Hacker Newsnew | comments | show | ask | jobs | submit login
OpenBSD 4.9 Released (openbsd.org)
83 points by there 1524 days ago | 40 comments



You might not run OpenBSD, but if you're running ssh on your Linux system, then you're actually running OpenSSH from the OpenBSD project. If you appreciate being able to access your systems more securely through ssh, please consider supporting the project by buying a CD set, tshirt or poster from them.

http://www.openbsd.org/orders.html

-----


or, you know, just donate to the project.

-----


Donations do help to fund the OpenBSD hackathons but buying CDs is still important. You can find more details here:

http://www.undeadly.org/cgi?action=article&sid=201104192...

-----


The link that points to [1] states the difference in where the money goes for CDs/donating. I wasn't aware of this split.

[1] http://marc.info/?l=openbsd-misc&m=130322381504860&w...

-----


It seems so strange that a group of some of the most knowledgable geeks we have rely on CD's to generate important parts of their funding.

-----


OpenBSD is not owned by a charity, so the founder has to do credibly-commercial stuff to get food money. Selling CDs qualifies.

-----


OpenBSD should start accepting Bitcoin donations.

-----


Actually it will run Portable OpenSSH. If you really care about donating for that cause, contacting the porting team might be a good idea.

-----


The "portable" part is not the major part of "portable OpenSSH", though. (It is nice, though.)

-----


I'm not sure what you mean. Portable openssh is openssh + support for non-openbsd systems. This also includes things like pam support. I'd say that the "portable" part is almost all there is to the "portable openssh" project.

-----


"Portable OpenSSH" is the result of adding "portable" to "OpenSSH". OpenSSH itself is clearly the main project.

-----


By the way the t-shirts are really cool and incredibly geeky. I have the whole set. I particularly love the "SSHerif" model, I have 3.

-----


Its actually one of the easiest O.S to install and work with when it comes to back-end servers for running network infrastructure type services (vpn, firewall, chat server, torrent server, dns, dhcp etc. etc.) - nothing comes close.

-----


What are some reasons for OpenBSD not being a more popular OS on web servers? I always wondered about this, as on paper OpenBSD (and FreeBSD) seem like they have the edge but most server admins end up running linux. Another case of linux being slightly easier to use and doing the job well enough?

-----


I'm a big fan of FreeBSD/OpenBSD as server OS's. I've put OpenBSD/pf to great use as firewall machines, as they're VERY easy to configure, and the docs are most everything you need. FreeBSD has been great for general-purpose workloads.

For some time OpenBSD has been regarded as "slow", in big part because it couldn't use large amounts of RAM, and it scaled across multiple cores poorly. I'm not sure if this is still the case.

-----


5.0 will lift lots of memory-related limits (significant chunks of code are already in -current).

-----


OpenBSD has never had performance as a driving criteria, and has for long time, both justly and unjustly, been considered "slow", especially on machines with more than two CPUs, when compared to Linux and FreeBSD. Though it's been 6 years or so since I did any sort of serious large scale sysadmin work with it so I don't know if things have changed.

-----


OpenBSD is not friendly to the kind of newbie who prefers HOWTOs, GUI admin tools, etc. It does have excellent man pages and tasteful text-based tools, though - e.g. http://www.openbsd.org/faq/pf/example1.html#allrules is enough to configure a SOHO firewall.

-----


> Its actually one of the easiest O.S to install.

Hmm, really? I love OpenBSD, but last I checked the installer tells you to create slices then drops you straight into fdisk. Has this been polished up? I'm just concerned "one of the easiest to install" would give a n00b the wrong impression.

-----


well, you could expect someone who handles server to know his ways around partitioning a volume?

-----


Sure, but that's not "easy to install". That's "faster for an expert to install".

The partitioner on Ubuntu's LiveCD is easy to use. (Choose full disk and go)

-----


OpenBSD installer can auto-partition the disk for you.

-----


You are correct, there's a whole disk auto-partition option now. I guess it's been a while. :)

http://www.openbsd.org/faq/faq4.html#InstDisks

-----


Yet, I'm still waiting for an automated network installer comparable with anaconda from Fedora/RHEL.

-----


NSD (Name Server Daemon) is a nice addition. It's used by RIPE root servers.

http://www.nlnetlabs.nl/svn/nsd/trunk/doc/CREDITS

-----


I routinely deploy NSD and Unbound, and I've been very pleased with them. Easy to set up and lightweight.

-----


i grew up close to these roots. glad to see Theo de Raadt and OpenBSD are alive & kicking it!

-----


The VMware Tools driver (vmt) is a nice to have.

-----


After Linux and the BSDs, are the other major offshoots of *nix? Solaris?

-----


Plan 9 is the only real Unix offshoot.

-----


I just played with Plan 9 this weekend on VirtualBox. It seems pretty awesome; too bad it never really took off.

-----


I like to keep the manuals handy so that when I'm thinking about a problem I can compare them to Stevens and Kerrisk. Often it gives a new perspective. I didn't have the patience to get fast at developing in the environment.

-----


OpenBSD is the Van Morrison of operating systems.

-----


Sexy website.

-----


"IPsec stack audit was performed, resulting in:

Several potential security problems have been identified and fixed."

...nice euphemism.

-----


So, how would you decribe what they've done? They found no trace of any backdoor whatsoever. The few parts that looked funny somehow have been rewritten in a more conservative manner, that's all.

-----


What do you mean?

-----


http://marc.info/?l=openbsd-cvs&m=129543726419518&w=... http://marc.info/?l=openbsd-cvs&m=129537785019792&w=...

-----


Also known to install FBI backdoors: http://cryptome.org/0003/fbi-backdoors.htm

-----


No. That was thoroughly investigated and no backdoors were found. http://news.ycombinator.com/item?id=2029175

-----




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact

Search: