Created by three guys who love BSD, we cover the latest news and have an extensive series of tutorials, as well as interviews with various people from all areas of the BSD community. It also serves as a platform for support and questions. We love and advocate FreeBSD, OpenBSD, NetBSD, DragonFlyBSD and TrueOS. Our show aims to be helpful and informative for new users that want to learn about them, but still be entertaining for the people who are already pros. The show airs on Wednesdays at 2:00PM (US Eastern time) and the edited version is usually up the following day.
Similar Podcasts
Elixir Outlaws
Elixir Outlaws is an informal discussion about interesting things happening in Elixir. Our goal is to capture the spirit of a conference hallway discussion in a podcast.
The Cynical Developer
A UK based Technology and Software Developer Podcast that helps you to improve your development knowledge and career,
through explaining the latest and greatest in development technology and providing you with what you need to succeed as a developer.
Programming Throwdown
Programming Throwdown educates Computer Scientists and Software Engineers on a cavalcade of programming and tech topics. Every show will cover a new programming language, so listeners will be able to speak intelligently about any programming language.
15: Kickin' NAS
This time on the show, we'll be looking at the new version of FreeNAS, a BSD-based network attached storage solution, as well as talking to Josh Paetzel - one of the key developers of FreeNAS. Actually, he's on the FreeBSD release engineering team too, and does quite a lot for the project. We've got answers to your viewer-submitted questions and plenty of news to cover, so get ready for some BSD Now - the place to B.. SD. This episode was brought to you by Headlines More faces of FreeBSD (http://freebsdfoundation.blogspot.com/2013/12/faces-of-freebsd-reid-linnemann.html) Another installment of the FoF series This time they talk with Reid Linnemann who works at Spectra Logic Gives a history of all the different jobs he's done, all the programming languages he knows Mentions how he first learned about FreeBSD, actually pretty similar to Kris' story "I used the system to build and install ports, and explored, getting actively involved in the mailing lists and forums, studying, passing on my own limited knowledge to those who could benefit from it. I pursued my career in the open source software world, learning the differences in BSD and GNU licensing and the fragmented nature of Linux distributions, realizing the FreeBSD community was more mature and well distributed about industry, education, and research. Everything steered me towards working with and on FreeBSD." Now works on FreeBSD as his day job The second one (http://freebsdfoundation.blogspot.com/2013/12/faces-of-freebsd-brooks-davis.html) covers Brooks Davis FreeBSD committer since 2001 and core team member from 2006 through 2012 He's helped drive our transition from a GNU toolchain to a more modern LLVM-based toolchain "One of the reasons I like FreeBSD is the community involved in the process of building a principled, technically-advanced operating system platform. Not only do we produce a great product, but we have fun doing it." Lots more in the show notes *** We cannot trust Intel and Via’s chip-based crypto (https://www.freebsd.org/news/status/report-2013-09-devsummit.html#Security) We woke up to see FreeBSD on the front page of The Register (http://www.theregister.co.uk/2013/12/09/freebsd_abandoning_hardware_randomness/), Ars Technica (http://arstechnica.com/security/2013/12/we-cannot-trust-intel-and-vias-chip-based-crypto-freebsd-developers-say/), Slashdot (http://it.slashdot.org/story/13/12/11/1919201/freebsd-developers-will-not-trust-chip-based-encryption) and Hacker News (https://news.ycombinator.com/item?id=6880474) for their strong stance on security and respecting privacy At the EuroBSDCon dev summit, there was some discussion about removing support for hardware-based random number generators. FreeBSD's /dev/random got some updates and, for 10.0, will no longer allow the use of Intel or VIA's hardware RNGs as the sole point of entropy "It will still be possible to access hardware random number generators, that is, RDRAND, Padlock etc., directly by inline assembly or by using OpenSSL from userland, if required, but we cannot trust them any more" *** OpenSMTPD 5.4.1 released (http://article.gmane.org/gmane.mail.opensmtpd.general/1146) The OpenBSD developers came out with major a new version Improved config syntax (please check your smtpd.conf before upgrading) Adds support for TLS Perfect Forward Secrecy and custom CA certificate MTA, Queue and SMTP server improvements SNI support confirmed for the next version Check the show notes for the full list of changes, pretty huge release Watch Episode 3 (http://www.bsdnow.tv/episodes/2013-09-18_mx_with_ttx) for an interview we did with the developers *** More getting to know your portmgr (http://blogs.freebsdish.org/portmgr/2013/12/02/getting-to-know-your-portmgr-thomas-abthorpe/) The portmgr secretary, Thomas Abthorpe, interviews... himself! Joined as -secretary in March 2010, upgraded to full member in March 2011 His inspiration for using BSD is "I wanted to run a webserver, and I wanted something free. I was going to use something linux, then met up with a former prof from university, and shared my story with him. He told me FreeBSD was the way to go." Mentions how he loves that anyone can contribute and watch it "go live" The second one (http://blogs.freebsdish.org/portmgr/2013/12/09/getting-to-know-your-portmgr-baptiste-daroussin/) covers Baptiste Daroussin The reason for his nick, bapt, is "Baptiste is too long to type" There's even a video (https://www.youtube.com/watch?v=tZk__K8rqOg) of bapt joining the team! *** Interview - Santa Clause - josh@ixsystems.com (mailto:josh@ixsystems.com) / @freenasteam (https://twitter.com/freenasteam) FreeNAS 9.2.0 (http://www.freenas.org/whats-new/2013/12/freenas-9-2-0-rc-available.html) Note: we originally scheduled the interview to be with Josh Paetzel, but Santa showed up instead. Tutorial FreeNAS walkthrough News Roundup Introducing configinit (http://www.daemonology.net/blog/2013-12-09-FreeBSD-EC2-configinit.html) CloudInit is "a system originally written for Ubuntu which performs configuration of a system at boot-time based on user-data provided via EC2" Wasn't ideal for FreeBSD since it requires python and is designed around the concept of configuring a system by running commands (rather than editing configuration files) Colin Percival came up with configinit, a FreeBSD alternative Alongside his new "firstboot-pkgs" port, it can spin up a webserver in 120 seconds from "launch" of the EC2 instance Check the show notes for full blog post *** OpenSSH support for Ed25519 and bcrypt keys (http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/PROTOCOL.key?rev=1.1;content-type=text%2Fx-cvsweb-markup) New Ed25519 key support (hostkeys and user identities) using the public domain ed25519 reference code SSH private keys were encrypted with a symmetric key that's just an MD5 of their password Now they'll be using bcrypt by default (http://marc.info/?l=openbsd-cvs&m=138633721618361&w=2) We'll get more into this in next week's interview *** The FreeBSD challenge (http://thelinuxcauldron.com/2013/12/08/freebsd-challenge/) A member of the Linux foundation blogs about using FreeBSD Goes through all the beginner steps, has to "unlearn" some of his Linux ways Only a few posts as of this time, but it's a continuing series that may be helpful for switchers *** PCBSD weekly digest (http://blog.pcbsd.org/2013/12/pc-bsd-weekly-feature-digest-111513-2/) GNOME3, cinnamon and mate desktops are in the installer Compat layer updated to CentOS 6, enables newest Skype Looking for people to test printers and hplip Continuing work on grub, but the ability to switch between bootloaders is back *** Feedback/Questions Bostjan writes in (http://slexy.org/view/s20k2gumbP) Jason writes in (http://slexy.org/view/s2PM8tfKfe) John writes in (http://slexy.org/view/s2KgXIKqrJ) Kjell-Aleksander writes in (http://slexy.org/view/s20DLk8bac) Alexy writes in (http://slexy.org/view/s2nmmJHvgR) ***
14: Zettabytes for Days
