1. |
OpenSSH 9.2/9.2p1 released! - undeadly.org
|
|
OpenSSH 9.2 was released on 2023-02-02. It is available from the mirrors listed at https://www.openssh.com/. As should be of no surprise to undeadly readers, OpenSSH ...
|
|
undeadly.org/cgi?action=article;sid=20230202205608
2023-02-02T00:00:00.0000000
|
|
|
2. |
Using a Yubikey as smartcard for SSH public key authentication
|
|
It's in -current only, so it will be available in 6.5, out in two months or so. Right now your options are: build it yourself (easy), port the port to 6.4 or upgrade to a snapshot (which is is 6.5-beta since last week).
|
|
undeadly.org/cgi?action=article;sid=20190302235509
|
|
|
3. |
OpenBSD 7.0 released
|
|
Contributed by rueda on 2021-09-20 from the Undeadly-SYNs dept. The OpenBSD project has released OpenBSD 7.0 , the project's 51 st release. As usual, the release page offers highlights, installation and upgrade instructions, as well as links to other resources such as the detailed changelog. Notable improvements include, but are not limited to:
|
|
undeadly.org/cgi?action=article;sid=20211014144620
|
|
|
4. |
OpenSMTPD 7.5.0p0 Released
|
|
The OpenSMTPD project has released its first post-OpenBSD 7.5 version, OpenSMTPD 7.5.0p0, with a number of notable improvements.. The announcement reads, Subject: OpenSMTPD 7.5.0p0 Released From: Omar Polo <op openbsd ! org> Date: 2024-04-10 8:38:12 OpenSMTPD is a FREE implementation of the SMTP protocol with some common extensions.
|
|
undeadly.org/cgi?action=article;sid=20240410185045
2024-04-10T00:00:00.0000000
|
|
|
5. |
Introducing dhcpleased(8)
|
|
Now enabled by default on OpenBSD -current is dhcpleased (8), a dynamic host configuration protocol daemon written by florian@ (Florian Obser), who spoke with us about his work: I suppose this is either the KAME project 's fault, or if we don't want to go that far back, Theo's fault. At g2k16 he floated the idea of a network configuration daemon.
|
|
undeadly.org/cgi?action=article;sid=20210722072359
|
|
|
6. |
OpenSSH 9.3p2 released
|
|
OpenSSH 9.3p2 released. Contributed by grey on 2023-07-19 from the It's Wednesday, but you should still patch this now. dept. As announced by Damien Miller: "We've just made an OpenSSH release to fix a remotely exploitable RCE vulnerability in ssh-agent's PKCS#11 support (CVE-2023-38408).
|
|
undeadly.org/cgi?action=article;sid=20230719180438
2023-07-19T00:00:00.0000000
|
|
|
7. |
Next steps toward mimmutable, from deraadt@
|
|
In a recent message to the tech mailing list, Theo de Raadt (deraadt@) summarized the state of the new memory protections work.The thread also includes a followup from Otto Moerbeek (otto@) on consequent changes to the memory allocation mechanisms.. Theo writes, From: "Theo de Raadt" <deraadt openbsd ! org> Date: Fri, 18 Nov 2022 03:10:05 +0000 To: openbsd-tech Subject: More on mimmutable ...
|
|
undeadly.org/cgi?action=article;sid=20221120115616
2022-11-19T00:00:00.0000000
|
|
|
8. |
RSA/SHA1 signature type disabled by default in OpenSSH
|
|
In a message to tech@ Damien Miller (djm@) explained the consequences of his recent commit: RSA/SHA1, a.k.a the "ssh-rsa" signature type is now disabled by default in OpenSSH. While The SSH protocol confusingly uses overlapping names for key and signature algorithms, this does not stop the use of RSA keys and there is no need to regenerate "ssh-rsa" keys - most servers released in the last ...
|
|
undeadly.org/cgi?action=article;sid=20210830113413
|
|
|
9. |
OpenBSD KDE Status Report
|
|
OpenBSD has managed to drop KDE3 and KDE4 in the 6.8 -> 6.9 release cycle. That makes me very happy because it was a big piece of work and long discussions. This of course brings questions: Kde Plasma 5 package missing. After half a year of work, I managed to successfully update the Qt5 stack to the last LTS version 5.15.2. On the whole, the most work was updating QtWebengine.
|
|
undeadly.org/cgi?action=article;sid=20210124113220
|
|
|
10. |
Index for 2021
|
|
OpenBSD Journal. Home Archives About Submit Story Create Account Login. Archive Index for 2021. January. Preliminary OpenBSD Support Added to OBS Studio; Block spammers/abusive IPs with Pf-badhost in OpenBSD. A 'must have' security tool!
|
|
undeadly.org/cgi?action=archive;y=2021
|
|
|
11. |
Index for 2022 - undeadly.org
|
|
OpenBSD Journal. Home Archives About Submit Story Create Account Login. Archive Index for 2022. January. DRM updated; LibreSSL update; A proof of concept: running OpenBSD on the PinePhone; February. New 'Reckless guide to OpenBSD' published
|
|
undeadly.org/cgi?action=archive;y=2022
|
|
|
12. |
Soft updates (softdep) disabled for future VFS work
|
|
A low key leak from the ongoing g2k23 hackathon comes the news that soft updates (aka softdep) will, for now, be a no-op on OpenBSD-current.. The commit message by Bob Beck (beck@) reads, . From: Bob Beck <beck cvs ! openbsd ! org> Date: 2023-07-05 15:13:28 CVSROOT: /cvs Module name: src Changes by: beck@cvs.openbsd.org 2023/07/05 09:13:28 Modified files: sys/kern : vfs_syscalls.c sys/sys ...
