OpenBSD Journal
Home : : Add Story : : Archives : : About : : Create Account : : Login :
FYI: Theo de Raadt to speak at MUUG on Friday Nov 15, 2013
Contributed by jcr on Wed Nov 13 07:40:34 2013 (GMT)
from the getting-muuged dept.

Theo de Raadt (deraadt@) will be speaking at Manitoba UNIX User Group (MUUG) special meeting on November 15, 2013. Information can be found on the MUUG meetings page:

Theo de Raadt, founder of the OpenBSD project, will be giving an informal talk about... well, whatever he's comfortable talking about. We expect to hear something about OpenBSD, but the details will be a surprise for everyone (possibly even Theo)!

Food will be provided, courtesy of MUUG. All interested people are welcome. (There is no charge for this event.)

Read more...
[topicnews]
[ 0 comments ] (flat) (expanded)

Automated Mounting of Removable Disks
Contributed by jcr on Wed Nov 13 09:05:20 2013 (GMT)
from the not-allowed-to-make-mount-jokes dept.

Alexey Vatchenko (av<at>bsdua<dot>org) wrote in to tell us about his hotplug-diskmount port for automated disk mounting.

The hotplug-diskmount port is a plug-in for the OpenBSD hotplugd(8) daemon to automatically mount removable disks to the filesystem. It works with any disk types (SD cards, USB mass storage devices, card readers and CD/DVD drives). The hotplug-diskmount program is intended to be used in single user environment on desktop or laptop where the convenience of automatic mounting is really helpful.

Read more...
[topichardware]
[ 5 comments 917d11:11 ago ] (flat) (expanded)

OpenBSD adds boot(8) support for keydisk-based softraid crypto volumes
Contributed by jcr on Tue Nov 12 03:53:06 2013 (GMT)
from the shake-your-key-disk dept.

On i386 and amd64 boot(8) support has been added for keydisk-based softraid crypto volumes. Undeadly editor Sean Cody (sean<at>tinfoilhat<dot>ca) did some testing and wrote in to tell us how to use this feature.

CVSROOT:	/cvs
Module name:	src
Changes by:	stsp@cvs.openbsd.org	2013/10/20 07:25:21

Modified files:
	sys/arch/amd64/stand/boot: conf.c 
	sys/arch/amd64/stand/libsa: softraid.c 
	sys/arch/i386/stand/boot: conf.c 
	sys/arch/i386/stand/cdboot: conf.c 
	sys/arch/i386/stand/libsa: softraid.c 
	sys/arch/i386/stand/pxeboot: conf.c 

Log message:
Add i386/amd64 boot(8) support for keydisk-based softraid crypto volumes.

Read more...
[topicopenbsd]
[ 5 comments 927d8:09 ago ] (flat) (expanded)

OpenSSH Security Advisory
Contributed by jcr on Sat Nov 9 18:29:43 2013 (GMT)
from the subcafinated dept.

An OpenSSH Security Advisory (partially quoted below) was released a few hours ago. Markus Friedl (markus@) found and fixed the issue in this commit. The change has also been back-ported to OpenBSD 5.4, and OpenBSD 5.3 has been upgraded to OpenSSH 6.4 to fix this issue. Errata for OpenBSD 5.4 and OpenBSD 5.3 have been updated, and patches are available.

    A memory corruption vulnerability exists in the post-
    authentication sshd process when an AES-GCM cipher
    (aes128-gcm@openssh.com or aes256-gcm@openssh.com) is
    selected during kex exchange.

    If exploited, this vulnerability might permit code execution
    with the privileges of the authenticated user and may
    therefore allow bypassing restricted shell/command
    configurations.

Please read the entire OpenSSH Security Advisory since it contains more information and may be updated.

Read more...
[topicopenssh]
[ 0 comments ] (flat) (expanded)

OpenBSD adds fuse(4) support for adding file systems in userland
Contributed by tbert on Fri Nov 8 08:28:19 2013 (GMT)
from the short-fuse dept.

With a tiny commit log message, Sylvestre Gallon (syl@) makes a wonderfully huge change. Of course, there were tons of other commit log messages leading up to enabling fuse(4) support in OpenBSD, but this one turned on the lights so to speak. We tracked down Sylvestre to get more information on his efforts...

CVSROOT:	/cvs
Module name:	src
Changes by:	syl@	2013/11/01 07:54:45

Modified files:
	sys/conf       : GENERIC 
	lib            : Makefile 

Log message:
enable fuse.

ok deraadt@

Read more...
[topicopenbsd]
[ 3 comments 889d20:14 ago ] (flat) (expanded)

Heads Up: Syntax change for smtpd.conf(5)
Contributed by tbert on Thu Nov 7 07:32:15 2013 (GMT)
from the ch-ch-ch-changes dept.

Eric Faurot (eric@) has just committed an improved parser and format for the OpenSMTPD configuration file smtpd.conf(5). Since this is a change to both syntax and behaviour, you must check your configuration prior to upgrading. There are examples for configuration conversion on faq/current.html.

