app03 Thu, 25 Jun 2026 03:08:36 +0000 Fireside (https://fireside.fm) BSD Now - Episodes Tagged with “Nycbug” https://www.bsdnow.tv/tags/nycbug Thu, 02 Mar 2023 03:00:00 -0500 Created by three guys who love BSD, we cover the latest news and have an extensive series of tutorials, as well as interviews with various people from all areas of the BSD community. It also serves as a platform for support and questions. We love and advocate FreeBSD, OpenBSD, NetBSD, DragonFlyBSD and TrueOS. Our show aims to be helpful and informative for new users that want to learn about them, but still be entertaining for the people who are already pros. The show airs on Wednesdays at 2:00PM (US Eastern time) and the edited version is usually up the following day. en-us episodic A weekly podcast and the place to B...SD JT Pennington Created by three guys who love BSD, we cover the latest news and have an extensive series of tutorials, as well as interviews with various people from all areas of the BSD community. It also serves as a platform for support and questions. We love and advocate FreeBSD, OpenBSD, NetBSD, DragonFlyBSD and TrueOS. Our show aims to be helpful and informative for new users that want to learn about them, but still be entertaining for the people who are already pros. The show airs on Wednesdays at 2:00PM (US Eastern time) and the edited version is usually up the following day. no berkeley,freebsd,openbsd,netbsd,dragonflybsd,trueos,trident,hardenedbsd,tutorial,howto,guide,bsd,interview JT Pennington feedback@bsdnow.tv 496: Hacking the CLI https://www.bsdnow.tv/496 2c0b464e-375e-42af-b44a-62ca75b4b31a Thu, 02 Mar 2023 03:00:00 -0500 JT Pennington full JT Pennington Automation and Hacking Your FreeBSD CLI, Run your own instant messaging service on FreeBSD, Watch Netflix on FreeBSD, HardenedBSD January 2023 Status Report, How To Set Up SSH Keys With YubiKey as two-factor authentication, OpenSSH fixes double-free memory bug that’s pokable over the network, A late announcement, but better late than never, Next NYC*BUG and more 45:05 no <p>Automation and Hacking Your FreeBSD CLI, Run your own instant messaging service on FreeBSD, Watch Netflix on FreeBSD, HardenedBSD January 2023 Status Report, How To Set Up SSH Keys With YubiKey as two-factor authentication, OpenSSH fixes double-free memory bug that’s pokable over the network, A late announcement, but better late than never, Next NYC*BUG and more</p> <p><strong><em>NOTES</em></strong><br> This episode of BSDNow is brought to you by <a href="https://www.tarsnap.com/bsdnow" rel="nofollow noopener">Tarsnap</a> and the <a href="https://www.patreon.com/bsdnow" rel="nofollow noopener">BSDNow Patreon</a></p> <h2>Headlines</h2> <h3><a href="https://klarasystems.com/articles/automation-and-hacking-your-freebsd-cli/" rel="nofollow noopener">Automation and Hacking Your FreeBSD CLI</a></h3> <hr> <h3><a href="https://xn--gckvb8fzb.com/run-your-own-instant-messaging-service-on-freebsd/" rel="nofollow noopener">Run your own instant messaging service on FreeBSD</a></h3> <hr> <h2>News Roundup</h2> <h3><a href="https://byte--sized-de.translate.goog/linux-unix/netflix-auf-freebsd-schauen/?_x_tr_sl=de&amp;_x_tr_tl=en&amp;_x_tr_hl=en&amp;_x_tr_pto=wapp" rel="nofollow noopener">Watch Netflix on FreeBSD</a></h3> <hr> <h3><a href="https://hardenedbsd.org/article/shawn-webb/2023-01-31/hardenedbsd-january-2023-status-report" rel="nofollow noopener">HardenedBSD January 2023 Status Report</a></h3> <hr> <h3><a href="https://www.cyberciti.biz/security/how-to-set-up-ssh-keys-with-yubikey-as-two-factor-authentication-u2f-fido2/" rel="nofollow noopener">How To Set Up SSH Keys With YubiKey as two-factor authentication (U2F/FIDO2)</a></h3> <hr> <h3><a href="https://nakedsecurity.sophos.com/2023/02/03/openssh-fixes-double-free-memory-bug-thats-pokable-over-the-network/" rel="nofollow noopener">OpenSSH fixes double-free memory bug that’s pokable over the network</a></h3> <hr> <h3><a href="https://github.com/chettrick/discobsd/releases/tag/DISCOBSD_2_0" rel="nofollow noopener">A late announcement, but better late than never</a></h3> <hr> <h3><a href="https://lists.nycbug.org:8443/pipermail/talk/2023-February/018550.html" rel="nofollow noopener">Next NYC*BUG: March? April? Certainly May!</a></h3> <hr> <h3>Tarsnap</h3> <ul> <li>This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups.</li> </ul> <h2>Feedback/Questions</h2> <ul> <li><a href="https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/496/feedback/Daniel%20-%20Plan%209%20lives.md" rel="nofollow noopener">Daniel - Plan 9 lives</a></li> <li><a href="https://github.com/BSDNow/bsdnow.tv/blob/master/episodes/496/feedback/Jason%20-%20nvd%20driver.md" rel="nofollow noopener">Jason - nvd driver</a></li> </ul> <hr> <ul> <li>Send questions, comments, show ideas/topics, or stories you want mentioned on the show to <a href="mailto:feedback@bsdnow.tv" rel="nofollow noopener">feedback@bsdnow.tv</a> ***</li> </ul> freebsd, openbsd, netbsd, dragonflybsd, trueos, trident, hardenedbsd, tutorial, howto, guide, bsd, operating system, open source, shell, unix, os, berkeley, software, distribution, development, release, zfs, zpool, dataset, filesystem, storage, ports, packages, jails, interview, automation, hacking, cli, instant message, messaging, netflix, status report, ssh, keys, 2fa, memory, bug, bugfix, fix, discobsd, nycbug Automation and Hacking Your FreeBSD CLI, Run your own instant messaging service on FreeBSD, Watch Netflix on FreeBSD, HardenedBSD January 2023 Status Report, How To Set Up SSH Keys With YubiKey as two-factor authentication, OpenSSH fixes double-free memory bug that’s pokable over the network, A late announcement, but better late than never, Next NYC*BUG and more

