Created by three guys who love BSD, we cover the latest news and have an extensive series of tutorials, as well as interviews with various people from all areas of the BSD community. It also serves as a platform for support and questions. We love and advocate FreeBSD, OpenBSD, NetBSD, DragonFlyBSD and TrueOS. Our show aims to be helpful and informative for new users that want to learn about them, but still be entertaining for the people who are already pros. The show airs on Wednesdays at 2:00PM (US Eastern time) and the edited version is usually up the following day.
Similar Podcasts
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Programming Throwdown
Programming Throwdown educates Computer Scientists and Software Engineers on a cavalcade of programming and tech topics. Every show will cover a new programming language, so listeners will be able to speak intelligently about any programming language.
40: AirPorts & Packages
On this week's episode, we'll be giving you an introductory guide on OpenBSD's ports and package system. There's also a pretty fly interview with Karl Lehenbauer, about how they use FreeBSD at FlightAware. Lots of interesting news and answers to all your emails, on BSD Now - the place to B.. SD. This episode was brought to you by Headlines BSDCan 2014 talks and reports, part 2 (https://www.bsdcan.org/2014/schedule/) More presentations and trip reports are still being uploaded Ingo Schwarze, New Trends in mandoc (https://www.youtube.com/watch?v=oifYhwTaOuw) Vsevolod Stakhov, The Architecture of the New Solver in pkg (https://www.youtube.com/watch?v=3SOKFz2UUQ4) Julio Merino, The FreeBSD Test Suite (https://www.youtube.com/watch?v=nf-bFeKaZsY) Zbigniew Bodek, Transparent Superpages for FreeBSD on ARM (https://www.youtube.com/watch?v=s5iIKEHtbX8) There's also a trip report from Michael Dexter (http://freebsdfoundation.blogspot.com/2014/06/bsdcan-trip-report-michael-dexter.html) and another (very long and detailed) trip report (http://freebsdfoundation.blogspot.com/2014/05/bsdcan-trip-report-warren-block.html) from our friend Warren Block (http://www.bsdnow.tv/episodes/2014_03_26-documentation_is_king) that even gives us some linkage, thanks! *** Beyond security, getting to know OpenBSD's real purpose (https://www.youtube.com/watch?v=JrFfrrY-yOo) Michael W Lucas (http://www.bsdnow.tv/episodes/2013_11_06-year_of_the_bsd_desktop) (who, we learn through this video, has been using BSD since 1986) gave a "webcast" last week, and the audio and slides are finally up It clocks in at just over 30 minutes, managing to touch on a lot of OpenBSD topics Some of those topics include: what is OpenBSD and why you should care, the philosophy of the project, how it serves as a "pressure cooker for ideas," briefly touches on GPL vs BSDL, their "do it right or don't do it at all" attitude, their stance on NDAs and blobs, recent LibreSSL development, some of the security functions that OpenBSD enabled before anyone else (and the ripple effect that had) and, of course, their disturbing preference for comic sans Here's a direct link to the slides (https://wcc.on24.com/event/76/67/12/rt/1/documents/resourceList1400781110933/20140527_beyond_security_openbsd.pdf) Great presentation if you'd like to learn a bit about OpenBSD, but also contains a bit of information that long-time users might not know too *** FreeBSD vs Linux, a comprehensive comparison (http://brioteam.com/linux-versus-freebsd-comprehensive-comparison) Another blog post covering something people seem to be obsessed with - FreeBSD vs Linux This one was worth mentioning because it's very thorough in regards to how things are done behind the scenes, not just the usual technical differences It highlights the concept of a "core team" and their role vs "contributors" and "committers" (similar to a presentation Kirk McKusick did not long ago) While a lot of things will be the same on both platforms, you might still be asking "which one is right for me?" - this article weighs in with some points for both sides and different use cases Pretty well-written and unbiased article that also mentions areas where Linux might be better, so don't hate us for linking it *** Expand FreeNAS with plugins (http://www.openlogic.com/wazi/bid/345617/Expand-FreeNAS-with-plugins) One of the things people love the most about FreeNAS (other than ZFS) is their cool plugin framework With these plugins, you can greatly expand the feature set of your NAS via third party programs This page talks about a few of the more popular ones and how they can be used to improve your NAS or media box experience Some examples include setting up an OwnCloud server, Bacula for backups, Maraschino for managing a home theater PC, Plex Media Server for an easy to use video experience and a few more It then goes into more detail about each of them, how to actually install plugins and then how to set them up *** Interview - Karl Lehenbauer - karl@flightaware.com (mailto:karl@flightaware.com) / @flightaware (https://twitter.com/flightaware) FreeBSD at FlightAware, BSD history, various topics Tutorial Ports and packages in OpenBSD (http://www.bsdnow.tv/tutorials/ports-obsd) News Roundup Code review culture meets FreeBSD (http://julipedia.meroh.net/2014/05/code-review-culture-meets-freebsd.html) In most of the BSDs, changes need to be reviewed by more than one person before being committed to the tree This article describes Phabricator, an open source code review system that we briefly mentioned last week Instructions for using it are on the wiki (https://wiki.freebsd.org/CodeReview) While not approved by the core team yet for anything official, it's in a testing phase and developers are encouraged to try it out and get their patches reviewed Just look at that fancy interface!! (http://phabric.freebsd.org/) *** Upcoming BSD books (http://blather.michaelwlucas.com/archives/2088) Sneaky MWL somehow finds his way into both our headlines and the news roundup He gives us an update on the next BSD books that he's planning to release The plan is to release three (or so) books based on different aspects of FreeBSD's storage system(s) - GEOM, UFS, ZFS, etc. This has the advantage of only requiring you to buy the one(s) you're specifically interested in "When will they be released? When I'm done writing them. How much will they cost? Dunno." It's not Absolute FreeBSD 3rd edition... *** CARP failover and high availability on FreeBSD (https://www.youtube.com/watch?v=VjYb9mKB4jU) If you're running a cluster or a group of servers, you should have some sort of failover in place But the question comes up, "how do you load balance the load balancers!?" This video goes through the process of giving more than one machine the same IP, how to set up CARP, securing it and demonstrates a node dying Also mentions DNS-based load balancing as another option *** PCBSD weekly digest (http://blog.pcbsd.org/2014/05/weekly-feature-digest-30/) This time in PCBSD land, we're getting ready for the 10.0.2 release (ISOs here) (http://download.pcbsd.org/iso/10.0-RELEASE/testing/amd64/) AppCafe got a good number of fixes, and now shows 10 random highlighted applications EasyPBI added a "bulk" mode to create PBIs of an entire FreeBSD port category Lumina, the new desktop environment, is still being worked on and got some bug fixes too *** Feedback/Questions Paul writes in (http://slexy.org/view/s205iiKiWp) Matt writes in (http://slexy.org/view/s2060bkTNl) Kjell writes in (http://slexy.org/view/s2G7eMC6oP) Paul writes in (http://slexy.org/view/s2REfzMFGK) Tom writes in (http://slexy.org/view/s21nvJtXY6) ***
39: The Friendly Sandbox
This time on the show we'll be talking with Jon Anderson about Capsicum and Casper to securely sandbox processes. After that, our tutorial will show you how to encrypt all your DNS lookups, either on a single system or for your whole network. News, emails and all the usual fun, on BSD Now - the place to B.. SD. This episode was brought to you by Headlines BSDCan 2014 talks and reports (https://www.bsdcan.org/2014/schedule/) The majority of the BSDCan talks are finally uploaded, so prepare to be flooded with links Karl Lehenbauer's keynote (https://www.youtube.com/watch?v=13LiyjnTGsQ) (he's on next week's episode) Mariusz Zaborski and Pawel Jakub Dawidek, Capsicum and Casper (https://www.youtube.com/watch?v=0la06FHbdvg) (relevant to today's interview) Luigi Rizzo, In-kernel OpenvSwitch on FreeBSD (https://www.youtube.com/watch?v=Lr5o1VQMtgA) Dwayne Hart, Migrating from Linux to FreeBSD for Backend Data Storage (https://www.youtube.com/watch?v=AVuF9eFeVWs) Warner Losh, NAND Flash and FreeBSD (https://www.youtube.com/watch?v=lj0XAE6C6-k) Simon Gerraty, FreeBSD bmake and Meta Mode (https://www.youtube.com/watch?v=4s0UY0sg6vI) Bob Beck, LibreSSL - The First 30 Days (https://www.youtube.com/watch?v=oM6S7FEUfkU) Henning Brauer, OpenBGPD Turns 10 Years Old (https://www.youtube.com/watch?v=cP8AW111IKg) Arun Thomas, BSD ARM Kernel Internals (https://www.youtube.com/watch?v=ZAM7fqhGRr8) Peter Hessler, Using BGP for Realtime Spam Lists (https://www.youtube.com/watch?v=i8UAVswpagA) Pedro Giffuni, Features and Status of FreeBSD's Ext2 Implementation (https://www.youtube.com/watch?v=HMeTxViulgo) Matt Ahrens, OpenZFS Upcoming Features and Performance Enhancements (https://www.youtube.com/watch?v=EjGqVdCOIhM) Daichi Goto, Shellscripts and Commands (https://www.youtube.com/watch?v=MsRu0xIawaA) Benno Rice, Keeping Current (https://www.youtube.com/watch?v=jZp-ciB6mAg) Sean Bruno, MIPS Router Hacking (https://www.youtube.com/watch?v=LZjoFSfIv3k) John-Mark Gurney, Optimizing GELI Performance (https://www.youtube.com/watch?v=2qicD0tv_tI) Patrick Kelsey, Userspace Networking with libuinet (https://www.youtube.com/watch?v=LhIx8q8_7YY) Massimiliano Stucchi, IPv6 Transitioning Mechanisms (https://www.youtube.com/watch?v=WZoQzUZKaeo) Roger Pau Monné, Taking the Red Pill (https://www.youtube.com/watch?v=q6l9qtjlNXU) Shawn Webb, Introducing ASLR in FreeBSD (https://www.youtube.com/watch?v=jo8ObzR1tKQ) There's also a trip report (http://undeadly.org/cgi?action=article&sid=20140519164127) from Peter Hessler and one from Julio Merino (http://julipedia.meroh.net/2014/05/bsdcan-2014-summary.html) The latter report also talks about how, unfortunately, NetBSD basically had no presence in the event at all (and how that's a recurring trend) *** Defend your network and privacy with a VPN and OpenBSD (http://networkfilter.blogspot.com/2014/05/defend-your-network-and-privacy-vpn.html) After all the recent news about spying, backdoored routers, deep packet inspection and everything else, you might want to start taking steps at getting some privacy back This article describes how to set up a secure network gateway and VPN using OpenBSD and related crypto utilities There are bits for DHCP, DNS, OpenVPN, DNSCrypt and a watchdog script to make sure your tunnel is always being used You can transparently tunnel all your outbound traffic over the VPN with this configuration, nothing is needed on any of the client systems - this could also be used with Tor (but it would be very slow) It also includes a few general privacy tips, recommended browser extensions, etc The intro to the article is especially great, so give the whole thing a read He mentions our OpenBSD router guide (http://www.bsdnow.tv/tutorials/openbsd-router) and other tutorials being a big help for this setup, so hello if you're watching! *** You should try FreeBSD (http://blog.pascalj.com/article/you-should-try-freebsd/) In this blog post, the author talks a bit about how some Linux people aren't familiar with the BSDs and how we can take steps to change that He goes into some FreeBSD history specifically, then talks about some of the apparent (and not-so-apparent) differences between the two Possibly the most useful part is how to address the question "my server already works, why bother switching?" "Stackoverflow’s answers assume I have apt-get installed" It includes mention of the great documentation, stability, ports, improved security and much more A takeaway quote for would-be Linux switchers: "I like to compare FreeBSD to a really tidy room where you can find everything with your eyes closed. Once you know where the closets are, it is easy to just grab what you need, even if you have never touched it before" *** OpenBSD and the little Mauritian contributor (http://hacklog.in/openbsd-and-the-little-mauritian-contributor/) This is a story about a guy from Mauritius (https://en.wikipedia.org/wiki/Mauritius) named Logan, one of OpenBSD's newest developers Back in 2010, he started sending in patched for OpenBSD's "mg" editor, among other small things, and eventually added file transfer resume support for SFTP The article talks about his journey from just a guy who submits a patch here and there to joining the developer ranks and even getting his picture taken with Theo at a recent hackathon It really shows how easy it is to get involved with the different BSDs and contribute back to the software ecosystem Congrats to Logan, and hopefully this will inspire more people to start helping out and contributing code back *** Interview - Jon Anderson - jonathan@freebsd.org (mailto:jonathan@freebsd.org) Capsicum and Casperd Tutorial Encrypting DNS lookups (http://www.bsdnow.tv/tutorials/dnscrypt) News Roundup FreeBSD Journal, May 2014 issue (http://i.imgur.com/f0qg6Ss.jpg) The newest issue of the FreeBSD Journal (http://www.bsdnow.tv/episodes/2014_01_29-journaled_news_updates) is out, following the bi-monthly release cycle This time the topics include: a letter from the foundation, a ports report, some 9.3-RELEASE plans, an events calendar, an overview of ipfw, exploring network activity with dtrace, an article about kqueue, data distribution with dnssec and finally an article about TCP scaling Pick up your (digital) copy at Amazon, Google Play or on iTunes and have a read *** LibreSSL porting update (http://insanecoding.blogspot.com/2014/05/libressl-porting-update.html) Since the last LibreSSL post we covered, a couple unofficial "portable" versions have died off Unfortunately, people still think they can just port LibreSSL to other BSDs and Linux all willy-nilly - stop doing that! This post reiterates that LibreSSL currently relies on a lot of OpenBSD-specific security functions that are not present in other systems, and also gives a very eye-opening example Please wait for an official portable version instead of wasting time with these dime-a-dozen github clones that do more harm than good *** BSDMag May 2014 issue is out (http://bsdmag.org/magazine/1862-meteorjs-on-freebsd-11-may-bsd-issue) The usual monthly release from BSDMag, covering a variety of subjects This time around the topics include: managing large development projects using RCS, working with HAMMER FS and PFSes, running MeteorJS on FreeBSD 11, another bhyve article, more GIMP tutorials and a few other things It's a free PDF, go grab it *** BSDTalk episode 241 (http://bsdtalk.blogspot.com/2014/05/bsdtalk241-bob-beck.html) A new episode of BSDTalk (http://www.bsdnow.tv/episodes/2014_03_05-bsd_now_vs_bsdtalk) is out, this time with Bob Beck He talks about the OpenBSD foundation's recent activities, his own work in the project, some stories about the hardware in Theo's basement and a lot more The interview itself isn't about LibreSSL at all, but they do touch on it a bit too Really interesting stuff, covers a lot of different topics in a short amount of time *** Feedback/Questions We got a number of replies about last week's VPN question, so thanks to everyone who sent in an email about it - the vpnc (https://www.freshports.org/security/vpnc/) package seems to be what we were looking for Tim writes in (http://slexy.org/view/s20MK7bTyc) AJ writes in (http://slexy.org/view/s2OWREQdUA) Peter writes in (http://slexy.org/view/s202obAqbT) Thomas writes in (http://slexy.org/view/s21Kye2jAc) Martin writes in (http://slexy.org/view/s2zqFVqwxN) ***
38: A BUG's Life
We're back from BSDCan! This week on the show we'll be chatting with Brian Callahan and Aaron Bieber about forming a local BSD users group. We'll get to hear their experiences of running one and maybe encourage some of you to start your own! After that, we've got a tutorial on the basics of NetBSD's package manager, pkgsrc. Answers to your emails and the latest headlines, on BSD Now - the place to B.. SD. This episode was brought to you by Headlines FreeBSD 11 goals and discussion (http://blather.michaelwlucas.com/archives/2053) Something that actually happened at BSDCan this year... During the FreeBSD devsummit, there was some discussion about what changes will be made in 11.0-RELEASE Some of MWL's notes include: the test suite will be merged to 10-STABLE, more work on the MIPS platforms, LLDB getting more attention, UEFI boot and install support A large list of possibilities was also included and open for discussion, including AES-GCM in IPSEC, ASLR, OpenMP, ICC, in-place kernel upgrades, Capsicum improvements, TCP performance improvements and A LOT more There's also some notes from the devsummit virtualization session (http://blather.michaelwlucas.com/archives/2060), mostly talking about bhyve Lastly, he also provides some notes about ports and packages (http://blather.michaelwlucas.com/archives/2065) and where they're going *** An SSH honeypot with OpenBSD and Kippo (http://securit.se/2014/05/how-to-install-kippo-ssh-honeypot-on-openbsd-5-5-with-chroot/) Everyone loves messing with script kiddies, right? This blog post introduces Kippo (https://code.google.com/p/kippo/), an SSH honeypot tool, and how to use it in combination with OpenBSD It includes a step by step (or rather, command by command) guide and some tips for running a honeypot securely You can use this to get new 0day exploits or find weaknesses in your systems OpenBSD makes a great companion for security testing tools like this with all its exploit mitigation techniques that protect all running applications *** NetBSD foundation financial report (https://www.netbsd.org/foundation/reports/financial/2013.html) The NetBSD foundation has posted their 2013 financial report It's a very "no nonsense" page, pretty much only the hard numbers In 2013, they got $26,000 of income in donations The rest of the page shows all the details, how they spent it on hardware, consulting, conference fees, legal costs and everything else Be sure to donate to whichever BSDs you like and use! *** Building a fully-encrypted NAS with OpenBSD (http://www.geektechnique.org/projectlab/796/how-to-build-a-fully-encrypted-nas-on-openbsd.html) Usually the popular choice for a NAS system is FreeNAS, or plain FreeBSD if you know what you're doing This article takes a look at the OpenBSD side and explains how (http://www.geektechnique.org/projectlab/797/openbsd-encrypted-nas-howto.html) to build a NAS with security in mind The NAS will be fully encrypted, no separate /boot partition like FreeBSD and FreeNAS require - this means the kernel itself is even protected The obvious trade-off is the lack of ZFS support for storage, but this is an interesting idea that would fit most people's needs too There's also a bit of background information on NAS systems in general, some NAS-specific security tips and even some nice graphs and pictures of the hardware - fantastic write up! *** Interview - Brian Callahan & Aaron Bieber - admin@lists.nycbug.org (mailto:admin@lists.nycbug.org) & admin@cobug.org (mailto:admin@cobug.org) Forming a local BSD Users Group Tutorial The basics of pkgsrc (http://www.bsdnow.tv/tutorials/pkgsrc) News Roundup FreeBSD periodic mails vs. monitoring (http://deranfangvomende.wordpress.com/2014/05/11/freebsd-periodic-mails-vs-monitoring/) If you've ever been an admin for a lot of FreeBSD boxes, you've probably noticed that you get a lot of email This page tells about all the different alert emails, cron emails and other reports you might end up getting, as well as how to manage them From bad SSH logins to Zabbix alerts, it all adds up quickly It highlights the periodic.conf file and FreeBSD's periodic daemon, as well as some third party monitoring tools you can use to keep track of your servers *** Doing cool stuff with OpenBSD routing domains (http://www.skogsrud.net/?p=44) A blog post from our viewer and regular emailer, Kjell-Aleksander! He manages some internally-routed IP ranges at his work, but didn't want to have equipment for each separate project This is where OpenBSD routing domains and pf come in to save the day The blog post goes through the process with all the network details you could ever dream of He even named his networking equipment... after us (http://i.imgur.com/penYQFP.jpg) *** LibreSSL, the good and the bad (http://insanecoding.blogspot.com/2014/04/libressl-good-and-bad.html) We're all probably familiar with OpenBSD's fork of OpenSSL at this point However, "for those of you that don't know it, OpenSSL is at the same time the best and most popular SSL/TLS library available, and utter junk" This article talks about some of the cryptographic development challenges involved with maintaining such a massive project You need cryptographers, software engineers, software optimization specialists - there are a lot of roles that need to be filled It also mentions some OpenSSL alternatives and recent LibreSSL progress, as well as some downsides to the fork - the main one being their aim for backwards compatibility *** PCBSD weekly digest (http://blog.pcbsd.org/2014/05/weekly-feature-digest-28-photos-of-the-new-appcafe-re-design/) Lots going on in PCBSD land this week, AppCafe has been redesigned The PBI system is being replaced with pkgng, PBIs will be automatically converted once you update In the more recent post (http://blog.pcbsd.org/2014/05/weekly-feature-digest-29-pbing/), there's some further explanation of the PBI system and the reason for the transition It's got lots of details on the different ways to install software, so hopefully it will clear up any possible confusion *** Feedback/Questions Antonio writes in (http://slexy.org/view/s2UbEhgjce) Daniel writes in (http://slexy.org/view/s21XU0y3JP) Sean writes in (http://slexy.org/view/s2QQtuawFl) tsyn writes in (http://slexy.org/view/s20XrT5Q8U) Chris writes in (http://slexy.org/view/s2ayZ1nsdv) ***
37: BSDCanned Goods
This week we're at BSDCan, ganging up on people and forcing them to give us interviews. Assuming we don't get arrested for harassment, we'll be back next week with your regularly scheduled programming. For now, we've got some feedback emails to catch up on, as well as a prerecorded talk Matt Ahrens gave about ZFS. We'll be back to tell you all about the conference next week, on BSD Now - the place to B.. SD. This episode was brought to you by Presentation - Matthew Ahrens - matt@mahrens.org (mailto:matt@mahrens.org) / @mahrens1 (https://twitter.com/mahrens1) OpenZFS discussion Feedback/Questions Remy writes in (http://slexy.org/view/s2kGZUlxjg) Darin writes in (http://slexy.org/view/s23j9RHsIx) Steve writes in (http://slexy.org/view/s21dMlBAhM) Pascal writes in (http://slexy.org/view/s20IyvdSmR) ***
36: Let's Get RAID
This week on the show we'll be showing you how to set up RAID arrays in both FreeBSD and OpenBSD. There's also an interview with David Chisnall - of the FreeBSD core team - about the switch to Clang and a lot more. As usual, we'll be dropping the latest news and answering your emails, so sit back and enjoy some BSD Now - the place to B.. SD. This episode was brought to you by Headlines OpenBSD 5.5 released (http://www.openbsd.org/55.html) If you ordered (https://https.openbsd.org/cgi-bin/order) a CD set (https://twitter.com/blakkheim/status/461909893813784576) then you've probably had it for a little while already, but OpenBSD has formally announced the public release (http://undeadly.org/cgi?action=article&sid=20140501153339) of 5.5 This is one of the biggest releases to date, with a very long list of changes and improvements Some of the highlights include: time_t being 64 bit on all platforms, release sets and binary packages being signed with the new signify tool, a new autoinstall feature of the installer, SMP support on Alpha, a new AViiON port, lots of new hardware drivers including newer NICs, the new vxlan driver, relayd improvements, a new pf queue system for bandwidth shaping, dhcpd and dhclient fixes, OpenSMTPD 5.4.2 and all its new features, position-independent executables being default for i386, the RNG has been replaced with ChaCha20 as well as some other security improvements, FUSE support, tmpfs, softraid partitions larger than 2TB and a RAID 5 implementation, OpenSSH 6.6 with all its new features and fixes... and a lot more The full list of changes (http://www.openbsd.org/plus55.html) is HUGE, be sure to read through it all if you're interested in the details If you're doing an upgrade from 5.4 instead of a fresh install, pay careful attention to the upgrade guide (http://www.openbsd.org/faq/upgrade55.html) as there are some very specific steps for this version Also be sure to apply the errata patches (http://www.openbsd.org/errata55.html) on your new installations... especially those OpenSSL ones (some of which still aren't fixed (http://marc.info/?l=oss-security&m=139906348230995&w=2) in the other BSDs yet) On the topic of errata patches, the project is now going to also send them out (signed (http://undeadly.org/cgi?action=article&sid=20140502103355)) via the announce mailing list (http://lists.openbsd.org/cgi-bin/mj_wwwusr?user=&passw=&func=lists-long-full&extra=announce), a very welcome change Congrats to the whole team on this great release - 5.6 is going to be even more awesome with "Libre"SSL and lots of other stuff that's currently in development *** FreeBSD foundation funding highlights (http://freebsdfoundation.blogspot.com/2014/04/freebsd-foundation-spring-fundraising_28.html) The FreeBSD foundation posts a new update on how they're spending the money that everyone donates "As we embark on our 15th year of serving the FreeBSD Project and community, we are proud of what we've done to help FreeBSD become the most innovative, reliable, and high-performance operation system" During this spring, they want to highlight the new UEFI boot support and newcons (http://freebsdfoundation.blogspot.com/2014/05/freebsd-foundation-newcons-project.html) There's a lot of details about what exactly UEFI is and why we need it going forward FreeBSD has also needed some updates to its console to support UTF8 and wide characters Hopefully this series will continue and we'll get to see what other work is being sponsored *** OpenSSH without OpenSSL (http://marc.info/?l=openbsd-cvs&m=139879453001957&w=2) The OpenSSH team has been hard at work, making it even better, and now OpenSSL is completely optional Since it won't have access to the primitives OpenSSL uses, there will be a trade-off of features vs. security This version will drop support for legacy SSH v1, and the only two cryptographic algorithms supported are an in-house implementation of AES in counter mode and the new combination (http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/PROTOCOL.chacha20poly1305?rev=HEAD;content-type=text%2Fplain) of the Chacha20 stream cipher with Poly1305 for packet integrity Key exchange is limited to elliptic curve Diffie-Hellman and the newer Curve25519 KEXs No support for RSA, DSA or ECDSA public keys - only Ed25519 It also includes a new buffer API (http://marc.info/?l=openbsd-cvs&m=139883582313750&w=2) and a set of wrappers to make it compatible with the existing API Believe it or not, this was planned before all the heartbleed craziness Maybe someday soon we'll have a mini-openssh-portable in FreeBSD ports and NetBSD pkgsrc, would be really neat *** BSDMag's April 2014 issue is out (http://bsdmag.org/magazine/1861-free-pascal-on-bsd-april-bsd-issue) The free monthly BSD magazine has got a new issue available for download This time the articles include: pascal on BSD, an introduction to revision control systems and configuration management, deploying NetBSD on AWS EC2, more GIMP tutorials, an AsiaBSDCon 2014 report and a piece about how easily credit cards are stolen online Anyone can contribute to the magazine, just send the editors an email about what you want to write No Linux articles this time around, good *** Interview - David Chisnall - theraven@freebsd.org (mailto:theraven@freebsd.org) The LLVM/Clang switch, FreeBSD's core team, various topics Tutorial RAID in FreeBSD and OpenBSD (http://www.bsdnow.tv/tutorials/raid) News Roundup BSDTalk episode 240 (http://bsdtalk.blogspot.com/2014/04/bsdtalk240-about-time-with-george.html) Our buddy Will Backman has uploaded a new episode of BSDTalk, this time with our other buddy GNN as the guest - mainly to talk about NTP and keeping reliable time Topics include the specific details of crystals used in watches and computers to keep time, how temperature affects the quality, different sources of inaccuracy, some general NTP information, why you might want extremely precise time, different time sources (GPS, satellite, etc), differences in stratum levels, the