Slashdot Mirror
OpenBSD Review at DistroWatch
jpkunst writes "Robert Storey at DistroWatch com has written an in-depth and favorable review of OpenBSD: OpenBSD - For Your Eyes Only. 'The first OpenBSD memento I ever saw was a T-shirt with a picture of a cop chasing a script kiddie. That image remained etched in my mind for well over a year before I finally got my hands on a copy of this fine OS. Now that I have it installed on my machine, I only wonder what took me so long.'"
BSD IS........being nursed slowly back to health?
but i got an "Error 404: BSD is Dead." message...
i kid! i kid! long live BSD! though i don't use it...
Don't forget about distrowatchwatch.
Under emulation...
The article is very clear and concise. While BSD was not trivial to install the very first time, it isn't too difficult for those with experience. However even noobs can install OpenBSD with this article.
BTW - A good idea is to install OpenBSD on a dedicated secondary hard disk, such as a 4GB or something that you can find for free now a days. That way you will not have to worry about ruining your partitions on your primary disk, as OpenBSD is a bit scarier with writing to your MBR than, lets say, the GUI for GRUB in the RedHat installer.
Now that OpenBSD is implementing SMP support, I wonder if (more?) high-end servers will start running it.
tasks(723) drafts(105) languages(484) examples(29106)
I wonder if BSD would benefit from changing to a similar development model as Linux. There sem to be relatively few active BSD developers, and although they do a good job, they must have a bad time trying to keep up with the latest hardware and technologies available.
Web Sig: Eddy Currents
I learned my packet filtering basics on FreeBSD. I've looked at ipchains and iptables/netfilter, but the ipfilter/pf packages just seem to be the packages that best encompass my beliefs of how firewalls should be constructed. I've always liked the syntax and organization; I suppose that's one of the major reasons I've stuck with FreeBSD for so long.
OpenBSD felt "more" secure than FreeBSD, but in terms of desktop use, FreeBSD just offered more. I'll run OpenBSD on my servers, but for my desktop I want FreeBSD.
"As Benjamin Franklin once said, the only way for three people to keep a secret is if two of them are dead. While it's doubtful that Ben was referring to computer security, many PC users have lots of little secrets stored on their hard drives. Things such as credit card numbers, a personal address book, and perhaps a few naughty photos from the New Year's Eve party."
Man, why aren't my New Year's Eve parties like that!
"True dat with a wiffle ball bat." -- kabrakan
man, the first time i ever ran into the whole BSD disklabel thing, i almost crapped a brick. I was pretty new to GNU/Linux at the time, and had not to much of a clue how widely varying the various filesystem types out there were.
anyway, it was 4am at the time. within the next twenty four hours my computer had about 8 different OS's (not installs, seperate OS's). by the end of it i had a 120 mb partition with an ultraslim windows 98 incarnation and OpenBSD in all it's cryptographic glory.
that was a fun day.
~dijjnn
non-trivial to whom? as a linux dork maybe 5 years ago, i installed BSD on a friends laptop without ever reading a single thing about BSD. He asked me if I would, then handed me the cd's. A little while later it was up and running.
non-trivial to MS-Windows users, Mac users, and Linux initiates maybe. But 5 years ago, I was barely above the status of linux newb. Ok, so it wasn't exactly trivial to do at the time, but easy enough to do without documentation.
Still, your point is well taken.
Codeweavers / binary drivers / VMware to name a few linux only programs?
That way you will not have to worry about ruining your partitions on your primary disk, as OpenBSD is a bit scarier with writing to your MBR than, lets say, the GUI for GRUB in the RedHat installer.
You don't seem to have heard of the *feature* in Fedora Core 2 to get rid of booting from a windows partition
I have found OpenBSD to be trivial to install on one platform out of the three I have tried. When installing OpenBSD on an UltraSparc 10 there was no issues what-so-ever and everything might as well have been point and click. The x86 family of processors and the Power PC processors, however, were an entirely different story and headache all together. You'd think that with OpenBSD talking about how secure it is and how great it is, that you'd see one of those developers make some user friendly installer in order to increase the popularity of the operating system. Personally I believe that more people running more secure computers is a good thing, but thats just me and I ramble.