NOTES
This episode of BSDNow is brought to you by Tarsnap and the BSDNow Patreon

Headlines

Automation and Hacking Your FreeBSD CLI

Run your own instant messaging service on FreeBSD

News Roundup

Watch Netflix on FreeBSD

HardenedBSD January 2023 Status Report

How To Set Up SSH Keys With YubiKey as two-factor authentication (U2F/FIDO2)

OpenSSH fixes double-free memory bug that’s pokable over the network

A late announcement, but better late than never

Next NYC*BUG: March? April? Certainly May!

Tarsnap

  • This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups.

Feedback/Questions

  • Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv ***
]]> Automation and Hacking Your FreeBSD CLI, Run your own instant messaging service on FreeBSD, Watch Netflix on FreeBSD, HardenedBSD January 2023 Status Report, How To Set Up SSH Keys With YubiKey as two-factor authentication, OpenSSH fixes double-free memory bug that’s pokable over the network, A late announcement, but better late than never, Next NYC*BUG and more

NOTES
This episode of BSDNow is brought to you by Tarsnap and the BSDNow Patreon

Headlines

Automation and Hacking Your FreeBSD CLI

Run your own instant messaging service on FreeBSD

News Roundup

Watch Netflix on FreeBSD

HardenedBSD January 2023 Status Report

How To Set Up SSH Keys With YubiKey as two-factor authentication (U2F/FIDO2)

OpenSSH fixes double-free memory bug that’s pokable over the network

A late announcement, but better late than never

Next NYC*BUG: March? April? Certainly May!

Tarsnap

  • This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups.

Feedback/Questions

  • Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv ***
]]> 422: The Brian Callahan Interview https://www.bsdnow.tv/422 4ca5efbc-d83b-41a2-981c-42c4dacefb05 Thu, 30 Sep 2021 03:00:00 -0400 JT Pennington full JT Pennington We interview Dr. Brian Callahan about his language porting work for OpenBSD, teaching with BSDs and recruiting students into projects, research, and his work at NYC*BUG in this week’s episode of BSDnow. 49:59 no <p>We interview Dr. Brian Callahan about his language porting work for OpenBSD, teaching with BSDs and recruiting students into projects, research, and his work at NYC*BUG in this week’s episode of BSDnow.</p> <p><strong><em>NOTES</em></strong><br> This episode of BSDNow is brought to you by <a href="https://www.tarsnap.com/bsdnow" rel="nofollow noopener">Tarsnap</a></p> <h2>Interview - Dr. Brian Robert Callahan - <a href="https://briancallahan.net/" rel="nofollow noopener">https://briancallahan.net/</a> / <a href="https://mastodon.com/bcallah@bsdnetwork" rel="nofollow noopener">bcallah@bsdnetwork</a></h2> <hr> <h3>Tarsnap</h3> <ul> <li>This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups.</li> </ul> <hr> <ul> <li>Send questions, comments, show ideas/topics, or stories you want mentioned on the show to <a href="mailto:feedback@bsdnow.tv" rel="nofollow noopener">feedback@bsdnow.tv</a> *** Special Guest: Brian Callahan.</li> </ul> freebsd, openbsd, netbsd, dragonflybsd, trueos, trident, hardenedbsd, tutorial, howto, guide, bsd, operating system, open source, shell, unix, os, berkeley, software, distribution, release, zfs, zpool, dataset, interview, ports, packages, interview, callahan, language porting, teaching, research, recruiting, diversity, nycbug, new york, bsd user group, We interview Dr. Brian Callahan about his language porting work for OpenBSD, teaching with BSDs and recruiting students into projects, research, and his work at NYC*BUG in this week’s episode of BSDnow.

NOTES
This episode of BSDNow is brought to you by Tarsnap

Interview - Dr. Brian Robert Callahan - https://briancallahan.net/ / bcallah@bsdnetwork

Tarsnap

  • This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups.
  • Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv ***

Special Guest: Brian Callahan.

]]> We interview Dr. Brian Callahan about his language porting work for OpenBSD, teaching with BSDs and recruiting students into projects, research, and his work at NYC*BUG in this week’s episode of BSDnow.

NOTES
This episode of BSDNow is brought to you by Tarsnap

Interview - Dr. Brian Robert Callahan - https://briancallahan.net/ / bcallah@bsdnetwork

Tarsnap

  • This weeks episode of BSDNow was sponsored by our friends at Tarsnap, the only secure online backup you can trust your data to. Even paranoids need backups.
  • Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv ***

Special Guest: Brian Callahan.