This week is the long-awaited episode you've been asking for! We'll be giving you a crash course on becoming a ZFS wizard, as well as having a chat with George Wilson about the OpenZFS project's recent developments. We have answers to your feedback emails and there are some great news items to get caught up on too, so stay tuned to BSD Now - the place to B.. SD. Headlines pkgng 1.2 released (https://svnweb.freebsd.org/ports?view=revision&revision=334937) bapt and bdrewery from the portmgr team released pkgng 1.2 final New features include an improved build system, plugin improvements, new bootstrapping command, SRV mirror improvements, a new "pkg config" command, repo improvements, vuXML is now default, new fingerprint features and much more Really simple to upgrade, check our pkgng tutorial (http://www.bsdnow.tv/tutorials/pkgng) if you want some easy instructions It's also made its way into Dragonfly (http://lists.dragonflybsd.org/pipermail/users/2013-November/090339.html) See the show notes for the full list of new features and fixes *** ChaCha20 and Poly1305 in OpenSSH (http://blog.djm.net.au/2013/11/chacha20-and-poly1305-in-openssh.html) Damien Miller recently committed support for a new authenticated encryption cipher for OpenSSH, chacha20-poly1305 Long blog post explaining what these are and why we need them This cipher combines two primitives: the ChaCha20 cipher and the Poly1305 MAC RC4 is broken, we needed an authenticated encryption mode to complement AES-GCM that doesn't show the packet length in cleartext Great explanation of the differences between EtM, MtE and EaM and their advantages "Both AES-GCM and the EtM MAC modes have a small downside though: because we no longer desire to decrypt the packet as we go, the packet length must be transmitted in plaintext. This unfortunately makes some forms of traffic analysis easier as the attacker can just read the packet lengths directly." *** Is it time to dump Linux and move to BSD (http://www.itworld.com/open-source/384383/should-you-switch-linux-bsd) ITworld did an article about switching from Linux to BSD The author's interest was sparked from a review he was reading that said "I feel the BSD communities, especially the FreeBSD-based projects, are where the interesting developments are happening these days. Over in FreeBSD land we have efficient PBI bundles, a mature advanced file system in the form of ZFS, new friendly and powerful system installers, a new package manager (pkgng), a powerful jail manager and there will soon be new virtualization technology coming with the release of FreeBSD 10.0" The whole article can be summed up with "yes" - ok, next story! *** OpenZFS devsummit videos (https://www.youtube.com/user/deirdres/videos) The OpenZFS developer summit (http://www.open-zfs.org/wiki/OpenZFS_Developer_Summit_2013) discussion and presentation videos are up People from various operating systems (FreeBSD, Mac OS X, illumos, etc.) were there to discuss ZFS on their platforms and the challenges they faced Question and answer session from representatives of every OS - had a couple FreeBSD guys there including one from the foundation Presentations both about ZFS itself and some hardware-based solutions for implementing ZFS in production TONS of video, about 6 hours' worth This leads us into our interview, which is... *** Interview - George Wilson - wilzun@gmail.com (mailto:wilzun@gmail.com) / @zfsdude (https://twitter.com/zfsdude) OpenZFS Tutorial A crash course on ZFS (http://www.bsdnow.tv/tutorials/zfs) News Roundup ruBSD 2013 information (http://undeadly.org/cgi?action=article&sid=20131126113154) The ruBSD 2013 conference will take place on Saturday December 14, 2013 at 10:30 AM in Moscow, Russia Speakers include three OpenBSD developers, Theo de Raadt (http://www.bsdnow.tv/episodes/2013_10_09-doing_it_de_raadt_way), Henning Brauer (http://www.bsdnow.tv/episodes/2013_10_30-current_events) and Mike Belopuhov Their talks are titled "The bane of backwards compatibility," "OpenBSD's pf: Design, Implementation and Future" and "OpenBSD: Where crypto is going?" No word on if there will be video recordings, but we'll let you know if that changes *** DragonFly roadmap, post 3.6 (http://www.shiningsilence.com/dbsdlog/2013/11/28/12874.html) John Marino posted a possible roadmap for DragonFly, now that they're past the 3.6 release He wants some third party vendor software updated from very old versions (WPA supplicant, bmake, binutils) Plans to replace GCC44 with Clang, but GCC47 will probably be the primary compiler still Bring in fixes and new stuff from FreeBSD 10 *** BSDCan 2014 CFP (http://lists.bsdcan.org/pipermail/bsdcan-announce/2013-December/000123.html) BSDCan 2014 will be held on May 16-17 in Ottawa, Canada They're now accepting proposals for talks If you are doing something interesting with a BSD operating system, please submit a proposal We'll be getting lots of interviews there *** casperd added to -CURRENT (https://svnweb.freebsd.org/base?view=revision&revision=258838) "It (and its services) will be responsible forgiving access to functionality that is not available in capability modes and box. The functionality can be precisely restricted." Lists some sysctls that can be controlled *** ZFS corruption bug fixed in -CURRENT (https://svnweb.freebsd.org/base?view=revision&revision=258704) Just a quick follow-up from last week, the ZFS corruption bug in FreeBSD -CURRENT was very quickly fixed, before that episode was even uploaded *** Feedback/Questions Chris writes in (http://slexy.org/view/s2JDWKjs7l) SW writes in (http://slexy.org/view/s20BLqxTWD) Jason writes in (http://slexy.org/view/s2939tUOf5) Clint writes in (http://slexy.org/view/s21qKY6qIb) Chris writes in (http://slexy.org/view/s20LWlmhoK) ***
13: Bridging the Gap
This week on the show, we sit down for an interview with Jordan Hubbard, one of the founders of the FreeBSD project - and the one who invented ports! Later in the show, we'll be showing you some new updates to the OpenBSD router tutorial from a couple weeks ago. We've also got news, your questions and even our first viewer-submitted video, right here on BSD Now.. the place to B.. SD. Headlines Getting to know your portmgr (http://blogs.freebsdish.org/portmgr/2013/11/18/getting-to-know-your-portmgr-erwin-lansing/) In this interview they talk to one of the "Annoying Reminder Guys" - Erwin Lansing, the second longest serving member of FreeBSD's portmgr (also vice-president of the FreeBSD Foundation) He actually maintains the .dk ccTLD Describes FreeBSD as "the best well-hidden success story in operating systems, by now in the hands of more people than one can count and used by even more people, and not one of them knows it! It’s not only the best operating system currently around, but also the most supportive and inspiring community." In the next one (http://blogs.freebsdish.org/portmgr/2013/11/25/getting-to-know-your-portmgr-martin-wilke/) they speak with Martin Wilke (miwi@) The usual, "what inspires you about FreeBSD" "how did you get into it" etc. *** vBSDCon wrap-up compilation (http://blog.hostileadmin.com/2013/11/20/vbsdcon-wrap-ups/) Lots of write-ups about vBSDCon gathered in one place Some from OpenBSD guys (http://undeadly.org/cgi?action=article&sid=20131121050402) Some from FreeBSD guys (http://freebsdfoundation.blogspot.com/2013/11/vbsdcon-trip-report-john-mark-gurney.html) Some from RootBSD (http://www.rootbsd.net/vbsdcon-2013-wrap-up/) Some from iXsystems (http://www.ixsystems.com/resources/ix/blog/vbsdcon-2013.html) Some from Verisign (http://blogs.verisigninc.com/blog/entry/builders_and_archaeologists) And of course our own wrap-up chat in BSD Now Episode 009 (http://www.bsdnow.tv/episodes/2013_10_30-current_events) *** Faces of FreeBSD (http://freebsdfoundation.blogspot.com/2013/11/faces-of-freebsd-each-week-we-are-going.html) This week they talk to Gábor Páli from Hungary Talks about his past as a game programmer and how it got involved with FreeBSD "I met János Háber, who admired the technical merits of FreeBSD and recommended it over the popular GNU/Linux distributions. I downloaded FreeBSD 4.3-RELEASE, found it reliable, consistent, easy to install, update and use." He's been contributing since 2008 and does lots of work with Haskell in ports He also organizes EuroBSDCon and is secretary of the FreeBSD Core Team *** Dragonfly 3.6 released (http://www.dragonflybsd.org/release36/) dports now default instead of pkgsrc Big SMP scaling improvements Experimental i915 and KMS support See our interview (http://www.bsdnow.tv/episodes/2013_11_13-the_gateway_drug) with Justin Sherrill if you want to hear (a lot) more about it - nearly an hour long *** Interview - Jordan Hubbard - jkh@freebsd.org (mailto:jkh@freebsd.org) / @omgjkh (https://twitter.com/omgjkh) FreeBSD's founding and future Tutorial Building an OpenBSD router, part 2 (http://www.bsdnow.tv/tutorials/openbsd-router) Note: there was a mistake in the video version of the tutorial, please consult the written version for the proper instructions. *** News Roundup pfSense 2.1 on AWS EC2 (http://blog.pfsense.org/?p=1132) We now have pfSense 2.1 available on Amazon’s Elastic Compute Cloud (EC2) In keeping with the community spirit, they’re also offering a free "public" AMI Check the FAQ and User Guide on their site for additional details Interesting possibilities with pfSense in the cloud *** Puffy on the desktop (http://distrowatch.com/weekly.php?issue=20131118#feature) Distrowatch, a primarily Linux-focused site, features an OpenBSD 5.4 review They talk about using it on the desktop, how to set it up Very long write-up, curious Linux users should give it a read Ends with "Most people will still see OpenBSD as an operating system for servers and firewalls, but OpenBSD can also be used in desktop environments if the user doesn't mind a little manual work. The payoff is a very light, responsive system that is unlikely to ever misbehave" *** Two-factor authentication with SSH (http://cmacr.ae/openbsd/security/networking/2013/11/25/ssh-yubi.html) Blog post about using a yubikey with SSH public keys Uses a combination of a OTP, BSDAuth and OpenBSD's login.conf, but it can be used with PAM on other systems as well Allows for two-factor authentication (a la gmail) in case your private key is compromised Anyone interested in an extra-hardened SSH server should give it a read *** PCBSD weekly digest (http://blog.pcbsd.org/2013/11/weekly-feature-digest-112313/) 10.0 has approximately 400 PBIs for public consumption They will be merging the GNOME3, MATE and Cinnamon desktops into the 10.0 ports tree - please help test them, this is pretty big news in and of itself! PCDM is coming along nicely, more bugs are getting fixed Added ZFS dataset options to PCBSD’s new text installer front-end *** Feedback/Questions Ben writes in (http://slexy.org/view/s2ag1fA7Ug) Florian writes in (http://slexy.org/view/s2TSIvZzVO) Zach writes in (http://slexy.org/view/s20Po4soFF) Addison writes in (http://slexy.org/view/s20ntzqi9c) Adam writes in (http://slexy.org/view/s2EYJjVKBk) Adam (https://twitter.com/redshirtlinux)'s BSD Router Project tutorial can be downloaded here (http://bsdnow.cdn.scaleengine.net/bsdrouterproject.m4v). ***
