1. |
OpenBSD Journal: A resource for the OpenBSD community
|
|
In what can only be called a great stride forward in routing security, Sebastian Benoit (benno@) announced the availability of rpki-client version 9.0.The announcement reads, Subject: rpki-client 9.0 released From: Sebastian Benoit <benno openbsd ! org> Date: 2024-03-03 17:24:06 rpki-client 9.0 has just been released and will be available in the rpki-client directory of any OpenBSD mirror soon.
|
|
undeadly.org/cgi?action=front
2024-04-07T00:00:00.0000000
|
|
|
2. |
OpenBSD 7.3 released
|
|
Calgary and elsewhere, 2023-04-10 : The OpenBSD project today announced the release and general availability of its latest stable version, OpenBSD 7.3 . Eagerly anticipated by users, engineers, enthusiasts and industry pundits all over the world, this release contains a number of improvements over earlier versions, including but not limited to.
|
|
undeadly.org/cgi?action=article;sid=20230410140049
2023-03-06T00:00:00.0000000
|
|
|
3. |
OpenBSD 7.0 released
|
|
Contributed by rueda on 2021-09-20 from the Undeadly-SYNs dept. The OpenBSD project has released OpenBSD 7.0 , the project's 51 st release. As usual, the release page offers highlights, installation and upgrade instructions, as well as links to other resources such as the detailed changelog. Notable improvements include, but are not limited to:
|
|
undeadly.org/cgi?action=article;sid=20211014144620
|
|
|
4. |
Next steps toward mimmutable, from deraadt@
|
|
In a recent message to the tech mailing list, Theo de Raadt (deraadt@) summarized the state of the new memory protections work.The thread also includes a followup from Otto Moerbeek (otto@) on consequent changes to the memory allocation mechanisms.. Theo writes, From: "Theo de Raadt" <deraadt openbsd ! org> Date: Fri, 18 Nov 2022 03:10:05 +0000 To: openbsd-tech Subject: More on mimmutable ...
|
|
undeadly.org/cgi?action=article;sid=20221120115616
2022-11-19T00:00:00.0000000
|
|
|
5. |
OpenBSD 7.4 Released
|
|
The OpenBSD project has announced the release of OpenBSD 7.4, the 55 th release of the OpenBSD operating system.. The new release contains a number of innovations and improvements across a number of areas, including Mandatory enforcement of indirect branch targets [See earlier report].; viogpu(4), a VirtIO GPU driver [See earlier report]. vmd(8) has moved to a multi-process model for virtio(4 ...
|
|
undeadly.org/cgi?action=article&sid=20231016130614&ref=upstract.com
2023-09-27T00:00:00.0000000
|
|
|
6. |
About the OpenBSD Journal
|
|
OpenBSD Journal. Home Archives About Submit Story Create Account Login. About the OpenBSD Journal Purpose. The OpenBSD Journal is a site dedicated to providing news and information of interest to members of the OpenBSD community.. The site is run by a small group of volunteers. Although several OpenBSD developers are registered users of the site, and the site receives frequent contributions ...
|
|
undeadly.org/cgi?action=about
|
|
|
7. |
OpenSSH 9.3p2 released
|
|
OpenSSH 9.3p2 released. Contributed by grey on 2023-07-19 from the It's Wednesday, but you should still patch this now. dept. As announced by Damien Miller: "We've just made an OpenSSH release to fix a remotely exploitable RCE vulnerability in ssh-agent's PKCS#11 support (CVE-2023-38408).
|
|
undeadly.org/cgi?action=article;sid=20230719180438
2023-07-19T00:00:00.0000000
|
|
|
8. |
OpenSSH 9.2/9.2p1 released! - undeadly.org
|
|
OpenSSH 9.2 was released on 2023-02-02. It is available from the mirrors listed at https://www.openssh.com/. As should be of no surprise to undeadly readers, OpenSSH ...
|
|
undeadly.org/cgi?action=article;sid=20230202205608
2023-02-02T00:00:00.0000000
|
|
|
9. |
OpenBSD 6.7 and ffs2 FAQs - undeadly.org
|
|
In OpenBSD 6.7, ffs2 is the default for new filesystems during install (with some exceptions). In OpenBSD 6.7, if you create a new filesystem manually (using newfs (8)) you will still get an FFS1 filesystem unless you force -O2 or if the filesystem will be larger than 1 TB. He also points out that this last point has been changed in -current ...
|
|
undeadly.org/cgi?action=article;sid=20200528091634
|
|
|
10. |
Index for 2022 - undeadly.org
|
|
OpenBSD Journal. Home Archives About Submit Story Create Account Login. Archive Index for 2022. January. DRM updated; LibreSSL update; A proof of concept: running OpenBSD on the PinePhone; February. New 'Reckless guide to OpenBSD' published
|
|
undeadly.org/cgi?action=archive;y=2022
|
|
|
11. |
OpenBSD KDE Status Report
|
|
OpenBSD has managed to drop KDE3 and KDE4 in the 6.8 -> 6.9 release cycle. That makes me very happy because it was a big piece of work and long discussions. This of course brings questions: Kde Plasma 5 package missing. After half a year of work, I managed to successfully update the Qt5 stack to the last LTS version 5.15.2. On the whole, the most work was updating QtWebengine.
|
|
undeadly.org/cgi?action=article;sid=20210124113220
|
|
|
12. |
Introduction to sysclean(8)
|
|
Introduction to. sysclean(8) Contributed by rueda on 2023-09-27 from the keep-it-clean! dept. Many OpenBSD sysadmins find the sysclean(8) port useful for removing obsolete files following upgrades. Sebastien Marie ( semarie@ ), the author of sysclean(8) , has written a piece giving an under-the-hood look at the operation of this handy utility.
