OpenBSD is a Unix-lik computer operatin seestem foundit on Berkeley Saftware Distreebution (BSD), a kin o Unix biggit at the Varsity o California, Berkeley. It wis forkit frae NetBSD bi project heidsman Theo de Raadt in late 1995. The project is weel kent for the developers' harpin on apen soorce computer leid an fine documentation; firm stance on saftware licensing; an focus on sauftie an computer leid richtness. The project is rin frae de Raadt's hame in Calgary, Alberta, Canada. Its seembol is Puffy, a flufferfish.
OpenBSD haes a puckle security features absent or optional in ither operatin seestems an haes a tradeetion o developers auditin the soorce code for saftware mishanters an security problems. The project keeps up strict policies on licensing an prefers the apen soorce BSD licence an its variants -— till noo this haes led tae a wide-reengin licence audit an moves tae tak oot or rewark code under licences found less acceptable.
As wi maist ither BSD-based operatin seestems, the OpenBSD kernel an uiserland programs, sic as the shell an common tuils lik cat an ps are biggit thegither in the ae soorce repository. Third-pairty saftware is available as binary packages or micht be biggit frae soorce uisin the ports collection.
Ay noo, OpenBSD rins on 17 deeffrent hairdware fluirs, amang ithers, the DEC Alpha, Intel i386, Hewlett-Packard PA-RISC, AMD AMD64 and Motorola 68000 processors, Apple's PowerPC machines, Sun SPARC and SPARC64-based computers, the VAX an the Sharp Zaurus.
Table o contents
History an popularity
In December 1994, NetBSD co-foonder Theo de Raadt wis cried tae step doon frae his poseetion as an elder developer an member o the NetBSD core team, an his access tae the soorce code repository wis revoked. The raeson for thon isna richt clair, tho there are claims that pit it doon tae personality clashes wi-in the NetBSD project an on its mailin lists. De Raadt haes been creeticised for whiles upsettin fowk: in his beuk, Free For All, Peter Wayner claims that de Raadt "began to rub some people the wrong way" afore the spleet frae NetBSD; Linus Torvalds has cried him "deefficult;" an an interviewer admits tae bein "apprehensive" afore meetin wi him. Mony ithers hae deeffrent feelins: the same interviewer writes o de Raadt's "transformation" on foondin OpenBSD an his "desire to take care of his team," some find his strachtness refreshin, an feow deny that he is a gey coder an security "guru" 
In October 1995, de Raadt foondit OpenBSD, a new project forkit frae NetBSD 1.0. The ineetial release, OpenBSD 1.2, wis gien oot in July 1996, follaeed in October o the same year bi OpenBSD 2.0. The project has syne follaeed the timetable o a release ilka sax month, an ilkane is kept up for a year aifter. The hinmaist release, OpenBSD 4.1, kythed on May 1, 2007.
It's nae aesie to wark oot whit muckle OpenBSD is uised: the developers dinna collect nor publish stateestics o its uiss an there are feow ither soorces o wittins. The newborn BSD Certification project cairried oot a survey o uiss that shawed that 32.8% o BSD uisers (1420 o 4330 respondents) wis uisin OpenBSD, pittin it seicont o the fower kenspeckle BSD variants, ahint FreeBSD wi 77.0% an afore NetBSD wi 16.3%. The DistroWatch wabsite, weel-kent in the Linux community an aften uised as a reference for popularity, publishes page hits for ilkane o the Linux distributions an ither operatin seestems it spiks on. As o April 14, 2007 it pits OpenBSD in 55th place, wi 121 hits a day. FreeBSD is in 16th place wi 478 hits a day an a wheen Linux deestributions reenge atween them.
Apen soorce an apen documentation
Whan OpenBSD wis creatit, Theo de Raadt decided that the soorce maun be there for onybody tae read at ony time, sae, wi the aid o Chuck Cranor, he set up a public, anonymous CVS server. This wis the first o its kin in the saftware development world: at the time, the tradeetion wis for juist a smaw team o developers tae hae access tae a project's soorce repository. This practice haed doonsides, in parteecular that ootside contreebutors haed nae wey tae close follae a project's development an contreebuted wark wad aften duplicate wark duin awready. This deceeesion led tae the name OpenBSD an signallt the project's harpin on apen an public access tae baith soorce code an documentation.
