
The setup of OpenBSD Amsterdam - RomanZolotarev
https://openbsd.amsterdam/setup.html
======
merlincorey
I have one of these instances (thanks Roman and team), and I have to say it's
been a lot of fun re-acquainting myself with OpenBSD.

That said, I would consider this mostly a place for experimentation and hobby
work, as I routinely am unable to connect or find that my VM has been
unexpectedly rebooted.

Now THAT said, I think they are figuring things out, because the issues have
been a lot less frequent since the big hard drive failure a month or so ago.

Anyway, if you want to learn you some OpenBSD, I highly recommend it as a
place to experiment, and you help the OpenBSD community as well through their
donation.

~~~
smhenderson
I found Absolute OpenBSD[1] to be both informative and entertaining to read.
Really anything by Michael Lucas is a good read for me.

[1] [https://mwl.io/nonfiction/os#ao2e](https://mwl.io/nonfiction/os#ao2e)

------
hoytech
Perl's rand() is not a great way to generate values that should be
unpredictable. It is seeded with only 4 bytes from /dev/urandom and is an LFSR
like rand(3).

The consequence is that the range of possible passwords is probably smaller
than was intended, and furthermore seeing previous passwords (or the random
MAC) may help in predicting passwords. Of course without seeing their entire
setup it's hard to say to what extent that is the case here.

This module may be useful (it even uses the same alphabet by default):
[https://metacpan.org/pod/Session::Token](https://metacpan.org/pod/Session::Token)

~~~
dchest
Was thinking the same. Then remembered that OpenBSD's rand(3) actually returns
result from arc4random() now. Then went to check and it seemed like Perl
doesn't actually use rand(3) from libc? At least Perl's srand(N) and then
rand() returned deterministic results, which shouldn't happen if it was using
rand(3)...

~~~
hoytech
Yes good point. I was careful not to say that perl actually uses rand(3)
because I think it may not for portability reasons. Also, I think this may
have changed at some point so might be different depending on perl version.

~~~
notaplumber
OpenBSD's carrying some local patches, Perl rand appears to be using the libc
drand48(3) on OpenBSD, which uses arc4random_buf(3) internally, unless Perl
srand is called, then it uses srand48_deterministic(3)? Not sure precisely as
it's also using arc4random(3) directly to seed something.

This is slightly different from how it's handled outside the Perl software
ecosystem, as all the srand* functions effectively became nops on OpenBSD in
favour of strong random numbers, and userland ports had to be patched to use
the deterministic variants if needed. I guess that would be hard with things
like CPAN.

[https://github.com/openbsd/src/commit/2e109fb9e8c0dc273648dd...](https://github.com/openbsd/src/commit/2e109fb9e8c0dc273648ddbc62f0a74abf9e098d#diff-b1d655ef1da257a3f4c33327fb83bd0dR20776)

[https://github.com/openbsd/src/commit/2e109fb9e8c0dc273648dd...](https://github.com/openbsd/src/commit/2e109fb9e8c0dc273648ddbc62f0a74abf9e098d#diff-6f239a14c0c4e792da78a0310d16d9a1R4652)

[https://github.com/openbsd/src/commit/2e109fb9e8c0dc273648dd...](https://github.com/openbsd/src/commit/2e109fb9e8c0dc273648ddbc62f0a74abf9e098d#diff-9dc22d2e9511b13cd64378f8671179edR3133)

Looks like upstream Perl also uses drand48 from FreeBSD, with its own internal
RNG. But I guess this can be overridden with build options.

I'd imagine something like pwgen would be better, but I doubt it matters here.

~~~
hoytech
Thank you for the details. I agree none of this probably matters much for
their use-case.

------
Fnoord
This has nothing to do with an official OpenBSD or Amsterdam project, does it?

~~~
popsickle
Nope. However, for very €60 you spend they will donate €10 to the OpenBSD
foundation, so there's always that.

------
Yuioup
Can somebody explain what this is?

~~~
vesinisa
Looks like an OpenBSD version of Docker.

~~~
popsickle
No, this is virtualization - vmm/vmd is a legit HVM.

~~~
mbrumlow
So it is better than systemd :p

~~~
dijit
it's really not comparable. SystemD is an init system (and you're conflating
systemd with CGroups in Linux, which would be part of the kernel and not
related to systemd at all) and a Hypervisor.

More comparable comparisons could be: bhyve for FreeBSD, xhyve for OSX,
virtualbox for... everything. Or QEMU/KVM on Linux.

~~~
mbrumlow
Oh man, I did not mean to type systemd! I ment docker.

~~~
dijit
Aha, that makes sense.

But still. Docker is containers, vmm is full virtualisation.

Docker can be compared to FreeBSD jails, Solaris Zones or.. actually, cgroups
in linux (for masochists).

~~~
mbrumlow
I know I know. It was a joke and a slight jab at docker :p

~~~
DonHopkins
The Urban Dictionary also defines docker as someone who makes a slight jab.

------
znedw
If you need more convincing to try OpenBSD, these interviews are nice
[https://www.bsdjobs.com/people](https://www.bsdjobs.com/people) and similar
to usesthis.com.

