BSD Now

By JT Pennington

Created by three guys who love BSD, we cover the latest news and have an extensive series of tutorials, as well as interviews with various people from all areas of the BSD community. It also serves as... more

4.9

8989 ratings

Download on the App Store

Download on the App Store

Get it on Google Play

FAQs about BSD Now:

How many episodes does BSD Now have?

The podcast currently has 634 episodes available.

BSD Now episodes:

July 16, 201446: Network Iodometry
We're back, and this week we'll be showing you how to tunnel out of a restrictive network using only DNS queries. We also sat down with Bryan Drewery, from the FreeBSD portmgr team, to talk all about their building cluster and some recent changes. All the latest news and answers to your emails, on BSD Now - the place to B.. SD.
This episode was brought to you by
Headlines
EuroBSDCon 2014 registration open
September is getting closer, and that means it's time for EuroBSDCon - held in Bulgaria this year
Registration is finally open to the public, with prices for businesses ($287), individuals ($217) and students ($82) for the main conference until August 18th
Tutorials, sessions, dev summits and everything else all have their own pricing as well
Registering between August 18th - September 12th will cost more for everything
You can register online here and check hotels in the area
The FreeBSD foundation is also accepting applications for travel grants
***
OpenBSD SMP PF update
A couple weeks ago we talked about how DragonflyBSD updated their PF to be multithreaded
With them joining the SMP ranks along with FreeBSD, a lot of users have been asking about when OpenBSD is going to make the jump
In a recent mailing list thread, Henning Brauer addresses some of the concerns
The short version is that too many things in OpenBSD are currently single-threaded for it to matter - just reworking PF by itself would be useless
He also says PF on OpenBSD is over four times faster than FreeBSD's old version, presumably due to those extra years of development it's gone through
There's also been even more recent concern about the uncertain future of FreeBSD's PF, being mostly unmaintained since their SMP patches
We reached out to four developers (over week ago) about coming on the show to talk about OpenBSD network performance and SMP, but they all ignored us
***
Introduction to NetBSD pkgsrc
An article from one of our listeners about how to create a new pkgsrc port or fix one that you need
The post starts off with how to get the pkgsrc tree, shows how to get the developer tools and finally goes through the Makefile format
It also lists all the different bmake targets and their functions in relation to the porting process
Finally, the post details the whole process of creating a new port
***
FreeBSD 9.3-RELEASE
After three RCs, FreeBSD 9.3 was scheduled to be finalized and announced today but actually came out yesterday
The full list of changes is available, but it's mostly a smaller maintenance release
Lots of driver updates, ZFS issues fixed, hardware RNGs are entirely disabled by default, netmap framework updates, read-only ext4 support was added, the vt driver was merged from -CURRENT, new hardware support (including radeon KMS), various userland tools got new features, OpenSSL and OpenSSH were updated... and much more
If you haven't jumped to the 10.x branch yet (and there are a lot of people who haven't!) this is a worthwhile upgrade - 9.2-RELEASE will reach EOL soon
Good news, this will be the first release with PGP-signed checksums on the FTP mirrors - a very welcome change
With that out of the way, the 10.1-RELEASE schedule was posted
***
Interview - Bryan Drewery - [email protected] / @bdrewery
The FreeBSD package building cluster, pkgng, ports, various topics
Tutorial
Tunneling traffic through DNS
News Roundup
SSH two-factor authentication on FreeBSD
We've previously mentioned stories on how to do two-factor authentication with a Yubikey or via a third party website
This blog post tells you how to do exactly that, but with your Google account and the pam_google_authenticator port
Using this setup, every user that logs in with a password will have an extra requirement before they can gain access - but users with public keys can login normally
It's a really, really simple process once you have the port installed - full details on the page
***
Ditch tape backup in favor of FreeNAS
The author of this post shares some of his horrible experiences with tape backups for a client
Having constant, daily errors and failed backups, he needed to find another solution
With 1TB of backups, tapes just weren't a good option anymore - so he switched to FreeNAS (after also ruling out a pre-built NAS)
The rest of the article details his experiences with it and tells about his setup
***
NetBSD vs FreeBSD, desktop experiences
A NetBSD and pkgsrc developer details his experiences running NetBSD on a workstation at his job
Becoming more and more disappointed with graphics performance, he finally decides to give FreeBSD 10 a try - especially since it has a native nVidia driver
"Running on VAX, PlayStation 2 and Amiga is fun, but I’ll tell you a little secret: nobody cares anymore about VAX, PlayStation 2 and Amiga."
He's become pretty satisfied with FreeBSD, a modern choice for a 2014 desktop system
***
PCBSD not-so-weekly digest
Speaking of choices for a desktop system, it's the return of the PCBSD digest!
Warden and PBI_add have gotten some interesting new features
You can now create jails "on the fly" when adding a new PBI to your application library
Bulk jail creation is also possible now, and it's really easy
New Jenkins integration, with public access to poudriere logs as well
PkgNG 1.3.0.rc2 testing for EDGE users
***
Feedback/Questions
Jeff writes in - Sending Encrypted Backups over SSH + Sending ZFS snapshots via user
Bruce writes in
Richard writes in
Jeff writes in - NYCBUG dmesg list
Steve writes in
***
...more
1h 46min
July 09, 2014 45: ZFS War Stories
This week Allan is at BSDCam in the UK, so we'll be back with a regular episode next week. For now though, here's an interview with Josh Paetzel about some crazy experiences he's had with ZFS.
This episode was brought to you by