CVSROOT:	/cvs
Module name:	src
Changes by:	eric@cvs.openbsd.org	2013/11/06 03:01:29

Modified files:
	usr.sbin/smtpd : bounce.c envelope.c lka.c lka_session.c mta.c 
	                 mta_session.c parse.y ruleset.c smtp.c 
	                 smtp_session.c smtpd.c smtpd.conf.5 smtpd.h 
	                 ssl.c ssl.h to.c 

Log message:
Much much improved config parser and related changes.
Simplify code and do not impose an order on conditions and rule options.

Read more...
[topicopensmtpd]
[ 0 comments ] (flat) (expanded)

OpenBSD adds support for XBox360 controllers
Contributed by tbert on Wed Nov 6 08:28:02 2013 (GMT)
from the control-freak dept.

With the following commit, Jeremy Evans (jeremy@) has added OpenBSD XBox360 controller support as a uhid(4) device. As always when faced with an interesting commit message, the correct thing for any self-respecting undeadly editor to do is, well, start begging the developer for an interview...

CVSROOT:	/cvs
Module name:	src
Changes by:	jeremy@	2013/10/24 21:09:59

Modified files:
	sys/dev/usb    : uhidev.c 
Added files:
	sys/dev/usb    : uhid_rdesc.h 
Removed files:
	sys/dev/usb    : ugraphire_rdesc.h 

Log message:
Add support for Microsoft XBox 360 controller as a uhid. It doesn't use
the standard interface class and doesn't have a report descriptor, so
use a manually created one.

Read more...
[topicopenbsd]
[ 4 comments 933d18:49 ago ] (flat) (expanded)

b2k13 hackathon report: Henning Brauer (henning@) on Lazy IP Checksumming
Contributed by weerd on Tue Nov 5 10:08:10 2013 (GMT)
from the the-sum-of-all-evil-packets dept.

Henning Brauer (henning@) just sent in his report from the b2k13 hackathon, but there's also a short interview with Henning over on ioexception.de which you might enjoy.

Berlin was a really convenient hackathon location for me, since getting there from Hamburg feels like a little longer S-Bahn ride. The fast ICE train makes it only a 90 minute trip. I arrived half a day later than intended due to work interfering, but I quickly got going.

Read more...
[topicopenbsd]
[ 0 comments ] (flat) (expanded)

OSPF over IPsec
Contributed by tbert on Tue Nov 5 07:52:47 2013 (GMT)
from the shortest-path-measuring-contest dept.

Maxim Bourmistrov (maxim<at>unixconn<dot>com) wrote in to tell us about his Open Shortest Path First (OSPF) over IP Security Protocol (IPsec).

While looking for a solution for OSPF over IPsec, I found a lot of articles about how to do this over gre(4). The other possibility is to use gif(4) instead. I've tested both and was not quite happy with results. The gre(4) approach had some generic issues and the gif(4) approach had problems with multicast at times. Yet, I need to have "OSPF over IPsec" up and running.

Luckily, I remembered Theos' presentation about vether(4). While Theos' presentation was mostly written from developer perspective and not from administrators point of view, he left some clues about how this can be done.

The info below is how I do "OSPF over IPsec", or should I say "OSPF on top on vether on top of gif on top of IPsec".

Read more...
[topicnetworking]
[ 10 comments 936d1:18 ago ] (flat) (expanded)

Support OpenBSD!

Donate to OpenBSD

Buy OpenBSD products

Features

We are constantly on the lookout for stories of how you put OpenBSD to work. Please submit any informative articles on how OpenBSD is helping your company.

Older Stuff
Monday, November 04
00:05 BSDNow Interview With Henning Brauer (henning@) (1)
Friday, November 01
14:43 OpenBSD 5.4 Released! (4)
11:05 b2k13 hackathon report: Landry Breuil (landry@) on mozilla and other porting projects (0)
Tuesday, October 29
13:39 OpenBSD Adds Unattended Installation Support (7)
Monday, October 28
21:02 Slow Brute Force Attacks On SSH (1)
Friday, October 25
08:50 b2k13 hackathon report: Florian Obser (florian@) on nginx.conf(5), slowcgi (1)
07:15 b2k13 hackathon report: Sebastian Reitenbach (sebastia@) on GNUstep sope sogo (0)
Thursday, October 24
12:37 AsiaBSDCon 2014 Announced (3)
07:32 b2k13 hackathon report: Mike Larkin (mlarkin@) on i386 and amd64 hibernation (0)

Older Stuff...
Yesterday's Edition...

OpenBSD Errata
[xml]

OpenBSD Resources

XML/RSS/RDF
Users wishing RSS/RDF summary files of OpenBSD Journal, can retrieve: [xml]


[ Home | Add Story | Archives | Polls | About ]

Copyright © 2004-2008 Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to April 2nd 2004 as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. Some icons from slashdot.org used with permission from Kathleen. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. Search engine is ht://Dig. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]