Slashdot Mirror
OpenBSD Review at DistroWatch
jpkunst writes "Robert Storey at DistroWatch com has written an in-depth and favorable review of OpenBSD: OpenBSD - For Your Eyes Only. 'The first OpenBSD memento I ever saw was a T-shirt with a picture of a cop chasing a script kiddie. That image remained etched in my mind for well over a year before I finally got my hands on a copy of this fine OS. Now that I have it installed on my machine, I only wonder what took me so long.'"
BSD IS........being nursed slowly back to health?
Under emulation...
The article is very clear and concise. While BSD was not trivial to install the very first time, it isn't too difficult for those with experience. However even noobs can install OpenBSD with this article.
BTW - A good idea is to install OpenBSD on a dedicated secondary hard disk, such as a 4GB or something that you can find for free now a days. That way you will not have to worry about ruining your partitions on your primary disk, as OpenBSD is a bit scarier with writing to your MBR than, lets say, the GUI for GRUB in the RedHat installer.
Now that OpenBSD is implementing SMP support, I wonder if (more?) high-end servers will start running it.
tasks(723) drafts(105) languages(484) examples(29106)
I wonder if BSD would benefit from changing to a similar development model as Linux. There sem to be relatively few active BSD developers, and although they do a good job, they must have a bad time trying to keep up with the latest hardware and technologies available.
Web Sig: Eddy Currents
I learned my packet filtering basics on FreeBSD. I've looked at ipchains and iptables/netfilter, but the ipfilter/pf packages just seem to be the packages that best encompass my beliefs of how firewalls should be constructed. I've always liked the syntax and organization; I suppose that's one of the major reasons I've stuck with FreeBSD for so long.
OpenBSD felt "more" secure than FreeBSD, but in terms of desktop use, FreeBSD just offered more. I'll run OpenBSD on my servers, but for my desktop I want FreeBSD.
"As Benjamin Franklin once said, the only way for three people to keep a secret is if two of them are dead. While it's doubtful that Ben was referring to computer security, many PC users have lots of little secrets stored on their hard drives. Things such as credit card numbers, a personal address book, and perhaps a few naughty photos from the New Year's Eve party."
Man, why aren't my New Year's Eve parties like that!
"True dat with a wiffle ball bat." -- kabrakan
man, the first time i ever ran into the whole BSD disklabel thing, i almost crapped a brick. I was pretty new to GNU/Linux at the time, and had not to much of a clue how widely varying the various filesystem types out there were.
anyway, it was 4am at the time. within the next twenty four hours my computer had about 8 different OS's (not installs, seperate OS's). by the end of it i had a 120 mb partition with an ultraslim windows 98 incarnation and OpenBSD in all it's cryptographic glory.
that was a fun day.
~dijjnn
non-trivial to whom? as a linux dork maybe 5 years ago, i installed BSD on a friends laptop without ever reading a single thing about BSD. He asked me if I would, then handed me the cd's. A little while later it was up and running.
non-trivial to MS-Windows users, Mac users, and Linux initiates maybe. But 5 years ago, I was barely above the status of linux newb. Ok, so it wasn't exactly trivial to do at the time, but easy enough to do without documentation.
Still, your point is well taken.
That way you will not have to worry about ruining your partitions on your primary disk, as OpenBSD is a bit scarier with writing to your MBR than, lets say, the GUI for GRUB in the RedHat installer.
You don't seem to have heard of the *feature* in Fedora Core 2 to get rid of booting from a windows partition
I have found OpenBSD to be trivial to install on one platform out of the three I have tried. When installing OpenBSD on an UltraSparc 10 there was no issues what-so-ever and everything might as well have been point and click. The x86 family of processors and the Power PC processors, however, were an entirely different story and headache all together. You'd think that with OpenBSD talking about how secure it is and how great it is, that you'd see one of those developers make some user friendly installer in order to increase the popularity of the operating system. Personally I believe that more people running more secure computers is a good thing, but thats just me and I ramble.
That's because everyone's sick of fucking hearing it!! No, you're not funny. No, you're not original. Every single thread has a post about how BSD is dying, and now every single thread has a post about how there's going to be posts about BSD is dying. It's old, it's offtopic. Just shut up.
