https://git.smithies.me.uk/openbsd-desktop-dotfiles/about/

The SATA SSD I use for #OpenBSD really is dying. I need to get the data off of it ASAP. Should be doable.

OpenSSH 10.1 released https://www.undeadly.org/cgi?action=article;sid=20251006105328 #openbsd #openssh #ssh #security #newrelease #crypto #cryptography #securelogin #networking #freesoftware #libresoftware

Latest 𝗩𝗮𝗹𝘂𝗮𝗯𝗹𝗲 𝗡𝗲𝘄𝘀 - 𝟮𝟬𝟮𝟱/𝟭𝟬/𝟬𝟲 (Valuable News - 2025/10/06) available.

https://vermaden.wordpress.com/2025/10/06/valuable-news-2025-10-06/

Past releases: https://vermaden.wordpress.com/news/

#verblog #vernews #news #bsd #freebsd #openbsd #netbsd #linux #unix #zfs #opnsense #ghostbsd #solaris #vermadenday

[ Solved ]
Thanks to @brynet@bsd.network for their assistance.

https://www.6809.org.uk/asm6809/

The site of the upcoming release is already up:
https://www.openbsd.org/78.html
#OpenBSD

My daughter left home because University is located towns-away from here. This means she now has to connect her iPad to $HOME in order to watch the movies that are hosted in our local VOD system.

Yet another #OpenBSD and #Wireguard user that don’t even know about it. She only knows that she uses a #VPN and that it’s not NordVPN.

#RunBSD

#openbsd kicks ass. i've been using it for various tasks on and off for years. and also installing it for people sometimes

and today an extremely gnu-brained twat was being an extremely gnu-brained twat in one of my irc channels, on the subject of openbsd, specifically pertaining to their practices with snapshot test builds:

https://rl.bloat.cat/r/openbsd/comments/qs5ip4/is_openbsd_working_on_reproducible_builds/

they were being really pedantic and annoying about it

the conversation inspired me to send OpenBSD money

good day

EDIT: https://av.vimuser.org/nvmutil/

Alt...

screenshot of a successful 80 canadian dollar donation to the openbsd foundation

Personally I would have gone with #Mailcow. Much easier to setup and administer. As much as I love #FreeBSD and #OpenBSD I sure as hell wouldn't recommend it for an SME.

Unless your goal is lock-in. Vendor lock-in. And in this case that vendor is you. Because let's face it, even in IT, OpenBSD is quite niche and FreeBSD is already niche enough.

#OwnYourData #OpenBSD #RunBSD
---

RE: https://mastodon.bsd.cafe/users/stefano/statuses/115311534156397213

Glad I got all my ports updates in #OpenBSD and they were committed by the amazing @thfr before the ports tree got locked for 7.8 👍

@gumnos @stefano For a bit of my writing that is not necessarily about spamd (but still mostly with an #openbsd and other #opensource theme), there is my "Short reading list" https://nxdomain.no/~peter/the_short_reading_list.html which is close to what I came up with for some #bookofpf promo material that @nostarch were putting together earlier this year.

Another small victory today.

A salesperson had almost convinced a client to move their email from 365 to Google because "they hold all the cards now". I stepped in and suggested they keep their email on servers that they control instead. The salesperson almost mocked me, treating me like a "nerd" who doesn't understand how the world works.

I was happy to be a nerd, if necessary, to explain the pros and cons of the solution to the client.
The result? The salesperson was politely thanked and "sent home", and I'm now evaluating some details of the new mail server, which, by the client's choice, will be based on OpenBSD.

Because people need explanations, not brochures.

#OwnYourData #OpenBSD #RunBSD

Friends using OpenBSD for e-mail servers: I'm using rspamd and it's fine, but what about the base system "spamd"? Are you using it? Is it effective?

