| 1. |
OpenBSD Journal: A resource for the OpenBSD community
|
| |
In what can only be called a great stride forward in routing security, Sebastian Benoit (benno@) announced the availability of rpki-client version 9.0.The announcement reads, Subject: rpki-client 9.0 released From: Sebastian Benoit <benno openbsd ! org> Date: 2024-03-03 17:24:06 rpki-client 9.0 has just been released and will be available in the rpki-client directory of any OpenBSD mirror soon.
|
| |
undeadly.org/cgi
2024-02-29T00:00:00.0000000
|
| |
|
| 2. |
Introducing dhcpleased(8)
|
| |
Now enabled by default on OpenBSD -current is dhcpleased (8), a dynamic host configuration protocol daemon written by florian@ (Florian Obser), who spoke with us about his work: I suppose this is either the KAME project 's fault, or if we don't want to go that far back, Theo's fault. At g2k16 he floated the idea of a network configuration daemon.
|
| |
undeadly.org/cgi?action=article;sid=20210722072359
|
| |
|
| 3. |
OpenBSD 7.0 released
|
| |
Contributed by rueda on 2021-09-20 from the Undeadly-SYNs dept. The OpenBSD project has released OpenBSD 7.0 , the project's 51 st release. As usual, the release page offers highlights, installation and upgrade instructions, as well as links to other resources such as the detailed changelog. Notable improvements include, but are not limited to:
|
| |
undeadly.org/cgi?action=article;sid=20211014144620
|
| |
|
| 4. |
20 years since "and we're just starting": undeadly.org turns 20 (2024 ...
|
| |
Contributed by Peter N. M. Hansteen on 2024-04-07 from the 20 years a Puffyist dept. It's been 20 years since the first undeadly.org post appeared. At that point in our history, we had been enjoying frequent updates to the OpenBSD Journal at the deadly.org site for more than four years, and most of us thought it was an April's Fool prank when ...
|
| |
undeadly.org/cgi?action=article;sid=20240409044953
2024-04-09T04:52:58.0000000
|
| |
|
| 5. |
About the OpenBSD Journal
|
| |
OpenBSD Journal. Home Archives About Submit Story Create Account Login. About the OpenBSD Journal Purpose. The OpenBSD Journal is a site dedicated to providing news and information of interest to members of the OpenBSD community.. The site is run by a small group of volunteers. Although several OpenBSD developers are registered users of the site, and the site receives frequent contributions ...
|
| |
undeadly.org/cgi?action=about
|
| |
|
| 6. |
OpenBSD 7.4 Released
|
| |
The OpenBSD project has announced the release of OpenBSD 7.4, the 55 th release of the OpenBSD operating system.. The new release contains a number of innovations and improvements across a number of areas, including Mandatory enforcement of indirect branch targets [See earlier report].; viogpu(4), a VirtIO GPU driver [See earlier report]. vmd(8) has moved to a multi-process model for virtio(4 ...
|
| |
undeadly.org/cgi?action=article&sid=20231016130614&ref=upstract.com
2023-09-27T00:00:00.0000000
|
| |
|
| 7. |
OpenSSH 9.3p2 released
|
| |
OpenSSH 9.3p2 released. Contributed by grey on 2023-07-19 from the It's Wednesday, but you should still patch this now. dept. As announced by Damien Miller: "We've just made an OpenSSH release to fix a remotely exploitable RCE vulnerability in ssh-agent's PKCS#11 support (CVE-2023-38408).
|
| |
undeadly.org/cgi?action=article;sid=20230719180438
2023-07-19T00:00:00.0000000
|
| |
|
| 8. |
OpenBSD KDE Status Report
|
| |
OpenBSD has managed to drop KDE3 and KDE4 in the 6.8 -> 6.9 release cycle. That makes me very happy because it was a big piece of work and long discussions. This of course brings questions: Kde Plasma 5 package missing. After half a year of work, I managed to successfully update the Qt5 stack to the last LTS version 5.15.2. On the whole, the most work was updating QtWebengine.
|
| |
undeadly.org/cgi?action=article;sid=20210124113220
|
| |
|
| 9. |
Index for 2021
|
| |
OpenBSD Journal. Home Archives About Submit Story Create Account Login. Archive Index for 2021. January. Preliminary OpenBSD Support Added to OBS Studio; Block spammers/abusive IPs with Pf-badhost in OpenBSD. A 'must have' security tool!
|
| |
undeadly.org/cgi?action=archive;y=2021
|
| |
|
| 10. |
OpenBSD may soon gain further memory protections: immutable userland ...
|
| |
In a September 1st post to tech@ titled immutable userland mappings, Theo de Raadt (deraadt@) gave us a preview of code that may soon land in -current.The message leads in, In the last few years, I have been improving the strictness of userland memory layout. An example is the recent addition of MAP_STACK and msyscall().
|
| |
undeadly.org/cgi?action=article;sid=20220902100648
2022-09-02T00:00:00.0000000
|
| |
|
| 11. |
Index for 2022 - undeadly.org
|
| |
OpenBSD Journal. Home Archives About Submit Story Create Account Login. Archive Index for 2022. January. DRM updated; LibreSSL update; A proof of concept: running OpenBSD on the PinePhone; February. New 'Reckless guide to OpenBSD' published
|
| |
undeadly.org/cgi?action=archive;y=2022
|
| |
|
| 12. |
OpenBGPD 7.5 released
|
| |
We have released OpenBGPD 7.5, which will be arriving in the OpenBGPD directory of your local OpenBSD mirror soon. This release includes the following changes to the previous release: Implement RFC 9234 - Route Leak Prevention and Detection Using Roles in UPDATE and OPEN Messages. Full support for RFC 7911 - Advertisement of Multiple Paths in BGP .