A revealing incident regarding open documentation occurred in March 2005, when de Raadt posted a message to the openbsd-misc mailing list. He announced that after four months of discussion, Adaptec had yet to disclose the required documentation to improve the OpenBSD drivers for hyts AAC RAID controllers. As in similar circumstances in the past, he encouraged the OpenBSD community to become involved and express their opinion to Adaptec. Shortly after this, FreeBSD committer, former Adaptec employee and author of the FreeBSD AAC RAID support Scott Long castigated de Raadt on the OSNews website for not contacting him directly regarding the issues with Adaptec. This caused the discussion to spill over onto the freebsd-questions mailing list, where the OpenBSD project leader countered by claiming that he had received no previous offer of help frae Scott Long nor been referred to him by Adaptec. The debate wis amplified by disagreements between members of the two camps regarding the use of binary blob drivers and non-disclosure agreements (NDAs): OpenBSD developers do not permit the inclusion of closed source binary drivers in the source tree and are reluctant to sign NDAs. However, the policy of the FreeBSD project has been less strict and much of the Adaptec RAID management code Scott Long proposed as assistance for OpenBSD wis closed source or written under an NDA. As no documentation wis forthcoming before the deadline for release of OpenBSD 3.7, support for Adaptec AAC RAID controllers wis removed frae the standard OpenBSD kernel.
The OpenBSD policy on openness extends to hardware documentation: in the slides for a December 2006 presentation, de Raadt explained that without hyt "developers often make mistakes writing drivers," and pointed out that "the [oh my god, I got it to work] rush is harder to achieve, and some developers just give up." He went on to say that vendor binary drivers are unacceptable, as they cannot be trusted and there is "no way to fix [them] ... when they break," that even vendor source is only "marginally acceptable" and still difficult to fix when problems occur, and further commented "if we cannot maintain a driver after the vendor stops caring, we ... have a broken hardware [sic]."
A goal of the OpenBSD project is to "maintain the spirit of the original Berkeley Unix copyrights," which permitted a "relatively un-encumbered Unix source distribution." To this end, the Internet Sistemes Consortium (ISC) licence, a simplified version of the BSD licence with wording removed that is unnecessary under the Berne convention, is preferred for new code, but the MIT or BSD licences are accepted. The widely used GNU General Public License is considered overly restrictive in comparison with these: code licensed under it, and other licences the project sees as undesirable, is no longer accepted for addition to the base sisteme. In addition, existing code under such licences is actively replaced or relicensed when possible, except in some cases, such as the GNU Compiler Collection (GCC), where there is no suitable replacement and creating one would be time-consuming and impractical. Despite this, OpenBSD has made some significant strides in this area: of particular note is the development of OpenSSH, based on the original SSH suite and developed further by the OpenBSD team. Hyt first appeared in OpenBSD 2.6 and is now the single most popular SSH implementation, available as standard or as a package on many operating sistemes. Also worth mentioning is the development, after licence restrictions were imposed on IPFilter, of the pf packet filter, which first appeared in OpenBSD 3.0 and is now available in DragonFly BSD, NetBSD and FreeBSD; more recently, OpenBSD releases have seen the GPL licensed tools bc, dc, diff, grep, gzip, nm, pkg-config, RCS, sendbug (part of GNATS) and size replaced with BSD licensed equivalents. OpenBSD developers are also behind OpenBGPD, OpenOSPFD, OpenNTPD and OpenCVS, BSD licensed alternatives to existing saftware.
In June 2001, triggered by concerns over Darren Reed's modification of IPFilter's licence wording, a sistematic licence audit of the OpenBSD ports and source trees wis undertaken. Code in more than a hundred files throughout the sisteme wis found to be unlicensed, ambiguously licensed or in use against the terms of the licence. To ensure that all licences were properly adhered to, an attempt wis made to contact all the relevant copyright holders: some pieces of code were removed, many were replaced, and others, including the multicast routing tools, mrinfo and map-mbone, which were licensed by Xerox for research only, were relicensed so that OpenBSD could continue to use them. Also of note during this audit wis the removal of all saftware produced by Daniel J. Bernstein frae the OpenBSD ports tree. At the time, Bernstein requested that all modified versions of his code be approved by him prior to redistribution, a requirement to which OpenBSD developers were unwilling to devote time or effort. The removal led to a clash with Bernstein who felt the removal of his saftware to be uncalled for and cited the Netscape web browser as much less free, accusing the OpenBSD developers of hypocrisy for permitting Netscape to remain while removing his saftware. The OpenBSD project's stance wis that Netscape, although not open source, had licence conditions that could be more easily met; they asserted that Bernstein's demand for control of derivatives would lead to a great deal of additional work and that removal wis the most appropriate way to comply with his requirements. At present, Daniel J. Bernstein's saftware is still absent frae the ports tree.
