1. |
OpenSSH 9.2/9.2p1 released! - undeadly.org
|
|
OpenSSH 9.2 was released on 2023-02-02. It is available from the mirrors listed at https://www.openssh.com/. As should be of no surprise to undeadly readers, OpenSSH ...
|
|
undeadly.org/cgi?action=article;sid=20230202205608
2023-02-02T00:00:00.0000000
|
|
|
2. |
OpenBSD Journal: A resource for the OpenBSD community
|
|
The work to improve the capabilities of the network stack is about to take a noticeable step forward. In a message to tech@ titled parallel raw IP input, Alexander Bluhm (bluhm@) posted a patch that he describes as. List: openbsd-tech Subject: parallel raw IP input From: Alexander Bluhm <bluhm openbsd ! org> Date: 2024-04-11 20:24:39 Hi, As mvs@ mentioned, running raw IP in parallel is easier ...
|
|
undeadly.org/cgi
2024-04-22T00:00:00.0000000
|
|
|
3. |
OpenSSH 9.7/9.7p1 released!
|
|
OpenSSH 9.7/9.7p1 has been released. The complete release notes may be found here: https://www.openssh.com/releasenotes.html#9.7p1 OpenSSH 9.7/9.7p1 (2024-03-11 ...
|
|
undeadly.org/cgi?action=article;sid=20240312065313
2024-03-11T00:00:00.0000000
|
|
|
4. |
OpenBGPD 8.0 released
|
|
The OpenBSD project has released a new version of OpenBGPD, the OpenBSD Border Gateway Protocol (BGP) routing daemon, version 8.0.The announcement reads, From: Claudio Jeker <claudio openbsd ! org> Date: Thu, 04 May 2023 16:24:30 +0000 To: openbsd-announce Subject: OpenBGPD 8.0 released We have released OpenBGPD 8.0, which will be arriving in the OpenBGPD directory of your local OpenBSD mirror ...
|
|
undeadly.org/cgi?action=article;sid=20230505054214
|
|
|
5. |
20 years since "and we're just starting": undeadly.org turns 20 (2024 ...
|
|
Contributed by Peter N. M. Hansteen on 2024-04-07 from the 20 years a Puffyist dept. It's been 20 years since the first undeadly.org post appeared. At that point in our history, we had been enjoying frequent updates to the OpenBSD Journal at the deadly.org site for more than four years, and most of us thought it was an April's Fool prank when ...
|
|
undeadly.org/cgi?action=article;sid=20240409044953
2024-04-07T00:00:00.0000000
|
|
|
6. |
OpenBGPD 7.5 released
|
|
We have released OpenBGPD 7.5, which will be arriving in the OpenBGPD directory of your local OpenBSD mirror soon. This release includes the following changes to the previous release: Implement RFC 9234 - Route Leak Prevention and Detection Using Roles in UPDATE and OPEN Messages. Full support for RFC 7911 - Advertisement of Multiple Paths in BGP .
|
|
undeadly.org/cgi?action=article;sid=20220716101930
2022-07-15T00:00:00.0000000
|
|
|
7. |
OpenSSH 9.3/9.3p1 released - undeadly.org
|
|
On 2023-03-15 , the release of version 9.3 of OpenSSH was announced: […] This release fixes a number of security bugs. safety problem. The memory safety problem is not believed to be. security bugs. * ssh-add(1): when adding smartcard keys to ssh-agent(1) with the. per-hop desination constraints (ssh-add -h ...) added in OpenSSH.
