Annotation of www/56.html, Revision 1.43
1.1 deraadt 1: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
2: <html>
3: <head>
4: <title>OpenBSD 5.6</title>
5: <meta name="resource-type" content="document">
6: <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
7: <meta name="description" content="OpenBSD 5.6">
8: <meta name="keywords" content="openbsd,main">
9: <meta name="distribution" content="global">
10: <meta name="copyright" content="This document copyright 2014 by OpenBSD.">
11: </head>
12:
13: <body bgcolor="#ffffff" text="#000000" link="#24248E">
14:
15: <a href="index.html">
16: <img alt="[OpenBSD]" height="30" width="141" hspace="24" src="images/smalltitle.gif" border="0"></a>
17: <p>
18:
1.20 deraadt 19: <a href="images/CaptainTedu.jpg">
20: <img align="left" width="227" height="343" hspace="24" src="images/CaptainTedu.jpg"></a>
1.1 deraadt 21: <h2><font color="#0000e0">OpenBSD 5.6</font></h2>
22: <p>
1.20 deraadt 23: To be released Nov 1, 2014<br>
1.1 deraadt 24: Copyright 1997-2014, Theo de Raadt.<br>
25: <font color="#e00000">ISBN 978-0-9881561-4-2</font>
26: <br>
1.20 deraadt 27: <a href="lyrics.html#56">5.6 Song: "Ride of the Valkyries"</a>
1.1 deraadt 28: <p>
29:
30: <ul>
1.22 deraadt 31: <li>Order a CDROM from our <a href="https://openbsdstore.com">ordering system</a>.
1.1 deraadt 32: <li>See the information on <a href="ftp.html">the FTP page</a> for
33: a list of mirror machines.
34: <li>Go to the <font color="#e00000">pub/OpenBSD/5.6/</font> directory on
35: one of the mirror sites.
36: <li>Have a look at <a href="errata56.html">the 5.6 errata page</a> for a list
37: of bugs and workarounds.
38: <li>See a <a href="plus56.html">detailed log of changes</a> between the
39: 5.5 and 5.6 releases.
40: <p>
1.10 deraadt 41: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=signify&sektion=1">signify(1)</a> pubkeys for this release:<br>
42: base: RWR0EANmo9nqhpPbPUZDIBcRtrVcRwQxZ8UKGWY8Ui4RHi229KFL84wV<br>
43: fw: RWT4e3jpYgSeLYs62aDsUkcvHR7+so5S/Fz/++B859j61rfNVcQTRxMw<br>
44: pkg: RWSPEf7Vpp2j0PTDG+eLs5L700nlqBFzEcSmHuv3ypVUEOYwso+UucXb<br>
1.1 deraadt 45: </ul>
46: <br clear=all>
47: All applicable copyrights and credits can be found in the applicable
48: file sources found in the files src.tar.gz, sys.tar.gz,
49: xenocara.tar.gz, or in the files fetched via ports.tar.gz. The
50: distribution files used to build packages from the ports.tar.gz file
51: are not included on the CDROM because of lack of space.
52: <p>
53:
54: <a name="new"></a>
55: <hr>
56: <p>
57: <h3><font color="#0000e0">What's New</font></h3>
58: <p>
59: This is a partial list of new features and systems included in OpenBSD 5.6.
60: For a comprehensive list, see the <a href="plus56.html">changelog</a> leading
61: to 5.6.
62: <p>
63:
64: <ul>
65: <li>...
66: <p>
67:
68:
69: <li>Installer improvements:
70: <ul>
1.15 krw 71: <li>Remove ftp and tape as install methods.
72: <li>Preserve the disklabel (and next 6 blocks) when installing boot block on
73: 4k-sector disk drives.
1.23 rpe 74: <li>Change the "Server?" question to "HTTP Server?" to allow unambiguous <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/autoinstall.8">autoinstall(8)</a> handling.
75: <li>Allow <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/autoinstall.8">autoinstall(8)</a> to fetch and install sets from multiple locations.
1.1 deraadt 76: <li>...
77: </ul>
78: <p>
79:
80: <li>New/extended platforms:
81: <ul>
82: <li>...
83: </ul>
84: <p>
85:
86: <li>Improved hardware support, including:
87: <ul>
1.13 dlg 88: <li>SCSI Multipathing support via <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/mpath.4">mpath(4)</a> and associated path drivers on several architectures.
1.24 stsp 89: <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/qlw.4">qlw(4)</a> driver for QLogic ISP SCSI HBAs.
1.38 brad 90: <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/qla.4">qla(4)</a> driver for QLogic ISP2100/2200/2300 Fibre Channel HBAs.
1.24 stsp 91: <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/upd.4">upd(4)</a> sensor driver for USB Power Devices (UPS).
1.26 jsg 92: <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/brswphy.4">brswphy(4)</a> driver for Broadcom BCM53xx 10/100/1000TX Ethernet PHYs.
93: <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/uscom.4">uscom(4)</a> driver for simple USB serial adapters.
1.24 stsp 94: <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/axen.4">axen(4)</a> driver for ASIX Electronics AX88179 10/100/Gigabit USB Ethernet devices.
95: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/inteldrm.4">inteldrm(4)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/radeondrm.4">radeondrm(4)</a> drivers have improved suspend/resume support.
96: <li>The userland interface for the <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/agp.4">agp(4)</a> driver has been removed.
97: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/rtsx.4">rtsx(4)</a> driver now supports card readers based on the RTS5227 and RTL8402 chipsets.
98: <li>The firmware for the <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/run.4">run(4)</a> driver has been updated to version 0.33.
99: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/run.4">run(4)</a> driver now supports devices based on the RT3900E chipset.
100: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/zyd.4">zyd(4)</a> driver, which was broken for some time, has been fixed.
