Interesting read. I installed openBSD on a box about a year ago and was not impressed with the ease of doing anything but the install. Partitioning was trivial and installing was easy, I just had no idea of how to get the software I wanted on the box. I canned it and installed Mandrake...I needed linux anyway..to run an instance of Oracle9i2. Maybe, I'll mess around with BSD.....
John Hebert wrote: > Craig, > > Good to hear from you! > > I recently had a pleasant experience with installing OpenBSD 3.3 (3.4 > came out on 11/1/03) on an extra laptop from my employer, an HP > Omnibook 4150B (128MB RAM, PIII/600Mhz, 18GB HD, ATI Mobility graphics > card, Orinoco Silver 802.11b PCMCIA wlan nic). > > First, I had tried installing Knoppix 3.2 on it, which worked okay but > I was a little bored with it. I then tried Mepis on it but either I > had a bad CD or it just didn't like my HD as the install kept crapping > out at the same place. I tried good old Debian on it and had some > problems problems getting X working like I wanted, but I got past that. > > I then tried installing OpenBSD on it from the CD distribution, which > includes a nice install doc in the foldout CD label, some nifty > stickers and an original sound track. It installed faster than any of > the previous, even the straight Debian install. I think I rebooted 15 > minutes after starting the install and was at a shell prompt. WARNING: > the partition manager will scare you if you are familiar with > _minimal_ partition managers. > > The default OpenBSD install is _tiny_, but it contains everything you > need to make it a firewall and NAT box and includes sshd by default. > The OpenBSD CD package has 3 CDs in it, so you can install it on > MacPPC, VAX, Sparc, Sparc64 and of course i386. > > It also includes the source code and a ports tree, which is basically > a big directory of various software packages that you install by > selecting a package, typing "make" to download and compile the source > to make the install package, and then type "make install" to install > the package. This ensures you have a package that is custom compiled > and installed for your system. The ports tree system will also > automatically handle software package dependencies. Here's the > abbreviated output from an install of "John the Ripper", a well-known > free software password cracker: > > fenris# cd /usr/ports > > fenris# ls > > .cvsignore cad emulators mail print > CVS chinese games math > productivity > INDEX comms graphics mbone russian > Makefile converters infrastructure misc security > README databases japanese net shells > archivers devel java news sysutils > astro distfiles korean packages textproc > audio editors lang palm www > benchmarks education ls.out plan9 x11 > > fenris# cd security > > fenris# ls > > ADMfzap keychain p5-PGP-Sign > ADMsmb klaxon parse > ADMsnmp l0phtcrack pcsc-lite > CVS libident pgp > Makefile libmcrypt pgp5 > aescrypt logsentry pgpdump > aide logsurfer pgplib > antisniff lxnb portscanner > apg mcrypt portsentry > arirang mhash ppgen > bfbtester nbaudit py-Rijndael > bounix nessus py-cryptkit > bsd-airtools nfsshell py-gnupg > ccrypt outguess py-sslwrapper > cfs p0f radiusniff > cgichk p5-Authen-Radius rdp > chrootuid p5-Crypt-Blowfish scanlogd > cops p5-Crypt-CBC scanssh > corkscrew p5-Crypt-DES sentinel > crack p5-Crypt-OpenSSL-DSA shash > crank p5-Crypt-OpenSSL-RSA siphon > cyrus-sasl p5-Crypt-OpenSSL-Random slurpie > cyrus-sasl2 p5-Crypt-RC4 smbsniff > dante p5-Crypt-Rijndael smurflog > despoof p5-Crypt-SSLeay socks5 > dsniff p5-Crypt-TripleDES sqlat > fragroute p5-Crypt-Twofish stel > fragrouter p5-Digest-HMAC strobe > gnupg p5-Digest-MD5 stunnel > gpa p5-Digest-Nilsimsa swatch > gpgme p5-Digest-SHA1 tempwatch > hlfl p5-GPG