Hi advocacy@, This list doesn't seem to be too active, but I thought it was the right one to share this on.
I've started a Gemini[1] site and wrote a post about my migration to OpenBSD[2]. The format of the post is the gemtext, but I feel it's pretty readable for here. So here it is, for the curious, with mild formatting edits to make it more appropriate for email. -Henrich 1: https://geminiprotocol.net/ 2: gemini://hartzer.sh/gemlog/2025-05-23-openbsd-isnt-good-just-because-its-secure.gmi --- # 2025-05-23: OpenBSD isn't good just because it's secure The number one marketed aspect of OpenBSD is that it's secure. And I think that's been proven true over the years. pledge() and unveil() are frankly fantastic. But after finally using OpenBSD as a daily driver for a little while, I feel like it's disingenuous to only focus on the security aspect. I had assumed, based on the large security label put over OpenBSD, that it wasn't such a great desktop/laptop daily driver. It most certainly is a great one. Previously, I had been using FreeBSD for quite a while. And I still use it on a number of servers. Before that, Linux, which I still use quite a bit for one purpose or another. I have a bit of an attachment to FreeBSD and switching away from it was not a light decision. Lots of loyalty built up over the years, familiarity, and comfort. And I feel that FreeBSD has a number of compelling aspects for many. But most of my draw with FreeBSD has also applied to OpenBSD. It's a bit "less" than Linux. The development cycle is slower. The security model seems more reasonable than Linux's. Not that you can't be reasonably secure on Linux, but I think it's scope and general design (containers included) make it more difficult. Not that the average user isn't well served by certain Linux distributions. In my case, my needs are pretty minor. I run older hardware with gigabit expectations of performance. I'm not doing machine learning with expensive GPUs, running hundreds of containers, and counting each second of my boot times. Linux is a bit overkill. Not to mention the systemd aspect which can be avoided, but tends to come with the whole Linux package. Outside of say Alpine, most notably. FreeBSD is technologically a bit of a step down from Linux, and I've liked it that way. Now, that's not totally true. It's had ZFS for some time, which is awfully impressive. And FreeBSD has thrown some legendary network performance figures. It's just generally less bleeding edge than Linux, more thoroughly documented, and a little bit easier for me to use. I'd put myself in the "tinkerer" category, where I like being able to identify and fix a bug, or make some adjustment, or at least understand what's going on. And keeping up with Linux' pace is a lot for my hobbyist level of involvement. Technology seems like it's pretty good where it's at, in many aspects, and fast paced development often means more steps backward than forward -- for someone without sky-high expectations. FreeBSD also has a better "solid" feel to it, having a more consistent ideology throughout. Rather than just being a kernel, with some expectations, and some userland thrown on top. This all applies to OpenBSD, and even more so. OpenBSD's codebase is a bit slimmer yet than FreeBSD's. It doesn't have Jails or any equivalent (though pledge(), unveil(), and pf can accomplish most of what you might sanely want to do.) It's even a bit more "behind" FreeBSD in some ways. But this aspect of being behind, for me, is a good thing. It's less flashy, but more thorough. I managed to get a few patches in for FreeBSD and a number of bug reports. I love that it's (now) developed with git. Being able to open up a pull request and get feedback is something I'm very familiar with. However, FreeBSD for me was a frustrating daily driver. Wayland on FreeBSD is a joy, but memory management on FreeBSD seems to have some serious issues, at least on my hardware (older amd64 architecture.) I have a long bug report about my attempts of running Firefox on FreeBSD. And it does run, but it fails to evict pages from laundry, or so I understand. So Firefox will use more and more memory with quite few tabs, until something gets killed. And OOM killing in FreeBSD can take a while. It may have improved some in 14.1. I appreciate the various developers working with me on it, but the fact is that basic browsing would result in one crash after another. And it wasn't just Firefox, GIMP was also quite prone to run out of memory in conditions you wouldn't normally expect. But it was so bad that with 16GB of memory, I'd have issues every couple of days. With 8GB, several times a day. I had a final straw with FreeBSD, which was 14.2. 