All Regions Argentina Australia Austria Belgium (fr) Belgium (nl) Brazil Bulgaria Canada (en) Canada (fr) Catalonia Chile China Colombia Croatia Czech Republic Denmark Estonia Finland France Germany Greece Hong Kong Hungary Iceland India (en) Indonesia (en) Ireland Israel (en) Italy Japan Korea Latvia Lithuania Malaysia (en) Mexico Netherlands New Zealand Norway Pakistan (en) Peru Philippines (en) Poland Portugal Romania Russia Saudi Arabia Singapore Slovakia Slovenia South Africa Spain (ca) Spain (es) Sweden Switzerland (de) Switzerland (fr) Taiwan Thailand (en) Turkey US (English) US (Spanish) Ukraine United Kingdom Vietnam (en) Any Time Past Day Past Week Past Month Past Year

 

 

1.	OpenBSD Journal: A resource for the OpenBSD community
	The work to improve the capabilities of the network stack is about to take a noticeable step forward. In a message to tech@ titled parallel raw IP input, Alexander Bluhm (bluhm@) posted a patch that he describes as. List: openbsd-tech Subject: parallel raw IP input From: Alexander Bluhm <bluhm openbsd ! org> Date: 2024-04-11 20:24:39 Hi, As mvs@ mentioned, running raw IP in parallel is easier ...
	undeadly.org/cgi?action=front    2024-04-11T00:00:00.0000000
2.	OpenBGPD 7.5 released
	We have released OpenBGPD 7.5, which will be arriving in the OpenBGPD directory of your local OpenBSD mirror soon. This release includes the following changes to the previous release: Implement RFC 9234 - Route Leak Prevention and Detection Using Roles in UPDATE and OPEN Messages. Full support for RFC 7911 - Advertisement of Multiple Paths in BGP .
	undeadly.org/cgi?action=article;sid=20220716101930    2022-07-15T00:00:00.0000000
3.	OpenSSH 9.6 released!
	As announced by Damien Miller OpenSSH 9.6/9.6p1 has been released.. The complete release notes may be found here: https://www.openssh.com/releasenotes.html#9.6. Among ...
	undeadly.org/cgi?action=article;sid=20231219122431    2023-12-18T00:00:00.0000000
4.	Next steps toward mimmutable, from deraadt@
	In a recent message to the tech mailing list, Theo de Raadt (deraadt@) summarized the state of the new memory protections work.The thread also includes a followup from Otto Moerbeek (otto@) on consequent changes to the memory allocation mechanisms.. Theo writes, From: "Theo de Raadt" <deraadt openbsd ! org> Date: Fri, 18 Nov 2022 03:10:05 +0000 To: openbsd-tech Subject: More on mimmutable ...
	undeadly.org/cgi?action=article;sid=20221120115616    2022-11-19T00:00:00.0000000
5.	OpenBSD Journal: A resource for the OpenBSD community
	A series of commits by Jeremie Courreges-Anglas (jca@) has modified tar(1) such that its default write format (for archives) is that of pax(1).The message with the final commit captures the gist of the change: CVSROOT: /cvs Module name: src Changes by: jca@cvs.openbsd.org 2024/04/16 17:09:35 Modified files: bin/pax : options.c tar.1 Log message: Switch tar(1) write default format to 'pax' Lets ...
	undeadly.org/cgi
6.	LibreSSL 3.7.0 Released
	We have released LibreSSL 3.7.0, which will be arriving in the. LibreSSL directory of your local OpenBSD mirror soon. This is a. development release from the 3.7.x branch, which will eventually ship. with OpenBSD 7.3. It includes the following changes: * Internal improvements. - Remove dependency on system timegm() and gmtime() by replacing.
	undeadly.org/cgi?action=article;sid=20221212183516    2022-12-12T00:00:00.0000000
7.	Getting started with cwm
	When starting cwm we get only a "blank desktop". I personaly use "xsetroot -solid steelblue" as a background. Let's start with the default key binding of Ctrl-Alt-Enter which will open a xterm. (From now on I will use C to symbolize Ctrl, M for Alt, S for Shift, M1 left mouse button and M3 for the right mouse button.
	undeadly.org/cgi?action=article&sid=20090502141551
8.	OpenBGPD 8.0 released
	The OpenBSD project has released a new version of OpenBGPD, the OpenBSD Border Gateway Protocol (BGP) routing daemon, version 8.0.The announcement reads, From: Claudio Jeker <claudio openbsd ! org> Date: Thu, 04 May 2023 16:24:30 +0000 To: openbsd-announce Subject: OpenBGPD 8.0 released We have released OpenBGPD 8.0, which will be arriving in the OpenBGPD directory of your local OpenBSD mirror ...
	undeadly.org/cgi?action=article;sid=20230505054214
9.	New 'Reckless guide to OpenBSD' published
	New 'Reckless guide to OpenBSD' published. Contributed by Peter N. M. Hansteen on 2022-02-13 from the puffyism for fun and fun dept. Crystal Kolipe writes in, saying. We've just published the first part of a new ten-part series called, 'A reckless guide to OpenBSD'. The series covers all sorts of things from configuring dpb through hacking the ...
	undeadly.org/cgi?action=article;sid=20220214061716
10.	About the OpenBSD Journal
	OpenBSD Journal. Home Archives About Submit Story Create Account Login. About the OpenBSD Journal Purpose. The OpenBSD Journal is a site dedicated to providing news and information of interest to members of the OpenBSD community.. The site is run by a small group of volunteers. Although several OpenBSD developers are registered users of the site, and the site receives frequent contributions ...
	undeadly.org/cgi?action=about
11.	Using a Yubikey as smartcard for SSH public key authentication
	It's in -current only, so it will be available in 6.5, out in two months or so. Right now your options are: build it yourself (easy), port the port to 6.4 or upgrade to a snapshot (which is is 6.5-beta since last week).
