March 19, 2014

29: P.E.F.S.

1 hour 54 minutes

We're back from AsiaBSDCon! This week we'll be chatting with Gleb Kurtsou about some a filesystem-level encryption utility called PEFS. After that, we'll give you a step by step guide on how to actually use it. There's also the usual round of your questions and we've got a lot of news to catch up on, so stay tuned to BSD Now - the place to B.. SD.

This episode was brought to you by

Headlines

Using OpenSSH Certificate Authentication

SSH has a not-so-often-talked-about authentication option in addition to passwords and keys: certificates - you can add certificates to any current authentication method you're using

They're not really that complex, there just isn't a lot of documentation on how to use them - this post tries to solve that

There's the benefit of not needing a known_hosts file or authorized_users file anymore

The post goes into a fair amount of detail about the differences, advantages and implications of using certificates for authentication

***

Back to FreeBSD, a new series

Similar to the "FreeBSD Challenge" blog series, one of our listeners will be writing about his switching BACK to FreeBSD journey

"So, a long time ago, I had a box which was running FreeBSD 4, running on a Pentium. 14 years later, I have decided to get back into FreeBSD, now at FreeBSD 10"

He's starting off with PCBSD since it's easy to get working with dual graphics

Should be a fun series to follow!

***

OpenBSD's recent experiments in package building

If you'll remember back to our poudriere tutorial, it lets you build FreeBSD binary packages in bulk - OpenBSD's version is called dpb

Marc Espie recently got some monster machines in russia to play with to help improve scaling of dpb on high end hardware

This article goes through some of his findings and plans for future versions that increase performance

We'll be showing a tutorial of dpb on the show in a few weeks

***

Securing FreeBSD with 2FA

So maybe you've set up two-factor authentication with gmail or twitter, but have you done it with your BSD box?

This post walks us through the process of locking down an ssh server with 2FA

With just a mobile phone and a few extra tools, you can enable two-factor auth on your BSD box and have just that little extra bit of protections

***

Interview - Gleb Kurtsou - [email protected]

PEFS (security audit results here)

Tutorial

Filesystem-based encryption with PEFS

News Roundup

BSDCan 2014 registration

Registration is finally open!

The prices are available along with a full list of presentations

Tutorial sessions for various topics as well

You have to go

***

Big changes for OpenBSD 5.6

Although 5.5 was just frozen and the release process has started, 5.6 is already looking promising

OpenBSD has, for a long time, included a heavily-patched version of Apache based on 1.3

They've also imported nginx into base a few years ago, but now have finally removed Apache

Sendmail is also no longer the default MTA, OpenSMTPD is the new default

Will BIND be removed next? Maybe so

They've also discontinued the hp300, mvme68k and mvme88k ports

***

Getting to know your portmgr lurkers

The "getting to know your portmgr" series makes its return

This time we get to talk with danfe@ (probably most known for being the nVidia driver maintainer, but he does a lot with ports)

How he got into FreeBSD? He "wanted a unix system that I could understand and that would not get bloated as time goes by"

Mentions why he's still heavily involved with the project and lots more

***

PCBSD weekly digest

Work has started to port Pulseaudio to PCBSD 10.0.1

There's a new "pc-mixer" utility being worked on for sound management as well

New PBIs, GNOME/Mate updates, Life Preserver fixes and a lot more

PCBSD 10.0.1 was released too

***

Feedback/Questions

Alex writes in

Ben writes in

Nick writes in

Sami writes in

Christopher writes in

***

...more

View all episodes

By JT Pennington

4.8

9191 ratings

March 19, 2014

29: P.E.F.S.

