OpenBSD Desktops Are For Hackers Only
Вставка
- Опубліковано 19 чер 2022
- In this video I explain why I prefer OpenBSD for my servers, but not for my desktops.
CONSOOM OPENBSD CONTENT
/ zaneyog
/ @rootbsd1368
Get a discount on a Vultr VPS (not good for email)
www.vultr.com/?ref=8791233
₿💰💵💲Help Support the Channel by Donating Crypto💲💵💰₿
Monero
45F2bNHVcRzXVBsvZ5giyvKGAgm6LFhMsjUUVPTEtdgJJ5SNyxzSNUmFSBR5qCCWLpjiUjYMkmZoX9b3cChNjvxR7kvh436
Bitcoin
3MMKHXPQrGHEsmdHaAGD59FWhKFGeUsAxV
Ethereum
0xeA4DA3F9BAb091Eb86921CA6E41712438f4E5079
Litecoin
MBfrxLJMuw26hbVi2MjCVDFkkExz8rYvUF
Dash
Xh9PXPEy5RoLJgFDGYCDjrbXdjshMaYerz
Zcash
t1aWtU5SBpxuUWBSwDKy4gTkT2T1ZwtFvrr
Chainlink
0x0f7f21D267d2C9dbae17fd8c20012eFEA3678F14
Bitcoin Cash
qz2st00dtu9e79zrq5wshsgaxsjw299n7c69th8ryp
Etherum Classic
0xeA641e59913960f578ad39A6B4d02051A5556BfC
USD Coin
0x0B045f743A693b225630862a3464B52fefE79FdB
Subscribe to my UA-cam channel goo.gl/9U10Wz
and be sure to click that notification bell so you know when new videos are released. - Наука та технологія
I have to disagree with you here. The definition of a hacker is anyone who opens a terminal and runs cmatrix.
A hacker is anyone who opens a terminal*
Lmao
I have to disagree. A hacker is anyone who can find the power button on a computer (cause apparently a professor with a phd can't figure that out).
🤣🤣😂😭😂🤣😭
all this time I thought it was someone who opened a terminal and ran htop
I'm a picture guy, if a book doesn't have pictures, that's not a good book.
Yeah, I acquire book based on if they have dinosaur drawings in their cover.
@@alejomakevids the dragon book?
@@pushqrdx They must know a lot about compilers then xD
@@alejomakevids yeah, i really like the Operative Systems book
Must not be a book guy then.
As a hacker, I don't need a girlfriend because I'm always in.
And you even got a heart 10/10 😅😅😅😅😅
Whaaa? 🤔
Funniest shit I've ever read.
"Penetration" testing?
EZ He's in
Whether you use openBSD or Linux, always keep in mind that as least you're not using Windows server lol.
about to say that, anyone who uses that on the net deserves to get hacked and ddosed out of existence!
Thanks for reminding me of its existence, now I feel less bad for not using artix and not having fde. It's just because I can't destroy my work machine, I promise.
Windows Server sucks for server. But if you need to use Windows on the desktop, it's at least not as full of crap as regular windows :)
My dad's company was running Windows Server... 2003.
He asked me to upgrade the hardware, so I got a Xeon, 32GBs of RAM and a couple of 5400rpm 2TB HDDs since they were cheap.
Installed Ubuntu Server (Yes, I don't care, it works). He never did the managing himself so he literally felt no difference and I can rest a lot easier now.
@@gtPacheko Ubuntu supports ZFS, I'd be tempted to look at it for that reason alone.
I use OpenBSD on my Thinkpad T420 and it runs great, yes hardware compatibility is more limited but it's grown over the years. Performance and battery life aren't as good due to the security features, so it's about 5% slower than Linux, but much, much more minimal and straightforward in it's administration. A couple things,
All the OpenBSD developers eat their own dog food and run OpenBSD on the desktop/laptop. They also use ports, and encourage using ports. Bluetooth dongles will work, Bluetooth barely works on Linux as it is (it's buggy as hell). ZFS is overkill for desktop users and anybody whining about ZFS better be running a datacenter or your being nitpicky. OpenBSD has a robust filesystem that almost impossible to corrupt and a self repairing package manager (you can have a power outtage in the middle of a system update and it will pick right back up where it left off). Also donating hardware and asking for/donating for driver support is encouraged if done politely.
Thanks for your comment man. I was about to write (my second comment) some stuff but you've done it, way better than I could in years.