... is the mascot they present when you visit their respective web sites.
Linux = Penguin = Warm and cuddly.
FreeBSD = Cartoony demon = Warm (hot?) and cuddly.
NetBSD = Many cartoony demons = Even warmer and cuddlier than FreeBSD.
OpenBSD = Blowfish with a leaash on another fish with a spiked collar = spiky, poisonous, and into S&M
"People that quote themselves in their signatures bother me" - athakur999
No, the BSD users have a great sense of humor and enjoy the jokes.
Unfortunately, since BSD is dying, there's not enough of them left to affect the moderation.
I am somewhere between newbie and novice when it comes to *nix. When I decided I needed a good secure operating system for my job to put their web server on, I realized that I didn't know or want to learn all the steps it takes to secure Linux.
So I decided on OpenBSD (that whole "secure by default" thing kinda enticed me). I picked up a copy of "Secure Architectures with OpenBSD" and went to work. Well, then I realized that it probably would have been faster to learn the steps to securing Linux, but I am really liking OpenBSD so far.
I can honestly say, installation was incredibly easy once I RTFM, and I'm finding it is that way with most stuff. And the things that I have hit snags on (making PHP and MySQL play nice together) have been resolved by a few posts to misc@openbsd.org.
And OpenBSD's clean filesystem makes it a lot easier to learn Unix than other OSs.
Oh, and did I mention that Ports and Packages kick ass?
but alas majority wins
Don't worry; they'll be first against the wall when the revolution^h^h^h^h^h^h^h^h^h^h^h^h^h^h metamoderation comes.
"Slashdot - News and Chat Sites Deviant". (Click "homepage" link above for details).
Just read the man pages. Amazing how down to earth and straightforward things can be if there's a group focus on simplicity. Everything is laid out in plain English. Setting up my OpenBSD box as a DHCP server took less time than doing the same thing using the GUI on my Linksys wireless AP. That's including reading the man page.
This guy is way out there
Good News Everyone!
Turns out that *BSD is stronger than ever!
According to an Inernetnews article, Netcraft has confirmed that *BSD has "dramatically increased its market penetration over the last year."
There has been a steady increase in *BSD developers over the past decade.
There are currently 307 FreeBSD developers as of the 2004 core team election.
You can read more about FreeBSD here
If you would like to try out a BSD, you can download: FreeBSD, OpenBSD, NetBSD, or DragonflyBSD
Enjoy!
I'm reading this on an openBSD system now. This is also the first time I managed to get on the internet using this system. I don't have much documentation other than the man pages. I'm hedging my bets a little on the whole SCO thing. I love linux, but if I must use BSD because of SCO, so be it. I am in general, pleased with the system, but I know my way around linux much better. The openBSD is on a dual boot machine, with the other os being Slackware. The OpenBSD install was somewhat of a stressful thing, as I didn't want to screw up the Slackware, and the install was a good bit different than a linux install.
I'm going to spill the big secret we've been keeping from the BSD is dead gang:
Beastie's horns double as neck bolts! It's alive! Alive!
Who is John Cabal?
The only potential difficulty, IMO, is getting past the the whole "partitions vs. slices" thing. The BSD and Linux versions of those ideas are dangerously similar - close enough to make a clueful Linux user think they understand then, but different enough to hose that user's system. Even then, there's nothing particularly difficult there as long as you wipe your mind of what you think you know before beginning.
Once you get past partitioning/slicing, there's really nothing to the rest of the install.
The man pages on BSD simply rock. As opposed to the man pages on most Linux distros, many of which say, "This hasn't been updated since the dawn of time, you should be using our proprietary hypertext system 'info' to get your information, dumbass." Not including the ones that were taken (as is allowed under the BSD license) directly from the BSD folk, of course. And most tools written by people influenced by their system provide equally usable man pages. Its a great cycle of documentary bliss! Or something. Either way, its pretty cool.
You're special forces then? That's great! I just love your olympics!
I guess the best bet for someone who just wants to try out BSD is Freesbie
A BSD newbie must also know that all BSDs have the same advantage over Linux. That is good documentation for development and for POSIX patterns.
