Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

OpenBSD review at

Nik posted more than 14 years ago | from the great-review-but-the-install-needs-work dept.

BSD 134

nicedream writes " is running a feature on BSD, and the latest installment profiles one guy's experience with OpenBSD. Haven't read a thorough review of OpenBSD ever, so it was nice to check this out.

Sorry! There are no comments related to the filter you selected.

Re:Not thourough (0)

Anonymous Coward | more than 14 years ago | (#1550320)

and have gone into details like file descriptor leaks (ever head of those ;-). And so on.

*YAWN*. OpenBSD isn't the only place with thinking people, you know. Poke through linux-kernel some time and you'll be pleasantly surprised to see such mentioned from time to time.

Re:Don't give a gun to a kid... (0)

Anonymous Coward | more than 14 years ago | (#1550321)

amen Scott Freeman

Re:Don't give a gun to a kid... (0)

Anonymous Coward | more than 14 years ago | (#1550322)


Scott Freeman

Re:Don't give a gun to a kid... (0)

Anonymous Coward | more than 14 years ago | (#1550323)


Scott Freeman

Don't give a gun to a kid... (0)

Anonymous Coward | more than 14 years ago | (#1550324)

... and don't give OpenBSD to a person who doesn't have experience. So simple.

For me, OpenBSD installation is way easier than any Linux distro (flames -> /dev/null; my whole office is running mostly on RH, while few machines are HP-UX/OpenBSD/FreeBSD). It's just the matter of WHAT you need it for.

OpenBSD is indeed more secure 'out of the box', and it is easy to STRIP it down even more. If you need IDS system, go after OpenBSD. If you are making Workstation, go after Linux. But don't let IDS expert configure Linux workstation with Gnome, and don't let Gnome user maintain IDS system running on OpenBSD.

So simple. And yes... kernel config on OpenBSD is LOVELY. Although it's just text file editing (well, don't we all love it?! :), it really give you a feeling of 'having control over everything', while "make menuconfig" is nice, but one still keep wondering "Will the config file really be ok after I save it?" ;)

Re:Are *BSDs dying ? (0)

Anonymous Coward | more than 14 years ago | (#1550325)

Do you make a policy of posting all your flamebait as an AC?

Re:Right on! (0)

Anonymous Coward | more than 14 years ago | (#1550326)

Uhh... maybe we should subsitute "Red Hat Linux" for "Linux". Something I really like about Debian is the consistency of the config files -- all of them are in /etc. No debian binarys are installed into /usr/local/bin either, that is left for locally installed binarys. Although it might not be as close to your ideal as you would like, I recomend that you checkout the layout of a Debian system. Its really clean and well thought out.

Re:Idiots.... (0)

Anonymous Coward | more than 14 years ago | (#1550327)

Get the patch for the pcvt-driver, if you want to use BitchX on OpenBSD. It enables the traditional PC colors again.

OpenBSD is nice but... (0)

Anonymous Coward | more than 14 years ago | (#1550328)

It has such limited application support. Netscape must be run in binary emulation mode, and a lot our favorite linux apps are very slow in making their way over. (gqmpeg?) I run OpenBSD 2.5 on a P-100 and use it as a "dumb" X server. Applications run from my linux box and get displayed on OpenBSD. For these purposes it is great. I would venture to say it is by far more stable than linux, I think they squash just about every bug in the system when they check for security holes. Some other notes about OpenBSD: It has a better NFS implementation (It supports tcp and UDP). The IP Masquerading does not have the plethora of protocol specific enhancements that the linux kernel does. Trying to get MySql and the perl DB drivers set up on it is a nightmare. Setting up https is SUPER easy. This message was sponsored by the letter A.

What is really cool is... (0)

Anonymous Coward | more than 14 years ago | (#1550329)

that exactly what you're asking for exists in the 2.5 distro right now. The installation is do-able for someone who has used Linux for six months. I'm using OBSD as a NAT at home with NT, '95, Linux and os/2 boxen.

Re:Right on! (0)

Anonymous Coward | more than 14 years ago | (#1550330)

Get a clue. Red Hat is just as much a stickler for putting configs in /etc, bins in bin directories, nothing in /usr/local, etc.

Re:ISO images/console (0)

Anonymous Coward | more than 14 years ago | (#1550333)

> I wonder why someone would like to download a 650 Mbyte file while all the required files for a
> given platform are only about 200 MByte.

ISO images are only as large as the total size of the files on the CD-ROM. They are not 650 megs no matter what as you seem to have guessed :)

Re:Analysing the Conventional Wisdom (0)

Anonymous Coward | more than 14 years ago | (#1550334)


I think the reason why the author of the article recommends Linux over OpenBSD as a workstation is due to the increased availability of software. It's easier to install a Linux CD-ROM and have everything possible built and installed, rather than install OpenBSD and have to compile it all yourself.

The type of servers that these people are describing are fixed-purpose machines like http servers, where you only _need_ a few programs running, and anything else is unnecessary. Thus, as long as you can run the web server of your choice, availability of other software does not enter into a comparison between different OSes.

I don't think that Linux is getting sloppy due to 'single user' considerations (in some cases security work for single user has benefitted multi user as well), but of course this is an important consideration for future development.

> Just as you want a solid, sane, robust system for a computer that provides services for an
> entire department, so too do you wish the same coherence and correctness on my very own computer
> that you are the principle user of.

s/principle/principal/ :)

Funky colours dude! (0)

Anonymous Coward | more than 14 years ago | (#1550335)

Just wanted to say these new colors r0ck they remind me of a hot dog stand!!

Re:*BSD install experiences (0)

Anonymous Coward | more than 14 years ago | (#1550336)

One of the main reasons I choose FreeBSD over Linux is because everything on FreeBSD seems so much easier.

To compile a kernel on Linux took me ages. Not knowing if the kernel file should be gzip-ed or bzip-ed didn't help. And Linux documentation seemend to clash with eachother.

Now with FreeBSD I was able to compile the kernel within days of installation.

And as far as setting up PPP goes, I won't even go into detail of how trivial that is under FreeBSD as opposed to Linux

If you want to be crazy Linux is for you. If you want to get work done FreeBSD has power to serve you.

I agree! (0)

Anonymous Coward | more than 14 years ago | (#1550337)

I've installed OpenBSD twice and although the first install was tricky, once you get the hang of it there's nothing to it. This isnt windoze, i expected some difficulty. The os has been great it is a shame that article was posted.

Free clues! (0)

Anonymous Coward | more than 14 years ago | (#1550338)

RedHat puts nothing in /usr/local either

Re:Are *BSDs dying ? (0)

Anonymous Coward | more than 14 years ago | (#1550341)

I don't think so. If anything, the *BSDs are benifiting from the rising tide of Linux.

On a practical level, if you know Linux, you can take a stab at *BSD. If you don't know any Unix-variant, the first one is a bear.

I'm glad I was setting up procmail and tweaking config files on a Solaris box a couple years before installing Linux on my own systems. (My only regret is that I didn't dump OS/2 earlier; OS/2 is great, but Linux is much nicer on balence.)

Re:ISO images/console (1)

bamf (212) | more than 14 years ago | (#1550342)

>I wonder why people still use the console too.