I have used openbsd on my laptop before. Audio and wifi setup is very easy, easier than linux and it works great (from the perspective of somebody that uses dwm with no desktop environment).
That’s unfortunate because Linux power usage is worse than Windows by up to multiple times for no reason other than just because and that’s with Linux with power savings stuff enabled and Windows with high performance enabled and highest resolution timer of 2000hz
ZFS/btrfs and other similar COW file systems to work at all isn’t overkill
To be fair, Bluetooth barely works anywhere. Every time I connect a device to a new computer or phone or whatever, it takes a million tries to get it connected and then refuses to connect to anything else unless I force a disconnect on the prior device.
To be fair, OpenBSD actually does make a pretty lovely desktop.
The main reason is that most OpenBSD devs dogfood it on their desktops (as opposed to FreeBSD devs, who tend to use MacOS more on their desktops, regardless of how they advertise the OS) and desktop actually get first-class support.
It is true that hardware support is lacking (effectively, they only support the hardware the devs care about, and it's a relatively small team). And sure, there's less software available than for GNU/Linux (again, because of the small team).
But, if you use it with officially supported hardware, everything JustWorks™ with minimal tinkering and the experience is quite nice.
I was genuinly surprised when i install OpenBSD. Just enable XenoDM at installation, install i3 or OpenBox, put it it .xsession, and voilà. Just Works. On FreeBSD, tried 3 times, failed each (amd firmware).
Yes Arch/Artix, Debian works too, but... Wanted to try smth else, and Gentoo just does not support older AMD.
@@DrasLorus openbsd worked instantly out of the box while freebsd didn't even started the installer because it didn't liked my GPU
Thinkpads are GREAT for OpenBSD. :)
OpenBSD works out of the box on my Framework. It ships with most anything I need to get my work done. FreeBSD on the other hand mostly doesnt work ootb on desktops. I used Arch in the past, which was decent but less integrated than OpenBSD for my needs (lots of net/programming)
Cheers
That's interesting. I did have a similar experience with FreeBSD in the past where no matter how hard I tried nothing felt like it worked properly, or as clean as Arch Linux.
Might need to try out the other BSDs when I get the chance, maybe OpenBSD or NetBSD could work a little better.
@@thepuzzlemaster64 hard recommend from me to. I was looking to try FreeBSD on my Framework, and it kept fighting me, hard. My FreeBSD SSD finally works (moving to 13-STABLE and compiling graphics drivers from ports (drm-510-kmod), since even 13.1 released the other month still does not have support for 11th gen Intel graphics), but there's still work to be done to figure out why mouse is so darn laggy.
OpenBSD though? I installed it almost on a lark after being frustrated with FreeBSD, did sysupgrade -s to switch to the latest snapshot of CURRENT and... Everything just worked. Graphics, WIFI, X, everything was just "here you go, have funs", with the biggest problem I had was figuring out where xenodm (which I had never used before, obviously) was configured so that I could switch from the default window manager. My only complaint is that, like many have mentioned, it runs a bit hotter than I'm used to with Arch.
OpenBSD ships with an X server, a display manager and 3 (three) window managers, and will autoconfigure these for you if you select the right options during install.
The X server (Xenocara), display manager (xenodm) and one of the wm-s (cwm) are all developed "in house", I believe.
Indeed, works like a charm for me.
I moved to an OpenBSD desktop partly because of Xenocara which includes a driver that supports my huion tablet which did not work on FreeBSD. The other thing I like is using mblaze with mblaze-tools which are best supported on OpenBSD. OpenBSD also just seems so "solid" and reliable.
When will they start shipping with Wayland though?
@@tristanbay i heard it's here , but the dev are not satisfied with the security and proper implementation ... yet .
So they won't push it on pkg / ports , unless they are content with the security .
I bet someone out there is running OpenBSD as a daily driver just to prove a point.
You know it lmao
I’ve done it and it’s pretty great as long as you either have a supported wifi card or don’t need one
I'm no Uber h@x0r but have it running on 2 desktops at home. As long you're lucky one the hw support its not much different day to day to other things out there.
Yep. Theo De Raadt on his dinosaur AlphaVAX
Open BSD is designed to be a desktop looser
Thank you for the shout out man! Great video as always. Never thought my channel would end up in one of your videos. 😅 Glad you talked about Root too he is a top notch creator and guy. Take care!
hot take. slackware is super secure too, because it has to resolve 15 million dependencies by hand. =w= I like how fast slack is.