]]> 38: A BUG's Life https://www.bsdnow.tv/38 01510b66-38e5-40ac-a282-9bff71cb55d9 Wed, 21 May 2014 08:00:00 -0400 JT Pennington full JT Pennington We're back from BSDCan! This week on the show we'll be chatting with Brian Callahan and Aaron Bieber about forming a local BSD users group. We'll get to hear their experiences of running one and maybe encourage some of you to start your own! After that, we've got a tutorial on the basics of NetBSD's package manager, pkgsrc. Answers to your emails and the latest headlines, on BSD Now - the place to B.. SD. 1:28:34 no <p>We're back from BSDCan! This week on the show we'll be chatting with Brian Callahan and Aaron Bieber about forming a local BSD users group. We'll get to hear their experiences of running one and maybe encourage some of you to start your own! After that, we've got a tutorial on the basics of NetBSD's package manager, pkgsrc. Answers to your emails and the latest headlines, on BSD Now - the place to B.. SD.</p> <h2>This episode was brought to you by</h2> <p><a href="http://www.ixsystems.com/bsdnow" title="iXsystems" rel="nofollow noopener"><img src="/images/iXlogo2.png" alt="iXsystems - Enterprise Servers and Storage For Open Source"></a><a href="http://www.tarsnap.com/bsdnow" title="Tarsnap" rel="nofollow noopener"><img src="/images/tarsnap1.png" alt="Tarsnap - online backups for the truly paranoid"></a></p> <hr> <h2>Headlines</h2> <h3><a href="http://blather.michaelwlucas.com/archives/2053" rel="nofollow noopener">FreeBSD 11 goals and discussion</a></h3> <ul> <li>Something that actually happened at BSDCan this year...</li> <li>During the FreeBSD devsummit, there was some discussion about what changes will be made in 11.0-RELEASE</li> <li>Some of MWL's notes include: the test suite will be merged to 10-STABLE, more work on the MIPS platforms, LLDB getting more attention, UEFI boot and install support</li> <li>A large list of possibilities was also included and open for discussion, including AES-GCM in IPSEC, ASLR, OpenMP, ICC, in-place kernel upgrades, Capsicum improvements, TCP performance improvements and A LOT more</li> <li>There's also some notes from the <a href="http://blather.michaelwlucas.com/archives/2060" rel="nofollow noopener">devsummit virtualization session</a>, mostly talking about bhyve</li> <li>Lastly, he also provides some notes about <a href="http://blather.michaelwlucas.com/archives/2065" rel="nofollow noopener">ports and packages</a> and where they're going ***</li> </ul> <h3><a href="http://securit.se/2014/05/how-to-install-kippo-ssh-honeypot-on-openbsd-5-5-with-chroot/" rel="nofollow noopener">An SSH honeypot with OpenBSD and Kippo</a></h3> <ul> <li>Everyone loves messing with script kiddies, right?</li> <li>This blog post introduces <a href="https://code.google.com/p/kippo/" rel="nofollow noopener">Kippo</a>, an SSH honeypot tool, and how to use it in combination with OpenBSD</li> <li>It includes a step by step (or rather, command by command) guide and some tips for running a honeypot securely</li> <li>You can use this to get new 0day exploits or find weaknesses in your systems</li> <li>OpenBSD makes a great companion for security testing tools like this with all its exploit mitigation techniques that protect all running applications ***</li> </ul> <h3><a href="https://www.netbsd.org/foundation/reports/financial/2013.html" rel="nofollow noopener">NetBSD foundation financial report</a></h3> <ul> <li>The NetBSD foundation has posted their 2013 financial report</li> <li>It's a very "no nonsense" page, pretty much only the hard numbers</li> <li>In 2013, they got $26,000 of income in donations</li> <li>The rest of the page shows all the details, how they spent it on hardware, consulting, conference fees, legal costs and everything else</li> <li>Be sure to donate to whichever BSDs you like and use! ***</li> </ul> <h3><a href="http://www.geektechnique.org/projectlab/796/how-to-build-a-fully-encrypted-nas-on-openbsd.html" rel="nofollow noopener">Building a fully-encrypted NAS with OpenBSD</a></h3> <ul> <li>Usually the popular choice for a NAS system is FreeNAS, or plain FreeBSD if you know what you're doing</li> <li>This article takes a look at the OpenBSD side and <a href="http://www.geektechnique.org/projectlab/797/openbsd-encrypted-nas-howto.html" rel="nofollow noopener">explains how</a> to build a NAS with security in mind</li> <li>The NAS will be fully encrypted, no separate /boot partition like FreeBSD and FreeNAS require - this means the kernel itself is even protected</li> <li>The obvious trade-off is the lack of ZFS support for storage, but this is an interesting idea that would fit most people's needs too</li> <li>There's also a bit of background information on NAS systems in general, some NAS-specific security tips and even some nice graphs and pictures of the hardware - fantastic write up! ***</li> </ul> <h2>Interview - Brian Callahan &amp; Aaron Bieber - <a href="mailto:admin@lists.nycbug.org" rel="nofollow noopener">admin@lists.nycbug.org</a> &amp; <a href="mailto:admin@cobug.org" rel="nofollow noopener">admin@cobug.org</a></h2> <p>Forming a local BSD Users Group</p> <hr> <h2>Tutorial</h2> <h3><a href="http://www.bsdnow.tv/tutorials/pkgsrc" rel="nofollow noopener">The basics of pkgsrc</a></h3> <hr> <h2>News Roundup</h2> <h3><a href="http://deranfangvomende.wordpress.com/2014/05/11/freebsd-periodic-mails-vs-monitoring/" rel="nofollow noopener">FreeBSD periodic mails vs. monitoring</a></h3> <ul> <li>If you've ever been an admin for a lot of FreeBSD boxes, you've probably noticed that you get a lot of email</li> <li>This page tells about all the different alert emails, cron emails and other reports you might end up getting, as well as how to manage them</li> <li>From bad SSH logins to Zabbix alerts, it all adds up quickly</li> <li>It highlights the periodic.conf file and FreeBSD's periodic daemon, as well as some third party monitoring tools you can use to keep track of your servers ***</li> </ul> <h3><a href="http://www.skogsrud.net/?p=44" rel="nofollow noopener">Doing cool stuff with OpenBSD routing domains</a></h3> <ul> <li>A blog post from our viewer and regular emailer, Kjell-Aleksander!</li> <li>He manages some internally-routed IP ranges at his work, but didn't want to have equipment for each separate project</li> <li>This is where OpenBSD routing domains and pf come in to save the day</li> <li>The blog post goes through the process with all the network details you could ever dream of</li> <li>He even <a href="http://i.imgur.com/penYQFP.jpg" rel="nofollow noopener">named his networking equipment... after us</a> ***</li> </ul> <h3><a href="http://insanecoding.blogspot.com/2014/04/libressl-good-and-bad.html" rel="nofollow noopener">LibreSSL, the good and the bad</a></h3> <ul> <li>We're all probably familiar with OpenBSD's fork of OpenSSL at this point</li> <li>However, "for those of you that don't know it, OpenSSL is at the same time the best and most popular SSL/TLS library available, and utter junk"</li> <li>This article talks about some of the cryptographic development challenges involved with maintaining such a massive project</li> <li>You need cryptographers, software engineers, software optimization specialists - there are a lot of roles that need to be filled</li> <li>It also mentions some OpenSSL alternatives and recent LibreSSL progress, as well as some downsides to the fork - the main one being their aim for backwards compatibility ***</li> </ul> <h3><a href="http://blog.pcbsd.org/2014/05/weekly-feature-digest-28-photos-of-the-new-appcafe-re-design/" rel="nofollow noopener">PCBSD weekly digest</a></h3> <ul> <li>Lots going on in PCBSD land this week, AppCafe has been redesigned</li> <li>The PBI system is being replaced with pkgng, PBIs will be automatically converted once you update</li> <li>In the more <a href="http://blog.pcbsd.org/2014/05/weekly-feature-digest-29-pbing/" rel="nofollow noopener">recent post</a>, there's some further explanation of the PBI system and the reason for the transition</li> <li>It's got lots of details on the different ways to install software, so hopefully it will clear up any possible confusion ***</li> </ul> <h2>Feedback/Questions</h2> <ul> <li><a href="http://slexy.org/view/s2UbEhgjce" rel="nofollow noopener">Antonio writes in</a></li> <li><a href="http://slexy.org/view/s21XU0y3JP" rel="nofollow noopener">Daniel writes in</a></li> <li><a href="http://slexy.org/view/s2QQtuawFl" rel="nofollow noopener">Sean writes in</a></li> <li><a href="http://slexy.org/view/s20XrT5Q8U" rel="nofollow noopener">tsyn writes in</a></li> <li><a href="http://slexy.org/view/s2ayZ1nsdv" rel="nofollow noopener">Chris writes in</a> *** </li> </ul> freebsd, openbsd, netbsd, dragonflybsd, pcbsd, tutorial, howto, guide, bsd, interview, pkgsrc, bug, bsd user group, users group, community, lug, uug, unix users group, packages, signing, binary, source, compile, ports, nycbug, nycbsdcon, cobug, colorado, new york, conference, presentation, 11.0, ssh, honeypot, script kiddies, kippo, foundation, financial report, encrypted, nas, network attached storage, full disk encryption, periodic, routing domains, pf, the book of pf, third edition, 3rd edition, cron, monitoring, openssl, libressl We're back from BSDCan! This week on the show we'll be chatting with Brian Callahan and Aaron Bieber about forming a local BSD users group. We'll get to hear their experiences of running one and maybe encourage some of you to start your own! After that, we've got a tutorial on the basics of NetBSD's package manager, pkgsrc. Answers to your emails and the latest headlines, on BSD Now - the place to B.. SD.