1 hour 54 minutes

This episode was brought to you by

Headlines

Using OpenSSH Certificate Authentication

SSH has a not-so-often-talked-about authentication option in addition to passwords and keys: certificates - you can add certificates to any current authentication method you're using

They're not really that complex, there just isn't a lot of documentation on how to use them - this post tries to solve that

There's the benefit of not needing a known_hosts file or authorized_users file anymore

The post goes into a fair amount of detail about the differences, advantages and implications of using certificates for authentication

***

Back to FreeBSD, a new series

Similar to the "FreeBSD Challenge" blog series, one of our listeners will be writing about his switching BACK to FreeBSD journey

"So, a long time ago, I had a box which was running FreeBSD 4, running on a Pentium. 14 years later, I have decided to get back into FreeBSD, now at FreeBSD 10"

He's starting off with PCBSD since it's easy to get working with dual graphics

Should be a fun series to follow!

***

OpenBSD's recent experiments in package building

If you'll remember back to our poudriere tutorial, it lets you build FreeBSD binary packages in bulk - OpenBSD's version is called dpb

Marc Espie recently got some monster machines in russia to play with to help improve scaling of dpb on high end hardware

This article goes through some of his findings and plans for future versions that increase performance

We'll be showing a tutorial of dpb on the show in a few weeks

***

Securing FreeBSD with 2FA

So maybe you've set up two-factor authentication with gmail or twitter, but have you done it with your BSD box?

This post walks us through the process of locking down an ssh server with 2FA

With just a mobile phone and a few extra tools, you can enable two-factor auth on your BSD box and have just that little extra bit of protections

***

Interview - Gleb Kurtsou - [email protected]

PEFS (security audit results here)

Tutorial

Filesystem-based encryption with PEFS

News Roundup

BSDCan 2014 registration

Registration is finally open!

The prices are available along with a full list of presentations

Tutorial sessions for various topics as well

You have to go

***

Big changes for OpenBSD 5.6

Although 5.5 was just frozen and the release process has started, 5.6 is already looking promising

OpenBSD has, for a long time, included a heavily-patched version of Apache based on 1.3

They've also imported nginx into base a few years ago, but now have finally removed Apache

Sendmail is also no longer the default MTA, OpenSMTPD is the new default

Will BIND be removed next? Maybe so

They've also discontinued the hp300, mvme68k and mvme88k ports

***

Getting to know your portmgr lurkers

The "getting to know your portmgr" series makes its return

This time we get to talk with danfe@ (probably most known for being the nVidia driver maintainer, but he does a lot with ports)

How he got into FreeBSD? He "wanted a unix system that I could understand and that would not get bloated as time goes by"

Mentions why he's still heavily involved with the project and lots more

***

PCBSD weekly digest

Work has started to port Pulseaudio to PCBSD 10.0.1

There's a new "pc-mixer" utility being worked on for sound management as well

New PBIs, GNOME/Mate updates, Life Preserver fixes and a lot more

PCBSD 10.0.1 was released too

***

Feedback/Questions

Alex writes in

Ben writes in

Nick writes in

Sami writes in

Christopher writes in

***

...more

More shows like BSD Now

View all

Software Engineering Radio - the podcast for professional software developers

272 Listeners

The Changelog: Software Development, Open Source

290 Listeners

Security Now (Audio)

2,009 Listeners

LINUX Unplugged

268 Listeners

Talk Python To Me

584 Listeners

Late Night Linux

164 Listeners

Destination Linux

91 Listeners

Home Assistant Podcast

70 Listeners

CoRecursive: Coding Stories

189 Listeners

Late Night Linux Family All Episodes

46 Listeners

Linux Dev Time

22 Listeners

2.5 Admins

98 Listeners

Linux After Dark

29 Listeners

Oxide and Friends

66 Listeners

Linux Matters

22 Listeners

Share 29: P.E.F.S.

Sign up to save your podcasts

29: P.E.F.S.

29: P.E.F.S.

More shows like BSD Now

Software Engineering Radio - the podcast for professional software developers

The Changelog: Software Development, Open Source

Security Now (Audio)

LINUX Unplugged

Talk Python To Me

Late Night Linux

Destination Linux

Home Assistant Podcast

CoRecursive: Coding Stories

Late Night Linux Family All Episodes

Linux Dev Time

2.5 Admins

Linux After Dark

Oxide and Friends

Linux Matters