Rediscovering OpenBSD

Following-up to the earlier story about the failure of the first incarnation of the new site, it’s time to reflect on venturing back to a non-Apple Unix for the first time in a few years. I needed to leave OSX Server, so what to do? I could have just re-formatted the G4 Cube and installed plain Jane OSX. But before I rushed off to do so, I did a quick inventory of machines in the house.

Uhhhh … I need to simplify a bit. This is getting to be too much. Plus, the extra cash couldn’t hurt. The PIII was easily the least valuable of the Unix-capable machines. Well, maybe the 6300CD could be made to run a Unix, but please, no. The PIII it is. It seemed to make sense to use that and sell something else (more here).

I certainly had choice when thinking about X86-compatible Unix-like OSes. I’m most familiar with BSD, both because of my experience with one kind or another over the years and because of Apple’s use of BSD subsystem components in OSX. I had used OpenBSD for a firewall I built for Gobe Software back in 2001 (OBSD 2.8, I believe) and have always been attracted to the project’s overriding emphasis on security. I’d wager this is what draws most people to OBSD over other Unices. It seemed a logical choice.

If you have experience with Unix, I can strongly recommend you look at OpenBSD. Straightforward to install and set-up, great ports and packages collections and plenty of documentation. I’m surprised by its peppiness on the PIII, even doing all its internal encryption.

Some things that might take you unaware:

  • Locations (e.g. there is no /etc/httpd). RTFM.
  • chroot’ed apache. RTFM.
  • Almost everything in a more secured mode. RTFM.
  • The usual Unix platform eccentricities. RTFM.

Don’t get me wrong, this OS is rock solid thus far and has behaved 100% according to what I have asked it to do. It’s just learning the different dialect that can throw you. It’s thrown me at times. Oops.

I must admit it feels good to come back to a straight-ahead CLI interface with a server running Unix. Aqua may be nice and pretty and all, but I kinda felt a little dirty with a Dock and bouncy mp3 player icons on my server. It just seems, well, wrong. Maybe I’m just old-fashioned and not keeping up with today’s kids, but VT100 is good enough for a daemon box, goldurnit. It’s not some “I 4M 1337!” dickpull, it’s just this sense when I manipulate the server entirely from the commnd line that all is right with the world. I guess you have to be really nerdy to understand. Or something.

If you’re a Unix wonk, play with OpenBSD. It’s a fun experience, and one I’m only just beginning to realize I’ve missed. If you’re not so Unix savvy, start playing in OSX’s Terminal before you dive in. The water is clean, but chilly.