problem of packet delay and estimating the round trip time, some of the recent NTP amplification attacks, the downsides to using UDP instead of TCP and... much more GNN also talks a little about the Precision Time Protocol (https://en.wikipedia.org/wiki/Precision_Time_Protocol) and how it's different than NTP Two people (http://www.bsdnow.tv/episodes/2014_01_29-journaled_news_updates) we've interviewed (http://www.bsdnow.tv/episodes/2014_03_05-bsd_now_vs_bsdtalk) talking to each other, awesome If you're interested in NTP, be sure to see our tutorial (http://www.bsdnow.tv/tutorials/ntpd) too *** m2k14 trip reports (http://undeadly.org/cgi?action=article&sid=20140502092427) We've got a few more reports from the recent OpenBSD hackathon in Morocco The first one is from Antoine Jacoutot (who is a key GNOME porter and gave us the screenshots for the OpenBSD desktop tutorial (http://www.bsdnow.tv/tutorials/the-desktop-obsd)) "Since I always fail at actually doing whatever I have planned for a hackathon, this time I decided to come to m2k14 unprepared about what I was going to do" He got lots of work done with ports and pushing GNOME-related patches back up to the main project, then worked on fixing ports' compatibility with LibreSSL Speaking of LibreSSL, there's an article (http://undeadly.org/cgi?action=article&sid=20140505062023) all would-be portable version writers should probably read and take into consideration Jasper Adriaanse also writes (http://undeadly.org/cgi?action=article&sid=20140501185019) about what he got done over there He cleaned up and fixed the puppet port to work better with OpenBSD *** Why you should use FreeBSD on your cloud VPS (https://www.atlantic.net/blog/2014/04/08/freebsd-ssd-cloud-vps-hosting-10-reasons/) Here we have a blog post from Atlantic, a VPS and hosting provider, about 10 reasons for using FreeBSD Starts off with a little bit of BSD history for those who are unfamiliar with it and only know Linux and Windows The 10 reasons are: community, stability, collaboration, ease of use, ports, security, ZFS, GEOM, sound and having lots of options The post goes into detail about each of them and why FreeBSD makes a great choice for a VPS OS *** PCBSD weekly digest (http://blog.pcbsd.org/2014/05/weekly-feature-digest-27-software-system-redesign/) Big changes coming in the way PCBSD manages software The PBI system, AppCafe and related tools are all going to use pkgng now The AppCafe will no longer be limited to PBIs, so much more software will be easily available from the ports tree New rating system coming soon and much more *** Feedback/Questions Martin writes in (http://slexy.org/view/s21bk2oPuQ) John writes in (http://slexy.org/view/s2n9fx1Rpw) Alex writes in (http://slexy.org/view/s2rBBKLA4u) Goetz writes in (http://slexy.org/view/s20JY6ZI71) Jarrad writes in (http://slexy.org/view/s20YV5Ohpa) ***
35: Puffy Firewall
We're back again! On this week's packed show, we've got one of the biggest tutorials we've done in a while. It's an in-depth look at PF, OpenBSD's firewall, with some practical examples and different use cases. We'll also be talking to Peter Hansteen about the new edition of "The Book of PF." Of course, we've got news and answers to your emails too, on BSD Now - the place to B.. SD. This episode was brought to you by Headlines ALTQ removed from PF (http://undeadly.org/cgi?action=article&sid=20140419151959) Kicking off our big PF episode... The classic packet queueing system, ALTQ, was recently removed from OpenBSD -current There will be a transitional phase between 5.5 and 5.6 where you can still use it by replacing the "queue" keyword with "oldqueue" in your pf.conf As of 5.6, due about six months from now, you'll have to change your ruleset to the new syntax if you're using it for bandwidth shaping After more than ten years, bandwidth queueing has matured quite a bit and we can finally put ALTQ to rest, in favor of the new queueing subsystem This doesn't affect FreeBSD, PCBSD, NetBSD or DragonflyBSD since all of their PFs are older and maintained separately. *** FreeBSD Quarterly Status Report (https://www.freebsd.org/news/status/report-2014-01-2014-03.html) The quarterly status report from FreeBSD is out, detailing some of the project's ongoing tasks Some highlights include the first "stable" branch of ports, ARM improvements (including SMP), bhyve improvements, more work on the test suite, desktop improvements including the new vt console driver and UEFI booting support finally being added We've got some specific updates from the cluster admin team, core team, documentation team, portmgr team, email team and release engineering team LOTS of details and LOTS of topics to cover, give it a read *** OpenBSD's OpenSSL rewrite continues with m2k14 (http://undeadly.org/cgi?action=article&sid=20140417184158) A mini OpenBSD hackathon (http://www.openbsd.org/hackathons.html) begins in Morocco, Africa You can follow the changes in the -current CVS log (http://www.openbsd.org/cgi-bin/cvsweb/src/lib/libssl/src/ssl/), but a lot of work (http://undeadly.org/cgi?action=article&sid=20140418063443) is mainly going towards the OpenSSL cleaning We've got two trip (http://undeadly.org/cgi?action=article&sid=20140429121423) reports (http://undeadly.org/cgi?action=article&sid=20140425115340) so far, hopefully we'll have some more to show you in a future episode You can see some of the more interesting quotes (http://opensslrampage.org/) from the tear-down or see everything (http://freshbsd.org/commit/openbsd/e5136d69ece4682e6167c8f4a8122270236898bf) Apparently (http://undeadly.org/cgi?action=article&sid=20140423045847) they are going to call the fork "LibreSSL (https://news.ycombinator.com/item?id=7623789)" .... What were the OpenSSL developers thinking (http://freshbsd.org/commit/openbsd/e5136d69ece4682e6167c8f4a8122270236898bf)? The RSA private key was used to seed the entropy! We also got some mainstream news coverage (http://www.zdnet.com/openbsd-forks-prunes-fixes-openssl-7000028613/) and another post from Ted (http://www.tedunangst.com/flak/post/origins-of-libressl) about the history of the fork Definitely consider donating to the OpenBSD foundation (http://www.openbsdfoundation.org/donations.html), this fork will benefit all the other BSDs too *** NetBSD 6.1.4 and 6.0.5 released (https://blog.netbsd.org/tnf/entry/netbsd_6_1_4_and) New updates for the 6.1 and 6.0 branches of NetBSD, focusing on bugfixes The main update is - of course - the heartbleed vulnerability Also includes fixes for other security issues and even a kernel panic... on Atari Patch your Ataris right now, this is serious business *** Interview - Peter Hansteen - peter@bsdly.net (mailto:peter@bsdly.net) / @pitrh (https://twitter.com/pitrh) The Book of PF: 3rd edition Tutorial BSD Firewalls: PF (http://www.bsdnow.tv/tutorials/pf) News Roundup New Xorg now the default in FreeBSD (https://svnweb.freebsd.org/ports?view=revision&revision=351411) For quite a while now, FreeBSD has had two versions of X11 in ports The older, stable version was the default, but you could install a newer one by having "WITHNEWXORG" in /etc/make.conf They've finally made the switch for 10-STABLE and 9-STABLE Check this wiki page (https://wiki.freebsd.org/Graphics) for more info *** GSoC-accepted BSD projects (https://www.google-melange.com/gsoc/org2/google/gsoc2014/openbsdfoundation) The Google Summer of Code team has got the list of accepted project proposals uploaded so we can see what's planned OpenBSD's list includes DHCP configuration parsing improvements, systemd replacements, porting capsicum, GPT and UEFI support, and modernizing the DHCP daemon The FreeBSD list (https://www.google-melange.com/gsoc/org2/google/gsoc2014/freebsd) was also posted Theirs includes porting FreeBSD to the Android emulator, CTF in the kernel debugger, improved unicode support, converting firewall rules to a C module, pkgng improvements, MicroBlaze support, PXE fixes, bhyve caching, bootsplash and lots more Good luck to all the students participating, hopefully they become full time BSD users *** Complexity of FreeBSD VFS using ZFS as an example (http://www.hybridcluster.com/blog/complexity-freebsd-vfs-using-zfs-example-part-2/) HybridCluster posted the second part of their VFS and ZFS series This new post has lots of technical details once again, definitely worth reading if you're a ZFS guy Of course, also watch episode 24 (http://www.bsdnow.tv/episodes/2014_02_12-the_cluster_the_cloud) for our interview with HybridCluster - they do really interesting stuff *** PCBSD weekly digest (http://blog.pcbsd.org/2014/04/weekly-feature-digest-26-the-lumina-project-and-preload/) Preload has been ported over, it's a daemon that prefetches applications PCBSD is developing their own desktop environment, Lumina (there's also an FAQ (http://blog.pcbsd.org/2014/04/quick-lumina-desktop-faq/)) It's still in active development, but you can try it out by installing from ports We'll be showing a live demo of it in a few weeks (when development settles down a bit) Some kid in Australia subjects his poor mother to being on camera (https://www.youtube.com/watch?v=ETxhbf3-z18) while she tries out PCBSD and gives her impressions of it ***
34: It's Gonna Get NASty
This week, Allan's at a conference so we've got a short episode for you. We sat down with John Hixson to discuss FreeNAS development and all their future plans. The show will be back next week with a normal episode. This episode was brought to you by Interview - John Hixson - john@ixsystems.com (mailto:john@ixsystems.com) / @bsdwhore (https://twitter.com/bsdwhore) FreeNAS development
33: Certified Package Delivery