101: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/bwi.4">bwi(4)</a> driver now works in systems with more than 1GB of RAM.
1.31 brad 102: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/re.4">re(4)</a> driver now supports devices based on the RTL8168EP/8111EP, RTL8168G/8111G, and RTL8168GU/8111GU chipsets.
1.1 deraadt 103: </ul>
104: <p>
105:
106: <li>Generic network stack improvements:
107: <ul>
1.19 lteo 108: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/divert.4">divert(4)</a> now supports checksum offload.
1.25 stsp 109: <li>IPv6 is now turned off on new interfaces by default. Assigning an IPv6 address will enable IPv6 on an interface.
110: <li>Support for RFC4620 IPv6 Node Information Queries has been removed.
111: <li>The kernel no longer supports the SO_DONTROUTE socket option.
112: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man3/getaddrinfo.3">getaddrinfo(3)</a> function now supports the AI_ADDRCONFIG flag defined in RFC 3493.
113: <li>Include router alert option (RAO) in IGMP packets, as required by RFC2236.
1.36 lteo 114: <li>ALTQ has been removed.
1.42 yasuoka 115: <li>The hash table for Protocol Control Block (PCB) of TCP and UDP now resize automatically on load.
1.1 deraadt 116: </ul>
117: <p>
118:
119: <li>Routing daemons and other userland network improvements:
120: <ul>
1.19 lteo 121: <li>When used with the -v flag, <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/tcpdump.8">tcpdump(8)</a> now shows the actual bad checksum within the IP/protocol header itself and what the good checksum should be.
122: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/ftp.1">ftp(1)</a> now allows its User-Agent to be changed via the -U command-line option.
1.25 stsp 123: <li>The -r option of <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ping.8">ping(8)</a> and <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/traceroute.8">traceroute(8)</a> has been removed.
124: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ifconfig.8">ifconfig(8)</a> can now explicitly assign an IPv6 link-local address and turn IPv6 autoconf on or off.
125: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ifconfig.8">ifconfig(8)</a> has been made smarter about parsing WEP keys on the command line.
126: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ifconfig.8">ifconfig(8)</a> scan now shows the encryption type of wireless networks (WEP, WPA, WPA2, 802.1x).
127: <li>MS-CHAPv1 (RFC2433) support has been removed from <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/pppd.8">pppd(8)</a>.
1.43 ! lteo 128: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/traceroute6.8">traceroute6(8)</a>
! 129: has been merged into
! 130: <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/traceroute.8">traceroute(8)</a>.
! 131: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man3/asr_run.3">asr API</a>
! 132: for asynchronous address resolution and nameserver querying is now public.
1.1 deraadt 133: </ul>
134: <p>
135:
1.27 gilles 136: <li>OpenSMTPD 5.4.3 (includes changes to 5.4.2):
1.1 deraadt 137: <ul>
1.27 gilles 138: <li>New/changed features:
139: <ul>
140: <li>OpenSMTPD replaces Sendmail as the default MTA.
141: <li>Queue process now runs under a different user for better isolation.
142: <li>Merged MDA, MTA and SMTP processes into a single unprivileged process.
143: <li>Killed the MFA process, it is no longer needed.
144: <li>Added support for email addresses lookups in the
145: <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man5/table.5?query=table">table_db</a> backend.
1.35 pascal 146: <li>Added RSA privilege separation support to prevent possible private key leakage.
1.27 gilles 147: </ul>
148: <li>The following significant bugs have been fixed in this release:
149: <ul>
150: <li>Minor bug fixes in some corner cases of the routing logic.
151: <li>The enqueuer no longer adds its own User-Agent.
152: <li>Disabled profiling code, allowing all processes to rest rather than waking up every second.
153: <li>Reworked the purge task to avoid disk-hits unless necessary... only once at startup.
154: <li>Fix various header parsing bugs in the local enqueuer.
155: <li>Assorted minor fixes and code cleanups.
156: </ul>
1.1 deraadt 157: </ul>
158: <p>
159:
160: <li>Security improvements:
161: <ul>
1.2 pascal 162: <li>Changed the heuristics of the stack protector to also protect functions with local array definitions and references to local frame addresses. This matches the -fstack-protector-strong option of upstream GCC.
163: <li>Position-independent executables (PIE) are now used by default on powerpc.
164: <li>Removed Kerberos.
1.28 tedu 165: <li>Default bcrypt hash type is now $2b$.
166: <li>Remove md5crypt support.
167: <li>Improved easier to use bcrypt API is now available.
168: <li>Increase randomness of random mmap mappings.
1.26 jsg 169: <li>Added <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/getentropy.2">getentropy(2)</a>.
170: <li>Added <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man3/timingsafe_memcmp.3">timingsafe_memcmp(3)</a>.
1.2 pascal 171: </ul>
172: <p>
173:
174: <li>Assorted improvements:
175: <ul>
1.3 espie 176: <li>locate databases for both base and xenocara, as
177: <code>/usr/lib/locate/src.db</code> and
178: <code>/usr/X11R6/lib/locate/xorg.db</code>.
179: <li>Much faster package updates, due to package contents reordering that
180: precludes re-downloading unchanged files.
1.16 krw 181: <li>Fix many programs that failed when accessing disks having sector sizes other than 512 bytes, including
182: <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/badsect.8">badsect(8)</a>,
183: <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/df.1">df(1)</a>,
184: <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/dump.8">dump(8)</a>,
185: <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/dumpfs.8">dumpfs(8)</a>,
186: <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/fsck_ext2fs.8">fsck_ext2fs(8)</a>,
187: <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/fsck_ffs.8">fsck_ffs(8)</a>,
188: <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/fsdb.8">fsdb(8)</a>,
189: <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/growfs.8">growfs(8)</a>,
190: <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ncheck_ffs.8">ncheck_ffs(8)</a>,
191: <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/quotacheck.8">quotacheck(8)</a>,
192: <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/tunefs.8">tunefs(8)</a>.