That's because everyone's sick of fucking hearing it!! No, you're not funny. No, you're not original. Every single thread has a post about how BSD is dying, and now every single thread has a post about how there's going to be posts about BSD is dying. It's old, it's offtopic. Just shut up.
Fahking sheet, meng, you are über1337!!!
Checkout bsdforums.org
There are many users there who can help you out.
Quotes:
"never mind what the aperature driver is, trust me.."
"Whats this nameserver stuff?" Well...
What's next, how to install Clippy?
Give us some substance, not a low-brow article sprinkled over a dozen+ pages (to increase your ad hit counts)
I want to delete my account but Slashdot doesn't allow it.
... is the mascot they present when you visit their respective web sites.
Linux = Penguin = Warm and cuddly.
FreeBSD = Cartoony demon = Warm (hot?) and cuddly.
NetBSD = Many cartoony demons = Even warmer and cuddlier than FreeBSD.
OpenBSD = Blowfish with a leaash on another fish with a spiked collar = spiky, poisonous, and into S&M
"People that quote themselves in their signatures bother me" - athakur999
I am somewhere between newbie and novice when it comes to *nix. When I decided I needed a good secure operating system for my job to put their web server on, I realized that I didn't know or want to learn all the steps it takes to secure Linux.
So I decided on OpenBSD (that whole "secure by default" thing kinda enticed me). I picked up a copy of "Secure Architectures with OpenBSD" and went to work. Well, then I realized that it probably would have been faster to learn the steps to securing Linux, but I am really liking OpenBSD so far.
I can honestly say, installation was incredibly easy once I RTFM, and I'm finding it is that way with most stuff. And the things that I have hit snags on (making PHP and MySQL play nice together) have been resolved by a few posts to misc@openbsd.org.
And OpenBSD's clean filesystem makes it a lot easier to learn Unix than other OSs.
Oh, and did I mention that Ports and Packages kick ass?
what do i do, oh slashdot moderators, to please you in your infinite wisdom?
Stop worrying about moderation and stop whining about karma. Thanks in advance.
Just read the man pages. Amazing how down to earth and straightforward things can be if there's a group focus on simplicity. Everything is laid out in plain English. Setting up my OpenBSD box as a DHCP server took less time than doing the same thing using the GUI on my Linksys wireless AP. That's including reading the man page.
This guy is way out there
Yeah, I know. I'm feeding a troll.
But it was so obvious.
Good News Everyone!
Turns out that *BSD is stronger than ever!
According to an Inernetnews article, Netcraft has confirmed that *BSD has "dramatically increased its market penetration over the last year."
There has been a steady increase in *BSD developers over the past decade.
There are currently 307 FreeBSD developers as of the 2004 core team election.
You can read more about FreeBSD here
If you would like to try out a BSD, you can download: FreeBSD, OpenBSD, NetBSD, or DragonflyBSD
Enjoy!
I'm reading this on an openBSD system now. This is also the first time I managed to get on the internet using this system. I don't have much documentation other than the man pages. I'm hedging my bets a little on the whole SCO thing. I love linux, but if I must use BSD because of SCO, so be it. I am in general, pleased with the system, but I know my way around linux much better. The openBSD is on a dual boot machine, with the other os being Slackware. The OpenBSD install was somewhat of a stressful thing, as I didn't want to screw up the Slackware, and the install was a good bit different than a linux install.
Well, it won't hurt. I think they decided to take the plunge because of the dual-core CPUs starting to come out.
I rarely criticize things I don't care about.
I know why. Because it took 7 months for them to ship you your CDs. (I'm still waiting for mine... been 3 months now.)
Taken from the article :
:)
Below is a copy of my file ppp.conf which you can cut and paste, but you'll have to edit five settings. In particular:
1) MODEM_DEVICE_NAME
2) ANY_WORD
3) PHONE_NO
4) USER_NAME
5) ISP_LOGIN_NAME
6) MY_PASSWORD
5 settings eh? Well there you go!