#OpenBSD #spamd #rspamd

LibreSSL 4.1.1 and 4.0.1 released https://www.undeadly.org/cgi?action=article;sid=20251002054519 #openbsd #libressl #tls #https #cryptography #security #newrelease #development #freesoftware #libresoftware

Game of Trees 0.119 released https://www.undeadly.org/cgi?action=article;sid=20251001132258 #openbsd #gameoftrees #got #git #development #versioncontrol #programming #freesoftware #libresoftware

It was great to see everybody again at #EuroBSDCon2025.
Sorry if we missed you, but there is always #EuroBSDCon2026! :)

16 new VMs were added and 64 VMs were renewed.

We donated €1120 to the #OpenBSD Foundation, €57335 since we started.

Thank you, our users, and OpenBSD developers for an awesome OS!

Stay safe, healthy & sane!

#RUNBSD in 2025

Alt...

Image of Harrison Ford as Han Solo in Star Wars. It has the text: How you doing it's so good to see you

Alt...

Receipt of a paypal payment of €1120 to the OpenBSD Foundation

OpenBSD -current has moved to version 7.8 #openbsd
https://undeadly.org/cgi?action=article;sid=20251001044004

Friendly reminder for #OpenBSD -current users, you'll need to use 'pkg_add -Dsnap ...' with upcoming snapshots as the project enters release mode for 7.8. ​

The -beta tag has been dropped.

https://marc.info/?l=openbsd-cvs&m=175924366314931&w=2

If anyone is interested in what I had to say (and hand out) during my talk, the QR code at the end leads to http://anduin.net/l.htm - go grab your copy in any of three formats: Bootable floppy, zipped TheDraw files, or PDF (boo!).

I met too many awesome people to count, much less remember the names of everyone, but I truly hope those of you who want to reach out will do so. My DMs are open ;)

The social overload from this weekend will quickly turn into the pain of missing the company of this extended family. Can't wait to see you again in Brussels - or at any time before that if you visit Oslo!

#EuroBSDCon #EuroBSDCon2025 #EuroBSDCon2026 #RunBSD #NetBSD #OpenBSD #FreeBSD #BSD

Latest 𝗩𝗮𝗹𝘂𝗮𝗯𝗹𝗲 𝗡𝗲𝘄𝘀 - 𝟮𝟬𝟮𝟱/𝟬𝟵/𝟮𝟵 (Valuable News - 2025/09/29) available.

https://vermaden.wordpress.com/2025/09/29/valuable-news-2025-09-29/

Past releases: https://vermaden.wordpress.com/news/

#verblog #vernews #news #bsd #freebsd #openbsd #netbsd #linux #unix #zfs #opnsense #ghostbsd #solaris #vermadenday

@justine

@DianeBruce could also speak to this. I know I've seen her at just about every bsd conference that I've been to.

#EBC25 #RunBSD #FreeBSD #EuroBSDcon #EuroBSDCon2025 #OpenBSD #NetBSD

#EBC25 #RunBSD #FreeBSD #EuroBSDcon #EuroBSDCon2025 #OpenBSD #NetBSD

OpenBGPD 8.9 released https://www.undeadly.org/cgi?action=article;sid=20250926141610 #openbsd #openbgpd #bgp #routing #networking #security #freesoftware #libresoftware

http://forums.xgecu.com/viewthread.php?tid=694&extra=page%3D1

https://gitlab.com/DavidGriffith/minipro

We are about five minutes from starting the "Network management with PF" https://events.eurobsdcon.org/2025/talk/FW39CX/ tutorial at #eurobsdcon in #zagreb. Slides at https://nxdomain.no/~peter/pf_fullday.pdf as usual #pf #openbsd #freebsd #packetfilter #networking

Tomorrow 2025-09-25 at 10:30 CEST, the refreshed "Network Management with the OpenBSD Packet Filter Toolset" https://events.eurobsdcon.org/2025/talk/FW39CX/ by yours truly, @stucchimax and Tom Smyth will start at #eurobsdcon.

We will put the updated slides online just before the session starts.

#openbsd #freebsd #pf #packetfilter #networking #firewall #trickery #security

The Man of MATA pt1

next: https://merveilles.town/@prahou/115271822786360293

pls consider supporting my work: https://analognowhere.com/support

#unix_surrealism #comic #technomage #openbsd #linux #penguin #mata

Alt...

