Skip to main content.

Episode 050: VPN, My Dear Watson

2014-08-13

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent

This episode was brought to you by

iXsystems - Enterprise servers and storage for open sourceTarsnap - online backups for the truly paranoid


Headlines

MeetBSD 2014 is approaching

  • The MeetBSD conference is coming up, and will be held on November 1st and 2nd in San Jose, California
  • MeetBSD has an "unconference" format, which means there will be both planned talks and community events
  • All the extra details will be on their site soon
  • It also has hotels and various other bits of useful information - hopefully with more info on the talks to come
  • Of course, EuroBSDCon is coming up before then

First experiences with OpenBSD

  • A new blog post that leads off with "tired of the sluggishness of Windows on my laptop and interested in experimenting with a Unix-like that I haven't tried before"
  • The author read the famous "BSD for Linux users" series (that most of us have surely seen) and decided to give BSD a try
  • He details his different OS and distro history, concluding with how he "eventually became annoyed at the poor quality of Linux userland software"
  • From there, it talks about how he used the OpenBSD USB image and got a fully-working system
  • He especially liked the simplicity of OpenBSD's "hostname.if" system for network configuration
  • Finally, he gets Xorg working and imports all his usual configuration files - seems to be a happy new user!

NetBSD rump kernels on bare metal (and Kansai OSC report)

  • When you're developing a new OS or a very specialized custom solution, working drivers become one of the hardest things to get right
  • However, NetBSD's rump kernels - a very unique concept - make this process a lot easier
  • This blog post talks about the process of starting with just a rump kernel and expanding into an internet-ready system in just a week
  • Also have a look back at episode 8 for our interview about rump kernels and what exactly they do
  • While on the topic of NetBSD, there were also a couple of very detailed reports (with lots of pictures!) of the various NetBSD-themed booths at the 2014 Kansai Open Source Conference that we wanted to highlight

OpenSSL and LibreSSL updates

  • OpenSSL pushed out a few new versions, fixing multiple vulnerabilities (nine to be precise!)
  • Security concerns include leaking memory, possible denial of service, crashing clients, memory exhaustion, TLS downgrades and more
  • LibreSSL released a new version to address most of the vulnerabilities, but wasn't affected by some of them
  • Whichever version of whatever SSL you use, make sure it's patched for these issues
  • DragonFly and OpenBSD are patched as of the time of this recording but, even after a week, NetBSD and FreeBSD are not (outside of -CURRENT)

Interview - Robert Watson - rwatson@freebsd.org

FreeBSD architecture, security research techniques, exploit mitigation


Tutorial

Protecting traffic with a BSD-based VPN


News Roundup

A FreeBSD-based CGit server

  • If you use git (like a certain host of this show) then you've probably considered setting up your own server
  • This article takes you through the process of setting up a jailed git server, complete with a fancy web frontend
  • It even shows you how to set up multiple repos with key-based user separation and other cool things
  • The author of the post is also a listener of the show, thanks for sending it in!

Backup devices for small businesses

  • In this article, different methods of data storage and backup are compared
  • After weighing the various options, the author comes to an obvious conclusion: FreeNAS is the answer
  • He praises FreeNAS and the FreeNAS Mini for their tight integration, rock solid FreeBSD base and the great ZFS featureset that it offers
  • It also goes over some of the hardware specifics in the FreeNAS Mini

A new Xenocara interview

  • As a follow up to last week's OpenSMTPD interview, this Russian blog interviews Matthieu Herrb about Xenocara
  • If you're not familiar with Xenocara, it's OpenBSD's version of Xorg with some custom patches
  • In this interview, he discusses how large and complex the upstream X11 development is, how different components are worked on by different people, how they test code (including a new framework) and security auditing
  • Matthieu is both a developer of upstream Xorg and an OpenBSD developer, so it's natural for him to do a lot of the maintainership work there

Building a high performance FreeBSD samba server

  • If you've got to PXE boot several hundred Windows boxes to upgrade from XP to 7, what's the best solution?
  • FreeBSD, ZFS and Samba obviously!
  • The master image and related files clock in at over 20GB, and will be accessed at the same time by all of those clients
  • This article documents that process, highlighting some specific configuration tweaks to maximize performance (including NIC bonding)
  • It doesn't even require the newest or best hardware with the right changes, pretty cool

Feedback/Questions


  • All the tutorials are posted in their entirety at bsdnow.tv
  • We want to give a special thanks to our viewer Adam (aka bsdx) for writing most of today's OpenVPN tutorial
  • Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
  • Watch live Wednesdays at 2:00PM Eastern (18:00 UTC)

Latest News

How did you get into BSD?

2014-11-26

We've got a fun idea for the holidays this year: just like we ask during the interviews, we want to hear how all the viewers and listeners first got into BSD. Email us your story, either written or a video version, and we'll read and play some of them for...

EuroBSDCon 2014

2014-09-18

As you might expect, both Allan and Kris will be at EuroBSDCon this year. They'll be busy hunting down various BSD developers and forcing them to do interviews, but don't hesitate to say hi if you're a listener!...

BSDCan 2014

2014-04-30

We just wrapped up episode 35 after having some horrible audio issues. Sorry about the quality being lower than usual, we did the best we could given the circumstances. Next week we've got a normal episode, but the following week Allan and Kris will be at BSDCan. That week will...

AsiaBSDCon 2014

2014-03-05

Both Allan and Kris will be going to AsiaBSDCon this year, so episode 28 will be shorter than usual. We'll be back the following week with a huge episode. Hopefully they can get some interviews there!...


Episode 068: Just the Essentials

2014-12-17

Direct Download: Video | HD Video | MP3 Audio | OGG Audio | Torrent This episode was brought to you by Headlines More BSD conference videos We mentioned it a few times, but the "New Directions in Operating Systems" conference was held in November in the UK The presentations videos are now online, with a few...

Episode 067: Must Be Rigged

2014-12-10

Direct Download: Video | HD Video | MP3 Audio | OGG Audio | Torrent This episode was brought to you by Headlines Bitrig 1.0 released If you haven't heard of it, Bitrig is a fork of OpenBSD that started a couple years ago According to their FAQ, some of their goals include: only supporting modern hardware...

Episode 066: Conference Connoisseur

2014-12-03

Direct Download: Video | HD Video | MP3 Audio | OGG Audio | Torrent This episode was brought to you by Headlines More BSD presentation videos The MeetBSD video uploading spree continues with a few more talks, maybe this'll be the last batch Corey Vixie, Web Apps in Embedded BSD Allan Jude, UCL config Kip Macy, iflib While we're...

Episode 065: 8,000,000 Mogofoo-ops

2014-11-26

Direct Download: Video | HD Video | MP3 Audio | OGG Audio | Torrent This episode was brought to you by Headlines Even more BSD presentation videos More videos from this year's MeetBSD and OpenZFS devsummit were uploaded since last week Robert Ryan, At the Heart of the Digital Economy FreeNAS & ZFS, The Indestructible Duo -...