MX with TTX | BSD Now 3

MX with TTX | BSD Now 3

A tutorial on pkgng, we talk with the developers of OpenSMTPD about running a mail server OpenBSD-style, answer YOUR questions and, of course, discuss all the latest news.

All that and more on BSD Now! The place to B… SD.

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

- Show Notes: -

Headlines

pfSense 2.1-RELEASE is out

  • Now based on FreeBSD 8.3
  • Lots of IPv6 features added
  • Security updates, bug fixes, driver updates
  • PBI package support
  • Way too many updates to list, see the full list

New kernel based iSCSI stack comes to FreeBSD

  • Brief explanation of iSCSI
  • This work replaces the older userland iscsi target daemon and improves the in-kernel iscsi initiator
  • Target layer consists of:
  • ctld(8), a userspace daemon responsible for handling configuration, listening for incoming connections, etc, then handing off connections to the kernel after the iSCSI Login phase
  • iSCSI frontend to CAM Target Layer, which handles Full Feature phase.
  • The work is being sponsored by FreeBSD Foundation
  • Commit here

MTier creates openup utility for OpenBSD

  • MTier provides a number of things for the OpenBSD community
  • For example, regularly updated (for security) stable packages from their custom repo
  • openup is a utility to easily check for security updates in both base and packages
  • It uses the regular pkg tools, nothing custom-made
  • Can be run from cron, but only emails the admin instead of automatically updating

OpenSSH in FreeBSD -CURRENT supports DNSSEC

  • OpenSSH in base is now compiled with DNSSEC support
  • In this case the default setting for ‘VerifyHostKeyDNS’ is yes
  • OpenSSH will silently trust DNSSEC-signed SSHFP records
  • It is the secteam’s opinion that this is better than teaching users to blindly hit “yes” each time they encounter a new key

Interview – Gilles Chehade & Eric Faurot – gilles@openbsd.org / @poolpOrg & eric@openbsd.org

OpenSMTPD

  • Q: Could you tell us a little bit about yourselves and how you got involved with OpenBSD?
  • Q: What exactly is OpenSMTPD and why was it created?
  • Q: How big is your team of developers? Who’s doing what?
  • Q: How compatible is it with things like dovecot, spamassassin, etc?
  • Q: Are there any advantages over the other mail servers like Postfix or Exim?
  • Q: If someone wanted to switch from them, is it an easy replacement?
  • Q: The config syntax is very nice and easy to grasp. Was inspired from PF’s at all?
  • Q: What made you decide to develop a portable version, a la OpenSSH?
  • Q: Tell us some cool, upcoming features in a future release
  • Q: Anything else you’d like to mention about the project?
  • Q: Where can people find more info and help with development if they want?

Tutorial

Using pkgng for binary package management

  • Live demo
  • pkgng is the replacement for the old pkg_add tools
  • Much more modern, supports an array of features that the old system didn’t
  • Works on DragonflyBSD as well

News Roundup

New progress with Newcons

  • Newcons is a replacement console driver for FreeBSD
  • Supports unicode, better graphics modes and bigger fonts
  • Progress is being made, but it’s not finished yet

relayd gets PFS support

  • relayd is a load balancer for OpenBSD which does protocol layers 3, 4, and 7
  • Currently being ported to FreeBSD. There is a WIP port
  • Works by negotiating ECDHE (Elliptic curve Diffie-Hellman) between the remote site and relayd to enable TLS/SSL Perfect Forward Secrecy, even when the client does not support it

OpenZFS Launches

  • Slides from LinuxCon
  • Will feature ‘Office Hours’ (Ask an Expert)
  • Goal is to reduce the differences between various open source implementations of ZFS, both user facing and pure lines of code

FreeBSD 10-CURRENT becomes 10.0-ALPHA

  • Glen Barber tagged the -CURRENT branch as 10.0-ALPHA
  • In preparation for 10.0-RELEASE, ALPHA2 as of 9/18
  • Everyone was rushing to get their big commits in before 10-STABLE, which will be branched soon
  • 10 is gonna be HUGE

September issue of BSD Mag

  • BSD Mag is a monthly online magazine about the BSDs
  • This month’s issue has some content written by Kris
  • Topics include MidnightBSD live cds, server maintenance, turning a Mac Mini into a wireless access point with OpenBSD, server monitoring, FreeBSD programming, PEFS encryption and a brief introduction to ZFS

The FreeBSD IRC channel is official

  • For many years, the FreeBSD freenode channel has been “unofficial” with a double-hash prefix
  • Finally it has freenode’s blessing and looks like a normal channel!
  • The old one will forward to the new one, so your IRC clients don’t need updating

OpenSSH 6.3 released

  • After a big delay, Damien Miller announced the release of 6.3
  • Mostly a bugfix release, with a few new features
  • Of note, SFTP now supports resuming failed downloads via -a

Feedback/Questions

  • A couple people wrote in to tell us not only OpenBSD have 64bit time. We misspoke.
  • James writes in: http://slexy.org/view/s2wBbbSWGz
  • Elias writes in: http://slexy.org/view/s2LMDF3PYx
  • Gabor writes in: http://slexy.org/view/s2aCodo65X
  • Possibly the coolest feedback we’ve gotten thus far: Baptiste Daroussin, leader of the FreeBSD ports management team and author of poudriere and pkgng, has put up the BSD Now poudriere tutorial on the official documentation!
  • We always want more feedback, especially tutorial ideas and show topics you want to see

  • Big thanks to TJ for writing most of the show notes and the tutorials, as well as handling most of your feedback
  • All the tutorials are posted in their entirety at bsdnow.tv
  • Send questions, comments, show ideas/topics, etc to feedback@bsdnow.tv
  • We don’t check YouTube comments, JB comments, Reddit, etc. If you want us to see it, send it via email (the preferred way) or Twitter (also acceptable)
  • Watch live Wednesdays at 2:00PM Eastern (18:00 UTC)

Question? Comments? Contact us here!