Interview - Josh Paetzel - [email protected] / @bsdunix4ever
Crazy ZFS stories, network protocols, server hardware
...more
47min
July 02, 201444: Base ISO 100
This time on the show, we'll be sitting down to talk with Craig Rodrigues about Jenkins and the FreeBSD testing infrastructure. Following that, we'll show you how to roll your own OpenBSD ISOs with all the patches already applied... ISO can't wait! This week's news and answers to all your emails, on BSD Now - the place to B.. SD.
This episode was brought to you by
Headlines
pfSense 2.1.4 released
The pfSense team has released 2.1.4, shortly after 2.1.3 - it's mainly a security release
Included within are eight security fixes, most of which are pfSense-specific
OpenSSL, the WebUI and some packages all need to be patched (and there are instructions on how to do so)
It also includes a large number of various other bug fixes
Update all your routers!
***
DragonflyBSD's pf gets SMP
While we're on the topic of pf...
Dragonfly patches their old[er than even FreeBSD's] pf to support multithreading in many areas
Stemming from a user's complaint, Matthew Dillon did his own work on pf to make it SMP-aware
Altering your configuration's ruleset can also help speed things up, he found
When will OpenBSD, the source of pf, finally do the same?
***
ChaCha usage and deployment
A while back, we talked to djm about some cryptography changes in OpenBSD 5.5 and OpenSSH 6.5
This article is sort of an interesting follow-up to that, showing which projects have adopted ChaCha20
OpenSSH offers it as a stream cipher now, OpenBSD uses it for it's random number generator, Google offers it in TLS for Chromium and some of their services and lots of other projects seem to be adopting it
Both Google's fork of OpenSSL and LibReSSL have upcoming implementations, while vanilla OpenSSL does not
Unfortunately, this article has one mistake: FreeBSD does not use it - they still use the broken RC4 algorithm
***
BSDMag June 2014 issue
The monthly online BSD magazine releases their newest issue
This one includes the following articles: TLS hardening, setting up a package cluster in MidnightBSD, more GIMP tutorials, "saving time and headaches using the robot framework for testing," an interview and an article about the increasing number of security vulnerabilities
The free pdf file is available for download as always
***
Interview - Craig Rodrigues - [email protected]
FreeBSD's continuous testing infrastructure
Tutorial
Creating pre-patched OpenBSD ISOs
News Roundup
Preauthenticated decryption considered harmful
Responding to a post from Adam Langley, Ted Unangst talks a little more about how signify and pkg_add handle signatures
In the past, the OpenBSD installer would pipe the output of ftp straight to tar, but then verify the SHA256 at the end - this had the advantage of not requiring any extra disk space, but raised some security concerns
With signify, now everything is fully downloaded and verified before tar is even invoked
The pkg_add utility works a little bit differently, but it's also been improved in this area - details in the post
Be sure to also read the original post from Adam, lots of good information
***
FreeBSD 9.3-RC2 is out
As the -RELEASE inches closer, release candidate 2 is out and ready for testing
Since the last one, it's got some fixes for NIC drivers, the latest file and libmagic security fixes, some serial port workarounds and various other small things
The updated bsdconfig will use pkgng style packages now too
A lesser known fact: there are also premade virtual machine images you can use too
***
pkgsrcCon 2014 wrap-up
In what may be the first real pkgsrcCon article we've ever had!
Includes wrap-up discussion about the event, the talks, the speakers themselves, what they use pkgsrc for, the hackathon and basically the whole event
Unfortunately no recordings to be found...
***
PostgreSQL FreeBSD performance and scalability
FreeBSD developer kib@ writes a report on PostgreSQL on FreeBSD, and how it scales
On his monster 40-core box with 1TB of RAM, he runs lots of benchmarks and posts the findings
Lots of technical details if you're interested in getting the best performance out of your hardware
It also includes specific kernel options he used and the rest of the configuration
If you don't want to open the pdf file, you can use this link too
***
Feedback/Questions
James writes in
Klemen writes in
John writes in
Brad writes in
Adam writes in
***
...more
1h 46min
June 25, 201443: Package Design
It's a big show this week! We'll be interviewing Marc Espie about OpenBSD's package system and build cluster. Also, we've been asked many times "how do I keep my BSD box up to date?" Well, today's tutorial should finally answer that. Answers to all your emails and this week's headlines, on BSD Now - the place to B.. SD.
This episode was brought to you by
Headlines
EuroBSDCon 2014 talks and schedule
The talks and schedules for EuroBSDCon 2014 are finally revealed
The opening keynote is called "FreeBSD, looking forward to another 10 years" by jkh
Lots of talks spanning FreeBSD, OpenBSD and PCBSD, and we finally have a few about NetBSD and DragonflyBSD too! Variety is great
It looks like Theo even has a talk, but the title isn't on the page... how mysterious
There are also days dedicated to some really interesting tutorials
Register now, the conference is on September 25-28th in Bulgaria
If you see Allan and Kris walking towards you and you haven't given us an interview yet... well you know what's going to happen
Why aren't the videos up from last year yet? Will this year also not have any?
***
FreeNAS vs NAS4Free
More mainstream news covering BSD, this time with an article about different NAS solutions
In a possibly excessive eight-page article, Ars Technica discusses the pros and cons of both FreeNAS and NAS4Free
Both are based on FreeBSD and ZFS of course, but there are more differences than you might expect
Discusses the different development models, release cycles, features, interfaces and ease-of-use factor of each project
"One is pleasantly functional; the other continues devolving during a journey of pain" - uh oh, who's the loser?
***
Quality software costs money, heartbleed was free
PHK writes an article for ACM Queue about open source software projects' funding efforts
A lot of people don't realize just how widespread open source software is - TVs, printers, gaming consoles, etc
The article discusses ways to convince your workplace to fund open source efforts, then goes into a little bit about FreeBSD and Varnish's funding
The latest heartbleed vulnerability should teach everyone that open source projects are critical to the internet, and need people actively maintaining them
On that subject, "Earlier this year the OpenSSL Heartbleed bug laid waste to Internet security, and there are still hundreds of thousands of embedded devices of all kinds—probably your television among them—that have not been and will not ever be software-upgraded to fix it. The best way to prevent that from happening again is to avoid having bugs of that kind go undiscovered for several years, and the only way to avoid that is to have competent people paying attention to the software"
Consider donating to your favorite BSD foundation (or buying cool shirts and CDs!) and keeping the ecosystem alive
***
Geoblock evasion with pf and OpenBSD rdomains
Geoblocking is a way for websites to block visitors based on the location of their IP
This is a blog post about how to get around it, using pf and rdomains
It has the advantage of not requiring any browser plugins or DNS settings on the users' computers, you just need to be running OpenBSD on your router (hmm, if only a website had a tutorial about that...)
In this post, the author wanted to get an American IP address, since the service he was using (Netflix) is blocked in Australia
It's got all the details you need to set up a VPN-like system and bypass those pesky geographic filters
***
Interview - Marc Espie - [email protected] / @espie_openbsd
OpenBSD's package system, building cluster, various topics
Tutorial
Keeping your BSD up to date
News Roundup
BoringSSL and LibReSSL
Yet another OpenSSL fork pops up, this time from Google, called BoringSSL
Adam Langley has a blog post about it, why they did it and how they're going to maintain it
You can easily browse the source code
Theo de Raadt also weighs in with how this effort relates to LibReSSL
More eyes on the code is good, and patches will be shared between the two projects
***
More BSD Tor nodes wanted
Friend of the show bcallah posts some news to the Tor-BSD mailing list about monoculture in the Tor network being both bad and dangerous
Originally discussed on the Tor-Relays list, it was made apparent that having such a large amount of Linux nodes weakens the security of the whole network
If one vulnerability is found, a huge portion of the network would be useless - we need more variety in the network stacks, crypto, etc.
The EFF is also holding a Tor challenge for people to start up new relays and keep them online for over a year
Check out our Tor tutorial and help out the network, and promote BSD at the same time!
***
FreeBSD 10 OpenStack images
OpenStack, to quote Wikipedia, is "a free and open-source software cloud computing platform. It is primarily deployed as an infrastructure as a service (IaaS) solution."
The article goes into detail about creating a FreeBSD instant, installing and converting it for use with "bsd-cloudinit"
The author of the article is a regular listener and emailer of the show, hey!
***
BSDday 2014 call for papers
BSD Day, a conference not so well-known, is going to be held August 9th in Argentina
It was created in 2008 and is the only BSD conference around that area
The "call for papers" was issued, so if you're around Argentina and use BSD, consider submitting a talk
Sysadmins, developers and regular users are, of course, all welcome to come to the event
***
Feedback/Questions
Maruf writes in
Solomon writes in
Silas writes in
Bert writes in
***
...more
1h 27min
June 18, 201442: Devious Methods
Coming up this week, we'll be showing you how to chain SSH connections, as well as some cool tricks you can do with it. Going along with that theme, we also have an interview with Bryce Chidester about running a BSD-based shell provider. News, emails and cowsay turkeys, on BSD Now - the place to B.. SD.
This episode was brought to you by
Headlines
PIE and ASLR in FreeBSD update
A status update for Shawn Webb's ASLR and PIE work for FreeBSD
One major part of the code, position-independent executable support, has finally been merged into the -CURRENT tree
"FreeBSD has supported loading PIEs for a while now, but the applications in base weren't compiled as PIEs. Given that ASLR is useless without PIE, getting base compiled with PIE support is a mandatory first step in proper ASLR support"
If you're running -CURRENT, just add "WITH_PIE=1" to your /etc/src.conf and /etc/make.conf
The next step is working on the ASLR coding style and getting more developers to look through it
Shawn will also be at EuroBSDCon (in September) giving an updated version of his BSDCan talk about ASLR
***
Misc. pfSense news
Couple of pfSense news items this week, including some hardware news
Someone's gotta test the pfSense hardware devices before they're sold, which involves powering them all on at least once
To make that process faster, they're building a controllable power board (and include some cool pics)
There will be more info on that device a bit later on
On Friday, June 27th, there will be another video session (for paying customers only...) about virtualized firewalls
pfSense University, a new paid training course, was also announced
A single two-day class costs $2000, ouch
***
ZFS stripe width
A new blog post from Matt Ahrens about ZFS stripe width
"The popularity of OpenZFS has spawned a great community of users, sysadmins, architects and developers, contributing a wealth of advice, tips and tricks, and rules of thumb on how to configure ZFS. In general, this is a great aspect of the ZFS community, but I’d like to take the opportunity to address one piece of misinformed advice"
Matt goes through different situations where you would set up your zpool differently, each with their own advantages and disadvantages
He covers best performance on random IOPS, best reliability, and best space efficiency use cases
It includes a lot of detail on each one, including graphs, and addresses some misconceptions about different RAID-Z levels' overhead factor