12: Collecting SSHells
This week we'll be talking to Amitai Schlair of the NetBSD foundation about pkgsrc, NetBSD's future plans and much more. After that, if you've ever wondered what all this SSH stuff is about, today's tutorial has got you covered. We'll be showing you the basics of SSH, as well as how to combine it with tmux for persistent sessions. News, feedback and everything else, right here on BSD Now - the place to B.. SD. Headlines Faces of FreeBSD (http://freebsdfoundation.blogspot.com/2013/11/faces-of-freebsd-colin-percival.html) The FreeBSD foundation is publishing articles on different FreeBSD developers This one is about Colin Percival (cperciva@), the ex-security officer Tells the story of how he first found BSD, what he contributed back, how he eventually became the security officer Running series with more to come *** Lots of BSD presentation videos uploaded (http://www.freebsdnews.net/2013/11/14/eurobsdcon-2013-devsummit-video-recordings/) EuroBSDCon 2013 dev summit videos, AsiaBSDCon 2013 videos, MWL's presentation video Most of us never get to see the dev summit talks since they're only for developers AsiaBSDCon 2013 videos also up (https://www.youtube.com/user/bsdconferences) finally List of AsiaBSDCon presentation topics here (http://2013.asiabsdcon.org/papers/index.html) Our buddy Michael W Lucas gave an "OpenBSD for Linux users" talk (http://blather.michaelwlucas.com/archives/1879) at a Michigan Unix Users Group. He says "Among other things, I compare OpenBSD to Richard Stallman and physically assault an audience member. We also talk long long time, memory randomization, PF, BSD license versus GPL, Microsoft and other OpenBSD stuff" Really informative presentation, pretty long, answers some common questions at the end *** Call for Presentations: FOSDEM 2014 and NYCBSDCon 2014 (https://blog.netbsd.org/tnf/entry/call_for_presentations_bsd_devroom) FOSDEM 2014 will take place on 1–2 February, 2014, in Brussels, Belgium Just like in the last years, there will be both a BSD booth and a developer's room The topics of the devroom include all BSD operating systems. Every talk is welcome, from internal hacker discussion to real-world examples and presentations about new and shiny features. If you are in the area or want to go, check the show notes for details NYCBSDCon is also accepting papers (http://undeadly.org/cgi?action=article&sid=20131119053455). It'll be in New York City at the beginning of February 2014 If anyone wants to give a talk at one of these conferences, go ahead and send in your stuff! *** FreeBSD foundation's year-end fundraising campaign (https://lists.freebsd.org/pipermail/freebsd-announce/2013-November/001511.html) The FreeBSD foundation has been supporting the FreeBSD project and community for over 13 years As of today they have raised about half a million dollars, but still have a while to go Donations go towards new features, paying for the server infrastructure, conferences, supporting the community, hiring full-time staff members and promoting FreeBSD at events They are preparing the debut of a new online magazine, the FreeBSD Journal Typically big companies make their huge donations in December, like a couple of anonymous donors that gave around $250,000 each last year Make your donation today (http://www.freebsdfoundation.org/donate/) over at freebsdfoundation.org, every little bit helps Everyone involved with BSD Now made a donation last year and will do so again this year *** Interview - Amitai Schlair - schmonz@netbsd.org (mailto:schmonz@netbsd.org) / @schmonz (https://twitter.com/schmonz) The NetBSD Foundation, pkgsrc, future plans Tutorial Combining SSH and tmux (http://www.bsdnow.tv/tutorials/ssh-tmux) Note: there was a mistake in the video version of the tutorial, please consult the written version for the proper instructions. *** News Roundup PS4 released (http://www.theregister.co.uk/2013/11/16/sony_playstation_4_kernel) Sony's Playstation 4 is finally released As previously thought, its OS is heavily based on FreeBSD and uses the kernel among other things Link in the show notes contains the full list of BSD software they're using (http://www.scei.co.jp/ps4-license/) Always good to see BSD being so widespread *** BSD Mag November issue (http://bsdmag.org/magazine/1853-hast-on-freebsd-how-to-make-storage-highly-availble-by-using-hast) Free monthly BSD magazine publishes another issue This time their topics include: Configuring a Highly Available Service on FreeBSD, IT Inventory & Asset Management Automation, more FreeBSD Programming Primer, PfSense and Snort and a few others PDF linked in the show notes *** pbulk builds made easy (http://mail-index.netbsd.org/pkgsrc-users/2013/11/09/msg018881.html) NetBSD's pbulk tool (https://www.netbsd.org/docs/pkgsrc/bulk.html) is similar to poudriere (http://www.bsdnow.tv/tutorials/poudriere), but for pkgsrc While working on updating the documentation, a developer cleaned up quite a lot of code He wrote a script that automates pbulk deployment and setup The whole setup of a dedicated machine has been reduced to just three commands *** PCBSD weekly digest (http://blog.pcbsd.org/2013/11/pc-bsd-weekly-feature-digest-111513/) Over 200 PBIs have been populated in to the PC-BSD 10 Stable Appcafe Many PC-BSD programs received some necessary bug fixes and updates Some include network detection in the package and update managers, nvidia graphic detection, security updates for PCDM *** Feedback/Questions Peter writes in (http://slexy.org/view/s21oh3vP7t) Kjell-Aleksander writes in (http://slexy.org/view/s21zfqcWMP) Jordan writes in (http://slexy.org/view/s2ZmW77Odb) Christian writes in (http://slexy.org/view/s2BZq7xiyo) entransic writes in (http://slexy.org/view/s21xrk0M4k) ***
11: The Gateway Drug
This time on the show, we sit down to chat with Justin Sherrill of the DragonflyBSD project about their new 3.6 release. Later on, we'll be showing you a huge tutorial that's been baking for over a month - how to build an OpenBSD router that'll destroy any consumer router on the market! There's lots of news to get caught up on as well, so sit back and enjoy some BSD Now - the place to B.. SD. Headlines OpenSSH 6.4 released (http://openssh.com/txt/release-6.4) Security fixes in OpenSSH (http://openssh.com/) don't happen very often 6.4 fixes a memory corruption problem, no new features If exploited, this vulnerability might permit code execution with the privileges of the authenticated user and may therefore allow bypassing restricted shell/command configurations. Disabling AES-GCM in the server configuration is a workaround Only affects 6.2 and 6.3 if compiled against a newer OpenSSL (so FreeBSD 9's base OpenSSL is unaffected, for example) Full details here (http://www.openssh.com/txt/gcmrekey.adv) *** Getting to know your portmgr-lurkers (http://blogs.freebsdish.org/portmgr/2013/11/04/getting-to-know-your-portmgr-mathieu-arnold/) Next entry in portmgr interview series This time they chat with Mathieu Arnold, one of the portmgr-lurkers we mentioned previously Lots of questions ranging from why he uses BSD to what he had for breakfast Another one (http://blogs.freebsdish.org/portmgr/2013/11/11/getting-to-know-your-portmgr-antoine-brodin/) was since released, with Antoine Brodin aka antoine@ *** FUSE in OpenBSD (http://undeadly.org/cgi?action=article&sid=20131108082749) As we glossed over last week, FUSE was recently added to OpenBSD Now the guys from the OpenBSD Journal have tracked down more information This version is released under an ISC license Should be in OpenBSD 5.5, released a little less than 6 months from now Will finally enable things like SSHFS to work in OpenBSD *** Automated submission of kernel panic reports (https://lists.freebsd.org/pipermail/freebsd-current/2013-November/046175.html) New tool from Colin Percival Saves information about kernel panics and emails it to FreeBSD Lets you review before sending so you can edit out any private info Automatically encrypted before being sent FreeBSD never kernel panics so this won't get much use *** Interview - Justin Sherrill - justin@dragonflybsd.org (mailto:justin@dragonflybsd.org) / @dragonflybsd (https://twitter.com/dragonflybsd) DragonflyBSD 3.6 and the Dragonfly Digest (http://www.shiningsilence.com/dbsdlog/) Tutorial Building an OpenBSD