Indeed, I've got KDE and it's still fast.
@@anon_y_mousse i3 is fast, but it can me a memory hog at times when you tweak it too much.
@@anon_y_mousse But still loving it as I was a KDE user. Keyboard instructions are nice. Would recommend. :-)
Slackware is best of both wörlds.
Truly the superior OS, indeed. 🥸
@@r3mpuh its definitely not an everyone os, but its one of the oldest and most unix like linux systems.
Literally just went on break wagecucking it and was looking for a good video to watch. Thanks based mentaloutlaw
Bon soir
Just taking a break from salary slaving.
Woah they give you reception in your wage cage? Mine is foil wrapped
HEY! I AM THE CHIEF INCLUSION AND DIVERSITY COORDINATOR AND YOU ARE NOT ALOWED TO WATCH ALT-RIGHT CONTENT ON BREAK! GET BACK IN CAGIE!
Tell me you use 4chan without telling me you use 4chan
This is why GhostBSD is nice to use on a desktop, it's plug-and-play, very little configuration needed. It's kind of like running Linux.
The only thing GBSD is missing it is support for encrypted root during installation.
I love FreeBSD on bare metal with a window manager. The effort put into graphical display environment variable was worth it for not having to read the internet as text in a command line terminal, and now i can turn my homework with it… I think some people expect that because Linux wants to be new user friendly, that other operating systems should cater to those ideals. If someone wants to go through that trouble to use a GUI and set it up that’s great, but expecting BSD to do what ‘just works’ distros do is really far removed from the normal use case of servers, operating robotics….
He spelled that out I think by showing they dont prioritise desktop on the OpenBSD homepage. It's not a critisism it's an engineering consideration - the version of X that comes with BSD is really basic, and Theo i think once said if BSD had a 3rd remote code execution hole, it would be in the desktop environment, because X is so complicated. There are alternatives to X, but they are also not code-reviewed by the BSD team. The whole point of BSD is not to install stuff, and accept that if you want to be safe, you have to forgoe a lot of things. Having said all that, the dwm screengrab he had of OpenBSD looks absolutely beautiful and would do me fine. Still i use OSX tho.
@@cannaroe1213 OSX is quite good as long as you never touch iCloud. Same for iOS. Don't feel bad, fren.
@@tissuepaper9962 Haha, well thats my take on it too :) Although actually i lie, i don't even use OSX anymore, i just use random single-board-computers like some kind of silicone junky "hey - sniff sniff - you errrr, you got any MicroSD cards to spare brotha? I need it to, uhhh, get a bus back home. Gotta install the.. openmap layers... err."
The last straw for me with Apple is when they told me my hard drive "may" be replaced, which i took to mean "would be replaced if it needs fixing" (which it didn't), but because they solder the SSD directly to the motherboard they ALWAYS replace the hard drive, and too long didnt read i lost all my porn F in the chat
I would just use FreeBSD, can be either a desktop or server - plus it has what OpenBSD does not - ZFS.
REEEE NOT ALL DRIVERS ARE LIBREE AND THEY LACK SECURITY REEE
As someone who likes ZFS, it's kinda overrated. All of the BSDs have rock-solid UFS implementations that can do 99% of what most people want.
Why in the world would you want ZFS on a home computer? Are you planning on turning an entire floor of your house into a data center with several millions of dollars in disk storage?
@@stanleybroniszewsky8538 FreeBSD is already available and one of the options and people run that on their home rig soo.....i don't understand the point of your objection.
The answer to “Why dont you use OpenBSD?” for me is: “Because I havent ported it to my custom RISCV SoC yet”
I’d actually be keen to see your take on setting up an email server. I recently went self-hosted recently, but it was a bit rushed (bye bye legacy google workspace).
Agreed. I know Luke Smith did one on setting up a VPS for email hosting, but I wonder if there are benefits of doing that over self-hosting with your own hardware.
@@D0J0P The advantages in my mind are:
- You can easily have plenty of storage, even TB’s if you want (VPS can be quite limited, or $$ rises)
- It’s not another monthly bill
- Ultimate data sovereignty
The only issue is uptime, have been impacted by the odd storm or ISP outage, but my email isn’t so mission critical for it to matter, and emails will usually be held + retried from the sender and receive when you’re eventually back online.
Eating my lunch salad with a jobsite puppydog, and then you upload. I love you.
0:38 I don't fully understand network topology yet but the funny chungus pictures did make me chuckle, made me laugh.
