Slashdot Mirror
OpenBSD Review at DistroWatch
jpkunst writes "Robert Storey at DistroWatch com has written an in-depth and favorable review of OpenBSD: OpenBSD - For Your Eyes Only. 'The first OpenBSD memento I ever saw was a T-shirt with a picture of a cop chasing a script kiddie. That image remained etched in my mind for well over a year before I finally got my hands on a copy of this fine OS. Now that I have it installed on my machine, I only wonder what took me so long.'"
BSD IS........being nursed slowly back to health?
Under emulation...
The article is very clear and concise. While BSD was not trivial to install the very first time, it isn't too difficult for those with experience. However even noobs can install OpenBSD with this article.
BTW - A good idea is to install OpenBSD on a dedicated secondary hard disk, such as a 4GB or something that you can find for free now a days. That way you will not have to worry about ruining your partitions on your primary disk, as OpenBSD is a bit scarier with writing to your MBR than, lets say, the GUI for GRUB in the RedHat installer.
Now that OpenBSD is implementing SMP support, I wonder if (more?) high-end servers will start running it.
tasks(723) drafts(105) languages(484) examples(29106)
I wonder if BSD would benefit from changing to a similar development model as Linux. There sem to be relatively few active BSD developers, and although they do a good job, they must have a bad time trying to keep up with the latest hardware and technologies available.
Web Sig: Eddy Currents
I learned my packet filtering basics on FreeBSD. I've looked at ipchains and iptables/netfilter, but the ipfilter/pf packages just seem to be the packages that best encompass my beliefs of how firewalls should be constructed. I've always liked the syntax and organization; I suppose that's one of the major reasons I've stuck with FreeBSD for so long.
OpenBSD felt "more" secure than FreeBSD, but in terms of desktop use, FreeBSD just offered more. I'll run OpenBSD on my servers, but for my desktop I want FreeBSD.
"As Benjamin Franklin once said, the only way for three people to keep a secret is if two of them are dead. While it's doubtful that Ben was referring to computer security, many PC users have lots of little secrets stored on their hard drives. Things such as credit card numbers, a personal address book, and perhaps a few naughty photos from the New Year's Eve party."
Man, why aren't my New Year's Eve parties like that!
"True dat with a wiffle ball bat." -- kabrakan
man, the first time i ever ran into the whole BSD disklabel thing, i almost crapped a brick. I was pretty new to GNU/Linux at the time, and had not to much of a clue how widely varying the various filesystem types out there were.
anyway, it was 4am at the time. within the next twenty four hours my computer had about 8 different OS's (not installs, seperate OS's). by the end of it i had a 120 mb partition with an ultraslim windows 98 incarnation and OpenBSD in all it's cryptographic glory.
that was a fun day.
~dijjnn
non-trivial to whom? as a linux dork maybe 5 years ago, i installed BSD on a friends laptop without ever reading a single thing about BSD. He asked me if I would, then handed me the cd's. A little while later it was up and running.
non-trivial to MS-Windows users, Mac users, and Linux initiates maybe. But 5 years ago, I was barely above the status of linux newb. Ok, so it wasn't exactly trivial to do at the time, but easy enough to do without documentation.
Still, your point is well taken.
That way you will not have to worry about ruining your partitions on your primary disk, as OpenBSD is a bit scarier with writing to your MBR than, lets say, the GUI for GRUB in the RedHat installer.
You don't seem to have heard of the *feature* in Fedora Core 2 to get rid of booting from a windows partition
I have found OpenBSD to be trivial to install on one platform out of the three I have tried. When installing OpenBSD on an UltraSparc 10 there was no issues what-so-ever and everything might as well have been point and click. The x86 family of processors and the Power PC processors, however, were an entirely different story and headache all together. You'd think that with OpenBSD talking about how secure it is and how great it is, that you'd see one of those developers make some user friendly installer in order to increase the popularity of the operating system. Personally I believe that more people running more secure computers is a good thing, but thats just me and I ramble.
That's because everyone's sick of fucking hearing it!! No, you're not funny. No, you're not original. Every single thread has a post about how BSD is dying, and now every single thread has a post about how there's going to be posts about BSD is dying. It's old, it's offtopic. Just shut up.
