@mwl

meanwhile, #OpenBSD giving you the best of both worlds 😉

See referenced text below:

Theo de Raadt (deraadt@) updated the version of OpenBSD -current to "7.7-current".

Those running the latest-and-greatest [via a sufficiently new snapshot or built from source] no longer need to use "-D snap" with pkg_add(1) (and pkg_info(1)).

Soon a new OpenBSD release, v 7.8, will be on the horizon. Time prepare and to reprise "You Have Installed OpenBSD. Now For The Daily Tasks." https://nxdomain.no/~peter/openbsd_installed_now_for_the_daily_tasks.html (also https://bsdly.blogspot.com/2024/09/you-have-installed-openbsd-now-for.html) #openbsd #install #sysadmin #devops #maintenance #packages #freesoftware #libresoftware

Morgen, 19.08.2025 ab 19:00h wieder im Fuchs im Hofmanns in #Düsseldorf #Bilk: https://www.meetup.com/bsd-user-group-dusseldorf-bsd-nrw/events/310578497/ #runbsd #bsdnrw #bug #freebsd #openbsd #netbsd

Hey! My "Eighteen Years of Greytrapping - Is the Weirdness Finally Paying Off?" https://bsdly.blogspot.com/2025/08/eighteen-years-of-greytrapping-is.html (https://nxdomain.no/~peter/eighteen_years_of_greytrapping.html) is on @vermaden's Valuable news https://vermaden.wordpress.com/2025/08/18/valuable-news-2025-08-18/ #openbsd #spamd #greytrapping #freebsd #valueablenews

Latest 𝗩𝗮𝗹𝘂𝗮𝗯𝗹𝗲 𝗡𝗲𝘄𝘀 - 𝟮𝟬𝟮𝟱/𝟬𝟴/𝟭𝟴 (Valuable News - 2025/08/18) available.

https://vermaden.wordpress.com/2025/08/18/valuable-news-2025-08-18/

Past releases: https://vermaden.wordpress.com/news/

#verblog #vernews #news #bsd #freebsd #openbsd #netbsd #linux #unix #zfs #opnsense #ghostbsd #solaris #vermadenday

Game of Trees 0.117 released https://www.undeadly.org/cgi?action=article;sid=20250818074301 #openbsd #gameoftrees #got #git #development #programming #versioncontrol #freesoftware #libresoftware

Two #blog posts in less than one week!

It was considered known that there is no support within GNAT (Ada) for illumos. We cross-build a complete native binutils+gcc toolchain for illumos to test out this claim.

...only to discover that illumos has full support within GNAT. Not a single test fails.

https://briancallahan.net/blog/20250817.html

#Ada #illumos #GNAT #GCC #GNU #freesoftware #unix #bsd #freebsd #openbsd #netbsd #dragonflybsd #linux #compiler #compilers

the only c project I hard forked was suckless's slock as they have a terrible security model (it doesn't log anything and has a hard need for suid root)

its also pledge()'d, uses bsd-auth, and has other code readability cleanups

if you're on #OpenBSD, I suggest taking a look at it.

https://codeberg.org/Izder456/slock

is OpenBSD 10x faster than Linux? (tedu@) https://www.undeadly.org/cgi?action=article;sid=20250817075800 #openbsd #performance #benchmarks #fork #development #freesoftware #linux #libresoftware

SEE ALSO
dunst(5), dunstctl(1), dmenu(1), notify-send(1), dunstify(1)

To my completely surprise and disappointment I have found out that OpenBSD's vmm does not in fact support FreeDOS. What am I to do now

#OpenBSD #FreeDOS

The @EuroBSDCon 2021 😈⛳🐡 video's are now mirrored on Exquisite.tube.

So, if you want to:

• Learn how to setup high available WANs with OpenBSD,
• Get familiar with GhostBSD as a daily driver,
• Verify whether 'our' Dexter is a serial BSD tester and not the serial killer,
• Learn why FreeBSD Aarch64 Virtual Machines are boring,

Now you can! Errr, you already could, but now more privately, federated and without Big Tech.