I used OpenBSD for on my laptop before it became my main machine. It was a bit difficult to setup but worked fine after struggling to find what i had to configure
Though OpenBSD had a major issue of not being compatible with my touchpad (it acting like a keyboard). Did manage to fix it with some 4+ year old proposed patch, but didn't keep it as custom kernel and all that
I appreciate you showing other creators at the end of the video. That's a big problem with Odysee, there's no way to find small creators besides using the search.
Damn I hadn’t heard about Vultr not opening port 25 for email anymore. Back when i set my mail server I had to open a support ticket and explain the exact nature of the mails that would be sent and what domain(s) they’d be sent from. They ended up doing it for me and my mail server still works so I guess I’m grandfathered in or some shit
That did sound odd to me as well because I currently run a Mailcow server on Vultr with no problems. Unless Mailcow does some sort of "magic" that I'm not aware of?
I'm a hacker since I found that my cap gun end was fitting perfectly in chocolate bar vendor machines, later as a teen I learned that just throwing said machine on its face on the ground would yield all the chocolate. Nothing like brute force.
The tube from a BIC pen is also an ideal tool for bypassing tubular locks. You literally just shove it in, wiggle it, and twist and badaboom the lock is open. DeviantOllam has a good video about tubular locks, don't remember the title.
EDIT: I think he talks about the vulnerability I mentioned in the tubular locks subsection of "Pit to Penthouse", but I'm not going to go back and watch the whole thing to check.
thats the thing about brute force, if you arent getting the results you want, you simply arent using enough.
algorithm bump. Neat that you are covering this.
One reason, for setting up OpenBSD as a desktop is, if the hardware (like an old laptop) has started lacking behind for most things, but still can pull a task like playing mp3, or show a DVD; then it can also be used as a timer and alarm clock.
Thank you, and good night :3
(Buys black hoodie off Amazon)
As someone who is slowly transitioning to running NetBSD on metal on all of their devices, aside from API minutia that only programmers care about, there is almost no significant difference between various Unices from a desktop user perspective. They all run X and Firefox and most other GTK/Qt applications, and that's 90% of what people want in a desktop OS.
What I'm more concerned with is the hegemony of Linux in free software as a whole, and the increasing implication that "Unix-like" = "Linux." Indeed, that's why the big three BSDs all have had some form of Linux ABI compatibility - not because they want it as a useful feature, but because it's necessary to run lots of nominally "open-source" software nowadays like the latest Java. (yeah, the "write once, run anywhere" language is now less cross-platform than fucking Go and -Ada but woke- Rust. How far the mighty have fallen.) Aside from just meaning there's essential one central power in charge of the future of Unix, the Linux monoculture means there's one giant failure point in everyone's machines, and when the Linux kernel fucks up, everyone is gonna be hurting from it. It's bad for the exact same reasons the Chrome/GPL/Windows/x86/... monoculture is bad.
I don't disagree with your point, but to call Linux a monoculture is oversimplifying things. Unlike those other situations you mention (Chrome = Google, GPL = FSF, Windows = Microsoft, x86 = Intel/AMD) Linux doesn't have a single or even a small number of entities dictating its direction. Even for all the dreaded Red Hat has done, there are still many distributions out there that don't use systemd and are perfectly usable. The cathedral vs. the bazaar analogy is still valid even with all the corporate influence that has come to the Linux kernel and userland ecosystem. All that being said I don't disagree and there are valid reasons to be concerned. What I'd love to see is another FOSS desktop OS option but of the ones I've seen in development, none of them look promising.
@@megadog_ have you never heard of the Linux Foundation?
@@Shotblur The linux foundation's "linux specification" is completely irrelevant. Basically no distro adheres to it and some like debian have explicitly disavowed it. If you are talking about controlling the direction of the kernel specifically, thankfully if they start fucking it up we can all stay in previous versions of the kernel with backported security fixes until a fork catches on.
@@megadog_ The average Linux system is a bit more homogenized than your impression seems to be. Tell me, when's the last time you saw a *non-containerized* Linux system in production that didn't conform to either a Debian-like or a RHEL-like workflow? I can't remember the last time I saw one. Just as 99% of Unix is Linux nowadays, 99% of Linux is Linux with systemd and dbus and a "GNU userland" and a whole bunch of other crap. And a lot (and I do mean a lot, not just two or three) of programs assume and depend on this setup when you run them on Linux. Yes, alternatives like Devuan and Alpine exist. And just like with the BSDs, hardly anyone uses them. Do not misinterpret me - in both cases, this is unambiguously a bad thing.
