Annotation of www/44.html, Revision 1.23
1.1 deraadt 1: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
2: <html>
3: <head>
4: <title>OpenBSD 4.4 Release</title>
5: <link rev=made href="mailto:www@openbsd.org">
6: <meta name="resource-type" content="document">
7: <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
8: <meta name="description" content="OpenBSD 4.4">
9: <meta name="keywords" content="openbsd,main">
10: <meta name="distribution" content="global">
11: <meta name="copyright" content="This document copyright 2008 by OpenBSD.">
12: </head>
13:
14: <body bgcolor="#ffffff" text="#000000" link="#24248E">
15:
16: <a href="index.html">
17: <img alt="[OpenBSD]" height="30" width="141" hspace="24" src="images/smalltitle.gif" border="0"></a>
18: <hr>
19:
20: <p>
21: <a href="images/Cryptonaut.jpg">
22: <img align="left" width="227" height="343" hspace="24" vspace="30"
23: src="images/???.jpg" alt="OpenBSD 4.4 logo"></a>
24: <h2><font color="#0000e0">The OpenBSD 4.4 Release:</font></h2>
25: <p>
26: Released Nov 1, 2008<br>
27: Copyright 1997-2008, Theo de Raadt.<br>
28: <font color="#e00000">ISBN 978-0-9784475-2-6</font>
29: <br>
30: <a href="lyrics.html#44">4.4 Song: "???"</a>
31: <p>
32:
33: <a href="#new">What's New</a><br>
34: <a href="#install">How to install</a><br>
35: <a href="#upgrade">How to upgrade</a><br>
36: <a href="#ports">How to use the ports tree</a><br>
37: <a href="orders.html">Ordering a CD set</a><br>
38:
39: <p>
40: <h3><font color="#0000e0">
41: To get the files for this release:
42: <ul>
43: <li>Order a CDROM from our <a href="orders.html">ordering system</a>.
44: <li>See the information on <a href="ftp.html">The FTP page</a> for
45: a list of mirror machines.
46: <li>Go to the <font color="#e00000">pub/OpenBSD/4.4/</font> directory on
47: one of the mirror sites.
48: <li>Briefly read the rest of this document.
49: <li>Have a look at <a href="errata44.html">The 4.4 Errata page</a> for a list
50: of bugs and workarounds.
51: <li>See a <a href="plus44.html">detailed log of changes</a> between the
52: 4.3 and 4.4 releases.
53: </ul>
54: </font></h3>
55: <br clear=all>
56:
57: <strong>Note:</strong> All applicable copyrights and credits can be found
58: in the applicable file sources found in the files src.tar.gz, sys.tar.gz,
59: xenocara.tar.gz, or in the files fetched via ports.tar.gz. The distribution
60: files used to build packages from the ports.tar.gz file are not included on
61: the CDROM because of lack of space.
62: <p>
63:
64: <a name="new"></a>
65: <hr>
66: <p>
67: <h3><font color="#0000e0">What's New</font></h3>
68: <p>
69: This is a partial list of new features and systems included in OpenBSD 4.4.
70: For a comprehensive list, see the <a href="plus44.html">changelog</a> leading
71: to 4.4.
72: <p>
73:
74: <ul>
75:
76: <li>New/extended platforms:
77: <ul>
78: <li><a href="sparc64.html">OpenBSD/sparc64</a><br>
79: Much more platform support. Machines using the Ultrasparc IV/T1/T2
80: and Fujitsu Sparc64-V/V/VII are now supported.
1.4 matthieu 81: <li><a href="socppc.html">OpenBSD/socppc</a><br>
1.8 deraadt 82: For machines based on the Freescale MPC8349E
83: System-on-Chip (SoC) platform that use Das U-Boot as a boot loader.
1.4 matthieu 84: <li><a href="landisk.html">OpenBSD/landisk</a><br>
1.8 deraadt 85: Added shared libraries support.
1.1 deraadt 86: </ul>
87: <p>
88:
89: <li>Improved hardware support, including:
90: <ul>
1.8 deraadt 91: <li>Several new/improved drivers for sensors, including:
92: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=fins&sektion=4">fins(4)</a>,
93: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=andl&sektion=4">andl(4)</a>,
94: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=it&sektion=4">it(4)</a>,
95: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=kate&sektion=4">kate(4)</a>,
96: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sdtemp&sektion=4">sdtemp(4)</a>,
97: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=lmtemp&sektion=4">lmtemp(4)</a>,
98: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=adt&sektion=4">adt(4)</a> and
99: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=km&sektion=4">km(4)</a>.
1.17 deraadt 100: <li>Support for the Intel G33 and G35 chipsets in
101: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=agp&sektion=4">agp(4)</a>.