Why use fancy graphics on a server? Neither of my BSD machines have X installed.

what install nightmare? (1)

pixel fairy (898) | more than 14 years ago | (#1550344)

having installed it several times now, its always
been good in the install. never failed to detect
and use both nics (every machine i installed on had two nics, including a notebook with a pair of
pcmcia ones) never had to do anything beyond just
letting the default media type do its thing.

ftp is great, when your network is configured, it
goes out on the net and gets a list of ftp sites
for you. (unless you tell it not to) i dont know
of any linux dist that does this. IMO, getting
the CD is really more for supporting the cause
than actually installing the OS. if you split
up the architectures, all the install packages
for a given one fit on a (100meg) zip disk.
(about 70megs for x86)

Re:Offtopic (1)

Temperance (1245) | more than 14 years ago | (#1550345)

The Daemon has been the emblem of BSD for a long time. The one you associate with FreeBSD appeared long ago on the "Design and Implementation of 4.3 BSD" cover. He is copyrighted by Marshal Kirk McKusick. Please have a look at Kirk McKusick's site [] if you are still confused. How you came to your assumptions is beyond me.


My comments from Linux Today: (1)

jammer (4062) | more than 14 years ago | (#1550347)

This is what I posted in response to this story on Linux TOday:

Funny. I've been hacking around with an OpenBSD box for the past few days, and now two stories about it appear on Linux Today.

Anyway, my install experience was slightly different from the one recounted here. Yes, the disk partitioning tool is horrid, but it's not much different from early Linux fdisk. I had to start over a couple times until I got it right, but I could do it again easily now. The documentation was well written and helpful, too, something that I have found is the general case with OBSD.

Once past that stage, and a problem I had with a bad hard drive, things went very smoothly. I had made an iso image myself, but I forgot to add the -r flag to cdrecord, so the file names got truncated. I ended up simply copying the CD to my Linux desktop box and serving the images back to the install, but it still worked fine. No extra reboots, just some time and a nicely set up system.

Interestingly, the thing that most impressed me, aside from the thorogh documentation, is that which the author had bad trouble with: network setup. I had a cheap ne2k ISA plug-and-pray clone in this box which is hell to get working with Linux. OpenBSD detected, configured, and activated it automagically, and the configuration persisted, and worked as soon as I booted my new system.

And, did I mention, the documentation is very nice?

I more or less agree with the summary here: I wouldn't recommend it for a desktop, but for a server system, so far, I would give a very strong recommendation.

Re:Analysing the Conventional Wisdom (1)

nicedream (4923) | more than 14 years ago | (#1550348)

When you're talking about Unix, the line tends to be blurred a lot. My machine for example does it all, server tasks, workstation tasks, everything I need it to do...and it can, it's Linux

But I think one of the main reasons people advocate Linux for workstations is its wide support of hardware and quick support of hardware. I would switch to FreeBSD in a second if only I could use my IDE cdburner...but I can't, so its Linux for me. Just one example that illustrates the bigger point.

Another reason for this (IMHO) is that you will get super-deluxe security w/ OpenBSD, You can run NetBSD on more platforms, and FreeBSD has the highest level of stability (on i386). I think these characteristics are much less important for workstations, where periodic reboots are ok, everything runs on intel chips, and no server processes are running.

When it comes down to it, you just have to know what you need, and what each OS can provide. The server/workstation "rule" is more of a rule of thumb, just a guideline.

He's Not Chuck (1)

howardjp (5458) | more than 14 years ago | (#1550350)

Please note, the individuals who own the copyright on the image prefer that you not call him Chuck.

Re:Right on! (1)

MbM (7065) | more than 14 years ago | (#1550351)

One of the first things you have to overcome when installing a unix system for the first time is the belief that your former system rather it be dos or windows was somehow better. There is an established standard (FSSTND) that dictates where files should be placed but more importantly dictates where files can be found which is critical for any system administrator; Instead of wading through "/programs" you can be reasonably assured that if it's a userlevel binary it's somewhere in /usr/bin or /usr/local/bin (there are exceptions to the rule where categories are made such as /usr/X11R6/.) This also makes it much easier to migrate from different versions of unix since the structure is generally the same.

what's the difference between /usr and /usr/local and why can't i just link /usr/local to /usr?

Well technically there's nothing wrong with that, (/usr/local/ is meant for if you have a nfs /usr you can mount a /usr/local with binaries relevent to only the local machine). I find however that it serves a more useful purpose in separating out the files that came with my distribution/or the files i installed as packages from the files i've compiled on the system. If i ever have to clean up my system all i have to do is wade through abit of /usr/local.

So in answer to your post there is a predictable placement to where the files are located it jsut takes abit of getting used to.

Filesystem Hierarchy Standard []
- MbM

Fair review (1)

Cato (8296) | more than 14 years ago | (#1550352)

I thought this was a pretty fair review - I had a similar experience installing OpenBSD, though most of my install hassles were related to getting X working.

As a mainly Linux user who's used Unix a lot in the past, I found OpenBSD very interesting, and I am planning to use it as the basis for a firewall, where its relatively small ports collection is a feature not a problem. My theory is that script kiddies & others will be less likely to have exploits for OpenBSD, due to its smaller user base and more stringent auditing.

Re:Not thourough (1)

revnight (8980) | more than 14 years ago | (#1550354)

it's an ongoing series. there was an article last week, where he just gave a basic overview of what he was planning on doing. there should be an article next week giving his overview on freebsd, and then one following that comparing the two bsd's and linux.

besides, he's only had it installed for a week...i've had linux installed for close to a year now, and don't know all the in's and out's. sheesh...

The OpenBSD install is well documented (1)

elflord (9269) | more than 14 years ago | (#1550355)

The Cheapbytes CD comes with a very clear, step by step guide regarding a sample install of OpenBSD. Also, their "FAQ" ( which is more like a small user's manual ) is excellent. However, I agree that the disklabel is cryptic.

My $0.02 (1)

elflord (9269) | more than 14 years ago | (#1550356)

OpenBSD is an excellent choice as a solid server OS for low end hardware. However, compared to FreeBSD, it's not really ready for the desktop yet ( FreeBSD has a much larger ports and packages collection. Also, OpenBSD's filesystem, while rock solid is also sloooowwwww ). The nice thing about OpenBSD is you can fire it up and forget about it. You don't need to worry about the "patch of the week" like you do with linux.


elflord (9269) | more than 14 years ago | (#1550357)

I think it's high time that the linux distributors started shipping crypto, even if that means shipping from Canada ( as OpenBSD does ). It would also be nice to see some more sensible default settings on the linux distributions.

Re:what install nightmare? (1)

elflord (9269) | more than 14 years ago | (#1550358)

The install isn't that bad. But you'd better RTFM ... the disklabel tool is hardly easy or intuitive unless you have some docs to walk you through.

Ongoing Review (was Re:Not thourough) (1)

Dengue (10077) | more than 14 years ago | (#1550365)

I guess thourough depends on the reader. Personally I didn't think it was thourough either, but someone who has never used OpenBSD before may have felt it was a great resource. There are not a lot of web resources available for OpenBSD, something I hope to change.

I try to keep an ongoing on-line diary of my experiences installing and using and experimenting with OpenBSD. It available here [] . Four years ago, you would have been hard pressed to find mention of Linux anywhere, much less a thorough review. Now OpenBSD is getting some attention.

Personally I think Matt should be credited with at least being curious enough about OpenBSD to give it a try , and willing to share it with the community. That's what it's all about right?

My .02

Re:Learning from OpenBSD (1)

trance9 (10504) | more than 14 years ago | (#1550366)

I'm not suggesting that Linux adopt OpenBSD's development model. I'm suggesting that Linux pick up some of the attitude. Namely, a driving belief in correctness, and an attention to details that might impact security.

You can ignore these sorts of issues only at your peril--if you take security for granted, and assume it will all come out in the wash, you'll find a few things in your wash that aren't pleasant.

Then again perhaps Linux is moving toward being a desktop OS. The emphasis lately seems to have been on support for any and all hardware, plus easier configuration, plus more support for userland applications.

Perhaps Linux is destined to be the desktop Unix, whereas the *BSDs will wind up being servers.