This episode was brought to you by

iXsystems - Enterprise Servers and Storage For Open SourceTarsnap - online backups for the truly paranoid

Headlines

FreeBSD 11 goals and discussion

  • Something that actually happened at BSDCan this year...
  • During the FreeBSD devsummit, there was some discussion about what changes will be made in 11.0-RELEASE
  • Some of MWL's notes include: the test suite will be merged to 10-STABLE, more work on the MIPS platforms, LLDB getting more attention, UEFI boot and install support
  • A large list of possibilities was also included and open for discussion, including AES-GCM in IPSEC, ASLR, OpenMP, ICC, in-place kernel upgrades, Capsicum improvements, TCP performance improvements and A LOT more
  • There's also some notes from the devsummit virtualization session, mostly talking about bhyve
  • Lastly, he also provides some notes about ports and packages and where they're going ***

An SSH honeypot with OpenBSD and Kippo

  • Everyone loves messing with script kiddies, right?
  • This blog post introduces Kippo, an SSH honeypot tool, and how to use it in combination with OpenBSD
  • It includes a step by step (or rather, command by command) guide and some tips for running a honeypot securely
  • You can use this to get new 0day exploits or find weaknesses in your systems
  • OpenBSD makes a great companion for security testing tools like this with all its exploit mitigation techniques that protect all running applications ***

NetBSD foundation financial report

  • The NetBSD foundation has posted their 2013 financial report
  • It's a very "no nonsense" page, pretty much only the hard numbers
  • In 2013, they got $26,000 of income in donations
  • The rest of the page shows all the details, how they spent it on hardware, consulting, conference fees, legal costs and everything else
  • Be sure to donate to whichever BSDs you like and use! ***

Building a fully-encrypted NAS with OpenBSD

  • Usually the popular choice for a NAS system is FreeNAS, or plain FreeBSD if you know what you're doing
  • This article takes a look at the OpenBSD side and explains how to build a NAS with security in mind
  • The NAS will be fully encrypted, no separate /boot partition like FreeBSD and FreeNAS require - this means the kernel itself is even protected
  • The obvious trade-off is the lack of ZFS support for storage, but this is an interesting idea that would fit most people's needs too
  • There's also a bit of background information on NAS systems in general, some NAS-specific security tips and even some nice graphs and pictures of the hardware - fantastic write up! ***