|
|
undeadly.org/cgi?action=article;sid=20230316040613
2023-03-15T00:00:00.0000000
|
|
|
8. |
Initial support for guided disk encryption in the installer
|
|
The OpenBSD installer now has basic support for configuring disk encryption during the regular installation process. Previously, disk encryption needed to be set up manually by dropping to the shell from the installer. Initial support, likely to be expanded upon, was committed by Klemens Nanni ( kn@) on March 7, 2023 . The commit reads,
|
|
undeadly.org/cgi?action=article;sid=20230308063109
2023-03-07T00:00:00.0000000
|
|
|
9. |
OpenBSD 7.4 Released
|
|
The OpenBSD project has announced the release of OpenBSD 7.4, the 55 th release of the OpenBSD operating system.. The new release contains a number of innovations and improvements across a number of areas, including Mandatory enforcement of indirect branch targets [See earlier report].; viogpu(4), a VirtIO GPU driver [See earlier report]. vmd(8) has moved to a multi-process model for virtio(4 ...
|
|
undeadly.org/cgi?action=article&sid=20231016130614&ref=upstract.com
2023-09-27T00:00:00.0000000
|
|
|
10. |
Next steps toward mimmutable, from deraadt@
|
|
In a recent message to the tech mailing list, Theo de Raadt (deraadt@) summarized the state of the new memory protections work.The thread also includes a followup from Otto Moerbeek (otto@) on consequent changes to the memory allocation mechanisms.. Theo writes, From: "Theo de Raadt" <deraadt openbsd ! org> Date: Fri, 18 Nov 2022 03:10:05 +0000 To: openbsd-tech Subject: More on mimmutable ...
|
|
undeadly.org/cgi?action=article;sid=20221120115616
2022-11-19T00:00:00.0000000
|
|
|
11. |
About the OpenBSD Journal
|
|
OpenBSD Journal. Home Archives About Submit Story Create Account Login. About the OpenBSD Journal Purpose. The OpenBSD Journal is a site dedicated to providing news and information of interest to members of the OpenBSD community.. The site is run by a small group of volunteers. Although several OpenBSD developers are registered users of the site, and the site receives frequent contributions ...
|
|
undeadly.org/cgi?action=about
|
|
|
12. |
Using a Yubikey as smartcard for SSH public key authentication
|
|
It's in -current only, so it will be available in 6.5, out in two months or so. Right now your options are: build it yourself (easy), port the port to 6.4 or upgrade to a snapshot (which is is 6.5-beta since last week).
|
|
undeadly.org/cgi?action=article;sid=20190302235509
|
|
|
13. |
RSA/SHA1 signature type disabled by default in OpenSSH
|
|
RSA/SHA1, a.k.a the "ssh-rsa" signature type is now disabled by default. in OpenSSH. While The SSH protocol confusingly uses overlapping names for key and. signature algorithms, this does not stop the use of RSA keys and there. is no need to regenerate "ssh-rsa" keys - most servers released in the. last five years will automatically negotiate ...
|
|
undeadly.org/cgi?action=article;sid=20210830113413
|
|
|
14. |
OpenBSD may soon gain further memory protections: immutable userland ...
|
|
In a September 1st post to tech@ titled immutable userland mappings, Theo de Raadt (deraadt@) gave us a preview of code that may soon land in -current.The message leads in, In the last few years, I have been improving the strictness of userland memory layout. An example is the recent addition of MAP_STACK and msyscall().
|
|
undeadly.org/cgi?action=article;sid=20220902100648
2022-09-02T00:00:00.0000000
|
|
|
15. |
OpenBSD KDE Status Report
|
|
OpenBSD has managed to drop KDE3 and KDE4 in the 6.8 -> 6.9 release cycle. That makes me very happy because it was a big piece of work and long discussions. This of course brings questions: Kde Plasma 5 package missing. After half a year of work, I managed to successfully update the Qt5 stack to the last LTS version 5.15.2. On the whole, the most work was updating QtWebengine.