Security and code auditing
Shortly after OpenBSD's creation, Theo de Raadt wis contacted by a local security saftware company named Secure Networks, Inc. or SNI. They were developing a "network security auditing tool" called Ballista (later renamed to Cybercop Scanner after SNI wis purchased by Network Associates) which wis intended to find and attempt to exploit possible saftware security flaws. This coincided well with de Raadt's own interest in security, so the two agreed to cooperate, a relationship that wis of particular use leading up to the release of OpenBSD 2.3 and helped to form the focal point of the project: OpenBSD developers would attempt to do what wis right, proper or secure, even at the cost of ease, speed or functionality. As bugs within OpenBSD became harder to find and exploit, the security company found that hyt wis too difficult, or not cost effective, to handle such obscure problems. After years of cooperation, the two parties decided that their goals together had been met and parted ways.
Until June 2002, the OpenBSD website featured the slogan:
|“||No remote computer hole in the default install, in nearly 6 years.||”|
In June 2002, Mark Dowd of Internet Security Sistemes disclosed a bug in the OpenSSH code implementing challenge-response authentication. This vulnerability in the OpenBSD default installation alloued an attacker remote access to the root account, and wis extremely serious, partly due to the widespread use of OpenSSH by that time: the bug affected a considerable number of other operating sistemes. This problem necessitated the adjustment of the slogan on the OpenBSD website to:
|“||Only one remote hole in the default install, in more than 10 years.||”|
This statement has been criticized because little is enabled in a default install of OpenBSD and releases have included saftware that wis later found to have remote holes; however, the project maintains that the slogan is intended to refer to a default install and that hyt is correct by that measure. One of the fundamental ideas behind OpenBSD is a drive for sistemes to be simple, clean and secure by default. For example, OpenBSD's minimal defaults fit in with standard computer security practice of enabling as few services as possible on production machines, and the project uses open source and code auditing practices argued to be important elements of a security sisteme.
OpenBSD includes a large number o specific features designed tae improve security, including API an toolchain alterations, such as the arc4random, issetugid, strlcat, strlcpy and strtonum functions and a static bounds checker; memory protection techniques to guard against invalid accesses, such as ProPolice, StackGhost, the W^X (W xor X) page protection features, as well as alterations to malloc; and cryptography and randomization features, including network stack enhancements and the addition of the Blowfish cipher for password encryption. To reduce the risk o a vulnerability or misconfiguration allouing privilege escalation, some programs hae been written or adapted to make use of privilege separation, privilege revocation and chrooting. Privilege separation is a technique, pioneered on OpenBSD and inspired by the principle o least privilege, where a program is split into two or more parts, one o which performs privileged operations and the other—almost always the bulk of the code—runs without privilege. Privilege revocation is similar and involves a program performing any necessary operations with the privileges hyt starts with then dropping them, and chrooting involves restricting an application tae ane section of the file sisteme, prohibiting hyt frae accessing areas that contain private or sisteme files. Developers have applied these features to OpenBSD versions o common applications, including tcpdump an the Apache web server, which, due tae licensing issues wi the later Apache 2 series, is a heavily patched 1.3.29 release.
The project has a policy o continually auditing code for security problems, work developer Marc Espie hae described as "never finished ... more a question of process than of a specific bug being hunted." He went on tae list several typical steps once a bug is found, including examining the entire source tree for the same an similar issues, "try[ing] to find out whether the documentation ought to be amended," and investigating whether "it's possible to augment the compiler to warn against this specific problem." Along with DragonFly, OpenBSD is ane o the twa open source operating sistemes wi a policy o seeking out examples o classic, K&R C code an converting hyt to the more modern ANSI equivalent—this involves nae functional change and is purely for readability an consistency reasons. A standard code style, the Kernel Normal Form, which dictates how code must look in order to be easily maintained an understood, must be applied to all code before hyt is considered for inclusion in the base operating sisteme; existing code is actively updated to meet the style requirements.
OpenBSD's security enhancements, built-in cryptography and the pf firewall suit hyt for use in the security industry, particularly for firewalls, intrusion-detection sistemes and VPN gateways. Hyt is also commonly used for servers which must resist cracking and DoS attacks, and due to including the spamd daemon, hyt sometimes is used in mail filtering applications.
