Switching To Bsd

5 minute read


A lot has changed on my systems in the past week or two. I’ve temporarily stopped looking for a 64bit operating system on my desktop and have been concentrating on re-doing my server and laptop.


The server was on Debian, and has been that way for a few years. I was very happy with it but decided it was time to learn a new OS. From my 64bit Linux search I realized that I prefer Debian over all other distros, so instead of going Linux again I went BSD. Not just any BSD either. I Chooses OpenBSD 3.5 which is concidered to be the most secure operating system around. While OpenBSD feels even more manual to setup than Debian I find it a much cleaner system so far. There are not as many packages as Debian (which is common) so I had to learn a different (in the end smaller and simpler) way to setup my printers. On Debian I had a Samba/CUPS setup. On OpenBSD I have gone with aspfilter, ghostscript, and the lpd. After install unix printing on Windows XP I can print from every computer I want.

Once I got the basics down like disabling unused services in inetd.conf, setting up firewalling in pf.conf and rc.conf, turning on named on the local interface in rc.conf and seting up nat in sysctl.conf I was almost ready to go. I install some essential programs like wget, nmap, unzip, vim, screen and bash which I can’t seem to live without. SSH was configured with some of my more common tweaks - disabling remote root logons for one. I installed the ddclient for my dyndns hostname and setup a very minimal tightvnc/fluxbox implementation.

Squid initially installed as a package but had to be reinstalled out of ports so I could use the ncsa_auth that I have been using on Debian for a while now. Additionally I installed stunnel to make my over-the-net usage of squid much more secure, but that has yet to be implemented. I also need to get sarg back on the system, which doesn’t seem to be a package.

The webserver is just about done, with one minor flaw. I temporarily have disabled the very secure chroot enviornment. That is about the only thing I have done, so far, to make OpenBSD less-secure. Everything else, up until this point has been to improve security. I hope to get things running right in the next few weeks. What is running correctly now, however, is a very nice movabletype installation which I have heavily modified. The site is far from done, but it looks close to how I want it, and is very functional. I have also integrated bbclone into movabletype to track who accesses my pages, which of course prompted me to install php4. I never run a webserver without putting on phpsysinfo, so thats been installed as well.

I have updated from the RELEASE to STABLE, and have synced my ports tree to STABLE, but I can’t say I’m 100% sure I’ve got the process down, it will probably take me a few more updates to find confidence in doing it.

Among the todos I have already mentioned I still need to setup dhcpd and do some more general clean up. Many of my installed applications don’t start automatically on boot, which is not a major issue, but it would be nice if they did, especially for things like ddclient and squid.


Since my laptop hasn’t gotten much use lately I decided to shrink up the hard drive with Partition Magic and drop in some new operating systems. Windows XP Home is the primary os, and will stay that way, since its my backup-school computer. I’ve made enough for at least 2, maybe 3 more operating systems depending on how I partition. Since OpenBSD is on the server I decided to try FreeBSD on the Laptop. The install went great, but the next day I had to install again - FreeBSD 4.10 came out, go figure. :-) FreeBSD is what I am going to use primarily on the laptop for fun, so I can learn more. However I am probably going to try another Linux distro or two so I can get some more experience.

So far FreeBSD is working well, I have my orinoco wireless card configured so that it picks up the access point and ip address on boot, which is better than I could do last time I tried FreeBSD believe it or not.

Finally, I did try to install Solaris 9 on the laptop, and the install failed. I haven’t figured out exactly why, but I’d like to see if its any better than Linux/BSD. I’ve since tried to install it on my AMD64 which failed, and on another desktop which got the farthest, but failed. When I have some time I’ll be finishing that mess.

As you can probably deduce, I have spent more time on my server than laptop or desktop, which is the norm around here. Maybe I’ll force myself to work on my neglected machines. We’ll see.

As an Amazon Associate I earn from qualifying purchases.