102: <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=lii&sektion=4">lii(4)</a>
103: driver for Attansic L2 10/100 Ethernet devices.
104: <li>Preliminary support for UVC USB webcams:
105: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=uvideo&sektion=4">uvideo(4)</a>
1.8 deraadt 106: and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=video&sektion=4">video(4)</a>.
107: <li>WPA/WPA2-PSK support for several models wireless cards.
1.17 deraadt 108: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=openchrome&sektion=4">openchrome(4)</a>
109: driver replaces the via X.Org driver for VIA video cards.
1.8 deraadt 110: <li>AMD Geode video card driver for X.Org.
1.17 deraadt 111: <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=vmt&sektion=4">vmt(4)</a>
112: driver, implements VMware Tools.
113: <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=auglx&sektion=4&arch=i386">auglx(4)</a>
114: driver for AMD Geode LX CS5536 integrated AC'97 audio.
115: <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ix&sektion=4">ix(4)</a>
116: driver for Intel 82598 PCI Express 10Gb Ethernet.
117: <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=acpithinkpad&sektion=4">acpithinkpad(4)</a>
118: driver provides additional ACPI support for IBM/Lenovo ThinkPad laptops.
119: <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=acpiasus&sektion=4">acpiasus(4)</a>
120: driver provides additional ACPI support for ASUS laptops including the EeePC.
121: <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=gecko&sektion=4">gecko(4)</a>
122: driver supporting the GeckoBOA BC GSC+ port found on some hppa systems.
123: <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=tsec&sektion=4">tsec(4)</a>
124: driver supporting the Freescale Triple Speed Ethernet Controller..
125: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=re&sektion=4">re(4)</a>
126: driver now supports RTL8102E and RTL8168 devices.
127: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cas&sektion=4">cas(4)</a>
128: driver now supports National Semiconductor Saturn devices.
129: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pccom&sektion=4">pccom(4)</a>
130: driver has been removed; all platforms use com(4) now.
131: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cardbus&sektion=4">cardbus(4)</a>
132: and
133: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pcmcia&sektion=4">pcmcia(4)</a>
134: now work on most sparc64 machines.
135: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=udcf&sektion=4">udcf(4)</a>
136: driver now supports mouseCLOCK USB II devices.
137: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=msk&sektion=4">msk(4)</a>
1.21 deraadt 138: driver now supports 88E8040T devices.
1.17 deraadt 139: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ath&sektion=4">ath(4)</a>
140: now now supports many more Atheros wireless devices.
141: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ciss&sektion=4">ciss(4)</a>
142: driver now supports HP Smart Array P212, P410, P411, P411i
143: and P812 devices.
144: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=uftdi&sektion=4">uftdi(4)</a>
145: driver now supports ELV Elektronik and FTDI 2232L devices.
146: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=umsm&sektion=4">umsm(4)</a>
147: driver now supports Option GlobeTrotter 3G+, Huawei E220
148: and more HSDPA MSM devices.
149: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ubsa&sektion=4">ubsa(4)</a>
150: driver now supports ZTE CMDMA MSM devices.
151: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=axe&sektion=4">axe(4)</a>
152: driver now supports Apple USB A1277 devices.
153: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=puc&sektion=4">puc(4)</a>
154: driver now supports more Netmos devices.
155: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mgx&sektion=4">mgx(4)</a>
156: driver now supports 2D acceleration on selected boards.
1.19 deraadt 157: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isp&sektion=4">isp(4)</a>
158: driver firmware for some controllers has been updated.
159: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isp&sektion=4">isp(4)</a>
160: driver no longer hangs during probe some machines.
1.21 deraadt 161: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bge&sektion=4">bge(4)</a>
162: driver has better support for BCM5704 chipsets in fiber
163: mode which helps with some blade servers.
164: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bge&sektion=4">bge(4)</a>
165: driver has better support for the BCM5906 chipset on some systems.
166: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bge&sektion=4">bge(4)</a>
167: driver has much better support for PCI Express chipsets
168: resulting in much faster transit performance.
169: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bge&sektion=4">bge(4)</a>
170: driver has support for the BCM5714/5715/5780 chipsets using fiber interfaces.
171: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bnx&sektion=4">bnx(4)</a>
172: driver has support for the BCM5706/5708 chipsets using fiber interfaces.
1.17 deraadt 173: <li>For i386 and amd64, make serial console on non-primary ports work.
1.1 deraadt 174: <li>...
175: </ul>
176: <p>
177:
178: <li>New tools:
179: <ul>
1.17 deraadt 180: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=rpc.statd&sektion=8">rpc.statd(8)</a>,
181: the host status monitoring daemon for use with the NFS file locking daemon.
182: <li>Initial import of
183: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=yplapd&sektion=8">ypldap(8)</a>,
184: a drop-in replacement for ypserv to glue in an LDAP directory for
185: get{pw,gr}ent family of functions.