But im not trying to start a flamewar, even because BSDs may not be the best OS for everyone.
for regular users, or for bigger OS flexibility, i would sugest to stay with our pal Tux! (ive used it for long time =) )
but if you want to build a stable server in which youll need to do some secure,well-documented development, BSD is always a good choice.
One must only have in mind that the BSDs are not all equal as ive read on earlier posts!! (people were talking about FreeBSD when the topic clearly states about Open).
just for the record:
NetBSD >runs on everything with 32 bits. (including toasters =D)
FreeBSD > good performance and stability. (My personal choice ! )
OpenBSD > awesome security but bad performance compared to the other 2.(what i have to work with in college)
just thought that someone needed to clear that out!
What is best in life? To crush your enemies, to see them driven before you and to hear the lamentations of their women.
#CLOUD# <-100Mbps-> *Invisible OpenBSD Bridging Firewall with Pf* <-100Mbps-> #HOST#
Works great, and keeps speed with the network.
A pretty good starter pc.conf is here
OpenBSD is also great becuase of:
spamd
AND
CARP
Part of what makes the BSD's what they are is the surrounding 'development model'.
If you change it to be more like Linux, you would have a product more like Linux and loose what makes BSD, BSD...
Neither is right/wrong, just different.
---- Booth was a patriot ----
Are BSD users really that prickly?
Yes. And so are the Linux users, and the Mac users, and the Windows users, and the BeOS users, and the Amiga users, and the OS/2 users and the AS/400 users, and the...
Did you just land on Earth or something? Everyone down here thinks thinks their idea is best and feels the need to tell someone about it.
# emerge clue-human
I'm not a prophet or a stone-age man,
I'm just a mortal with potential of a super man.
Comment removed based on user account deletion
I just started using to OpenBSD about two weeks ago because I wanted something minimal to run on some old equip that I wanted to use as an X workstation. I had attemped OpenBSD a few months ago with an old 3.4 install floppy that wouldn't work and I almost gave up. But after 3.5 came out, I wrote a new 3.5 install disk, re-read the install docs, and booted up the floppy. 10 minutes later, I had a fully functional unix with X and FVWM (the default WM instead of TWM as on most linux X installs).
/usr/local/bin to /bin and then executed vipw to make it my root shell. The second thing I did was install fluxbox which I find more functional than FVWM.
.profile. I highly recommend using pkg_add over ports unless you absolutely need to compile something to get customizations/optimizations.
So far I have been favorably impressed. I was absolutely blow away by the quickness of the install. The slowest thing about the install was the unfamiliar disk partitioning. Otherwise the only limit on speed was my bandwidth. The quick install means that there is no bloat. If you want it, install it, but you won't find useless packages installed by default like lots of linux distributions. Under Fedora, my old P3-450 used to be slugish and grind away swapping constantly. No it almost *never* swaps (at least not that I can hear)
I found the default shell csh to unfamiliar. Having come from linux, the first thing I did was install bash (statically compiled version) using pkg_add and them I moved it from
Even though ports "gets all the press" in BSD software management, I prefer to install binaries using pkg_add for most day-to-day packages that do not require customization. Do not underestimate pkg_add. It will resolve dependancies and install everyting that is a prerequisite for the package that you are asking for. It is the BSD answer to APT. It makes software installation trivial. The important thing to remember about pkg_add is to select a mirror and put a PKG_PATH=ftp://ftp.yourserver.here/ into your
Patching is all done by source diffs, so there will be some compiling there.
If you want to give OpenBSD a try without installing it head over to http://metawire.org. They offer free OpenBSD shells, they've got a pretty big community and it's a great place to play and learn with OpenBSD.
perl -e 'print $i=pack(c5, (41*2), sqrt(7056), (unpack(c,H)-2), oct(115), 10)'
Bull! OpenBSD is not just for firewalls! That's a *myth*! OpenBSD is a fully functional general-purpose OS, just like any other Unix. I've found this out after 5-plus years sticking with Debian, only to get tired of their slowing-to-a-halt release cycle and arrogant mentality. The difference being, OpenBSD are very conscious of the dangers of C programming, and strive for best programming practices, preventing the weekly buffer overflows Linux users are so used to. Plus, a proactive security stance. What you get is a bunch of realistic, rational developers and a powerfull, functional, secure OS.