Side note: my mate has been running openBSD as a squid proxy server for years now - only crash it had was when the hard disk developed bad sectors... didn't kill it straight away, but once the bad sectors hit the kernel it had issues
There are several reasons for having such installer. The same installer runs on all supported archs. And it's very simple to use. If you understand the concept of disklabels and partitions (in the BSD sense), you can install OpenBSD. I honestly don't understand what people think is difficult about an OpenBSD install. OTOH, my last install was 2 years ago. I've just upgraded my servers since then. :)
I'm going to spill the big secret we've been keeping from the BSD is dead gang:
Beastie's horns double as neck bolts! It's alive! Alive!
Who is John Cabal?
Best Anonymous Coward post, *EVER*.
...but then I remembered how long I waited for my frikken OpenBSD 3.5 CDs... :-(
The only potential difficulty, IMO, is getting past the the whole "partitions vs. slices" thing. The BSD and Linux versions of those ideas are dangerously similar - close enough to make a clueful Linux user think they understand then, but different enough to hose that user's system. Even then, there's nothing particularly difficult there as long as you wipe your mind of what you think you know before beginning.
Once you get past partitioning/slicing, there's really nothing to the rest of the install.
The man pages on BSD simply rock. As opposed to the man pages on most Linux distros, many of which say, "This hasn't been updated since the dawn of time, you should be using our proprietary hypertext system 'info' to get your information, dumbass." Not including the ones that were taken (as is allowed under the BSD license) directly from the BSD folk, of course. And most tools written by people influenced by their system provide equally usable man pages. Its a great cycle of documentary bliss! Or something. Either way, its pretty cool.
You're special forces then? That's great! I just love your olympics!
I guess the best bet for someone who just wants to try out BSD is Freesbie
A BSD newbie must also know that all BSDs have the same advantage over Linux. That is good documentation for development and for POSIX patterns.
But im not trying to start a flamewar, even because BSDs may not be the best OS for everyone.
for regular users, or for bigger OS flexibility, i would sugest to stay with our pal Tux! (ive used it for long time =) )
but if you want to build a stable server in which youll need to do some secure,well-documented development, BSD is always a good choice.
One must only have in mind that the BSDs are not all equal as ive read on earlier posts!! (people were talking about FreeBSD when the topic clearly states about Open).
just for the record:
NetBSD >runs on everything with 32 bits. (including toasters =D)
FreeBSD > good performance and stability. (My personal choice ! )
OpenBSD > awesome security but bad performance compared to the other 2.(what i have to work with in college)
just thought that someone needed to clear that out!
What is best in life? To crush your enemies, to see them driven before you and to hear the lamentations of their women.
#CLOUD# <-100Mbps-> *Invisible OpenBSD Bridging Firewall with Pf* <-100Mbps-> #HOST#
Works great, and keeps speed with the network.
A pretty good starter pc.conf is here
OpenBSD is also great becuase of:
spamd
AND
CARP
Part of what makes the BSD's what they are is the surrounding 'development model'.
If you change it to be more like Linux, you would have a product more like Linux and loose what makes BSD, BSD...
Neither is right/wrong, just different.
---- Booth was a patriot ----
Good News Everyone!
Mike Smith now works for Apple, who's OS is based on BSD.
Check it out: www.lemis.com/~grog/msmr.html
and at: daemonnews, under "BSD at Apple"
He didn't like the direction that v5 was taking so he quit and starting writing BSD code for Apple.
I like OpenBSD, but the source-only updates are a pain. I know it is because the support a lot or ARCHs, but the reality is that apt get or up2date is easier. I'm having a hard time convincing myself that I could manage a lot of servers this way.
Comment removed based on user account deletion
I just started using to OpenBSD about two weeks ago because I wanted something minimal to run on some old equip that I wanted to use as an X workstation. I had attemped OpenBSD a few months ago with an old 3.4 install floppy that wouldn't work and I almost gave up. But after 3.5 came out, I wrote a new 3.5 install disk, re-read the install docs, and booted up the floppy. 10 minutes later, I had a fully functional unix with X and FVWM (the default WM instead of TWM as on most linux X installs).