You are wrong for this " Indeed, that's why the big three BSDs all have some form of Linux ABI compatibility" FreeBSD has Centos based compatibility layer, NetBSD has OpenSuse layer, but OpenBSD missing this layer for security reason.
kinda wild i installed openbsd on my t420 today and you uploaded this
at 6:00, have you tried ufw allow (the port you were using)?
For at least slightly hardened kernel and userspace, I can recommend openSuSE as distro :)
For kernel itself, grsec should be used + they had some comments on linux security in general
For FreeBSD - Bryan had video about their Code of Conduct quite long time ago. They changed it tho, but still sounds Coraline-esque ;)
Love openBSD!
well said!
@Mental Outlaw - Have you considered using sendgrid/mailgun instead of outgoing STMP server?
Just like gcp blocks all port 25 traffic and suggests using port 2525. Get around it by modifying your mailserver/exim with sendgrid api and using a custom port.. It works fast and results in better security.
The linux hardened is basically what I do manually for every server I setup and it takes ages to fine tune nicely. Defending nowadays is much much more difficult than attacking.
That's why log event types that triggers notifications so you will be updated instantly via push messages exists 😎
OpenBSD on a laptop is one of my comfiest machines but yeah it’s pretty unusable for daily driver shit and I’m deferring to my artix book most of the time. You can rice it and script like a screenwriter but there is only so much you can do before you’re just recreating your regular linux desktop on BSD for no good reason other than internet nerd points.
watching this on my openbsd desktop running cwm. It's one of the best window managers out there and it's installed by default. I still dual boot linux for more complicated stuff like music production and games, but openbsd works fine, the default applications are good and minimal and it's a great development environment. Configuring things like wifi and audio is way easier on openbsd than on linux. It's a great system for desktop but it's not for everyone because it lacks some software and drivers for unusual hardware that are usually available on linux.
NetBSD: _crying in the corner_
I run NetBSD. It offers the "cleanest" interpretation of a Unix system, for whatever that buzzword is worth, plus the devs have made strong commitments to never break shit.
What? OpenBSD is meant for desktop use. It literally comes with Xorg, multiple window managers, an audio server, etc. OpenBSD also has wifi support. And you don't even need to install anything for WPA, it just works with ifconfig. And the only reason OpenBSD does not have Bluetooth support in the kernel is not because it "will piss off people", but because Bluetooth support never properly worked and was deleted at some point and no one has yet bothered to implement proper support. I don't think the OpenBSD devs would reject a well designed Bluetooth driver.
openBaSeD may not be for me,but i really respect it, espacially with the freeBSD devs mostly using macOS.
I've been using Digital Ocean for email port 25 for several years now. I don't know if they still have it open by default. I have a friend who recently set up his own email server on Linode.
Hey nice vid Outlaw. Can I request you make a video on pihole and adblocking maybe in a docker container. I think it would be a cool idea for a video.
can you install a desktop gui on openbsd so you can have a gui to open and navigate to the files?
or does a desktop environment hook so deeply into the operating system that it could compromise the security or something?
however do develop a wifi support via custom kernel and host it your self or post it to usenet (remember that the newsgroups) and hit up the devs maybe to include your sit to their external sites list (many sites have links to other sites).
could you open another non standard port on vultr and remap to that?
do a port scan to see what ports are open and use a different port say 24 or 26
No picture of desktops… he’s got us there boys.
Am currently using openbsd as daily, i have started using it recently and I really like it
I'm not sure if you've done a video on this already or not, but I'm super uncomfortable with giving my ID to youtube to prove I'm over 18 to watch *vaguely* edgier content, is there any way around this or am I stuck?
I installed homebrew on my Wii. I’m a hacker
hell yeah
Nothing better than USB Loader GX and Nintendon’t.
@@rustylasagna Yup those are basically the two things I have installed. I love that I can play MKWii without disc and play any GameCube game without a memory card.
I just want to say I am highly offended youtube put a microsoft mid roll ad in this OpenBSD video.
Thats like earlier I was watching a documentary on the evils of China's Tik Tok and ads for tik tok kept popping up during... They're onto us!
do you REALLY not use an ad blocker in $current_year ?
@@niggyshiggy Nah, because the youtubers I watch make some tiny fraction of a cent from me.
@@paladingeorge6098 so M$ goes to BSD promoter. The system works.