***
FreeBSD 9.3-BETA3 released
The third BETA in the 9.3 release cycle is out, we're slowly getting closer to the release
This is expected to be the final BETA, next will come the RCs
There have mostly just been small bug fixes since BETA2, but OpenSSL was also updated and the arc4random code was updated to match what's in -CURRENT (but still isn't using ChaCha20)
The FreeBSD foundation has a blog post about it too
There's a list of changes between 9.2 and 9.3 as well, but we'll be sure to cover it when the -RELEASE hits
***
Interview - Bryce Chidester - [email protected] / @brycied00d
Running a BSD shell provider
Tutorial
Chaining SSH connections
News Roundup
My FreeBSD adventure
A Slackware user from the "linux questions" forum decides to try out BSD, and documents his initial impressions and findings
After ruling out PCBSD due to the demanding hardware requirements and NetBSD due to "politics" (whatever that means, his words) he decides to start off with FreeBSD 10, but also mentions trying OpenBSD later on
In his forum post, he covers the documentation (and how easy it makes it for a switcher), dual booting, packages vs ports, network configuration and some other little things
So far, he seems to really enjoy BSD and thinks that it makes a lot of sense compared to Linux
Might be an interesting, ongoing series we can follow up on later
***
Even more BSDCan trip reports
BSDCan may be over until next year, but trip reports are still pouring in
This time we have a summary from Li-Wen Hsu, who was paid for by the FreeBSD foundation
He's part of the "Jenkins CI for FreeBSD" group and went to BSDCan mostly for that
Nice long post about all of his experiences at the event, definitely worth a read
He even talks about... the food
***
FreeBSD disk partitioning
For his latest book series on FreeBSD's GEOM system, MWL asked the hackers mailing list for some clarification
This erupted into a very long discussion about fdisk vs gnop vs gpart
So you don't have to read the 500 mailing list posts, he's summarized the findings in a blog post
It covers MBR vs GPT, disk sector sizes and how to handle all of them with which tools
***
BSD Router Project version 1.51
A new version of the BSD Router Project has been released, 1.51
It's now based on FreeBSD 10-STABLE instead of 10.0-RELEASE
Includes lots of bugfixes and small updates, as well as some patches from pfSense and elsewhere
Check the sourceforge page for the complete list of changes
Bad news... the minimum disk size requirement has increased to 512MB... getting pretty bloated
***
Feedback/Questions
Fongaboo writes in
David writes in
Kristian writes in
***
...more
1h 25min
June 11, 201441: Commit This Bit
This week in the big show, we'll be interviewing Benedict Reuschling of the FreeBSD documentation team, and he has a special surprise in store for Allan. As always, answers to your questions and all the latest news, on BSD Now - the place to B.. SD.
This episode was brought to you by
Headlines
FreeBSD moves to Bugzilla
Historically, FreeBSD has used the old GNATS system for keeping track of bug reports
After years and years of wanting to switch, they've finally moved away from GNATS to Bugzilla
It offers a lot of advantages, is much more modern and actively maintained and
There's a new workflow chart for developers to illustrate the new way of doing things
The old "send-pr" command will still work for the time being, but will eventually be phased out in favor of native Bugzilla reporting tools (of which there are multiple in ports)
This will hopefully make reporting bugs a lot less painful
***
DIY NAS: EconoNAS 2014
We previously covered this blog last year, but the 2014 edition is up
More of a hardware-focused article, the author details the parts he's using for a budget NAS
Details the motherboard, RAM, CPU, hard drives, case, etc
With a set goal of $500 max, he goes just over it - $550 for all the parts
Lots of nice pictures of the hardware and step by step instructions for assembly, as well as software configuration instructions
***
DragonflyBSD 3.8 released
Justin announced the availability of DragonflyBSD 3.8.0
Binaries in /bin and /sbin are dynamic now, enabling the use of PAM and NSS to manage user accounts
It includes a new HAMMER FS backup script and lots of FreeBSD tools have been synced with their latest versions
Work continues on for the Intel graphics drivers, but it's currently limited to the HD4000 and Ivy Bridge series
See the release page for more info and check the link for source-based upgrade instructions
***
OpenZFS European conference 2014
There was an OpenZFS conference held in Europe recently, and now the videos are online for your viewing pleasure
Matt Ahrens, Introduction
Michael Alexander, FhGFS performance on ZFS
Andriy Gapon, Testing ZFS on FreeBSD
Luke Marsden, HybridCluster: ZFS in the cloud
Vadim Comănescu, Syneto: continuously delivering a ZFS-based OS
Chris George, DDRdrive ZIL accelerator: random write revelation
Grenville Whelan, High-Availability
Phil Harman, Harman Holistic
Mark Rees, Storiant and OpenZFS
Andrew Holway, EraStor ZFS appliances
Dan Vâtca, Syneto and OpenZFS
Luke Marsden, HybridCluster and OpenZFS
Matt Ahrens, Delphix and OpenZFS
Check the link for slides and other goodies
***
Interview - Benedict Reuschling - [email protected]
BSD documentation, getting commit access, unix education, various topics
News Roundup
Getting to know your portmgr, Steve Wills
"It is my pleasure to introduce Steve Wills, the newest member of the portmgr team"
swills is an all-round good guy, does a lot for ports (especially the ruby ports)
In this interview, we learn why he uses FreeBSD, the most embarrassing moment in his FreeBSD career and much more
He used to work for Red Hat, woah
***
BSDTalk episode 242
This time on BSDTalk, Will interviews Chris Buechler from pfSense
Topics include: the heartbleed vulnerability and how it affected pfSense, how people usually leave their firewalls unpatched for a long time (or even forget about them!), changes between major versions, the upgrade process, upcoming features in their 10-based version, backporting drivers and security fixes