	undeadly.org/cgi?action=article;sid=20190302235509
12.	Getting OpenBSD running on Raspberry Pi 3 - undeadly.org
	On OpenBSD the "c" partition of a hard disk refers to the entire disk, so we use "rsd1c". doas dd bs=1m if=miniroot61.fs of=/dev/rsd1c. Now remove the uSD card from your computer and insert it into the uSD slot on the back of the RPI3 card. connect the serial cable between your computer and the rPI3.
	undeadly.org/cgi?action=article&sid=20170409123528
13.	OpenSSH 9.3/9.3p1 released - undeadly.org
	On 2023-03-15 , the release of version 9.3 of OpenSSH was announced: […] This release fixes a number of security bugs. safety problem. The memory safety problem is not believed to be. security bugs. * ssh-add(1): when adding smartcard keys to ssh-agent(1) with the. per-hop desination constraints (ssh-add -h ...) added in OpenSSH.
	undeadly.org/cgi?action=article;sid=20230316040613    2023-03-15T00:00:00.0000000
14.	OpenBSD/arm64 on Apple M1 systems - undeadly.org
	The machine should now boot into the OpenBSD installer. From this. point onwards the normal OpenBSD installation instructions apply. This will keep your existing macOS install even if you select the. "(W)hole disk" option in the installer. All currently available Apple M1 machines should work (except for the.
	undeadly.org/cgi?action=article;sid=20220320115932
15.	Interview with Nicholas Marriott on tmux
	Contributed by weerd on 2009-07-12 from the screening dept. We recently reported on the fact that tmux was imported into OpenBSD. By now, several changes have gone into the tree, including new features and some fixes from other developers. We spoke with Nicholas Marriott about tmux and his ideas for the future.
	undeadly.org/cgi?action=article;sid=20090712190402
16.	Transparent network audio with mpd & sndiod
	So in the end, it's super easy to: enable network support in sndio on the remote machine i want the audio to play by adding -L<local ip> to sndiod_flags (i have two audio devices, with an input coming from the webcam): sndiod_flags="-L10.246.200.10 -f rsnd/0 -f rsnd/1". open pf on port 11025 from the sound server ip: pass in proto tcp from 10 ...
	undeadly.org/cgi?action=article&sid=20180410063454
17.	WireGuard imported into OpenBSD
	In the following commit (and a bunch of others), David Gwynne (dlg@) imported most of the code submitted recently by Jason A. Donenfeld and Matt Dunwoodie to allow you to use WireGuard natively on OpenBSD: CVSROOT: /cvs Module name: src Changes by: dlg@cvs.openbsd.org 2020/06/21 06:11:26 Modified files: sys/net : if.c Added files: sys/net : if_wg.c if_wg.h wg_cookie.c wg_cookie.h wg_noise.c wg ...
	undeadly.org/cgi?action=article;sid=20200622052207
18.	OpenBSD 6.7 and ffs2 FAQs - undeadly.org
	In OpenBSD 6.7, ffs2 is the default for new filesystems during install (with some exceptions). In OpenBSD 6.7, if you create a new filesystem manually (using newfs (8)) you will still get an FFS1 filesystem unless you force -O2 or if the filesystem will be larger than 1 TB. He also points out that this last point has been changed in -current ...
	undeadly.org/cgi?action=article;sid=20200528091634
19.	GSoC 2014: Systemd replacement utilities (systembsd)
	The purpose of this GSoC was (is) not to port systemd to *BSD in way, shape or form. Nor is it to replace the existing init (8), boot (8) or rc (8) programs. Systemd and *BSD differ fundamentally in terms of philosophy and development practices and special care was taken to only wrap the functionality of the aforementioned daemons and not ...
	undeadly.org/cgi?action=article&sid=20140915064856
20.	How to create a USB flash installer for OpenBSD
	The isolinux method is quite interesting, they provide an HD-compatible MBR and post-process the ISO with a program which searches for the location of the actual isolinux boot loader and patches it in.
	undeadly.org/cgi?action=article&sid=20140225072408
21.	Disable SMT/Hyperthreading in all Intel BIOSes
	In a message to tech@, Theo de Raadt (deraadt@) gives an update on the state-of-play regarding processor vulnerabilities: Two recently disclosed hardware bugs affected Intel cpus: - TLBleed - T1TF (the name "Foreshadow" refers to 1 of 3 aspects of this bug, more aspects are surely on the way) Solving these bugs requires new cpu microcode, a coding workaround, *AND* the disabling of SMT ...
	undeadly.org/cgi?action=article;sid=20180824024934
22.	OpenSSH U2F/FIDO support in base - undeadly.org
	support to base and tweaked OpenSSH to use them directly. This means. there will be no additional configuration hoops to jump through to use. U2F/FIDO2 security keys. Hardware backed keys can be generated using " ssh-keygen -t ecdsa-sk". (or "ed25519-sk" if your token supports it). Many tokens require to be. touched/tapped to confirm this step.
	undeadly.org/cgi?action=article;sid=20191115064850
23.	pinning all system calls
	Theo de Raadt (deraadt@) posted to tech@ regarding restrictions on the addresses from which system calls can be made.In addition to providing background, the post contains information (and a patch) for an imminent change - the introduction of a new syscall, pinsyscalls(2) [link not working at the time of writing because change not yet committed], which specifies the addresses from which ...
	undeadly.org/cgi?action=article;sid=20231209115835    2023-12-09T00:00:00.0000000