The playlist for all 2021 talks can be found here.

Good weekend all and happy hacking!

#OpenBSD #FreeBSD #NetBSD #GhostBSD #RunBSD

Giving OpenBSD and Xfce another go on the laptop, but I think I'll go back to OpenSUSE until FreeBSD 15 is released 4Q25. Too many paper cuts for now...

hw-probe for the ThinkPad X1 Carbon 5th:

https://bsd-hardware.info/?probe=b1a9d7d307

#OpenBSD #ThinkPad #EndOfDistroHopping

Here’s a little benchmark complements of Jann Horn. It’s unexpectedly slow on Linux.

OpenBSD is so fast, I had to modify the program slightly to measure itself, as the time utility is missing sufficient precision to even record nonzero.

All it does is create one extra thread, then both existing threads create 256 sockets. What’s so hard about that?

#include <pthread.h>
#include <unistd.h>
#include <err.h>
#include <stdio.h>
#include <sys/time.h>
#include <sys/socket.h>

static void open_sockets(void) {
    for (int i=0; i<256; i++) {
        int sock = socket(AF_INET, SOCK_STREAM, 0);
        if (sock == -1)
            err(1, "socket");
    }
}

static void *thread_fn(void *dummy) {
    open_sockets();
    return NULL;
}

int main(int argc) {
    struct timeval one, two;
    gettimeofday(&one, NULL);
    if (argc > 1)
        dup2(0, 666);
    pthread_t thread;
    if (pthread_create(&thread, NULL, thread_fn, NULL))
        errx(1, "pthread_create");
    open_sockets();
    if (pthread_join(thread, NULL))
        errx(1, "pthread_join");
    gettimeofday(&two, NULL);
    timersub(&two, &one, &one);
    printf("elapsed: %lld.%06lds\n", one.tv_sec, one.tv_usec);
    return 0;
}

On Linux, I get results approximately as so:

tedu@penguin:~$ ./a.out 
elapsed: 0.017770s
tedu@penguin:~$ ./a.out 
elapsed: 0.026309s
tedu@penguin:~$ ./a.out 
elapsed: 0.018414s

On OpenBSD, here we go, choo choo:

ox$ ./a.out                                                                               
a.out: a.out: socketsocket: : Too many open files
Too many open files
ox$ ulimit -n 1024
ox$ ./a.out                                                                               
elapsed: 0.006096s
ox$ ./a.out  
elapsed: 0.002508s
ox$ ./a.out  
elapsed: 0.002326s

These aren’t identical machines, but roughly comparable.

There’s a hint in the code (nothing to do with networking code, if that was your first guess), with more explanation in the linked thread, which is worth reading and some thinking. I’d love to see the system and benchmark where Linux outperforms here.

Really, I just found it a little funny. Usually it’s the weirdo benchmark that shows OpenBSD being 10x slower, so this one is definitely going in the collection.

It's heartwarming to a greying geek that a 5000+ words retrospective on greytrapping is turning out to be popular - https://nxdomain.no/~peter/eighteen_years_of_greytrapping.html (tracked https://bsdly.blogspot.com/2025/08/eighteen-years-of-greytrapping-is.html)

#greytrapping #spam #antispam #greylisting #blocklist #openbsd #freebsd #smtp #email #ssh #passwords #passwordguessing #pop3 #security #networking #cybercrime

#unix_surrealism #openbsd #bootleg #youtube #comic

Alt...

Girl: I would reall like the openbased t-shirt!" Puffy: "I would really like you to stop consuming youtube content."

Puffy in the hotel hallway #openbsd

Alt...