|
|
undeadly.org/cgi?action=article;sid=20210124113220
|
|
|
16. |
EuroBSDCon 2023 presentations
|
|
Coimbra! dept. EuroBSDCon 2023 has now ended, and slides for many of the OpenBSD developer presentations are now available in the usual place. Video of the presentations can be expected somewhat later. Slides from the tutorial "Network Management with the OpenBSD Packet Filter Toolset" are also available. (Comments are closed)
|
|
undeadly.org/cgi?action=article;sid=20230919063240
2023-09-18T00:00:00.0000000
|
|
|
17. |
Soft updates (softdep) disabled for future VFS work
|
|
A low key leak from the ongoing g2k23 hackathon comes the news that soft updates (aka softdep) will, for now, be a no-op on OpenBSD-current.. The commit message by Bob Beck (beck@) reads, . From: Bob Beck <beck cvs ! openbsd ! org> Date: 2023-07-05 15:13:28 CVSROOT: /cvs Module name: src Changes by: beck@cvs.openbsd.org 2023/07/05 09:13:28 Modified files: sys/kern : vfs_syscalls.c sys/sys ...
|
|
undeadly.org/cgi?action=article;sid=20230706044554
2023-07-05T00:00:00.0000000
|
|
|
18. |
Tunneling vxlan(4) over WireGuard wg(4) - undeadly.org
|
|
Rob Turner writes in about a practical guide to running vxlan(4) over a WireGuard (wg(4)) connection. Rob writes, I struggled to find much more info than Reyk's ...
|
|
undeadly.org/cgi?action=article;sid=20230214061330
2023-02-13T00:00:00.0000000
|
|
|
19. |
OpenBSD -current drops -beta tag, goes to 7.5
|
|
A clear sign that the OpenBSD 7.5 release cycle is entering the final phases just emerged.. In this commit, Theo de Raadt (deraadt@) changed the version string to 7.5:. From: Theo de Raadt <deraadt cvs ! openbsd ! org> Date: 2024-02-29 17:05:10 CVSROOT: /cvs Module name: src Changes by: deraadt@cvs.openbsd.org 2024/02/29 10:05:10 Modified files: sys/conf : newvers.sh Log message: move from 7.5 ...
|
|
undeadly.org/cgi?action=article;sid=20240301064504
2024-02-29T00:00:00.0000000
|
|
|
20. |
Passphrase timeout for disk decryption at boot added (potential battery ...
|
|
Add boot.conf(8) 'mach idle [secs]' to halt at idle passphrase prompts. Enable users to power down their machines if there was no input after N. seconds during disk descryption. Motivation is to save battery and prevent pocket heaters when notebooks. unhibernate (e.g. lid accidentially opened) and sit at "Passphrase: ".
|
|
undeadly.org/cgi?action=article;sid=20240426083308
2024-04-26T00:00:00.0000000
|
|
|
21. |
Wayland on OpenBSD
|
|
Matthieu Herrb (matthieu@) has written some notes on his work at the (recently-concluded) g2k23 hackathon in Tallinn, Estonia.His article, Wayland on OpenBSD, starts: These are my notes from experimenting with building Wayland bits on OpenBSD during g2k23 in Tallinn… Thanks to the OpenBSD foundation for organizing this event.
|
|
undeadly.org/cgi?action=article;sid=20230711113344
2023-07-10T00:00:00.0000000
|
|
|
22. |
OpenBSD gains Wi-Fi "auto-join"
|
|
In a change which is bound to be welcomed widely, -current has gained "auto-join" for Wi-Fi networks. Peter Hessler (phessler@) has been working on this for quite some time and he wrote about it in his p2k18 hackathon report.He has committed the work from the g2k18 hackathon in Ljubljana: CVSROOT: /cvs Module name: src Changes by: phessler@cvs.openbsd.org 2018/07/11 14:18:09 Modified files ...
|
|
undeadly.org/cgi?action=article;sid=20180712084645
|
|
|
23. |
Index for 2024 - undeadly.org
|
|
Archive Index for. 2024. January. TSO for em(4) committed to -current. OpenBSD workstation hardening tips. DSA removal from OpenSSH. Effortless OpenBSD Audio and Desktop Screen Recording Guide. pinsyscalls(2) working in anger. KMS for Apple silicon machines.
|
|
undeadly.org/cgi?action=archive
|
|
|
|