Fahking sheet, meng, you are über1337!!!
... is the mascot they present when you visit their respective web sites.
Linux = Penguin = Warm and cuddly.
FreeBSD = Cartoony demon = Warm (hot?) and cuddly.
NetBSD = Many cartoony demons = Even warmer and cuddlier than FreeBSD.
OpenBSD = Blowfish with a leaash on another fish with a spiked collar = spiky, poisonous, and into S&M
"People that quote themselves in their signatures bother me" - athakur999
No, the BSD users have a great sense of humor and enjoy the jokes.
Unfortunately, since BSD is dying, there's not enough of them left to affect the moderation.
I am somewhere between newbie and novice when it comes to *nix. When I decided I needed a good secure operating system for my job to put their web server on, I realized that I didn't know or want to learn all the steps it takes to secure Linux.
So I decided on OpenBSD (that whole "secure by default" thing kinda enticed me). I picked up a copy of "Secure Architectures with OpenBSD" and went to work. Well, then I realized that it probably would have been faster to learn the steps to securing Linux, but I am really liking OpenBSD so far.
I can honestly say, installation was incredibly easy once I RTFM, and I'm finding it is that way with most stuff. And the things that I have hit snags on (making PHP and MySQL play nice together) have been resolved by a few posts to misc@openbsd.org.
And OpenBSD's clean filesystem makes it a lot easier to learn Unix than other OSs.
Oh, and did I mention that Ports and Packages kick ass?
what do i do, oh slashdot moderators, to please you in your infinite wisdom?
Stop worrying about moderation and stop whining about karma. Thanks in advance.
but alas majority wins
Don't worry; they'll be first against the wall when the revolution^h^h^h^h^h^h^h^h^h^h^h^h^h^h metamoderation comes.
"Slashdot - News and Chat Sites Deviant". (Click "homepage" link above for details).
Just read the man pages. Amazing how down to earth and straightforward things can be if there's a group focus on simplicity. Everything is laid out in plain English. Setting up my OpenBSD box as a DHCP server took less time than doing the same thing using the GUI on my Linksys wireless AP. That's including reading the man page.
This guy is way out there
Good News Everyone!
Turns out that *BSD is stronger than ever!
According to an Inernetnews article, Netcraft has confirmed that *BSD has "dramatically increased its market penetration over the last year."
There has been a steady increase in *BSD developers over the past decade.
There are currently 307 FreeBSD developers as of the 2004 core team election.
You can read more about FreeBSD here
If you would like to try out a BSD, you can download: FreeBSD, OpenBSD, NetBSD, or DragonflyBSD
Enjoy!
I'm reading this on an openBSD system now. This is also the first time I managed to get on the internet using this system. I don't have much documentation other than the man pages. I'm hedging my bets a little on the whole SCO thing. I love linux, but if I must use BSD because of SCO, so be it. I am in general, pleased with the system, but I know my way around linux much better. The openBSD is on a dual boot machine, with the other os being Slackware. The OpenBSD install was somewhat of a stressful thing, as I didn't want to screw up the Slackware, and the install was a good bit different than a linux install.
Well, it won't hurt. I think they decided to take the plunge because of the dual-core CPUs starting to come out.
I rarely criticize things I don't care about.
Taken from the article :
:)
Below is a copy of my file ppp.conf which you can cut and paste, but you'll have to edit five settings. In particular:
1) MODEM_DEVICE_NAME
2) ANY_WORD
3) PHONE_NO
4) USER_NAME
5) ISP_LOGIN_NAME
6) MY_PASSWORD
5 settings eh? Well there you go!
Side note: my mate has been running openBSD as a squid proxy server for years now - only crash it had was when the hard disk developed bad sectors... didn't kill it straight away, but once the bad sectors hit the kernel it had issues
I'm going to spill the big secret we've been keeping from the BSD is dead gang:
Beastie's horns double as neck bolts! It's alive! Alive!
Who is John Cabal?