Router (http://www.bsdnow.tv/tutorials/openbsd-router) News Roundup BSD router project 1.5 released (http://sourceforge.net/projects/bsdrp/files/BSD_Router_Project/1.5/) Nice timing for our router tutorial; TBRP is a FreeBSD distribution for installing on a router It's an alternative to pfSense, but not nearly as well known or popular New version is based on 9.2-RELEASE, includes lots of general updates and bugfixes Fits on a 256MB Compact Flash/USB drive *** Curve25519 now default key exchange (http://freshbsd.org/commit/openbsd/5cfc11a2aa3696190b675b6e3e1da7e8ff28582e) We mentioned in an earlier episode about a patch for curve25519 (http://cr.yp.to/ecdh.html) Now it's become the default for key exchange Will probably make its way into OpenSSH 6.5, would've been in 6.4 if we didn't have that security vulnerability It's interesting to see all these big changes in cryptography in OpenBSD lately *** FreeBSD kernel selection in boot menu (https://svnweb.freebsd.org/base?view=revision&revision=257650) Adds a kernel selection menu to the beastie menu List of kernels is taken from 'kernels' in loader.conf as a space or comma separated list of names to display (up to 9) From our good buddy Devin Teske (http://www.bsdnow.tv/episodes/2013-09-25_teskeing_the_possibilities) *** PCBSD weekly digest (http://blog.pcbsd.org/2013/11/pc-bsd-weekly-feature-digest-11813/) PCDM has officially replaced GDM as the default login manager New ISO build scripts (we got a sneak preview last week) Lots of bug fixes Second set of 10-STABLE ISOs available with new artwork and much more *** Theo de Raadt speaking at MUUG (http://undeadly.org/cgi?action=article&sid=20131113074042&mode=expanded&count=0) Theo will be speaking at Manitoba UNIX User Group in Winnipeg On Friday, Nov 15, 2013 at 5:30PM (see show notes for the address) If you're watching the show live you have time to make plans, if you're watching the downloaded version it might be happening right now! No agenda, but expect some OpenBSD discussion *** Feedback/Questions Dave writes in (http://slexy.org/view/s21YXhiLRB) James writes in (http://slexy.org/view/s215EjcgdM) Allen writes in (http://slexy.org/view/s21mCP2ecL) Chess writes in (http://slexy.org/view/s207ePFrna) Frank writes in (http://slexy.org/view/s20iVFXJve) ***
10: Year of the BSD Desktop
Headlines OpenBSD 5.4 released (http://www.openbsd.org/54.html) The usual 6 month release cycle continues with 5.4 People who bought the CD get the release very early, but now it's on the public FTP New platforms "octeon" and "beagle" Improved Intel DRM, reworked checksumming for network protocols, ECDHE support in httpd, inetd no longer started by default, DHCP improvements, lots of new OpenSMTPD work, OpenSSH 6.3 Over 7,800 ports available, comes with another new song and fun artwork, lots of new features - check out the full release notes A special thanks to Nick Holland and Bob Beck for their behind-the-scenes work Experimental FUSE support was enabled shortly after the release, so look forward to that in the future *** FreeBSD pkgng repos are official (https://lists.freebsd.org/pipermail/freebsd-pkg/2013-October/000107.html) Built weekly from a snapshot of the Ports Collection every Wednesday Signed packages coming soon with pkg 1.2 Added official public key (http://freshbsd.org/commit/freebsd/r257150) to -STABLE and -CURRENT New "pkg+http" protocol (http://freshbsd.org/commit/freebsd/r257328) identifier for SRV records If you need something more up to date or with custom options, it's easy to make your own (http://www.bsdnow.tv/tutorials/poudriere) with just the packages you want using our tutorial If you need a guide on how to use pkgng itself, check our tutorial (http://www.bsdnow.tv/tutorials/pkgng) for that too! What does this mean for PCBSD repo users? Should they switch? Differences? *** DragonflyBSD 3.6 branched (http://lists.dragonflybsd.org/pipermail/kernel/2013-October/063015.html) SMP improvements and GCC changes are all in, so it's time to branch Release planned for a little under 2 weeks from today Features will include i915 support, mdocml imported, crazy SMP improvements, dports being default We're hoping to get someone from Dragonfly on the show next week to talk about the final release *** FreeBSD portmgr lurkers (http://blogs.freebsdish.org/portmgr/2013/11/01/portmgr-lurkers-pilot-project/) Over the course of the next two years, volunteers from a group of ports committers will participate in portmgr activities At four month intervals, two committers at a time will be brought in to work on various projects and learn the inner workings of the team The first two -lurkers are Mathieu Arnold (mat@) and Antoine Brodin (antoine@). *** Interview - Michael W. Lucas - mwlucas@michaelwlucas.com (mailto:mwlucas@michaelwlucas.com) / @mwlauthor (https://twitter.com/mwlauthor) Sudo Mastery (http://blather.michaelwlucas.com/archives/1852) + Video: DNSSec in 55 Minutes (http://blather.michaelwlucas.com/archives/1805) Tutorial Configuring FreeBSD as a desktop system (http://www.bsdnow.tv/tutorials/the-desktop) News Roundup Capsicum in DragonflyBSD (http://lists.dragonflybsd.org/pipermail/kernel/2013-October/063014.html) Dragonfly has no security framework yet besides the traditional unix DAC model Port of Capsicum to Dragonfly has begun Quite a bit of technical detail in the show notes *** NYCBSDCon 2014 (http://www.nycbsdcon.org/2014/) After a three year hiatus, NYCBSDCon is back on February 8, 2014 Theme of "The BSDs in Production" this year Held in New York City, more information to come as the time draws closer *** FreeBSD newcons progress update (http://freebsdfoundation.blogspot.com/2013/11/newcons-system-console-project-update.html) This project will provide a replacement for the legacy syscons system console Newcons provides a number of improvements, including better integration with graphics modes, and broader character set support More details on the project can be found on the FreeBSD wiki (https://wiki.freebsd.org/Newcons) *** Weekly PCBSD feature digest (http://blog.pcbsd.org/2013/11/pc-bsd-weekly-feature-digest-11113/) PBI 10 format is about ready and they'll begin populating the 10.0 appcafe starting next week PCDM login manager is back and is ready to be tested New PC-BSD Disk Manager Utility with lots of features *** Feedback/Questions Alptekin writes in (http://slexy.org/view/s208YfYZA9) [Gertjan writes in[(http://slexy.org/view/s2k4C2Ryo9) Kevin writes in (http://slexy.org/view/s2172EyaRG) Kjell-Aleksander writes in (http://slexy.org/view/s2mP8ftX0U) Michael writes in (http://slexy.org/view/s203Z9VdKt) ***
9: CURRENT Events
Headlines Managed services using FreeBSD (http://www.freebsdfoundation.org/press/Managed%20Services%20Using%20FreeBSD%20at%20NYI.pdf) New York Internet, a huge ISP and service provider, details how they use FreeBSD Mentions using BSD technologies: pf, pfsync, carp, haproxy, zfs, jails and more Explains FreeBSD's role in commercial workloads on a massive scale Lots of cool graphs and info, check out the full write-up *** OpenBSD boot support for keydisk-based crypto volumes (http://marc.info/?l=openbsd-cvs&m=138227554705375&w=2) So far, only passphrase-based crypto volumes were bootable Full disk encryption with key disks required a non-crypto partition to load the kernel The bootloader now scans all BIOS-visible disks for RAID partitions and automatically associates key disk partitions with their crypto volume No need to re-create existing volumes. Moving the root partition onto the crypto disk and running "installboot" is all that's needed *** More Dragonfly SMP speedups (http://www.shiningsilence.com/dbsdlog/2013/10/24/12671.html) Matthew Dillon has been committing lots of various SMP improvements Using dports builds on a 48-processor machine as a test The machine’s now building more than 1000 packages an hour Super technical details in the show notes, check 'em out *** Getting to know portmgr (http://blogs.freebsdish.org/portmgr/2013/10/21/getting-to-know-your-portmgr-joe-marcus-clarke/) Start of an ongoing series profiling members of the FreeBSD Ports Management Team In the first interview, they talk to longest serving member of the team, Joe Marcus Clarke In the second, Bernhard Frölich (who's also the creator of redports.org) Future segments will include the other members Topics include their inspiration for using FreeBSD, first time using it, lots of other interesting stuff *** BSD Now at the top of iTunes (http://i.imgur.com/lITf0xb.jpg) BSD Now is on the front-and-center page of iTunes' technology podcast section *** Interview - Henning Brauer - henning@openbsd.org (mailto:henning@openbsd.org) / @henningbrauer (https://twitter.com/henningbrauer) OpenBSD's pf firewall, privilege separation, various topics Tutorial Tracking -STABLE and -CURRENT (http://www.bsdnow.tv/tutorials/stable-current) News Roundup OpenBSD gets XBox360 controller support (http://marc.info/?l=openbsd-cvs&m=138267062532046&w=2) Adds support for Microsoft XBox 360 controller as a uhid Will make things easier for emulators in OpenBSD Are there people who regularly play games on BSD? Email us, might do a segment on it *** PCBSD 10-STABLE ISOs available (http://lists.pcbsd.org/pipermail/announce/2013-October/000056.html) Early cut of the new stable/10 branch, not recommended for everyone A pkgng repository is available, but is missing a number of packages AMD KMS, new text installer, UEFI loader support, much more *** Switching from Linux to BSD (http://www.reddit.com/r/BSD/comments/1otg6n/switching_from_linux_over_to_bsd/) Yet another Linux user switching to BSD makes a thread about it Asks the community what some differences and advantages are Good response from the community, worth reading if you're a Linux guy *** Unattended OpenBSD installations (http://freshbsd.org/commit/openbsd/cacacb528f0d47778aed7630d07988314f952264) Unattended installations possible using DHCP and a "response" file The system gets an IP via DHCP, then fetches a config file with key=value pairs Can do automatic network setup, SSH, passwords, etc Still a work in progress *** Feedback/Questions Kjell-Aleksander writes in (http://slexy.org/view/s21hxDpzjO) Alex writes in (http://slexy.org/view/s21ibNDb5y) Chad writes in (http://slexy.org/view/s20D6K2NUe) Joshua writes in (http://slexy.org/view/s20UZLFHAg) Craig writes in (http://slexy.org/view/s20S15bbZ4) We want to especially thank Chris for his huge feedback emails with lots of show ideas. ***