Somewhere in a desert... Girl and Penguin are eating breakfast. Penguin: "Morning, slept well?" Girl: "mhmhmhm" Penguin: "What's today?" Girl checks her school schedule. It's Monday, morning class - history. Girl: "History. Penguin, unenthusiased: "Sounds exciting."

Alt...

Classroom. Fish begins the lesson. Fish: "I wanted to call this class mythology, but Purple said history suggests that some of it might actually be true. Nobody remembers how long ago, but as you know, the world ended. While the inheritors of the ravaged land learned to adapt to their predicament, three brothers, successors of those who brought about the end, set out into the destroyed world to ruin it some more." LAST REMAINING MATACORPBUNKER B_73; three brothers "Well, gentlemen, we ate all the women, children and uly. The water purifier is busted and the only person who could fix it was Parkinson." "We ate her last week." "We ate her last week." "Nothing to eat, nothing to drink. So now what?" "I think it's time to do what our great great great grandparents spoke of - Go outside and restart civilization." "Ugh..."

Alt...

Penguin and Fish are dressed as the MATA brothers. Penguin: "I have the best ideas." Fish: "You're going to have to help us play the third brother." Girl, ecstatic: "School trip!" analognowhere presents: techno-mage in: Girl, Fish and Penguin stand outside their cave home. Fish: "... they gathered a bunch of thumbdrives with ancient CORPO tech and went on a journey to find people and machines they could poison." Penguin: "It's a good day to fuck shit up. Come on, bros!" Girl: "He's really into it!"

Alt...

The three brothers cross the ancient desolate land. "This suuuuuuuuuuuucks." "Shut up."

At EuroBSDCon 2025 in Zagreb: "Liberating the social web using *BSD" by Jeroen - @h3artbl33d - and Stefano Marinelli, see https://events.eurobsdcon.org/2025/talk/PJJLFV/

Schedule at https://events.eurobsdcon.org/2025/schedule/

To register https://2025.eurobsdcon.org/registration.html

#EuroBSDCon #EBC25 #BSDCafe #FreeBSD #NetBSD #OpenBSD #Networking #BSDCafe #RunBSD #Mastodon #Fediverse #OwnYourData #Security #Networking #Community

Me: huh, I don't remember logging out of my session on the kids' #OpenBSD laptop…oh, right, I did a `doas sysupgrade`, it did the upgrade, rebooted into 7.7, and returned uneventfully to the login screen without requiring any additional intervention or thought.

There's something wonderful about an upgrade-process so boring that you can accidentally forget you did it.

I got asked if I could create a #howto for creating a (public) #NAT64 service - just like I did recently for #BoxyBSD. With #DNS64 and #NAT64 you can also reach resource in the legacy internet (#IPv4) on #IPv6 only systems.

While this is based on #unbound and #tayga, there’s also a solution by using the #OpenBSD's native way which is also running on the other gateway. I’ll share a second how to how to do this in OpenBSD and pf.

https://gyptazy.com/howto-create-a-public-dns64-nat64-gateway/

While I was mucking about with an #openbsd port, I got an email from github offering me access to their ai code writing uselessness.

No! Bad website!

*spritzes with water bottle*

My code doesn't work at the moment. Broken is still better than this offer.

This is my favorite part of the OpenBSD installer because I get it wrong every time, but I love that they anticipated it! #openbsd

Alt...

Text from the OpenBSD installer asking "Setup a user? (enter a lower-case loginname, or 'no')". The user enters "yes" and the next prompt says "No really, what is the lower-case loginname, or 'no'?"

**BSD Mail Project Update!**

Hello everyone! I wanted to share some exciting updates about the development of BSD Mail, our privacy-focused email service designed with robustness, security, and transparency in mind. Here’s a deep dive into the technical choices I've made, focusing on my use of open source solutions and open protocols:

🌍 **Servers & Location**

- We're running on two physical servers:
- One hosted by OVH in France
- Another by Hetzner in Germany
- Both servers operate on FreeBSD with NVMe drives in a ZFS mirror configuration for speed and data integrity.

