he OpenBSD team prides itself on producing one of the mostif not the
mostsecure operating systems in the world. If you are concerned about keeping the sensitive data within your organization protected, consider OpenBSD. As a member of the 4.4BSD-lite family of operating systems, OpenBSD sets itself apart by claiming to be "secure by default". The basis for this claim is the diligence of the OpenBSD code auditing team and the inclusion of military grade cryptography in the base system (including Kerbos, OpenSSH, and IPSec). OpenSSH runs best with this OpenBSD (as it was developed by the OpenBSD team).
You can install OpenBSD in a couple of ways. The easiest method is to order the OpenBSD CD-ROM from the OpenBSD ordering page. The OpenBSD team, headed by Theo de Raadt, relies on the sale of these CD-ROM packages for its financial survival, so it prefers that users choose this method. Installation via CD-ROM is outlined in detail inside the CD case.
The secondand fasterway of installing OpenBSD is over the Internet via FTP or HTTP. Though this install is free, a post-installation courtesy is to order the CD-ROM anyway, make a donation to OpenBSD, and / or buy a limited edition OpenBSD T-shirt or poster.
This tutorial demonstrates a network install of the OpenBSD operating system, along with PHP4 and MySQL. It presents an advanced system administrator build, which assumes basic knowledge of the VI editor.
[Author's Note: Because OpenBSD is a Canadian-made product, export of the security suite and source code is not restricted in any way. However, while U.S. readers can download (import) OpenBSD, exporting or re-exporting cryptographic software from the US is still a serious criminal offence. For those of you living in the US, do not attempt to export the OpenBSD operating system once you've downloaded it. If you are an American citizen located outside the US, do not download OpenBSD from an American site. You have been warned! Of course, downloading OpenBSD from an American site to an American location is fine. Always choose the server nearest you.]
Create OpenBSD Boot Floppy
OpenBSD runs on a number of hardware platforms. The following directions are somewhat specific to "IBM PC" aka "Intel/AMD" architecture machines. To install OpenBSD over the network, your host computer needs either a floppy or a CD-ROM drive and an Ethernet card that OpenBSD can recognize. So check your hardware
first. If you use an Intel-based system, your information is under i386.
To create a bootable CD-ROM, you need a CD burner and CD creation software. To simplify the multi-step process of creating the floppy boot install disk on Windows, which is somewhat involved, I developed an installer package. I did not alter the boot installer in any way, but if you prefer to receive the software directly from the OpenBSD site, you'll find it in the tools section of the 3.6 release site. Navigate to your relevant hardware and download the necessary files.
To complete the example install, you need 1-3 floppy disks and a standard 1.44M floppy drive on your Windows computer. For a standard build, you need only the first disk. The second disk is for special RAID and SCUSI situations, and the third is for laptops. This tutorial uses Windows 2000, but floppy disk creation should work seamlessly with Windows NT and XP as well. If you use an older DOS system or Windows 95/98, then you must use the fdimage.exe file included in the downloadable openbsd36_floppy_install.zip file (with documentation).
The following steps will guide you through a Windows 2000, XP, and NT OpenBSD boot floppy creation:
- Download the OpenBSD 3.6 floppy images.
- Format your floppy disk: My computer --> 3 1/2 floppy A: --> right click --> format.
- Place the directory openbsd36_floppy_install on your c:\ drive as C:\openbsd36_floppy_install.
- Open a dos prompt and type:
- Now that openbsd36_floppy_creation is your working directory type:
ntrw floppy36.fs a:
For a standard Intel architecture, you need only the first disk. If the first disk does not take you to the install screen (or you are using a laptop), you may have to make one or two more floppy boot disks. Again, format your second and third floppy disks then type the following, respectively (see Figure 1):
ntrw floppyB36.fs a:
ntrw floppyC36.fs a:
|Figure 1. OpenBSD Floppy Creation (Win2000)|
Put your newly created floppy boot installer in the a: drive of the computer on which you want to install OpenBSD. Make sure your CMOS is set up to boot from floppy first, and then boot from hard drive second.
To complete the install, you need an Ethernet card that OpenBSD supports. The networking setup procedure is quite straightforward. The following instructions explain how to set up DHCP for a DSL connection. At each listed prompt, just follow the instructions:
- Would you like to (I)nstall, (U)pgrade, or (S)hell? Choose I. ENTER.
- Terminal type? ENTER
- Do you wish to select a keyboard-encoding table? Choose no. ENTER.
- Proceed with install? Press y. ENTER.
- Which one is the root disk? Choose "(or 'done')[wd0]". ENTER.
- Do you want to use *all* of wd0 for OpenBSD? Choose no. ENTER.
- fdisk: 1>q. ENTER.
- Initial label editor (Enter '?' for help at this prompt.)
- TYPE: ">?". ENTER.
The tools you see are part of the OpenBSD label/partition editor. The disk label editor screen might not look pretty, but it is very powerful. The most important commands for a basic install are 'a' for add partition, 'd' for delete partition, 'p' for print label, and 'q' for quit. OpenBSD requires a manual file system setup. During this process 'm' is for megabytes and 'g' is for gigabytes. This tutorial assumes you are installing OpenBSD on a system dedicated to OpenBSD. (For dual boot issues, see the FAQ.)