Several proprietary sistemes are based on OpenBSD, including Profense frae Armorlogic ApS, AccessEnforcer frae Calyptix Security, GeNUGate and GeNUBox frae GeNUA mbH, RTMX O/S frae RTMX Inc, syswall frae Syscall Network Solutions AG, HIOBMessenger frae topX, and various security appliances made by .vantronix GmbH. Of these, both GeNUA and RTMX have contributed back to OpenBSD: GeNUA funded the development of SMP on the i386 platform and RTMX have sent patches to add further POSIX compliance to the sisteme. Several open source operating sistemes have also been derived frae OpenBSD, notably Anonym.OS and MirOS BSD, as well as the now defunct ekkoBSD, MicroBSD and Gentoo/OpenBSD. In addition, code frae many of the OpenBSD sisteme tools has been used in recent versions of Microsoft's Services for UNIX, an extension to the Windows operating sisteme which provides some Unix-lyk functionality, originally based on 4.4BSD-Lite. Core force, a security product for Windows, is based on OpenBSD's pf firewall. There have also been projects which use OpenBSD as part of images for embedded sistemes, including OpenSoekris and flashdist; together with tools lyk nsh, these allow Cisco-lyk embedded devices to be created.
OpenBSD ships with the X window sisteme. Following the XFree86 licence change, hyt includes a recent X.Org release; an older XFree86 3.3 release is also available for legacy video cards. With these, hyt is possible to use OpenBSD as a desktop or workstation, making use of a desktop environment, window manager or both to give the X desktop a wide range of appearances. The OpenBSD ports tree contains many of the most popular tools for desktop use, including desktop environments GNOME, KDE, and Xfce; web browsers Konqueror, Mozilla Firefox and Opera; and multimedia programs MPlayer, VLC media player and xine. In addition, graphical saftware for many uses is available frae both the ports tree and by compiling POSIX compliant saftware. Also available are compatibility layers, which allow binary code compiled for other operating sistemes, including Linux, FreeBSD, SunOS and HP-UX, to be run. However, since hardware providers such as video card manufacturers ATI and NVIDIA refuse to release open source drivers or documentation for the 3D capabilities of their hardware, OpenBSD lacks accelerated 3D graphics support.
OpenBSD's performance and usability is occasionally criticised. Felix von Leitner's performance and scalability tests, indicated that OpenBSD lagged behind other operating sistemes. In response, OpenBSD users and developers criticised von Leitner's objectivity and methodology, and asserted that although performance is given consideration, security and correct design are prioritised, with developer Nick Holland commenting: "It all boils down to what you consider important." OpenBSD is also a relatively small project, particularly when compared with FreeBSD and Linux, and developer time is sometimes seen as better spent on security enhancements than performance optimisations. Critics of usability often point out the lack of user-friendly configuration tools, the bare default installation, and "spartan" and "intimidating" installer. These see much the same rebuttals as performance: a preference for simplicity, reliability and security; as one reviewer admits, "running an ultra-secure operating sisteme can be a bit of work."
Distribution and marketing
OpenBSD is available freely in various ways: the source can be retrieved by anonymous CVS or CVSup, and binary releases and development snapshots can be downloaded either by FTP or HTTP. Prepackaged CD-ROM sets can be ordered online for a small fee, complete with an assortment of stickers and a copy of the release's theme song. These, with hyts artwork and other bonuses, are one of the project's few sources of income, funding hardware, bandwidth and other expenses. To encourage the sale of the official CD-ROMs, OpenBSD makes only a small install ISO image available for download rather than providing full release images.
In common with several other operating sistemes, OpenBSD uses ports and packages sistemes to allow for easy installation and management of programs which are not part of the base operating sisteme. Originally based on the FreeBSD ports tree, the sisteme is now quite distinct. Additionally, major changes have been made since the 3.6 release, including the replacement of the package tools, the tools available to the user to manipulate packages, by more capable versions, written in Perl by Marc Espie. In contrast to FreeBSD, the OpenBSD ports sisteme is intended as a source used to create the end product, the packages: installing a port first creates a package and then installs hyt using the package tools. Packages are built in bulk by the OpenBSD team and provided for download with each release. OpenBSD is also unique among the BSDs in that the ports and base operating sisteme are developed and released together for each version: this means that the ports or packages released with, for example, 3.7 are not suitable for use with 3.6 and vice versa, a policy which lends a great deal of stability to the development process, but means that the saftware in ports for the latest OpenBSD release can lag somewhat frae the latest version available frae the author.