What you need is an Adblock that pipes to /dev/null and also announces when the programme content has returned.
Can I recommend a nice tutorial on how to setup a complete network (internet facing side open bsd systems and tutoria for each system). A complete tutorial on setting up a secure enviroment)?
Edit: You kinda answered the question in the end of the video. Thanks!
Yay, another upload!
I'm a big fan of openbsd for my laptop, compatibility is good and it works out the box with cwm. I have a steamdeck for portable gamin, and a desktop PC with windows for home gaming, but out and about where I'm likely to be connecting to shared wifi networks etc, the additional security of oBSD provides some peace of mind while doing everything I need it to, with very little effort on my part.
how did you build your VPC ?
i cant find anything useful other than using amazon services
I am running an email server with Vultr and its works fine. I don't even notice the closed port 25, because I tend to use SMTP, and I'm guessing every other email server that has contacted my VPS does too
I recently put an open BSD system together with some kind of window manager such as icewm because that's one of my favorite window managers I love the security and I think you are absolutely correct it's meant to be a server I can mount my drives and stuff but for what I'm doing and what I'm learning and there's a lot to learn in open BSD and all of my hardware worked and setting up Wi-Fi and stuff for me wasn't a big deal since I know about previous d also and FreeBSD is the all-around operating system you can use it for a server you can use it for a desktop you can use it for a lot of things and it's the better choice for a multipurpose system but I still love open BSD and I'll keep my eye on it and read up on it but I think main system wise Arch and FreeBSD are the best choices for me but right now I think I mainly am using those. I think right now I'm favoring Arch a little bit just because of the convenience of software and it's not a lot to set up with things so but not all configs are going to work I just put together an old Lenovo w520 with it altered a certain way which I'm just using the Intel GPU because my battery life is important right now because I'm learning two programming languages so I need to just focus on that and take care of my family so I can't learn openbsd keep up with everything else and learn to programming languages so I kind of need to hone in on one thing but I'm still going to read and play around with open BSD. So yeah it is what it is and as for Doom I've been playing Doom since 1993 I'm 41 years old and I'll never stop in Arch Lenox has so many awesome choices for Doom mods you can install with GZDoom so doom has my heart. Also battery life problem with the w520 ThinkPad in FreeBSD is that I could not get a happy medium with configuring it and what configuration works for someone else won't always work for you but that's why I don't use 100% of other people's configurations I read and see what works best and test which is what you're supposed to do anyway. Anyway great video once again have a great day.
i dont need wifi support for a desktop environment, but ive dealt with hardware firewalls with openbsd running on them and some of them can be also run as access point
Having WiFi and Bluetooth on a server OS can make sense. For example if you want to make your own WiFi hotspot instead of using one that a company makes, or if you want a server to connect to Bluetooth devices for gathering temperature data etc.
i had run FreeBSD as second OS alongside Fedora on my older FX-8320 machine back then, GhostBSD is Mint of FreeBSD world, but I did vanilla, and installing things + rewriting configs can teach you, if you are casual and want to try out another Unix-like OS (basically original UNIX), then GhostBSD is for you
That pic is the main server for OpenBSD that's in the main dev/founders basement up in Canada. XFCE and Mate run fine on OpenBSD so it's just as much of a desktop distro as anything else.
Been running a box with some extra NICs as a router with vanilla openBSD, getting fluxbox mostly worked and I also installed the dhewm3 package directly from the repo, granted I probably got a bit Lucky or the hardware was old enough, but I didn't encounter any issues. It's rather amusing to be playing doom3 but I agree that there are more than a couple things I miss (like OBS)
Are you going to do a video on your pinephone pro?
I don't think openbsd would make sense as a main desktop operating system unless you're also using it as a secure operating system in a professional way, and you're maintaining opsec as much as possible on both your personal and work computer. If it's hard enough to tell which one you use for work and which one you use personally, it could deter threat actors without the resources to attack both computers. Of course, someone orchestrating a personal attack that sophisticated would probably have the resources to figure out which one is your personal computer and which is your work computer based on things like when you're using those computers. Although this is all assuming the hacker already breached your other defenses. If you run a firewall server, even something basic like something running on a raspberry pi, that's another layer of defense. If you use a good router with decent security features and no glaring vulnerabilities, that's another layer. If you use a good modem with good security features and no glaring vulnerabilities, that's another layer. Having a good ISP might even be a consideration, depending on where you live - though, that's one thing I don't really know for sure.