Interview - Brian Callahan & Aaron Bieber - admin@lists.nycbug.org & admin@cobug.org

Forming a local BSD Users Group

Tutorial

The basics of pkgsrc

News Roundup

FreeBSD periodic mails vs. monitoring

  • If you've ever been an admin for a lot of FreeBSD boxes, you've probably noticed that you get a lot of email
  • This page tells about all the different alert emails, cron emails and other reports you might end up getting, as well as how to manage them
  • From bad SSH logins to Zabbix alerts, it all adds up quickly
  • It highlights the periodic.conf file and FreeBSD's periodic daemon, as well as some third party monitoring tools you can use to keep track of your servers ***

Doing cool stuff with OpenBSD routing domains

  • A blog post from our viewer and regular emailer, Kjell-Aleksander!
  • He manages some internally-routed IP ranges at his work, but didn't want to have equipment for each separate project
  • This is where OpenBSD routing domains and pf come in to save the day
  • The blog post goes through the process with all the network details you could ever dream of
  • He even named his networking equipment... after us ***

LibreSSL, the good and the bad

  • We're all probably familiar with OpenBSD's fork of OpenSSL at this point
  • However, "for those of you that don't know it, OpenSSL is at the same time the best and most popular SSL/TLS library available, and utter junk"
  • This article talks about some of the cryptographic development challenges involved with maintaining such a massive project
  • You need cryptographers, software engineers, software optimization specialists - there are a lot of roles that need to be filled
  • It also mentions some OpenSSL alternatives and recent LibreSSL progress, as well as some downsides to the fork - the main one being their aim for backwards compatibility ***

PCBSD weekly digest

  • Lots going on in PCBSD land this week, AppCafe has been redesigned
  • The PBI system is being replaced with pkgng, PBIs will be automatically converted once you update
  • In the more recent post, there's some further explanation of the PBI system and the reason for the transition
  • It's got lots of details on the different ways to install software, so hopefully it will clear up any possible confusion ***

Feedback/Questions

]]> We're back from BSDCan! This week on the show we'll be chatting with Brian Callahan and Aaron Bieber about forming a local BSD users group. We'll get to hear their experiences of running one and maybe encourage some of you to start your own! After that, we've got a tutorial on the basics of NetBSD's package manager, pkgsrc. Answers to your emails and the latest headlines, on BSD Now - the place to B.. SD.

This episode was brought to you by

iXsystems - Enterprise Servers and Storage For Open SourceTarsnap - online backups for the truly paranoid

Headlines

FreeBSD 11 goals and discussion

  • Something that actually happened at BSDCan this year...
  • During the FreeBSD devsummit, there was some discussion about what changes will be made in 11.0-RELEASE
  • Some of MWL's notes include: the test suite will be merged to 10-STABLE, more work on the MIPS platforms, LLDB getting more attention, UEFI boot and install support
  • A large list of possibilities was also included and open for discussion, including AES-GCM in IPSEC, ASLR, OpenMP, ICC, in-place kernel upgrades, Capsicum improvements, TCP performance improvements and A LOT more
  • There's also some notes from the devsummit virtualization session, mostly talking about bhyve
  • Lastly, he also provides some notes about ports and packages and where they're going ***

An SSH honeypot with OpenBSD and Kippo

  • Everyone loves messing with script kiddies, right?
  • This blog post introduces Kippo, an SSH honeypot tool, and how to use it in combination with OpenBSD
  • It includes a step by step (or rather, command by command) guide and some tips for running a honeypot securely
  • You can use this to get new 0day exploits or find weaknesses in your systems
  • OpenBSD makes a great companion for security testing tools like this with all its exploit mitigation techniques that protect all running applications ***

NetBSD foundation financial report

  • The NetBSD foundation has posted their 2013 financial report
  • It's a very "no nonsense" page, pretty much only the hard numbers
  • In 2013, they got $26,000 of income in donations
  • The rest of the page shows all the details, how they spent it on hardware, consulting, conference fees, legal costs and everything else
  • Be sure to donate to whichever BSDs you like and use! ***

Building a fully-encrypted NAS with OpenBSD

  • Usually the popular choice for a NAS system is FreeNAS, or plain FreeBSD if you know what you're doing
  • This article takes a look at the OpenBSD side and explains how to build a NAS with security in mind
  • The NAS will be fully encrypted, no separate /boot partition like FreeBSD and FreeNAS require - this means the kernel itself is even protected
  • The obvious trade-off is the lack of ZFS support for storage, but this is an interesting idea that would fit most people's needs too
  • There's also a bit of background information on NAS systems in general, some NAS-specific security tips and even some nice graphs and pictures of the hardware - fantastic write up! ***

Interview - Brian Callahan & Aaron Bieber - admin@lists.nycbug.org & admin@cobug.org

Forming a local BSD Users Group

Tutorial

The basics of pkgsrc

News Roundup

FreeBSD periodic mails vs. monitoring

  • If you've ever been an admin for a lot of FreeBSD boxes, you've probably noticed that you get a lot of email
  • This page tells about all the different alert emails, cron emails and other reports you might end up getting, as well as how to manage them
  • From bad SSH logins to Zabbix alerts, it all adds up quickly
  • It highlights the periodic.conf file and FreeBSD's periodic daemon, as well as some third party monitoring tools you can use to keep track of your servers ***