OS/2? Is that like half of an operating system?
Yes. And so are the Linux users, and ..., and the AS/400 users, and the...
Well, certainly the developers are, but most AS/400 users have no clue that they are using an AS/400. In those cirles, that's actually a good thing.
"The empty vessel makes the greatest sound." -- William Shakespeare; Henry V, 4. 4
It's kind of sad how any mention of BSD degenerates into a "is it dead yet?" discussion here on /.
Seriously folks, BSD is a lot older than Linux, it has survived the rise and fall of quite a few inferior as well as superior OSes, it will survive Windows and it might even survive Linux. My point is: Who cares? It works, it is stable, it is fast, it is really free and it is available right now.
Oh, and let's not forget the fact that when you download a BSD you download a complete OS, designed from the bottom up, not a kernel with a collection of userland programs from all over the place.
Best of all: In the BSDs you don't end up tripping over the kitchen sink when all you wanted was to install a fast, secure and reliable server.
Enough already. Read the review, take OpenBSD or one of the other BSDs for a test drive and make up your own mind.
G
I got OpenBSD running the first time I tried it (2.x); I'll let everyone here in on my secret - I READ THE INSTRUCTIONS THAT POPPED UP ON MY SCREEN.
That's it. When your computer asks you a question, read the paragraph above it explaining the question before you just hit 'Enter' without thinking. This tip actually works for every OS. When my mom can't figure out how to use her email or something, I make her actually read the questions her app pops up before she impatiently hammers the 'enter' key to get through. And she realizes that nearly EVERY app is user-friendly enough to use.
Ironically, about 90% of you skipped half of the above text and just went on to the next post.
I'm not normally an irrational zealous dickhead, but I figure "When in Rome..."
Well, it depends on what you mean by "a good desktop system". I think OpenBSD is a great desktop system pretty much straight out of the box (use it as my desktop at work and home). Pretty much everything you need you will find in the ports tree (most will have pre-built packages on the CDs). I've used Linux and OpenBSD side by side for some time and the only things I can do with Linux that I can't do with OpenBSD are: hardware 3D acceleration (no OpenBSD drivers) and running certain binary only Linux apps. I think the high security of OpenBSD is at least as important on the desktop as in firewalls these days. Imagine how much less spam and worms we would have floating around if everyone had nice hardened desktops.
Here's what I do for my OpenBSD desktop:
- install the msttcorefonts package (from ports tree) for nice fonts
- install Mozilla (again, ports tree)
- install my mp3 and ogg utilities (ditto)
- install mplayer (ditto ditto)
I really don't need much else. To see a full list of my packages look here. If you want a pretty desktop I recommend installing the latest FVWM (2.5.?) and FVWM Themes from fvwm.org. Then hand tune your fvwm rcfiles.Serve Gonk.
One of the things I like about OpenBSD is their policy of not accepting things with half-assed licensing into their base distribution.
-- All that's left of me, is slight insanity, whats on the right, I don't know. -- Bob Mould
When I deployed my fw, I didn't get very far into writing the config file before it hit me: the programmers must have had to maintain other firewalls and decided to fix what sucked about them. They get it!
Man! Easy ways to compose arbitrary lists. macros that help readibility. Read in lists from external text files. Dynamic rules. I can express in one line what has taken 10 in a cisco acl. On and on. It is a real improvement - simpler, shorter human input means fewer human mistakes.
And pf follows the UNIX philosophy of keeping tools small and focussed. No http proxy - use Squid or something. Use pf to enforce the policy that browsers must go through the proxy. I use ftpsesame as an add-on to handle ftp. I have an inline fw, so the ftpproxy won't work.
I am astonished at its performance, too. Incredibly tiny amounts of memory. I'm in awe. pf is incredible.
It ties into CARP - which is a nice middle finger for Cisco's bogus load-balancing/failover patent. They implemented failover and made it secure. So you can have two or ten pf firewalls sharing state tables, unplug one (or nine) and sessions still flow. Maybe total bandwidth takes a hit, but it still flows.
I apologize for my total fanboyism. It's justified, but probably embarassing to read.