1.17 krw 193: <li>Constrain MSDOS timestamps to 1/1/1980 through 12/31/2107. 64-bit
194: time_t values outside that range are stored as 1/1/1980.
1.37 lteo 195: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man6/bs.6">bs(6)</a> now prints a battleship splash screen.
1.36 lteo 196: <li>rsh, rshd, rwho, rwhod, ruptime, asa, bdes, fpr, mkstr, page, xstr, oldrdist, fsplit, uyap, and bluetooth have been removed.
1.37 lteo 197: <li>Fix <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man3/atexit.3">atexit(3)</a> recursive handlers.
1.17 krw 198: <li>Enhance
199: <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/disklabel.8">disklabel(8)</a> to recover filesystem mountpoint information when reading saved ascii labels.
1.18 krw 200: <li>Properly handle
201: <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man3/msgbuf_write.3">msgbuf_write(3)</a> EOF conditions, including uses in
202: <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/tmux.1">tmux(1)</a>,
203: <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/dvmrpd.8">dvmrpd(8)</a>,
204: <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ldapd.8">ldapd(8)</a>,
205: <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ldpd.8">ldpd(8)</a>,
206: <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ospf6d.8">ospf6d(8)</a>,
207: <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ospfd.8">ospfd(8)</a>,
208: <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/relayd.8">relayd(8)</a>,
209: <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ripd.8">ripd(8)</a>,
210: <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/smtpd.8">smtpd(8)</a>,
211: <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/ypldap.8">ypldap(8)</a>.
1.21 krw 212: <li>Constrain <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/fdisk.8">fdisk(8)</a> '-l' to disk sizes of 64 blocks or more.
213: <li>Sync <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/fdisk.8">fdisk(8)</a> built-in MBR with current /usr/mdec/mbr.
214: <li>Quiet <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/dhclient.8">dhclient(8)</a> '-q' even more.
215: <li>Log less redundant <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/dhclient.8">dhclient(8)</a> info.
216: <li>New leases, lease renewals, cable state changes more obvious to applications monitoring <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/dhclient.8">dhclient(8)</a> files.
217: <li>Preserve chronological order of leases in the <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man5/dhclient.leases.5">dhclient.leases(5)</a> leases files.
218: <li>Use 'lease {}' statements in <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man5/dhclient.conf.5">dhclient.conf(5)</a>, allowing interfaces to get an address when no dynamic lease is available.
219: <li>Improve <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/dhclient.8">dhclient(8)</a> parsing and printing of classess static routes.
220: <li>Eliminate unnecessary rewrites of <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man5/resolv.conf.5">resolv.conf(5)</a> by <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/dhclient.8">dhclient(8)</a>.
1.40 guenther 221: <li>Added <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man2/sendsyslog.2">sendsyslog(2)</a>: <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man3/syslog.3">syslog(3)</a> now works even when out of file descriptors or in a chroot.
1.26 jsg 222: <li>Added
223: <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man3/errc.3">errc(3)</a>,
224: <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man3/verrc.3">verrc(3)</a>,
225: <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man3/warnc.3">warnc(3)</a> and
226: <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man3/vwarnc.3">vwarnc(3)</a>.
1.30 mlarkin 227: <li>Faster hibernate/unhibernate performance on amd64 and i386 platforms.
228: <li>Support hibernating to <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/softraid.4">softraid(4)</a> crypto volumes.
1.37 lteo 229: <li>Added <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man3/reallocarray.3">reallocarray(3)</a>,
230: which allows multiple sized objects to be allocated without the cost of
231: clearing memory while avoiding possible integer overflows.
232: <li>Extended <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man3/fread.3">fread(3)</a> and
233: <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man3/fwrite.3">fwrite(3)</a>
234: to check for integer overflows.
1.40 guenther 235: <li>Improved performance of <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man3/seekdir.3">seekdir(3)</a> to start of current buffer.
236: <li>Added <endian.h> per the revision of the POSIX spec in progress.
1.43 ! lteo 237: <li>Apache has been removed.
! 238: <li>Read support for ext4 filesystems.
1.1 deraadt 239: </ul>
240: <p>
241:
1.2 pascal 242: <li>LibreSSL
1.1 deraadt 243: <ul>
1.39 miod 244: <li>No support for legacy MacOS, Netware, OS/2, VMS and Windows platforms,
245: as well as antique compilers.
246: <li>Removal of the IBM 4758, Broadcom ubsec, Sureware, Nuron, GOST, GMP,
247: CSwift, CHIL, CAPI, Atalla and AEP engines, either because the hardware is
248: irrelevant, or because they require external non-free libraries to work.
249: <li>No support for FIPS-140 compliance.
250: <li>No EBCDIC support.
251: <li>Use standard routines from the C library (malloc, strdup, snprintf...)
252: instead of rolling our own, sometimes badly.
253: <li>Remove the old OpenSSL PRNG, and rely upon arc4random_buf from libc for
254: all the entropy needs.
255: <li>Remove the MD2 and SEED algorithms.
256: <li>Remove J-PAKE, PSK and SRP (mis)features.
257: <li>Aggressive cleaning of BN memory when no longer used.
258: <li>No support for Kerberos.
259: <li>No support for SSLv2.
260: <li>No support for the questionable DTLS heartbeat extension.
261: <li>No support for TLS compression.
262: <li>No support for US-Export SSL ciphers.
263: <li>Do not use the current time as a random seed in libssl.
264: <li>Support for ChaCha and Poly1305 algorithm.
265: <li>Support for Brainpool and ANSSI elliptic curves.
