General notes on OpenBSD

OpenBSD is a free and open-source UNIX-like BSD-based operating system focused on proactive security.

Installation

The installer is straightforward if you follow the script. Encryption requires some more steps. The following steps should work for OpenBSD 6.7.

Encryption

We need to set up softraid and bioctl. At the initial prompt, drop a shell session.

Create the /dev/sd0 device and write random data onto the drive.

# cd /dev
# sh MAKEDEV sd0
# dd if=/dev/urandom of=/dev/rsd0c bs=1m

Initialize the partition table.

# #for UEFI
# fdisk -iy -g -b 960 sd0

# #for MBR
# fdisk -iy sd0

Create your partition layout.

# disklabel -E sd0
sd0> a a
offset: [64]
size: [39825135] *
FS type: [4.2BSD] RAID
sd0> w
sd0> q
No label changes.

Now that the a parition is created, we can encrypt it.

# bioctl -c C -l sd0a softraid0

Exit the session.

# exit

Firmwares

OpenBSD only comes with firmwares that have acceptables licences. You may need to download your missing firmares from their open directory, or use fw_update.

You can install your missing drivers from files like this:

# fw_update -p [path] [driver]

Or directly from if your installation is already connected to the internet.

# fw_update -a

Post installation

xenodm

During the install script, you chose to enable or not xenodm. It may be easier to disable this display manager to debug your X setup.

# #disable xenodm
# rcctl disable xenodm

# #enable xenodm
# rcctl enable xenodm

You can also tinker with /etc/rc.conf.local.

man pages

Copy the example file to /etc and add manage your manpath.

# cp /etc/examples/man.conf /etc/man.conf

doas

doas is a replacement to sudo. You can configure it by editing doas.conf. Just like man.conf, there is an template in /etc/examples

Flavors

There is three flavors of OpenBSD.

It is recommanded to follow -stable or -current if patches matters.

To follow the -stable flavor, you have to use syspatch

# #install patches
# syspatch

# #revert to -release
# syspatch -R

# #revert the last installed patch
# syspatch -r

You can't install patches independently.

To follow current, the command sysupgrade is the way to go since OpenBSD 6.6.

# sysupgrade -s

Ports

9front on vmm

Setting up vmm

From Sigrid’s notes.

Edit /etc/vm.conf, /etc/hostname.vether0 and /etc/hostname.bridge0.

# vm.conf
vm "9front" {
        disable
        memory 2048
        disk "/home/ftrvx/v/9front.qcow2"
        #cdrom "/home/ftrvx/v/9front.iso"
        owner ftrvx
        interface {
                lladdr 52:54:00:00:EE:03
                switch "uplink"
        }
}
switch "uplink" {
        interface bridge0
}
# hostname.vether0
inet 10.0.2.1/24
up
# hostname.bridge0
inet 10.0.2.1/24
up

The configuration will work at next boot, or, if you have to test it right now, run:

# sh /etc/netstart vether0
# sh /etc/netstart bridge0

Configure 9front

Your plan9.ini won't work as intended with vmm.

It can be edited if you press Enter before 9front’s kernel is loaded.

Set console=0 at the prompt and then boot to load the kernel with your modifications.

Once you are set, edit plan9.ini with ed or sam.

% 9fs 9fat
% sam -d /n/9fat/plan9.ini

Mine looks like this:

bootfile=9pc
nobootprompt=local!/dev/sdF0/fs -m 192 -A -a tcp!*!564
mouseport=ps2intellimouse
monitor=none
console=0
service=cpu

Your 9front can be launched with vmctl and you can use it with drawterm.

$ vmctl start 9front
$ vmctl stop 9front
$ drawterm -a 10.0.2.2 -h 10.0.2.2 -u glenda

$ #if you need a console
$ vmctl start -c 9front

Found a mistake? Submit a patch to openbsd.

incoming(1): cpu auth

Last update on 20O09, edited 2 times. +6/14fh○○○○○●