, he would post a message to BUGTRAQ and there would be story on slashdot.org. Handing over the domain would stop that.

So what did you do ?
.: Nothing, I was surprised someone was trying to coerce me.

Did other people contact you ?
.: I received a sudden influx of messages most cc'ed to openssh@openssh.com requesting me to hand over openssh.org, some seemed to believe I was reading their mail, while others were angry they couldn't receive mail @openssh.org. Since I offered the use of www,cvs,ftp and mail to the openssh developers this strikes me as strange.

How is mail for openssh.org setup than ?
.: It's a virtual host that only accepts mail for postmaster@openssh.org, root@openssh.org, webmaster@openssh.org, all other mail will bounce. Since the mx points to the same host that used to run the remailer@replay.com, and still runs the remailer@hr13.zedz.net, sendmail is setup with 'LOGLEVEL=0', so not only do I not receive bounced mails, I don't even get a logfile of people who tried to send mail.

What do you think of the OpenBSD Announcement ?
.: They recommend caution since "there could be privacy issues, possibly data mining or building a mailing list of security conscious users". I feel this was sent 'in the spur of the moment'. If I wanted a to build a mailinglist of security conscious users or was dataming, the only thing I would have to do is mail all the users of the ZedZ ftp-site. As for the privacy issues, I've provided and still provide ways to anonymously access the Internet. But you decide.

Why do I suddenly get a seperate page at openssh.org ?
.: Damien Miller laid out his concerns about the seamless redirect from the openssh.org URL to the openbsd.com URL and requested me to remove the rewrite and to setup a seperate page. Which I did.

What happens next ?
.: I'm disappointed in the behaviour of one or two people but since my main goal is and always will be the spread of encryption products and the use of those products by end users, hence the building of the ZedZ ftp site, I'm willing to 'get over' that.

In order to facilitate the community I suggest to the OpenSSH/OpenBSD group that they supply me with a zone file and a secondary for openssh.org. I will instruct the primary DNS to fetch the zone file from the OpenSSH controlled secondary. It's up to the OpenSSH/OpenBSD group to configure the layout of the domain. If at a later stage 'the wounds' are healed and a mutual understanding, maybe even a mutual appreciation has been reached it's not impossible that the domain will be donated to the OpenSSH Project.

Since OpenBSD already uses ftp.zedz.net as primary ftp site for rsaref and cfs for instance (under it's old name utopia.hacktic.nl) this seems a reasonable and acceptable compromise to me.

Other whishes ?
.: A public apology from Theo would be nice. Also the OpenSSH.com site is very OpenBSD centric a change that would level the exposure of other OS's would be welcomed, but it's up to their webteam to decide.

Other things ?
.: Not at the moment.

How can I contact you ?
.: Just mail me at adejoode@zedz.net

Exit! Stage Left!

Sorry, you are sorely mistaken. Please see my letter at The OpenBSD Journal. I hope you are simply misinformed on the issues. A real effort was made to contact and communicate with the registrant of openssh.org, but no progress was forthcoming. It was with great dismay that the tactic that has been taken was taken. Please do not suggest otherwise. Thanks.

Slashdot is not the only source of news.. if you check OpenBSD Journal there has been mention of this for several days now.

Actually, this story broke serveral days ago on OpenBSD Journal. You merely assumed "this is the first publisized information about it".

You mean the same freessh.org which, completely coincidentally, also belongs to him? Or the not mentioning that he's also linking to Freessh.org found, say, here?

The /. article was a post taken from a mail. It's hardly fair to claim that "they" are trying to hide info without first doing a little research (and no, reading /. and the comments doesn't count).

OpenBSD Journal got a slashbox a day or two ago. It's a fairly new site which is very helpful for those using OpenBSD.

I guess thourough depends on the reader. Personally I didn't think it was thourough either, but someone who has never used OpenBSD before may have felt it was a great resource. There are not a lot of web resources available for OpenBSD, something I hope to change.

I try to keep an ongoing on-line diary of my experiences installing and using and experimenting with OpenBSD. It available here. Four years ago, you would have been hard pressed to find mention of Linux anywhere, much less a thorough review. Now OpenBSD is getting some attention.


Personally I think Matt should be credited with at least being curious enough about OpenBSD to give it a try , and willing to share it with the community. That's what it's all about right?

My .02

I just spent the last 2 weeks playing with OpenBSD on two 486's at home. I've posted a diary of sorts here. I really like OpenBSD. In fact I may switch my last linux box over to OpenBSD in the next week or two. Too bad, I was really enjoying being able to listen to WWOZ on RealPlayer. Does anyone know if the FreeBSD realplayer works with OpenBSD 2.5?

jim