266: <li>Support for AES-GCM and ChaCha20-Poly1305 AEAD modes.
1.1 deraadt 267: </ul>
268: <p>
269:
1.2 pascal 270: <li>OpenSSH 6.7
1.1 deraadt 271: <ul>
1.14 sobrado 272: <li>Potentially-incompatible changes:
1.1 deraadt 273: <ul>
1.14 sobrado 274: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
275: The default set of ciphers and <i>MAC</i>s has been altered to remove
276: unsafe algorithms. In particular, <i>CBC ciphers</i> and
277: <i>arcfour*</i> are disabled by default.
278: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
279: Support for <i>tcpwrappers</i>/<i>libwrap</i> has been removed.
280: <li>OpenSSH 6.5 and 6.6 have a bug that causes ~0.2% of connections
281: using the "curve25519-sha256@libssh.org" <i>KEX exchange method</i>
282: to fail when connecting with something that implements the
283: specification correctly. OpenSSH 6.7 disables this KEX method when
284: speaking to one of the affected versions.
1.1 deraadt 285: </ul>
286: <li>New/changed features:
287: <ul>
1.14 sobrado 288: <li>Major internal refactoring to begin to make part of OpenSSH usable
289: as a library. So far the wire parsing, key handling and KRL code
290: has been refactored. Please note that we do not consider the API
291: stable yet, nor do we offer the library in separable form.
292: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>,
293: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
294: Add support for <i>Unix domain socket</i> forwarding. A remote TCP
295: port may be forwarded to a local Unix domain socket and vice versa or
296: both ends may be a Unix domain socket.
297: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>,
298: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-keygen&sektion=1">ssh-keygen(1)</a>:
299: Add support for <i>SSHFP DNS records</i> for <i>Ed2551</i>9 key types.
300: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sftp&sektion=1">sftp(1)</a>:
301: Allow resumption of interrupted uploads.
302: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
303: When rekeying, skip file/DNS lookups of the hostkey if it is the same
304: as the one sent during initial key exchange. (bz#2154)
305: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
306: Allow explicit ::1 and 127.0.0.1 forwarding bind addresses when
307: <tt>GatewayPorts=no</tt>; allows client to choose address family.
308: (bz#2222)
309: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
310: Add a
311: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd_config&sektion=5">sshd_config(5)</a>
312: <tt>PermitUserRC</tt> option to control whether <tt>~/.ssh/rc</tt> is
313: executed, mirroring the <tt>no-user-rc</tt> authorized_keys option.
314: (bz#2160)
315: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
316: Add a %C escape sequence for <tt>LocalCommand</tt> and
317: <tt>ControlPath</tt> that expands to a unique identifer based on a
318: hash of the tuple of (local host, remote user, hostname, port). Helps
319: avoid exceeding miserly pathname limits for Unix domain sockets in
320: multiplexing control paths. (bz#2220)
321: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
322: Make the "Too many authentication failures" message include the user,
323: source address, port and protocol in a format similar to the
324: authentication success/failure messages. (bz#2199)
325: <li>Added <i>unit</i> and <i>fuzz</i> tests for refactored code.
1.1 deraadt 326: </ul>
327: <li>The following significant bugs have been fixed in this release:
328: <ul>
1.14 sobrado 329: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
330: Fix remote forwarding with same listen port but different listen
331: address.
332: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
333: Fix inverted test that caused <i>PKCS#11</i> keys that were explicitly
334: listed in
335: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh_config&sektion=5">ssh_config(5)</a>
336: or on the commandline not to be preferred.
337: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-keygen&sektion=1">ssh-keygen(1)</a>:
338: Fix bug in KRL generation: multiple consecutive revoked certificate
339: serial number ranges could be serialised to an invalid format.
340: Readers of a broken KRL caused by this bug will fail closed, so no
341: should-have-been-revoked key will be accepted.
342: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
343: Reflect stdio-forward ("<tt>ssh -W host:port ...</tt>") failures in
344: exit status. Previously we were always returning 0. (bz#2255)
345: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>,
346: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-keygen&sektion=1">ssh-keygen(1)</a>:
347: Make Ed25519 keys' title fit properly in the randomart border.
348: (bz#2247)
349: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-agent&sektion=1">ssh-agent(1)</a>:
350: Only cleanup agent socket in the main agent process and not in any
351: subprocesses it may have started (e.g. forked askpass). Fixes agent
352: sockets being zapped when askpass processes <i>fatal()</i>. (bz#2236)
353: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-add&sektion=1">ssh-add(1)</a>:
354: Make stdout line-buffered; saves partial output getting lost when
355: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-add&sektion=1">ssh-add(1)</a>
356: <i>fatal()</i>s part-way through (e.g. when listing keys from an
357: agent that supports key types that
358: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-add&sektion=1">ssh-add(1)</a>
359: doesn't). (bz#2234)
360: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-keygen&sektion=1">ssh-keygen(1)</a>:
361: When hashing or removing hosts, don't choke on "@revoked" markers and
362: don't remove "@cert-authority" markers. (bz#2241)
363: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
364: Don't fatal when hostname canonicalisation fails and a
365: <tt>ProxyCommand</tt> is in use; continue and allow the
366: <tt>ProxyCommand</tt> to connect anyway (e.g. to a host with a name
367: outside the DNS behind a bastion).
368: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=scp&sektion=1">scp(1)</a>:
369: When copying local->remote fails during read, don't send uninitialised
370: heap to the remote end.
371: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sftp&sektion=1">sftp(1)</a>:
372: Fix fatal "el_insertstr failed" errors when tab-completing filenames
373: with a single quote char somewhere in the string. (bz#2238)
374: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-keyscan&sektion=1">ssh-keyscan(1)</a>:
375: Scan for Ed25519 keys by default.