/usr/local/bin to /bin and then executed vipw to make it my root shell. The second thing I did was install fluxbox which I find more functional than FVWM.
.profile. I highly recommend using pkg_add over ports unless you absolutely need to compile something to get customizations/optimizations.
So far I have been favorably impressed. I was absolutely blow away by the quickness of the install. The slowest thing about the install was the unfamiliar disk partitioning. Otherwise the only limit on speed was my bandwidth. The quick install means that there is no bloat. If you want it, install it, but you won't find useless packages installed by default like lots of linux distributions. Under Fedora, my old P3-450 used to be slugish and grind away swapping constantly. No it almost *never* swaps (at least not that I can hear)
I found the default shell csh to unfamiliar. Having come from linux, the first thing I did was install bash (statically compiled version) using pkg_add and them I moved it from
Even though ports "gets all the press" in BSD software management, I prefer to install binaries using pkg_add for most day-to-day packages that do not require customization. Do not underestimate pkg_add. It will resolve dependancies and install everyting that is a prerequisite for the package that you are asking for. It is the BSD answer to APT. It makes software installation trivial. The important thing to remember about pkg_add is to select a mirror and put a PKG_PATH=ftp://ftp.yourserver.here/ into your
Patching is all done by source diffs, so there will be some compiling there.
FFS
"That's because everyone's sick of fucking hearing it!!"
You do realize Al Gore invented the now tiresome BSD is dying jokes?
Anybody have a link pertaining to the picture of which he speaks? Even better, anyone have a jpg of the picture used on the t-shirt? (this image would make an excellent addition to my bafflingly random image collection)
how bout a beow.... naaa nevermind
That may well be, but in Soviet Russia, "BSD is dying" is sick of hearing YOU!
Shop as usual. And avoid panic buying.
The FreeBSD platform in general is very unreliable, and many many problems have been reported over the last week alone. One appears to be a stuck interrupt, but all that code has been redone for SMP support. Why do they bother? SMP SUCKS on FreeBSD.
If you want to give OpenBSD a try without installing it head over to http://metawire.org. They offer free OpenBSD shells, they've got a pretty big community and it's a great place to play and learn with OpenBSD.
OpenBSD IS and FOREVER shall be my firewall.
Bull! OpenBSD is not just for firewalls! That's a *myth*! OpenBSD is a fully functional general-purpose OS, just like any other Unix. I've found this out after 5-plus years sticking with Debian, only to get tired of their slowing-to-a-halt release cycle and arrogant mentality. The difference being, OpenBSD are very conscious of the dangers of C programming, and strive for best programming practices, preventing the weekly buffer overflows Linux users are so used to. Plus, a proactive security stance. What you get is a bunch of realistic, rational developers and a powerfull, functional, secure OS.
Sweet! Keep it up!
Which BSD are you talking about? I can install FreeBSD in my sleep. But thoughts of using raw fdisk and disklabel keep me awake at night!
Don't blame me, I didn't vote for either of them!
you must have been very very lucky is all i can say.
If you mod me down, I will become more powerful than you can imagine....
Comment removed based on user account deletion
It's kind of sad how any mention of BSD degenerates into a "is it dead yet?" discussion here on /.
Seriously folks, BSD is a lot older than Linux, it has survived the rise and fall of quite a few inferior as well as superior OSes, it will survive Windows and it might even survive Linux. My point is: Who cares? It works, it is stable, it is fast, it is really free and it is available right now.
Oh, and let's not forget the fact that when you download a BSD you download a complete OS, designed from the bottom up, not a kernel with a collection of userland programs from all over the place.
Best of all: In the BSDs you don't end up tripping over the kitchen sink when all you wanted was to install a fast, secure and reliable server.
Enough already. Read the review, take OpenBSD or one of the other BSDs for a test drive and make up your own mind.
