dhcpleased is a new daemon in OpenBSD that will dynamically configure the client network. It monitors network interfaces for IP address proposals from DHCP, IPv6 router advertisements to configure the network and then sets the resolv.conf. unwind is a validating DNS resolver that runs on the client machine. resolvd handles the contents of /etc/resolv.conf. The 3 deamons effectively replace my dhclient and unbound set up and make the life much easier. For more details on the advantages of these daemons and what problem they solve, please read the man pages and reference links. Here I will give the configuration. Configuration We will first create a blocklist file that dictates which domains should be blocked by unwind.

So you have set up a WireGuard VPN on the Raspbeery Pi and would like to block ads and trackers for all the connected clients on the network. This last part of the series will explain how to do it using unbound(8). Configuring unbound Unbound is already available by default in OpenBSD. By default it is chrooted to /var/unbound. The configuration file is located at /var/unbound/etc/unbound.conf. Here is what I have in unbound.conf. In the access control, I have included the vpn network 10.0.0.0/24 so that unbound can serve DNS on this network. The include statement will include blocklist file that contains all the domains we would like to block.

In the previous post we installed OpenBSD on Raspberry Pi 4. If you have not already done, it is time to run syspatch and apply patches to the system. In this first part we will configure WireGuard VPN endpoint with a road warrior setup. As of 6.8, WireGuard is available natively on OpenBSD. We will only use tools available on the default install of OpenBSD. Setting up the server WireGuard works by exchanging public keys. Let us first create keypair for the server. We will use openssl rand command to generate a private key. We then create a wg(4) interface and use it to extract corresponding public key.

This is a three part series where I will explain how I setup my Raspberry Pi4 as a Wireguard VPN server with ad blocking using Unbound. In this first part we will install OpenBSD to Raspberry Pi 4. I will assume you have a basic understading of installing and using OpenBSD. What do you need? A microSD card (only a small card is needed) A USB storage device where you will install the OS A USB to TTL serial cable USB wireless adapter that is supported by OpenBSD (Optional. Only needed if you don’t want to use the ethernet) A second USB storage to store the sets and wireless firmware.

In this post, we will look at how to add a second keyboard layout in under Xorg and set up a keyboard shortcut to switch between them. We will also see how to remap keys. You can check the current keyboard layout used by the xorg by running setxkbmap -query. You can use the same command to modify the layouts and options by using -layout or -option switches. As mentioned in manual, -option will append the passed in arguments to already set options. The alternative is to create a xorg configuration file and place it in xorg.conf directory. But how do we know what layout to chose or what options to set?

It has been a long time since my last post. Since that time I have switched from a cwm user to suckless dwm. This blog outlines the compilation and install procedure for dwm. dwm is window manager from suckless that focuses on simple, clear and minimal code. Even though I have been a happy user of cwm in the openbsd base, I feel the tiling wm like dwm suites more to my workflow. Moreover, it comes with a built-in panel at the top which is an added bonus. Installation I use the github version with no additional patches. I maintain my own version of patches for dwm, st and dmenu with minimal configuration changes in github.

Often times you want the convenience of seemlessly switching over from your wired connection to wireless connection and vice versa. This is where the trunk interface comes into picture. What is trunk trunk is a pseudo interface that allows aggregation of multiple network interfaces as one virtual trunk interface(man 4 trunk). Though trunk supports multiple protocols our focus here is on setting it up in failover mode. In the failover mode, the first interface added will be a master interface and any subsequent interfaces added will be failover interfaces. In this example, I will set up my ethernet interface em0 as master and wireless interface urtwn0 as a failover interface by adding them to trunk0.

Conky is a lightweight system monitoring tool that will help monitor the system parameters. I will explain the configuration as used on my OpenBSD machine. Installation Run the pkg_add to install the conky pkg_add conky Choose the version with no xmms2 and with x11 Add the line for conky in the .xinitrc file in your home directory to start it in background. conky & If you start X, your should see a default conky window. Basics Conky configuration file is split into two sections. One before the “TEXT” line and one after it. The first section is used to define default values and set the configuration.

Create a configuration file called xorg.conf with below contents and place it in /etc/X11/ Section "InputClass" Identifier "touchpad" Driver "synaptics" MatchIsTouchpad "true" Option "TapButton1" "1" Option "TapButton2" "3" Option "TapButton3" "2" Option "VertTwoFingerScroll" "on" Option "HorizTwoFingerScroll" "on" EndSection The TapButton1 to TapButton3 indicate one, two or three finger taps. The corresponding value of “1”,“3”,“2” indicate left click, middle click and right click respectively. The next two lines enable horizontal and vertical scrolling.

You have installed OpenBSD on your MacBook but want to install on your USB drive for on the go usage. This procedure was tested using macOS Sierra. Installation is done using UEFI partition table and with full disk encryption. Note: The process may take much longer than the regular hard disk or VirtualBox install since we are writing to the disk directly from inside the VirtualBox. Before proceeding you will need A USB drive that can be formatted without worrying about the data Access to a machine with virtual box installed OpenBSD installer ISO file An optional USB wireless adapter.