1.21 deraadt 186: <li>Deprecated <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=slattach&sektion=8">slattach(8)</a>
187: and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=slattach&sektion=8">slattach(8)</a>
188: in favor of
189: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=slattach&sektion=8">ldattach(8)</a>.
190: <li>Import of <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=tcpbench&sektion=8">tcpbench(1)</a>, a small TCP benchmarking tool.
1.1 deraadt 191: <li>...
192: </ul>
193: <p>
194:
195: <li>New functionality:
196: <ul>
1.3 ratchov 197: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=aucat&sektion=1">aucat(1)</a>
198: is now able to play and record audio in fullduplex, it
199: can mix unlimited number of streams, handles up to 16 channels, can
200: resample streams on the fly, supports various 24-bit and 32-bit
201: encodings and does format conversions on the fly.
1.8 deraadt 202: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=httpd&sektion=8">httpd(8)</a> now supports IPv6.
203: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dhcpd&sektion=8">dhcpd(8)</a> now supports basic
204: synchronization of the /etc/dhcpd.leases file to allow for running multiple instances for redundancy.
205: <li>Many wireless network drivers now support WPA.
1.17 deraadt 206: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=rpc.lockd&sektion=8">rpc.lockd(8)</a>
207: now supports NLMv4 and does actually do locking.
208: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ftp&sektion=1">ftp(1)</a>
209: now supports recursive mget transfers.
1.19 deraadt 210: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ftp&sektion=1">ftp(1)</a>
211: now uses keep alive packets by default.
1.21 deraadt 212: <li>Make <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ftp&sektion=1">ftp(1)</a>
213: accept empty passwords in URLs.
1.17 deraadt 214: <li>Allow <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cdio&sektion=1">cdio(1)</a>
215: in TAO mode to set the write speed.
1.19 deraadt 216: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cdio&sektion=1">cdio(1)</a>
217: no longer blanks media twice.
1.21 deraadt 218: <li>Add ability in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cdio&sektion=1">cdio(1)</a>
219: to determine media capabilities and make it figure out if media supports TAO or blanking.
1.17 deraadt 220: <li>Initial version of
221: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=softraid&sektion=4">softraid(4)</a>
222: crypto support. Disabled for now.
1.19 deraadt 223: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dhcpd&sektion=8">dhcpd(8)</a>
224: now groks options tftp-config-file and auto-proxy-script in dhcpd.conf.
225: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dhclient&sektion=8">dhclient(8)</a>
226: option handling much more resistant to abuse.
227: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dhclient&sektion=8">dhclient(8)</a>
228: now aware of interface link state and reacts to changes.
229: <li>DIOCRLDINFO, DIOCGPDINFO, and DIOCGPART support added to block devices
230: previously lacking it.
231: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=disklabel&sektion=8">disklabel(8)</a>
232: no longer supports the '-r' option, and obtains all disklabel information via ioctl's.
233: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=disklabel&sektion=8">disklabel(8)</a>
234: no longer suggests offsets and sizes that would result in partitions starting or ending
235: outside the OpenBSD section of the disk.
236: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=disklabel&sektion=8">disklabel(8)</a>
237: now correctly reads back the 'vendor' field from text disklabels.
238: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=disklabel&sektion=8">disklabel(8)</a>
239: editor mode '?' and 'p' commands are more compact and the 'l' command has been added
240: to produce previous verbose output.
241: <li>I/O's outside the bounds of the RAW_PART are now prevented, allowing
242: proper detection of invalid I/O's.
243: <li>USB floppies now have a valid cylinder count calculated, rather than 0.
244: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=newfs&sektion=8">newfs(8)</a>
245: can now create filesystems on devices with sector sizes other than 512, although
246: such filesystems cannot yet be read.
247: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=scsi&sektion=4">scsi(4)</a>
248: probing displays less useless verbiage and fewer spurious error messages.
249: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=st&sektion=4">st(4)</a>
250: devices can now be detached.
251: <li>ATAPI devices are now identified as such, rather than as SCSIn devices.
252: <li>SATA tape drives now work.
253: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=scsi&sektion=4">scsi(4)</a>
254: probing now displays the ID of the initiator on the bus.
255: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=scsi&sektion=4">scsi(4)</a>
256: debug capabilities improved to show commands and input or output data as appropriate.
257: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=scsi&sektion=4">scsi(4)</a>
258: probing makes better use of the TEST UNIT READY command to clear errors and allow
259: successfull attachments.
260: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=scsi&sektion=4">scsi(4)</a>
261: probing can now find more fibre channel attached devices.
1.21 deraadt 262: <li>Several mbuf pool cache corruption issues were fixed.