8: A Brief Introduction
This week, we chat with Antti Kantee from the NetBSD project about a crazy little thing called rump kernels. We'll also be showing you all the different cool things you can do with BSD and the Tor network, as well as discussing all the latest news. So sit back and enjoy BSD Now - the place to B.. SD. Headlines FreeBSD July-September 2013 Status Report (https://www.freebsd.org/news/status/report-2013-07-2013-09.html) Quarterly FreeBSD status report is out with A LOT of updates, we'll cover a few of them Highlights include AES-NI Improvements for GELI, Capsicum development, Continuation of the Newcons Project, Download Manager Service for the Ports Collection, status updates from all the various FreeBSD teams, FreeBSD on EC2 news, updates to the CSPRNG, much more We've covered some of these things already, but there's lots to read in the announcement See full page for details on everything *** Dragonfly SMP contention update (http://lists.dragonflybsd.org/pipermail/users/2013-October/090181.html) Lots of work going in to reducing SMP contention in the next Dragonfly release Anything which forks and/or execs a lot will now run as close to optimally as it is possible to run on a multi-core box The lead developer was using poudriere and noticed the performance difference, says this is "a fairly major milestone for the project" Lots of technical details in the mailing list post, check it out *** FreeBSD gets "first boot" rc.d scripts (https://svnweb.freebsd.org/base?view=revision&sortby=date&revision=256775) Colin Percival added support for scripts that run on the first boot Might be desirable for embedded systems to automatically download and apply patches Similarly, it can be used to invoke freebsd-update to patch your system on the first bootup Could also be used to download and run a script or install ports or packages Already MFCed to 10-STABLE and 9-STABLE and added to ports Lots of possibilities *** NetBSD gets lua scripting in the kernel (http://mail-index.netbsd.org/source-changes/2013/10/16/msg048283.html) NetBSD gained support for the Lua scripting language in the kernel A luactl (http://mail-index.netbsd.org/source-changes/2013/10/16/msg048285.html) command was added to easily manipulate it It will be interesting to see what can come out of this (https://archive.fosdem.org/2013/schedule/event/lua_in_the_netbsd_kernel/) Speaking of NetBSD kernels, that leads us into our interview! *** Interview - Antti Kantee - pooka@netbsd.org (mailto:pooka@netbsd.org) / @anttikantee (https://twitter.com/anttikantee) The anykernel and rump kernels (http://www.netbsd.org/docs/rump/) rump kernels in userspace (https://github.com/anttikantee/buildrump.sh), rump kernels + applications on Xen (https://github.com/anttikantee/rumpuser-xen), fs-utils (https://github.com/stacktic/fs-utils), rump kernel compiled to javascript (http://ftp.netbsd.org/pub/NetBSD/misc/pooka/rump.js/) Tutorial Running a Tor relay, bridge, exit or hidden service (http://www.bsdnow.tv/tutorials/tor) News Roundup Second PCBSD feature digest is out (http://blog.pcbsd.org/2013/10/pc-bsd-weekly-feature-digest-101813/) Weekly PCBSD digest is out to tell you about new features Mentions switching over all bug reports to trac.pcbsd.org Life Preserver has finished development and is now being tested PCBSD 10.0 ISOs coming soon *** OpenBSD imports VXLAN interface (http://marc.info/?l=openbsd-cvs&m=138165902522412&w=2) VXLAN is a virtual extensible local area network tunnel interface UDP-based tunneling protocol for overlaying virtualized layer 2 networks over layer 3 networks *** OpenZFS Office Hours (https://www.youtube.com/watch?v=G2vIdPmsnTI) The question and answer (http://www.open-zfs.org/wiki/OpenZFS_Office_Hours) session with Matt has been uploaded Covers lots of topics ranging from cross-compatibility to performance improvements and trivia We'll be trying to get Matt on for an interview sometime, already contacted him *** BSDMag's October issue is out (http://bsdmag.org/magazine/1851-freebsd-programming-primer-how-to-configure-a-development-environment) Free monthly BSD magazine releases another issue Topics include FreeBSD moving to SVN, a BSD programming intro, new PCBSD utilities, migrating from Linux to BSD and OpenBSD LTS updates (which we already covered!) *** Feedback/Questions Ben writes in (http://slexy.org/view/s20MUQmfuD) Brian writes in (http://slexy.org/view/s20oVdxaE5) Toby writes in (http://slexy.org/view/s2GfQkSSDz) Noah writes in (http://slexy.org/view/s2IFpjbWVr) ***
7: Go Directly to Jail(8)
On this week's show, you'll be getting the full jail treatment. We'll show you how to create and deploy BSD jails, as well as chatting with Poul-Henning Kamp - the guy who actually invented them! There's lots of interesting news items to cover as well, so stay tuned to BSD Now - the place to B.. SD. Headlines FreeBSD turns it up to 11 (https://lists.freebsd.org/pipermail/svn-src-head/2013-October/052141.html) The -CURRENT branch is now known as 11 10 has been branched to -STABLE 10-BETA1 ISOs are available now Will be the next -RELEASE, probably next year *** Stopping the SSH bruteforce with BSD and pf (http://bsdly.blogspot.com/2013/10/the-hail-mary-cloud-and-lessons-learned.html) The Hail Mary Cloud is an SSH bruteforce botnet that takes a different approach While most botnets pound port 22 rapidly, THMB does it very slowly and passively This makes prevention based on rate limiting more involved and complex Nice long blog post about some potential solutions (http://home.nuug.no/~peter/pf/en/bruteforce.html) and what we've learned *** ZFS and GELI in bsdinstall coming soon (http://freshbsd.org/commit/freebsd/r256343/) The man with the beard (http://www.bsdnow.tv/episodes/2013-09-25_teskeing_the_possibilities) strikes again, new patch allows for ZFS-on-root installs Supports GELI for disk encryption Might be the push we need to make Michael W Lucas update (https://twitter.com/mwlauthor/status/389524644983611392) his FreeBSD book *** AsiaBSDCon 2014 announced (http://2014.asiabsdcon.org/) Will be held in Tokyo, 13-16 March, 2014 The conference is for anyone developing, deploying and using systems based on FreeBSD, NetBSD, OpenBSD, DragonFlyBSD, Darwin and Mac OS X Call for papers can be found here (http://2014.asiabsdcon.org/cfp.html) *** Interview - Poul-Henning Kamp - phk@freebsd.org (mailto:phk@freebsd.org) / @bsdphk (https://twitter.com/bsdphk) FreeBSD beginnings, md5crypt, jails, varnish and his... telescope project? Tutorial Everything you need to know about Jails (http://www.bsdnow.tv/tutorials/jails) News Roundup New pf queue system (http://freshbsd.org/commit/openbsd/c4661054d1882026efca919b6cd9cf958a8698b4) Henning Brauer committed the new kernel-side bandwidth shaping subsystem Uses the HFSC algorithm behind the scenes ALTQ to be retired "in a release or two" - everyone should migrate soon *** Dragonfly imports FreeBSD KMS driver (http://lists.dragonflybsd.org/pipermail/commits/2013-October/198282.html) Hot on the trails of OpenBSD and later FreeBSD, Dragonfly gets AMD KMS Ported over from the FreeBSD port *** Get paid to hack OpenSSH (https://lists.mindrot.org/pipermail/openssh-unix-dev/2013-October/031695.html) Google has announced they will pay up to $3113.70 for security patches to OpenSSH Patches can fix security or improve security If you come up with something, send it to the OpenSSH guys *** Feedback/Questions Darren writes in (http://slexy.org/view/s24RmwvEvE) Kjell-Aleksander writes in (http://slexy.org/view/s2wFcFk9Yz) Ryan writes in (http://slexy.org/view/s23e920gNG) Alexander writes in (http://slexy.org/view/s2usxPqO9k) ***
6: Doing It de Raadt Way