Around the time of the OpenBSD 2.7 release, the original mascot, a BSD daemon with a trident and aureola, wis replaced by Puffy, traditionally said to be a pufferfish. In fact pufferfish do not possess spikes and images of Puffy are closer to a similar species, the porcupinefish. Puffy wis selected because of the Blowfish encryption algorithm used in OpenSSH and the strongly defensive image of the porcupinefish with hyts spikes to deter predators. He quickly became very popular, mainly because of the appealing image of the fish and his distinction frae the BSD daemon, also used by FreeBSD, and the horde of daemons then used by NetBSD. Puffy made his first public appearance in OpenBSD 2.6 and, since then, has appeared in a number of guises on tee-shirts and posters. These have included Puffiana Jones, the famed hackologist and adventurer, seeking out the Lost RAID; Puffathy, a little Alberta girl, who must work with Taiwan to save the day; Sir Puffy of Ramsay, a freedom fighter who, with Little Bob of Beckley, took frae the rich and gave to all; and Puff Daddy, famed rapper and political icon.
After a number of releases, OpenBSD has become notorious for hyts catchy songs and interesting and often comical artwork. The promotional material of early OpenBSD releases did not have a cohesive theme or design but, starting with OpenBSD 3.0, the CD-ROMs, release songs, posters and tee-shirts for each release have been produced with a single style and theme, sometimes contributed to by Ty Semaka of the Plaid Tongued Devils. At first they were done lightly and only intended to add humour but, as the concept has evolved, they have become a part of OpenBSD advocacy, with each release expanding a moral or political point important to the project, often through parody. Past themes have included: in OpenBSD 3.8, the Hackers of the Lost RAID, a parody of Indiana Jones linked to the new RAID tools featured as part of the release; The Wizard of OS, making hyts debut in OpenBSD 3.7, based on the work of Pink Floyd and a parody of The Wizard of Oz related to the project's recent wireless work; and OpenBSD 3.3's Puff the Barbarian, including an 80s rock-style song and parody of Conan the Barbarian, alluding to open documentation.
In addition to the slogans used on tee-shirts and posters for releases, the project occasionally produces other material: over the years, catchphrases have included "Sending script kiddies to /dev/null since 1995," "Functional, secure, free - choose 3," "Secure by default," and a few insider slogans, only available on tee-shirts made for developer gatherings, such as "World class security for much less than the price of a cruise missile" and a crufty old octopus proclaiming "Shut up and hack!"
A number of books on OpenBSD have been published, including:
- The OpenBSD Command-Line Companion, 1st ed. by Jacek Artymiak. ISBN 83-916651-8-6.
- Building Firewalls with OpenBSD and PF: Second Edition by Jacek Artymiak. ISBN 83-916651-1-9.
- Mastering FreeBSD and OpenBSD Security by Yanek Korff, Paco Hope and Bruce Potter. ISBN 0-596-00626-8.
- Absolute OpenBSD, Unix for the Practical Paranoid by Michael W. Lucas. ISBN 1-886411-99-9.
- Secure Architectures with OpenBSD by Brandon Palmer and Jose Nazario. ISBN 0-321-19366-0.
- The OpenBSD PF Packet Filter Book: PF for NetBSD, FreeBSD, DragonFly and OpenBSD published by Reed Media Services. ISBN 0-9790342-0-5.
- Building Linux and OpenBSD Firewalls by Wes Sonnenreich and Tom Yates. ISBN 0-471-35366-3.
- BSD Authentication
- BSD and GPL licensing
- Comparison of BSD operating sistemes
- Comparison of operating sistemes
- Comparison of open source operating sistemes
- KAME project
- List of OpenBSD developers
- POSSE project
- Security focused operating sisteme
Notes and references
- Glass, Adam. Message to netbsd-users: Theo De Raadt(sic), December 23, 1994. Veesited January 8, 2006.
- Wayner, Peter. Free For All: How Linux and the Free Saftware Movement Undercut the High Tech Titans, 18.3 Flames, Fights, and the Birth of OpenBSD, 2000. Veesited January 6, 2006.
- Forbes. Is Linux For Losers? June 16, 2005. Veesited January 8, 2006.
- NewsForge. Theo de Raadt gives it all to OpenBSD, January 30, 2001. Veesited January 8, 2006.
- In this message the NetBSD core team acknowledge de Raadt's "positive contributions" tae the project in spite o its problems wi him.