263: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=identd&sektion=8">identd(8)</a>
264: now supports IPv6 in standalone mode.
265: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cal&sektion=1">cal(1)</a>
266: now shows week numbers too.
267: <li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a>,
268: implement a sloppy tcpstate tracker which does not look at sequence numbers at all.
269: <li>Make <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=relayd&sektion=8">relayd(8)</a>
270: use sloppy
271: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a>
272: state keeping for routed sessions (Direct Server Return).
273: <li>Added support in
274: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=relayd&sektion=8">relayd(8)</a>
275: for transparent L7 forwarding in relays.
276: <li>Extend <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=awk&sektion=1">awk(1)</a>
277: with bitwise operations.
1.8 deraadt 278: <li>...
1.1 deraadt 279: </ul>
280: <p>
281:
282: <li>Assorted improvements and code cleanup:
283: <ul>
1.8 deraadt 284: <li>A greatly changed buffer cache subsystem which maps cache pages only
285: when in use, resulting in improved filesystem performance, and
286: allowing for the effective use of a much larger buffer cache
1.11 espie 287: <li>A greatly improved implementation of
1.9 otto 288: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=malloc&sektion=3">
1.11 espie 289: malloc(3)</a>, the general purpose memory allocator,
290: which catches more mistakes, reduces address space fragmentation,
291: and is faster.
1.10 otto 292: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=statfs&sektion=2">
1.14 otto 293: statfs(2)</a> system call has been enhanced to support large
1.10 otto 294: filesystems.
1.20 deraadt 295: <li>Lots of features have been implemented in OpenCVS, which can now be used
1.19 deraadt 296: to do some real work.
297: <li>New APIs for arc4random, one to fill a buffer with random numbers
298: and the other to return a uniformly distributed random number without bias.
1.12 deraadt 299: <li>...
1.1 deraadt 300: </ul>
301: <p>
302:
303: <li>Install/Upgrade process changes:
304: <ul>
1.15 deraadt 305: <li>A new tool
1.18 sobrado 306: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sysmerge&sektion=8">
307: sysmerge(8)</a>, derived from the old mergemaster port, makes
1.15 deraadt 308: it easier to merge configuration files changes during an upgrade.
1.16 deraadt 309: <li>Fully support OpenBSD inside extended partitions on i386 and amd64.
1.17 deraadt 310: <li>During installation 'dhcp' is now the initial default answer during
311: network configuration.
1.19 deraadt 312: <li>Fetching sets via FTP more reliable due to automatic use of keep alive.
313: <li>Fetching sets via NFS no longer hangs retrying a non-functional mount.
314: <li>Installation ensures hostname.* files are installed with mode 600.
315: <li>Serial console configuration now automatically detects speed.
316: <li>Serial console support extended to all architectures.
317: <li>Partition size display no longer limited to 32 bit sizes.
318: <li>Partition sizes now scaled and formatted to use human readable units.
319: <li>NTPD configuration questions improved.
320: <li>Sparc miniroot root disk detection fixed.
321: <li>Invocations of
322: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=disklabel&sektion=8">disklabel(8)</a>
323: by the scripts are now less verbose.
1.1 deraadt 324: </ul>
325: <p>
326:
1.15 deraadt 327: <li>OpenSSH 5.1:
1.1 deraadt 328: <ul>
1.15 deraadt 329: <li>New experimental fingerprint ASCII art visualisation system for easier
330: verification of remote keys.
331: <li>Added <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=chroot&sektion=2">
332: chroot(2)</a> support for
333: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>.
334: <li>Added an extended test mode (-T) to
335: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>.
336: <li>Make
337: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>
338: support negation of groups in a "Match group" block.
1.16 deraadt 339: <li>Increased the ephemeral key size in protocol1 from 768 to 1024 bits.
1.15 deraadt 340: <li>Better tests of primes in /etc/moduli
1.16 deraadt 341: <li>Refuse to read .shosts or authorized_keys files that are not regular
1.15 deraadt 342: files.
343: <li>Enable ~ escapes for multiplex slave sessions.
1.16 deraadt 344: <li>Support CIDR address matching in Match blocks and authorized_keys
1.15 deraadt 345: from="..." stanzas.
346: <li>Make port forwarding code try additional addresses when connecting to
347: a destination whose DNS name resolves to more than one address.
348: <li>Make the maximum number of
349: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>
1.16 deraadt 350: sessions run-time controllable via MaxSessions in
1.15 deraadt 351: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh_config&sektion=5">
352: ssh_config(5)</a>.
353: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh_scan&sektion=1">
1.16 deraadt 354: ssh_scan(1)</a> now defaults to RSA protocol 2 keys, instead of RSA1.
1.15 deraadt 355: <li>Added an extension to sftp protocol to implement
356: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=statvfs&sektion=2">
357: statvfs(2)</a>-like operations and add a df command to
358: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sftp&sektion=1">
359: sftp(1)</a>.