376: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>:
377: When using <tt>VerifyHostKeyDNS</tt> with a DNSSEC resolver,
378: down-convert any certificate keys to plain keys and attempt SSHFP
379: resolution. Prevents a server from skipping SSHFP lookup and forcing
380: a new-hostkey dialog by offering only certificate keys.
381: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>:
382: Avoid crash at exit via NULL pointer reference. (bz#2225)
383: <li>Fix some strict-alignment errors.
1.1 deraadt 384: </ul>
385: </ul>
386: <p>
1.41 schwarze 387: <li>mandoc 1.13.0:
388: <ul>
389: <li>New implementation of <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=apropos&sektion=1">apropos(1)</a>,
390: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=whatis&sektion=1">whatis(1)</a>,
391: and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=makewhatis&sektion=8">makewhatis(8)</a> based on SQLite3 databases.
392: <li>Substantial improvements of <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mandoc&sektion=1">mandoc(1)</a> error and warning messages.
393: <li>Almost complete implementation of <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=roff&sektion=7">roff(7)</a> numerical expressions.
394: <li>About a dozen minor new features and numerous bug fixes.
395: </ul>
1.1 deraadt 396:
1.41 schwarze 397: <p>
1.1 deraadt 398: <li>Ports and packages:
399: <ul>
1.2 pascal 400: <li>Over 8,800 ports.
1.1 deraadt 401: <li>...
402: </ul>
403: <p>
404: <li>Many pre-built packages for each architecture:
405: <table border=0 cellspacing=0 cellpadding=2 width="95%">
406: <tr>
407: <td valign="top" width="25%">
408: <ul>
1.32 deraadt 409: <li>i386: 8588
410: <li>sparc64: 7965
411: <li>alpha: 6278
1.34 deraadt 412: <li>sh: XXXX
1.1 deraadt 413: </ul></td><td valign=top width="25%"><ul>
1.32 deraadt 414: <li>amd64: 8588
415: <li>powerpc: 8049
1.1 deraadt 416: <li>m88k: XXXX
1.34 deraadt 417: <li>sparc: 3394
1.1 deraadt 418: </ul></td><td valign=top width="25%"><ul>
419: <li>arm: XXXX
1.32 deraadt 420: <li>hppa: 6143
1.34 deraadt 421: <li>vax: 1995
1.1 deraadt 422: </ul></td><td valign=top width="25%"><ul>
1.33 deraadt 423: <li>mips64: 4686
1.32 deraadt 424: <li>mips64el: 6697
1.1 deraadt 425: </ul></td></tr></table>
426: <p>
427:
428: <li>Some highlights:
429: <ul>
1.2 pascal 430: <li>GNOME 3.12.2 <li>KDE 3.5.10
1.11 zhuk 431: <li>KDE 4.13.3
1.1 deraadt 432: <li>Xfce 4.10 <li>MySQL 5.1.73
1.2 pascal 433: <li>PostgreSQL 9.3.4 <li>Postfix 2.11.1
434: <li>OpenLDAP 2.3.43 and 2.4.39 <li>Mozilla Firefox 31.0
435: <li>Mozilla Thunderbird 31.0 <li>GHC 7.6.3
436: <li>LibreOffice 4.1.6.2 <li>Emacs 21.4 and 24.3
437: <li>Vim 7.4.135 <li>PHP 5.3.28, 5.4.30 and 5.5.14
438: <li>Python 2.7.8, 3.3.5 and 3.4.1 <li>Ruby 1.8.7.374, 1.9.3.545, 2.0.0.481 and 2.1.2
439: <li>Tcl/Tk 8.5.15 and 8.6.1 <li>JDK 1.6.0.32 and 1.7.0.55
440: <li>Mono 3.4.0 <li>Chromium 36.0.1985.125
441: <li>Groff 1.22.2 <li>Go 1.3
442: <li>GCC 4.6.4, 4.8.3 and 4.9.0 <li>LLVM/Clang 3.5 (20140228)
443: <li>Node.js 0.10.28
1.1 deraadt 444: </ul>
445: <p>
446:
447: <li>As usual, steady improvements in manual pages and other documentation.
448: <p>
449:
450: <li>The system includes the following major components from outside suppliers:
451: <ul>
1.2 pascal 452: <li>Xenocara (based on X.Org 7.7 with xserver 1.15.2 + patches,
453: freetype 2.5.3, fontconfig 2.11.1, Mesa 10.2.3, xterm 309,
454: xkeyboard-config 2.11 and more)
1.1 deraadt 455: <li>Gcc 4.2.1 (+ patches) and 3.3.6 (+ patches)
1.12 lteo 456: <li>Perl 5.18.2 (+ patches)
1.2 pascal 457: <li>Nginx 1.6.0 (+ patches)
458: <li>SQLite 3.8.4.3 (+ patches)
1.1 deraadt 459: <li>Sendmail 8.14.8, with libmilter
460: <li>Bind 9.4.2-P2 (+ patches)
1.12 lteo 461: <li>NSD 4.0.3
1.2 pascal 462: <li>Unbound 1.4.22
1.1 deraadt 463: <li>Sudo 1.7.2p8
464: <li>Ncurses 5.7
465: <li>Binutils 2.15 (+ patches)
466: <li>Gdb 6.3 (+ patches)
1.12 lteo 467: <li>Less 458 (+ patches)
1.1 deraadt 468: <li>Awk Aug 10, 2011 version
469: </ul>
470:
471: </ul>
472:
473: <a name="install"></a>
474: <hr>
475: <p>
476: <h3><font color="#0000e0">How to install</font></h3>
477: <p>
478: Following this are the instructions which you would have on a piece of
479: paper if you had purchased a CDROM set instead of doing an alternate
480: form of install. The instructions for doing an FTP (or other style
481: of) install are very similar; the CDROM instructions are left intact
482: so that you can see how much easier it would have been if you had
483: purchased a CDROM instead.
