Slashdot Mirror
OpenBSD Review at DistroWatch
jpkunst writes "Robert Storey at DistroWatch com has written an in-depth and favorable review of OpenBSD: OpenBSD - For Your Eyes Only. 'The first OpenBSD memento I ever saw was a T-shirt with a picture of a cop chasing a script kiddie. That image remained etched in my mind for well over a year before I finally got my hands on a copy of this fine OS. Now that I have it installed on my machine, I only wonder what took me so long.'"
The article is very clear and concise. While BSD was not trivial to install the very first time, it isn't too difficult for those with experience. However even noobs can install OpenBSD with this article.
BTW - A good idea is to install OpenBSD on a dedicated secondary hard disk, such as a 4GB or something that you can find for free now a days. That way you will not have to worry about ruining your partitions on your primary disk, as OpenBSD is a bit scarier with writing to your MBR than, lets say, the GUI for GRUB in the RedHat installer.
I wonder if BSD would benefit from changing to a similar development model as Linux. There sem to be relatively few active BSD developers, and although they do a good job, they must have a bad time trying to keep up with the latest hardware and technologies available.
Web Sig: Eddy Currents
Something that might interest users of FreeBSD who envy pf:
pf on FreeBSD
-Dan
I am somewhere between newbie and novice when it comes to *nix. When I decided I needed a good secure operating system for my job to put their web server on, I realized that I didn't know or want to learn all the steps it takes to secure Linux.
So I decided on OpenBSD (that whole "secure by default" thing kinda enticed me). I picked up a copy of "Secure Architectures with OpenBSD" and went to work. Well, then I realized that it probably would have been faster to learn the steps to securing Linux, but I am really liking OpenBSD so far.
I can honestly say, installation was incredibly easy once I RTFM, and I'm finding it is that way with most stuff. And the things that I have hit snags on (making PHP and MySQL play nice together) have been resolved by a few posts to misc@openbsd.org.
And OpenBSD's clean filesystem makes it a lot easier to learn Unix than other OSs.
Oh, and did I mention that Ports and Packages kick ass?
Good News Everyone!
Turns out that *BSD is stronger than ever!
According to an Inernetnews article, Netcraft has confirmed that *BSD has "dramatically increased its market penetration over the last year."
There has been a steady increase in *BSD developers over the past decade.
There are currently 307 FreeBSD developers as of the 2004 core team election.
You can read more about FreeBSD here
If you would like to try out a BSD, you can download: FreeBSD, OpenBSD, NetBSD, or DragonflyBSD
Enjoy!
The only potential difficulty, IMO, is getting past the the whole "partitions vs. slices" thing. The BSD and Linux versions of those ideas are dangerously similar - close enough to make a clueful Linux user think they understand then, but different enough to hose that user's system. Even then, there's nothing particularly difficult there as long as you wipe your mind of what you think you know before beginning.
Once you get past partitioning/slicing, there's really nothing to the rest of the install.
I guess the best bet for someone who just wants to try out BSD is Freesbie
A BSD newbie must also know that all BSDs have the same advantage over Linux. That is good documentation for development and for POSIX patterns.
But im not trying to start a flamewar, even because BSDs may not be the best OS for everyone.
for regular users, or for bigger OS flexibility, i would sugest to stay with our pal Tux! (ive used it for long time =) )
but if you want to build a stable server in which youll need to do some secure,well-documented development, BSD is always a good choice.
One must only have in mind that the BSDs are not all equal as ive read on earlier posts!! (people were talking about FreeBSD when the topic clearly states about Open).
just for the record:
NetBSD >runs on everything with 32 bits. (including toasters =D)
FreeBSD > good performance and stability. (My personal choice ! )
OpenBSD > awesome security but bad performance compared to the other 2.(what i have to work with in college)
just thought that someone needed to clear that out!
What is best in life? To crush your enemies, to see them driven before you and to hear the lamentations of their women.
#CLOUD# <-100Mbps-> *Invisible OpenBSD Bridging Firewall with Pf* <-100Mbps-> #HOST#
Works great, and keeps speed with the network.
A pretty good starter pc.conf is here
OpenBSD is also great becuase of:
spamd
AND
CARP
Comment removed based on user account deletion
I just started using to OpenBSD about two weeks ago because I wanted something minimal to run on some old equip that I wanted to use as an X workstation. I had attemped OpenBSD a few months ago with an old 3.4 install floppy that wouldn't work and I almost gave up. But after 3.5 came out, I wrote a new 3.5 install disk, re-read the install docs, and booted up the floppy. 10 minutes later, I had a fully functional unix with X and FVWM (the default WM instead of TWM as on most linux X installs).