Pufferfish on a hotel hallway poster

Heads up for Yubikey owners, if you depend on OTP as opposed to FIDO2, #OpenBSD -current will no longer attach these devices as keyboards.

deraadt@ modified src/sys/dev/usb/ukbd.c: Most Yubikey ship with OTP support enabled out of the box (and generate accidental output like cccccblddbkhelgbdjuughbjdcvrddggdcjvricrriuk).
Yubikey re-configuration requires crazy buggy and fragile tools using crazy usb feature support, and therefore OTP disabling is very annoying.
We make a policy decision to not attach these as keyboards anymore, because a majority of users just want the FIDO functionality. If you want to use OTP, buy a different device from a different vendor or convince Yubikey to significantly improve their tooling.
idea from kettenis

Is anyone able to compile #Zerotier on #OpenBSD?
I've been able in the past but now it seems to fail

https://codeberg.org/OpenBSD

I wonder if the #OpenBSD folk have considered moving their Git mirror from #GitHub to say #Codeberg ?

OpenBSD.app has switched to using #Codeberg instead of Github for hosting and for Git repo links. Let me know if you hit any issues!

#openbsd

"No head I will not wipe FreeBSD from my laptop in favor of OpenBSD!" 🙄

https://bsd-hardware.info/?probe=8e3bae7f65

Successfully serving some test sites off my local Mac Mini running OpenBSD / httpd. It’s currently using Eero’s DDNS for the port reservations and forwarding, so it’s only temporary until my real router arrives.

Just a good test though 👍

#openbsd #networking

Friends, it finally happened. On August 7th, 2025, the number of spamtraps intended to fool spammers rolled past the number of inhabitants in my home country of Norway. It's time for a retrospective.

Eighteen Years of Greytrapping - Is the Weirdness Finally Paying Off? https://nxdomain.no/~peter/eighteen_years_of_greytrapping.html (tracked https://bsdly.blogspot.com/2025/08/eighteen-years-of-greytrapping-is.html)

#greytrapping #spam #antispam #greylisting #blocklist #openbsd #freebsd #smtp #email #ssh #passwords #passwordguessing #pop3 #security #networking #cybercrime

Is it always recommended to install obsdfreqd in place of apmd for temp control? #openbsd

Post-Quantum Cryptography Advice Added to OpenSSH Website https://www.undeadly.org/cgi?action=article;sid=20250811110058 #openbsd #openssh #ssh #cryptography #postquantum #postq #crypto #security #libresoftware #freesoftware #bsd

Latest 𝗩𝗮𝗹𝘂𝗮𝗯𝗹𝗲 𝗡𝗲𝘄𝘀 - 𝟮𝟬𝟮𝟱/𝟬𝟴/𝟭𝟭 (Valuable News - 2025/08/11) available.

https://vermaden.wordpress.com/2025/08/11/valuable-news-2025-08-11/

Past releases: https://vermaden.wordpress.com/news/

#verblog #vernews #news #bsd #freebsd #openbsd #netbsd #linux #unix #zfs #opnsense #ghostbsd #solaris #vermadenday

[Again for those on the other side of the pond] -

Friends, it finally happened. On August 7th, 2025, the number of spamtraps rolled past the number of people in my home country. It's time for a retrospective.

Eighteen Years of Greytrapping - Is the Weirdness Finally Paying Off? https://nxdomain.no/~peter/eighteen_years_of_greytrapping.html (tracked https://bsdly.blogspot.com/2025/08/eighteen-years-of-greytrapping-is.html)

#greytrapping #spam #antispam #greylisting #blocklist #openbsd #freebsd #smtp #email #ssh #passwords #passwordguessing #pop3 #security #networking #cybercrime

Friends, it finally happened. On August 7th, 2025, the number of spamtraps intended to woo the unwary spammer rolled past the number of inhabitants in my home country of Norway. It's time for a retrospective.

Eighteen Years of Greytrapping - Is the Weirdness Finally Paying Off? https://nxdomain.no/~peter/eighteen_years_of_greytrapping.html (tracked https://bsdly.blogspot.com/2025/08/eighteen-years-of-greytrapping-is.html)

#greytrapping #spam #antispam #greylisting #blocklist #openbsd #freebsd #smtp #email #ssh #passwords #passwordguessing #pop3 #security #networking #cybercrime

I ordered this a few minutes ago as my new #openbsd firewall router from AliExpress with N150 DDR5 Intel 2.5Gb #runbsd #bsd

I've got a ThinkPad X1 Carbon 5th, currently running OpenSUSE Tumbleweed. I want to try *BSD on this laptop.