In the short term that's unlikely to be the way it goes--Linux will make more and more inroads into servers. But in the end, you either deal with security in a comprehensive and systematic way, or you get out of the server business.

Learning from OpenBSD (1)

trance9 (10504) | more than 14 years ago | (#1550367)

Linux should take a long hard look at OpenBSD and learn. The OpenBSD people have done a fantastic job of dealing with security, and have settled a lot of important issues through hard work and careful thought.

Going forward, it's going to be important for Linux to adopt many of these ideas, but especially this kind of attitude.

Re:Idiots.... (1)

millert (10803) | more than 14 years ago | (#1550368)

Personally, I agree. However, a lot of people seem to want this so it is available in OpenBSD 2.6. Of course, you can turn it off if it offends you ;-)

Re:Offtopic (1)

nikc (11398) | more than 14 years ago | (#1550369)

In btw: Why is the icon featuring Chuck. Chuck is the FreeBSD mascot. The OpenBSD one does not wear running shoes...

It's currently the only BSD icon on Slashdot, and yes, it's more suited to FreeBSD than NetBSD or OpenBSD. If anyone wants to

(a) Draw up icon sized logos for NetBSD and OpenBSD

(b) Run them past the appropriate people on both groups

(c) E-mail me a URL where I can download them from

then I'll be more than happy to use them in the future.


Re:Not thourough (1)

nikc (11398) | more than 14 years ago | (#1550370)

This review was anything but thourough!

Interesting point. As the poster, the text you're seeing in the story is pretty much what was submitted. I've got a choice of either using that text as is, and keeping the submitters words, or changing it completely. and starting with something like "Nicedream sent in this link to..." instead. Wherever possible I try and retain the submitter's text, since that's the core of Slashdot after all.

What I don't want to do is start reviewing or commenting on the links in the summary -- some of the stuff that gets posted will have that, but it will be from the "Read more" link if at all. In fact, there's a good example of that coming up in about 4 hours time.


Re:Not thourough (1)

arivanov (12034) | more than 14 years ago | (#1550371)

No suitable URL's unfortunately but reading the mailing list archives may help. There you can note that the folks at OpenBSD have been through fixing all of our favorite YAREs (YetAnotherRootExploit) and have gone into details like file descriptor leaks (ever head of those ;-). And so on.

And I love their attitude (to Paul Vixie software especially). Running named chrooted and as a non-root user ;-). And there are many other small peeks and pokes here and there that make it much more bulletproof even at factory defaults compared to RedHat for example.

That is besides support for every sensible auth method/technique under the sun (one time passwords, encryption everywhere, cypherchained blowfish for storing passwords, etc).

Re:Learning from OpenBSD (1)

arivanov (12034) | more than 14 years ago | (#1550372)

There is a person who does it from time to time. Known as the "Solar Designer". Unfortunately his (and Andrew Tridgell) security pacthes do not get into the mainstream kernel and this really sucks...

Re:Learning from OpenBSD (1)

arivanov (12034) | more than 14 years ago | (#1550373)

So why the heck doesn't he write the same thing and shut up about it? A quick perl or even shell script involving find, diff, sum (md5sum)
should easily suffice and could probably be knocked up in under 5 minutes flat.

And the result will be that it will have at least one symlink exploit, will crash the box on some directory structures or do something else as dumb as it gets.

Writing scripts like that is not a 5 min job (unless you want to provide a nice root-comporomise backdoor).

Offtopic (1)

arivanov (12034) | more than 14 years ago | (#1550374)

In btw: Why is the icon featuring Chuck. Chuck is the FreeBSD mascot. The OpenBSD one does not wear running shoes...

Re:ISO images/console (1)

zzg (14390) | more than 14 years ago | (#1550376)

screen is your friend, It saves your ssh sessions even when the net connection fails for a moment.

Not thourough (1)

Ummon (15714) | more than 14 years ago | (#1550377)

This review was anything but thourough! How does the uninformed user decide to use this rather than Linux. There's a lot of hype about OpenBSD being hypersecure by default. But what does this mean? How does this apply to some yahoo who wants to build a webserver or a firewall?

I like OpenBSD, I like Linux, I like Macs, I use what ever is best for job.

I wish these people would start to do objective comparisons of the feature sets of each OS.

Re:Not bad considering the low word count ... (1)

Ummon (15714) | more than 14 years ago | (#1550378)

I'm just pointing out a trend I've noticed on a lot of these "tech" sites. No depth.

It's great that any monkey with a net connection can install Linux or *BSD, but no one seems to be talking about how to use the system once it is installed. No one talks about the strengths or weaknesses of their chosen *nix.

It's all just "Linux only take 15 minutes to install!!" Bullshit, there's more to installing software than swapping disks and clicking on the right buttons.

Offtopic: Re: BSD & Flaimbait (1)

maroberts (15852) | more than 14 years ago | (#1550379)

No, but I thought that if I wasn't careful how I phrased the question I might lose all my hard won karma points.... ;-P

Are *BSDs dying ? (1)

maroberts (15852) | more than 14 years ago | (#1550380)

This is not meant to be Flamebait [hence I've not posted anonymously], but a serious question.

With the rapid advance of Linux over the last year or two, are the *BSDs "fading" into the background ? My impression is that even the niche markets which the various BSDs are directed (security/ network ...) appear to be about to be taken over by Linux.

Maybe some *BSD expert can enlighten me...

Re:Not thourough (1)

maroberts (15852) | more than 14 years ago | (#1550381)

I too felt this article was a bit shallow - OpenBSD requires a longer more in-depth look. I get the feeling that OpenBSD is not naturally a newbies first choice, although a smooth installation process would obviously be a major plus.

What I would like to see is an article by some SysAdmin on his long term experiences with it and whether it is a good secure system.

Anyone know any suitable URLs ?

Why I Came Back To Linux (1)

esme (17526) | more than 14 years ago | (#1550382)

I recently installed OpenBSD on my home machine, and after spending about three weeks trying to get various things to work, I decided I'd be better off with Linux.

Before I began, I made a list of programs/functionality that I needed, both for the server tasks (FTP, Telnet, WWW, SSH, IP Masquerading, etc.) and as a workstation (running WordPerfect, Netscape, playing MP3s, etc). And as I got things to work, I crossed them off my list.

The good news was that a lot of things worked right out of the box (or straight from the ports tree). Getting bash, trn, X, ssh, NAT, and basic networking was a piece of cake. Unlike the experience of the author of the article, the install handled my NIC and cable-modem-dhcp setup automatically (unlike Linux where I had to use a non-standard dhcp program and another program to "login" to my Road Runner accoutn).

But after the initial install and setup, there were several things that didn't work for me, and I didn't really get them working satisfactorily:

  • Printing. I've got a HP Laserjet, and the basic printing works fine. Ghostscript rips PS to PCL just fine under Linux and OpenBSD. But under Linux, RedHat comes with an, IMHO, awesome magic filter. Just type 'lpr foo' and it'll figure out what foo is and Do The Right Thing. I spent a lot of time trying to write a magic filter for OpenBSD, and never really got it to work as well (mostly because some of the image and text-processors either wouldn't work, or because file gives the wrong answer for some image types).
  • Linux emulation. Everybody seems to say that the Linux emul under OpenBSD is the eighth wonder of the world, but my mileage definitely varied. I can't say that I really got acceptable results for anything, much less everything. And this is a show-stopper for me. If I can't run Linux binaries (and as long as there are basically no OpenBSD binaries), OpenBSD is not an option for me. I need some kind of word processor like Star Office or WordPerfect, for example.
  • Sound. I never got sound working, and I couldn't find a damn thing about it on the net.
  • Compiling. After a few futile attempts, I learned that the ports tree is the way to go. But if there isn't a port of something (say Apache with PHP and mod_perl), it's a pain in the neck to try to get it to build. Maybe it's me (in fact, I'm sure it's me), and maybe other people can get it to build just fine, but it's beyond my skills. With Linux, someone else has already done everything I've ever thought of and put up a step-by-step website. So if I run into trouble, I'm ususally just a google-search away from getting it done.