360: <li>Disable execution of /.ssh/rc for sessions where a command has been
361: forced by the sshd_config ForceCommand directive.
362: <li>And several bug fixes and performance enhancements.
1.1 deraadt 363: </ul>
364: <p>
365:
366: <li>Over ???? ports, minor robustness improvements in package tools.
367: <li>Many pre-built packages for each architecture:
368: <table border=0 cellspacing=0 cellpadding=2 width="95%">
369: <tr>
370: <td valign="top" width="25%">
371: <ul>
1.8 deraadt 372: <li>i386: 5033
373: <li>sparc64: 4862
1.1 deraadt 374: <li>alpha: ????
375: <li>sh: ????
376: </ul></td><td valign=top width="25%"><ul>
1.23 ! deraadt 377: <li>amd64: 4940
1.22 deraadt 378: <li>powerpc: 4258
1.1 deraadt 379: <li>sparc: ????
380: <li>m68k: ????
381: </ul></td><td valign=top width="25%"><ul>
382: <li>arm: ????
383: <li>hppa: ????
384: <li>vax: ????
385: <li>mips64: ????
386: </ul></td><td valign=top width="25%"><ul>
387: <li>m88k: ????
388: </ul></td></tr></table>
389: Some highlights:
390: <ul>
1.11 espie 391: <li>mozilla-firefox3
392: <li>drupal-5, core package and external modules, a modern CMS.
1.1 deraadt 393: </ul>
394: <p>
395:
396: <li>As usual, steady improvements in manual pages and other documentation.
397: <p>
398:
399: <li>The system includes the following major components from outside suppliers:
400: <ul>
401: <li>Xenocara (based on X.Org 7.3 + patches, freetype 2.3.5, fontconfig
1.2 matthieu 402: 2.4.2, Mesa 7.0.3, xterm 234 and more)
1.1 deraadt 403: <li>Gcc 2.95.3
404: (+ <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=gcc-local&sektion=1">patches</a>)
405: and 3.3.5
406: (+ <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=gcc-local&sektion=1">patches</a>)
407: <li>Perl 5.8.8 (+ patches)
408: <li>Our improved and secured version of Apache 1.3, with SSL/TLS and DSO support
409: <li>OpenSSL 0.9.7j (+ patches)
410: <li>Groff 1.15
1.8 deraadt 411: <li>Sendmail 8.14.3, with libmilter
412: <li>Bind 9.4.2-P2 (+ patches)
1.1 deraadt 413: <li>Lynx 2.8.5rel.4 with HTTPS and IPv6 support (+ patches)
1.8 deraadt 414: <li>Sudo 1.6.9p17
1.1 deraadt 415: <li>Ncurses 5.2
416: <li>Latest KAME IPv6
417: <li>Heimdal 0.7.2 (+ patches)
418: <li>Arla 0.35.7
419: <li>Binutils 2.15 (+ patches)
420: <li>Gdb 6.3 (+ patches)
421: </ul>
422: <p>
423:
424: </ul>
425:
426: <a name="install"></a>
427: <hr>
428: <p>
429: <h3><font color="#0000e0">How to install</font></h3>
430: <p>
431: Following this are the instructions which you would have on a piece of
432: paper if you had purchased a CDROM set instead of doing an alternate
433: form of install. The instructions for doing an FTP (or other style
434: of) install are very similar; the CDROM instructions are left intact
435: so that you can see how much easier it would have been if you had
436: purchased a CDROM instead.
437: <p>
438:
439: <hr>
440: Please refer to the following files on the three CDROMs or FTP mirror for
441: extensive details on how to install OpenBSD 4.4 on your machine:
442: <p>
443: <ul>
444: <li>CD1:4.4/i386/INSTALL.i386
445: <p>
446: <li>CD2:4.4/amd64/INSTALL.amd64
447: <li>CD2:4.4/macppc/INSTALL.macppc
448: <p>
449: <li>CD3:4.4/sparc64/INSTALL.sparc64
450: <p>
451: <li>FTP:.../OpenBSD/4.4/alpha/INSTALL.alpha
452: <li>FTP:.../OpenBSD/4.4/armish/INSTALL.armish
453: <li>FTP:.../OpenBSD/4.4/hp300/INSTALL.hp300
454: <li>FTP:.../OpenBSD/4.4/hppa/INSTALL.hppa
455: <li>FTP:.../OpenBSD/4.4/landisk/INSTALL.landisk
456: <li>FTP:.../OpenBSD/4.4/mac68k/INSTALL.mac68k
457: <li>FTP:.../OpenBSD/4.4/mvme68k/INSTALL.mvme68k
458: <li>FTP:.../OpenBSD/4.4/mvme88k/INSTALL.mvme88k
459: <li>FTP:.../OpenBSD/4.4/sgi/INSTALL.sgi
460: <li>FTP:.../OpenBSD/4.4/sparc/INSTALL.sparc
461: <li>FTP:.../OpenBSD/4.4/vax/INSTALL.vax
462: <li>FTP:.../OpenBSD/4.4/zaurus/INSTALL.zaurus
463: </ul>
464: <hr>
465:
466: <p>
467: Quick installer information for people familiar with OpenBSD, and the
468: use of the "disklabel -E" command. If you are at all confused when
469: installing OpenBSD, read the relevant INSTALL.* file as listed above!