On this week's episode we'll show you how to securely run graphical applications in a jail, we sit down and chat with OpenBSD founder Theo de Raadt and, as always, get you caught up on all the latest news. All that and more, this week on BSD Now - the place to B.. SD. Headlines HAMMER2 GSOC improvements merged (http://lists.dragonflybsd.org/pipermail/commits/2013-September/198111.html) A student from the Google Summer of Code's patches were committed to upstream Dragonfly It focuses mainly on compression and updating the I/O infrastructure to work with compression The ability to boot from (http://lists.dragonflybsd.org/pipermail/commits/2013-September/198166.html) HAMMER2 volumes was also added Check the show notes for a full list of additions and improvements We'll have someone on the show to talk about HAMMER FS in the future *** OSNews starts a "BSD family" segment (http://www.osnews.com/story/27348/The_BSD_family_pt_1_FreeBSD_9_1) An OSNews reader decided to share some info about the BSDs He's writing a three-part series covering FreeBSD, OpenBSD and NetBSD Pretty good info for Linux switchers *** pkgsrc-2013Q3 branch announcement (http://mail-index.netbsd.org/tech-pkg/2013/10/04/msg012093.html) pkgsrc is similar to the ports concept, but for 21 different OSes The pkgsrc developers make a new release every three months. 13184 total packages for AMD64 If there's any interest, we'll try to get a pkgsrc tutorial written in the future *** PCBSD 9.2 released (http://lists.pcbsd.org/pipermail/announce/2013-October/000055.html) Shortly after the official FreeBSD 9.2 release, PCBSD follows up Highlights include bootable ZFS boot environments, a rewritten life-preserver utility for backups, improved pkgng support, updated appcafe, major improvements to warden, a GUI pkgng management system, filesystem-based encryption for home directories and much more *** Interview - Theo de Raadt - deraadt@openbsd.org (mailto:deraadt@openbsd.org) The OpenBSD project Tutorial Jailed VNC sessions (http://www.bsdnow.tv/tutorials/jailedvnc) News Roundup Curve25519 patch for OpenSSH (https://lists.mindrot.org/pipermail/openssh-unix-dev/2013-September/031659.html) Because of recent NSA news, someone implemented an alternative key exchange mechanism It uses Curve25519 instead of the traditional Diffie-Hellman Comes from the developer of libssh and is already implemented there *** FreeBSD 10-ALPHA5 is out (https://lists.freebsd.org/pipermail/freebsd-current/2013-October/045097.html) Includes the big removal of BIND More GNU stuff removed Bhyve and XEN improvements Some LLVM fixes *** M:Tier offering "Long Time Support" for OpenBSD ports (http://www.mtier.org/index.php/news/openbsd-ports-lt-support/) Starting with 5.4, M:Tier will be offering a subscription for LTS support, in addition to their free 6 month version OpenBSD releases are only supported for 1 year normally (5.2 becomes unsupported when 5.4 comes out, etc.) This model makes it easier to keep your ports patched for security in a corporate environment *** Ohio Linuxfest talks uploaded (https://ia801008.us.archive.org/7/items/OhioLinuxfest2013/) The OLF 2013 talks have been uploaded Includes Kirk Mckusick's keynote about building an open source community and Ken Moore's talk about lots of new PCBSD stuff *** Theo's absence and other updates (http://marc.info/?l=openbsd-misc&m=138110694921068&w=2) In an uncharacteristic manner, Theo started a thread on misc@ instead of finishing it For the last year, he's not been as involved in OpenBSD development He's been busy with setting up an Internet Exchange in Calgary Also mentions some troubles with an imposter Twitter account *** Feedback/Questions Kenneth writes in (http://slexy.org/view/s24yODHGaW) Jason writes in (http://slexy.org/view/s21SbqaOPi) Alex writes in (http://slexy.org/view/s2yY3vHoIo) Henson writes in (http://slexy.org/view/s20fT5VHBC) ***
5: Stacks of Cache
After returning from a successful EuroBSDCon in Malta, we're back to get you caught up on all the latest news! We've got stories, interviews and a special treat for OpenBSD fans later in the show. All that and more on this week's BSD Now, the place to B.. SD. Headlines FreeBSD 9.2 released (https://www.freebsd.org/releases/9.2R/relnotes.html) FreeBSD 9.2-RELEASE is finally out Highlights include ZFS TRIM and LZ4 support, virtio drivers, dtrace and OpenSSH updates as well as lots of driver improvements Will be supported until 2014-09-30 Get out there and freebsd-update or buildworld! *** Four new NetBSD releases (https://blog.netbsd.org/tnf/entry/netbsd_5_2_1_and) NetBSD 5.2 and 5.1 branches get security and bugfix updates The 6.1 and 6.0 branches were updated soon after (https://blog.netbsd.org/tnf/entry/netbsd_6_1_2_and), also with security updates and bug fixes Check the show notes for the full changelog *** BIND being replaced by unbound in FreeBSD (http://freshbsd.org/commit/freebsd/r255597) Most FreeBSD users are familiar with BIND from the security notifications It has has many vulnerabilities over the years, and we’ll finally be rid of it (http://blog.des.no/2013/09/dns-in-freebsd-10/) Being replaced with unbound and ldns, everyone rejoices (http://blog.des.no/2013/09/dns-again-a-clarification/) As of September 24th (https://svnweb.freebsd.org/base?view=revision&revision=255850), BIND is no longer built by default As of September 30th (http://freshbsd.org/commit/freebsd/r255949), BIND was completely removed Includes an easy to use script (http://freshbsd.org/commit/freebsd/r255809) for local DNS OpenBSD also has unbound in base (http://marc.info/?l=openbsd-cvs&m=137984954228414&w=2), but it's not built by default yet *** DragonflyBSD future plans (http://lists.dragonflybsd.org/pipermail/kernel/2013-September/062975.html) An announcement was posted that details some possible plans for Dragonfly dports (their version of FreeBSD ports) will be switching to GCC 4.7 i915 support is probably going to be in version 3.6 Work is being done on HAMMER 2, but it won't make it to 3.6 3.6 is also likely going to ditch pkgsrc as the default in favor of dports, due to a hugely positive reaction from the community *** FreeBSD ports get Stack Protector support (https://lists.freebsd.org/pipermail/freebsd-ports-announce/2013-September/000066.html) Some portsnap users noticed a massive sweep of every port being updated Shortly after, stack protector (https://en.wikipedia.org/wiki/Buffer_overflow_protection) support was announced by Bryan Drewery Only works on i386 and AMD64 on FreeBSD 10 and AMD64 on 9 Hopefully will become the default, but needs to go through some testing and exp-runs *** EuroBSDCon 2013 wrap-up chat BSD Now is back from EuroBSDCon with lots of stories We picked up an OpenBSD 5.4 CD set at EuroBSDCon, before the official release We'll give a little showcase of what's inside, they put a lot of effort into it Comes with the OS, source code, stickers, music, cool other stuff Consider supporting the OpenBSD project (http://www.openbsd.org/orders.html) *** Interview - Marshall Kirk McKusick - mckusick@freebsd.org (mailto:mckusick@freebsd.org) Various topics Tutorial Faster recompiles with ccache and tmpfs (http://www.bsdnow.tv/tutorials/ccache) News Roundup List of vBSDCon speakers posted (http://blog.hostileadmin.com/2013/09/09/reminder-vbsdcon-registrations-are-open/) Registration will be open until October 23rd Presentations covering FreeBSD, OpenBSD, FreeNAS and others *** Xen PVHVM added to GENERIC (https://svnweb.freebsd.org/base?view=revision&revision=255744) It's now possible to run FreeBSD 10 under Xen with the GENERIC kernel freebsd-update will work now With FreeBSD 10 ALPHA 4 (https://lists.freebsd.org/pipermail/freebsd-snapshots/2013-September/000045.html) just being released, should be interesting We should call the new kernel "XENERIC" *** Dragonfly AMD KMS port (http://lists.dragonflybsd.org/pipermail/kernel/2013-September/062993.html) A Dragonfly user has started porting the new FreeBSD AMD KMS driver Still a work in progress, asking for help from the community *** NetBSD gets an nVidia driver (http://mail-index.netbsd.org/source-changes/2013/09/18/msg047712.html) NetBSD gets a preliminary nVidia driver So far only supports the GeForce 2MX, so not a lot of use just yet No acceleration yet, but it's a start *** FreeBSD cracks the top 10 on DistroWatch (http://distrowatch.com/dwres.php?resource=popularity) Over the last year FreeBSD has steadily moved up the rankings from #18 to #10 Increasing from an average of 570 to 779 hits per day Surpassed CentOS, Puppy Linux and Slackware *** Feedback/Questions Charlie writes in (http://slexy.org/view/s21jRKf7lp) Kjell-Aleksander writes in (http://slexy.org/view/s2M0OKmxMK) Stefen writes in (http://slexy.org/view/s2YlVuhhUa) Sichendra writes in (http://slexy.org/view/s2P7KtE5x2) ***
4: Teskeing the Possibilities
This week we’re at EuroBSDCon (http://2013.eurobsdcon.org/), so we’ve just got an interview for you today. BSD Now will be back next week with a normal episode and lots of stories from the conference. We’ll also try to get some more interviews there. For today, though, we talk to Devin Teske about his work with bsdinstall, bsdconfig and all the other interesting things he’s been up to lately. Interview - Devin Teske - dteske@freebsd.org (mailto:dteske@freebsd.org) / @devinteske (https://twitter.com/devinteske) bsdconfig, bsdinstall, sysrc and fdpv
3: MX with TTX
