1de7dbe57SderaadtFrom deraadt@do-not-reply.openbsd.org Tue Dec 1 04:50:00 MDT 1999 2dfc8a969SderaadtReturn-Path: root 3de7dbe57SderaadtDate: Tue Dec 1 04:50:00 MDT 1999 4fb6b5d8eSderaadtFrom: deraadt@do-not-reply.openbsd.org (Theo de Raadt) 5dfc8a969SderaadtTo: root 68bb15af0SderaadtSubject: Welcome to OpenBSD 2.6! Secure by Default! 7dfc8a969Sderaadt 88bb15af0SderaadtThis message attempts to describe the most basic initial questions that a 9fb6b5d8eSderaadtsystem administrator of an OpenBSD box might have. You are urged to save 10fb6b5d8eSderaadtthis message for later reference. 117e19f6b3Sderaadt 127e19f6b3SderaadtFor more information on how to setup your OpenBSD system, refer to the 138bb15af0Sderaadt"afterboot" man page (ie. after you exit the mail subsystem, type 148bb15af0Sderaadt"man afterboot" ). If you are not familiar with how to read man pages, type 158bb15af0Sderaadt"man man" at a shell prompt and read the entire thing. Pay specific 16fb6b5d8eSderaadtattention to the "man -k keyword" option, which will permit you to find the 17fb6b5d8eSderaadtman page you are looking for easier. The GNU "info" subsystem is also 18fb6b5d8eSderaadtinstalled with further documentation resources; to read info pages type "info". 198bb15af0Sderaadt(The info subsystem behaves like the popular emacs editor). 207e19f6b3Sderaadt 2163397df1SderaadtIf you have installed the X11 packages during the install process, you can find 221e3c5079Sderaadtfurther information regarding configuration in the file /usr/X11R6/README. 232186ffe8Sderaadt 2455ef6989SmarcSeveral popular binary packages (pre-compiled applications) are available 25d43472aaSroheefor most architectures. If you installed from a CD-ROM the packages 26de7dbe57Sderaadtare on the same CD-ROM you installed from in the directory 2.6/packages. 27f17af8f2Sderaadt 28f17af8f2SderaadtCD-ROM Space permitted us to include the following packages for the most common 29f17af8f2Sderaadtarchitectures: 30de7dbe57Sderaadt 31de7dbe57Sderaadt Xaw3d-1.5.tgz aalib-1.2.tgz autoconf-2.13.tgz 32de7dbe57Sderaadt bash-2.03.tgz bison-1.27.tgz bzip2-0.9.5d.tgz 33de7dbe57Sderaadt compface-1.0.tgz emacs-20.3.tgz enscript-1.6.1.tgz 34de7dbe57Sderaadt ethereal-0.7.4.tgz fetchmail-5.1.0.tgz gettext-0.10.35.tgz 35de7dbe57Sderaadt ghostscript-5.10.tgz gimp-1.1.9.tgz glib-1.2.4.tgz 36de7dbe57Sderaadt gmake-3.77.tgz gnuplot-3.7.tgz gtk+-1.2.4.tgz 37de7dbe57Sderaadt gv-3.5.8.tgz id-utils-3.2d.tgz iozone-3.9.tgz 38de7dbe57Sderaadt jpeg-6b.tgz m4-1.4.tgz ircii-2.8.2-epic3.004.tgz 39de7dbe57Sderaadt metamail-2.7.tgz mm-1.0.11.tgz mpeg_lib-1.2.1.tgz 40de7dbe57Sderaadt nmh-1.0.tgz pine-4.10.tgz netpipes-4.1.1-export.tgz 41ce428ed8Sderaadt png-1.0.3.tgz screen-3.7.6.tgz sharutils-4.2.tgz 42de7dbe57Sderaadt sniffit-0.3.5.tgz tar-1.13.tgz tcl-8.0.5.tgz 43de7dbe57Sderaadt tcsh-6.09.00.tgz tiff-3.4b37.tgz tk-8.0.5.tgz 44ce428ed8Sderaadt unzip-5.40.tgz wget-1.5.3.tgz xcolors-1.3.tgz 45ce428ed8Sderaadt xntp3-5.93e-export.tgz 46f17af8f2Sderaadt 47f17af8f2SderaadtThese and many other packages are also available via ftp at 48de7dbe57Sderaadt ftp://ftp.openbsd.org/pub/OpenBSD/2.6/packages/ 49f17af8f2SderaadtIf you do not find a package you want on the CD, please go look at your 50f17af8f2Sderaadtnearest FTP mirror site. 5155ef6989Smarc 5263397df1SderaadtSelect your architecture and download the tarballs of your choice. For example 5363397df1Sderaadtto install the emacs package for i386, execute 548bb15af0Sderaadt # mount /dev/cd0a /cdrom 558bb15af0Sderaadt # pkg_add /cdrom/2.6/packages/i386/emacs-20.3.tgz 568bb15af0Sderaadtor alternatively install them via FTP thus 578bb15af0Sderaadt # pkg_add ftp://ftp.openbsd.org/pub/OpenBSD/2.6/packages/i386/emacs-20.3.tgz 58fb6b5d8eSderaadt 597e3e3cfdSderaadtOther important packages which are not permitted on the CD (due to patents) are 607e3e3cfdSderaadtavailable on our FTP servers (as described above). In particular, we provide 61de7dbe57Sderaadtthe USA and international versions of PGP. The filenames are: 6202d736a1Sderaadt pgp-intl-2.6.3-tgz 6302d736a1Sderaadt pgp-usa-2.6.3-tgz 64de7dbe57Sderaadt 657966f779SderaadtTwo OpenBSD libraries (libssl and libcrypto, based on OpenSSL) implement many 667966f779Sderaadtcryptographic functions which are used by OpenBSD programs like ssh, httpd, and 677966f779Sderaadtisakmpd. Due to patent licensing reasons, full versions of those libraries may 687966f779Sderaadtnot be included on the CD -- instead the base distribution contains libraries 697966f779Sderaadtwhich have had a few troublesome routines removed -- the programs listed above 707966f779Sderaadtwill not be fully functional as a result. Libraries which _include_ the 717966f779Sderaadttroublesome routines are available and can be FTP installed, as long as you meet 727966f779Sderaadtthe follow (legal) criteria: 737966f779Sderaadt (1) Outside the USA, no restrictions apply. Use ssl26.tar.gz. 747966f779Sderaadt (2) Inside the USA, non-commercial entities may install sslUSA26.tar.gz. 757966f779Sderaadt (3) Commercial entities in the USA are left in the cold, due to how the 767966f779Sderaadt licences work. (This is how the USA crypto export policy feels to the 777966f779Sderaadt rest of the world.) 