| 1. |
OpenBSD Journal: A resource for the OpenBSD community
|
| |
In what can only be called a great stride forward in routing security, Sebastian Benoit (benno@) announced the availability of rpki-client version 9.0.The announcement reads, Subject: rpki-client 9.0 released From: Sebastian Benoit <benno openbsd ! org> Date: 2024-03-03 17:24:06 rpki-client 9.0 has just been released and will be available in the rpki-client directory of any OpenBSD mirror soon.
|
| |
undeadly.org/cgi
2024-02-29T00:00:00.0000000
|
| |
|
| 2. |
OpenBSD Journal: A resource for the OpenBSD community
|
| |
Every six months, spring and fall, a new OpenBSD release emerges on the web and familiar download mirrors . The OpenBSD project has released OpenBSD 7.5, the project's 56 th release, with numerous improvements and support for 14 hardware platforms . Notable enhancements and new features include. Updated versions of LibreSSL (version 3.9.0).
|
| |
undeadly.org/cgi?action=front
2024-02-29T00:00:00.0000000
|
| |
|
| 3. |
Using a Yubikey as smartcard for SSH public key authentication
|
| |
It's in -current only, so it will be available in 6.5, out in two months or so. Right now your options are: build it yourself (easy), port the port to 6.4 or upgrade to a snapshot (which is is 6.5-beta since last week).
|
| |
undeadly.org/cgi?action=article;sid=20190302235509
|
| |
|
| 4. |
OpenBSD 7.0 released
|
| |
Contributed by rueda on 2021-09-20 from the Undeadly-SYNs dept. The OpenBSD project has released OpenBSD 7.0 , the project's 51 st release. As usual, the release page offers highlights, installation and upgrade instructions, as well as links to other resources such as the detailed changelog. Notable improvements include, but are not limited to:
|
| |
undeadly.org/cgi?action=article;sid=20211014144620
|
| |
|
| 5. |
20 years since "and we're just starting": undeadly.org turns 20 (2024 ...
|
| |
Contributed by Peter N. M. Hansteen on 2024-04-07 from the 20 years a Puffyist dept. It's been 20 years since the first undeadly.org post appeared. At that point in our history, we had been enjoying frequent updates to the OpenBSD Journal at the deadly.org site for more than four years, and most of us thought it was an April's Fool prank when ...
|
| |
undeadly.org/cgi?action=article;sid=20240409044953
2024-04-09T04:52:58.0000000
|
| |
|
| 6. |
About the OpenBSD Journal
|
| |
OpenBSD Journal. Home Archives About Submit Story Create Account Login. About the OpenBSD Journal Purpose. The OpenBSD Journal is a site dedicated to providing news and information of interest to members of the OpenBSD community.. The site is run by a small group of volunteers. Although several OpenBSD developers are registered users of the site, and the site receives frequent contributions ...
|
| |
undeadly.org/cgi?action=about
|
| |
|
| 7. |
OpenBSD 7.4 Released
|
| |
The OpenBSD project has announced the release of OpenBSD 7.4, the 55 th release of the OpenBSD operating system.. The new release contains a number of innovations and improvements across a number of areas, including Mandatory enforcement of indirect branch targets [See earlier report].; viogpu(4), a VirtIO GPU driver [See earlier report]. vmd(8) has moved to a multi-process model for virtio(4 ...
|
| |
undeadly.org/cgi?action=article&sid=20231016130614&ref=upstract.com
2023-09-27T00:00:00.0000000
|
| |
|
| 8. |
Introducing dhcpleased(8)
|
| |
Now enabled by default on OpenBSD -current is dhcpleased (8), a dynamic host configuration protocol daemon written by florian@ (Florian Obser), who spoke with us about his work: I suppose this is either the KAME project 's fault, or if we don't want to go that far back, Theo's fault. At g2k16 he floated the idea of a network configuration daemon.
|
| |
undeadly.org/cgi?action=article;sid=20210722072359
|
| |
|
| 9. |
OpenSSH 9.3p2 released
|
| |
OpenSSH 9.3p2 released. Contributed by grey on 2023-07-19 from the It's Wednesday, but you should still patch this now. dept. As announced by Damien Miller: "We've just made an OpenSSH release to fix a remotely exploitable RCE vulnerability in ssh-agent's PKCS#11 support (CVE-2023-38408).
|
| |
undeadly.org/cgi?action=article;sid=20230719180438
2023-07-19T00:00:00.0000000
|
| |
|
| 10. |
RSA/SHA1 signature type disabled by default in OpenSSH
|
| |
In a message to tech@ Damien Miller (djm@) explained the consequences of his recent commit: RSA/SHA1, a.k.a the "ssh-rsa" signature type is now disabled by default in OpenSSH. While The SSH protocol confusingly uses overlapping names for key and signature algorithms, this does not stop the use of RSA keys and there is no need to regenerate "ssh-rsa" keys - most servers released in the last ...
|
| |
undeadly.org/cgi?action=article;sid=20210830113413
|
| |
|
| 11. |
Introduction to sysclean(8)
|
| |
Introduction to. sysclean(8) Contributed by rueda on 2023-09-27 from the keep-it-clean! dept. Many OpenBSD sysadmins find the sysclean(8) port useful for removing obsolete files following upgrades. Sebastien Marie ( semarie@ ), the author of sysclean(8) , has written a piece giving an under-the-hood look at the operation of this handy utility.