Network controller is reported as "Intel Corporation Wireless 8265 / 8275 (rev 88)" under Linux.

FreeBSD installs OK, but wireless speed is not impressive, and my USB-C dock doesn't seem to be recognized.

I can live with using a wifi-dongle when out and about, but missing dock connectivity is not something I look forward to. I don't care about the built-in camera.

Is there anything else I should worry about? Sound, Bluetooth, sleep mode, battery life?

#FreeBSD #OpenBSD #ThinkPad

First steps in the BSD world!

1) OpenBSD on VPS (Amsterdam)
2) FreeBSD on Raspberry Pi 4 (home)

I'm running a Wireguard connection between the two.

Next step is setting up relayd on the VPS to point at services on the Raspberry Pi server.

#OpenBSD #FreeBSD #selfhosted

Alt...

Screen shot showing neofetch output from OpenBSD, running on a VPS in Amsterdam

Alt...

Screen shot showing neofetch output from FreeBSD, running on a Raspberry Pi server at home

Eighteen Years of Greytrapping - Is the Weirdness Finally Paying Off? https://nxdomain.no/~peter/eighteen_years_of_greytrapping.html (tracked https://bsdly.blogspot.com/2025/08/eighteen-years-of-greytrapping-is.html)

Friends, it finally happened. On August 7th, 2025, the number of spamtraps intended to woo the unwary spammer rolled past the number of inhabitants in my home country of Norway.

It's time for a retrospective.

#greytrapping #spam #antispam #greylisting #blocklist #openbsd #freebsd #smtp #email #ssh #passwords #passwordguessing #pop3 #security #networking #cybercrime

Call for testing: USB webcams https://www.undeadly.org/cgi?action=article;sid=20250808083341 #openbsd #usb #webcams #testing #snapshot #freesoftware #libresoftware

Hey #FreeBSD admins with #OpenBSD as second language, what would be the equivalent to ˋacme-client` on FreeBSD?

Like in single command you run every night that checks if your Let’s encrypt certificates are up to date and, if not, just request another one. Nothing more, no integration with other software configuration.

I have looked in the handbook but there doesn’t seem to be a stock option. Also, I used pkg search but can’t make up my mind from the tenth of results :-/

OpenBSD gets CDE

Adjusted for the inevitable progress of time, the Common Desktop Environment or CDE is the best desktop environment of all time, and no, I will not be taking question at this time. OpenBSD wasn't yet graced by CDE's presence, but this is currently changing as the first commit for porting CDE to OpenBSD has appeared.

It's still rough around the edges and very slightly tested. I wouldn't use is as a

https://www.osnews.com/story/142922/openbsd-gets-cde/

#OpenBSD

I am not skilled in various network technologies for configuring a server, can someone suggest something to try learning that comes part of the #openbsd base installation to expand my skill set?

I've considered setting up a CVS mirror, trying to figure out a multimedia server to play from or a NAS, or buy a domain and see if I can host a static website. I'm open to suggesting something more basic as a beginning point

Sorry if none of this makes any sense but that's just how I roll. 😂

Failure of the day was trying to have #Peertube run on #OpenBSD...

Everything looked pretty ok until I switched the instance online and it started doing... well, it's things... And then, BAM: peertube[26957]: node(84677) in free(): double free 0xb475cc26c20.