/usr/local/bin to /bin and then executed vipw to make it my root shell. The second thing I did was install fluxbox which I find more functional than FVWM.
.profile. I highly recommend using pkg_add over ports unless you absolutely need to compile something to get customizations/optimizations.
So far I have been favorably impressed. I was absolutely blow away by the quickness of the install. The slowest thing about the install was the unfamiliar disk partitioning. Otherwise the only limit on speed was my bandwidth. The quick install means that there is no bloat. If you want it, install it, but you won't find useless packages installed by default like lots of linux distributions. Under Fedora, my old P3-450 used to be slugish and grind away swapping constantly. No it almost *never* swaps (at least not that I can hear)
I found the default shell csh to unfamiliar. Having come from linux, the first thing I did was install bash (statically compiled version) using pkg_add and them I moved it from
Even though ports "gets all the press" in BSD software management, I prefer to install binaries using pkg_add for most day-to-day packages that do not require customization. Do not underestimate pkg_add. It will resolve dependancies and install everyting that is a prerequisite for the package that you are asking for. It is the BSD answer to APT. It makes software installation trivial. The important thing to remember about pkg_add is to select a mirror and put a PKG_PATH=ftp://ftp.yourserver.here/ into your
Patching is all done by source diffs, so there will be some compiling there.
If you want to give OpenBSD a try without installing it head over to http://metawire.org. They offer free OpenBSD shells, they've got a pretty big community and it's a great place to play and learn with OpenBSD.
(where'd I put my slashdot PW when I need it?)
...
...", which we heard plenty of times before we got SMP on line). You can SAY you want security all you want. It is what you DO that counts, however.
:)
:) Mozilla on a PII-266 is very slow, but it works. Heck, technically, it works on the 100MHz SPARC, but you had best be very patient...
"Why would it not be a good desktop system?"
Well...depends on what you want. Define "desktop", then see if OpenBSD fits.
Currently, most Unix apps are written on Intel-compatable Linux systems, by people who think "portability" means "runs on both Redhat and Fedora". Yay. After that, someone cleans it up and ports it to FreeBSD. After that, it may get ported to OpenBSD.
For reference, this is being written on a three monitor OpenBSD box I use as my primary desktop machine when I'm not supporting Windows people (OSs that crash pay the bills better). Firefox running in one screen, Mozilla (for mail) in another (I'm not happy with Thunderbird yet), xmms playing Chris Smither, several chat windows running, vi all over the place,
As for the concept of quality over quantity, I don't think is uniquely OpenBSD, but it is close. People often say "security matters", but they still want to run their favorite app, and have their favorite buzzword feature, even if they don't need it (i.e., "I'd like OpenBSD's security, but since it didn't support the second processor on my dual P200, I'm going to go use
It is probably worth pointing out that while insecure apps generally aren't ported, and proven buggy apps are removed from ports, ports are not as carefully audited as the core OS. OpenBSD itself starts off pretty secure, but if you run an insecure app, all bets are off. Of course.
No, installation and learning OpenBSD really isn't difficult. The disk layout is probably the most difficult, but also an incredibly powerful feature. OpenBSD users often end up using OpenBSD's fdisk to clean up messes in other OSs, because it just assumes you have the brain and know what you want to do, and it won't stand in your way.
As for running on older HW...the stock X environment runs ok on some pretty anemic HW -- I had a terminal server running on a P233 (actually, a P90 with an Kingston accelerator, and that was mostly because, while X ran fine on the P90, it took annoyingly long to load, and I had the accelerator). However, if you want KDE and Mozilla and other BIG apps, you will be wanting something fast. This is an AMD XP2000+, and Mozilla is STILL annoying (ok, I'm used to Netscape 4 running on fast HW) (I also do a lot of testing of VERY SLOW HW -- 80386/25MHz, Mac68k, early SPARC systems...so when I'm sitting in front of a 4 digit MHZ machine, it better kick butt.
As for what you need for a GUI, you either need patience or HW. OpenBSD is about as lean in the base system as things get. I've used X on a 100MHz SPARC system, the reason it's not doing that now is while the 1600x1200 screen was great for monitoring builds, the ssh connect time got annoying.