470: <p>
471:
472: <h3><font color="#e00000">OpenBSD/i386:</font></h3>
473: <ul>
474: Play with your BIOS options to enable booting from a CD. The OpenBSD/i386
475: release is on CD1. If your BIOS does not support booting from CD, you will need
476: to create a boot floppy to install from. To create a boot floppy write
477: <i>CD1:4.4/i386/floppy44.fs</i> to a floppy and boot via the floppy drive.
478:
479: <p>
480: Use <i>CD1:4.4/i386/floppyB44.fs</i> instead for greater SCSI controller
481: support, or <i>CD1:4.4/i386/floppyC44.fs</i> for better laptop support.
482:
483: <p>
484: If you can't boot from a CD or a floppy disk,
485: you can install across the network using PXE as described in
486: the included INSTALL.i386 document.
487:
488: <p>
489: If you are planning on dual booting OpenBSD with another OS, you will need to
490: read INSTALL.i386.
491:
492: <p>
493: To make a boot floppy under MS-DOS, use the "rawrite" utility located
494: at <i>CD1:4.4/tools/rawrite.exe</i>. To make the boot floppy under a Unix OS,
495: use the
496: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dd&sektion=1">dd(1)</a>
497: utility. The following is an example usage of
498: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dd&sektion=1">dd(1)</a>,
499: where the device could be "floppy", "rfd0c", or
500: "rfd0a".
501:
502: <ul><pre>
503: # <strong>dd if=<file> of=/dev/<device> bs=32k</strong>
504: </pre></ul>
505:
506: <p>
507: Make sure you use properly formatted perfect floppies with NO BAD BLOCKS or
508: your install will most likely fail. For more information on creating a boot
509: floppy and installing OpenBSD/i386 please refer to
510: <a href="faq/faq4.html#MkFlop">FAQ 4.3.1</a>.
511: </ul>
512:
513: <p>
514: <h3><font color="#e00000">OpenBSD/amd64:</font></h3>
515: <ul>
516: The 4.4 release of OpenBSD/amd64 is located on CD2.
517: Boot from the CD to begin the install - you may need to adjust
518: your BIOS options first.
519: If you can't boot from the CD, you can create a boot floppy to install from.
520: To do this, write <i>CD2:4.4/amd64/floppy44.fs</i> to a floppy, then
521: boot from the floppy drive.
522:
523: <p>
524: If you can't boot from a CD or a floppy disk,
525: you can install across the network using PXE as described in the included
526: INSTALL.amd64 document.
527:
528: <p>
529: If you are planning to dual boot OpenBSD with another OS, you will need to
530: read INSTALL.amd64.
531: </ul>
532:
533: <p>
534: <h3><font color="#e00000">OpenBSD/macppc:</font></h3>
535: <ul>
536: Put CD2 in your CDROM drive and poweron your machine while holding down the
537: <i>C</i> key until the display turns on and shows <i>OpenBSD/macppc boot</i>.
538:
539: <p>
540: Alternatively, at the Open Firmware prompt, enter <i>boot cd:,ofwboot
541: /4.4/macppc/bsd.rd</i>
542: </ul>
543:
544: <p>
545: <h3><font color="#e00000">OpenBSD/sparc64:</font></h3>
546: <ul>
547: Put CD3 in your CDROM drive and type <i>boot cdrom</i>.
548:
549: <p>
550: If this doesn't work, or if you don't have a CDROM drive, you can write
551: <i>CD3:4.4/sparc64/floppy44.fs</i> or <i>CD3:4.4/sparc64/floppyB44.fs</i>
552: (depending on your machine) to a floppy and boot it with <i>boot
553: floppy</i>. Refer to INSTALL.sparc64 for details.
554:
555: <p>
556: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
557: will most likely fail.
558:
559: <p>
560: You can also write <i>CD3:4.4/sparc64/miniroot44.fs</i> to the swap partition on
561: the disk and boot with <i>boot disk:b</i>.
562:
563: <p>
564: If nothing works, you can boot over the network as described in INSTALL.sparc64.