The only potential difficulty, IMO, is getting past the the whole "partitions vs. slices" thing. The BSD and Linux versions of those ideas are dangerously similar - close enough to make a clueful Linux user think they understand then, but different enough to hose that user's system. Even then, there's nothing particularly difficult there as long as you wipe your mind of what you think you know before beginning.
Once you get past partitioning/slicing, there's really nothing to the rest of the install.
The man pages on BSD simply rock. As opposed to the man pages on most Linux distros, many of which say, "This hasn't been updated since the dawn of time, you should be using our proprietary hypertext system 'info' to get your information, dumbass." Not including the ones that were taken (as is allowed under the BSD license) directly from the BSD folk, of course. And most tools written by people influenced by their system provide equally usable man pages. Its a great cycle of documentary bliss! Or something. Either way, its pretty cool.
You're special forces then? That's great! I just love your olympics!
I guess the best bet for someone who just wants to try out BSD is Freesbie
A BSD newbie must also know that all BSDs have the same advantage over Linux. That is good documentation for development and for POSIX patterns.
But im not trying to start a flamewar, even because BSDs may not be the best OS for everyone.
for regular users, or for bigger OS flexibility, i would sugest to stay with our pal Tux! (ive used it for long time =) )
but if you want to build a stable server in which youll need to do some secure,well-documented development, BSD is always a good choice.
One must only have in mind that the BSDs are not all equal as ive read on earlier posts!! (people were talking about FreeBSD when the topic clearly states about Open).
just for the record:
NetBSD >runs on everything with 32 bits. (including toasters =D)
FreeBSD > good performance and stability. (My personal choice ! )
OpenBSD > awesome security but bad performance compared to the other 2.(what i have to work with in college)
just thought that someone needed to clear that out!
What is best in life? To crush your enemies, to see them driven before you and to hear the lamentations of their women.
#CLOUD# <-100Mbps-> *Invisible OpenBSD Bridging Firewall with Pf* <-100Mbps-> #HOST#
Works great, and keeps speed with the network.
A pretty good starter pc.conf is here
OpenBSD is also great becuase of:
spamd
AND
CARP
this all was explained why it took so long
don't like it? email austin@. live they've said to do
vodka, straight up, thank you!
Part of what makes the BSD's what they are is the surrounding 'development model'.
If you change it to be more like Linux, you would have a product more like Linux and loose what makes BSD, BSD...
Neither is right/wrong, just different.
---- Booth was a patriot ----
Are BSD users really that prickly?
Yes. And so are the Linux users, and the Mac users, and the Windows users, and the BeOS users, and the Amiga users, and the OS/2 users and the AS/400 users, and the...
Did you just land on Earth or something? Everyone down here thinks thinks their idea is best and feels the need to tell someone about it.
# emerge clue-human
I'm not a prophet or a stone-age man,
I'm just a mortal with potential of a super man.
Comment removed based on user account deletion
I just started using to OpenBSD about two weeks ago because I wanted something minimal to run on some old equip that I wanted to use as an X workstation. I had attemped OpenBSD a few months ago with an old 3.4 install floppy that wouldn't work and I almost gave up. But after 3.5 came out, I wrote a new 3.5 install disk, re-read the install docs, and booted up the floppy. 10 minutes later, I had a fully functional unix with X and FVWM (the default WM instead of TWM as on most linux X installs).
/usr/local/bin to /bin and then executed vipw to make it my root shell. The second thing I did was install fluxbox which I find more functional than FVWM.
.profile. I highly recommend using pkg_add over ports unless you absolutely need to compile something to get customizations/optimizations.
So far I have been favorably impressed. I was absolutely blow away by the quickness of the install. The slowest thing about the install was the unfamiliar disk partitioning. Otherwise the only limit on speed was my bandwidth. The quick install means that there is no bloat. If you want it, install it, but you won't find useless packages installed by default like lots of linux distributions. Under Fedora, my old P3-450 used to be slugish and grind away swapping constantly. No it almost *never* swaps (at least not that I can hear)
I found the default shell csh to unfamiliar. Having come from linux, the first thing I did was install bash (statically compiled version) using pkg_add and them I moved it from
Even though ports "gets all the press" in BSD software management, I prefer to install binaries using pkg_add for most day-to-day packages that do not require customization. Do not underestimate pkg_add. It will resolve dependancies and install everyting that is a prerequisite for the package that you are asking for. It is the BSD answer to APT. It makes software installation trivial. The important thing to remember about pkg_add is to select a mirror and put a PKG_PATH=ftp://ftp.yourserver.here/ into your
Patching is all done by source diffs, so there will be some compiling there.