They also touch on recent concerns in the pfSense community about their license change, that they may be "going commercial" and closing the source - so tune in to find out what their future plans are for all of that
***
Turn old PC hardware into a killer home server
Lots of us have old hardware lying around doing nothing but collecting dust
Why not turn that old box into a modern file server with FreeNAS and ZFS?
This article goes through the process of setting up a NAS, gives a little history behind the project and highlights some of the different protocols FreeNAS can use (NFS, SMB, AFS, etc)
Most of our users are already familiar with all of this stuff, nothing too advanced
Good to see BSD getting some well-deserved attention on a big mainstream site
***
Unbloating the VAX install CD
After a discussion on the VAX mailing list, something very important came to the attention of the developers...
You can't boot NetBSD on a VAX box with 16MB of RAM from the CD image
This blog post goes through the developer's adventure in trying to fix that through emulation and stripping various things out of the kernel to make it smaller
In the end, he got it booting - and now all three VAX users who want to run NetBSD can do so on their systems with 16MB of RAM...
***
Feedback/Questions
Thomas writes in
Reynold writes in
Bostjan writes in
Paul writes in
John writes in
***
...more
1h 8min
June 04, 201440: AirPorts & Packages
On this week's episode, we'll be giving you an introductory guide on OpenBSD's ports and package system. There's also a pretty fly interview with Karl Lehenbauer, about how they use FreeBSD at FlightAware. Lots of interesting news and answers to all your emails, on BSD Now - the place to B.. SD.
This episode was brought to you by
Headlines
BSDCan 2014 talks and reports, part 2
More presentations and trip reports are still being uploaded
Ingo Schwarze, New Trends in mandoc
Vsevolod Stakhov, The Architecture of the New Solver in pkg
Julio Merino, The FreeBSD Test Suite
Zbigniew Bodek, Transparent Superpages for FreeBSD on ARM
There's also a trip report from Michael Dexter and another (very long and detailed) trip report from our friend Warren Block that even gives us some linkage, thanks!
***
Beyond security, getting to know OpenBSD's real purpose
Michael W Lucas (who, we learn through this video, has been using BSD since 1986) gave a "webcast" last week, and the audio and slides are finally up
It clocks in at just over 30 minutes, managing to touch on a lot of OpenBSD topics
Some of those topics include: what is OpenBSD and why you should care, the philosophy of the project, how it serves as a "pressure cooker for ideas," briefly touches on GPL vs BSDL, their "do it right or don't do it at all" attitude, their stance on NDAs and blobs, recent LibreSSL development, some of the security functions that OpenBSD enabled before anyone else (and the ripple effect that had) and, of course, their disturbing preference for comic sans
Here's a direct link to the slides
Great presentation if you'd like to learn a bit about OpenBSD, but also contains a bit of information that long-time users might not know too
***
FreeBSD vs Linux, a comprehensive comparison
Another blog post covering something people seem to be obsessed with - FreeBSD vs Linux
This one was worth mentioning because it's very thorough in regards to how things are done behind the scenes, not just the usual technical differences
It highlights the concept of a "core team" and their role vs "contributors" and "committers" (similar to a presentation Kirk McKusick did not long ago)
While a lot of things will be the same on both platforms, you might still be asking "which one is right for me?" - this article weighs in with some points for both sides and different use cases
Pretty well-written and unbiased article that also mentions areas where Linux might be better, so don't hate us for linking it
***
Expand FreeNAS with plugins
One of the things people love the most about FreeNAS (other than ZFS) is their cool plugin framework
With these plugins, you can greatly expand the feature set of your NAS via third party programs
This page talks about a few of the more popular ones and how they can be used to improve your NAS or media box experience
Some examples include setting up an OwnCloud server, Bacula for backups, Maraschino for managing a home theater PC, Plex Media Server for an easy to use video experience and a few more
It then goes into more detail about each of them, how to actually install plugins and then how to set them up
***
Interview - Karl Lehenbauer - [email protected] / @flightaware
FreeBSD at FlightAware, BSD history, various topics
Tutorial
Ports and packages in OpenBSD
News Roundup
Code review culture meets FreeBSD
In most of the BSDs, changes need to be reviewed by more than one person before being committed to the tree
This article describes Phabricator, an open source code review system that we briefly mentioned last week
Instructions for using it are on the wiki
While not approved by the core team yet for anything official, it's in a testing phase and developers are encouraged to try it out and get their patches reviewed
Just look at that fancy interface!!
***
Upcoming BSD books
Sneaky MWL somehow finds his way into both our headlines and the news roundup
He gives us an update on the next BSD books that he's planning to release
The plan is to release three (or so) books based on different aspects of FreeBSD's storage system(s) - GEOM, UFS, ZFS, etc.
This has the advantage of only requiring you to buy the one(s) you're specifically interested in
"When will they be released? When I'm done writing them. How much will they cost? Dunno."
It's not Absolute FreeBSD 3rd edition...
***
CARP failover and high availability on FreeBSD
If you're running a cluster or a group of servers, you should have some sort of failover in place
But the question comes up, "how do you load balance the load balancers!?"
This video goes through the process of giving more than one machine the same IP, how to set up CARP, securing it and demonstrates a node dying
Also mentions DNS-based load balancing as another option
***
PCBSD weekly digest
This time in PCBSD land, we're getting ready for the 10.0.2 release (ISOs here)
AppCafe got a good number of fixes, and now shows 10 random highlighted applications