Doing cool stuff with OpenBSD routing domains

  • A blog post from our viewer and regular emailer, Kjell-Aleksander!
  • He manages some internally-routed IP ranges at his work, but didn't want to have equipment for each separate project
  • This is where OpenBSD routing domains and pf come in to save the day
  • The blog post goes through the process with all the network details you could ever dream of
  • He even named his networking equipment... after us ***

LibreSSL, the good and the bad

  • We're all probably familiar with OpenBSD's fork of OpenSSL at this point
  • However, "for those of you that don't know it, OpenSSL is at the same time the best and most popular SSL/TLS library available, and utter junk"
  • This article talks about some of the cryptographic development challenges involved with maintaining such a massive project
  • You need cryptographers, software engineers, software optimization specialists - there are a lot of roles that need to be filled
  • It also mentions some OpenSSL alternatives and recent LibreSSL progress, as well as some downsides to the fork - the main one being their aim for backwards compatibility ***

PCBSD weekly digest

  • Lots going on in PCBSD land this week, AppCafe has been redesigned
  • The PBI system is being replaced with pkgng, PBIs will be automatically converted once you update
  • In the more recent post, there's some further explanation of the PBI system and the reason for the transition
  • It's got lots of details on the different ways to install software, so hopefully it will clear up any possible confusion ***

Feedback/Questions

]]> 24: The Cluster & The Cloud https://www.bsdnow.tv/24 4472f6f6-5fb3-4ee9-b20c-04e927cf1299 Wed, 12 Feb 2014 08:00:00 -0500 JT Pennington full JT Pennington This week on BSD Now... a wrap-up from NYCBSDCon! We'll also be talking to Luke Marsden, CEO of HybridCluster, about how they use BSD at large. Following that, our tutorial will show you how to securely share files with SFTP in a chroot. The latest news and answers to your questions, of course it's BSD Now - the place to B.. SD. 1:09:44 no <p>This week on BSD Now... a wrap-up from NYCBSDCon! We'll also be talking to Luke Marsden, CEO of HybridCluster, about how they use BSD at large. Following that, our tutorial will show you how to securely share files with SFTP in a chroot. The latest news and answers to your questions, of course it's BSD Now - the place to B.. SD.</p> <h2>This episode was brought to you by</h2> <p><a href="http://www.ixsystems.com/bsdnow" title="iXsystems" rel="nofollow noopener"><img src="/images/iXlogo2.png" alt="iXsystems - Enterprise Servers and Storage For Open Source"></a></p> <hr> <h2>Headlines</h2> <h3><a href="http://www.pantz.org/software/pf/use_freebsd_10_as_a_pf_firewall.html" rel="nofollow noopener">FreeBSD 10 as a firewall</a></h3> <ul> <li>Back in 2012, the author of this site wrote an article stating you should avoid FreeBSD 9 for a firewall and use OpenBSD instead</li> <li>Now, with the release of 10.0, he's apparently changed his mind and switched back over</li> <li>It mentions the SMP version of pf, general performance advantages and more modern features</li> <li>The author is a regular listener of BSD Now, hi Joe! ***</li> </ul> <h3><a href="http://bsdly.blogspot.com/2014/02/effective-spam-and-malware.html" rel="nofollow noopener">Network Noise Reduction Using Free Tools</a></h3> <ul> <li>Really long blog post, based on a BSDCan presentation, about fighting spam with OpenBSD</li> <li>Peter Hansteen, author of the book of PF, goes through how he uses OpenBSD's spamd and other security features to combat spam and malware</li> <li>He goes through his experiences with content filtering and disappointment with a certain proprietary vendor</li> <li>Not totally BSD-specific, lots of people can enjoy the article - lots of virus history as well ***</li> </ul> <h3><a href="http://0xfeedface.org/blog/lattera/2014-02-02/freebsd-aslr-patch-submitted-upstream" rel="nofollow noopener">FreeBSD ASLR patches submitted</a></h3> <ul> <li>So far, FreeBSD hasn't had Address Space Layout Randomization</li> <li>ASLR is a nice security feature, <a href="https://en.wikipedia.org/wiki/Address_space_layout_randomization" rel="nofollow noopener">see wikipedia</a> for more information</li> <li>With a giant patch from Shawn Webb, it might be integrated into a future version (after a vicious review from the security team of course)</li> <li>We might have Shawn on the show to talk about it, but he's also giving a presentation at BSDCan about his work with ASLR ***</li> </ul> <h3><a href="http://blogs.freebsdish.org/portmgr/2014/02/03/time-to-bid-farewell-to-the-old-pkg_-tools/" rel="nofollow noopener">Old-style pkg_ tools retired</a></h3> <ul> <li>At last the old pkg_add tools are being retired in FreeBSD</li> <li><a href="http://www.bsdnow.tv/tutorials/pkgng" rel="nofollow noopener">pkgng</a> is a huge improvement, and now portmgr@ thinks it's time to cut the cord on the legacy toolset</li> <li>Ports aren't going away, and probably never will, but for binary package fans and new users that are used to things like apt, pkgng is the way to go</li> <li>All pkg_ tools will be considered unsupported on September 1, 2014 - even on older branches ***</li> </ul> <h2>Interview - Luke Marsden - <a href="mailto:luke@hybridcluster.com" rel="nofollow noopener">luke@hybridcluster.com</a> / <a href="https://twitter.com/lmarsden" rel="nofollow noopener">@lmarsden</a></h2> <p>BSD at HybridCluster</p> <hr> <h2>Tutorial</h2> <h3><a href="http://www.bsdnow.tv/tutorials/chroot-sftp" rel="nofollow noopener">Filesharing with chrooted SFTP</a></h3> <hr> <h2>News Roundup</h2> <h3><a href="http://pellaeon.github.io/bsd-cloudinit/" rel="nofollow noopener">FreeBSD on OpenStack</a></h3> <ul> <li><a href="https://en.wikipedia.org/wiki/OpenStack" rel="nofollow noopener">OpenStack</a> is a cloud computing project</li> <li>It consists of "a series of interrelated projects that control pools of processing, storage, and networking resources throughout a datacenter, able to be managed or provisioned through a web-based dashboard, command-line tools, or a RESTful API."</li> <li>Until now, there wasn't a good way to run a full BSD instance on OpenStack</li> <li>With a project in the vein of <a href="http://www.bsdnow.tv/episodes/2014_01_22-tendresse_for_ten" rel="nofollow noopener">Colin Percival</a>'s AWS startup scripts, now that's no longer the case! ***</li> </ul> <h3><a href="https://fosdem.org/2014/schedule/track/bsd/" rel="nofollow noopener">FOSDEM BSD videos</a></h3> <ul> <li>This year's FOSDEM had seven BSD presentations</li> <li>The videos are <a href="https://video.fosdem.org/2014/" rel="nofollow noopener">slowly being uploaded</a> for your viewing pleasure</li> <li>Not all of the BSD ones are up yet, but by the time you're watching this they might be!</li> <li>Check <a href="https://video.fosdem.org/2014/AW1121/Saturday/" rel="nofollow noopener">this directory</a> for most of 'em</li> <li>The BSD dev room was full, lots of interest in what's going on from the other communities ***</li> </ul> <h3><a href="http://www.thelinuxcauldron.com/2014/02/05/freebsd-challenge-returns-day-11-30/" rel="nofollow noopener">The FreeBSD challenge finally returns!</a></h3> <ul> <li>Due to prodding from a certain guy of a certain podcast, the "FreeBSD Challenge" series has finally resumed</li> <li>Our friend from the Linux foundation picks up with <a href="http://www.thelinuxcauldron.com/2014/02/05/freebsd-challenge-day-11-30/" rel="nofollow noopener">day 11</a> and <a href="http://www.thelinuxcauldron.com/2014/02/09/freebsd-challenge-day-12-30/" rel="nofollow noopener">day 12</a> on his switching from Linux journey</li> <li>This time he outlines the upgrade process of going from 9 to 10, using freebsd-update</li> <li>There's also some notes about different options for upgrading ports and some extra tips ***</li> </ul> <h3><a href="http://blog.pcbsd.org/2014/02/pc-bsd-weekly-feature-digest-16/" rel="nofollow noopener">PCBSD weekly digest</a></h3> <ul> <li>After the big 10.0 release, the PCBSD crew is focusing on bug fixes for a while</li> <li>During their "fine tuning phase" users are encouraged to submit any and all bugs via the trac system</li> <li>Warden got some fixes and the package manager got some updates as well</li> <li>Huge size reduction in PBI format ***</li> </ul> <h2>Feedback/Questions</h2> <ul> <li><a href="http://slexy.org/view/s21nbJKYmb" rel="nofollow noopener">Derrick writes in</a></li> <li><a href="http://slexy.org/view/s2yhziVsBP" rel="nofollow noopener">Sean writes in</a></li> <li><a href="http://slexy.org/view/s20PuccWbo" rel="nofollow noopener">Patrick writes in</a></li> <li><a href="http://slexy.org/view/s22PL0SbUO" rel="nofollow noopener">Peter writes in</a></li> <li><a href="http://slexy.org/view/s20dkbjuOK" rel="nofollow noopener">Sean writes in</a> *** </li> </ul> freebsd, openbsd, netbsd, dragonflybsd, pcbsd, tutorial, howto, guide, bsd, interview, cluster, cloud, cloud computing, hybridcluster, jails, scaling, virtualization, zfs, big data, provisioning, webhosting, instances, web hosting, chroot, sftp, filesharing, file sharing, shell, linux, switching to bsd, linux user, smp, pkg_add, pkg, pkgng, binary packages, openstack, open stack, httperf, performance, http, vpn, nycbsdcon, nycbug, nyc, conference, convention, talks, presentation, keynote, ssh This week on BSD Now... a wrap-up from NYCBSDCon! We'll also be talking to Luke Marsden, CEO of HybridCluster, about how they use BSD at large. Following that, our tutorial will show you how to securely share files with SFTP in a chroot. The latest news and answers to your questions, of course it's BSD Now - the place to B.. SD.