G
Reality has a notoriously liberal bias -- Stephen Colbert
Is there a location that has info on how to tweak OpenBSD to be a good Desktop system?
There seems to be a lot of work to get OpenBSD working as a decent Desktop system. It would be nice if somebody had all the steps needed on some website in a concise list.
My biggest hurdle is remembering to make a note of the dns server addy, _before_ booting off the floppy for an ftp install...
you are über1337!!!
NO...
he's übertragic.. systemagic!
... OpenBSD is the One True Religion.
Although NOBODY has ever "gotten" my OpenBSD Blowfish T-Shirt. The joke is as undecipherable as the Blowfish algorithm itself.
I'm not normally an irrational zealous dickhead, but I figure "When in Rome..."
I used to use FreeBSD in the early 90's but then switched to Linux once I heard about it and it supported the hardware I had.
FreeBSD was definately the best OS at the time for i386. But the *BSD licenses suck and I don't think anyone should support them if you hope the free software/open source movement will win. This is because companies can rip off your free code and use it in house in proprietary products. It's common accepted fact that's how MS got the core networking support for windows. Apple, HP and all the big UNIX vendors were/are doing the same thing. (One thing SCO is attempting to do in their legal case is to invalidate the GPL so that that the code in Linux could be stolen^?^?used in this way also.)
That's lame! I love(d) freebsd a lot, but until some *BSD kernel is under the GPL, I'll never recommend it to anyone.
Or possibly this as an option. I know, I know, you have to buy Apple hardware, but the nice thing is that you can play around with BSD as well, pre-installed, while still getting the iApps. And chicks dig the Powerbook.
Well, I like it. YMMV.
The Independent: Reverend Spooner Arrested in Friar Tuck Incident - ISIHAC, Historical Headlines
I got OpenBSD running the first time I tried it (2.x); I'll let everyone here in on my secret - I READ THE INSTRUCTIONS THAT POPPED UP ON MY SCREEN.
That's it. When your computer asks you a question, read the paragraph above it explaining the question before you just hit 'Enter' without thinking. This tip actually works for every OS. When my mom can't figure out how to use her email or something, I make her actually read the questions her app pops up before she impatiently hammers the 'enter' key to get through. And she realizes that nearly EVERY app is user-friendly enough to use.
Ironically, about 90% of you skipped half of the above text and just went on to the next post.
I'm not normally an irrational zealous dickhead, but I figure "When in Rome..."
There is nothing stopping you from releasing it. 'Non-Free-BSD' - catchy name, I wonder if it will catch on.
I would have been part of the 90% that skipped the "above text", but it just so happened there wasn't another post, so I was actually bored enough to read your post ;). Back on topic though, I must say that OpenBSD was rather easy to install. I did not get caught on any snags, and the installation went clean. Of course I dropped BSD for another Linux distro (more specifically Cobind 0.2), due to what I believed to be BSD's lack of ease-of-use. But that's just me... and I don't even try to portray myself as a Linux-toting /. Overlord.
One of the things I like about OpenBSD is their policy of not accepting things with half-assed licensing into their base distribution.
-- All that's left of me, is slight insanity, whats on the right, I don't know. -- Bob Mould
FreeBSD is a different operating system to OpenBSD.
If BSD sockets had used a restrictive licence like the GPL, no commercial vendors would have used it. Instead, the Internet, probably in a vastly inferior form, would be dominated by proprietary protocols from the likes of Microsoft, Novell, IBM, etc. In such an environment, it's unlikely Linux or BSD would be nearly as useful as they are today, thanks to the BSD foundations of modern Internet software, and the BSD licence, which shared that foundation with the world.
Fundamentally, a lot of us don't want 'the free software/open source movement' to win. We want software to get better (faster, more functional, more secure) for *everyone*, not just those who use the same OS we do, or belong to a particular pseudo-religion (like the GNU movement).
Thanks for being the 10%. Cobind, eh? Haven't heard of that one. Thanks, I'll check it out.