Word. Good advice
I use a NomadBSD in a pendrive. It's not based on OpenBSD, but FreeBSD, and it already comes with a desktop environment and persistence. And it runs very smooth. It's not very hardware friendly. But with a little research you can figure out how to make them work.
Didn't know that Luke and Kenny live in the same universe
Why couldn't you get Vultr to open the SMTP port? You just follow their procedure, and explain that you are not going to spam people. Worked for me :)
i thank you for this video
i learned a lot from it
Thanks for sharing
RedHat/centos use an SELinux kernel by default. very good against privilege escalation. Adds some admin hassle when setting things up, but is a tradeoff.
I use Vultr for email, they do open the 25 port but they ask you to use your server "normally" for at least 30 days, before doing that.
I love BSD (Free, Open, Ghost, etc) when it's on several devices, such as edge servers, proxies, caching, etc, but even in my servers the hardware support is so limited that I can not use it on most of my systems. Because of recent changes in the Linux kernel I no longer lose any speed or security by running a Linux Distro instead of BSD on those devices and I don't lose any speed or security doing so with the proper configuration.
I have to recommend OpnSense rather than PFSense to friends because I know one will work and the other won't on their systems. Unless they run PFSense in a VM which is more common and generally accepted these days in homelabs where you are trying to pack the most bang for your buck in one tiny rack.
The first part doesn't make any sense and tells me you're doing something wrong.
i recently got a blusecreen after a windows update and now I'm trying to become autistic by binge watching your videos to get into coding
OpenBSD stands for Open Blue Screen of Death.
@@belstar1128 ???
@@ethanissupercool7168 Its called a joke i know you probably don't know what that word means its a very deep complex concept.
@@belstar1128 sorry was confused lmao
Send a support ticket to the folks at Vultr to request port 25 egress. They'll ask you a bunch of questions to figure out what you are going to use it for (personal email is a valid reason), and they will open the ports for you.
One of the very few times when I disagree with you Kenny. But I think guys like RootBSD etc make a better case for OpenBSD than I ever could, so I'll leave it at that. For those who do want to use OpenBSD as their desktop, I would add that The OpenBSD guy's channel is a great asset too. The dude's legend. (Watched, eyerolled, retorted from a desktop running on OpenBSD laptop. Sincerely, not a hacker)
"Desktops, they're not openly accessible on the Internet..." Haha this guy funny. Subscribed.
That "OpenBased" near the end of the video caught me off guard
I may not be recalling correctly but didn't OpenBSD have better WIFI support than FreeBSD? Like it supported more chipsets?
I've used OpenBSD on my desktop for years now and am happy with it. The OS does come complete with a number of Dam's but none are configured for use out of the box. They're intended for people who either know how to use them or research for themselves, which includes the use of the accompanying documentation. With regards to wi-fi, the reason it's not as polished as the other ones is because the OpenBSD project has more limited funds than the other ones like Linux so they have to prioritize certain things. Fast Wi-Fi on OBSD makes sense as much as it does on Linux because it can be used as a secure access point if nothing else.
Most VPS providers have port 25 disabled by default because of email spammers using their services. When a domain name or IP is flagged as spam the domain name/IP are basically useless for email. Email has a shit ton of tests you need to have done, so most email providers don't just immediately send you to spam. These are also the reasons why you don't use your home IP to host email as well. All residential IPs are flagged as potential botnets used for spam. I only know this because I had to setup an email server for a start up company from scratch using openbsd.
Email is the one service I am willing to pay to have someone else host for me. Been there and done that many years ago, even back then it was a pain and that was before all the extra anti-spam measures that exist now. Now I just pay for Fastmail.
@@megadog_ I eventually gave up on making the email. It was too torturous.
I am a hacker if i use a windows vm to do my excel homework without having to use windows bare-metal?
Why use any server as a VPC gateway? Minimal OS is great for security, but isn’t no server at all better, ie, use the AWS managed services? ELB + security groups? Maybe it’s cheaper when you start adding more monitoring and stuff.
I love OpenBSD, use it since this March. OpenBSD? More like OpenBased! It's not that slow, hardware is not bad (except a non working internal mic).
-The non working mic is intentional so the Feds can't listen to you-
I agree the infighting is counter productive
I was planning to get into openbsd or freebsd but I saw a comment that said you are not getting that much advantage from linux and you cannot install some software that can easily be installed on linux. So decided to stay with linux.