|
| |
undeadly.org/cgi?action=article;sid=20230927103221
2023-09-27T00:00:00.0000000
|
| |
|
| 12. |
OpenBSD KDE Status Report
|
| |
OpenBSD has managed to drop KDE3 and KDE4 in the 6.8 -> 6.9 release cycle. That makes me very happy because it was a big piece of work and long discussions. This of course brings questions: Kde Plasma 5 package missing. After half a year of work, I managed to successfully update the Qt5 stack to the last LTS version 5.15.2. On the whole, the most work was updating QtWebengine.
|
| |
undeadly.org/cgi?action=article;sid=20210124113220
|
| |
|
| 13. |
Index for 2021
|
| |
OpenBSD Journal. Home Archives About Submit Story Create Account Login. Archive Index for 2021. January. Preliminary OpenBSD Support Added to OBS Studio; Block spammers/abusive IPs with Pf-badhost in OpenBSD. A 'must have' security tool!
|
| |
undeadly.org/cgi?action=archive;y=2021
|
| |
|
| 14. |
HEADS UP: ntpd changing
|
| |
The ntpd options -s and -S are going to be removed soon and at startup. with print: -s option no longer works and will be removed soon. Please reconfigure to use constraints or trusted servers. Probably after 6.7 we'll delete the warning. Maybe for 6.8 we'll remove. -s and -S from getopt, and starting with those options will fail.
|
| |
undeadly.org/cgi?action=article;sid=20191111075815
|
| |
|
| 15. |
Next steps toward mimmutable, from deraadt@
|
| |
In a recent message to the tech mailing list, Theo de Raadt (deraadt@) summarized the state of the new memory protections work.The thread also includes a followup from Otto Moerbeek (otto@) on consequent changes to the memory allocation mechanisms.. Theo writes, From: "Theo de Raadt" <deraadt openbsd ! org> Date: Fri, 18 Nov 2022 03:10:05 +0000 To: openbsd-tech Subject: More on mimmutable ...
|
| |
undeadly.org/cgi?action=article;sid=20221120115616
2022-11-19T00:00:00.0000000
|
| |
|
| 16. |
OpenBSD and you, the 6.8 update - undeadly.org
|
| |
I hope this will be useful in your advocacy or education on OpenBSD and why the project matters. In case you were wondering, this is an update on a talk we covered previously, with updates to cover the more recent OpenBSD 6.8 . (Comments are closed) Comments. By bgpepi (bgpepi) bgpepi@gmail.com on. By Magic carpet (bodie) on.
|
| |
undeadly.org/cgi?action=article;sid=20201109055713
|
| |
|
| 17. |
OpenBGPD 7.5 released
|
| |
We have released OpenBGPD 7.5, which will be arriving in the OpenBGPD directory of your local OpenBSD mirror soon. This release includes the following changes to the previous release: Implement RFC 9234 - Route Leak Prevention and Detection Using Roles in UPDATE and OPEN Messages. Full support for RFC 7911 - Advertisement of Multiple Paths in BGP .
|
| |
undeadly.org/cgi?action=article;sid=20220716101930
2022-07-15T00:00:00.0000000
|
| |
|
| 18. |
OpenBSD 6.7 and ffs2 FAQs - undeadly.org
|
| |
In OpenBSD 6.7, ffs2 is the default for new filesystems during install (with some exceptions). In OpenBSD 6.7, if you create a new filesystem manually (using newfs (8)) you will still get an FFS1 filesystem unless you force -O2 or if the filesystem will be larger than 1 TB. He also points out that this last point has been changed in -current ...
|
| |
undeadly.org/cgi?action=article;sid=20200528091634
|
| |
|
| 19. |
OpenBSD may soon gain further memory protections: immutable userland ...
|
| |
In a September 1st post to tech@ titled immutable userland mappings, Theo de Raadt (deraadt@) gave us a preview of code that may soon land in -current.The message leads in, In the last few years, I have been improving the strictness of userland memory layout. An example is the recent addition of MAP_STACK and msyscall().
|
| |
undeadly.org/cgi?action=article;sid=20220902100648
2022-09-02T00:00:00.0000000
|
| |
|
| 20. |
Index for 2022 - undeadly.org
|
| |
OpenBSD Journal. Home Archives About Submit Story Create Account Login. Archive Index for 2022. January. DRM updated; LibreSSL update; A proof of concept: running OpenBSD on the PinePhone; February. New 'Reckless guide to OpenBSD' published
|
| |
undeadly.org/cgi?action=archive;y=2022
|
| |
|
| 21. |
Getting OpenBSD running on Raspberry Pi 3 - undeadly.org
|
| |
On OpenBSD the "c" partition of a hard disk refers to the entire disk, so we use "rsd1c". doas dd bs=1m if=miniroot61.fs of=/dev/rsd1c. Now remove the uSD card from your computer and insert it into the uSD slot on the back of the RPI3 card. connect the serial cable between your computer and the rPI3.
|
| |
undeadly.org/cgi?action=article&sid=20170409123528
|
| |
|
| 22. |
Initial support for guided disk encryption in the installer
|
| |
The OpenBSD installer now has basic support for configuring disk encryption during the regular installation process. Previously, disk encryption needed to be set up manually by dropping to the shell from the installer. Initial support, likely to be expanded upon, was committed by Klemens Nanni ( kn@) on March 7, 2023 . The commit reads,
|
| |
undeadly.org/cgi?action=article;sid=20230308063109
2023-03-07T00:00:00.0000000
|
| |
|
|
|