|
|
undeadly.org/cgi?action=article;sid=20230927103221
2023-09-27T00:00:00.0000000
|
|
|
13. |
OpenSSH 9.3/9.3p1 released - undeadly.org
|
|
On 2023-03-15 , the release of version 9.3 of OpenSSH was announced: […] This release fixes a number of security bugs. safety problem. The memory safety problem is not believed to be. security bugs. * ssh-add(1): when adding smartcard keys to ssh-agent(1) with the. per-hop desination constraints (ssh-add -h ...) added in OpenSSH.
|
|
undeadly.org/cgi?action=article;sid=20230316040613
2023-03-15T00:00:00.0000000
|
|
|
14. |
WireGuard imported into OpenBSD
|
|
In the following commit (and a bunch of others), David Gwynne (dlg@) imported most of the code submitted recently by Jason A. Donenfeld and Matt Dunwoodie to allow you to use WireGuard natively on OpenBSD: CVSROOT: /cvs Module name: src Changes by: dlg@cvs.openbsd.org 2020/06/21 06:11:26 Modified files: sys/net : if.c Added files: sys/net : if_wg.c if_wg.h wg_cookie.c wg_cookie.h wg_noise.c wg ...
|
|
undeadly.org/cgi?action=article;sid=20200622052207
|
|
|
15. |
September 30th, 2021 syspatches: some assembly might be required
|
|
Did you just run syspatch(8) and see it fail? Here's the reason: one of the two root certificates behind the (excellent) Let's Encrypt CA service has expired. A bug in (the "legacy" verifier of) LibreSSL also contributed. The syspatches (for OpenBSD 6.8, 032, for OpenBSD 6.9, 018) mitigate the unfortunate situation. However, your syspatch may fail if your local mirror uses a Let's Encrypt ...
|
|
undeadly.org/cgi?action=article;sid=20211001073034
|
|
|
16. |
20 years since "and we're just starting": undeadly.org turns 20 (2024 ...
|
|
Contributed by Peter N. M. Hansteen on 2024-04-07 from the 20 years a Puffyist dept. It's been 20 years since the first undeadly.org post appeared. At that point in our history, we had been enjoying frequent updates to the OpenBSD Journal at the deadly.org site for more than four years, and most of us thought it was an April's Fool prank when ...
|
|
undeadly.org/cgi?action=article;sid=20240409044953
2024-04-09T04:52:58.0000000
|
|
|
17. |
HEADS UP: ntpd changing
|
|
The ntpd options -s and -S are going to be removed soon and at startup. with print: -s option no longer works and will be removed soon. Please reconfigure to use constraints or trusted servers. Probably after 6.7 we'll delete the warning. Maybe for 6.8 we'll remove. -s and -S from getopt, and starting with those options will fail.
|
|
undeadly.org/cgi?action=article;sid=20191111075815
|
|
|
18. |
Using a Yubikey as smartcard for SSH public key authentication
|
|
It's in -current only, so it will be available in 6.5, out in two months or so. Right now your options are: build it yourself (easy), port the port to 6.4 or upgrade to a snapshot (which is is 6.5-beta since last week).
|
|
undeadly.org/cgi?action=article;sid=20190302235509
|
|
|
19. |
EuroBSDCon 2023 presentations
|
|
Coimbra! dept. EuroBSDCon 2023 has now ended, and slides for many of the OpenBSD developer presentations are now available in the usual place. Video of the presentations can be expected somewhat later. Slides from the tutorial "Network Management with the OpenBSD Packet Filter Toolset" are also available. (Comments are closed)
|
|
undeadly.org/cgi?action=article;sid=20230919063240
2023-09-18T00:00:00.0000000
|
|
|
20. |
How to create a USB flash installer for OpenBSD
|
|
The isolinux method is quite interesting, they provide an HD-compatible MBR and post-process the ISO with a program which searches for the location of the actual isolinux boot loader and patches it in.
|
|
undeadly.org/cgi?action=article&sid=20140225072408
|
|
|
21. |
Using qemu guest agent on OpenBSD kvm/qemu guests
|
|
In a post to the ports@ mailing list, Landry Breuil (landry@) shared some of his notes on using qemu guest agent on OpenBSD kvm/qemu guests.He made a few enhancements for Undeadly: Experimenting with proxmox VE since some years (but that also applies to plain kvm/qemu OpenBSD vms), today i had a look at the qemu guest agent feature:
|
|
undeadly.org/cgi?action=article;sid=20200514073852
|
|
|
22. |
OpenSSH U2F/FIDO support in base - undeadly.org
|
|
support to base and tweaked OpenSSH to use them directly. This means. there will be no additional configuration hoops to jump through to use. U2F/FIDO2 security keys. Hardware backed keys can be generated using " ssh-keygen -t ecdsa-sk". (or "ed25519-sk" if your token supports it). Many tokens require to be. touched/tapped to confirm this step.
|
|
undeadly.org/cgi?action=article;sid=20191115064850
|
|
|
23. |
Index for 2024 - undeadly.org
|
|
Archive Index for. 2024. January. TSO for em(4) committed to -current. OpenBSD workstation hardening tips. DSA removal from OpenSSH. Effortless OpenBSD Audio and Desktop Screen Recording Guide. pinsyscalls(2) working in anger. KMS for Apple silicon machines.
|
|
undeadly.org/cgi?action=archive
|
|
|
|