Note sure if the previous

"stack": "Error: Cannot find module '/var/www/peertube/storage/plugins/node_modules/sqlite3/lib/binding/node-v127-openbsd-x64/node_sqlite3.node'\nRequire stack:\n- /var/www/peertube/storage/plugins/node_modules/sqlite3/lib/sqlite3-binding.js\n- /var/www/peertube/storage/plugins/node_modules/sqlite3/lib/sqlite3.js\n- /var/www/peertube/storage/plugins/node_modules/@databases/sqlite/lib/index.js\n- /var/www/peertube/storage/plugins/node_modules/listener-rss-aggregator/build/sqlite-tools.js\n- /var/www/peertube/storage/plugins/node_modules/listener-rss-aggregator/build/listener-rss-aggregator.js\n- /var/www/peertube/storage/plugins/node_modules/listener-rss-aggregator/build/index.js\n- /var/www/peertube/storage/plugins/node_modules/peertube-plugin-auto-import-ytb/dist/src/main.js\n- /var/www/peertube/versions/peertube-v7.2.3/dist/core/lib/plugins/plugin-manager.js\n    at Function._resolveFilename (node:internal/modules/cjs/loader:1401:15)\n    at defaultResolveImpl (node:internal/modules/cjs/loader:1057:19)

is the culprit. But as I don't understand a single thing about this... :)

#SysAdminFail

https://github.com/9001/copyparty

Wow, running this on my #OpenBSD #PowerPc #Macmini #G4

I saw the YouTube recommendation, but i seldom get the "hype"
Then a friend gave me the link

Seems very interesting.

Was ordering myself a new X220 keyboard and a small, fan-less Intel-based router caught my eye (on sale!). I snagged both :)

When it gets here, I plan to swap out my hacked-together router (2012 mac mini) for it. The next goal would be to repurpose that same mac Mini as a web server my personal, public websites.

Only time will tell if I fail...

#openbsd #networking #router

At EuroBSDCon 2025 in Zagreb: "Liberating the social web using *BSD" by Jeroen - @h3artbl33d - and Stefano Marinelli, see https://events.eurobsdcon.org/2025/talk/PJJLFV/

Schedule at https://events.eurobsdcon.org/2025/schedule/

To register https://2025.eurobsdcon.org/registration.html

#EuroBSDCon #EBC25 #BSDCafe #FreeBSD #NetBSD #OpenBSD #Networking #BSDCafe #RunBSD #Mastodon #Fediverse #OwnYourData #Security #Networking #Community

Me: huh, I don't remember logging out of my session on the kids' #OpenBSD laptop…oh, right, I did a `doas sysupgrade`, it did the upgrade, rebooted into 7.7, and returned uneventfully to the login screen without requiring any additional intervention or thought.

There's something wonderful about an upgrade-process so boring that you can accidentally forget you did it.

I got asked if I could create a #howto for creating a (public) #NAT64 service - just like I did recently for #BoxyBSD. With #DNS64 and #NAT64 you can also reach resource in the legacy internet (#IPv4) on #IPv6 only systems.

While this is based on #unbound and #tayga, there’s also a solution by using the #OpenBSD's native way which is also running on the other gateway. I’ll share a second how to how to do this in OpenBSD and pf.

https://gyptazy.com/howto-create-a-public-dns64-nat64-gateway/

While I was mucking about with an #openbsd port, I got an email from github offering me access to their ai code writing uselessness.

No! Bad website!

*spritzes with water bottle*

My code doesn't work at the moment. Broken is still better than this offer.

This is my favorite part of the OpenBSD installer because I get it wrong every time, but I love that they anticipated it! #openbsd

Alt...

Text from the OpenBSD installer asking "Setup a user? (enter a lower-case loginname, or 'no')". The user enters "yes" and the next prompt says "No really, what is the lower-case loginname, or 'no'?"

**BSD Mail Project Update!**

Hello everyone! I wanted to share some exciting updates about the development of BSD Mail, our privacy-focused email service designed with robustness, security, and transparency in mind. Here’s a deep dive into the technical choices I've made, focusing on my use of open source solutions and open protocols:

🌍 **Servers & Location**

- We're running on two physical servers:
- One hosted by OVH in France
- Another by Hetzner in Germany
- Both servers operate on FreeBSD with NVMe drives in a ZFS mirror configuration for speed and data integrity.