This episode was brought to you by

iXsystems - Enterprise Servers and Storage For Open Source

Headlines

FreeBSD 10 as a firewall

  • Back in 2012, the author of this site wrote an article stating you should avoid FreeBSD 9 for a firewall and use OpenBSD instead
  • Now, with the release of 10.0, he's apparently changed his mind and switched back over
  • It mentions the SMP version of pf, general performance advantages and more modern features
  • The author is a regular listener of BSD Now, hi Joe! ***

Network Noise Reduction Using Free Tools

  • Really long blog post, based on a BSDCan presentation, about fighting spam with OpenBSD
  • Peter Hansteen, author of the book of PF, goes through how he uses OpenBSD's spamd and other security features to combat spam and malware
  • He goes through his experiences with content filtering and disappointment with a certain proprietary vendor
  • Not totally BSD-specific, lots of people can enjoy the article - lots of virus history as well ***

FreeBSD ASLR patches submitted

  • So far, FreeBSD hasn't had Address Space Layout Randomization
  • ASLR is a nice security feature, see wikipedia for more information
  • With a giant patch from Shawn Webb, it might be integrated into a future version (after a vicious review from the security team of course)
  • We might have Shawn on the show to talk about it, but he's also giving a presentation at BSDCan about his work with ASLR ***