565: </ul>
566:
567: <p>
568: <h3><font color="#e00000">OpenBSD/alpha:</font></h3>
569: <ul>
570: <p>Write <i>FTP:4.4/alpha/floppy44.fs</i> or
571: <i>FTP:4.4/alpha/floppyB44.fs</i> (depending on your machine) to a diskette and
572: enter <i>boot dva0</i>. Refer to INSTALL.alpha for more details.
573:
574: <p>
575: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
576: will most likely fail.
577:
578: </ul>
579:
580: <p>
581: <h3><font color="#e00000">OpenBSD/armish:</font></h3>
582: <ul>
583: <p>
584: After connecting a serial port, Thecus can boot directly from the network
585: either tftp or http. Configure the network using fconfig, reset,
586: then load bsd.rd, see INSTALL.armish for specific details.
587: IOData HDL-G can only boot from an EXT-2 partition. Boot into linux
588: and copy 'boot' and bsd.rd into the first partition on wd0 (hda1)
589: then load and run bsd.rd, preserving the wd0i (hda1) ext2fs partition.
590: More details are available in INSTALL.armish.
591: </ul>
592:
593: <p>
594: <h3><font color="#e00000">OpenBSD/hp300:</font></h3>
595: <ul>
596: <p>
597: Boot over the network by following the instructions in INSTALL.hp300.
598: </ul>
599:
600: <p>
601: <h3><font color="#e00000">OpenBSD/hppa:</font></h3>
602: <ul>
603: <p>
604: Boot over the network by following the instructions in INSTALL.hppa or the
605: <a href="hppa.html#install">hppa platform page</a>.
606: </ul>
607:
608: <p>
609: <h3><font color="#e00000">OpenBSD/landisk:</font></h3>
610: <ul>
611: <p>
612: Write <i>miniroot44.fs</i> to the start of the CF
613: or disk, and boot normally.
614: </ul>
615:
616: <p>
617: <h3><font color="#e00000">OpenBSD/mac68k:</font></h3>
618: <ul>
619: <p>
620: Boot MacOS as normal and extract the Macside "BSD/Mac68k Booter" utility from
621: <i>FTP:4.4/mac68k/utils</i> onto your hard disk. Configure the "BSD/Mac68k
622: Booter" with the location of your bsd.rd kernel and boot into the installer.
623: Refer to the instructions in INSTALL.mac68k for more details.
624: </ul>
625:
626: <p>
627: <h3><font color="#e00000">OpenBSD/mvme68k:</font></h3>
628: <ul>
629: <p>
630: You can create a bootable installation tape or boot over the network.<br>
631: The network boot requires a MVME68K BUG version that supports the <i>NIOT</i>
632: and <i>NBO</i> debugger commands. Follow the instructions in INSTALL.mvme68k
633: for more details.
634: </ul>
635:
636: <p>
637: <h3><font color="#e00000">OpenBSD/mvme88k:</font></h3>
638: <ul>
639: <p>
640: You can create a bootable installation tape or boot over the network.<br>
641: The network boot requires a MVME88K BUG version that supports the <i>NIOT</i>
642: and <i>NBO</i> debugger commands. Follow the instructions in INSTALL.mvme88k
643: for more details.
644: </ul>
645:
646: <p>
647: <h3><font color="#e00000">OpenBSD/sparc:</font></h3>
648: <ul>
649: Boot from one of the provided install ISO images, using one of the two
650: commands listed below, depending on the version of your ROM.
651:
652: <ul><pre>
653: ok <strong>boot cdrom 4.4/sparc/bsd.rd</strong>
654: or
655: > <strong>b sd(0,6,0)4.4/sparc/bsd.rd</strong>
656: </pre></ul>
657:
658: <p>
659: If your SPARC system does not have a CD drive, you can alternatively boot from floppy.
660: To do so you need to write <i>floppy44.fs</i> to a floppy.
661: For more information see <a href="faq/faq4.html#MkFlop">FAQ 4.3.1</a>.
662: To boot from the floppy use one of the two commands listed below,
663: depending on the version of your ROM.
664:
665: <ul><pre>
666: ok <strong>boot floppy</strong>
667: or
668: > <strong>b fd()</strong>
669: </pre></ul>
670:
671: <p>
672: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
673: will most likely fail.
674:
675: <p>
676: If your SPARC system doesn't have a floppy drive nor a CD drive, you can either
677: setup a bootable tape, or install via network, as told in the
678: INSTALL.sparc file.
679: </ul>
680:
681: <p>
682: <h3><font color="#e00000">OpenBSD/sgi:</font></h3>
683: <ul>
684: <p>
685: Burn cd44.iso on a CD-R, put it in the CD drive of your machine and
686: select <i>Install System Software</i> from the System Maintenance menu.