🔒 **Virtualization & Security**

- We utilize jails on both servers to ensure isolated environments for different services, managed via BastilleBSD. On one server, jails are set up directly on the hardware, whereas the other server employs nested jails.
- Each server hosts a bhyve VM running OpenBSD with OpenSMTPD for handling SMTP duties securely.

🔗 **Networking**

- A Wireguard setup connects the two servers, facilitating routing capabilities so that jails and VMs can communicate seamlessly, supporting both IPv4 and IPv6.

📧 **Email Services**

- **Dovecot** is configured for maildir replication across the servers using Dovecot sync, ensuring email availability and redundancy.
- **Rspamd** instances are tied to local KeyDB jails, set up in master-master replication for consistent and reliable spam detection and greylisting.
- **ClamAV** runs in corresponding jails for virus scanning, maintaining a high level of security.
- **SOGo** provides a web interface for email management, connected to MySQL databases in master-master replication to handle sessions and authentication smoothly.

💾 **Data Management**

- Email data is stored on separate, encrypted ZFS datasets to secure emails at rest.
- MySQL databases are used for storing credentials and managing sessions for SOGo, also in a master-master replication setup. Importantly, all passwords are securely hashed using bcrypt, ensuring they are salted and safe.

🔎 **Monitoring & Reliability**

- Our DNS is managed through BunnyNet, which continuously monitors our server status. Should one server—or a specific service—become unavailable, DNS configurations are dynamically adjusted to avoid directing users to the affected IP until full service is restored.

🌐 **Commitment to Open Source and Open Protocols**

- Every component of BSD Mail is built exclusively using open source software and open protocols. This commitment is crucial for ensuring data freedom and the reliability of the solutions we use.

This setup not only emphasizes our commitment to privacy and security but also our dedication to maintaining an open and transparent platform.
We're excited to bring you a service where your privacy, data integrity, and freedom are prioritized. Stay tuned for more updates!

#BSDMail #OpenSource #Privacy #FreeBSD #OpenBSD #EmailHosting #Email

It's official: the new email hosting service I'll be launching will run on OpenBSD as well. The two OpenSMTPD SMTP servers will operate on two OpenBSD installations.

#EmailHosting #Email #OpenBSD #OpenSMTPD

Sharing some technical details about how I'm setting up the hosted email service. It will not be a service of BSD Cafe but tied to my own business. It will run entirely on BSD systems and on bare metal, NOT on "cloud" VPS. It will use FreeBSD jails or OpenBSD or NetBSD VMs (but on bhyve, on a leased server - I do not want user data to be stored on disks managed by others). The services (opensmtpd and rspamd, dovecot, redis, mysql, etc.) will run on separate jails/VMs, so compromising one service will NOT put the others at risk. Emails will be stored on encrypted ZFS datasets - so all emails are encrypted at rest - and only dovecot will have access to the mail datasets. I'm also considering the possibility of encrypting individual emails with the user's login password - but I still have to thoroughly test this. The setup will be fully redundant (double mx for SMTP, a domain for external IMAP access that will be managed through smart DNS - which will distribute the connections on the DNS side and, in case of a server down, will stop resolving its IP, sending all the connections to the other. Obviously, everything will be accessible in both ipv4 and ipv6 and in two different European countries, on two different providers. Synchronization will occur through dovecot's native sync (extremely stable and tested). All technical choices will be clearly explained - the goal of this service is to provide maximum transparency to users on how things will be handled.

#BSD #FreeBSD #OpenBSD #NetBSD #emailHosting #encryption #ZFS #dovecot #opensmtpd #rspamd #emailSecurity #techTransparency #ipv6 #Europe

#OpenBSD may introduces Word into the base system

https://marc.info/?l=openbsd-tech&m=170742832804260&w=2

Running #wayland compositor #sway on #OpenBSD is very easy (only -current at the moment)

- pkg_add sway
- stop xenodm
- log-in as your user in a tty
- run /usr/local/bin/startsway.sh

that's all

Alt...

Screenshot of an OpenBSD desktop running the wayland compositor sway