uvscan > hydra p5-GnuPG uvscan_dat > integrit p5-GnuPG-Interface vomit > isic p5-IO-Socket-SSL whisker > its4 p5-MD5 xmlsec > john p5-Net_SSLeay zebedee > > fenris# cd john > > fenris# ls > > CVS Makefile distinfo patches pkg > > fenris# make > > ===> Checking files for john-1.6p1 > >> john-1.6.tar.gz doesn't seem to exist on this system. > >> Attempting to fetch /usr/ports/distfiles/john-1.6.tar.gz from > http://www.openwall.com/john/. > 100% |************************************************************| > 485 KB 00:08 > >> Checksum OK for john-1.6.tar.gz. (sha1) > ===> Extracting for john-1.6p1 > ===> Patching for john-1.6p1 > ===> Configuring for john-1.6p1 > ===> Building for john-1.6p1 > ln -sf x86-any.h arch.h > make ../run/john ../run/unshadow ../run/unafs ../run/unique > JOHN_OBJS="DES_fmt.o DES_std.o BSDI_fmt.o MD5_fmt.o MD5_std.o > BF_fmt.o BF_std.o AFS_fmt.o LM_fmt.o batch.o bench.o charset.o > common.o compiler.o config.o cracker.o external.o formats.o getopt.o > idle.o inc.o john.o list.o loader.o logger.o math.o memory.o misc.o > options.o params.o path.o recovery.o rpp.o rules.o signals.o single.o > status.o tty.o wordlist.o unshadow.o unafs.o unique.o x86.o" > CFLAGS="-c -Wall -O2 -fomit-frame-pointer -m486" ASFLAGS="-c > -DUNDERSCORES -DALIGN_LOG -DBSD" > cc -c -Wall -O2 -fomit-frame-pointer -m486 -funroll-loops DES_fmt.c > > ... (snipped for brevity: compiles a bunch of .c source code files) > > cc -c -Wall -O2 -fomit-frame-pointer -m486 -funroll-loops unique.c > gcc -c -DUNDERSCORES -DALIGN_LOG -DBSD x86.S > cc -s DES_fmt.o DES_std.o BSDI_fmt.o MD5_fmt.o MD5_std.o BF_fmt.o > BF_std.o AFS_fmt.o LM_fmt.o batch.o bench.o charset.o common.o > compiler.o config.o cracker.o external.o formats.o getopt.o idle.o > inc.o john.o list.o loader.o logger.o math.o memory.o misc.o > options.o params.o path.o recovery.o rpp.o rules.o signals.o single.o > status.o tty.o wordlist.o unshadow.o unafs.o unique.o x86.o -o > ../run/john > ln -s john ../run/unshadow > ln -s john ../run/unafs > ln -s john ../run/unique > > fenris# make install > > ===> Faking installation for john-1.6p1 > install -d -o root -g bin -m 755 > /usr/ports/security/john/w-john-1.6p1/fake-i386/usr/local/share/doc/john > > ... (snipped: processes various package related files) > > /usr/ports/security/john/w-john-1.6p1/fake-i386/usr/local/share/doc/john > ===> Building package for john-1.6p1 > Creating package /usr/ports/packages/i386/All/john-1.6p1.tgz > Using SrcDir value of > /usr/ports/security/john/w-john-1.6p1/fake-i386/usr/local > Creating gzip'd tar ball in '/usr/ports/packages/i386/All/john-1.6p1.tgz' > ===> Installing john-1.6p1 from > /usr/ports/packages/i386/All/john-1.6p1.tgz > cc -c -Wall -O2 -fomit-frame-pointer -m486 -funroll-loops recovery.c > > ... (snipped: compiles some more files) > > cc -c -Wall -O2 -fomit-frame-pointer -m486 -funroll-loops unique.c > gcc -c -DUNDERSCORES -DALIGN_LOG -DBSD x86.S > cc -s DES_fmt.o DES_std.o BSDI_fmt.o MD5_fmt.o MD5_std.o BF_fmt.o > BF_std.o AFS_fmt.o LM_fmt.o batch.o bench.o charset.o common.o > compiler.o config.o cracker.o external.o formats.o getopt.o idle.o > inc.o john.o list.o loader.o logger.o math.o memory.o misc.o > options.o params.o path.o recovery.o rpp.o rules.o signals.o single.o > status.o tty.o wordlist.o unshadow.o unafs.o unique.o x86.o -o > ../run/john > ln -s john ../run/unshadow > ln -s john ../run/unafs > ln -s john ../run/unique > > fenris# /usr/local/bin/john > > John the Ripper Version 1.6 Copyright (c) 1996-98 by Solar Designer > > Usage: /usr/local/bin/john [OPTIONS] [PASSWORD-FILES] > -single "single crack" mode > -wordfile:FILE -stdin wordlist mode, read words from FILE or stdin > -rules enable rules for wordlist mode > -incremental[:MODE] incremental