Skip to main content.

Episode 039: The Friendly Sandbox


Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent

This episode was brought to you by

iXsystems - Enterprise servers and storage for open sourceTarsnap - online backups for the truly paranoid


BSDCan 2014 talks and reports

Defend your network and privacy with a VPN and OpenBSD

  • After all the recent news about spying, backdoored routers, deep packet inspection and everything else, you might want to start taking steps at getting some privacy back
  • This article describes how to set up a secure network gateway and VPN using OpenBSD and related crypto utilities
  • There are bits for DHCP, DNS, OpenVPN, DNSCrypt and a watchdog script to make sure your tunnel is always being used
  • You can transparently tunnel all your outbound traffic over the VPN with this configuration, nothing is needed on any of the client systems - this could also be used with Tor (but it would be very slow)
  • It also includes a few general privacy tips, recommended browser extensions, etc
  • The intro to the article is especially great, so give the whole thing a read
  • He mentions our OpenBSD router guide and other tutorials being a big help for this setup, so hello if you're watching!

You should try FreeBSD

  • In this blog post, the author talks a bit about how some Linux people aren't familiar with the BSDs and how we can take steps to change that
  • He goes into some FreeBSD history specifically, then talks about some of the apparent (and not-so-apparent) differences between the two
  • Possibly the most useful part is how to address the question "my server already works, why bother switching?"
  • "Stackoverflow’s answers assume I have apt-get installed"
  • It includes mention of the great documentation, stability, ports, improved security and much more
  • A takeaway quote for would-be Linux switchers: "I like to compare FreeBSD to a really tidy room where you can find everything with your eyes closed. Once you know where the closets are, it is easy to just grab what you need, even if you have never touched it before"

OpenBSD and the little Mauritian contributor

  • This is a story about a guy from Mauritius named Logan, one of OpenBSD's newest developers
  • Back in 2010, he started sending in patched for OpenBSD's "mg" editor, among other small things, and eventually added file transfer resume support for SFTP
  • The article talks about his journey from just a guy who submits a patch here and there to joining the developer ranks and even getting his picture taken with Theo at a recent hackathon
  • It really shows how easy it is to get involved with the different BSDs and contribute back to the software ecosystem
  • Congrats to Logan, and hopefully this will inspire more people to start helping out and contributing code back

Interview - Jon Anderson -

Capsicum and Casperd


Encrypting DNS lookups

News Roundup

FreeBSD Journal, May 2014 issue

  • The newest issue of the FreeBSD Journal is out, following the bi-monthly release cycle
  • This time the topics include: a letter from the foundation, a ports report, some 9.3-RELEASE plans, an events calendar, an overview of ipfw, exploring network activity with dtrace, an article about kqueue, data distribution with dnssec and finally an article about TCP scaling
  • Pick up your (digital) copy at Amazon, Google Play or on iTunes and have a read

LibreSSL porting update

  • Since the last LibreSSL post we covered, a couple unofficial "portable" versions have died off
  • Unfortunately, people still think they can just port LibreSSL to other BSDs and Linux all willy-nilly - stop doing that!
  • This post reiterates that LibreSSL currently relies on a lot of OpenBSD-specific security functions that are not present in other systems, and also gives a very eye-opening example
  • Please wait for an official portable version instead of wasting time with these dime-a-dozen github clones that do more harm than good

BSDMag May 2014 issue is out

  • The usual monthly release from BSDMag, covering a variety of subjects
  • This time around the topics include: managing large development projects using RCS, working with HAMMER FS and PFSes, running MeteorJS on FreeBSD 11, another bhyve article, more GIMP tutorials and a few other things
  • It's a free PDF, go grab it

BSDTalk episode 241

  • A new episode of BSDTalk is out, this time with Bob Beck
  • He talks about the OpenBSD foundation's recent activities, his own work in the project, some stories about the hardware in Theo's basement and a lot more
  • The interview itself isn't about LibreSSL at all, but they do touch on it a bit too
  • Really interesting stuff, covers a lot of different topics in a short amount of time


  • All the tutorials are posted in their entirety at
  • Send questions, comments, show ideas/topics, or stories you want mentioned on the show to
  • We're looking for new tutorial ideas, so if there's something specific you'd like to learn about, let us know
  • FreeBSD core team elections are in progress - nominations ended today. There are 21 candidates, and voting is open for the next month. We'll let you know how it goes in a future episode.
  • Watch live Wednesdays at 2:00PM Eastern (18:00 UTC)

Latest News

Two Year Anniversary


We're quickly approaching our two-year anniversary, which will be on episode 105. To celebrate, we've created a unique t-shirt design, available for purchase until the end of August. Shirts will be shipped out around September 1st. Most of the proceeds will support the show, and specifically allow us to buy...

New discussion segment


We're thinking about adding a new segment to the show where we discuss a topic that the listeners suggest. It's meant to be informative like a tutorial, but more of a "free discussion" format. If you have any subjects you want us to explore, or even just a good name...

How did you get into BSD?


We've got a fun idea for the holidays this year: just like we ask during the interviews, we want to hear how all the viewers and listeners first got into BSD. Email us your story, either written or a video version, and we'll read and play some of them for...

EuroBSDCon 2014


As you might expect, both Allan and Kris will be at EuroBSDCon this year. They'll be busy hunting down various BSD developers and forcing them to do interviews, but don't hesitate to say hi if you're a listener!...

Episode 110 - Firmware Fights


Direct Download: Video | HD Video | MP3 Audio | OGG Audio | Torrent This episode was brought to you by Headlines EuroBSDCon Videos EuroBSDCon has started posting videos of the talks online already. The videos posted online are archives of the live stream, so some of the videos contain multiple talks Due to a technical complication,...

Episode 109: Impish BSD


Direct Download: Video | HD Video | MP3 Audio | OGG Audio | Torrent This episode was brought to you by Interview - Warner Losh - / @bsdimp SSD performance and driver auto-loader Send questions, comments, show ideas/topics, or stories you want mentioned on the show to

Episode 108: ServeUp BSD


Direct Download: Video | HD Video | MP3 Audio | OGG Audio | Torrent This episode was brought to you by Headlines Allan is away this week, traveling to Sweden for the ACM womENcourage conference followed by EuroBSDCon, but we have an excellent interview for you, so sit back and enjoy the show. Allan...

Episode 107: In their midst


Direct Download: Video | HD Video | MP3 Audio | OGG Audio | Torrent This episode was brought to you by Headlines Alexander Motin implements CTL High Availability CTL HA allows two .head. nodes to be connected to the same set of disks, safely An HA storage appliance usually consists of 2...