One thing I'll say though, it gives me a newfound appreciation for the smooth Linux installs. It took me a few times though to get the OpenBSD install to take. Mostly because the whole disklabel thing was new to me, and I figured out that the a slice was root, and that the c slice was the whole disk. But I didn't get that the b slice was swap, so my /usr didn't work until I figured that out.

Also, it reminded me that Linux on the desktop does work, if you've got a certain ammount of technical knowledge. My Netscape doesn't crash. I can play MP3's and use a word processor and spreadsheet (Gnumeric). The network configuration and IP masquerading isn't as cool as OpenBSD's, but it does work.


Idiots.... (1)

Silmaril (19015) | more than 14 years ago | (#1550384)

The console was also unable to properly display the high-ASCII characters like those used in BitchX.

That's a feature.

Re:Right on! (1)

schporto (20516) | more than 14 years ago | (#1550385)

I think you forgot a few things unless you include them under the topics above.
  • Libraries - possibly under binaries?
  • Headers - under source?
  • Data - OK this sounds silly but while we're at it why don't we specify places for data to go and not to go.
I also think your config files need (in many cases) two 'versions'. The system standard and a user's. So you may need config files in a user's directories too. I do like this idea of seperating things into places that are clear what goes where. You probably could go and build a linux distro that has this (although it'd probably be a pain). I'd also agree that I like the version of things in /bin /conf /src etc, but a problem here is what do you do with possible conflicts? What if 2 programs use a config file with the same name? Really this is a problem I can forsee with this. And further this entire setup should be mirrored in any user's directories, just to keep things neat. -cpd

Re:Why I Came Back To Linux (1)

guacamole (24270) | more than 14 years ago | (#1550386)

Printing. I've got a HP Laserjet, and the basic printing works fine. Ghostscript rips PS to PCL just fine under Linux and OpenBSD. But under Linux, RedHat comes with an, IMHO, awesome magic filter. Just type 'lpr foo' and it'll figure out what foo is and Do The Right Thing. I spent a lot of time trying to write a magic filter for OpenBSD, and never really got it to work as well (mostly because some of the image and text-processors either wouldn't work, or because file gives the wrong answer for some image types).

RedHat printtool and print filters are nice, but they are not the _ONLY_ such software out there. magic filter is mmore powerful and flexible and certainly is available in OpenBSD ports.

Linux emulation. Everybody seems to say that the Linux emul under OpenBSD is the eighth wonder of the world, but my mileage definitely varied.

Actually I have never heard people paising Linux emulation in OpenBSD, I have necer used it myself.
However, the FreeBSD linux emulation is very decent.

Re:Analysing the Conventional Wisdom (1)

guacamole (24270) | more than 14 years ago | (#1550387)

You can run NetBSD on more platforms.

In terms of modern hardware, Linux supports at _least_ as much as openbsd if not more. UltraSparcs and SGI Indy are examples of Linux, and not-*BSD, supported platforms.
However if you got something _very_ old, like SUN 3 or VAX or old decstation (they are so slow that they all belong in a garbage collector imho) then you can run NetBSD on them ...

s/openbsd/netbsd/ (1)

guacamole (24270) | more than 14 years ago | (#1550388)

s/openbsd/netbsd/ (1)

guacamole (24270) | more than 14 years ago | (#1550389)


OpenBSD since 2.1 (1)

havasu (24377) | more than 14 years ago | (#1550390)

I've been running OpenBSD since the 2.1 release. I started out with it because it was the only thing I could get on an old MacIIci, NetBSD notwithstanding. All the nifty bells and whistles rolled into the *nux distros I've used are pretty nice, however, for a clean, well-laid out file system, with no extra cruft, one can't beat OpenBSD. Yes the ports thing is pretty nice too.

Now have two intranet webservers running OBSD i386, one running OBSD Mac68k, one running OBSD Alpha, all in a WinNT shop...using Samba to allow users "drag-and-drop through NT Explorer" for their webpages.

OBSD is still running my firewall at home for the DSL connection, and I've got it on my IBM 560e.

It rocks!!! Please buy the CDs and contribute to the cause, the stickers that come with the discs are well worth it.

Re:My review of OpenBSD (1)

wozz (25963) | more than 14 years ago | (#1550391)

Rather than buying from cheapbytes, why not buy a bootable cd from OpenBSD's website [] and support the project?

Re:My review of OpenBSD (1)

wozz (25963) | more than 14 years ago | (#1550392)

Also, while I'm here. Rather than use tcp wrappers, why not check out IPF? Its a much better way to tighten down your box than tcp wrappers. man ipf should get you started.

Re:Learning from OpenBSD (1)

PigleT (28894) | more than 14 years ago | (#1550394)

What. the sort of attitude that finds a broken box to install OpenBSD on, complains when things go wrong and doesn't know about
a) Debian's package management
b) the 'cruft' utility
on the Linux scene?


And as for this:

I simply LOVE the way that OpenBSD sends root a daily listing of all the file permissions changed and actual diffs of the configuration files in /etc. ... One way or another I need to have this functionality on my Linux servers.

So why the heck doesn't he write the same thing and shut up about it? A quick perl or even shell script involving find, diff, sum (md5sum) should easily suffice and could probably be knocked up in under 5 minutes flat.

It is *not* "Linux's fault" that no distro either he or I know about do this as standard (and his review would be wrong in giving this impression): it's also not something that should come "with linux" so that as you open the box, the whole sodding lego falls out just the way you want it to work; it's something that needs implementing and filing away under an appropriate section of Freshmeat [] . And then you educate the folks who'll be using - nae, administering!- these boxes to USE freshmeat properly!

ISO images/console (1)

^BR (37824) | more than 14 years ago | (#1550400)

I wonder why someone would like to download a 650 Mbyte file while all the required files for a given platform are only about 200 MByte.

And there is everything on the FTP site needed to burn your own bootable CDs...

I wonder why people still use the console too. All my machines have xdm, it's almost the 21th century guys (ans gals :-))

Re:ISO images/console (1)

^BR (37824) | more than 14 years ago | (#1550402)

I usually ssh at my server, don't sit at them...

You'll never have enough function key to have the needed number or virtual console to have real work done thought...

X or die...

Re:Are *BSDs dying ? (1)

^BR (37824) | more than 14 years ago | (#1550403)


All the *BSDs see their userbase growing... (see new specific websites, traffic on newsgroups and mailing lists, download statistics, CD sales statistics...)

The fact is that the market is expanding...

What would be really cool is... (1)

Betcour (50623) | more than 14 years ago | (#1550404)

A NAT/Firewall distro, something with reasonably easy installation that would put and install all the neat packages to make a routeur/firewall for cable/adsl owners. OpenBSD seems ready to do it but the installation doesn't look pretty.

Re:Are *BSDs dying ? Valid question but no (1)

johnhebert (53732) | more than 14 years ago | (#1550405)

I can understand why you ask this, given all the news/hype over Linux lately. But just because there isn't a relative proportion of news/hype over *BSDs, this doesn't mean that the software is any less valuable.

I am using OpenBSD for security solutions for my clients and I am very impressed and satisfied with it. Also, because it is less crufty than a similar Linux configuration, it is ideal for dedicated Internet devices. The next decade will see an explosion of these.

Re:Are *BSDs dying ? (1)

fr0g (63626) | more than 14 years ago | (#1550411)

I am one new FreeBSD user. After installing 3.2 I found that the file structure made more sense. Also I really enjoy the freebsd website when searching for an answer it is very well laid out and helpful, and I really like /usr/ports.

