1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
|
From deraadt@do-not-reply.openbsd.org Tue May 2 04:50:00 MDT 2000
Return-Path: root
Date: Tue May 2 04:50:00 MDT 2000
From: deraadt@do-not-reply.openbsd.org (Theo de Raadt)
To: root
Subject: Welcome to OpenBSD 2.7! Secure by Default!
This message attempts to describe the most basic initial questions that a
system administrator of an OpenBSD box might have. You are urged to save
this message for later reference.
For more information on how to setup your OpenBSD system, refer to the
"afterboot" man page (ie. after you exit the mail subsystem, type
"man afterboot" ). If you are not familiar with how to read man pages, type
"man man" at a shell prompt and read the entire thing. Pay specific
attention to the "man -k keyword" option, which will permit you to find the
man page you are looking for easier. The GNU "info" subsystem is also
installed with further documentation resources; to read info pages type "info".
(The info subsystem behaves like the popular emacs editor).
If you have installed the X11 packages during the install process, you can find
further information regarding configuration in the file /usr/X11R6/README.
Several popular binary packages (pre-compiled applications) are available
for most architectures. If you installed from a CD-ROM the packages
are on the same CD-ROM you installed from in the directory 2.7/packages.
CD-ROM Space permitted us to include the following packages for the most common
architectures:
ADMfzap-0.1.tgz gsm-1.0.10.tgz png-1.0.3.tgz
ADMsmb-0.2.tgz gtk+-1.2.7.tgz pngcrush-1.4.1.tgz
ADMsnmp-0.1.tgz gtkglarea-1.2.2.tgz pop3gwd-1.2.tgz
CDDB-1.02.tgz guavac-1.2.tgz popa3d-0.4.tgz
MIME-Base64-2.11.tgz gv-3.5.8.tgz popclient-3.0b6.tgz
MPEG-MP3Info-0.71.tgz ha-0.999b.tgz poppassd-4.0.tgz
Mesa-3.0.tgz hackdata.tgz postfix-19991231-pl06.tgz
PGPlib.tgz hexedit-1.1.0.tgz postgresql-6.5.3.tgz
XPostitPlus-2.3.tgz hoc-1.1.tgz prc-tools-0.5.0.tgz
Xaw3d-1.5.tgz hping-2.0b53.tgz procmail-3.14.tgz
aalib-1.2.tgz html-4.0b.tgz proxy-suite-1.7.tgz
abuse-2.0.tgz httptunnel-3.0.tgz psutils-1.17-a4.tgz
ac3dec-0.5.6.tgz icmpinfo-1.11.tgz publicfile-0.52.tgz
adcomplain-3.49.tgz id-utils-3.2d.tgz qmail-1.03.tgz
afterstep-1.8.0.tgz idiff-1.0.tgz qmailanalog-0.70.tgz
apc-upsd.tgz indent-2.2.2.tgz queso-980922.tgz
arpcatch.tgz info2html-1.1.tgz remind-0.3.tgz