Yes. And so are the Linux users, and ..., and the AS/400 users, and the...
Well, certainly the developers are, but most AS/400 users have no clue that they are using an AS/400. In those cirles, that's actually a good thing.
"The empty vessel makes the greatest sound." -- William Shakespeare; Henry V, 4. 4
** Flame disclaimer - comments below are my opinion and personal experience **
Question to you or anyone. Why would it not be a good desktop system? Just ease of use, or lack of apps, or what?
A combination of all of the above. Getting Gnome/KDE working on FreeBSD isn't quite as no-brainer-ish as it is on say RH9 or Suse. Getting it working on OpenBSD (as with most apps) is another notch up the difficultly ladder. Anyone who knows what ~/.xinitrc means will have OBSD or FBSD up and running with their desktop of choice in an evening, but expect more 'care and feeding' initially.
Aren't most apps that most folks use on a typical desktop available? Browser, email, chat client, media players, editors, etc?
Yes. The vast majority are, and with ports you have the option of a Gentoo-like optimized compile for your hardware.
Just wondering because I keep threatening myself to switch from Linux, for better firewalling and a tighter but smaller community.
This goes both ways, sometimes its more difficult to find a solution to your specific problem in the community. Also, some of the OBSD folk have been known to be a bit....a....abrasive(?)
I like that the apps get relooked at,audited before inclusion, I like that part a LOT, because I didn't know they did that. That makes sense to me. I'd rather have fewer apps, but better quality apps. I take it this concept is unique to openBSD?
Again, its a choice you get to make as far as the trade-off. The OBSD folks only do the heavy-duty auditing on the core system components (look at the web site to find out what these are). You can build an outward-facing box running these applications and know you're really getting some of the best of what's out there. OTOH, you can download source and compile this that and the other thing with X and everything else, to some degree compromising the "bulletproof OS" idea, but trading that for usability. It comes down to the trade-offs you're willing to make, and to me, it seems like most Linux variants target maximum compatibility with HW and SW, and maximum usability, potentially at the expense of performance and security and reliability. FreeBSD seems to focus on reliability, and secondarily performance and security, with a fair bit of effort still spent on usability. OBSD focuses maximum effort on security, and everything else is secondary - if something has to be sacrificied in the name of security, it is done without question, regardless if it is a minor change or a major usability or friendly feature.
Reading the description in the article for installing and a few tweaks doesn't seem that difficult at first glance. I am impressed with their claim of only one remote exploit in many years.
You can install a base system in 30 minutes using 500MB of disk if you follow the handbook on the first page of the web site. Its worth at least an evening to investigate.
Last question, how does it run on older hardware in a GUI desktop environemnt? Acceptable, fast, dog slow, what? Similar to linux from one of the big vendors?
X is X. No getting away from that.
What is a practical minimum set of hardware specs for a good GUI environemnt?
I've run a "usable" system on a 500 Celeron with 256M of RAM without tweaks. I wouldn't build brains on it, but it did what I needed.
Sorry for all the questions, but I truly am interested. The more I am on the net, the more security I want, and this latest month has seen just a slew of potentially bad news exploits. I don't want to fool with it, I think it makes more sense to start out with the best and most secure system and learn and build from that, rather than patch and patch and patch all the time and sit and surf with your fingers crossed.
At least build one OBSD as a router/firewall and put your more vulnerable machines behind it. I think a few others here have done similarly with good results.
For me, the most important thing in a desktop system is snappy responsiveness to interactive user requests. My experience has been that FreeBSD is marginally better at this than Windows XP, which is marginally better than Linux, which in turn is significantly better than NetBSD, which is marginally better than OpenBSD. (The last two do seem to be closing the gap with the others.)
NetBSD remains my favourite OS, despite offering a noticably worse interactive user experience, so I run it on some machines. My laptop, however, works much better under Windows XP, so I use Windows + Interix and NetBSD pkgsrc (still in an early stage) on it. I've tried Linux, NetBSD and OpenBSD (FreeBSD won't boot), but all the fighting to get all the hardware to work is more trouble than it's worth when Windows XP 'just works'.
I should point out I'm not at all ideological about operating systems. I use whichever works best for the job at hand, and generally don't give a toss about the licence, except to the extent that complying with it impedes ease of using the system (all things being equal, I'd pick a new-style BSD licence, since it's the least restrictive).