23: Time Signatures

On this week's episode, we'll be talking with Ted Unangst of the OpenBSD team about their new signing infrastructure. After that, we've got a tutorial on how to run your own NTP server. News, your feedback and even... the winner of our tutorial contest will be announced! So stay tuned to BSD Now - the place to B.. SD.

This episode was brought to you by

Headlines

FreeBSD foundation's 2013 fundraising results

• The FreeBSD foundation finally counted all the money they made in 2013


• $768,562 from 1659 donors


• Nice little blog post from the team with a giant beastie picture


• "We have already started our 2014 fundraising efforts. As of the end of January we are just under $40,000. Our goal is to raise $1,000,000. We are currently finalizing our 2014 budget. We plan to publish both our 2013 financial report and our 2014 budget soon."


• A special thanks to all the BSD Now listeners that contributed, the foundation was really glad that we sent some people their way (and they mentioned us on Facebook)
  ***

OpenSSH 6.5 released

• We mentioned the CFT last week, and it's finally here!


• New key exchange using elliptic-curve Diffie Hellman in Daniel Bernstein's Curve25519 (now the default when both clients support it)


• Ed25519 public keys are now available for host keys and user keys, considered more secure than DSA and ECDSA


• Funny side effect: if you ONLY enable ed25519 host keys, all the compromised Linux boxes can't even attempt to login lol~


• New bcrypt private key type, 500,000,000 times harder to brute force


• Chacha20-poly1305 transport cipher that builds an encrypted and authenticated stream in one


• Portable version already in FreeBSD -CURRENT, and ports


• Lots more bugfixes and features, see the full release note or our interview with Damien


• Work has already started on 6.6, which can be used without OpenSSL!
  ***

Crazed Ferrets in a Berkeley Shower

• In 2000, MWL wrote an essay for linux.com about why he uses the BSD license: "It’s actually stood up fairly well to the test of time, but it’s fourteen years old now."


• This is basically an updated version about why he uses the BSD license, in response to recent comments from Richard Stallman


• Very nice post that gives some history about Berkeley, the basics of the BSD-style licenses and their contrast to the GNU GPL


• Check out the full post if you're one of those people that gets into license arguments


• The takeaway is "BSD is about making the world a better place. For everyone."
  ***

OpenBSD on BeagleBone Black

• Beaglebone Blacks are cheap little ARM devices similar to a Raspberry Pi


• A blog post about installing OpenBSD on a BBB from.. our guest for today!


• He describes it as "everything I wish I knew before installing the newly renamed armv7 port on a BeagleBone Black"


• It goes through the whole process, details different storage options and some workarounds


• Could be a really fun weekend project if you're interested in small or embedded devices
  ***

Interview - Ted Unangst - [email protected] / @tedunangst

OpenBSD's signify infrastructure, ZFS on OpenBSD

Tutorial

Running an NTP server

News Roundup

Getting started with FreeBSD

• A new video and blog series about starting out with FreeBSD


• The author has been a fan since the 90s and has installed it on every server he's worked with


• He mentioned some of the advantages of BSD over Linux and how to approach explaining them to new users


• The first video is the installation, then he goes on to packages and other topics - 4 videos so far
  ***

More OpenBSD hackathon reports

• As a followup to last week, this time Kenneth Westerback writes about his NZ hackathon experience


• He arrived with two goals: disklabel fixes for drives with 4k sectors and some dhclient work


• This summary goes into detail about all the stuff he got done there
  ***

X11 in a jail

• We've gotten at least one feedback email about running X in a jail Well.. with this commit, looks like now you can!


• A new tunable option will let jails access /dev/kmem and similar device nodes


• Along with a change to DRM, this allows full X11 in a jail


• Be sure to check out our jail tutorial and jailed VNC tutorial for ideas
  ***

PCBSD weekly digest

• 10.0 "Joule Edition" finally released!


• AMD graphics are now officially supported


• GNOME3, MATE and Cinnamon desktops are available


• Grub updates and fixes


• PCBSD also got a mention in eweek
  ***

Feedback/Questions

• Justin writes in


• Daniel writes in


• Martin writes in


• Alex writes in - unofficial FreeBSD RPI Images


• James writes in


• John writes in
  ***