I will prob still run some type of Linux from time to time to check up on the progress but for my small cable modem firewall/gateway I will run *.BSD.

They need better reviewers... (1)

xinu (64069) | more than 14 years ago | (#1550412)

That was one of the worse articles I've ever read. They had some guy that seemed pretty clueless and stumbling through an install giving his impression of it. OpenBSD is very simple to install. I hate these people that are laerning Linux and think that's UNIX. It's close but not quite, it just gives you a taste of how things work, though not properly. I'm all for people learning Linux and getting into the UNIX way of things, but they should have some experience under their belt before they start doing reviews on, come on! It's a shame it was shown is such a bad light, it really is a great OS.

Re:Not thourough (1)

xinu (64069) | more than 14 years ago | (#1550413)


Re:Not bad considering the low word count ... (1)

dennisp (66527) | more than 14 years ago | (#1550414)


FreeBSD Handbook []
Mailing list, Handbook and FAQ searches [] (Years and years worth of mailing list archives)
"FreeBSD for the lazy and Hopeless" []
A comprehensive guide to FreeBSD [] (sort of dated but still applicable)
FreeBSD Tutorials []

If you already have hte system installed -- there is probably a bunch of information in /usr/share/doc as well. Now, there isn't as much info on how to get going as linux -- but there is a lot of info for FreeBSD out there (I can't say the same thing for other *BSD's unfortunately). On a side note, 2.2.7 is as BSDish as you can get.

Re:They need better reviewers... (1)

dennisp (66527) | more than 14 years ago | (#1550415)

Actually, I think it's exactly what they need. My thoughts when installing a system are completely different than a newbies. Even if I hadn't installed that particular OS before, I think my results would be skewed because I've used other unix or unix like systems. Remember, he's writing to a particular audience. That audience is those that read

Re:*BSD install experiences (1)

dennisp (66527) | more than 14 years ago | (#1550416)

I did recompile my FreeBSD kernel on numerous occcasions, but always had that ``did I do it properly'' feeling that I've never encountered with Linux.

I don't see why it's hard.
cd /usr/src/sys/$arch/conf
ee/pico/vi MYKERNEL
(possibly open up another term to look at LINT in the same directory)
after done; /usr/sbin/config MYKERNEL
cd ../../compile/MYKERNEL
make depend
make install
-- in the rare case where your kernel doesn't work, you can just boot kernel.old or kernel.generic and try again. Remember to read error messages when compiling the kernel (just like when compiling linux kernels !)

It's almost exactly the same on all BSD based systems including BSDi. I think it's just inexperience with the type of system. I felt the same way when I first tried linux after using BSD and SunOS for years.

Although some of the 'snobbery may be true, there are still people who are willing to help newbies -- just like linux. However, it IS annoying when a newbie asks a question that is readily available in the documentation/handbook/mailing list archives. Give a man a fish and he'll always come back for more -- but teach a man to fish...

Another thing I partially agree with is the partitioning scheme. Disk druid (or whatever) should be a little more intuitive. I once set up a system and downloaded all my distributions, then configured some menu options, then reboot. To my horror, it said that there was no bootable partition. Unfortunately you can't set up a bootable partition that goes beyond 1024 cylinders (tried making / 27 gigs). I had to totally re-install. Thank god I have a fast internet link and get 690k/s from the MIT mirror :).

Anyway, once the system is installed and you get aquainted with it, it's very nice to use. Some of the things you have to setup are possibly hard -- but I don't think they are much less intuitive than most linux distros. I think it's that you just have to get used to it. I myself experienced problems using slackware, then redhat (from which I had to sit there deleting crap I didnt want for 20 minutes and re-arrange the crappy rc files).

Re:Not bad considering the low word count ... (1)

dennisp (66527) | more than 14 years ago | (#1550417)

Steeper learning curve? I doubt it, unless the you're comparing redhat to them. Debian and slack can be equally daunting to a user. Of course, anyone reading is probably using redhat anyway...

Re:Learning from OpenBSD (1)

dennisp (66527) | more than 14 years ago | (#1550418)

While I agree, I think that Linux design is progressing at such a speed that it's not really possible to do this. OpenBSD pays meticulous detail to security -- but the system may become at least a little dated when the userland/kernel/base system have to be audited or specifically planned for security purposes.

Most problems are in userland daemons and programs though. Stuff like recent AMD buffer overflows were experienced on a wide range of systems. I don't think it's acceptable to have a remote TCP/IP DoS attack in a so called stable kernel though.. :).

Re:My comments from Linux Today: (1)

thanatosis (67786) | more than 14 years ago | (#1550419)

I loved the OpenBSD partition editor. It's not pretty, and it doesn't need to be. It assumes you know what your doing, (and if you don't you should read the docs) and then it gets the job done.

Maintaining a *BSD is so nice.

FreeBSD ex:
cvsup -g /usr/share/examples/stable-supfile
cd /usr/src
make buildworld && make installworld
cd /usr/src/sys/i386/conf
/usr/sbin/config MYKERNEL
cd ../../compile/MYKERNEL
make clean && make depend && make && make install

Who can complain when you can rebuild the entire OS and kernel so quickly and easily? Linux can't touch this.

FreeBSD and These Colours (1)

DoomHaven (70347) | more than 14 years ago | (#1550421)

I have installed FreeBSD, and the learning curve was about the same as when I learned Linux. Despite everything you have heard, I find that Linux's network utilities are more intuitive than FreeBSD's, and I would rather use Linux than FreeBSD as a network tool.

And yes, IMHO, FreeBSD felt like a stripped down version of*nix.

Drop the colors. I don't come to /. for the blinkenlights. It's chrome, cruft, feeping creaturism, and I don't want it. I get that enough when I use Windows.

We Say, They Say (1)

EXTomar (78739) | more than 14 years ago | (#1550422)

Enough already! Already, many people have jumped up and said "I had problems installing" while others have said "I had no problems." This gets us nowhere and isn't real evidence anyways.

Just remember that most of us are "power users." We are willing to get through any problem assuming there is "a glimmer of light at the end of the tunnel." On the other hand, most users aren't going to be as patient or driven to fix subtile problems. To say, "weak willed people shouldn't be using this" isn't a is a problem!

Both Linux and BSD have come a long way in making things eaiser to digest and figure out but there is room on both sides for improvement. Just because one person knows automatically where to find information on BSD drivers, doesn't mean my mom will. Just because I know how to setup an NAT in Linux doesn't mean my dad will figure it out right away either. Anything that facilitates novice user's understand is a good thing.

Re:Learning from OpenBSD (1)

heh2k (84254) | more than 14 years ago | (#1550423)

wtf, the slashdot colors are all different; red and yellow. weird. anyway,

can't all the BSDs benefit from the code auditing done by the openbsd guys? and linux as well (though not as much), since a lot of apps are used by both linux and bsd dists; eg, pine, sendmail, bind/named (wtf is it's name anyway? bind or named?).

Re:The land of the free (1)

heh2k (84254) | more than 14 years ago | (#1550424)

you mean kind of like

Re:Not bad considering the low word count ... (1)

NickHolland (91075) | more than 14 years ago | (#1550425)

I would beg to differ on this.

While I would agree there is a lot of stuff written on Linux, I'd question the value of most of it. The real issue is how much GOOD stuff is written on the subjects, and how much cr*p you have to dig through to find it.

I have been playing with Linux on-and-off since probably 1994 or 1995. I did my first OpenBSD and FreeBSD installs only a month or so ago. I felt more at home with OpenBSD and FreeBSD within minutes than I did with any version of Linux..ever.

Why? Simply because *BSD more closely matched the considerable Unix documentation that is out there. Linux is a changing target. By the time a release is properly documented, it is being replaced by a new release.