|
| |
undeadly.org/cgi?action=article;sid=20220716101930
2022-07-15T00:00:00.0000000
|
| |
|
| 13. |
Using a Yubikey as smartcard for SSH public key authentication
|
| |
It's in -current only, so it will be available in 6.5, out in two months or so. Right now your options are: build it yourself (easy), port the port to 6.4 or upgrade to a snapshot (which is is 6.5-beta since last week).
|
| |
undeadly.org/cgi?action=article;sid=20190302235509
|
| |
|
| 14. |
RSA/SHA1 signature type disabled by default in OpenSSH
|
| |
In a message to tech@ Damien Miller (djm@) explained the consequences of his recent commit: RSA/SHA1, a.k.a the "ssh-rsa" signature type is now disabled by default in OpenSSH. While The SSH protocol confusingly uses overlapping names for key and signature algorithms, this does not stop the use of RSA keys and there is no need to regenerate "ssh-rsa" keys - most servers released in the last ...
|
| |
undeadly.org/cgi?action=article;sid=20210830113413
|
| |
|
| 15. |
sshd random relinking at boot
|
| |
As with library order randomisation (libc.so/libcrypto/ld.so) at boot and kernel relinking at boot, boot time relinking of sshd(8) is now implemented in -current.Theo de Raadt committed the changes: CVSROOT: /cvs Module name: src Changes by: deraadt@cvs.openbsd.org 2023/01/18 13:43:15 Modified files: usr.bin/ssh/sshd: Makefile Log message: Create and install sshd random relink kit. ../
|
| |
undeadly.org/cgi?action=article;sid=20230119075627
2023-01-19T00:00:00.0000000
|
| |
|
| 16. |
Getting OpenBSD running on Raspberry Pi 3 - undeadly.org
|
| |
On OpenBSD the "c" partition of a hard disk refers to the entire disk, so we use "rsd1c". doas dd bs=1m if=miniroot61.fs of=/dev/rsd1c. Now remove the uSD card from your computer and insert it into the uSD slot on the back of the RPI3 card. connect the serial cable between your computer and the rPI3.
|
| |
undeadly.org/cgi?action=article&sid=20170409123528
|
| |
|
| 17. |
HEADS UP: ntpd changing
|
| |
The ntpd options -s and -S are going to be removed soon and at startup. with print: -s option no longer works and will be removed soon. Please reconfigure to use constraints or trusted servers. Probably after 6.7 we'll delete the warning. Maybe for 6.8 we'll remove. -s and -S from getopt, and starting with those options will fail.
|
| |
undeadly.org/cgi?action=article;sid=20191111075815
|
| |
|
| 18. |
Wayland on OpenBSD
|
| |
Wayland on OpenBSD. Contributed by rueda on 2023-07-10 from the way to go to land dept. Matthieu Herrb ( matthieu@) has written some notes on his work at the (recently-concluded) g2k23 hackathon in Tallinn, Estonia . His article, Wayland on OpenBSD , starts: These are my notes from experimenting with building Wayland bits on OpenBSD during ...
|
| |
undeadly.org/cgi?action=article;sid=20230711113344
2023-07-10T00:00:00.0000000
|
| |
|
| 19. |
Index for 2020
|
| |
OpenBSD Journal. Home Archives About Submit Story Create Account Login. Archive Index for 2020. January. Firefox pkg for 6.6-stable will not receive latest updates. [Updated] u2k20 Hackathon Report: Alexandr Nedvedicky on PF anchors work
|
| |
undeadly.org/cgi?action=archive;y=2020
|
| |
|
| 20. |
Index for 2024 - undeadly.org
|
| |
Archive Index for. 2024. January. TSO for em(4) committed to -current. OpenBSD workstation hardening tips. DSA removal from OpenSSH. Effortless OpenBSD Audio and Desktop Screen Recording Guide. pinsyscalls(2) working in anger. KMS for Apple silicon machines.
|
| |
undeadly.org/cgi?action=archive
|
| |
|
| 21. |
OpenBSD Developer: Ted Unangst
|
| |
OpenBSD Developer: Ted Unangst. Date: 2015-10-25. On October 18th 20 years ago the first commits to the OpenBSD project landed in the CVS repository. Today on the anniversary the beastie.pl team invites all readers to a series of interviews that our staff conducted with the project developers. We continue with our eight interview - Ted Unangst. 1.
|
| |
undeadly.org/features/2015/10/beastie_pl_interviews/ted-unangst.html
|
| |
|
| 22. |
Stupid SSH Tricks: ProxyCommand
|
| |
Suppose there is an SSH server inside a remote network that does not have its SSH port exposed to the Internet (named "internal.hostname.tld"). If there is an SSH gateway host that you can SSH to (that has the ability to reach "internal"'s SSH port), you can use the netcat command with ProxyCommand in ~/.ssh/config to proxy your SSH session to "internal" through "gateway".
|
| |
undeadly.org/cgi?action=article&sid=20070925181947
|
| |
|
|
|