mode [using section MODE] > -external:MODE external mode or word filter > -stdout[:LENGTH] no cracking, just write words to stdout > -restore[:FILE] restore an interrupted session [from FILE] > -session:FILE set session file name to FILE > -status[:FILE] print status of a session [from FILE] > -makechars:FILE make a charset, FILE will be overwritten > -show show cracked passwords > -test perform a benchmark > -users:[-]LOGIN|UID[,..] load this (these) user(s) only > -groups:[-]GID[,..] load users of this (these) group(s) only > -shells:[-]SHELL[,..] load users with this (these) shell(s) only > -salts:[-]COUNT load salts with at least COUNT passwords only > -format:NAME force ciphertext format NAME > (DES/BSDI/MD5/BF/AFS/LM) > -savemem:LEVEL enable memory saving, at LEVEL 1..3 > > I used xf86cfg included with OpenBSD to configure a XF86Config. I just > ran xf86cfg, it detected my hardware, I saved the output and started X > ("startx"). Voila! It runs fvwm by default with some nifty menus and > features already configured. > > Next, I used the ports tree like above to install openbox, which is a > variant of blackbox, a minimal, small footprint window manager for X, > but with more nifty features built-in, like ALT-tab between apps, and > ALT-Fn between workspaces, etc. REALLY nice on an older box. Check it > out: http://www.icculus.org/openbox/ > > I find OpenBSD to run _really_ fast and well on older laptops that > usually lack the performance of a desktop. It takes about 5 seconds > from typing "startx" to see the openbox desktop. KDE and Gnome are > nice, but jeez, they are resource pigs. Here's the output of "top" > after starting X, openbox and xterm: > > load averages: 0.09, 0.10, 0.08 14:27:47 > 24 processes: 1 running, 23 idle > > Memory: Real: 21M/34M act/tot Free: 87M Swap: 0K/208M used/tot > > > PID USERNAME PRI NICE SIZE RES STATE WAIT TIME CPU COMMAND > 31979 _x11 2 0 11M 12M sleep select 0:01 0.00% XFree86 > 32753 root 2 0 356K 876K idle select 0:00 0.00% sshd > 23261 root 2 0 400K 1184K sleep select 0:00 0.00% sshd > 19868 root 2 0 988K 2116K sleep select 0:00 0.00% fluxbox > 964 root 2 0 1336K 2852K sleep select 0:00 0.00% xterm > 11855 root 2 0 908K 832K sleep select 0:00 0.00% sendmail > 15991 root 18 0 356K 296K sleep pause 0:00 0.00% csh > 10568 root 2 0 152K 724K sleep select 0:00 0.00% top > 23998 root 18 0 348K 312K idle pause 0:00 0.00% csh > 31362 root 2 0 104K 384K sleep select 0:00 0.00% syslogd > 1 root 10 0 340K 200K idle wait 0:00 0.00% init > 31186 root 18 0 388K 284K idle pause 0:00 0.00% sh > 27597 root 18 0 344K 272K idle pause 0:00 0.00% csh > 27374 root 2 0 232K 460K idle select 0:00 0.00% cron > 10834 root 2 0 64K 356K idle select 0:00 0.00% inetd > 13785 root 10 0 52K 612K idle wait 0:00 0.00% xinit > 15031 root 2 0 1608K 408K idle netio 0:00 0.00% XFree86 > 16776 root 3 0 48K 408K idle ttyin 0:00 0.00% getty > > I still have 87MB RAM free to play with! > > Installing OpenBSD on a laptop is a good way to learn about OpenBSD > and network security since it is portable and you can plug into > various networks and WLANs to do "trouble-shooting". Ahem. For > educational purposes only. ;) > > The only downside is that the laptop goes into sleep mode and doesn't > wake up, requiring a hard reboot, but the fsck utilities are > rock-solid so far and I haven't lost any files yet. Probably just a > BIOS tweak. > > For more info and extra L33T cred, check out: http://www.openbsd.org. ;) > > John Hebert > > CMB wrote: > >> Last week I had some fun determining which distros I like.... >> >> At home... I finally got one of my scrap boxes to run (lack of >> memory)....and for comparison purposes I did installs in >> slackware9.2, debian3, knoppix-std, and koppix3.3... > >