I also found the documentation available for *BSD to be more specific to the actual package I had than the Linux documentation. The Linux docs are considerable and some are excelent quality -- but the first challenge is trying to figure out what actually got installed and what is applicable and what isn't to the particular distribution that is loaded on the machine in front of me.

To me, it feels like Linux is a lot of pieces bolted together. Each piece is well documented, but how the pieces interact and work together is a challenge to figure out. OpenBSD seems to be a more coherent system.

I wanted to turn OpenBSD into a NAT system for my cable internet access. Within a relatively few hours of fiddling and fighting with wierd hardware, it was running and operating perfectly. I spent far more time figuring out the logic of the partitioning program (and cleaning up the mess after I discovered I was wrong...time after time! 8) and fighting with a SCSI controller supported by nothing in the world other than DOS and Windows 95 than I did getting NAT going.

Don't get me wrong... I respect Linux greatly, and I do not question that it is a much better desktop OS than *BSD is for a number of reasons. (One of which is the hype factor -- a perceived popular OS will have more software support, and this is important.) However, *BSD has a very significant place where stable, secure and reliable operation is more important than flash. OpenBSD has impressed the heck out of me very quickly. And, it sounds like the only "Internet" OS that really has security as something other than an afterthought.


Re:Not bad considering the low word count ... (1)

NickHolland (91075) | more than 14 years ago | (#1550426)

Hear Hear!!

I can't think of any OS in recent history where simply getting the system to boot should qualify as any kind of victory. Getting an OS to boot may be a milepost, but only the very first milepost in a very long trip.

I also agree the recent "tech" stuff is pathetic. Remember when Byte magazine used to have schematic diagrams? Remember Byte magazine?? So much now is so absurdly platform specific, and so many reviewers claiming to be experts on things they are they shouldn't, and condeming "competing" or differing products they show no real experience in or understanding of.

I'm also not impressed that this reviewer would even mention an attempt to do an install on unreliable hardware, or a dial-up FTP install. I've tried a few FTP installs through my cable internet access. OpenBSD is the only one that really went well! Now, I think I will credit this more to the site that I pulled it down from than the product itself, but I have to say OpenBSD's FTP install can work, and can work very well, at least if you don't bring an expectation that it is "just like Linux" (or DOS, or Windows or...) to the process.


FreeBSD v. Linux kernel recompile (1)

aunchaki (94514) | more than 14 years ago | (#1550428)

I've found it to be just the opposite: I've found excellent documentation to get me through FreeBSD kernel compiles (and excellent documentation overall). I've done it a few times to get just the right support for my (very) old 486 motherboard (no PnP, no PCI, just 1 IDE channel, etc...).

I've not found anything nearly so helpful to get me through a Linux kernel compile, though I'm getting ready to give it a try soon. I guess I'll have to actually read that chapter in my SuSE manual ;^)

X Windows and Masochism involved thereof (1)

endotoxin (108297) | more than 14 years ago | (#1550429)

Interesting that Matt Mitche choose to forego installation of XWin - not that I blame him. Based on my own experience as a wee U*IX groupie (several years ago; hasn't improved), configuring should only be attempted in the company of the extraordinarily patient, or the incredibly wise. Preferably both.

Obligatory Link: Neal Stephenson has made some insightful comments on the subject of GUI's in one of his latest Essay [] .

Unconfirmed Memory: There is some project in the works to solve a lot of the problems involved with XWin. If anyone has more info, pls post!

Re:Right on! (2)

Yarn (75) | more than 14 years ago | (#1550430)

$ dpkg -S /usr/bin/dselect
dpkg: /usr/bin/dselect

$ dpkg -s dpkg
Package: dpkg
Essential: yes
Status: install ok installed
Priority: required
Section: base
Installed-Size: 1017
Maintainer: Ian Jackson and others = 2.1), libncurses4 (>= 4.2-3.1), libstdc 2.10
Description: Package maintenance system for Debian

Re:Right on! (2)

jd (1658) | more than 14 years ago | (#1550431)

One model I've seen used, which I quite like, is to have binaries install into it's own tree, off /usr/local. eg: /usr/local/egcs, /usr/local/ghostscript, etc. Then use the /bin, /usr/bin and /usr/local/bin purely for symlinks.

This has the advantage that it's quick and easy to do upgrades, or install new packages, with no nasty side-effects if there are name-clashes, and a guarantee that if there -are- multiple versions, you know exactly where they are.

It also has the disadvantage that it becomes VERY difficult to see what's installed, after a while. The filenames get horribly long, and the directory becomes impossibly cluttered. It also makes it more complex to do audits of what's changed, as you can't just go into the /usr/bin directory and look. You have to go through a multitude of directories to get that information.

IMHO, there is no "perfect" scheme. Everything is a trade-off. The more you split the binaries up, the easier maintenance becomes (especially automatic maintenance), and the easier it is to list what packages you have, even if you don't have a package manager.

OTOH, splitting everything into /, /usr, /usr/X11 and /usr/local keeps the heirarchy uncluttered at the expense of the directories themselves. It's harder to see which program comes from which version of which package, but you -can- be sure where the master copy of a given file is.

Re:Analysing the Conventional Wisdom (2)

otis wildflower (4889) | more than 14 years ago | (#1550433)

I agree, but remember that it's not wrong necessarily to put functionality first on the list of design criteria. You can always steal neat ideas from your competitors, and implement them yourself. Do note though:
  • Focusing on security has meant that there has been less attention towards providing features, ease-of-use, ease-of-development. The glass is legitimately half-full and half-empty.
  • The shape of OSS is formed largely by user/developer demand. As the demand for more security increases, Linux will see more contributions in that area. OBSD's example is critical here, and I encourage all admins and OSS enthusiasts to give it a try, since we can steal the best ideas and incorporate them ourselves.. ;)
  • Competition is good, code rot and stagnation is bad. Let's keep it friendly competition though: the goal's the same.. (and what's that goal? Making the world a place where you don't have to suffer the nonsense of M$ and proprietary crap systems for a living!)
  • OpenBSD is licensed under the BSD license, so porting features to Linux (GPL) without raising licensing issues can be tricky.

Linux suffers from security-related flaws, but IMHO the most serious ones relate to misconfigurations implemented by the CKI (Chair to Keyboard Interface)..

(And why not use and promote multiple OSes? Two mottos come to mind here.. 'The right tool for the job', and of course, 'There's More Than One Way To Do It!' ;)
Your Working Boy,

*BSD install experiences (2)

LizardKing (5245) | more than 14 years ago | (#1550434)

Reading this guys experience of installing OpenBSD reminded me of the first time I installed NetBSD. The bewildering lack of documentation, and the archaic partitioning scheme that comes up as the default. Once installed though, I felt the same as this guy in that it was a bare bones Unix, with no cruft.

My only criticism of NetBSD (and I assume this applies to OpenBSD as well), is that the kernel co nfiguration is horrible. *BSD snobs always poke fun at the user friendly kernel configuration tools that come with the Linux source, but this is really unjustified. I never got round to compiling my own NetBSD kernel because of the paucity of documentation and the crap configuration file.

I did recompile my FreeBSD kernel on numerous occcasions, but always had that ``did I do it properly'' feeling that I've never encountered with Linux.

So all in all this OpenBSD review is accurate and fair.

Chris Wareham

Not bad considering the low word count ... (2)

LizardKing (5245) | more than 14 years ago | (#1550435)

What more do you want from a couple of hundred words written by someone installing OpenBSD for the first time. Remember that this article is published on a Linux-centric site, and that most people use Linux as a desktop OS. As the author correctly points out, OpenBSD's raison d'etre is as a potentially secure server OS. Note that I say it is *potentially* secure - it's still up to the end user to configure it correctly. OpenBSD simply gives you an audited set of software that gives you a fighting chance of setting up an almost uncrackable server.