This week, we sit down with Jim Brown from the BSD Certification group to talk about the BSD exams. Following that, we'll be showing you how to build OpenBSD binary packages in bulk, a la poudriere. There's a boatload of news and we've got answers to your questions, coming up on BSD Now - the place to B.. SD. This episode was brought to you by Headlines BSDCan schedule, speakers and talks (https://www.bsdcan.org/2014/schedule/) This year's BSDCan will kick off on May 14th in Ottawa The list of speakers (https://www.bsdcan.org/2014/schedule/speakers.en.html) is also out And finally the talks (https://www.bsdcan.org/2014/schedule/events.en.html) everyone's looking forward to Lots of great tutorials and talks, spanning a wide range of topics of interest Be sure to come by so you can and meet Allan and Kris in person and get BSDCan shirts (https://twitter.com/bsdcan/status/454990067552247808) *** NYCBSDCon talks uploaded (https://www.youtube.com/watch?v=4bPduH6O7lI) The BSD TV YouTube channel has been uploading recordings from the 2014 NYCBSDCon Jeff Rizzo's talk, "Releasing NetBSD: So Many Targets, So Little Time" Dru Lavigne's talk (https://www.youtube.com/watch?v=DAmZ3cbfigA), "ZFS Management Tools in FreeNAS and PC-BSD" Scott Long's talk (https://www.youtube.com/watch?v=FL5U4wr86L4), "Serving one third of the Internet via FreeBSD" Michael W. Lucas' talk (https://www.youtube.com/watch?v=buo5JlMnGPI), "BSD Breaking Barriers" *** FreeBSD Journal, issue 2 (http://freebsdfoundation.blogspot.com/2014/04/freebsd-journal-issue-2-is-now-available.html) The bi-monthly FreeBSD journal's second issue is out Topics in this issue include pkg, poudriere, the PBI format, hwpmc and journaled soft-updates In less than two months, they've already gotten over 1000 subscribers! It's available on Google Play, iTunes, Amazon, etc "We are also working on a dynamic version of the magazine that can be read in many web browsers, including those that run on FreeBSD" Check our interview with GNN (http://www.bsdnow.tv/episodes/2014_01_29-journaled_news_updates) for more information about the journal *** OpenSSL, more like OpenSS-Hell (http://bsd.slashdot.org/story/200567) We mentioned this huge OpenSSL bug last week during all the chaos, but the aftermath is just as messy There's been a pretty vicious response from security experts all across the internet and in all of the BSD projects - and rightfully so We finally have a timeline of events (http://www.smh.com.au/it-pro/security-it/heartbleed-disclosure-timeline-who-knew-what-and-when-20140414-zqurk.html) Reactions from ISC (https://isc.sans.edu/diary/Testing+for+Heartbleed/17933), PCBSD (http://blog.pcbsd.org/2014/04/openssl-security-update/), Tarsnap (http://www.daemonology.net/blog/2014-04-09-tarsnap-no-heartbleed-here.html), the Tor (https://lists.torproject.org/pipermail/tor-talk/2014-April/thread.html) project (https://lists.torproject.org/pipermail/tor-relays/2014-April/thread.html), FreeBSD (https://lists.freebsd.org/pipermail/freebsd-security/2014-April/thread.html), NetBSD (http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-004.txt.asc), oss-sec (http://seclists.org/oss-sec/2014/q2/index.html), PHK (https://queue.acm.org/detail.cfm?id=2602816), Varnish (https://www.varnish-cache.org/docs/trunk/phk/dough.html) and Akamai (https://blogs.akamai.com/2014/04/heartbleed-update.html) pfSense (http://www.bsdnow.tv/episodes/2014_02_19-a_sixth_pfsense) released a new version to fix it (https://blog.pfsense.org/?p=1253) OpenBSD disabled heartbeat entirely (http://marc.info/?l=openbsd-cvs&m=139715336230455&w=2) and is very unforgiving of the IETF (https://news.ycombinator.com/item?id=7568921) Ted Unangst (http://www.bsdnow.tv/episodes/2014_02_05-time_signatures) has two good (http://www.tedunangst.com/flak/post/heartbleed-vs-mallocconf) write-ups (http://www.tedunangst.com/flak/post/analysis-of-openssl-freelist-reuse) about the issue and how horrible the OpenSSL codebase is A nice quote from one of the OpenBSD lists: "Given how trivial one-liner fixes such as #2569 have remained unfixed for 2.5+ years, one can only assume that OpenSSL's bug tracker is only used to park bugs, not fix them" Sounds like someone else (http://www.bloomberg.com/news/2014-04-11/nsa-said-to-have-used-heartbleed-bug-exposing-consumers.html) was having fun with the bug for a while too There's also another OpenSSL bug that OpenBSD patched (http://marc.info/?l=openbsd-cvs&m=139732441810737&w=2) - it allows an attacker to inject data from one connection into another OpenBSD has also imported the most current version of OpenSSL and are ripping it apart from the inside out - we're seeing a fork (http://undeadly.org/cgi?action=article&sid=20140415093252) in real time *** Interview - Jim Brown - info@bsdcertification.org (mailto:info@bsdcertification.org) The BSD Certification (http://bsdcertification.org/) exams Tutorial Building OpenBSD binary packages in bulk (http://www.bsdnow.tv/tutorials/dpb) News Roundup Portable signify (https://github.com/aperezdc/signify) Back in episode 23 (http://www.bsdnow.tv/episodes/2014_02_05-time_signatures) we talked with Ted Unangst about the new "signify" tool in OpenBSD Now there's a (completely unofficial) portable version of it on github If you want to verify your OpenBSD sets ahead of time on another OS, this tool should let you do it Maybe other BSD projects can adopt it as a replacement for gpg and incorporate it into their base systems *** Foundation goals and updates (https://www.mail-archive.com/misc@openbsd.org/msg128240.html) The OpenBSD foundation has reached their 2014 goal of $150,000 You can check their activities and goals (http://www.openbsdfoundation.org/activities.html) to see where the money is going Remember that funding also goes to OpenSSH, which EVERY system uses and relies on everyday to protect their data The FreeBSD foundation has kicked off their spring fundraising (http://freebsdfoundation.blogspot.com/2014/04/freebsd-foundation-spring-fundraising.html) campaign There's also a list of their activities and goals available to read through Be sure to support your favorite BSD, whichever one, so they can continue to make and improve great software that powers the whole internet *** PCBSD weekly digest (http://blog.pcbsd.org/2014/04/pc-bsd-weekly-feature-digest-25/) New PBI runtime that fixes stability issues and decreases load times "Update Center" is getting a lot of development and improvements Lots of misc. bug fixes and updates *** Feedback/Questions There's a reddit thread (http://www.reddit.com/r/BSD/comments/22y497/i_need_a_bit_of_help_showing_my_friends_bsd_and/) we wanted to highlight - a user wants to show his friend BSD and why it's great Brad writes in (http://slexy.org/view/s20Tso9a6v) Sha'ul writes in (http://slexy.org/view/s21DfdV9yt) iGibbs writes in (http://slexy.org/view/s2di8XRt73) Matt writes in (http://slexy.org/view/s20m2g8UgV) ***
32: PXE Dust
This week on the big show we'll be showing off OpenBSD's new "autoinstall" feature to do completely automatic, unattended installations. We also have an interview with Dru Lavigne about all the writing work she does for FreeBSD, PCBSD and FreeNAS. The latest headlines and answers to your emails, on BSD Now - it's the place to B.. SD. This episode was brought to you by Headlines FreeBSD ASLR status update (http://0xfeedface.org/blog/lattera/2014-04-03/awesome-freebsd-aslr-progress) Shawn Webb gives us a little update on his address space layout randomization work for FreeBSD He's implemented execbase randomization for position-independent executables (which OpenBSD also just enabled globally in 5.5 on i386) Work has also started on testing ASLR on ARM, using a Raspberry Pi He's giving a presentation at BSDCan this year about his ASLR work While we're on the topic of BSDCan... *** BSDCan tutorials, improving the experience (http://bsdly.blogspot.com/2014/04/bsdcan-tutorials-please-help-me-improve.html) Peter Hansteen writes a new blog post about his upcoming BSDCan tutorials The tutorials are called "Building the network you need with PF, the OpenBSD packet filter" and "Transitioning to OpenBSD 5.5" - both scheduled to last three hours each He's requesting anyone that'll be there to go ahead and contact him, telling him exactly what you'd like to learn There's also a bit of background information about the tutorials and how he's looking to improve them If you're interested in OpenBSD and going to BSDCan this year, hit him up *** pkgsrc-2014Q1 released (http://mail-index.netbsd.org/netbsd-announce/2014/04/04/msg000202.html) The new stable branch of pkgsrc packages has been built and is ready Python 3.3 is now a "first class citizen" in pkgsrc 14255 packages for NetBSD-current/x8664, 11233 binary packages built with clang for FreeBSD 10/x8664 There's a new release every three months, and remember pkgsrc works on MANY operating systems, not just NetBSD - you could even use pkgsrc instead of pkgng or ports if you were so inclined They're also looking into signing packages (http://mail-index.netbsd.org/tech-pkg/2014/03/31/msg012873.html) *** Only two holes in a heck of a long time, who cares? (https://www.mail-archive.com/misc%40openbsd.org/index.html#127993) A particularly vocal Debian user, a lost soul, somehow finds his way to the misc@ OpenBSD mailing list He questions "what's the big deal" about OpenBSD's slogan being "Only two remote holes in the default install, in a heck of a long time!" Luckily, the community and Theo set the record straight (https://www.mail-archive.com/misc%40openbsd.org/msg128001.html) about why you should care about this Running insecure applications on OpenBSD is actually more secure than running them on other systems, due to things like ASLR, PIE and all the security features (https://www.mail-archive.com/misc%40openbsd.org/msg127995.html) of OpenBSD It spawned a discussion about ease of management and Linux's poor security record, definitely worth reading (https://www.mail-archive.com/misc%40openbsd.org/msg128073.html) *** Interview - Dru Lavigne - dru@freebsd.org (mailto:dru@freebsd.org) / @bsdevents (https://twitter.com/bsdevents) FreeBSD's documentation printing, documentation springs, various topics Tutorial Automatic, unattended OpenBSD installs with PXE (http://www.bsdnow.tv/tutorials/autoinstall) News Roundup pfSense 2.1.1 released (https://doc.pfsense.org/index.php/2.1.1_New_Features_and_Changes) A new version of pfSense is released, mainly to fix some security issues Tracking some recent FreeBSD advisories, pfSense usually only applies the ones that would matter on a firewall or router There are also some NIC driver updates and other things (https://blog.pfsense.org/?p=1238) Of course if you want to learn more about pfSense, watch episode 25 (http://www.bsdnow.tv/episodes/2014_02_19-a_sixth_pfsense) 2.1.2 is already up for testing too *** FreeBSD gets UEFI support (https://svnweb.freebsd.org/base?view=revision&revision=264095) It looks like FreeBSD's battle with UEFI may be coming to a close? Ed Maste committed a giant list of patches to enable UEFI support on x86_64 Look through the list to see all the details and information Thanks FreeBSD foundation! *** Ideas for the next DragonflyBSD release (http://lists.dragonflybsd.org/pipermail/kernel/2014-March/094909.html) Mr. Dragonfly release engineer himself, Justin Sherrill (http://www.bsdnow.tv/episodes/2013_11_13-the_gateway_drug) posts some of his ideas for the upcoming release They're aiming for late May for the next version Ideas include better support for running in a VM, pkgng fixes, documentation updates and PAM support Gasp, they're even considering dropping i386 *** PCBSD weekly digest (http://blog.pcbsd.org/2014/04/pc-bsd-weekly-feature-digest-24/) Lots of new PBI updates for 10.0, new runtime implementation New support for running 32 bit applications in PBI runtime New default CD and DVD player, umplayer Latest GNOME 3 and Cinnamon merged, new edge package builds *** Feedback/Questions Remy writes in (http://slexy.org/view/s273oSezFs) Jan writes in (http://slexy.org/view/s2I3H1HsVb) Eddie writes in (http://slexy.org/view/s2wUTRowzU) Zen writes in (http://slexy.org/view/s2RA0whmwz) Sean writes in (http://slexy.org/view/s2pwE20Ov6) ***
31: Edgy BSD Users
This week we'll be talking to Richard Stallman about the upcoming GPLv4 and how it will protect our software from being stolen. After that, we'll show you how to recover from those pesky ZFS on Linux corruption issues, as well as some tips on how to explain to your boss that all the production boxes were compromised. Your questions and all the latest GNUs, on Linux Now - the place to Lin.. ux. This episode was brought to you by Headlines Preorders for cool BSD stuff (http://www.amazon.com/gp/aw/d/0321968972/) The 2nd edition of The Design and Implementation of the FreeBSD Operating System is up for preorder We talked to GNN (http://www.bsdnow.tv/episodes/2014_01_29-journaled_news_updates) briefly about it, but he and Kirk (http://www.bsdnow.tv/episodes/2013-10-02_stacks_of_cache) have apparently finally finished the book "For many years, The Design and Implementation of the FreeBSD Operating System has been recognized as the most complete, up-to-date, and authoritative technical guide to FreeBSD's internal structure. Now, this definitive guide has been extensively updated to reflect all major FreeBSD improvements between Versions 5 and Versions 11" OpenBSD 5.5 preorders (https://https.openbsd.org/cgi-bin/order) are also up, so you can buy a CD set now You can help support the project, and even get the -release of the OS before it's available publicly 5.5 is a huge release with lots of big changes, so now is the right time to purchase one of these - tell Austin we sent you! *** pkgsrcCon 2014 CFP (http://mail-index.netbsd.org/pkgsrc-users/2014/03/18/msg019424.html) This year's pkgsrcCon is in London, on June 21st and 22nd There's a Call For Papers out now, so you can submit your talks Anything related to pkgsrc is fine, it's pretty informal Does anyone in the audience know if the talks will be recorded? This con is relatively unknown *** BSDMag issue for March 2014 (http://bsdmag.org/magazine/1860-deploying-netbsd-on-the-cloud-using-aws-ec2-march-bsd-issue) The monthly BSD magazine releases its newest issue Topics this time include: deploying NetBSD using AWS EC2, creating a multi-purpose file server with NetBSD, DragonflyBSD as a backup server, more GIMP lessons, network analysis with wireshark and a general security article The Linux article trend seems to continue... hmm *** Non-ECC RAM in FreeNAS (http://blog.brianmoses.net/2014/03/why-i-chose-non-ecc-ram-for-my-freenas.html) We've gotten a few questions about ECC RAM with ZFS Here we've got a surprising blog post about why someone did not go with ECC RAM for his NAS build The article mentions the benefits of ECC and admits it is a better choice in nearly all instances, but unfortunately it's not very widespread in consumer hardware motherboards and it's more expensive Regular RAM also has "special" issues with ZFS and pool corruption Long post, so check out the whole thing if you've been considering your memory options and weighing the benefits *** Interview - Pierre Pronchery - khorben@edgebsd.org (mailto:khorben@edgebsd.org) / @khorben (https://twitter.com/khorben) EdgeBSD (https://www.youtube.com/watch?v=_D_iaad5rPo) (slides (http://ftp.netbsd.org/pub/NetBSD/misc/khorben/asiabsdcon2014/)) Tutorial Building an OpenBSD desktop (http://www.bsdnow.tv/tutorials/the-desktop-obsd) News Roundup Getting to know your portmgr-lurkers (http://blogs.freebsdish.org/portmgr/2014/03/25/getting-to-know-your-portmgr-lurker-frederic-culot) This week we get to hear from Frederic Culot, colut@ Originally an OpenBSD user from France, Frederic joined as a ports committer in 2010 and recently joined the portmgr lurkers team "FreeBSD is also one of my sources of inspiration when it comes to how organizations behave and innovate, and I find it very interesting to compare FreeBSD with the for-profit companies I work for" We get to find out a little bit about him, why he loves FreeBSD and what he does for the project *** NetBSD on the Playstation 2 (https://blog.netbsd.org/tnf/entry/the_playstation2_port_is_back) Who doesn't want to run NetBSD on their old PS2? The PS2 port of NetBSD was sadly removed in 2009, but it has been revived It's using a slightly unusual MIPS CPU that didn't have much GCC support Hopefully a bootable kernel will be available soon *** The FreeBSD Challenge update (http://www.thelinuxcauldron.com/2014/03/24/freebsd-challenge-day-22-30/) Our friend from the Linux Foundation continues his FreeBSD switching journey This time he starts off by discovering virtual machines suck at keeping accurate time, and some ports weren't working because of his clock being way off After polling the IRC for help, he finally learns the difference between ntpdate and ntpd and both of their use cases Maybe he should've just read our NTP tutorial (http://www.bsdnow.tv/tutorials/ntpd)! *** PCBSD weekly digest (http://blog.pcbsd.org/2014/03/pc-bsd-weekly-feature-digest-23/) The mount tray icon got lots of updates and fixes The faulty distribution server has finally been tracked down and... destroyed New language localization project is in progress Many many updates to ports and PBIs, new -STABLE builds *** Feedback/Questions Antonio writes in (http://slexy.org/view/s27d69qHJW) Patrick writes in (http://slexy.org/view/s21FhLCHbB) Chris writes in (http://slexy.org/view/s20Hisk3Yw) Ron writes in (http://slexy.org/view/s20rBZyTLC) Tyler writes in (http://slexy.org/view/s2s4CxE4gd) ***
30: Documentation is King
Finally hit 30 episodes! Today we'll be chatting with Warren Block to discuss BSD documentation efforts and future plans. If you've ever wondered about the scary world of mailing lists, today's tutorial will show you the basics of how to get help and contribute back. There's lots to get to today, so sit back and enjoy some BSD Now - the place to B.. SD. This episode was brought to you by Headlines OpenBSD on a Sun T5120 (http://www.tedunangst.com/flak/post/OpenBSD-on-a-Sun-T5120) Our buddy Ted Unangst (http://www.bsdnow.tv/episodes/2014_02_05-time_signatures) got himself a cool Sun box Of course he had to write a post about installing and running OpenBSD on it The post goes through some of the quirks and steps to go through in case you're interested in one of these fine SPARC machines He's also got another post about OpenBSD on a Dell CS24-SC server (http://www.tedunangst.com/flak/post/Dell-CS24-SC-server) *** Bhyvecon 2014 videos are up (https://www.youtube.com/results?search_query=bhyvecon%20tokyo&sm=3) Like we mentioned last week, Bhyvecon (http://bhyvecon.org/) was an almost-impromptu conference before AsiaBSDCon The talks have apparently already been uploaded! Subjects include Bhyve's past, present and future, OSv on Bhyve, a general introduction to the tool, migrating those last few pesky Linux boxes to virtualization Lots more detail in the videos, so check 'em all out *** Building a FreeBSD wireless access point (http://blog.khubla.com/freebsd/building-my-own-wireless-point) We've got a new blog post about creating a wireless access point with FreeBSD After all the recent news of consumer routers being pwned like candy, it's time for people to start building BSD routers (http://www.bsdnow.tv/tutorials/openbsd-router) The author goes through a lot of the process of getting