We follow up last week's poudriere tutorial with a segment about using pkgng, we talk with the developers of OpenSMTPD about running a mail server OpenBSD-style, answer YOUR questions and, of course, discuss all the latest news. All that and more on BSD Now! The place to B... SD. Headlines pfSense 2.1-RELEASE is out (http://blog.pfsense.org/?p=712) Now based on FreeBSD 8.3 Lots of IPv6 features added Security updates, bug fixes, driver updates PBI package support Way too many updates to list, see the full list (https://doc.pfsense.org/index.php/2.1_New_Features_and_Changes) *** New kernel based iSCSI stack comes to FreeBSD (https://lists.freebsd.org/pipermail/freebsd-current/2013-September/044237.html) Brief explanation of iSCSI This work replaces the older userland iscsi target daemon and improves the in-kernel iscsi initiator Target layer consists of: ctld(8), a userspace daemon responsible for handling configuration, listening for incoming connections, etc, then handing off connections to the kernel after the iSCSI Login phase iSCSI frontend to CAM Target Layer, which handles Full Feature phase. The work is being sponsored by FreeBSD Foundation Commit here (http://freshbsd.org/commit/freebsd/r255570) *** MTier creates openup utility for OpenBSD (http://www.mtier.org/index.php/solutions/apps/openup/) MTier provides a number of things for the OpenBSD community For example, regularly updated (for security) stable packages from their custom repo openup is a utility to easily check for security updates in both base and packages It uses the regular pkg tools, nothing custom-made Can be run from cron, but only emails the admin instead of automatically updating *** OpenSSH in FreeBSD -CURRENT supports DNSSEC (https://lists.freebsd.org/pipermail/freebsd-security/2013-September/007180.html) OpenSSH in base is now compiled with DNSSEC support In this case the default setting for ‘VerifyHostKeyDNS' is yes OpenSSH will silently trust DNSSEC-signed SSHFP records It is the secteam's opinion that this is better than teaching users to blindly hit “yes” each time they encounter a new key *** Interview - Gilles Chehade & Eric Faurot - gilles@poolp.org (mailto:gilles@poolp.org) / @poolpOrg (https://twitter.com/poolpOrg) & eric@openbsd.org (mailto:eric@openbsd.org) / @opensmtpd (https://twitter.com/opensmtpd) OpenSMTPD Tutorial Binary packages with pkgng (http://www.bsdnow.tv/tutorials/pkgng) News Roundup New progress with Newcons (http://raybsd.blogspot.com/2013/08/newcons-beginning.html) Newcons is a replacement console driver for FreeBSD Supports unicode, better graphics modes and bigger fonts Progress is being made, but it's not finished yet *** relayd gets PFS support (http://freshbsd.org/commit/openbsd/7e7bd0a7f61ea0005b5c2f763364ff8dfce03fe2) relayd is a load balancer for OpenBSD which does protocol layers 3, 4, and 7 Currently being ported to FreeBSD. There is a WIP port (https://www.freshports.org/net/relayd/) Works by negotiating ECDHE (Elliptic curve Diffie-Hellman) between the remote site and relayd to enable TLS/SSL Perfect Forward Secrecy, even when the client does not support it *** OpenZFS Launches (http://open-zfs.org/wiki/Main_Page) Slides from LinuxCon (http://www.slideshare.net/MatthewAhrens/open-zfs-linuxcon) Will feature ‘Office Hours' (Ask an Expert) Goal is to reduce the differences between various open source implementations of ZFS, both user facing and pure lines of code *** FreeBSD 10-CURRENT becomes 10.0-ALPHA (http://freshbsd.org/commit/freebsd/r255489) Glen Barber tagged the -CURRENT branch as 10.0-ALPHA In preparation for 10.0-RELEASE, ALPHA2 as of 9/16 Everyone was rushing to get their big commits in before 10-STABLE, which will be branched soon 10 is gonna be HUGE (https://wiki.freebsd.org/WhatsNew/FreeBSD10) *** September issue of BSD Mag (http://bsdmag.org/magazine/1848-day-to-day-bsd-administration) BSD Mag is a monthly online magazine about the BSDs This month's issue has some content written by Kris Topics include MidnightBSD live cds, server maintenance, turning a Mac Mini into a wireless access point with OpenBSD, server monitoring, FreeBSD programming, PEFS encryption and a brief introduction to ZFS *** The FreeBSD IRC channel is official For many years, the FreeBSD freenode channel has been “unofficial” with a double-hash prefix Finally it has freenode's blessing and looks like a normal channel! The old one will forward to the new one, so your IRC clients don't need updating *** OpenSSH 6.3 released (https://lists.mindrot.org/pipermail/openssh-unix-dev/2013-September/031638.html) After a big delay, Damien Miller announced the release of 6.3 Mostly a bugfix release, with a few new features Of note, SFTP now supports resuming failed downloads via -a *** Feedback/Questions [James writes in](http://slexy.org/view/s2wBbbSWGz] [Elias writes in](http://slexy.org/view/s2LMDF3PYx] [Gabor writes in](http://slexy.org/view/s2aCodo65X] Possibly the coolest feedback we've gotten thus far: Baptiste Daroussin, leader of the FreeBSD ports management team and author of poudriere and pkgng, has put up the BSD Now poudriere tutorial on the official documentation! ***
2: Engineering and Powder Kegs
After a wildly successful debut episode, BSD Now is BACK to talk with Glen Barber from the FreeBSD Release team, show you how to build your own binary package repository and discuss the latest BSD news! Headlines 64bit time in OpenBSD (http://undeadly.org/cgi?action=article&sid=20130813072244) Many operating systems face an upcoming challenge, similar to (but more complicated than) Y2K: Y2038. All of the BSDs and most other operating systems track time by counting the seconds since Jan 1st, 1970. In 2038 this value will reach the maximum value of a signed 32 bit integer. Simply changing to a 64 bit counter may not be the best solution, because there may still be 32 bit systems in use for embedded applications Theo will be giving the keynote at EuroBSDCon on the subject, explaining how OpenBSD has implemented the solution ABI incompatibility. Updating to this kernel requires extra work or you won't be able to login: install a snapshot instead. Upgrading by source is for the insane only. (http://www.openbsd.org/faq/current.html#20130813) AESNI pipelining gets a speed boost (http://freshbsd.org/commit/freebsd/r255187) AES-NI is a new processor instruction available on modern Intel and AMD chips that provides hardware acceleration for AES encryption and decryption. This feature is especially useful for encrypted disks, because it removes most of the performance penalty traditionally associated with encryption The new commit has the instructions pipelined, so there is no latency between the instructions Uses SSE2 instructions for calculating XTS tweak factor for further increased performance GELI based disk encryption performance increased by 3x on capable CPUs Should affect PEFS and other AES backed encryption schemes as well Full disk encryption should be more or less transparent now *** OpenBSD 5.4 Preorders (http://openbsd.org/orders.html) Every 6 months there is a new OpenBSD version They include a fun song and nicely-packaged CD set The proceeds from sale of these products is the primary funding of the OpenBSD project The official ISOs will be uploaded on November 1st *** GCC no longer built by default on FreeBSD -CURRENT (https://svnweb.freebsd.org/base?view=revision&revision=255321) On platforms where clang is the default compiler, don't build gcc or libstdc++ GCC is still enabled on PC98, because the PC98 bootloader requires GCC to build While the base FreeBSD system has been built by clang for a long time, this change also covers the ports tree *** Patch to update Xorg and MESA on FreeBSD (http://lists.freebsd.org/pipermail/freebsd-x11/2013-September/013599.html) Updates xorg drivers Expected to be committed in about 2 weeks Adds option to use devd instead of HAL for X configuration Updates the MESA stack (9.1.6), libGL, DRI, etc Enables KMS for AMD/ATI cards Mesa 9.2 is available with xorg-dev, OpenBSD has also recently upgraded to Mesa 9.2 for their stable version of Xorg *** Interview - Glen Barber - gjb@freebsd.org (mailto:gjb@freebsd.org) / @evilgjb (https://twitter.com/evilgjb) FreeBSD Release Engineering Tutorial Making your own binary repository (http://www.bsdnow.tv/tutorials/poudriere) The Place to B...SD iXsystems hosts FreeBSD Anniversary party (http://www.ixsystems.com/resources/ix/news/ixsystems-to-once-again-host-freebsd-anniversary-celebration.html) Celebrating FreeBSD’s 20th anniversary Saturday, November 2nd at the DNA Lounge in San Francisco Notable FreeBSD figures will contribute words of wisdom on the past, present, and future of FreeBSD *** News Roundup NetBSD gets basic support for the cubieboard 1 & 2 (http://mail-index.netbsd.org/source-changes/2013/09/04/msg047155.html) Very preliminary support for cubieboard 1 & 2 based on the Allwinner A10 & A20 SoCs Many drivers are "stubs with autoconf glue" Contributed by Matt Thomas *** Rayservers ditches Linux for BSD (http://rayservers.com/blog/the-freebsd-daemon-is-off-to-do-battle-in-the-name-of-christ) Used them all, Windows, Mac, OpenBSD, Linux Needed PF, ZFS, disk encryption, lots of networking features, better security In Linux, "The new cgroups based memory management ran out of memory - on a 256 GB RAM system whilst it was not using more than 40." BSD now protects the privacy of their email users *** HPN for OpenSSH 6.2 (https://lists.mindrot.org/pipermail/openssh-unix-dev/2013-August/031614.html) High