787966f779SderaadtIf you did not install the ssl package yet, it is easily installed at any time 797966f779Sderaadt(see the afterboot(8) and ssl(8) manual pages). 807966f779Sderaadt 8102d736a1SderaadtYou are STRONGLY urged to use ssh instead of telnet, rlogin, or rsh! 8202d736a1Sderaadt 8302d736a1Sderaadtssh is included in OpenBSD systems which have shared libraries (i386, sparc, 8402d736a1Sderaadtmips, m68k), and relies on the ssl26.tar.gz package, which contains the 8502d736a1Sderaadtpatented RSA code. This package is available on all our FTP servers, but NOT 8602d736a1Sderaadtincluded on the CD. During the system install, this package was probably 8732774d71Saaronalready installed (use pkg_info(1) to see if ssl26 or sslUSA26 are installed). 8802d736a1Sderaadt 8902d736a1SderaadtOn non-shared library systems (powerpc, m88k, alpha) you should install one 9002d736a1Sderaadtof the ssh packages provided on the FTP sites: 9102d736a1Sderaadt ssh-intl-1.2.27.tgz 9202d736a1Sderaadt ssh-usa-1.2.27.tgz 9363397df1Sderaadt 94fb6b5d8eSderaadtSignificant efforts were made to centralize all system configuration in the 95fb6b5d8eSderaadt/etc directory. You should be able to find each of the configuration files 96fb6b5d8eSderaadtyou seek there, lightly documented. In particular, much of the configuration 97fb6b5d8eSderaadthas been centralized in the file /etc/rc.conf. You should not need to ever 98fb6b5d8eSderaadtedit the file /etc/rc. The files /etc/rc.securelevel and /etc/rc.local exist 99fb6b5d8eSderaadtfor this purpose; the first is run before the system has gone into secure 100fb6b5d8eSderaadtmode; the second is run afterwards (if in doubt, add your tools to rc.local). 101fb6b5d8eSderaadt 102fb6b5d8eSderaadtPlease refer to our web pages for any other questions you might have. 103fb6b5d8eSderaadt http://www.OpenBSD.org 104fb6b5d8eSderaadt 105fb6b5d8eSderaadtOpenBSD is free software. You can do with it as you like, subject to very few 106fb6b5d8eSderaadtconditions (described at www.OpenBSD.org/policy.html). But free software isn't 107fb6b5d8eSderaadtwritten without money. Network links, hardware costs, release engineering 108fb6b5d8eSderaadtand testing work; all these things take money and significant effort on the 109fb6b5d8eSderaadtpart of those who have made this OpenBSD release what it is. Please reward the 110fb6b5d8eSderaadtdevelopers who have made OpenBSD what it is, and thus make it possible for this 111fb6b5d8eSderaadtwonderful process to continue. For more information on how you can help, 112fb6b5d8eSderaadtplease see www.OpenBSD.org/goals.html and visit www.OpenBSD.org/donations.html 113fb6b5d8eSderaadtto see a list of those who have donated money, equipment, or other resources 114fb6b5d8eSderaadtto ensure OpenBSD continues. (Thus far, most of those who have donated have 1159beab01cSderaadtbeen developers themselves). 116fb6b5d8eSderaadt 117ad56fca0SderaadtIf you wish to ensure that OpenBSD runs better on your machines, please do us 118*5fa58d18Sderaadta favor (after you have your mail system setup!) and type something like: 119*5fa58d18Sderaadt dmesg | mail -s "Sony VIAO 505R laptop, apm works OK" dmesg@openbsd.org 120*5fa58d18Sderaadtso that we can see what kinds of configurations people are running. As shown, 121*5fa58d18Sderaadtincluding a bit of information about your machine in the subject or the body 122*5fa58d18Sderaadtcan help us even further. We will use this information to improve device driver 123*5fa58d18Sderaadtsupport in future releases. (Please do this using the supplied GENERIC kernel, 124*5fa58d18Sderaadtnot for a custom compiled kernel, unless you're unable to boot the GENERIC 125*5fa58d18Sderaadtkernel). The device driver information we get from this helps us fix existing 126*5fa58d18Sderaadtdrivers. Thank you! 127fb6b5d8eSderaadt 128fb6b5d8eSderaadt(If you used 'mail' to read this message and it scrolled by too quickly, 1298bb15af0Sderaadttype "more ." If you wish to save it, use the "x" command.) 1302186ffe8Sderaadt 131