Anybody have a link pertaining to the picture of which he speaks? Even better, anyone have a jpg of the picture used on the t-shirt? (this image would make an excellent addition to my bafflingly random image collection)
If you want to give OpenBSD a try without installing it head over to http://metawire.org. They offer free OpenBSD shells, they've got a pretty big community and it's a great place to play and learn with OpenBSD.
OpenBSD IS and FOREVER shall be my firewall.
perl -e 'print $i=pack(c5, (41*2), sqrt(7056), (unpack(c,H)-2), oct(115), 10)'
Bull! OpenBSD is not just for firewalls! That's a *myth*! OpenBSD is a fully functional general-purpose OS, just like any other Unix. I've found this out after 5-plus years sticking with Debian, only to get tired of their slowing-to-a-halt release cycle and arrogant mentality. The difference being, OpenBSD are very conscious of the dangers of C programming, and strive for best programming practices, preventing the weekly buffer overflows Linux users are so used to. Plus, a proactive security stance. What you get is a bunch of realistic, rational developers and a powerfull, functional, secure OS.
Sweet! Keep it up!
Which BSD are you talking about? I can install FreeBSD in my sleep. But thoughts of using raw fdisk and disklabel keep me awake at night!
Don't blame me, I didn't vote for either of them!
you must have been very very lucky is all i can say.
If you mod me down, I will become more powerful than you can imagine....
OS/2? Is that like half of an operating system?
Yes. And so are the Linux users, and ..., and the AS/400 users, and the...
Well, certainly the developers are, but most AS/400 users have no clue that they are using an AS/400. In those cirles, that's actually a good thing.
"The empty vessel makes the greatest sound." -- William Shakespeare; Henry V, 4. 4
Comment removed based on user account deletion
It's kind of sad how any mention of BSD degenerates into a "is it dead yet?" discussion here on /.
Seriously folks, BSD is a lot older than Linux, it has survived the rise and fall of quite a few inferior as well as superior OSes, it will survive Windows and it might even survive Linux. My point is: Who cares? It works, it is stable, it is fast, it is really free and it is available right now.
Oh, and let's not forget the fact that when you download a BSD you download a complete OS, designed from the bottom up, not a kernel with a collection of userland programs from all over the place.
Best of all: In the BSDs you don't end up tripping over the kitchen sink when all you wanted was to install a fast, secure and reliable server.
Enough already. Read the review, take OpenBSD or one of the other BSDs for a test drive and make up your own mind.
G
Reality has a notoriously liberal bias -- Stephen Colbert
Is there a location that has info on how to tweak OpenBSD to be a good Desktop system?
There seems to be a lot of work to get OpenBSD working as a decent Desktop system. It would be nice if somebody had all the steps needed on some website in a concise list.
My biggest hurdle is remembering to make a note of the dns server addy, _before_ booting off the floppy for an ftp install...
... OpenBSD is the One True Religion.
Although NOBODY has ever "gotten" my OpenBSD Blowfish T-Shirt. The joke is as undecipherable as the Blowfish algorithm itself.
I'm not normally an irrational zealous dickhead, but I figure "When in Rome..."
Or possibly this as an option. I know, I know, you have to buy Apple hardware, but the nice thing is that you can play around with BSD as well, pre-installed, while still getting the iApps. And chicks dig the Powerbook.
Well, I like it. YMMV.
The Independent: Reverend Spooner Arrested in Friar Tuck Incident - ISIHAC, Historical Headlines
I got OpenBSD running the first time I tried it (2.x); I'll let everyone here in on my secret - I READ THE INSTRUCTIONS THAT POPPED UP ON MY SCREEN.
