November 13, 2013

11: The Gateway Drug

1 hour 49 minutes

This time on the show, we sit down to chat with Justin Sherrill of the DragonflyBSD project about their new 3.6 release. Later on, we'll be showing you a huge tutorial that's been baking for over a month - how to build an OpenBSD router that'll destroy any consumer router on the market! There's lots of news to get caught up on as well, so sit back and enjoy some BSD Now - the place to B.. SD.

Headlines

OpenSSH 6.4 released

Security fixes in OpenSSH don't happen very often

6.4 fixes a memory corruption problem, no new features

If exploited, this vulnerability might permit code execution with the privileges of the authenticated user and may therefore allow bypassing restricted shell/command configurations.

Disabling AES-GCM in the server configuration is a workaround

Only affects 6.2 and 6.3 if compiled against a newer OpenSSL (so FreeBSD 9's base OpenSSL is unaffected, for example)

Full details here

***

Getting to know your portmgr-lurkers

Next entry in portmgr interview series

This time they chat with Mathieu Arnold, one of the portmgr-lurkers we mentioned previously

Lots of questions ranging from why he uses BSD to what he had for breakfast

Another one was since released, with Antoine Brodin aka antoine@

***

FUSE in OpenBSD

As we glossed over last week, FUSE was recently added to OpenBSD

Now the guys from the OpenBSD Journal have tracked down more information

This version is released under an ISC license

Should be in OpenBSD 5.5, released a little less than 6 months from now

Will finally enable things like SSHFS to work in OpenBSD

***

Automated submission of kernel panic reports

New tool from Colin Percival

Saves information about kernel panics and emails it to FreeBSD

Lets you review before sending so you can edit out any private info

Automatically encrypted before being sent

FreeBSD never kernel panics so this won't get much use

***

Interview - Justin Sherrill - [email protected] / @dragonflybsd

DragonflyBSD 3.6 and the Dragonfly Digest

Tutorial

Building an OpenBSD Router

News Roundup

BSD router project 1.5 released

Nice timing for our router tutorial; TBRP is a FreeBSD distribution for installing on a router

It's an alternative to pfSense, but not nearly as well known or popular

New version is based on 9.2-RELEASE, includes lots of general updates and bugfixes

Fits on a 256MB Compact Flash/USB drive

***

Curve25519 now default key exchange

We mentioned in an earlier episode about a patch for curve25519

Now it's become the default for key exchange

Will probably make its way into OpenSSH 6.5, would've been in 6.4 if we didn't have that security vulnerability

It's interesting to see all these big changes in cryptography in OpenBSD lately

***

FreeBSD kernel selection in boot menu

Adds a kernel selection menu to the beastie menu

List of kernels is taken from 'kernels' in loader.conf as a space or comma separated list of names to display (up to 9)

From our good buddy Devin Teske

***

PCBSD weekly digest

PCDM has officially replaced GDM as the default login manager

New ISO build scripts (we got a sneak preview last week)

Lots of bug fixes

Second set of 10-STABLE ISOs available with new artwork and much more

***

Theo de Raadt speaking at MUUG

Theo will be speaking at Manitoba UNIX User Group in Winnipeg

On Friday, Nov 15, 2013 at 5:30PM (see show notes for the address)

If you're watching the show live you have time to make plans, if you're watching the downloaded version it might be happening right now!

No agenda, but expect some OpenBSD discussion

***

Feedback/Questions

Dave writes in

James writes in

Allen writes in

Chess writes in

Frank writes in

***

...more

View all episodes

By JT Pennington

4.8

9191 ratings

November 13, 2013

11: The Gateway Drug

1 hour 49 minutes

Headlines

OpenSSH 6.4 released

Security fixes in OpenSSH don't happen very often

6.4 fixes a memory corruption problem, no new features

If exploited, this vulnerability might permit code execution with the privileges of the authenticated user and may therefore allow bypassing restricted shell/command configurations.