It's more secured, but I don't need that much security tbh, I even reduced security and privacy level that I follow. So, instead of following the best, I started following the good enough for me strategy.
Very nice
the OOTB programs and window managers are enough of a desktop for me, and my rice compiled with one uncommented line.
Switched only on desktop wanting to try gentoo with vidya games. + ports had problems. Might switch back lol.
What do you use as a daily OS?
for mail exchange, OVH is doable. one can always pay for an smtp smarthost however.
When I setup RPI the first things I do is remove all bluetooth and wireless modules and services. Modules can be disabled after.
Great video for the Linux vs BSD crowd - agreed :)
I’ve been running NetBSD on everything for more than 20 years. Good on the desktop, good on the rack. About half way between FreeBSD and OpenBSD. Runs everywhere.
The main advantage of NetBSD is that is highly portable and runnable in all sort of devices, probably the best solution for reliving an archaic rig as a TUI home server too.
People who use Linux as their daily, who then do “reviews” of OpenBSD, are like people who live in one city, and then write an “insiders view” of another city. They may pretend to be “experts” but they are just tourists, and write like tourists.
If you want to know about OpenBSD, listen to people who actually use it.
I disagree.
Insiders are biased towards OpenBSD despite it's potential flaws, outsiders are biased towards the OS they know, despite the cool features OpenBSD may have.
For the most full opinion, you should look at opinions from both groups.
Packet management can be a bit painful on Linux distros in general. I heard good things about package mgmt on OpenBSD (maybe it's the same on the other BSD's?).
Flatpak looks like a better way forward for Linux though.
I've been using OpenBSD on desktop computers since 1999. The only OS I've used longer is Slackware Linux. Both are great.
There are distros that HAVE TO use hardened linux kernel. For example, there is AstraLinux, which is the only distro allowed to be used in Russian private/public/government companies, which in any way interact with personal info.
Also, whats the deal with ISP and mail server? First, TCP 25 is a sending port used for retransmitting non-encrypted messages. I doubt that ISP blocks already established connections, which may be initialized from withing.
Even if thats the case, just double proxy it. If you are using own private mail, then you probably have your own SOA record and many hosters allow for port to proxy
i got an email on vultr just fine? I sent in a ticket request and they opened it up within hours. I had been using it to host websites for a few months before my request, and it's all hosted under my real name, so maybe that's why?
1:11 its the first time i saw editing in one of ur videos
May I suggest Linode. Have been running a mail server for the last few years with no issues.
So let me get this straight - OpenBSD is a more secure server OS than any Linux server OS? But only if you're facing the internet right? What about just as a file server on your home network?
Vultr lets you open port 25 but you have to ask them through support ticketing system and promise you won't use your email server for nefarious purposes.
been there, done that, got a copy pasted response from multiple members of their support team refusing to do the needful
@@MentalOutlaw big oof then. I guess I just got in early
That's what was stated in their FAQs, yet when I was setting my email with them ~1 year ago the support rep got very confused about port-blocking (claiming they don't do any) *and I quickly figured out any firewalling present was just Debian default - ufw*
for the love of jeebus don't run your own email server, it's the surest way to get turbohacked
@@marcogenovesi8570 isn’t outsourcing the surest way to get privacy molested?
I’d just like to interject for a moment. What you’re refering to as Linux, is in fact, GNU/Linux, or as I’ve recently taken to calling it, GNU plus Linux. Linux is not an operating system unto itself, but rather another free component of a fully functioning GNU system made useful by the GNU corelibs, shell utilities and vital system components comprising a full OS as defined by POSIX. Many computer users run a modified version of the GNU system every day, without realizing it. Through a peculiar turn of events, the version of GNU which is widely used today is often called Linux, and many of its users are not aware that it is basically the GNU system, developed by the GNU Project. There really is a Linux, and these people are using it, but it is just a part of the system they use. Linux is the kernel: the program in the system that allocates the machine’s resources to the other programs that you run. The kernel is an essential part of an operating system, but useless by itself; it can only function in the context of a complete operating system. Linux is normally used in combination with the GNU operating system: the whole system is basically GNU with Linux added, or GNU/Linux. All the so-called Linux distributions are really distributions of GNU/Linux!
Nice ♥️
why not run HA-Proxy to a vps that allows outbound SMTP?
Automatically generated comment saying that TempleOS is superior than any other OS.
Vultr opened port 25 for me when I explained what it would be used for after I opened a support ticket