That's it. When your computer asks you a question, read the paragraph above it explaining the question before you just hit 'Enter' without thinking. This tip actually works for every OS. When my mom can't figure out how to use her email or something, I make her actually read the questions her app pops up before she impatiently hammers the 'enter' key to get through. And she realizes that nearly EVERY app is user-friendly enough to use.
Ironically, about 90% of you skipped half of the above text and just went on to the next post.
I'm not normally an irrational zealous dickhead, but I figure "When in Rome..."
There is nothing stopping you from releasing it. 'Non-Free-BSD' - catchy name, I wonder if it will catch on.
I would have been part of the 90% that skipped the "above text", but it just so happened there wasn't another post, so I was actually bored enough to read your post ;). Back on topic though, I must say that OpenBSD was rather easy to install. I did not get caught on any snags, and the installation went clean. Of course I dropped BSD for another Linux distro (more specifically Cobind 0.2), due to what I believed to be BSD's lack of ease-of-use. But that's just me... and I don't even try to portray myself as a Linux-toting /. Overlord.
Why did you represent the word "architectures" as "ARCHs" (with the funky capitalization)? Why do people seem to treat any three-to-five-letter-computer-related-term as an acronym? (e.g. "MAC" instead of "Mac" (as in Macintosh, not MAC address), "LINUX" instead of "Linux", etc. etc.)?
Honey, I shrunk the Cygwin
One of the things I like about OpenBSD is their policy of not accepting things with half-assed licensing into their base distribution.
-- All that's left of me, is slight insanity, whats on the right, I don't know. -- Bob Mould
Thanks for being the 10%. Cobind, eh? Haven't heard of that one. Thanks, I'll check it out.
/var, you can put 80m. I ape the guy and it works perfect. Another testament to BSD's awesome documentation, I guess (and there are instructions for pkg_add and ports on the back of the liner notes, pkg_add being OpenBSD's apt-get, and ports being like Gentoo's source-based emerge).
OpenBSD definitely doesn't focus on ease-of-use, because the very hardcore Theo et al see "wizards" and the like as security holes. OpenBSD makes you KNOW what you're doing before you do it -- kinda unfair for us Linux guys who usually try things at random until it works. It's kind of a pain, but overall, if you value security, the initial pain of setting up XFree86 on OpenBSD is worth it. Once you get point and clicking, it's all the same.....
I also think I should have mentioned that one of the things that makes OpenBSD's install so bloody easy is that there is a line-by-line complete example install in the liner notes on the CD! Where the example guy puts 80m for
Yours truly,
Linux-Toting Slashdot Overlord
I'm not normally an irrational zealous dickhead, but I figure "When in Rome..."
When I deployed my fw, I didn't get very far into writing the config file before it hit me: the programmers must have had to maintain other firewalls and decided to fix what sucked about them. They get it!
Man! Easy ways to compose arbitrary lists. macros that help readibility. Read in lists from external text files. Dynamic rules. I can express in one line what has taken 10 in a cisco acl. On and on. It is a real improvement - simpler, shorter human input means fewer human mistakes.
And pf follows the UNIX philosophy of keeping tools small and focussed. No http proxy - use Squid or something. Use pf to enforce the policy that browsers must go through the proxy. I use ftpsesame as an add-on to handle ftp. I have an inline fw, so the ftpproxy won't work.
I am astonished at its performance, too. Incredibly tiny amounts of memory. I'm in awe. pf is incredible.
It ties into CARP - which is a nice middle finger for Cisco's bogus load-balancing/failover patent. They implemented failover and made it secure. So you can have two or ten pf firewalls sharing state tables, unplug one (or nine) and sessions still flow. Maybe total bandwidth takes a hit, but it still flows.
I apologize for my total fanboyism. It's justified, but probably embarassing to read.
But remember that the default for htdocs is under /var/www so if you have a graphics heavy website you could easily fill that and then you'll have to reconfigure apache.
I've done it quite a few times. The first few times it's scary, but it becomes second nature quick. Although I have to admin that fdisk(8) is scary, disklabel(8) however, is very friendly (IMHO) because you can use slice letter, wildcards and Human Friendly Sizes(tm) as offsets and sizes. At least on DFBSD and FreeBSD I can. I doubt OpenBSD's disklabel(8) is much different.