Time Signatures | BSD Now 23

Time Signatures | BSD Now 23

We\’ll be talking with Ted Unangst of the OpenBSD team about their new signing infrastructure. After that, we\’ve got a tutorial on how to run your own NTP server. News, your feedback and even… the winner of our tutorial contest! It\’s a big show, so stay tuned to BSD Now – the place to B.. SD.

Thanks to:


\"iXsystems\"

Direct Download:

Video | HD Video | MP3 Audio | OGG Audio | Torrent | YouTube

RSS Feeds:

MP3 Feed | OGG Feed | iTunes Feed | Video Feed | HD Vid Feed | HD Torrent Feed

– Show Notes: –

Headlines

FreeBSD foundation\’s 2013 fundraising results

  • The FreeBSD foundation finally counted all the money they made in 2013
  • $768,562 from 1659 donors
  • Nice little blog post from the team with a giant beastie picture
  • \”We have already started our 2014 fundraising efforts. As of the end of January we are just under $40,000. Our goal is to raise $1,000,000. We are currently finalizing our 2014 budget. We plan to publish both our 2013 financial report and our 2014 budget soon.\”
  • A special thanks to all the BSD Now listeners that contributed, the foundation was really glad that we sent some people their way (and they mentioned us on Facebook)

OpenSSH 6.5 released

  • We mentioned the CFT last week, and it\’s finally here!
  • New key exchange using elliptic-curve Diffie Hellman in Daniel Bernstein\’s Curve25519 (now the default when both clients support it)
  • Ed25519 public keys are now available for host keys and user keys, considered more secure than DSA and ECDSA
  • Funny side effect: if you ONLY enable ed25519 host keys, all the compromised Linux boxes can\’t even attempt to login
  • New bcrypt private key type, 500,000,000 times harder to brute force
  • Chacha20-poly1305 transport cipher that builds an encrypted and authenticated stream in one
  • Portable version already in FreeBSD -CURRENT, and ports
  • Lots more bugfixes and features, see the full release note or our interview with Damien
  • Work has already started on 6.6, which can be used without OpenSSL!

Crazed Ferrets in a Berkeley Shower

  • In 2000, MWL wrote an essay for linux.com about why he uses the BSD license: \”It’s actually stood up fairly well to the test of time, but it’s fourteen years old now.\”
  • This is basically an updated version about why he uses the BSD license, in response to recent idiocy from Richard Stallman
  • Very nice post that gives some history about Berkeley, the basics of the BSD-style licenses and their contrast to the GNU GPL
  • Check out the full post if you\’re one of those people that gets into license arguments
  • The takeaway is \”BSD is about making the world a better place. For everyone.\”

OpenBSD on BeagleBone Black

  • Beaglebone Blacks are cheap little ARM devices similar to a Raspberry Pi
  • A blog post about installing OpenBSD on a BBB from.. our guest for today!
  • He describes it as \”everything I wish I knew before installing the newly renamed armv7 port on a BeagleBone Black\”
  • It goes through the whole process, details different storage options and some workarounds
  • Could be a really fun weekend project if you\’re interested in small or embedded devices

This episode was brought to you by

\"iXsystems


Interview – Ted Unangst – tedu@openbsd.org / @tedunangst

OpenBSD\’s signify infrastructure


Tutorial

Running an NTP server


News Roundup

Getting started with FreeBSD

  • A new video and blog series about starting out with FreeBSD
  • The author has been a fan since the 90s and has installed it on every server he\’s worked with
  • He mentioned some of the advantages of BSD over Linux and how to approach explaining them to new users
  • The first video is the installation, then he goes on to packages and other topics – 4 videos so far

More OpenBSD hackathon reports

  • As a followup to last week, this time Kenneth Westerback writes about his NZ hackathon experience
  • He arrived with two goals: disklabel fixes for drives with 4k sectors and some dhclient work
  • This summary goes into detail about all the stuff he got done there

X11 in a jail

  • We\’ve gotten at least one feedback email about running X in a jail Well.. with this commit, looks like now you can!
  • A new tunable option will let jails access /dev/kmem and similar device nodes
  • Along with a change to DRM, this allows full X11 in a jail
  • Be sure to check out our jail tutorial and jailed VNC tutorial for ideas
  • Ongoing Discussion

PCBSD weekly digest


Feedback/Questions

  • Justin writes in: http://slexy.org/view/s21VnbKZsH
  • Daniel writes in: http://slexy.org/view/s2nD7RF6bo
  • Martin writes in: http://slexy.org/view/s2jwRrj7UV
  • Alex writes in: http://slexy.org/view/s201koMD2c
    + unofficial FreeBSD RPI Images
  • James writes in: http://slexy.org/view/s2AntZmtRU
  • John writes in: http://slexy.org/view/s20bGjMsIQ

  • All the tutorials are posted in their entirety at bsdnow.tv
  • The ssh tutorial has been updated with some new 6.5 stuff
  • Send questions, comments, show ideas/topics, or stories you want mentioned on the show to feedback@bsdnow.tv
  • Watch live Wednesdays at 2:00PM Eastern (19:00 UTC)
  • Reminder: if you\’re on FreeBSD 8.3 for some reason, upgrade soon – it\’s reaching EOL
  • Reminder: if you\’re using pkgng, be sure to update to 1.2.6 for a security issue
  • The winner of the tutorial contest is… Dusko! We didn\’t get as many submissions as we wanted, but his Nagios monitoring tutorial was extremely well-done. It\’ll be featured in a future episode. Congrats! Send us a picture when it arrives.
  • Allan got his pillow in the mail as well, it\’s super awesome

Question? Comments? Contact us here!