24: The Cluster & The Cloud

JT Pennington — Wed, 12 Feb 2014 08:00:00 -0500

This week on BSD Now... a wrap-up from NYCBSDCon! We'll also be talking to Luke Marsden, CEO of HybridCluster, about how they use BSD at large. Following that, our tutorial will show you how to securely share files with SFTP in a chroot. The latest news and answers to your questions, of course it's BSD Now - the place to B.. SD.

This episode was brought to you by

Headlines

FreeBSD 10 as a firewall

Back in 2012, the author of this site wrote an article stating you should avoid FreeBSD 9 for a firewall and use OpenBSD instead
Now, with the release of 10.0, he's apparently changed his mind and switched back over
It mentions the SMP version of pf, general performance advantages and more modern features
The author is a regular listener of BSD Now, hi Joe! ***

Network Noise Reduction Using Free Tools

Really long blog post, based on a BSDCan presentation, about fighting spam with OpenBSD
Peter Hansteen, author of the book of PF, goes through how he uses OpenBSD's spamd and other security features to combat spam and malware
He goes through his experiences with content filtering and disappointment with a certain proprietary vendor
Not totally BSD-specific, lots of people can enjoy the article - lots of virus history as well ***

FreeBSD ASLR patches submitted

So far, FreeBSD hasn't had Address Space Layout Randomization
ASLR is a nice security feature, see wikipedia for more information
With a giant patch from Shawn Webb, it might be integrated into a future version (after a vicious review from the security team of course)
We might have Shawn on the show to talk about it, but he's also giving a presentation at BSDCan about his work with ASLR ***

Old-style pkg_ tools retired

At last the old pkg_add tools are being retired in FreeBSD
pkgng is a huge improvement, and now portmgr@ thinks it's time to cut the cord on the legacy toolset
Ports aren't going away, and probably never will, but for binary package fans and new users that are used to things like apt, pkgng is the way to go
All pkg_ tools will be considered unsupported on September 1, 2014 - even on older branches ***

Interview - Luke Marsden - luke@hybridcluster.com / @lmarsden

BSD at HybridCluster

Tutorial

Filesharing with chrooted SFTP

News Roundup

FreeBSD on OpenStack

OpenStack is a cloud computing project
It consists of "a series of interrelated projects that control pools of processing, storage, and networking resources throughout a datacenter, able to be managed or provisioned through a web-based dashboard, command-line tools, or a RESTful API."
Until now, there wasn't a good way to run a full BSD instance on OpenStack
With a project in the vein of Colin Percival's AWS startup scripts, now that's no longer the case! ***

FOSDEM BSD videos

This year's FOSDEM had seven BSD presentations
The videos are slowly being uploaded for your viewing pleasure
Not all of the BSD ones are up yet, but by the time you're watching this they might be!
Check this directory for most of 'em
The BSD dev room was full, lots of interest in what's going on from the other communities ***

The FreeBSD challenge finally returns!

Due to prodding from a certain guy of a certain podcast, the "FreeBSD Challenge" series has finally resumed
Our friend from the Linux foundation picks up with day 11 and day 12 on his switching from Linux journey
This time he outlines the upgrade process of going from 9 to 10, using freebsd-update
There's also some notes about different options for upgrading ports and some extra tips ***

PCBSD weekly digest

After the big 10.0 release, the PCBSD crew is focusing on bug fixes for a while
During their "fine tuning phase" users are encouraged to submit any and all bugs via the trac system
Warden got some fixes and the package manager got some updates as well
Huge size reduction in PBI format ***

Feedback/Questions

16: Cryptocrystalline

JT Pennington — Wed, 18 Dec 2013 08:00:00 -0500

This time on the show, we'll be showing you how to do a fully-encrypted installation of FreeBSD and OpenBSD. We also have an interview with Damien Miller - one of the lead developers of OpenSSH - about some recent crypto changes in the project. If you're into data security, today's the show for you. The latest news and all your burning questions answered, right here on BSD Now - the place to B.. SD.

This episode was brought to you by

Headlines

Secure communications with OpenBSD and OpenVPN

Starting off today's theme of encryption...
A new blog series about combining OpenBSD and OpenVPN to secure your internet traffic
Part 1 covers installing OpenBSD with full disk encryption (which we'll be doing later on in the show)
Part 2 covers the initial setup of OpenVPN certificates and keys
Parts 3 and 4 are the OpenVPN server and client configuration
Part 5 is some updates and closing remarks ***

FreeBSD Foundation Newsletter

The December 2013 semi-annual newsletter was sent out from the foundation
In the newsletter you will find the president's letter, articles on the current development projects they sponsor and reports from all the conferences and summits they sponsored
The president's letter alone is worth the read, really amazing
Really long, with lots of details and stories from the conferences and projects ***

Use of NetBSD with Marvell Kirkwood Processors

Article that gives a brief history of NetBSD and how to use it on an IP-Plug computer
The IP-Plug is a "multi-functional mini-server was developed by Promwad engineers by the order of AK-Systems. It is designed for solving a wide range of tasks in IP networks and can perform the functions of a computer or a server. The IP-Plug is powered from a 220V network and has low power consumption, as well as a small size (which can be compared to the size of a mobile phone charger)."
Really cool little NetBSD ARM project with lots of graphs, pictures and details ***

Experimenting with zero-copy network IO

Long blog post from Adrian Chadd about zero-copy network IO on FreeBSD
Discusses the different OS' implementations and options
He's able to get 35 gbit/sec out of 70,000 active TCP sockets, but isn't stopping there
Tons of details, check the full post ***

Interview - Damien Miller - djm@openbsd.org / @damienmiller

Cryptography in OpenBSD and OpenSSH

Tutorial

Full disk encryption in FreeBSD & OpenBSD

News Roundup

OpenZFS office hours

Our buddy George Wilson sat down to take some ZFS questions from the community
You can see more info about it here ***

License summaries in pkgng

A discussion between Justin Sherill and some NYCBUG guys about license frameworks in pkgng
Similar to pkgsrc's "ACCEPTABLE_LICENSES" setting, pkgng could let the user decide which software licenses he wants to allow
Maybe we could get a "pkg licenses" command to display the license of all installed packages
Ok bapt, do it ***

The FreeBSD challenge continues

Checking in with our buddy from the Linux foundation...
The switching from Linux to FreeBSD blog series continues for his month-long trial
Follow up from last week: "As a matter of fact, I did check out PC-BSD, and wanted the challenge. Call me addicted to pain and suffering, but the pride and accomplishment you feel from diving into FreeBSD is quite rewarding."
Since we last mentioned it, he's decided to go from a VM to real hardware, got all of his common software installed, experimented with the Linux emulation, set up virtualbox, learned about slices/partitions/disk management, found BSD alternatives to his regularly-used commands and lots more ***

Ports gets a stable branch

For the first time ever, FreeBSD's ports tree will have a maintained "stable" branch
This is similar to how pkgsrc does things, with a rolling release for updated software and stable branch for only security and big fixes
All commits to this branch require approval of portmgr, looks like it'll start in 2014Q1 ***

BSD Now - Episodes Tagged with “Sftp”

24: The Cluster & The Cloud

This episode was brought to you by

Headlines

Interview - Luke Marsden - luke@hybridcluster.com / @lmarsden

Tutorial

News Roundup

Feedback/Questions

16: Cryptocrystalline

This episode was brought to you by

Headlines

Interview - Damien Miller - djm@openbsd.org / @damienmiller

Tutorial

News Roundup

Feedback/Questions