arpwatch-2.1a4.tgz isic-0.05.tgz rplay-3.3.0.tgz
asmail-0.50.tgz iso12083-1993.tgz rsync-2.4.1.tgz
aterm-0.3.6.tgz iso8879-1986.tgz rsynth-2.0.tgz
aub-2.0.5.tgz ispell-3.1.20.tgz rtty-3.2.tgz
autoconf-2.13.tgz ja-kterm-6.2.0.tgz rxp-1.1.tgz
automake-1.4.tgz ja-less-3.32p2.48.tgz rxvt-2.7.2.tgz
axe-6.1.2.tgz ja-nkf-1.62.tgz samba-2.0.6.tgz
bash-1.14.7-static.tgz jbigkit-1.1.tgz screen-3.9.5.tgz
bash-2.04-static.tgz jed-0.99.10.tgz sdd-1.22.tgz
beav-1.40-13.tgz jive-1.1.tgz serialmail-0.75.tgz
bibview-2.2.tgz joe-2.8.tgz setquota-0.1.tgz
bing-1.0.4.tgz john-1.6.tgz sharity-light-1.2.tgz
bison-1.27.tgz jpeg-6b.tgz sharutils-4.2.tgz
blackbox-0.51.3.1.tgz jpilot-0.98.tgz shtool-1.4.7.tgz
bladeenc-0.92.tgz kaffe-1.0.5.tgz slash-3.2.2-e8-x11.tgz
blast-1.0.tgz kakasi-2.3.1.tgz slash-3.2.2-e8.tgz
boehm-gc-4.12.tgz lclint-2.4b.tgz slirp-1.0c.tgz
bonnie-1.0.tgz lesstif-0.89.9.tgz slrn-0.9.6.2.tgz
bounix-1.21.tgz lha-1.14f.tgz smurflog-2.1.tgz
bricons-3.0.tgz libIDL-0.6.5.tgz snort-1.5.1.tgz
buffer-1.17.1.tgz libaudiofile-0.1.9.tgz socket-1.1.tgz
bulk_mailer-1.5.tgz libghttp-1.0.4.tgz sox-12.15.tgz
bvi-1.2.0.tgz libgii-0.1.tgz splitvt-1.6.3.tgz
bzip2-0.9.5d.tgz libicq-0.33.tgz squid-2.2.tgz
c2html-0.9.tgz libident-0.22.tgz star-1.2.tgz
calc-2.11.1t3.0.tgz libnet-1.0.tgz starlanes-1.2.2.tgz
catdoc-0.90b4.tgz libnids-1.13.tgz stat-1.3.tgz
cdrecord-1.6.1.tgz libproplist-0.10.1.tgz strobe-1.06.tgz
cfs-1.3.3.tgz libslang-1.4.0.tgz stunnel-3.8.tgz
cgichk-3.0.tgz libtool-1.3.3.tgz swisswatch-0.06.tgz
cgiparse-0.8e.tgz libxml-1.0.0.tgz tar-1.13.tgz
checkpassword-0.81.tgz links-0.84.tgz tcl-8.0.5.tgz
clog-1.6.tgz linux_lib-2.6.1.tgz tcl-8.3.0.tgz
cops-1.04.tgz linuxdoc-1.1.tgz tcpblast-1.0.tgz
crack-5.0.tgz logsurfer-1.5.tgz tcpflow-0.12.tgz
ctm.tgz lupe-0.07.tgz tcpreplay-1.0.1.tgz
ctwm-3.5.tgz lzo-1.06.tgz tcptrace-5.2.1.tgz
curl-6.5.2.tgz m4-1.4.tgz tcsh-6.09.00-static.tgz
daemontools-0.70.tgz magicpoint-1.05a.tgz teTeX_base-1.0.7.tgz
dante-1.1.1.tgz malsync-1.6.tgz teTeX_texmf-1.0.2.tgz
deco-3.8.3.tgz mawk-1.3.3.tgz tidy-13jan00.tgz
dejagnu-1.3.tgz mess822-0.58.tgz tiff-3.5.4.tgz
delay-1.4.tgz metamail-2.7.tgz tintin-1.5.6.tgz
detex-2.6.tgz mgdiff-1.0.tgz tircproxy-0.4.3.tgz
dgpsip-1.32.tgz micq-0.4.5.tgz tk-8.0.5.tgz
dialog-0.6z.tgz mirror-2.9.tgz tk-8.3.0.tgz
dot-forward-0.71.tgz mm-1.0.12.tgz tosha-0.6.tgz