Old-style pkg_ tools retired

  • At last the old pkg_add tools are being retired in FreeBSD
  • pkgng is a huge improvement, and now portmgr@ thinks it's time to cut the cord on the legacy toolset
  • Ports aren't going away, and probably never will, but for binary package fans and new users that are used to things like apt, pkgng is the way to go
  • All pkg_ tools will be considered unsupported on September 1, 2014 - even on older branches ***

Interview - Luke Marsden - luke@hybridcluster.com / @lmarsden

BSD at HybridCluster

Tutorial

Filesharing with chrooted SFTP

News Roundup

FreeBSD on OpenStack

  • OpenStack is a cloud computing project
  • It consists of "a series of interrelated projects that control pools of processing, storage, and networking resources throughout a datacenter, able to be managed or provisioned through a web-based dashboard, command-line tools, or a RESTful API."
  • Until now, there wasn't a good way to run a full BSD instance on OpenStack
  • With a project in the vein of Colin Percival's AWS startup scripts, now that's no longer the case! ***

FOSDEM BSD videos

  • This year's FOSDEM had seven BSD presentations
  • The videos are slowly being uploaded for your viewing pleasure
  • Not all of the BSD ones are up yet, but by the time you're watching this they might be!
  • Check this directory for most of 'em
  • The BSD dev room was full, lots of interest in what's going on from the other communities ***

The FreeBSD challenge finally returns!

  • Due to prodding from a certain guy of a certain podcast, the "FreeBSD Challenge" series has finally resumed
  • Our friend from the Linux foundation picks up with day 11 and day 12 on his switching from Linux journey
  • This time he outlines the upgrade process of going from 9 to 10, using freebsd-update
  • There's also some notes about different options for upgrading ports and some extra tips ***

PCBSD weekly digest

  • After the big 10.0 release, the PCBSD crew is focusing on bug fixes for a while
  • During their "fine tuning phase" users are encouraged to submit any and all bugs via the trac system
  • Warden got some fixes and the package manager got some updates as well
  • Huge size reduction in PBI format ***

Feedback/Questions

]]> This week on BSD Now... a wrap-up from NYCBSDCon! We'll also be talking to Luke Marsden, CEO of HybridCluster, about how they use BSD at large. Following that, our tutorial will show you how to securely share files with SFTP in a chroot. The latest news and answers to your questions, of course it's BSD Now - the place to B.. SD.

This episode was brought to you by

iXsystems - Enterprise Servers and Storage For Open Source

Headlines

FreeBSD 10 as a firewall

  • Back in 2012, the author of this site wrote an article stating you should avoid FreeBSD 9 for a firewall and use OpenBSD instead
  • Now, with the release of 10.0, he's apparently changed his mind and switched back over
  • It mentions the SMP version of pf, general performance advantages and more modern features
  • The author is a regular listener of BSD Now, hi Joe! ***

Network Noise Reduction Using Free Tools

  • Really long blog post, based on a BSDCan presentation, about fighting spam with OpenBSD
  • Peter Hansteen, author of the book of PF, goes through how he uses OpenBSD's spamd and other security features to combat spam and malware
  • He goes through his experiences with content filtering and disappointment with a certain proprietary vendor
  • Not totally BSD-specific, lots of people can enjoy the article - lots of virus history as well ***

FreeBSD ASLR patches submitted

  • So far, FreeBSD hasn't had Address Space Layout Randomization
  • ASLR is a nice security feature, see wikipedia for more information
  • With a giant patch from Shawn Webb, it might be integrated into a future version (after a vicious review from the security team of course)
  • We might have Shawn on the show to talk about it, but he's also giving a presentation at BSDCan about his work with ASLR ***

Old-style pkg_ tools retired

  • At last the old pkg_add tools are being retired in FreeBSD
  • pkgng is a huge improvement, and now portmgr@ thinks it's time to cut the cord on the legacy toolset
  • Ports aren't going away, and probably never will, but for binary package fans and new users that are used to things like apt, pkgng is the way to go
  • All pkg_ tools will be considered unsupported on September 1, 2014 - even on older branches ***

Interview - Luke Marsden - luke@hybridcluster.com / @lmarsden

BSD at HybridCluster

Tutorial

Filesharing with chrooted SFTP

News Roundup

FreeBSD on OpenStack

  • OpenStack is a cloud computing project
  • It consists of "a series of interrelated projects that control pools of processing, storage, and networking resources throughout a datacenter, able to be managed or provisioned through a web-based dashboard, command-line tools, or a RESTful API."
  • Until now, there wasn't a good way to run a full BSD instance on OpenStack
  • With a project in the vein of Colin Percival's AWS startup scripts, now that's no longer the case! ***

FOSDEM BSD videos

  • This year's FOSDEM had seven BSD presentations
  • The videos are slowly being uploaded for your viewing pleasure
  • Not all of the BSD ones are up yet, but by the time you're watching this they might be!
  • Check this directory for most of 'em
  • The BSD dev room was full, lots of interest in what's going on from the other communities ***

The FreeBSD challenge finally returns!

  • Due to prodding from a certain guy of a certain podcast, the "FreeBSD Challenge" series has finally resumed
  • Our friend from the Linux foundation picks up with day 11 and day 12 on his switching from Linux journey
  • This time he outlines the upgrade process of going from 9 to 10, using freebsd-update
  • There's also some notes about different options for upgrading ports and some extra tips ***

PCBSD weekly digest

  • After the big 10.0 release, the PCBSD crew is focusing on bug fixes for a while
  • During their "fine tuning phase" users are encouraged to submit any and all bugs via the trac system
  • Warden got some fixes and the package manager got some updates as well
  • Huge size reduction in PBI format ***

Feedback/Questions

]]>