- Tux Journal. A good morning with: Theo de Raadt, June 2, 2005. Veesited April 21, 2006
- de Raadt, Theo. Mail to openbsd-announce: The OpenBSD 2.0 release, October 18, 1996. Veesited December 10, 2005.
- Beck, Bob. Mail to email@example.com: OpenBSD 4.1 Released. Veesited May 2, 2006.
- The BSD Certification Group.; PDF o results o the survey.
- Mair than the ae walin wis alloued sin a uiser micht uise mair than the ae BSD variant at the ae time.
- Chuck Cranor's site.
- de Raadt, Theo. Mail to openbsd-misc: Adaptec AAC raid support, March 18, 2005. Visited December 9, 2005.
- Scott Long's site.
- Long, Scott. Post to OSNews: Frae a BSD and former Adaptec person..., March 19, 2005. Visited December 9, 2005.
- de Raadt, Theo. Mail to freebsd-questions: aac support, March 19, 2005. Visited December 9, 2005.
- de Raadt, Theo. Mail to freebsd-questions: aac support, March 19, 2005. Visited December 9, 2005.
- de Raadt, Theo. Presentation at OpenCON, December 2006. Visited December 7, 2006.
- OpenBSD.org. Copyright Policy. Visited January 7, 2006.
- NewsForge. BSD cognoscenti on Linux, June 15, 2005. Visited January 7, 2006.
- Hartmeier, Daniel. Design and Performance of the OpenBSD Stateful Packet Filter (pf). Visited December 9, 2005.
- NewsForge. OpenBSD and ipfilter still fighting over license disagreement, June 06, 2001. Visited November 23, 2005.
- Man pages: mrinfo and map-mbone.
- de Raadt, Theo. Mail to openbsd-misc: Re: Why were all DJB's ports removed? No more qmail?, August 24, 2001. Visited December 9, 2005.
- Bernstein, DJ. Mail to openbsd-misc: Re: Why were all DJB's ports removed? No more qmail?, August 27, 2001. Visited December 9, 2005.
- Espie, Marc. Mail to openbsd-misc: Re: Why were all DJB's ports removed? No more qmail?, August 28, 2001. Visited December 9, 2005.
- The Age. Staying on the cutting edge, October 8, 2004. Visited January 8, 2006.
- ONLamp.com. Interview with OpenBSD developers: The Essence of OpenBSD, July 17, 2003. Visited December 18, 2005.
- Theo de Raadt on SNI: "Without their support at the right time, this release probably would not have happened." Frae the 2.3 release announcement. Visited December 19, 2005.
- Internet Security Sistemes. OpenSSH Remote Challenge Vulnerability, June 26, 2002. Visited December 17, 2005.
- A partial list of affected operating sistemes.
- Core Security Technologies' homepage.
- Core Security Technologies. Mail to bugtraq: OpenBSD's IPv6 mbufs remote kernel buffer overflow. March 13, 2007. Visited March 13, 2007.
- Wheeler, David A. Secure Programming for Linux and Unix HOWTO, 2.4. Is Open Source Good for Security?, March 3, 2003. Visited December 10, 2005.
- Provos, Niels. Privilege Separated OpenSSH. Visited January 30, 2006.
- O'Reilly Network. An Interview with OpenBSD's Marc Espie, March 18, 2004. Visited January 24, 2006.
- Armorlogic ApS's homepage.
- Calyptix Security's website.
- GeNUA mbH's homepage.
- RTMX Inc homepage.
- Syscall Network Solutions AG's site.
- .vantronix GmbH's homepage.
- OpenSoekris, flashdist and nsh.
- Scalability test results and conclusions.
- Holland, Nick. Mail to openbsd-misc: Re: OpenBSD Benchmarked... results: poor!, October 19, 2003. Visited January 8, 2006.
- NewsForge. Trying out the new OpenBSD 3.8, November 2, 2005. Visited January 8, 2006.
- NewsForge. Review: OpenBSD 3.5, July 22, 2004. Visited January 8, 2006.
- DistroWatch. OpenBSD - For Your Eyes Only, 2004. Visited January 8, 2006.
- OpenBSD's homepage
- OpenSSH's homepage
- OpenNTPD's homepage
- OpenBGPD's homepage
- OpenCVS's homepage
- OpenBSD journal
- OpenBSD 101
- One Floppy OpenBSD MP3 Player and One Floppy Router
- A third-party OpenBSD guide site
- Unofficial OpenBSD ports tracker