🔒 **Virtualization & Security**

- We utilize jails on both servers to ensure isolated environments for different services, managed via BastilleBSD. On one server, jails are set up directly on the hardware, whereas the other server employs nested jails.
- Each server hosts a bhyve VM running OpenBSD with OpenSMTPD for handling SMTP duties securely.

🔗 **Networking**

- A Wireguard setup connects the two servers, facilitating routing capabilities so that jails and VMs can communicate seamlessly, supporting both IPv4 and IPv6.

📧 **Email Services**

- **Dovecot** is configured for maildir replication across the servers using Dovecot sync, ensuring email availability and redundancy.
- **Rspamd** instances are tied to local KeyDB jails, set up in master-master replication for consistent and reliable spam detection and greylisting.
- **ClamAV** runs in corresponding jails for virus scanning, maintaining a high level of security.
- **SOGo** provides a web interface for email management, connected to MySQL databases in master-master replication to handle sessions and authentication smoothly.

💾 **Data Management**

- Email data is stored on separate, encrypted ZFS datasets to secure emails at rest.
- MySQL databases are used for storing credentials and managing sessions for SOGo, also in a master-master replication setup. Importantly, all passwords are securely hashed using bcrypt, ensuring they are salted and safe.

🔎 **Monitoring & Reliability**

- Our DNS is managed through BunnyNet, which continuously monitors our server status. Should one server—or a specific service—become unavailable, DNS configurations are dynamically adjusted to avoid directing users to the affected IP until full service is restored.

🌐 **Commitment to Open Source and Open Protocols**

- Every component of BSD Mail is built exclusively using open source software and open protocols. This commitment is crucial for ensuring data freedom and the reliability of the solutions we use.

This setup not only emphasizes our commitment to privacy and security but also our dedication to maintaining an open and transparent platform.
We're excited to bring you a service where your privacy, data integrity, and freedom are prioritized. Stay tuned for more updates!

#BSDMail #OpenSource #Privacy #FreeBSD #OpenBSD #EmailHosting #Email

It's official: the new email hosting service I'll be launching will run on OpenBSD as well. The two OpenSMTPD SMTP servers will operate on two OpenBSD installations.

#EmailHosting #Email #OpenBSD #OpenSMTPD

Sharing some technical details about how I'm setting up the hosted email service. It will not be a service of BSD Cafe but tied to my own business. It will run entirely on BSD systems and on bare metal, NOT on "cloud" VPS. It will use FreeBSD jails or OpenBSD or NetBSD VMs (but on bhyve, on a leased server - I do not want user data to be stored on disks managed by others). The services (opensmtpd and rspamd, dovecot, redis, mysql, etc.) will run on separate jails/VMs, so compromising one service will NOT put the others at risk. Emails will be stored on encrypted ZFS datasets - so all emails are encrypted at rest - and only dovecot will have access to the mail datasets. I'm also considering the possibility of encrypting individual emails with the user's login password - but I still have to thoroughly test this. The setup will be fully redundant (double mx for SMTP, a domain for external IMAP access that will be managed through smart DNS - which will distribute the connections on the DNS side and, in case of a server down, will stop resolving its IP, sending all the connections to the other. Obviously, everything will be accessible in both ipv4 and ipv6 and in two different European countries, on two different providers. Synchronization will occur through dovecot's native sync (extremely stable and tested). All technical choices will be clearly explained - the goal of this service is to provide maximum transparency to users on how things will be handled.

#BSD #FreeBSD #OpenBSD #NetBSD #emailHosting #encryption #ZFS #dovecot #opensmtpd #rspamd #emailSecurity #techTransparency #ipv6 #Europe

#OpenBSD may introduces Word into the base system

https://marc.info/?l=openbsd-tech&m=170742832804260&w=2

Running #wayland compositor #sway on #OpenBSD is very easy (only -current at the moment)

- pkg_add sway
- stop xenodm
- log-in as your user in a tty
- run /usr/local/bin/startsway.sh

that's all

Alt...

Screenshot of an OpenBSD desktop running the wayland compositor sway