14.2 wouldn't boot on my old, tested, and well known hardware (primarily Thinkpads -- T400, R500, X200, etc.) I narrowed it down to where I could boot 14.2 if I installed 2GB of memory, or if I disabled SMP. I could also boot if I set a 4GB limit at boot time, which yes, is a lot better than being confined to 2GB of memory. Now disabling SMP on such old hardware is a big hit performance wise, but the bigger hit is that this brought about new, bizarre bugs. And Firefox with 4GB of memory left me in a situation where I couldn't even reliably have a single tab browsing a website like Home Depot's, without OOM. This isn't just a swap issue, either. But with no resolution to those issues and 14.1 being on the chopping block, I simply couldn't use FreeBSD anymore as a daily driver. ## Time to give OpenBSD a try... This led to me giving OpenBSD a serious try. I had seen for a while the impresive community built up around it. Some very neat projects appear to be developed on OpenBSD. It seemed to fit my use case a bit more than FreeBSD, based on what I saw being used. And this proved to be true. In a lot of ways, switching to OpenBSD was uneventful. While there was certainly some confusion and mental shift involved, for desktop use it just worked! And no more memory management issues. Firefox under OpenBSD is far superior to Firefox under FreeBSD. OpenBSD with 2GB of memory and no swap results in a somewhat usable Firefox that'll OOM sometimes. Add in swap, and you get something quite usable, and quite slow. But usable! Adding swap under FreeBSD didn't improve the Firefox situation for me. OpenBSD with 2GB of memory was far more usable than FreeBSD with 4GB of memory, as far as Firefox was concerned. But OpenBSD will let me boot with my full two cores *and* 8GB of memory. And with 8GB of memory, I have to try a lot harder to push Firefox to the point of it being slow or eventually OOMing. Which is doable -- Firefox and modern websites are pigs. But overall, things are smooth enough on this 16? year old hardware. OpenBSD's pledge() and unveil() don't just stay relegated to base components like OpenSSH -- they are even patched into Firefox which makes it a much more trustworthy setup, without jumping through hoops like doing say a Jail + VNC to try and isolate Firefox, or running it as another user. I will note that Wayland also works under OpenBSD, though it's less polished than FreeBSD. Far fewer ports for it. I feel that this may change in time. ## OpenBSD is a "batteries included" OS While OpenBSD won't get you browsing without installing packages/ports, on the server side it's awfully complete. You get a good HTTP daemon, even an ACME client for SSL, authoritative DNS server, caching DNS server, and easily enough to run a router. I appreciate this quite a bit. These are well documented and tested components, already configured in a sane and secure model. ## OpenBSD is easy to contribute to Despite not having my familiar git + pull request developmental model, OpenBSD's lists are quite active. I've had a few contributions already, all quite minor. Now sometimes I get crickets, I think in particular if the topic is a bit controversial, but it's quite easy to start a discussion that results in a commit on an obvious matter. There's three commits that mention discussion I was involved with, and I've only been using OpenBSD since the tail end of 7.6. ## OpenBSD is easy to use Now, I don't think you should try to get your grandma using OpenBSD tomorrow, unless she was awfully savvy to begin with. But for me, as someone writing this post in neovim, under tmux and i3, to be hosted on Gemini, OpenBSD is really easy to figure out. It still takes some time to understand certain points, but I feel the learning curve is quite approachable. I feel like I have a good bit of a comfort with a system that I'm happy with, I know where to look, where to ask questions, and it doesn't take all day to attain this past some initial investment. Most of the ports I'm familiar with were already there. I am missing a few things, however, like Monero. ## Not everything is perfect Some things feel like a step back, to me. * `ftp` (analogous to `fetch` on FreeBSD`) won't use IPv6 unless you tell it to. * There's no `make fetch-recursive` for ports. * FFS without softupdates is definitely not as fast. However, OpenBSD's scheduler is way better than FreeBSD's, and despite being slower on some aspects, it "feels" faster. * I understand not including ZFS, which is enormous, but ZFS certainly has some uses. I actually moved away from ZFS on FreeBSD prior to 14.2. At one point I had a bunch of memory being held until I unloaded the zfs kernel module. I stopped using it to try and help track down where my memory issues were coming from. ZFS, though, is kind of like systemd in scope creep. * I have some audio stutter issues when using automatic performance adjustment. Without this, it seems fine. * OpenBSD still uses CVS... Maybe gogs will save the day? ## In conclusion... OpenBSD really feels like a tinker's BSD. It feels like it's regularly developed by users on similar hardware to myself. And not just developed, but used. It isn't just in VirtualBox on a Macbook running MacOS, it's tried and tested for daily use. I really appreciate how it "just works" most of the time, how well documented it is, and how approachable it is to develop with. ## Links https://openbsd.org/ https://freebsd.org/ https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=280846 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=285867 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=286018