one set up using good ol' FreeBSD Using hostapd, he's able to share his wireless card in hostap mode and offer DHCP to all the clients Plenty of config files and more messy details in the post *** Switching from Synology to FreeNAS (http://www.notquitemainstream.com/2014/03/15/why-im-switching-from-synology-to-freenas/) The author has been considering getting a NAS for quite a while and documents his research He was faced with the compromise of convenience vs. flexibility - prebuilt or DIY After seeing the potential security issues with proprietary NAS devices, and dealing with frustration with trying to get bugs fixed, he makes the right choice The post also goes into some detail about his setup, all the things he needed a NAS to do as well as all the advantages an open source solution would give *** Interview - Warren Block - wblock@freebsd.org (mailto:wblock@freebsd.org) FreeBSD's documentation project, igor, doceng Tutorial The world of BSD mailing lists (http://www.bsdnow.tv/tutorials/mailing-lists) News Roundup HAMMER2 work and notes (http://www.shiningsilence.com/dbsdlog/2014/03/18/13651.html) Matthew Dillon has posted some updated notes about the development of the new HAMMER version The start of a cluster API was committed to the tree There are also links to design document, a freemap design document, a changes list and a todo list *** BSD Breaking Barriers (https://www.youtube.com/watch?v=buo5JlMnGPI) Our friend MWL (http://www.bsdnow.tv/episodes/2013_11_06-year_of_the_bsd_desktop) gave a talk at NYCBSDCon about BSD "breaking barriers" "What makes the BSD operating systems special? Why should you deploy your applications on BSD? Why does the BSD community keep growing, and why do Linux sites like DistroWatch say that BSD is where the interesting development work is happening? We'll cover the not-so-obvious reasons why BSD still stands tall after almost 40 years." He also has another upcoming talk, (or "webcast") called "Beyond Security: Getting to Know OpenBSD's Real Purpose (http://oreillynet.com/pub/e/3059)" "OpenBSD is frequently billed as a high-security operating system. That's true, but security isn't the OpenBSD Project's main goal. This webcast will introduce systems administrators to OpenBSD, explain the project's mission, and discuss the features and benefits." It's on May 27th and will hopefully be recorded *** FreeBSD in a chroot (http://dreamcat4.github.io/finch/) Finch, "FreeBSD running IN a CHroot," is a new project It's a way to extend the functionality of restricted USB-based FreeBSD systems (FreeNAS, etc.) All the details and some interesting use cases are on the github page He really needs to change the project name (https://www.freshports.org/net-im/finch) though *** PCBSD weekly digest (http://blog.pcbsd.org/2014/03/pc-bsd-weekly-feature-digest-22/) Lots of bugfixes for PCBSD coming down the tubes LZ4 compression is now enabled by default on the whole pool The latest 10-STABLE has been imported and builds are going Also the latest GNOME and Cinnamon builds have been imported and much more *** Feedback/Questions Bostjan writes in (http://slexy.org/view/s20SlvTcwd) (IRC suggests md5deep) Don writes in (http://slexy.org/view/s2PeMqXFid) kaltheat writes in (http://slexy.org/view/s21yii6KZe) (We use R0DE Podcast microphones and Logitech C920 HD webcams) Harri writes in (http://slexy.org/view/s21SkX19Cp) ***
29: P.E.F.S.
We're back from AsiaBSDCon! This week we'll be chatting with Gleb Kurtsou about some a filesystem-level encryption utility called PEFS. After that, we'll give you a step by step guide on how to actually use it. There's also the usual round of your questions and we've got a lot of news to catch up on, so stay tuned to BSD Now - the place to B.. SD. This episode was brought to you by Headlines Using OpenSSH Certificate Authentication (http://neocri.me/documentation/using-ssh-certificate-authentication/) SSH has a not-so-often-talked-about authentication option in addition to passwords and keys: certificates - you can add certificates to any current authentication method you're using They're not really that complex, there just isn't a lot of documentation on how to use them - this post tries to solve that There's the benefit of not needing a knownhosts file or authorizedusers file anymore The post goes into a fair amount of detail about the differences, advantages and implications of using certificates for authentication *** Back to FreeBSD, a new series (http://www.duckland.org/2014/03/back-to-freebsd-aka-day-1#more) Similar to the "FreeBSD Challenge" blog series, one of our listeners will be writing about his switching BACK to FreeBSD journey "So, a long time ago, I had a box which was running FreeBSD 4, running on a Pentium. 14 years later, I have decided to get back into FreeBSD, now at FreeBSD 10" He's starting off with PCBSD since it's easy to get working with dual graphics Should be a fun series to follow! *** OpenBSD's recent experiments in package building (http://undeadly.org/cgi?action=article&sid=20140307130554) If you'll remember back to our poudriere tutorial (http://www.bsdnow.tv/tutorials/poudriere), it lets you build FreeBSD binary packages in bulk - OpenBSD's version is called dpb (http://www.bsdnow.tv/tutorials/dpb) Marc Espie recently got some monster machines in russia to play with to help improve scaling of dpb on high end hardware This article goes through some of his findings and plans for future versions that increase performance We'll be showing a tutorial of dpb on the show in a few weeks *** Securing FreeBSD with 2FA (http://jafdip.com/securing-freebsd-2fa-two-factor-authentication/) So maybe you've set up two-factor authentication with gmail or twitter, but have you done it with your BSD box? This post walks us through the process of locking down an ssh server (http://www.bsdnow.tv/tutorials/ssh-tmux) with 2FA With just a mobile phone and a few extra tools, you can enable two-factor auth on your BSD box and have just that little extra bit of protections *** Interview - Gleb Kurtsou - gleb.kurtsou@gmail.com (mailto:gleb.kurtsou@gmail.com) PEFS (security audit results here (https://defuse.ca/audits/pefs.htm)) Tutorial Filesystem-based encryption with PEFS (http://www.bsdnow.tv/tutorials/pefs) News Roundup BSDCan 2014 registration (https://www.bsdcan.org/2014/registration.php) Registration is finally open! The prices are available along with a full list of presentations Tutorial sessions for various topics as well You have to go *** Big changes for OpenBSD 5.6 (http://undeadly.org/cgi?action=article&sid=20140314080734) Although 5.5 was just frozen and the release process has started, 5.6 is already looking promising OpenBSD has, for a long time, included a heavily-patched version of Apache based on 1.3 They've also imported nginx into base a few years ago, but now have finally removed Apache Sendmail is also no longer the default MTA, OpenSMTPD is the new default (http://undeadly.org/cgi?action=article&sid=20140313052817) Will BIND be removed next? Maybe so (http://marc.info/?l=openbsd-cvs&m=139492163427518&w=2) They've also discontinued the hp300, mvme68k and mvme88k ports *** Getting to know your portmgr lurkers (http://blogs.freebsdish.org/portmgr/2014/03/11/getting-to-know-your-portmgr-lurker-alexy-dokuchaev/) The "getting to know your portmgr" series makes its return This time we get to talk with danfe@ (probably most known for being the nVidia driver maintainer, but he does a lot with ports) How he got into FreeBSD? He "wanted a unix system that I could understand and that would not get bloated as time goes by" Mentions why he's still heavily involved with the project and lots more *** PCBSD weekly digest (http://blog.pcbsd.org/2014/03/pc-bsd-weekly-feature-digest-20/) Work has started to port Pulseaudio to PCBSD 10.0.1 There's a new "pc-mixer" utility being worked on for sound management as well New PBIs, GNOME/Mate updates, Life Preserver fixes and a lot more PCBSD 10.0.1 was released (http://blog.pcbsd.org/2014/03/pc-bsd-weekly-feature-digest-21-pcbsd-10-0-1-released/) too *** Feedback/Questions Alex writes in (http://slexy.org/view/s2QwjHkL2n) Ben writes in (http://slexy.org/view/s2wLGlHF15) Nick writes in (http://slexy.org/view/s21JsgRjMU) Sami writes in (http://slexy.org/view/s2UX4sYdHy) Christopher writes in (http://slexy.org/view/s26z60Qd6z) ***
28: Ghost of Partition
This week we're at AsiaBSDCon, so it'll be a shorter episode. We've got an interview with Eric Turgeon, founder of the desktop-focused GhostBSD project. Haven't heard of GhostBSD? Well stay tuned then. There's also a really interesting tutorial on how to serially concatenate disks in NetBSD. We'll be back next week with a normal episode. This episode was brought to you by Interview - Eric Turgeon - ericturgeon@ghostbsd.org (mailto:ericturgeon@ghostbsd.org) / @GhostBSD1 (https://twitter.com/GhostBSD1) GhostBSD Tutorial Serially concatenating disks in NetBSD (http://www.bsdnow.tv/tutorials/nbsd-disks) Feedback/Questions Dave writes in (http://slexy.org/view/s2ff5BOdU0) Shane writes in (http://slexy.org/view/s2F6j5fVYH) Rob writes in (http://slexy.org/view/s2GHmy7tuS) Predrag writes in (http://slexy.org/view/s2uM28feQe) ***
27: BSD Now vs. BSDTalk