484: <p>
485:
486: <hr>
487: Please refer to the following files on the three CDROMs or FTP mirror for
488: extensive details on how to install OpenBSD 5.6 on your machine:
489: <p>
490: <ul>
1.8 deraadt 491: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.6/hppa/INSTALL.alpha">
492: .../OpenBSD/5.6/alpha/INSTALL.alpha (on CD1)</a>
1.1 deraadt 493: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.6/i386/INSTALL.i386">
494: .../OpenBSD/5.6/i386/INSTALL.i386 (on CD1)</a>
1.8 deraadt 495: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.6/hppa/INSTALL.hppa">
496: .../OpenBSD/5.6/hppa/INSTALL.hppa (on CD1)</a>
1.1 deraadt 497: <p>
498: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.6/amd64/INSTALL.amd64">
1.8 deraadt 499: .../OpenBSD/5.6/amd64/INSTALL.amd64 (on CD2)</a>
1.1 deraadt 500: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.6/macppc/INSTALL.macppc">
1.8 deraadt 501: .../OpenBSD/5.6/macppc/INSTALL.macppc (on CD2)</a>
1.1 deraadt 502: <p>
503: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.6/sparc64/INSTALL.sparc64">
1.8 deraadt 504: .../OpenBSD/5.6/sparc64/INSTALL.sparc64 (on CD3)</a>
1.1 deraadt 505: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.6/sparc/INSTALL.sparc">
1.8 deraadt 506: .../OpenBSD/5.6/sparc/INSTALL.sparc (on CD3)</a>
1.1 deraadt 507: <p>
508: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.6/alpha/INSTALL.alpha">
509: .../OpenBSD/5.6/alpha/INSTALL.alpha</a>
510: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.6/armish/INSTALL.armish">
511: .../OpenBSD/5.6/armish/INSTALL.armish</a>
512: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.6/armv7/INSTALL.armv7">
513: .../OpenBSD/5.6/armv7/INSTALL.armv7</a>
514: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.6/aviion/INSTALL.aviion">
515: .../OpenBSD/5.6/aviion/INSTALL.aviion</a>
516: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.6/hppa/INSTALL.hppa">
517: .../OpenBSD/5.6/hppa/INSTALL.hppa</a>
518: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.6/landisk/INSTALL.landisk">
519: .../OpenBSD/5.6/landisk/INSTALL.landisk</a>
520: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.6/loongson/INSTALL.loongson">
521: .../OpenBSD/5.6/loongson/INSTALL.loongson</a>
522: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.6/luna88k/INSTALL.luna88k">
523: .../OpenBSD/5.6/luna88k/INSTALL.luna88k</a>
524: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.6/macppc/INSTALL.macppc">
525: .../OpenBSD/5.6/macppc/INSTALL.macppc</a>
526: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.6/octeon/INSTALL.octeon">
527: .../OpenBSD/5.6/octeon/INSTALL.octeon</a>
528: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.6/sgi/INSTALL.sgi">
529: .../OpenBSD/5.6/sgi/INSTALL.sgi</a>
530: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.6/socppc/INSTALL.socppc">
531: .../OpenBSD/5.6/socppc/INSTALL.socppc</a>
532: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.6/sparc/INSTALL.sparc">
533: .../OpenBSD/5.6/sparc/INSTALL.sparc</a>
534: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.6/vax/INSTALL.vax">
535: .../OpenBSD/5.6/vax/INSTALL.vax</a>
536: <li><a href="http://ftp.openbsd.org/pub/OpenBSD/5.6/zaurus/INSTALL.zaurus">
537: .../OpenBSD/5.6/zaurus/INSTALL.zaurus</a>
538: </ul>
539: <hr>
540:
541: <p>
542: Quick installer information for people familiar with OpenBSD, and the
543: use of the "disklabel -E" command. If you are at all confused when
544: installing OpenBSD, read the relevant INSTALL.* file as listed above!
545: <p>
546:
547: <h3><font color="#e00000">OpenBSD/i386:</font></h3>
548: <ul>
549: Play with your BIOS options to enable booting from a CD. The OpenBSD/i386
550: release is on CD1. If your BIOS does not support booting from CD, you will need
551: to create a boot floppy to install from. To create a boot floppy write
552: <i>CD1:5.6/i386/floppy56.fs</i> to a floppy and boot via the floppy drive.
553:
554: <p>
555: Use <i>CD1:5.6/i386/floppyB56.fs</i> instead for greater SCSI controller
556: support, or <i>CD1:5.6/i386/floppyC56.fs</i> for better laptop support.
557:
558: <p>
559: If you can't boot from a CD or a floppy disk,
560: you can install across the network using PXE as described in
561: the included INSTALL.i386 document.
562:
563: <p>
564: If you are planning on dual booting OpenBSD with another OS, you will need to
565: read INSTALL.i386.
566:
567: <p>
568: To make a boot floppy under MS-DOS, use the "rawrite" utility located
569: at <i>CD1:5.6/tools/rawrite.exe</i>. To make the boot floppy under a Unix OS,
570: use the
571: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dd&sektion=1">dd(1)</a>
572: utility. The following is an example usage of
573: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dd&sektion=1">dd(1)</a>,
574: where the device could be "floppy", "rfd0c", or
575: "rfd0a".
576:
577: <ul><pre>
578: # <strong>dd if=<file> of=/dev/<device> bs=32k</strong>
579: </pre></ul>
580:
581: <p>
582: Make sure you use properly formatted perfect floppies with NO BAD BLOCKS or
583: your install will most likely fail. For more information on creating a boot
584: floppy and installing OpenBSD/i386 please refer to
585: <a href="faq/faq4.html#MkFlop">FAQ 4.3.2</a>.