687:
688: <p>
689: If your machine doesn't have a CD drive, you can
690: setup a DHCP/tftp network server, and boot using "bootp()/bsd.rd".
691: Refer to the instructions in INSTALL.sgi for more details.
692: </ul>
693:
694: <p>
695: <h3><font color="#e00000">OpenBSD/vax:</font></h3>
696: <ul>
697: Boot over the network via mopbooting as described in INSTALL.vax.
698: </ul>
699:
700: <p>
701: <h3><font color="#e00000">OpenBSD/zaurus:</font></h3>
702: <ul>
703: <p>
704: Using the Linux built-in graphical ipkg installer, install the
705: openbsd44_arm.ipk package. Reboot, then run it. Read INSTALL.zaurus
706: for a few important details.
707: </ul>
708:
709: <p>
710: <h3><font color="#e00000">Notes about the source code:</font></h3>
711: <ul>
712: src.tar.gz contains a source archive starting at /usr/src. This file
713: contains everything you need except for the kernel sources, which are
714: in a separate archive. To extract:
715: <p>
716: <ul><pre>
717: # <strong>mkdir -p /usr/src</strong>
718: # <strong>cd /usr/src</strong>
719: # <strong>tar xvfz /tmp/src.tar.gz</strong>
720: </pre></ul>
721: <p>
722: sys.tar.gz contains a source archive starting at /usr/src/sys.
723: This file contains all the kernel sources you need to rebuild kernels.
724: To extract:
725: <p>
726: <ul><pre>
727: # <strong>mkdir -p /usr/src/sys</strong>
728: # <strong>cd /usr/src</strong>
729: # <strong>tar xvfz /tmp/sys.tar.gz</strong>
730: </pre></ul>
731: <p>
732: Both of these trees are a regular CVS checkout. Using these trees it
733: is possible to get a head-start on using the anoncvs servers as
734: described <a href="anoncvs.html">here</a>.
735: Using these files
736: results in a much faster initial CVS update than you could expect from
737: a fresh checkout of the full OpenBSD source tree.
738: <p>
739: </ul>
740:
741: <a name="upgrade"></a>
742: <hr>
743: <p>
744: <h3><font color="#0000e0">How to upgrade</font></h3>
745: <p>
746: If you already have an OpenBSD 4.3 system, and do not want to reinstall,
747: upgrade instructions and advice can be found in the
748: <a href="faq/upgrade44.html">Upgrade Guide</a>.
749:
750: <a name="ports"></a>
751: <hr>
752: <p>
753: <h3><font color="#0000e0">Ports Tree</font></h3>
754: <p>
755: A ports tree archive is also provided. To extract:
756: <p>
757: <ul><pre>
758: # <strong>cd /usr</strong>
759: # <strong>tar xvfz /tmp/ports.tar.gz</strong>
760: # <strong>cd ports</strong>
761: </pre></ul>
762: <p>
763: The <i>ports/</i> subdirectory is a checkout of the OpenBSD ports tree. Go
764: read the <a href="ports.html">ports</a> page
765: if you know nothing about ports
766: at this point. This text is not a manual of how to use ports.
767: Rather, it is a set of notes meant to kickstart the user on the
768: OpenBSD ports system.
769: <p>
770: The <i>ports/</i> directory represents a CVS (see the manpage for
771: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cvs&apropos=0&sektion=1&manpath=OpenBSD+Current&arch=i386&format=html">
772: cvs(1)</a> if
773: you aren't familiar with CVS) checkout of our ports. As with our complete
774: source tree, our ports tree is available via anoncvs. So, in
775: order to keep current with it, you must make the <i>ports/</i> tree
776: available on a read-write medium and update the tree with a command
777: like:
778: <p>
779: <ul><pre>
780: # <strong>cd [portsdir]/; cvs -d anoncvs@server.openbsd.org:/cvs update -Pd -rOPENBSD_4_4</strong>
781: </pre></ul>
782: <p>
783: [Of course, you must replace the local directory and server name here
784: with the location of your ports collection and a nearby anoncvs
785: server.]
786: <p>
787: Note that most ports are available as packages through FTP. Updated
788: packages for the 4.4 release will be made available if problems arise.
789: <p>
790: If you're interested in seeing a port added, would like to help out, or just
791: would like to know more, the mailing list ports@openbsd.org is a good
792: place to know.
793: <p>
794:
795: <hr>
796: <a href="index.html"><img height="24" width="24" src="back.gif" border="0"
797: alt="OpenBSD"></a>
798: <a href="mailto:www@openbsd.org">www@openbsd.org</a>
799: <br><small>
1.23 ! deraadt 800: $OpenBSD: 44.html,v 1.22 2008/08/25 18:20:25 deraadt Exp $
1.1 deraadt 801: </small>
802:
803: </body>
804: </html>