The long-awaited meetup is finally happening on today's show. We're going to be interviewing the original BSD podcaster, Will Backman, to discuss what he's been up to and what the future of BSD advocacy looks like. After that, we'll be showing you how to track (and even cross-compile!) the -CURRENT branch of NetBSD. We've got answers to user-submitted questions and the latest news, on BSD Now - the place to B.. SD. This episode was brought to you by Headlines FreeBSD and OpenBSD in GSOC2014 (https://wiki.freebsd.org/SummerOfCode2014) The Google Summer of Code is a way to encourage students to write code for open source projects and make some money Both FreeBSD and OpenBSD were accepted, and we'd love for anyone listening to check out their GSOC pages The FreeBSD wiki has a list of things that they'd be interested in someone helping out with OpenBSD's want list was also posted (http://www.openbsdfoundation.org/gsoc2014.html) DragonflyBSD and NetBSD were sadly not accepted this year *** Yes, you too can be an evil network overlord (http://bsdly.blogspot.com/2014/02/yes-you-too-can-be-evil-network.html) A new blog post about monitoring your network using only free tools OpenBSD is a great fit, and has all the stuff you need in the base system or via packages It talks about the pflow pseudo-interface, its capabilities and relation to NetFlow (also goes well with pf) There's also details about flowd and nfsen, more great tools to make network monitoring easy If you're listening, Peter... stop ignoring our emails and come on the show! We know you're watching! *** BSDMag's February issue is out (http://bsdmag.org/magazine/1858-openbsd-5-4-configure-openbsd-basic-services) The theme is "configuring basic services on OpenBSD 5.4" There's also an interview with Peter Hansteen (oh hey...) Topics also include locking down SSH, a GIMP lesson, user/group management, and... Linux and Solaris articles? Why?? *** Changes in bcrypt (http://marc.info/?l=openbsd-misc&m=139320023202696&w=2) Not specific to any OS, but the OpenBSD team is updating their bcrypt implementation There is a bug in bcrypt when hashing long passwords - other OSes need to update theirs too! (FreeBSD already has) "The length is stored in an unsigned char type, which will overflow and wrap at 256. Although we consider the existence of affected hashes very rare, in order to differentiate hashes generated before and after the fix, we are introducing a new minor 'b'." As long as you upgrade your OpenBSD system in order (without skipping versions) you should be ok going forward Lots of specifics in the email, check the full thing *** Interview - Will Backman - bitgeist@yahoo.com (mailto:bitgeist@yahoo.com) / @bsdtalk (https://twitter.com/bsdtalk) The BSDTalk podcast, BSD advocacy, various topics Tutorial Tracking and cross-compiling -CURRENT (NetBSD) (http://www.bsdnow.tv/tutorials/current-nbsd) News Roundup X11 no longer needs root (http://undeadly.org/cgi?action=article&sid=20140223112426) Xorg has long since required root privileges to run the main server With recent work (http://marc.info/?l=openbsd-cvs&;m=139245772023497&w=2) from the OpenBSD team, now everything (even KMS) can run as a regular user Now you can set the "machdep.allowaperture" sysctl to 0 and still use a GUI *** OpenSSH 6.6 CFT (https://lists.mindrot.org/pipermail/openssh-unix-dev/2014-March/032259.html) Shortly after the huge 6.5 release, we get a routine bugfix update Test it out on as many systems as you can Check the mailing list for the full bug list *** Creating an OpenBSD USB drive (http://undeadly.org/cgi?action=article&sid=20140225072408) Since OpenBSD doesn't distribute any official USB images, here are some instructions on how to do it Step by step guide on how you can make your very own However, there's some recent emails (http://undeadly.org/cgi?action=article&sid=20140228231258) that suggest official USB images may be coming soon... oh wait (http://marc.info/?l=openbsd-cvs&m=139377587526463&w=2) *** PCBSD weekly digest (http://blog.pcbsd.org/2014/02/pc-bsd-weekly-feature-digest-19/) New PBI updates that allow separate ports from /usr/local You need to rebuild pbi-manager if you want to try it out Updates and changes to Life Preserver, App Cafe, PCDM *** Feedback/Questions espressowar writes in (http://slexy.org/view/s2JpJ5EaZp) Antonio writes in (http://slexy.org/view/s2QpPevJ3J) Christian writes in (http://slexy.org/view/s2EZLxDfWh) Adam writes in (http://slexy.org/view/s21gEBZbmG) Alex writes in (http://slexy.org/view/s2RnCO1p9c) ***
26: Port Authority
On today's show we have an interview with Joe Marcus Clark, one of the original portmgr members in FreeBSD, and one of the key GNOME porters. Keeping along with that topic, we have a FreeBSD ports tutorial for you as well. The latest news and answers to your BSD questions, right here on BSD Now - the place to B.. SD. This episode was brought to you by Headlines Tailoring OpenBSD for an old, strange computer (http://multixden.blogspot.com/2014/02/tailoring-openbsd-for-old-strange.html) The author of this article had an OmniBook 800CT (http://hpmuseum.net/display_item.php?hw=233), which comes with a pop-out mouse, black and white display, 32MB of RAM and a 133MHz CPU Obviously he had to install some kind of BSD on it! This post goes through all his efforts of trimming down OpenBSD to work on such a limited device He goes through the trial and error of "compile, break it, rebuild, try again" After cutting a lot out from the kernel, saving a precious megabyte here and there, he eventually gets it working *** pkgsrcCon and BSDCan (http://www.pkgsrc.org/pkgsrcCon/2014/) pkgsrccon is "a technical conference for people working on the NetBSD Packages Collection, focusing on existing technologies, research projects, and works-in-progress in pkgsrc infrastructure" This year it will be on June 21st and 22nd The schedule (http://www.pkgsrc.org/pkgsrcCon/2014/schedule.html) is still being worked out, so if you want to give a talk, submit it BSDCan's schedule (https://www.bsdcan.org/2014/schedule/events.en.html) was also announced We'll be having presentations about ARM on NetBSD and FreeBSD, PF on OpenBSD, Capsicum and casperd, ASLR in FreeBSD, more about migrating from Linux to BSD, FreeNAS stuff and much more Kris' presentation was accepted! Tons of topics, look forward to the recorded versions of all of them hopefully! *** Two factor auth with pushover (http://www.tedunangst.com/flak/post/login-pushover) A new write-up from our friend Ted Unangst (http://www.bsdnow.tv/episodes/2014_02_05-time_signatures) Pushover is "a web hook to smartphone push notification gateway" - you sent a POST to a web server and it sends a code to your phone His post goes through the steps of editing your login.conf and setting it all up to work Now you can get a two factor authenticated login for ssh! *** The status of GNOME 3 on BSD (http://undeadly.org/cgi?action=article&sid=20140219085851) It's no secret that the GNOME team is a Linux-obsessed bunch, almost to the point of being hostile towards other operating systems OpenBSD keeps their GNOME 3 ports up to date very well, and Antoine Jacoutot writes about his work on that and how easy it is to use This post goes through the process of how simple it is to get GNOME 3 set up on OpenBSD and even includes a screencast (https://www.bsdfrog.org/tmp/undeadly-gnome.webm) A few recent (http://blogs.gnome.org/mclasen/2014/02/19/on-portability/) posts (http://blogs.gnome.org/desrt/2014/02/19/on-portability/) from some GNOME developers show that they're finally working with the BSD guys to improve portability The FreeBSD and OpenBSD teams are working together to bring the latest GNOME to all of us - it's a beautiful thing This goes right along with our interview today! *** Interview - Joe Marcus Clark - marcus@freebsd.org (mailto:marcus@freebsd.org) The life and daily activities of portmgr, GNOME 3, Tinderbox, portlint, various topics Tutorial The FreeBSD Ports Collection (http://www.bsdnow.tv/tutorials/ports) News Roundup DragonflyBSD 3.8 goals and 3.6.1 release (http://bugs.dragonflybsd.org/versions/4) The Dragonfly team is thinking about what should be in version 3.8 On their bug tracker, it lists some of the things they'd like to get done before then In the meantime, 3.6.1 (http://lists.dragonflybsd.org/pipermail/commits/2014-February/199294.html) was released with lots of bugfixes *** NYCBSDCon 2014 wrap-up piece (http://www.informit.com/blogs/blog.aspx?uk=NYCBSDCon-2014-Rocked-a-Cold-February-Weekend) We've got a nice wrap-up titled "NYCBSDCon 2014 Heats Up a Cold Winter Weekend" The author also interviews GNN (http://www.bsdnow.tv/episodes/2014_01_29-journaled_news_updates) about the conference There's even a little "beginner introduction" to BSD segment Includes a mention of the recently-launched journal and lots of pictures from the event *** FreeBSD and Linux, a comparative analysis (https://www.youtube.com/watch?&v=5mv_oKFzACM#t=418) GNN in yet another story - he gave a presentation at the NYLUG about the differences between FreeBSD and Linux He mentions the history of BSD, the patch set and 386BSD, the lawsuit, philosophy and license differences, a complete system vs "distros," development models, BSD-only features and technologies, how to become a committer, overall comparisons, different hats and roles, the different bsds and their goals and actual code differences Serves as a good introduction you can show your Linux friends *** PCBSD CFT and weekly digest (http://blog.pcbsd.org/2014/02/call-for-testers-new-major-upgrade-methodology/) Upgrade tools have gotten a major rewrite You have to help test it, there is no choice! Read more here (http://blog.pcbsd.org/2014/02/pc-bsd-weekly-feature-digest-18/) How dare Kris be "unimpressed with" freebsd-update and pkgng!? Various updates and fixes *** Feedback/Questions Jeffrey writes in (http://slexy.org/view/s213KxUdVj) Shane writes in (http://slexy.org/view/s20lwkjLVK) Ferdinand writes in (http://slexy.org/view/s21DqJs77g) Curtis writes in (http://slexy.org/view/s20eXKEqJc) Clint writes in (http://slexy.org/view/s21XMVFuVu) Peter writes in (http://slexy.org/view/s20Xk05MHe) ***