dxpc-3.8.0.tgz movemail-1.0.tgz tracker-5.3.tgz
electricfence-2.0.5.tgz mp3cddb.tgz trafshow-3.1.tgz
emacs-20.3-no_x11.tgz mp3encode-1.10.tgz transfig-3.2.3.tgz
emacs-20.3.tgz mp3info-0.2.16.tgz tvtwm-pl11.tgz
enscript-1.6.1.tgz mpage-2.5-a4.tgz ucspi-tcp-0.88.tgz
epic4-pre2.507.tgz mpage-2.5-legal.tgz unace-1.2b.tgz
es-0.9a1.tgz mpage-2.5-us-letter.tgz unzip-5.40.tgz
esound-0.2.16.tgz mpeg_lib-1.3.1.tgz usbutil-0.4.tgz
ethereal-0.8.7.tgz mpeg_play-2.4.tgz viewfax-2.3.tgz
expect-5.31.tgz mpegaudio-3.9.tgz viz-1.1.1.tgz
ezmlm-0.53.tgz mpg123-0.59r.tgz vrfy-99.05.22.tgz
fastforward-0.51.tgz mrtg-2.8.12.tgz waveplay-1.0.tgz
fetchmail-5.3.8.tgz mtr-0.41.tgz wdiff-0.5.tgz
figlet-2.2.tgz mutt-1.0.1i-curses.tgz weblint-1.020.tgz
firewalk-0.8.tgz mysql-3.22.32.tgz webmin-0.79.tgz
fltk-1.0.7.tgz nbaudit-1.0.tgz wget-1.5.3.tgz
flwm-0.25.tgz ncftp-2.4.3.tgz wide-dhcp-1.4.0.3.tgz
fping-1.20.tgz nedit-5.0.2.tgz windowmaker-0.62.1.tgz
fragrouter-1.6.tgz nemesis-1.0.tgz wmx-6pre1.tgz
freeciv-1.10.0.tgz nessus-0.98.3.tgz wterm-6.2.6.tgz
freefonts-0.10.tgz netatalk-990130.tgz xcoloredit-1.2.tgz
freetype-1.3.tgz nethack-3.3.0-x11.tgz xcolors-1.3.tgz
freeze-2.5.tgz nethack-3.3.0.tgz xemacs-20.4-mule.tgz
fxtv-0.48.tgz netpipe-2.3.tgz xfig-3.2.3a.tgz
gd-1.8.1.tgz netpipes-4.1.1-export.tgz xfm-1.3.2.tgz
gdbm-1.8.0.tgz netris-0.5.tgz xforms-0.88.tgz
getbdf-1.0.tgz newsfetch-1.21.tgz xkobo-1.11-harder.tgz
gettext-0.10.35.tgz nmap-2.3b18.tgz xkobo-1.11.tgz
ghostscript-5.50.tgz nmapfe-0.9.5.tgz xmahjongg-3.3.tgz
ghostview-1.5.tgz nmh-1.0.4.tgz xmysql-1.9.tgz
gicq-0.33.tgz nsping-0.8.tgz xmysqladmin-1.0.tgz
gif2png-2.3.2.tgz nspmod-0.1.tgz xntp3-5.93e-export.tgz
giflib-4.1.0.tgz ntop-1.1.tgz xpat2-1.04.tgz
gifsicle-1.17.tgz nvi-m17n-1.79.19991117.tgz xpdf-0.90.tgz
gimp-1.1.17.tgz otcl-1.0a4.tgz xspread-2.1.tgz
glib-1.2.7.tgz par-1.51.tgz ytalk-3.1.1.tgz
gmake-3.78.1.tgz pchar-1.1.1.tgz zap-1.1.tgz
gnuls-4.0.tgz php3-3.0.16.tgz zoo-2.10.1.tgz
gnupg-1.0.1.tgz pilot-link-0.9.3.tgz zsh-3.0.7-static.tgz
gperf-2.7.19981006.tgz pilot_makedoc-0.7.tgz zsh-3.1.6-static.tgz
gracula-3.0.tgz pkfonts300-1.0.tgz
gsl-0.3b.tgz plor-0.3.2.tgz
These and many other packages are also available via ftp at
ftp://ftp.openbsd.org/pub/OpenBSD/2.7/packages/
If you do not find a package you want on the CD, please go look at your
nearest FTP mirror site.