So don't knock this review without noting its context. I feel that he highlights the real differences between Linux and the free BSD flavours - the latters constency, economy of features and steeper learning curve.

Chris Wareham

Re:Not bad considering the low word count ... (2)

LizardKing (5245) | more than 14 years ago | (#1550436)

``On a side note, 2.2.7 is as BSDish as you can get.''

Maybe. Except lots of the BSD API is deprecated - perhaps this is part of a move towards POSIX / XPG conformance? You have to link in compatability libraries for things like BSD C regexps, which brings back bad memories of programming on Solaris after the switch from BSD based SunOS ...

Chris Wareham

Re:The OpenBSD install is well documented (2)

LizardKing (5245) | more than 14 years ago | (#1550437)

``The Cheapbytes CD comes with a very clear, step by step guide ...''

Not much help if you're a total cheapskate and just downloaded NetBSD like I did ;-)

Chris Wareham

Re:Not bad considering the low word count ... (2)

LizardKing (5245) | more than 14 years ago | (#1550438)

``Steeper learning curve? I doubt it, unless the you're comparing redhat to them. Debian and slack can be equally daunting to a user.''

There just isn't the same amount of material avaliable for the free BSD's as there is for Linux. This is a shame as I loved NetBSD, but in the end I switched to SparcLinux simply because it performs better. (There are good reasons why Linux outperforms NetBSD - the NetBSD guys chose to code for easy portability not blistering performance on any one platform).

I can't say that I enjoyed FreeBSD though, as the version I used (2.2.7) seemed to be in some kind of limbo between BSD and System V from a programmers point of view.

As for Linux distros differing in terms of user-friendliness, I can only comment on SuSE and RedHat. RedHat is a doddle to use, but takes a lot of trimming to get rid of extraneous cruft, while SuSE reminded me of NetBSD for some reason.

Chris Wareham

Re:Right on! (2)

Ed Avis (5917) | more than 14 years ago | (#1550440)

You could get the package manager to keep track of the associated source, docs, etc for each binary. For example:

% rpm --tell-me-about /usr/bin/grep
GNU grep 9.99, compiled by me@somewhere on 1998-05-14
(it could give more details, eg compiler flags, what the configure script detected)
Source is in grep-9.99.srpm
(or in /usr/src/grep-9.99 if the SRPM is already installed)
Manual page is grep(1)
Docs are in /usr/doc/grep-9.99

My review of OpenBSD (2)

elflord (9269) | more than 14 years ago | (#1550441)

I am a reasonably experienced linux user. I guess I'd call myself intermediate, leaving the term "advanced" for the "real programmers".

I decided some time back that it would be fun to experiment with OpenBSD. I was drawn primarily by it's crypto software. I was installing it on a machine that I tend to use more as a server than anything else. So desktop friendliness was not a major issue.

So first came the install. I ordered my $2- Cheapbytes [] CD, which came with an installation walk-through. This walk through made it pretty easy. I had a hiccup with my large disk drive ( due to bad bios configuration ) but a post to comp.unix.bsd.openbsd.misc fixed that pretty quickly. The partitioning procedure using the cryptic disklabel tool would have been hell without the walkthrough. However, i just did ( more or less ) what the walk through said, and it went OK.

Which raises another point -- I was surprised to find that the help on Usenet for OpenBSD is on par with usenet linux support. Far from being a bunch of obnoxious RTFM'ers, the OpenBSD crowd are by and large very helpful. I felt honoured that Theo De Raadt himself responded to one of my posts. Regarding support, the "OpenBSD FAQ" is also excellent. It is really more like a users manual than an FAQ. I highly recommend that anyone planning on installing openBSD get a copy of this prior to installation.

Once I had finished the install, I had my openBSD system up and running. I discovered a few things:

First, I was somewhat surprised that the inetd services don't go via TCP wrappers by default. I had to edit inetd.conf to make them do this. I was awfully confused for a little while regarding the fact that my hosts.deny settings ( ALL:ALL ) were not honoured. So I fixed inetd.

What is nice about the default setup is that software such as sudo, skey and kerberos is installed by default. They will be shipping ssh with it in the near future ( 2.6 ), see Until recently, they've had obstructions to shipping this, such as patents. They are actively hacking ssh to remove these obstacles. Crypto is "integrated" into the system. For example, crypt() has built in blowfish encryption ( which is used to encrypt passwords ) See for more info.

The system also uses shadow passwords out of the box. The ports collection makes it easy to install any other secure software you might want, such as cops, ssh, rsaref, among other things. Just CD to the right directory and type "make install" and openBSD automatically installs the package, *and* looks after any dependencies -- so "make install" always works, even if you don't have some of the required packages to begin with. The ports collection is lean in terms of desktop applications, but contains a good collection of server apps.

However, it's not ideal as a desktop system. The file system is slow ( though very stable ), and the ports collection is somewhat limited compared to FreeBSD and NetBSD. It also trails FreeBSD in hardware support.

Overall, I'd highly recommend it for a user familiar with linux ( in particular, someone not scared of command lines ) who wants to set up a secure server on low end hardware.

Re:FreeBSD and These Colours (2)

Roundeye (16278) | more than 14 years ago | (#1550442)

Go to your preferences page and turn off der blinkenlighten.

Re:Not thourough (2)

evilpenguin (18720) | more than 14 years ago | (#1550443)

I don't think it's quite fair to criticize the "depth" of the review. The author outright says that he's a newbie to BSD and that this is the story of his experience with it.

He tells a tale of the difficulties he had as a fairly Linux savvy person using OpenBSD for the first time, and he speaks as deeply of the benefits of the running system as his experience justifies.

I wouldn't trust hime if he went into more depth. A few days of poking does not an expert make.

BTW, I've been using Linux since 1993 (I first tried the TAMU distribution, anyone else out there use TAMU?) and just this summer installed my first *BSD system, I put FreeBSD on an old 486 on my network. I had a good experience with that. It's up and stable and I use to serve copies of my "Webmaster in a Nutshell Deluxe" and "Java in a Nutshell Deluxe" CD-ROMs to the rest of my network via NFS. It works beautifully, and I haven't had to touch the box for nearly six months now. What else do you want from a server?

So, this guys's story made me keen to try out OpenBSD and see what that could do for me.

I think that's what the article was about, rather than a comprehensive review.

Oh yeah, another commenter said (disparagingly, I think) that people who read that site are all RedHat users. I read this article and I'm a Debian user.

Re:Why I Came Back To Linux (2)

Tom Christiansen (54829) | more than 14 years ago | (#1550444)

You're lucky. I never did get printing on my LaserJet 4m working under Linux. Turns out that you can't just :lp=9100@printer: into your /etc/printcap. So I put the server back on openbsd again so it would actually work. Yes, it's an old printer without a built-in lpd, but that's no excuse. BSD handles it just fine. Linux doesn't. (And I know, those words are ill-defined.)

As for file system speed, that's another peculiar complaint. BSD's filesystem is much faster for what I do than Linux's. Test it out by creating equivalent large trees, and running something recursive, like du or ls -R. I have directories with zillions of files in them. BSD is about an order of magnitude faster for this than Linux.

And why do you say that for a desktop machine, the filesystem speed is important? Is this different from what you want in a non-desktop machine? Why?

As for networking, it seems more sensible on BSD. I find that the many Linux versions all have their own little sillinesses that you have to sniff out. They also seem need an extra route that I don't need to remember to do in BSD.

In fact, there's absolutely nothing I want to do that I can do in Linux that I can't do in BSD. Sure, there are kernel threads in Linux, but it's not like they're as robust as on Sun or SGI.