EasyPBI added a "bulk" mode to create PBIs of an entire FreeBSD port category
Lumina, the new desktop environment, is still being worked on and got some bug fixes too
***
Feedback/Questions
Paul writes in
Matt writes in
Kjell writes in
Paul writes in
Tom writes in
***
...more
1h 14min
May 28, 201439: The Friendly Sandbox
This time on the show we'll be talking with Jon Anderson about Capsicum and Casper to securely sandbox processes. After that, our tutorial will show you how to encrypt all your DNS lookups, either on a single system or for your whole network. News, emails and all the usual fun, on BSD Now - the place to B.. SD.
This episode was brought to you by
Headlines
BSDCan 2014 talks and reports
The majority of the BSDCan talks are finally uploaded, so prepare to be flooded with links
Karl Lehenbauer's keynote (he's on next week's episode)
Mariusz Zaborski and Pawel Jakub Dawidek,
Capsicum and Casper (relevant to today's interview)
Luigi Rizzo,
In-kernel OpenvSwitch on FreeBSD
Dwayne Hart, Migrating from Linux to FreeBSD for Backend Data Storage
Warner Losh, NAND Flash and FreeBSD
Simon Gerraty, FreeBSD bmake and Meta Mode
Bob Beck, LibreSSL - The First 30 Days
Henning Brauer, OpenBGPD Turns 10 Years Old
Arun Thomas, BSD ARM Kernel Internals
Peter Hessler, Using BGP for Realtime Spam Lists
Pedro Giffuni, Features and Status of FreeBSD's Ext2 Implementation
Matt Ahrens, OpenZFS Upcoming Features and Performance Enhancements
Daichi Goto, Shellscripts and Commands
Benno Rice, Keeping Current
Sean Bruno, MIPS Router Hacking
John-Mark Gurney, Optimizing GELI Performance
Patrick Kelsey, Userspace Networking with libuinet
Massimiliano Stucchi, IPv6 Transitioning Mechanisms
Roger Pau Monné, Taking the Red Pill
Shawn Webb, Introducing ASLR in FreeBSD
There's also a trip report from Peter Hessler and one from Julio Merino
The latter report also talks about how, unfortunately, NetBSD basically had no presence in the event at all (and how that's a recurring trend)
***
Defend your network and privacy with a VPN and OpenBSD
After all the recent news about spying, backdoored routers, deep packet inspection and everything else, you might want to start taking steps at getting some privacy back
This article describes how to set up a secure network gateway and VPN using OpenBSD and related crypto utilities
There are bits for DHCP, DNS, OpenVPN, DNSCrypt and a watchdog script to make sure your tunnel is always being used
You can transparently tunnel all your outbound traffic over the VPN with this configuration, nothing is needed on any of the client systems - this could also be used with Tor (but it would be very slow)
It also includes a few general privacy tips, recommended browser extensions, etc
The intro to the article is especially great, so give the whole thing a read
He mentions our OpenBSD router guide and other tutorials being a big help for this setup, so hello if you're watching!
***
You should try FreeBSD
In this blog post, the author talks a bit about how some Linux people aren't familiar with the BSDs and how we can take steps to change that
He goes into some FreeBSD history specifically, then talks about some of the apparent (and not-so-apparent) differences between the two
Possibly the most useful part is how to address the question "my server already works, why bother switching?"
"Stackoverflow’s answers assume I have apt-get installed"
It includes mention of the great documentation, stability, ports, improved security and much more
A takeaway quote for would-be Linux switchers: "I like to compare FreeBSD to a really tidy room where you can find everything with your eyes closed. Once you know where the closets are, it is easy to just grab what you need, even if you have never touched it before"
***
OpenBSD and the little Mauritian contributor
This is a story about a guy from Mauritius named Logan, one of OpenBSD's newest developers
Back in 2010, he started sending in patched for OpenBSD's "mg" editor, among other small things, and eventually added file transfer resume support for SFTP
The article talks about his journey from just a guy who submits a patch here and there to joining the developer ranks and even getting his picture taken with Theo at a recent hackathon
It really shows how easy it is to get involved with the different BSDs and contribute back to the software ecosystem
Congrats to Logan, and hopefully this will inspire more people to start helping out and contributing code back
***
Interview - Jon Anderson - [email protected]
Capsicum and Casperd
Tutorial
Encrypting DNS lookups
News Roundup
FreeBSD Journal, May 2014 issue
The newest issue of the FreeBSD Journal is out, following the bi-monthly release cycle
This time the topics include: a letter from the foundation, a ports report, some 9.3-RELEASE plans, an events calendar, an overview of ipfw, exploring network activity with dtrace, an article about kqueue, data distribution with dnssec and finally an article about TCP scaling
Pick up your (digital) copy at Amazon, Google Play or on iTunes and have a read
***
LibreSSL porting update
Since the last LibreSSL post we covered, a couple unofficial "portable" versions have died off
Unfortunately, people still think they can just port LibreSSL to other BSDs and Linux all willy-nilly - stop doing that!
This post reiterates that LibreSSL currently relies on a lot of OpenBSD-specific security functions that are not present in other systems, and also gives a very eye-opening example
Please wait for an official portable version instead of wasting time with these dime-a-dozen github clones that do more harm than good
***
BSDMag May 2014 issue is out
The usual monthly release from BSDMag, covering a variety of subjects
This time around the topics include: managing large development projects using RCS, working with HAMMER FS and PFSes, running MeteorJS on FreeBSD 11, another bhyve article, more GIMP tutorials and a few other things
It's a free PDF, go grab it
***
BSDTalk episode 241
A new episode of BSDTalk is out, this time with Bob Beck
He talks about the OpenBSD foundation's recent activities, his own work in the project, some stories about the hardware in Theo's basement and a lot more
The interview itself isn't about LibreSSL at all, but they do touch on it a bit too