586: </ul>
587:
588: <p>
589: <h3><font color="#e00000">OpenBSD/amd64:</font></h3>
590: <ul>
591: The 5.6 release of OpenBSD/amd64 is located on CD2.
592: Boot from the CD to begin the install - you may need to adjust
593: your BIOS options first.
594: If you can't boot from the CD, you can create a boot floppy to install from.
595: To do this, write <i>CD2:5.6/amd64/floppy56.fs</i> to a floppy, then
596: boot from the floppy drive.
597:
598: <p>
599: If you can't boot from a CD or a floppy disk,
600: you can install across the network using PXE as described in the included
601: INSTALL.amd64 document.
602:
603: <p>
604: If you are planning to dual boot OpenBSD with another OS, you will need to
605: read INSTALL.amd64.
606: </ul>
607:
608: <p>
609: <h3><font color="#e00000">OpenBSD/macppc:</font></h3>
610: <ul>
611: Burn the image from the FTP site to a CDROM, and power on your machine
612: while holding down the <i>C</i> key until the display turns on and
613: shows <i>OpenBSD/macppc boot</i>.
614:
615: <p>
616: Alternatively, at the Open Firmware prompt, enter <i>boot cd:,ofwboot
617: /5.6/macppc/bsd.rd</i>
618: </ul>
619:
620: <p>
621: <h3><font color="#e00000">OpenBSD/sparc64:</font></h3>
622: <ul>
623: Put CD3 in your CDROM drive and type <i>boot cdrom</i>.
624:
625: <p>
626: If this doesn't work, or if you don't have a CDROM drive, you can write
627: <i>CD3:5.6/sparc64/floppy56.fs</i> or <i>CD3:5.6/sparc64/floppyB56.fs</i>
628: (depending on your machine) to a floppy and boot it with <i>boot
629: floppy</i>. Refer to INSTALL.sparc64 for details.
630:
631: <p>
632: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
633: will most likely fail.
634:
635: <p>
636: You can also write <i>CD3:5.6/sparc64/miniroot56.fs</i> to the swap partition on
637: the disk and boot with <i>boot disk:b</i>.
638:
639: <p>
640: If nothing works, you can boot over the network as described in INSTALL.sparc64.
641: </ul>
642:
643: <p>
644: <h3><font color="#e00000">OpenBSD/alpha:</font></h3>
645: <ul>
646: <p>Write <i>FTP:5.6/alpha/floppy56.fs</i> or
647: <i>FTP:5.6/alpha/floppyB56.fs</i> (depending on your machine) to a diskette and
648: enter <i>boot dva0</i>. Refer to INSTALL.alpha for more details.
649:
650: <p>
651: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
652: will most likely fail.
653:
654: </ul>
655:
656: <p>
657: <h3><font color="#e00000">OpenBSD/armish:</font></h3>
658: <ul>
659: <p>
660: After connecting a serial port, Thecus can boot directly from the network
661: either tftp or http. Configure the network using fconfig, reset,
662: then load bsd.rd, see INSTALL.armish for specific details.
663: IOData HDL-G can only boot from an EXT-2 partition. Boot into linux
664: and copy 'boot' and bsd.rd into the first partition on wd0 (hda1)
665: then load and run bsd.rd, preserving the wd0i (hda1) ext2fs partition.
666: More details are available in INSTALL.armish.
667: </ul>
668:
669: <p>
670: <h3><font color="#e00000">OpenBSD/hppa:</font></h3>
671: <ul>
672: <p>
673: Boot over the network by following the instructions in INSTALL.hppa or the
674: <a href="hppa.html#install">hppa platform page</a>.
675: </ul>
676:
677: <p>
678: <h3><font color="#e00000">OpenBSD/landisk:</font></h3>
679: <ul>
680: <p>
681: Write <i>miniroot56.fs</i> to the start of the CF
682: or disk, and boot normally.
683: </ul>
684:
685: <p>
686: <h3><font color="#e00000">OpenBSD/loongson:</font></h3>
687: <ul>
688: <p>
689: Write <i>miniroot56.fs</i> to a USB stick and boot bsd.rd from it
690: or boot bsd.rd via tftp.
691: Refer to the instructions in INSTALL.loongson for more details.
692: </ul>
693: <p>
694:
695: <p>
696: <h3><font color="#e00000">OpenBSD/luna88k:</font></h3>
697: <ul>
698: <p>
699: Copy `boot' and `bsd.rd' to a Mach or UniOS partition, and boot the bootloader
700: from the PROM, and the bsd.rd from the bootloader.
701: Refer to the instructions in INSTALL.luna88k for more details.
702: </ul>
703:
704: <p>
705: <h3><font color="#e00000">OpenBSD/octeon:</font></h3>
706: <ul>
707: <p>
708: After connecting a serial port, boot bsd.rd over the network via DHCP/tftp.
709: Refer to the instructions in INSTALL.octeon for more details.
710: </ul>
711:
712: <p>
713: <h3><font color="#e00000">OpenBSD/sgi:</font></h3>
714: <ul>
715: <p>
716: To install, burn cd56.iso on a CD-R, put it in the CD drive of your
717: machine and select <i>Install System Software</i> from the System Maintenance
718: menu. Indigo/Indy/Indigo2 (R4000) systems will not boot automatically from
719: CD-ROM, and need a proper invocation from the PROM prompt.
720: Refer to the instructions in INSTALL.sgi for more details.
721:
722: <p>
723: If your machine doesn't have a CD drive, you can setup a DHCP/tftp network
724: server, and boot using "bootp()/bsd.rd.IP##" using the kernel matching your
725: system type. Refer to the instructions in INSTALL.sgi for more details.