As for games, I find that BSD comes with a lot more than Linux does, which is basically nothing at all. It's nice to be able to just type rogue and it run right out of the box.

The ports stuff is much saner than anything I've ever seen for Linux. I don't understand why people expect absolutely everything pre-installed, or why they always want binaries. It's very scary. There's something very comforting about having a 100% source system, and one where you just type make. You want to know how to make rm stop asking stupid questions? Just cd /usr/src/bin/rm/ and look at rm.c sitting right there. Don't like something? Edit the file, and just type make.

And then there's the fact that /sys is there again, and things are where you expect them to be.

And then there's the fact that all binaries and libraries come with man pages, something that all the Linux operating system bundlers have completely screwed up.

I guess what I'm saying is that BSD is much saner and coherent -- and familiar -- if you're a long-time Unix user than Linux is. Then again, I've been using BSD since 81 or 82, so it's not surprising it makes more sense to me than then Winix stuff you see in Linux.

First times for everything... (2)

gmcraff (61718) | more than 14 years ago | (#1550447)

Like the author of this review, OpenBSD was also my first. I had a Boeing-surplus Sun station I was running on a shoestring budget for an college organization I was in, and when the hard drive blew up before I could procure a back-up device and I didn't have any installation media (I know, I know... playing with fire), I found myself in the un-enviable position of having to find a replacement OS to put on the replacement hard drive. And yet, I was on a shoestring (and spit and chewing gum) budget... so I did some checking around. Wanting to try the OS before dedicating my precious collegiate hours to the installation process, I found that OpenBSD would run on both Sun and Intel platforms, and that there was really good Sun binary compatibility. Actually, I was tossing coins between NetBSD and OpenBSD, but the security audit was a good selling feature.

So I proceeded to install OpenBSD on my 4 year old 486 from floppy images. (I didn't have the funds to buy the CD, either, but I did have some old AOL promo disks.) After a day and some of fiddling, I had the system up and running, although I had many of the same troubles as the author of the review, but without the prior Linux experience to draw upon. I installed X11 and a few other necessary programs, and ba-da-bing, it ran fine.

About a year later, after I was no longer in charge of that organization's computer woes, I transitioned to FreeBSD, since it had better focus on the Intel platform and in particular supported the odd arrangement I was resorting to to drive my CDROM. Still, for a first foray into the wild, wild world of installing and running UNIX from scratch, OpenBSD was pretty good!

Re:Are *BSDs dying ? (2)

dennisp (66527) | more than 14 years ago | (#1550448)

quick example. About 6-9 months ago, there were maybe 40-60 people in #FreeBSD on efnet at a time. This number has grown to 170-240 on average. This is similar to the growth in the #linux channels except at a lower order of magnitude. I think we'd have more people in there if the ops didn't get pissed off when someone asked something particularly stupid :). The linux channels on the other hand seem to be more oriented towards setup help (there are some cool people in #FreeBSD ready to help though !).

Re:X Windows and Masochism involved thereof (2)

dennisp (66527) | more than 14 years ago | (#1550449)

I've never installed X on OpenBSD -- but to do this on FreeBSD, you:

a) check to make sure your video card is supported by xfree first
b) run /stand/sysinstall and go to post install operations -> install additional distributions -> whatever you want on the x menu
c)once that's done, go to post install -> configure xfree86 server from which it run XF86Setup (or the command line util if wanted).
d) once you have that running, then post install -> Setup XFree86 Desktop and install your window manager of choice (gnome + enlightenment or afterstrep [doesnt work very good in bsd], windowmaker, fvwm2, or KDE (i'd recommend kde + blackbox or windowmaker or just plain KDE).

All linux XFree setup's I have tried have been similarly intuitive..

The land of the free (2)

jhines (82154) | more than 14 years ago | (#1550450)

OpenBSD has a huge advantage in security, being
from Canada, and not the US of A, it can ship
with heavy encryption enabled, with out
being harrassed.

Someone overseas should take note of the business
model, and make a linux distribution based on
the same ideas.

Right on! (2)

friedo (112163) | more than 14 years ago | (#1550451)

My install nightmares over, I began to explore the system. What I found impressed me. The distribution was quite minimalistic compared to a distro such as Red Hat Linux. It was a nice feeling to know what every binary on my box was used for. I had the impression that every file and every directory had been placed with a distinct purpose. The layout seemed carefully contemplated. Unfortunately, I still don't know what many of the binaries on my Linux box are for, and they are often scattered around almost randomly. Instead of careful design, I feel like my distribution was simply trying to fit the most free software possible onto my hard-drive. I don't mind this behavior on my workstation, but I definitely don't enjoy cleaning up cruft from my servers! OpenBSD handily beats Linux here.

Right on! That was one of the hardest things I encountered when getting used to Linux. Binaries in /bin, /sbin, /usr/local/bin, etc. In thinking of a better way to set up an OS (yeah, like I'm gonna invent an OS) I figured most binaries will need:

  • Source (of course) for available hacking/patching
  • Docs/manpages
  • configuration files/scripts
  • the binary itself
  • other stuff
There's two ways to organize this, either every binary has it's own location (in one distinct repository) under which all of the above is included, or the above categories are divided into several locations, such as /bin, /conf, /src, etc. Which do you think would be a better model? I'd vote for the latter, as long as it was easily predictable where things were.

Re:Learning from OpenBSD (3)

Foogle (35117) | more than 14 years ago | (#1550452)

First of all - I love OpenBSD. It's made my life as a sysadmin MUCH easier.

Having said that, I wouldn't want Linux to pick up it's development model. Actually, Debian is almost there. The BSD groups are incredibly picky when it comes to what get's put into their OS. The kernel development is a much slower, and much more mature process. If Linux worked that way, we wouldn't see 2.4 until 2005.

A line-by-line audit of Linux's code wouldn't be bad idea, but the state of that code changes so frequently that I don't think it could be done properly without affecting the development process.


"You can't shake the Devil's hand and say you're only kidding."

Analysing the Conventional Wisdom (3)

Tom Christiansen (54829) | more than 14 years ago | (#1550453)

Several posters have espoused using some flavor of BSD for "servers", but some flavor of Linux for "workstations". This viewpoint is one that you hear repeated so often that it seems to have taken on a life of its own. But what essential criteria are being used to arrive at this position? Proof by repetition has no place in the technical community. Is there any substance to this mantra, or are we just hearing the unexamined echoes of well-trained and well-meaning parrots?

Precisely what features are desirable in a "server"? What features are desirable in a "workstation"? What even is the difference between a "server" and a "workstation"? Does optimizing for one of these environments pessimize-- or at least compromise--the other situation? Is there some technical feature that you really want to have in a multi-user situation that you don't care about in a single-user one? What about the other way around?

Here's my conjecture: there is no difference here. You want the same in both, because a soi-disant single-user Unix workstation is still a complete multi-user environment with all the attendant issues thereof.

A system's inadequacies appear more acceptable in a single-user system only because they can thereby annoy only one person at a time. In a multi-user situation, such problems are less tolerable because the pain is multiplied by the number of individuals affected. But inadequacies they remain.

Just as you want a solid, sane, robust system for a computer that provides services for an entire department, so too do you wish the same coherence and correctness on my very own computer that you are the principle user of. For example, you don't expect to reboot a server just because you install some new software, and neither do you expect to do the same on my own machine. Granted, Unix isn't stupid here, the way the Evil Empire is. But by allowing sloppiness in a "single-user" environment that would never be tolerated in a "multi-user" one, we risk relegating ourselves to a plane of Hell not so far removed from the one currently inhabited by gibbering victims of the Horror Out of Redmond.

Load More Comments
Slashdot Login

Need an Account?

Forgot your password?