Really interesting stuff, covers a lot of different topics in a short amount of time
***
Feedback/Questions
We got a number of replies about last week's VPN question, so thanks to everyone who sent in an email about it - the vpnc package seems to be what we were looking for
Tim writes in
AJ writes in
Peter writes in
Thomas writes in
Martin writes in
***
...more
1h 3min
May 21, 201438: A BUG's Life
We're back from BSDCan! This week on the show we'll be chatting with Brian Callahan and Aaron Bieber about forming a local BSD users group. We'll get to hear their experiences of running one and maybe encourage some of you to start your own! After that, we've got a tutorial on the basics of NetBSD's package manager, pkgsrc. Answers to your emails and the latest headlines, on BSD Now - the place to B.. SD.
This episode was brought to you by
Headlines
FreeBSD 11 goals and discussion
Something that actually happened at BSDCan this year...
During the FreeBSD devsummit, there was some discussion about what changes will be made in 11.0-RELEASE
Some of MWL's notes include: the test suite will be merged to 10-STABLE, more work on the MIPS platforms, LLDB getting more attention, UEFI boot and install support
A large list of possibilities was also included and open for discussion, including AES-GCM in IPSEC, ASLR, OpenMP, ICC, in-place kernel upgrades, Capsicum improvements, TCP performance improvements and A LOT more
There's also some notes from the devsummit virtualization session, mostly talking about bhyve
Lastly, he also provides some notes about ports and packages and where they're going
***
An SSH honeypot with OpenBSD and Kippo
Everyone loves messing with script kiddies, right?
This blog post introduces Kippo, an SSH honeypot tool, and how to use it in combination with OpenBSD
It includes a step by step (or rather, command by command) guide and some tips for running a honeypot securely
You can use this to get new 0day exploits or find weaknesses in your systems
OpenBSD makes a great companion for security testing tools like this with all its exploit mitigation techniques that protect all running applications
***
NetBSD foundation financial report
The NetBSD foundation has posted their 2013 financial report
It's a very "no nonsense" page, pretty much only the hard numbers
In 2013, they got $26,000 of income in donations
The rest of the page shows all the details, how they spent it on hardware, consulting, conference fees, legal costs and everything else
Be sure to donate to whichever BSDs you like and use!
***
Building a fully-encrypted NAS with OpenBSD
Usually the popular choice for a NAS system is FreeNAS, or plain FreeBSD if you know what you're doing
This article takes a look at the OpenBSD side and explains how to build a NAS with security in mind
The NAS will be fully encrypted, no separate /boot partition like FreeBSD and FreeNAS require - this means the kernel itself is even protected
The obvious trade-off is the lack of ZFS support for storage, but this is an interesting idea that would fit most people's needs too
There's also a bit of background information on NAS systems in general, some NAS-specific security tips and even some nice graphs and pictures of the hardware - fantastic write up!
***
Interview - Brian Callahan & Aaron Bieber - [email protected] & [email protected]
Forming a local BSD Users Group
Tutorial
The basics of pkgsrc
News Roundup
FreeBSD periodic mails vs. monitoring
If you've ever been an admin for a lot of FreeBSD boxes, you've probably noticed that you get a lot of email
This page tells about all the different alert emails, cron emails and other reports you might end up getting, as well as how to manage them
From bad SSH logins to Zabbix alerts, it all adds up quickly
It highlights the periodic.conf file and FreeBSD's periodic daemon, as well as some third party monitoring tools you can use to keep track of your servers
***
Doing cool stuff with OpenBSD routing domains
A blog post from our viewer and regular emailer, Kjell-Aleksander!
He manages some internally-routed IP ranges at his work, but didn't want to have equipment for each separate project
This is where OpenBSD routing domains and pf come in to save the day
The blog post goes through the process with all the network details you could ever dream of
He even named his networking equipment... after us
***
LibreSSL, the good and the bad
We're all probably familiar with OpenBSD's fork of OpenSSL at this point
However, "for those of you that don't know it, OpenSSL is at the same time the best and most popular SSL/TLS library available, and utter junk"
This article talks about some of the cryptographic development challenges involved with maintaining such a massive project
You need cryptographers, software engineers, software optimization specialists - there are a lot of roles that need to be filled
It also mentions some OpenSSL alternatives and recent LibreSSL progress, as well as some downsides to the fork - the main one being their aim for backwards compatibility
***
PCBSD weekly digest
Lots going on in PCBSD land this week, AppCafe has been redesigned
The PBI system is being replaced with pkgng, PBIs will be automatically converted once you update
In the more recent post, there's some further explanation of the PBI system and the reason for the transition
It's got lots of details on the different ways to install software, so hopefully it will clear up any possible confusion
***
Feedback/Questions
Antonio writes in
Daniel writes in
Sean writes in
tsyn writes in
Chris writes in
***
...more
1h 29min
May 14, 201437: BSDCanned Goods
This week we're at BSDCan, ganging up on people and forcing them to give us interviews. Assuming we don't get arrested for harassment, we'll be back next week with your regularly scheduled programming. For now, we've got some feedback emails to catch up on, as well as a prerecorded talk Matt Ahrens gave about ZFS. We'll be back to tell you all about the conference next week, on BSD Now - the place to B.. SD.
This episode was brought to you by
Presentation - Matthew Ahrens - [email protected] / @mahrens1
OpenZFS discussion
Feedback/Questions
Remy writes in
Darin writes in
Steve writes in
Pascal writes in
***
...more
2h 8min

