Does your vendor only ship ISOs with the update, and you don't have a cd writer? On #OpenBSD I use the geteltorito utility.
geteltorito [iso-file] > [file].fs
then you can write that image to a usb stick to boot from!
geteltorito is a perl script, so it should be portable to many OSes, including yours :)
I upgrade a number of things for the bsd.network instance. the hypervisor and (most) guest VMs are now running #OpenBSD 6.6. One guest will need a reinstall to adjust partition sizes, but I'm not going to spend that time right now.
I also upgraded us to #glitchsoc v3.0.1+glitch.
All services should be up and running, the timelines are queuing and processing and should be fully up to date in an hour or so.
Happy Tooting! 🐘 💨
in #ntp, there is a concept of a "stratum". #stratum is basically "how far away are you from a not-ntp time source". contrary to popular belief, it has ZERO meaning to the quality of the time you receive from it.
my laptop is running ntp, and is stratum 3. I am running a guest VM on it. #openbsd takes the time on the host, and fakes a time sensor to give to the guest vm. time sensors are by definition, not-ntp time sources. :)
the guest vm thinks it is stratum 1.
Just picked up a new #Ryzen machine to play with.
Testing the performance with an #OpenBSD kernel build:
cpu0: AMD Ryzen 7 3750H with Radeon Vega Mobile Gfx, 2296.00 MHz, 17-18-01
2m53.28s real 7m57.81s user 2m44.31s system
cpu0: Intel(R) Core(TM) i5-6300U CPU @ 2.40GHz, 2295.22 MHz, 06-4e-03
6m34.30s real 9m23.39s user 2m24.17s system
The Intel machine used to be fast, but their cpu bugs have slowed it down significantly.
From @otto 's commit message:
"""Disable DoH by default. While encrypting DNS might be a good thing, sending all DNS traffic to Cloudflare by default is not a good idea.
Applications should respect OS configured settings."""
(and while I'm at it, one more)
Match host *.ipv6.example.net,ipv6.example.org !exec "route -q -n get -inet6 %h"
This will do a route lookup, to see if you have direct ipv6 access to the hosts. If it fails ("!exec"), then it will automatically add the ProxyJump command.
the above route command is intended for #openbsd, you may need to adjust it for your OS
Awesome #ssh trick I just learned!
You can give a specific known hosts file for a Host block of systems that you connect to.
This is especially helpful if you are regularly involved in a re-occuring event where you re-use hostnames but not the keys; or for temp installs, etc, etc.
lladdr random changes my mac address of my network interface, which will trigger new IPv4 and IPv6 addresses for my laptop, hopefully preventing any network-based tracking. (this is also why I pkill ssh and ftp. with new IPs, those *cannot* keep their sessions after I wake.)
I will occasionally write emails on my laptop; so scheduling all email will ensure that everything is pushed out. I sleep 60s there in case I need to play with a captive portal.
my #OpenBSD resume script is a bit more complicated.
pkill -x ssh ftp
/sbin/ifconfig em0 -inet down
/sbin/ifconfig iwm0 -nwid
/sbin/ifconfig iwm0 lladdr random
(sleep 60; smtpctl schedule all) &
I kill off any ssh and ftp connections immediately, instead of waiting for them to time out.
I down the em0 interface, which I hardly ever use for $reasons.
-nwid will remove any manual wifi config, so auto-join will kick in and join any network I have saved.
I use #OpenBSD on my laptops, so I have a few helper scripts that will run when I suspend and resume the laptop.
All of this is documented in http://man.openbsd.org/apmd.8 so please check out the documentation in the man page.
/usr/bin/pkill -USR1 -x xidle
by sending the USR1 signal to xidle, it will automatically run xlock. When I suspend, my laptop will require a password to get access to X after resume.
(yes, xlock is not 100% secure, but this is a good step)