/var, you can put 80m. I ape the guy and it works perfect. Another testament to BSD's awesome documentation, I guess (and there are instructions for pkg_add and ports on the back of the liner notes, pkg_add being OpenBSD's apt-get, and ports being like Gentoo's source-based emerge).
OpenBSD definitely doesn't focus on ease-of-use, because the very hardcore Theo et al see "wizards" and the like as security holes. OpenBSD makes you KNOW what you're doing before you do it -- kinda unfair for us Linux guys who usually try things at random until it works. It's kind of a pain, but overall, if you value security, the initial pain of setting up XFree86 on OpenBSD is worth it. Once you get point and clicking, it's all the same.....
I also think I should have mentioned that one of the things that makes OpenBSD's install so bloody easy is that there is a line-by-line complete example install in the liner notes on the CD! Where the example guy puts 80m for
Yours truly,
Linux-Toting Slashdot Overlord
I'm not normally an irrational zealous dickhead, but I figure "When in Rome..."
"NetBSD >runs on everything with 32 bits. (including toasters =D)
FreeBSD > good performance and stability. (My personal choice ! )
OpenBSD > awesome security but bad performance compared to the other 2.(what i have to work with in college)"
Its all about choice. I choose to mainly run NetBSD, just because I have a lot of older boxes (68K Mac's, SGI boxen, DECStations, Vaxen, etc) and it maintains a consistent OS across them. FreeBSD has more packages available, but of course it all boils down to how many of the ones not in NetBSD do I actually *need*.. (answer, none yet). I also find the NetBSD community very knowledgable and friendly.
I personally don't see a lot of difference in the BSD and Linux development models... Even in Linux, you can submit new code, but its still up to a "core" of code maintainers to decide whether to include it into the Linux kernel. What I find more with the BSDs though is that with a smaller number of people there is more of a drive to "do it right" rather than just throw something 1/2 baked in to "make it work". Sure, you can argue that there is more hardware support on Linux (read: 3rd parties like NVidia write drivers for Linux, not for BSD, so if you want 3D games use Linux), but not that USB support and a lot of other stuff was in the BSDs long before it came to Linux.
When I deployed my fw, I didn't get very far into writing the config file before it hit me: the programmers must have had to maintain other firewalls and decided to fix what sucked about them. They get it!
Man! Easy ways to compose arbitrary lists. macros that help readibility. Read in lists from external text files. Dynamic rules. I can express in one line what has taken 10 in a cisco acl. On and on. It is a real improvement - simpler, shorter human input means fewer human mistakes.
And pf follows the UNIX philosophy of keeping tools small and focussed. No http proxy - use Squid or something. Use pf to enforce the policy that browsers must go through the proxy. I use ftpsesame as an add-on to handle ftp. I have an inline fw, so the ftpproxy won't work.
I am astonished at its performance, too. Incredibly tiny amounts of memory. I'm in awe. pf is incredible.
It ties into CARP - which is a nice middle finger for Cisco's bogus load-balancing/failover patent. They implemented failover and made it secure. So you can have two or ten pf firewalls sharing state tables, unplug one (or nine) and sessions still flow. Maybe total bandwidth takes a hit, but it still flows.
I apologize for my total fanboyism. It's justified, but probably embarassing to read.
But remember that the default for htdocs is under /var/www so if you have a graphics heavy website you could easily fill that and then you'll have to reconfigure apache.
I have benchmarked several programs, including apache, squid, mysql, postgresql and sendmail, and apart from freebsd 5.x being about 10% slower, all the BSDs perform roughly the same. The openbsd is slow myth is wrong, I know it sounds too good to be true, but you really can have unparalleled security and speed together.
I've done it quite a few times. The first few times it's scary, but it becomes second nature quick. Although I have to admin that fdisk(8) is scary, disklabel(8) however, is very friendly (IMHO) because you can use slice letter, wildcards and Human Friendly Sizes(tm) as offsets and sizes. At least on DFBSD and FreeBSD I can. I doubt OpenBSD's disklabel(8) is much different.
oops.
~dijjnn