OpenBSD (First impressions)

BSD’s are operating systems that I always had a keen interest in, mostly because unlike Linux (which comprises of mainly the kernel), BSD’s are developed and distributed as a complete operating system.

What I mean to say is that, GNU/Linux consists of a subset of user land tools (GNU) selected by the distribution developers along with the Linux kernel. Not that it is a bad thing, but the choices made by the developers behind these various distributions such as Ubuntu, Fedora, Manjaro, etc. are reflected on the type of experience a user has since the selection of userland tools that end up in the final operating system may vary. There are also no clear guidelines, no right or wrong way to do something. This is exactly where advanced / meta Linux distributions like Gentoo and Arch Linux fit in, as they hand over the decision making process of what and how to the user.

Anyway what I wanted to talk about today is OpenBSD. Firstly, I have zero experience with any previous BSD operating system. They might be a bit similar to Linux, but they are totally different beasts both with their pros and cons. I’m not here to discuss which is better, I like them both and they have different use cases.

So firstly, the reason for me choosing OpenBSD over the more popular FreeBSD is because the main focus of OpenBSD is security and code correctness. Security is a complex topic, and it is tough to get it right. A lot of the modern operating systems including Linux don’t have many of the advanced system security features enabled by default as distributions like Ubuntu aim to be compatible with as much hardware as possible and enabling such features may cause software & hardware issues as well as a lot of headaches. So just having a Linux distribution like Ubuntu doesn’t necessarily mean that you are safe or secure.

Yes, the advanced security features can be configured if you are an experienced Linux user with strong background in security and using a Linux distribution like Gentoo. But setting up everything to be of top notch security standard and trying to compete directly with OpenBSD is nearly impossible because the code base of the Linux Kernel is huge (Millions of lines of code). As we know, with bigger code base comes vulnerabilities and bugs that can be exploited and so far we have seen many vulnerabilities related to the Linux Kernel emerge over the years, perhaps more is yet to follow.

What I’m trying to get here is that, OpenBSD code base is way smaller than that of Linux and they have a team of dedicated developers who just audit their code base on a regular basis and have been doing that for over a decade. Which means their code base is not only clean and stable, but the whole operating system has been designed from the ground up to be a highly secure system with strong focus on Cryptography as well.

Since I have Gentoo Linux system on my current laptop (which took me like weeks to configure and fine tune everything), I decided to leave it as it is and indulge in OpenBSD by investing as little as possible. An embedded device like Beagle Bone (Black) was naturally the perfect choice as it is reasonably cheap and listed as being supported on the OpenBSD website. What I didn’t know at first was that OpenBSD doesn’t support HDMI on Beagle Bone, so I had to wait a while until I finally bought a ttyl to usb serial cable. What it is and how it works is outside the scope of this post but I learned a lot along the way and was successful at making an OpenBSD install.

Anyway, the most impressive thing that I first realized about OpenBSD was the quality of the man pages. It’s so well written that it puts the Linux man pages to shame. There’s a lot of things that I still have to figure out but I’m learning things one step at a time.

The filesystem used by BSD systems in general is ZFS, which I heard is pretty robust and flexible and used by big companies such as NetFlix to manage thousands of terabytes worth of data. The firewall (PF) is also well known and have been used in a variety of commercial firewall appliances. A lot of other things are still new to me, but OpenBSD package management reminds me of Gentoo as it also gives you the option to compile packages from source besides having binary packages.

Apparently on Beagle Bone there is still no support for binary packages on OpenBSD, and since my SDCard has a limit of 8GB I wasn’t also able to compile anything from source due to the limited capacity. I will write a full review related to OpenBSD once I’ve upgraded to a bigger SDCard and had enough time to mess around with it.

In the mean time, feel free to share your opinion or suggestions related to OpenBSD or Linux in general.

Thanks for reading!