Skip to main content.

Episode 050: VPN, My Dear Watson


Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent

This episode was brought to you by

iXsystems - Enterprise servers and storage for open sourceTarsnap - online backups for the truly paranoid


MeetBSD 2014 is approaching

  • The MeetBSD conference is coming up, and will be held on November 1st and 2nd in San Jose, California
  • MeetBSD has an "unconference" format, which means there will be both planned talks and community events
  • All the extra details will be on their site soon
  • It also has hotels and various other bits of useful information - hopefully with more info on the talks to come
  • Of course, EuroBSDCon is coming up before then

First experiences with OpenBSD

  • A new blog post that leads off with "tired of the sluggishness of Windows on my laptop and interested in experimenting with a Unix-like that I haven't tried before"
  • The author read the famous "BSD for Linux users" series (that most of us have surely seen) and decided to give BSD a try
  • He details his different OS and distro history, concluding with how he "eventually became annoyed at the poor quality of Linux userland software"
  • From there, it talks about how he used the OpenBSD USB image and got a fully-working system
  • He especially liked the simplicity of OpenBSD's "hostname.if" system for network configuration
  • Finally, he gets Xorg working and imports all his usual configuration files - seems to be a happy new user!

NetBSD rump kernels on bare metal (and Kansai OSC report)

  • When you're developing a new OS or a very specialized custom solution, working drivers become one of the hardest things to get right
  • However, NetBSD's rump kernels - a very unique concept - make this process a lot easier
  • This blog post talks about the process of starting with just a rump kernel and expanding into an internet-ready system in just a week
  • Also have a look back at episode 8 for our interview about rump kernels and what exactly they do
  • While on the topic of NetBSD, there were also a couple of very detailed reports (with lots of pictures!) of the various NetBSD-themed booths at the 2014 Kansai Open Source Conference that we wanted to highlight

OpenSSL and LibreSSL updates

  • OpenSSL pushed out a few new versions, fixing multiple vulnerabilities (nine to be precise!)
  • Security concerns include leaking memory, possible denial of service, crashing clients, memory exhaustion, TLS downgrades and more
  • LibreSSL released a new version to address most of the vulnerabilities, but wasn't affected by some of them
  • Whichever version of whatever SSL you use, make sure it's patched for these issues
  • DragonFly and OpenBSD are patched as of the time of this recording but, even after a week, NetBSD and FreeBSD are not (outside of -CURRENT)

Interview - Robert Watson -

FreeBSD architecture, security research techniques, exploit mitigation


Protecting traffic with a BSD-based VPN

News Roundup

A FreeBSD-based CGit server

  • If you use git (like a certain host of this show) then you've probably considered setting up your own server
  • This article takes you through the process of setting up a jailed git server, complete with a fancy web frontend
  • It even shows you how to set up multiple repos with key-based user separation and other cool things
  • The author of the post is also a listener of the show, thanks for sending it in!

Backup devices for small businesses

  • In this article, different methods of data storage and backup are compared
  • After weighing the various options, the author comes to an obvious conclusion: FreeNAS is the answer
  • He praises FreeNAS and the FreeNAS Mini for their tight integration, rock solid FreeBSD base and the great ZFS featureset that it offers
  • It also goes over some of the hardware specifics in the FreeNAS Mini

A new Xenocara interview

  • As a follow up to last week's OpenSMTPD interview, this Russian blog interviews Matthieu Herrb about Xenocara
  • If you're not familiar with Xenocara, it's OpenBSD's version of Xorg with some custom patches
  • In this interview, he discusses how large and complex the upstream X11 development is, how different components are worked on by different people, how they test code (including a new framework) and security auditing
  • Matthieu is both a developer of upstream Xorg and an OpenBSD developer, so it's natural for him to do a lot of the maintainership work there

Building a high performance FreeBSD samba server

  • If you've got to PXE boot several hundred Windows boxes to upgrade from XP to 7, what's the best solution?
  • FreeBSD, ZFS and Samba obviously!
  • The master image and related files clock in at over 20GB, and will be accessed at the same time by all of those clients
  • This article documents that process, highlighting some specific configuration tweaks to maximize performance (including NIC bonding)
  • It doesn't even require the newest or best hardware with the right changes, pretty cool


  • All the tutorials are posted in their entirety at
  • We want to give a special thanks to our viewer Adam (aka bsdx) for writing most of today's OpenVPN tutorial
  • Send questions, comments, show ideas/topics, or stories you want mentioned on the show to
  • Watch live Wednesdays at 2:00PM Eastern (18:00 UTC)

Latest News

Two Year Anniversary


We're quickly approaching our two-year anniversary, which will be on episode 105. To celebrate, we've created a unique t-shirt design, available for purchase until the end of August. Shirts will be shipped out around September 1st. Most of the proceeds will support the show, and specifically allow us to buy...

New discussion segment


We're thinking about adding a new segment to the show where we discuss a topic that the listeners suggest. It's meant to be informative like a tutorial, but more of a "free discussion" format. If you have any subjects you want us to explore, or even just a good name...

How did you get into BSD?


We've got a fun idea for the holidays this year: just like we ask during the interviews, we want to hear how all the viewers and listeners first got into BSD. Email us your story, either written or a video version, and we'll read and play some of them for...

EuroBSDCon 2014


As you might expect, both Allan and Kris will be at EuroBSDCon this year. They'll be busy hunting down various BSD developers and forcing them to do interviews, but don't hesitate to say hi if you're a listener!...

Episode 110 - Firmware Fights


Direct Download: Video | HD Video | MP3 Audio | OGG Audio | Torrent This episode was brought to you by Headlines EuroBSDCon Videos EuroBSDCon has started posting videos of the talks online already. The videos posted online are archives of the live stream, so some of the videos contain multiple talks Due to a technical complication,...

Episode 109: Impish BSD


Direct Download: Video | HD Video | MP3 Audio | OGG Audio | Torrent This episode was brought to you by Interview - Warner Losh - / @bsdimp SSD performance and driver auto-loader Send questions, comments, show ideas/topics, or stories you want mentioned on the show to

Episode 108: ServeUp BSD


Direct Download: Video | HD Video | MP3 Audio | OGG Audio | Torrent This episode was brought to you by Headlines Allan is away this week, traveling to Sweden for the ACM womENcourage conference followed by EuroBSDCon, but we have an excellent interview for you, so sit back and enjoy the show. Allan...

Episode 107: In their midst


Direct Download: Video | HD Video | MP3 Audio | OGG Audio | Torrent This episode was brought to you by Headlines Alexander Motin implements CTL High Availability CTL HA allows two .head. nodes to be connected to the same set of disks, safely An HA storage appliance usually consists of 2...