|
|
undeadly.org/cgi?action=article;sid=20230706044554
2023-07-06T00:00:00.0000000
|
|
|
13. |
Out With the Old, in With the New
|
|
Ted Unangst (tedu@) has given out a blog post detailing some of the recent work going into OpenBSD: Notes and thoughts on various OpenBSD replacements and reductions. Existing functionality and programs are frequently rewritten and replaced for the sake of simplicity or security or whatever it is that OpenBSD is all about.
|
|
undeadly.org/cgi?action=article;sid=20150701074917
|
|
|
14. |
Help the OpenBSD Foundation Reach Its 2022 Funding Goal
|
|
The OpenBSD Foundation, which is central to funding the OpenBSD project, needs your help to reach its 2022 Fundraising Goal of $300,000. At the time of writing, the amount raised in 2022 stands at a little over 50% of the stated goal. The Foundation needs your help to sustainably fund the project. Please head over to the Foundation's donations ...
|
|
undeadly.org/cgi?action=article;sid=20221202062601
2022-12-01T00:00:00.0000000
|
|
|
15. |
September 30th, 2021 syspatches: some assembly might be required
|
|
Did you just run syspatch(8) and see it fail? Here's the reason: one of the two root certificates behind the (excellent) Let's Encrypt CA service has expired. A bug in (the "legacy" verifier of) LibreSSL also contributed. The syspatches (for OpenBSD 6.8, 032, for OpenBSD 6.9, 018) mitigate the unfortunate situation. However, your syspatch may fail if your local mirror uses a Let's Encrypt ...
|
|
undeadly.org/cgi?action=article;sid=20211001073034
|
|
|
16. |
DRM updated - undeadly.org
|
|
Contributed by rueda on 2022-01-14 from the DRM me up before you go-go dept. Johathan Gray ( jsg@) has updated DRM to Linux 5.15.14 (with support for several additional chips): CVSROOT:/cvs. Module name:src. Changes by:jsg@cvs.openbsd.org2022/01/13 23:53:17. Modified files:
|
|
undeadly.org/cgi?action=article;sid=20220115224052
|
|
|
17. |
EuroBSDCon 2023 presentations
|
|
Coimbra! dept. EuroBSDCon 2023 has now ended, and slides for many of the OpenBSD developer presentations are now available in the usual place. Video of the presentations can be expected somewhat later. Slides from the tutorial "Network Management with the OpenBSD Packet Filter Toolset" are also available. (Comments are closed)
|
|
undeadly.org/cgi?action=article;sid=20230919063240
2023-09-18T00:00:00.0000000
|
|
|
18. |
OpenBSD Developer: Ted Unangst
|
|
OpenBSD Developer: Ted Unangst. Date: 2015-10-25. On October 18th 20 years ago the first commits to the OpenBSD project landed in the CVS repository. Today on the anniversary the beastie.pl team invites all readers to a series of interviews that our staff conducted with the project developers. We continue with our eight interview - Ted Unangst. 1.
|
|
undeadly.org/features/2015/10/beastie_pl_interviews/ted-unangst.html
|
|
|
19. |
Undeadly to be Upgraded Next Week
|
|
As there have been no reports of functional bugs since the last beta, and the primary goal of the work was achieved long ago, the (main) Undeadly server is to be upgraded. The upgrade, which is expected to involve downtime of no more than one hour, is scheduled for next Tuesday, 2017-08-22 07:00 UTC.. Changes since the last public beta include:
|
|
undeadly.org/cgi?action=article;sid=20170818134621
|
|
|
20. |
3 years of undeadly!
|
|
Happy B-Day to undeadly ;-] 3 years without a sec-hole in any of the newslines... :-p Well jokes apart. Stuff I would like to read about would be propably "current" development.
|
|
undeadly.org/cgi?action=article;sid=20070410101253
|
|
|
21. |
In -current, default write format for tar(1) changed to "pax"
|
|
A series of commits by Jeremie Courreges-Anglas (jca@) has modified tar(1) such that its default write format (for archives) is that of pax(1).The message with the final commit captures the gist of the change: CVSROOT: /cvs Module name: src Changes by: jca@cvs.openbsd.org 2024/04/16 17:09:35 Modified files: bin/pax : options.c tar.1 Log message: Switch tar(1) write default format to 'pax' Lets ...
|
|
undeadly.org/cgi?action=article;sid=20240417053301
2024-04-17T00:00:00.0000000
|
|
|
22. |
Coming soon to a -current system near you: parallel raw IP input
|
|
The work to improve the capabilities of the network stack is about to take a noticeable step forward. In a message to tech@ titled parallel raw IP input, Alexander Bluhm (bluhm@) posted a patch that he describes as. List: openbsd-tech Subject: parallel raw IP input From: Alexander Bluhm <bluhm openbsd ! org> Date: 2024-04-11 20:24:39 Hi, As mvs@ mentioned, running raw IP in parallel is easier ...
|
|
undeadly.org/cgi?action=article&sid=20240418050520&ref=upstract.com
2024-04-18T00:00:00.0000000
|
|
|
23. |
Source
|
|
Source. The files available are: undeadly_allowed_signers Authorized signers of files (in "allowed signers" format).undeadly-src.tar.gz The source code and supporting files for the legacy (Undeadly-specific) system.This should be regarded as background reading for the fwobac source. fwobac/
|
|
undeadly.org/src/
|
|
|
|