Disabling AES-GCM in the server configuration is a workaround

Only affects 6.2 and 6.3 if compiled against a newer OpenSSL (so FreeBSD 9's base OpenSSL is unaffected, for example)

Full details here

***

Getting to know your portmgr-lurkers

Next entry in portmgr interview series

This time they chat with Mathieu Arnold, one of the portmgr-lurkers we mentioned previously

Lots of questions ranging from why he uses BSD to what he had for breakfast

Another one was since released, with Antoine Brodin aka antoine@

***

FUSE in OpenBSD

As we glossed over last week, FUSE was recently added to OpenBSD

Now the guys from the OpenBSD Journal have tracked down more information

This version is released under an ISC license

Should be in OpenBSD 5.5, released a little less than 6 months from now

Will finally enable things like SSHFS to work in OpenBSD

***

Automated submission of kernel panic reports

New tool from Colin Percival

Saves information about kernel panics and emails it to FreeBSD

Lets you review before sending so you can edit out any private info

Automatically encrypted before being sent

FreeBSD never kernel panics so this won't get much use

***

Interview - Justin Sherrill - [email protected] / @dragonflybsd

DragonflyBSD 3.6 and the Dragonfly Digest

Tutorial

Building an OpenBSD Router

News Roundup

BSD router project 1.5 released

Nice timing for our router tutorial; TBRP is a FreeBSD distribution for installing on a router

It's an alternative to pfSense, but not nearly as well known or popular

New version is based on 9.2-RELEASE, includes lots of general updates and bugfixes

Fits on a 256MB Compact Flash/USB drive

***

Curve25519 now default key exchange

We mentioned in an earlier episode about a patch for curve25519

Now it's become the default for key exchange

Will probably make its way into OpenSSH 6.5, would've been in 6.4 if we didn't have that security vulnerability

It's interesting to see all these big changes in cryptography in OpenBSD lately

***

FreeBSD kernel selection in boot menu

Adds a kernel selection menu to the beastie menu

List of kernels is taken from 'kernels' in loader.conf as a space or comma separated list of names to display (up to 9)

From our good buddy Devin Teske

***

PCBSD weekly digest

PCDM has officially replaced GDM as the default login manager

New ISO build scripts (we got a sneak preview last week)

Lots of bug fixes

Second set of 10-STABLE ISOs available with new artwork and much more

***

Theo de Raadt speaking at MUUG

Theo will be speaking at Manitoba UNIX User Group in Winnipeg

On Friday, Nov 15, 2013 at 5:30PM (see show notes for the address)

If you're watching the show live you have time to make plans, if you're watching the downloaded version it might be happening right now!

No agenda, but expect some OpenBSD discussion

***

Feedback/Questions

Dave writes in

James writes in

Allen writes in

Chess writes in

Frank writes in

***

...more

More shows like BSD Now

View all

The Changelog: Software Development, Open Source

289 Listeners

Security Now (Audio)

2,006 Listeners

MacBreak Weekly (Audio)

2,012 Listeners

Accidental Tech Podcast

2,141 Listeners

LINUX Unplugged

273 Listeners

Risky Business

374 Listeners

Late Night Linux

167 Listeners

Darknet Diaries

8,107 Listeners

Behind the Bastards

15,647 Listeners

Linux Dev Time

22 Listeners

2.5 Admins

97 Listeners

Linux After Dark

29 Listeners

This Day in AI Podcast

228 Listeners

Linux Matters

22 Listeners

Better Offline

599 Listeners

Share 11: The Gateway Drug

Sign up to save your podcasts

11: The Gateway Drug

11: The Gateway Drug

More shows like BSD Now

The Changelog: Software Development, Open Source

Security Now (Audio)

MacBreak Weekly (Audio)

Accidental Tech Podcast

LINUX Unplugged

Risky Business

Late Night Linux

Darknet Diaries

Behind the Bastards

Linux Dev Time

2.5 Admins

Linux After Dark

This Day in AI Podcast

Linux Matters

Better Offline