EuroBSDCon 2019 Talks

The presentations from this year's EuroBSDCon held during late September in Lillehammer, Norway are now available on YouTube.

The program lists a number of interesting talks from seasoned OpenBSD developers such as Alexander Bluhm's assay of performance metrics on OpenBSD (cf. test results), and Stefan Sperling sharing the new Game of Trees git tool—more commonly referred to as got. But there are also many other speakers from various backgrounds presenting an assortment of topics ranging from Paul Vixie—the author of cron, and numerous RFCs—discussing DNS over HTTP (DoH) to an exposition on the basics of ZFS by Dan Langille …

more ...

OpenBSD 6.6 Released Early

OpenBSD's second of its biannual releases came early again this year with the release of OpenBSD 6.6 last week; while this post comes late.

For anyone who isn't yet aware, Theo's announcement came a few days ago on Thursday, October 17 to the relevant mailing lists.

Among the many changes are:

  • sysupgrade(8): an automatic upgrade utility that performs release and snapshot upgrades with one command
  • LibreSSL 3.0.2: a new release of the project's OpenSSL fork
  • sshsig: a minimal signature and verification utility for ssh-keygen(1)
  • OpenSSH 8.1: a new release of the project's ubiquitous ssh protocol implementation …
more ...

50 Years of Unix

However, something else happened that summer which you won’t find in most history books… a Bell Labs researcher named Ken Thompson created the first version of Unix, which turned out to be one of the most important pieces of computer software ever invented.

This year, we celebrate 50 years of Unix! It was the summer of 1969 that Ken Thompson finished what came to be known as Unix over a three week period when his wife took his kid to visit the in-laws for summer. It wouldn't be hyperbole to suggest that what Ken accomplished literally revolutionised computing.

Bell Labs is …

more ...

Starting ssh-agent on OpenBSD

You'll find that unlike macOS, ssh-agent doesn't automatically run at startup on OpenBSD, so you need to initialise it, which is quick and easy but somewhat abstruse.

First, don't do the seemingly obvious and simply run ssh-agent like so:

$ ssh-agent
SSH_AUTH_SOCK=/tmp/ssh-MUxDCsIBiG5G/agent.38206; export SSH_AUTH_SOCK;
echo Agent pid 65950;

Despite what you might intuit from the output, ssh-agent has only printed the shell script needed to initialise the daemon—it hasn't actually set the variables. Instead, we should evaluate the output, which will set both the SSH_AUTH_SOCK and SSH_AGENT_PID variables that allow ssh-add to communicate with …

more ...

Boost Nextcloud Performance with Redis Cache on OpenBSD


A PHP memory caching utility such as Redis can significantly decrease load times, speeding up PHP requests by storing compiled files for quicker retrieval.

Install Redis

Both the Redis database and PHP interfacing extension need to be installed:

# pkg_add redis pecl-redis

Add to rc.d to run at startup and then start Redis:

# rcctl enable redis
# rcctl start redis

Redis and Nextcloud Configuration

First, make the directory with appropriate ownership and permissions in the chroot where Redis will create the unix socket file:

# mkdir /var/www/redis
# chown …
more ...

Let's Encrypt HTTPS with acme-client on OpenBSD


Since OpenBSD 5.9, the base system comes with acme-client: an open source implementation in C that requests a free HTTPS/TLS certificate from the Let’s Encrypt Certificate Authority. It is really simple to setup and even easier to use. And once your certificate is issued, a cronjob will ensure your website stays TLS encrypted for the remainder of its lifetime.

ACME Setup

Open the file /etc/acme-client.conf in your favourite editor and ensure both instances of the agreement url contain the most up-to-date link. Then …

more ...

OpenBSD Web Server with httpd, MariaDB, PHP and WordPress


The ubiquitous LAMP (Linux / Apache / MySQL / PHP) Stack that runs on just about every private or SOHO, and even enterprise level, deployment has scores of guides available across the Internet. If you are establishing your own web server for the first time, you can google "LAMP Stack $linux_flavour" and Google will return thousands of results; many of them up-to-date and accurate enough that you can reliably follow the steps provided to deploy a secure production environment where you can serve anything from your WordPress blog …

more ...