726: </ul>
727:
728: <p>
729: <h3><font color="#e00000">OpenBSD/socppc:</font></h3>
730: <ul>
731: <p>
732: After connecting a serial port, boot over the network via DHCP/tftp.
733: Refer to the instructions in INSTALL.socppc for more details.
734: </ul>
735:
736: <p>
737: <h3><font color="#e00000">OpenBSD/sparc:</font></h3>
738: <ul>
739: Boot from one of the provided install ISO images, using one of the two
740: commands listed below, depending on the version of your ROM.
741:
742: <ul><pre>
743: ok <strong>boot cdrom 5.6/sparc/bsd.rd</strong>
744: or
745: > <strong>b sd(0,6,0)5.6/sparc/bsd.rd</strong>
746: </pre></ul>
747:
748: <p>
749: If your SPARC system does not have a CD drive, you can alternatively boot from floppy.
750: To do so you need to write <i>floppy56.fs</i> to a floppy.
751: For more information see <a href="faq/faq4.html#MkFlop">FAQ 4.3.2</a>.
752: To boot from the floppy use one of the two commands listed below,
753: depending on the version of your ROM.
754:
755: <ul><pre>
756: ok <strong>boot floppy</strong>
757: or
758: > <strong>b fd()</strong>
759: </pre></ul>
760:
761: <p>
762: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
763: will most likely fail.
764:
765: <p>
766: If your SPARC system doesn't have a floppy drive nor a CD drive, you can either
767: setup a bootable tape, or install via network, as told in the
768: INSTALL.sparc file.
769: </ul>
770:
771: <p>
772: <h3><font color="#e00000">OpenBSD/vax:</font></h3>
773: <ul>
774: Boot over the network via mopbooting as described in INSTALL.vax.
775: </ul>
776:
777: <p>
778: <h3><font color="#e00000">OpenBSD/zaurus:</font></h3>
779: <ul>
780: <p>
781: Using the Linux built-in graphical ipkg installer, install the
782: openbsd56_arm.ipk package. Reboot, then run it. Read INSTALL.zaurus
783: for a few important details.
784: </ul>
785:
786: <p>
787: <h3><font color="#e00000">Notes about the source code:</font></h3>
788: <ul>
789: src.tar.gz contains a source archive starting at /usr/src. This file
790: contains everything you need except for the kernel sources, which are
791: in a separate archive. To extract:
792: <p>
793: <ul><pre>
794: # <strong>mkdir -p /usr/src</strong>
795: # <strong>cd /usr/src</strong>
796: # <strong>tar xvfz /tmp/src.tar.gz</strong>
797: </pre></ul>
798: <p>
799: sys.tar.gz contains a source archive starting at /usr/src/sys.
800: This file contains all the kernel sources you need to rebuild kernels.
801: To extract:
802: <p>
803: <ul><pre>
804: # <strong>mkdir -p /usr/src/sys</strong>
805: # <strong>cd /usr/src</strong>
806: # <strong>tar xvfz /tmp/sys.tar.gz</strong>
807: </pre></ul>
808: <p>
809: Both of these trees are a regular CVS checkout. Using these trees it
810: is possible to get a head-start on using the anoncvs servers as
811: described <a href="anoncvs.html">here</a>.
812: Using these files
813: results in a much faster initial CVS update than you could expect from
814: a fresh checkout of the full OpenBSD source tree.
815: <p>
816: </ul>
817:
818: <a name="upgrade"></a>
819: <hr>
820: <p>
821: <h3><font color="#0000e0">How to upgrade</font></h3>
822: <p>
1.6 deraadt 823: If you already have an OpenBSD 5.5 system, and do not want to reinstall,
1.1 deraadt 824: upgrade instructions and advice can be found in the
825: <a href="faq/upgrade56.html">Upgrade Guide</a>.
826:
827: <a name="ports"></a>
828: <hr>
829: <p>
830: <h3><font color="#0000e0">Ports Tree</font></h3>
831: <p>
832: A ports tree archive is also provided. To extract:
833: <p>
834: <ul><pre>
835: # <strong>cd /usr</strong>
836: # <strong>tar xvfz /tmp/ports.tar.gz</strong>
837: </pre></ul>
838: <p>
839: The <i>ports/</i> subdirectory is a checkout of the OpenBSD ports tree. Go
840: read the <a href="faq/ports/index.html">ports</a> page
841: if you know nothing about ports
842: at this point. This text is not a manual of how to use ports.
843: Rather, it is a set of notes meant to kickstart the user on the
844: OpenBSD ports system.
845: <p>
846: The <i>ports/</i> directory represents a CVS (see the manpage for
847: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cvs&sektion=1&arch=i386">
848: cvs(1)</a> if
849: you aren't familiar with CVS) checkout of our ports. As with our complete
850: source tree, our ports tree is available via
851: <a href="anoncvs.html">AnonCVS</a>.
852: So, in order to keep current with it, you must make the <i>ports/</i> tree
853: available on a read-write medium and update the tree with a command
854: like:
855: <p>
856: <ul><pre>
857: # <strong>cd /usr/ports</strong>
1.6 deraadt 858: # <strong>cvs -d anoncvs@server.openbsd.org:/cvs update -Pd -rOPENBSD_5_6</strong>
1.1 deraadt 859: </pre></ul>
860: <p>
861: [Of course, you must replace the server name here with a nearby anoncvs
862: server.]
863: <p>
864: Note that most ports are available as packages through FTP. Updated
865: packages for the 5.6 release will be made available if problems arise.
866: <p>
867: If you're interested in seeing a port added, would like to help out, or just
868: would like to know more, the mailing list
869: <a href="mail.html">ports@openbsd.org</a> is a good place to know.
870: <p>
871: </body>
872: </html>