Performance Networking (http://www.psc.edu/index.php/hpn-ssh) is an SSH patchset to improve transfer speeds by removing the fixed window size and take better advantage of TCP Maintained as a patchset separate from OpenSSH First integrated into FreeBSD base as of 9.0 Updated to support 6.2 (available in the ports tree as security/openssh-portable) The HPN patch set also includes threaded AES-CTR support to increase performance and take advantage of multiple CPU cores for encryption. In this latest patch, threaded AES-CTR now works in all situations (it failed in some specific situations previously). Expected performance increase is ~50% NONE cipher is now separate from the main patch set. The NONE cipher allows tools like scp and sftp to switch off the encryption for file transfers (when specifically told to do so) to keep encryption from bottlenecking performance and wasting CPU time *** Call for testing: OpenSSH-6.3 (https://lists.mindrot.org/pipermail/openssh-unix-dev/2013-July/031550.html) Mostly a bugfix release SFTP now supports resuming partially-downloaded or uploaded transfers More logging features Six weeks after the initial email, still no release. des@ is not pleased. *** pkgsrc gets signing support (http://mail-index.netbsd.org/pkgsrc-users/2013/08/30/msg018511.html) pkgsrc is used on NetBSD, DragonflyBSD and other OSes Comes from an EdgeBSD developer Uses GPG for signing package files Currently just a patch on github and in its infancy Provides a short howto *** FreeBSD vs. Linux: 10 points of superiority (https://forums.freebsd.org/showthread.php?t=41750) New FreeBSD user, ex-Linux user writes about his experience Mentions consistency, documentation, security, filesystems, updates, jails, community Really long post, definitely worth a read *** Feedback/Questions hoopla writes in (http://slexy.org/view/s21SpCcisW) Juergen writes in (http://slexy.org/view/s20vHY9qAK) Sam writes in (http://slexy.org/view/s23uf4vzfQ) Frank writes in (http://slexy.org/view/s2Y0qiXJan) ***
1: BGP & BSD
We kick off the first episode with the latest BSD news, show you how to avoid intrusion detection systems and talk to Peter Hessler about BGP spam blacklists! Headlines Radeon KMS commited (https://lists.freebsd.org/pipermail/svn-src-head/2013-August/050931.html) Committed by Jean-Sebastien Pedron Brings kernel mode setting to -CURRENT, will be in 10.0-RELEASE (ETA 12/2013) 10-STABLE is expected to be branched in October, to begin the process of stabilizing development Initial testing shows it works well May be merged to 9.X, but due to changes to the VM subsystem this will require a lot of work, and is currently not a priority for the Radeon KMS developer Still suffers from the syscons / KMS switcher issues, same as Intel video More info: https://wiki.freebsd.org/AMD_GPU *** VeriSign Embraces FreeBSD (http://www.eweek.com/enterprise-apps/verisign-embraces-open-source-freebsd-for-diversity/) "BSD is quite literally at the very core foundation of what makes the Internet work" Using BSD and Linux together provides reliability and diversity Verisign gives back to the community, runs vBSDCon "You get comfortable with something because it works well for your particular purposes and can find a good community that you can interact with. That all rang true for us with FreeBSD." *** fetch/libfetch get a makeover (http://freshbsd.org/commit/freebsd/r253680) Adds support for SSL certificate verification Requires root ca bundle (security/rootcanss) Still missing TLS SNI support (Server Name Indication, allows name based virtual hosts over SSL) *** FreeBSD Foundation Semi-Annual Newsletter (http://www.freebsdfoundation.org/press/2013Jul-newsletter) The FreeBSD Foundation took the 20th anniversary of FreeBSD as an opportunity to look at where the project is, and where it might want to go The foundation sets out some basic goals that the project should strive towards: Unify User Experience “ensure that knowledge gained mastering one task translates to the next” “if we do pay attention to consistency, not only will FreeBSD be easier to use, it will be easier to learn” Design for Human and Programmatic Use 200 machines used to be considered a large deployment, with high density servers, blades, virtualization and the cloud, that is not so anymore “the tools we provide for status reporting, configuration, and control of FreeBSD just do not scale or fail to provide the desired user experience” “The FreeBSD of tomorrow needs to give programmability and human interaction equal weighting as requirements” Embrace New Ways to Document FreeBSD More ‘Getting Started’ sections in documentation Link to external How-Tos and other documentation “upgrade the cross-referencing and search tools built into FreeBSD, so FreeBSD, not an Internet search engine, is the best place to learn about FreeBSD” Spring Fundraising Campaign, April 17 - May 31, raised a total of $219,806 from 12 organizations and 365 individual donors. In the same period last year we raised a total of $23,422 from 2 organizations and 53 individuals Funds donated to the FreeBSD Foundation have been used on these projects recently: Capsicum security-component framework Transparent superpages support of the FreeBSD/ARM architecture Expanded and faster IPv6 Native in-kernel iSCSI stack Five New TCP Congestion Control Algorithms Direct mapped I/O to avoid extra memory copies Unified Extensible Firmware Interface (UEFI) boot environment Porting FreeBSD to the Genesi Efika MX SmartBook laptop (ARM-based) NAND Flash filesystem and storage stack Funds were also used to sponsor a number of BSD focused conferences: BSDCan, EuroBSDCon, AsiaBSDCon, BSDDay, NYCBSDCon, vBSDCon, plus Vendor summits and Developer summits It is important that the foundation receive donations from individuals, to maintain their tax exempt status in the USA. Even a donation of $5 helps make it clear that the FreeBSD Foundation is backed by a large community, not only a few vendors Donate Today (http://www.freebsdfoundation.org/donate) *** The place to B...SD Ohio Linuxfest, Sept. 13-15, 2013 (http://ohiolinux.org/schedule) Very BSD friendly Kirk McKusick giving the keynote BSD Certification on the 15th, all other stuff on the 14th Multiple BSD talks *** LinuxCon, Sept. 16-18, 2013 (http://events.linuxfoundation.org/events/linuxcon-north-america) Dru Lavigne and Kris Moore will be manning a FreeBSD booth Number of talks of interest to BSD users, including ZFS coop (http://linuxconcloudopenna2013.sched.org/event/b50b23f3ed3bd728fa0052b54021a2cc?iframe=yes&w=900&sidebar=yes&bg=no) EuroBSDCon, Sept. 26-29, 2013 (http://2013.eurobsdcon.org/eurobsdcon-2013/talks/) Tutorials on the 26 & 27th (plus private FreeBSD DevSummit) 43 talks spread over 3 tracks on the 28 & 29th Keynote by Theo de Raadt Hosted in the picturesque St. Julians Area, Malta (Hilton Conference Centre) *** Interview - Peter Hessler - phessler@openbsd.org (mailto:phessler@openbsd.org) / @phessler (https://twitter.com/phessler) Using BGP to distribute spam blacklists and whitelists Tutorial Using stunnel to hide your traffic from Deep Packet Inspection (http://www.bsdnow.tv/tutorials/stunnel) News Roundup NetBSD 6.1.1 released (https://blog.netbsd.org/tnf/entry/netbsd_6_1_1_released) First security/bug fix update of the NetBSD 6.1 release branch Fixes 4 security vulnerabilities Adds 4 new sysctls to avoid IPv6 DoS attacks Misc. other updates *** Sudo Mastery (http://blather.michaelwlucas.com/archives/1792) MWL is a well-known author of many BSD books Also does SSH, networking, DNSSEC, etc. Next book is about sudo, which comes from OpenBSD (did you know that?) Available for preorder now at a discounted price *** Documentation Infrastructure Enhancements (http://freebsdfoundation.blogspot.com/2013/08/new-funded-project-documentation.html) Gábor Kövesdán has completed a funded project to improve the infrastructure behind the documentation project Will upgrade documentation from DocBook 4.2 to DocBook 4.5 and at the same time migrate to proper XML tools. DSSSL is an old and dead standard, which will not evolve any more. DocBook 5.0 tree added *** FreeBSD FIBs get new features (https://svnweb.freebsd.org/base?view=revision&revision=254943) FIBs (as discussed earlier in the interview) are Forward Information Bases (technical term for a routing table) The FreeBSD kernel can be compiled to allow you to maintain multiple FIBs, creating separate routing tables for different processes or jails In r254943 ps(1) is extended to support a new column ‘fib’, to display which routing table a process is using *** FreeNAS 9.1.0 and 9.1.1 released (http://www.ixsystems.com/resources/ix/news/ixsystems-announces-revolutionary-freenas-910-release.html) Many improvements in nearly all areas, big upgrade Based on FreeBSD 9-STABLE, lots of new ZFS features Cherry picked some features from 10-CURRENT New volume manager and easy to use plugin management system 9.1.1 released shortly thereafter to fix a few UI and plugin bugs *** BSD licensed "patch" becomes default (http://freshbsd.org/commit/freebsd/r253689) bsdpatch has become mature, does what GNU patch can do, but has a much better license Approved by portmgr@ for use in ports Added WITHGNUPATCH build option for people who still need it ***