OpenSSH is preparing to remove the final traces of DSA support, as announced by Damien Miller. This change aims to streamline the codebase but requires community testing to ensure compatibility, especially for interoperability tests. Users are encouraged to assist with testing before the changes are finalized. This follows earlier efforts to phase out DSA, aligning OpenSSH with modern cryptographic standards.
The bpflogd(8) tool has been introduced into OpenBSD, offering enhanced packet logging capabilities. Unlike pflogd(8), it supports logging on any BPF interface and multiple interfaces simultaneously. It uses libevent for non-blocking operations and captures full packets by default. This tool aims to assist in debugging network issues by logging packets from multiple sources. Developers are encouraging user feedback on its performance and usability.
David Gwynne has committed lldpd(8), a daemon that acts as an LLDP agent on Ethernet interfaces, to OpenBSD -current. This daemon uses AF_FRAME Ethernet sockets to efficiently listen for LLDP packets across all interfaces. Additionally, a companion tool, lldp(8), was committed to interact with the daemon, allowing users to fetch and display LLDP packets. Both tools are now linked to the build, and further development and testing are encouraged.
OpenSSH has officially removed DSA signature support as of May 2025. The change, completed by Damien Miller, involved modifying and removing several files related to DSA in the OpenSSH codebase. This update aligns with ongoing efforts to phase out outdated cryptographic algorithms. Users are encouraged to verify the removal and adapt their configurations accordingly. The move is part of a broader initiative to enhance security and modernize the OpenSSH ecosystem.
In this blog post, Dane Harrigan explains how he added tab completion of paths in CDPATH to cd, in ksh.
OpenSSH is preparing to remove the final traces of DSA support, as announced by Damien Miller. This change aims to streamline the codebase but requires community testing to ensure compatibility, especially for interoperability tests. Users are encouraged to assist with testing before the changes are finalized. This follows earlier efforts to phase out DSA, aligning OpenSSH with modern cryptographic standards.
OpenBSD has implemented a security enhancement by moving SSH agent listener sockets from /tmp to ~/.ssh/agent. This change leverages the unveil(2) mechanism to prevent processes with restricted filesystem access, such as Firefox, from accessing SSH keys. The update also introduces new ssh-agent flags for managing stale sockets and supports NFS home directories. This improvement aims to enhance SSH security for users on the OpenBSD platform.
The OpenBSD installer has been updated to prefer disks larger than 1GB as the default root disk during installation. This change aims to avoid selecting smaller or less suitable disks, such as install media or external drives, as the default option. The update modifies the disk selection process to prioritize larger disks, enhancing user convenience. This improvement is expected to streamline the installation process by reducing the need for manual adjustments.
The "Valuable News" weekly series provides summaries of news, articles, and other interesting content, primarily related to UNIX/BSD/Linux systems. The series aims to filter essential information from the vast amount of data available online, making it easier for readers to stay informed without sifting through irrelevant content. This edition highlights various updates and tutorials related to UNIX/BSD/Linux, including custom XKB layouts, FPU emulation, and FreeBSD projects.
Incus is a versatile platform that supports running BSD-based virtual machines, including FreeBSD, OpenBSD, and NetBSD. This guide explains how to use cloud images to set up these systems quickly and efficiently. The process involves downloading pre-configured cloud images, using the incus-migrate tool for migration, and launching the VMs. Incus simplifies management by treating BSD VMs similarly to containers or other VMs, making it a practical solution for testing, development, or deployment. With ready-to-use images and straightforward steps, Incus provides a reliable way to integrate BSD systems into your virtualization infrastructure.
The New York City BSD User Group (NYC*BUG) is hosting a meeting on May 14, 2025, focused on the FreeBSD Laptop and Desktop Working Group, with a DJ-BSD redux session. Charlie Li, a FreeBSD Ports committer, will lead an informal discussion on using FreeBSD for desktops and laptops, sharing insights into daily usage, development, and community involvement. The event will be held at NYU Tandon Engineering Building in Brooklyn, with remote participation via streaming and IRC for Q&A. RSVP is required for attendance.
Errata patches for the NFS server have been released for OpenBSD 7.6 and 7.7. These updates address vulnerabilities and are available for amd64, arm64, and i386 platforms via the syspatch utility. Source code patches can be found on the respective errata pages. Users are encouraged to apply these updates to ensure system security.
The NetBSD Foundation will host its 2025 Annual General Meeting on May 17 at 21:00 UTC. The event will take place in the netbsd-agm channel on irc.libera.chat, featuring presentations on technical direction, project services, and publicity, followed by a Q&A session. A full transcript will be available for those unable to attend. The meeting aims to engage the community and discuss the project's future.
This article details the process of building a secure and functional home router using OpenBSD. The author discusses the limitations of consumer routers and explores the hardware and software setup, including PPP and IPv6 configurations. The guide covers choosing compatible hardware, configuring interfaces, and establishing IPv4 and IPv6 connectivity. It also provides insights into turning a client into a router, setting up DHCP, and implementing firewall rules with pf. The author concludes with future tasks such as configuring NTP and DNS services.
The first BETA build for the FreeBSD 14.3 release cycle is now available. ISO images for the amd64, i386, powerpc, powerpc64, powerpc64le, powerpcspe, armv6, armv7, aarch64, and riscv64 architectures are FreeBSD mirror sites.