Select your architecture and download the tarballs of your choice. For example
to install the emacs package for i386, execute
# mount /dev/cd0a /cdrom
# pkg_add -v /cdrom/2.7/packages/i386/emacs-20.3.tgz
or alternatively install them via FTP thus
# pkg_add -v ftp://ftp.openbsd.org/pub/OpenBSD/2.7/packages/i386/emacs-20.3.tgz
Other important packages which are not permitted on the CD (due to patents) are
available on our FTP servers (as described above). In particular, we provide
the USA and international versions of PGP. The filenames are:
pgp-intl-2.6.3-tgz
pgp-usa-2.6.3-tgz
Two OpenBSD libraries (libssl and libcrypto, based on OpenSSL) implement many
cryptographic functions which are used by OpenBSD programs like ssh, httpd, and
isakmpd. Due to patent licensing reasons, full versions of those libraries may
not be included on the CD -- instead the base distribution contains libraries
which have had a few troublesome routines removed -- the programs listed above
will not be fully functional as a result. Libraries which _include_ the
troublesome routines are available and can be FTP installed, as long as you meet
the follow (legal) criteria:
(1) Outside the USA, no restrictions apply. Use ssl27.tgz.
(2) Inside the USA, non-commercial entities may install sslUSA27.tgz.
(3) Commercial entities in the USA are left in the cold, due to how the
licences work. (This is how the USA crypto export policy feels to the
rest of the world.)
If you did not install the ssl package yet, it is easily installed at any time
(see the afterboot(8) and ssl(8) manual pages).
You are STRONGLY urged to use ssh instead of telnet, rlogin, or rsh!
ssh is included in OpenBSD systems which have shared libraries (i386, sparc,
mips, m68k), and relies on the ssl27.tgz package, which contains the
patented RSA code. This package is available on all our FTP servers, but NOT
included on the CD. During the system install, this package was probably
already installed (use pkg_info(1) to see if ssl27 or sslUSA27 are installed).
As of OpenBSD 2.7, the provided ssh implementation (ie. OpenSSH) contains
support for ssh 2.0 protocol. This protocol uses the freely-useable DSA
public key algorithm for key exchange instead of the patented RSA algorithm.
Full DSA support is included in OpenBSD, and the server is started by default.
ssh will therefore work fine as long as you connect to/from a server/client
which also supports the 2.0 protocol.
The RSA patent expires on September 21, 2000. After this date, you may use
either of the previously mentioned ssl27 packages in any environment,
commercial or otherwise. After that date, we recommend that you use the
ssl27 package instead of the sslUSA27, not because there is any real outward
difference between them, but we feel more comfortable with the quality of the
non-USA code.
On non-shared library systems (powerpc, m88k, alpha) you could install one
of the ssh packages provided on the FTP sites:
ssh-intl-1.2.27.tgz
ssh-usa-1.2.27.tgz
or you may see if the developer for that architecture has compiled a static
version of OpenSSH.
Significant efforts were made to centralize all system configuration in the
/etc directory. You should be able to find each of the configuration files
you seek there, lightly documented. In particular, much of the configuration
has been centralized in the file /etc/rc.conf. You should not need to ever
edit the file /etc/rc. The files /etc/rc.securelevel and /etc/rc.local exist
for this purpose; the first is run before the system has gone into secure
mode; the second is run afterwards (if in doubt, add your tools to rc.local).
Please refer to our web pages for any other questions you might have.
http://www.OpenBSD.org
OpenBSD is free software. You can do with it as you like, subject to very few
conditions (described at www.OpenBSD.org/policy.html). But free software isn't
written without money. Network links, hardware costs, release engineering
and testing work; all these things take money and significant effort on the
part of those who have made this OpenBSD release what it is. Please reward the
developers who have made OpenBSD what it is, and thus make it possible for this
wonderful process to continue. For more information on how you can help,
please see www.OpenBSD.org/goals.html and visit www.OpenBSD.org/donations.html
to see a list of those who have donated money, equipment, or other resources
to ensure OpenBSD continues.
If you wish to ensure that OpenBSD runs better on your machines, please do us
a favor (after you have your mail system setup!) and type something like:
dmesg | mail -s "Sony VAIO 505R laptop, apm works OK" dmesg@openbsd.org
so that we can see what kinds of configurations people are running. As shown,
including a bit of information about your machine in the subject or the body
can help us even further. We will use this information to improve device driver
support in future releases. (Please do this using the supplied GENERIC kernel,
not for a custom compiled kernel, unless you're unable to boot the GENERIC
kernel). The device driver information we get from this helps us fix existing
drivers. Thank you!
(If you used 'mail' to read this message and it scrolled by too quickly,
type "more ." If you wish to save it, use the "x" command.)
|