FAQs about BSD Now:

How many episodes does BSD Now have?

The podcast currently has 634 episodes available.

More shows like BSD Now

Security Now (Audio) by TWiT

Security Now (Audio)

1,970 Listeners

Software Engineering Radio - the podcast for professional software developers by se-radio@computer.org

Software Engineering Radio - the podcast for professional software developers

272 Listeners

The Changelog: Software Development, Open Source by Changelog Media

The Changelog: Software Development, Open Source

284 Listeners

LINUX Unplugged by Jupiter Broadcasting

LINUX Unplugged

265 Listeners

Python Bytes by Michael Kennedy and Brian Okken

Python Bytes

215 Listeners

Late Night Linux by The Late Night Linux Family

Late Night Linux

154 Listeners

Home Assistant Podcast by HK Media

Home Assistant Podcast

65 Listeners

CoRecursive: Coding Stories by Adam Gordon Bell - Software Developer

CoRecursive: Coding Stories

189 Listeners

Kubernetes Podcast from Google by Abdel Sghiouar, Kaslin Fields

Kubernetes Podcast from Google

181 Listeners

Late Night Linux Family All Episodes by The Late Night Linux Family

Late Night Linux Family All Episodes

44 Listeners

Linux Dev Time by The Late Night Linux Family

Linux Dev Time

21 Listeners

Self-Hosted by Jupiter Broadcasting

Self-Hosted

135 Listeners

2.5 Admins by The Late Night Linux Family

2.5 Admins

92 Listeners

Linux After Dark by The Late Night Linux Family

Linux After Dark

29 Listeners

Oxide and Friends by Oxide Computer Company

Oxide and Friends

47 Listeners