Ghosts in the machine: GhostBSD 3.5

ghostbsd_logoJesse Smith has reviewed GhostBSD 3.5 in a feature story on Distrowatch and he likes what he has seen and used so far.

I was fairly happy with my experience with GhostBSD this week. In the past I have enjoyed GhostBSD because of the project’s ability to showcase what a FreeBSD-based operating system looks like running on a live disc with a functional desktop environment. There are not a lot of live discs available in the BSD communities and I was happy to see GhostBSD take on the challenge.

An interesting comment in the article (please don’t start a flamewar here ;-) is, that the more exciting developments these days seem to be happening in the BSD world. Think of ZFS, PKG-NG, Jails etc:

The second reason for my shift in focus is I feel the BSD communities, especially the FreeBSD-based projects, are where the interesting developments are happening these days. Over in FreeBSD land we have efficient PBI bundles, a mature advanced file system in the form of ZFS, new friendly and powerful system installers, a new package manager (PKG-NG), a powerful jail manager and there will soon be new virtualization technology coming with the release of FreeBSD 10.0. Meanwhile, over in the Linux camp, I feel as though things have reached a plateau. We are seeing small improvements and an increase in polish.

New PC-BSD 10.0 test image available

Kris Moore, leader of the PC-BSD project, has just announced a new test image of the upcoming PC-BSD 10.0.

Some of the cool, new features included are:

  • Includes FreeBSD 10-STABLE / 10.0-BETA3 from 11/20/2013
  • Includes the Gnome3 / Mate / Cinnamon desktops, replacing Gnome2.
  • Updated installer options for text-mode, including ZFS options
  • Improved PBI support
  • Updated our Linux compatibility layer to Centos 6
  • Numerous bug-fixes

If you come across any bugs or issues, please let the team know.

Faces of FreeBSD – Reid Linnemann and Thomas Abthorpe

The FreeBSD Foundation has an interview with Reid Linnemann.

Each week we are sharing a story from someone involved in FreeBSD. This is our Faces of FreeBSD series. It may be a story from someone who’s received funding from us to work on development projects, run conferences, travel to conferences, or advocate for FreeBSD. But, it is always from someone who is making a positive difference in the FreeBSD world.

The Ports Management Team has an interview with Thomas Abthorpe, well, Tomas “interviews” Thomas.

BSD Now TV Episode 13: Bridging the Gap

A new BSD Now TV episode (Bridging the gap – episode 13) has been uploaded, featuring an interview with Jordan Hubbard, one of the founders of the FreeBSD project – and the one who invented ports!

Other topics discussed are:

  • Getting to know your portmgr
  • vBSDCon wrap-up compilation
  • Faces of FreeBSD
  • Dragonfly 3.6 released
  • Interview – Jordan Hubbard
  • News Roundup
  • pfSense 2.1 on AWS EC2
  • Puffy on the desktop
  • Two-factor authentication with SSH
  • PCBSD weekly digest
  • Feedback/Questions

rootbsd_banner1This post is sponsored by our partner RootBSD, an expert in BSD style web hosting : stable, secure, flexible and friendly.

FreeBSD Security Advisory: OpenSSH

FreeBSD Security AdvisortyThe FreeBSD Security Team has identified a memory corruption vulnerability in OpenSSH and has issued the following security advisory: FreeBSD-SA-13:14.openssh  (19/11/2013).

I. Background

OpenSSH is an implementation of the SSH protocol suite, providing an encrypted and authenticated transport for a variety of services, including remote shell access.

AES-GCM (Galois/Counter Mode) is a mode of operation for AES block cipher that combines the counter mode of encryption with the Galois mode of authentication which can offer throughput rates for state of the art, high speed communication channels.

OpenSSH supports the AES-GCM algorithm as specified in RFC 5647.

II. Problem Description

A memory corruption vulnerability exists in the post-authentication sshd process when an AES-GCM cipher (aes128-gcm@openssh.com or aes256-gcm@openssh.com) is selected during key exchange.

III. Impact

If exploited, this vulnerability might permit code execution with the privileges of the authenticated user, thereby allowing a malicious user with valid credentials to bypass shell or command restrictions placed on their account.

For a workaround and solution, check out the security advisory: FreeBSD-SA-13:14.openssh

FreeNAS 9.2.0-BETA is now available

The FreeNAS team has announced freenas-ixsystems-new-logothe availability of FreeNAS 9.2.0-BETA. As will be evident from the name tag, this version is for testing purposes only. Should you come across any issues, please get in touch with the team and file a bug report.

We have also made a number of enhancements to the UI and generally done our best to bring more polish to the FreeNAS system, both in usability and performance.  Those doing benchmarks against 9.1.1 and 9.2.0-BETA should notice some measurable improvements on any reasonably capable hardware.

Some of the changes are from the Release Notes for FreeNAS 9.2.0-BETA are:

  • Version 9.2-RELEASE of FreeBSD with performance improvements, bug fixes, and updated software packages.
  • The Kernel UMA allocator is now the default for ZFS. This results in higher ZFS performance.
  • Avahi (multicast DNS, aka Bonjour) registration of all services, include the web service, means you no longer need to have a head on the box to know its IP address, even for initial configuration. freenas.local is the default (or freenas-n.local, where n is the # of freenas.local machines already on the local network). This can be changed by changing the hostname.
  • The built-in admin user account is no longer used and the Admin Account removed. The first time the FreeNAS graphical interface is accessed, a pop-up menu will prompt for the root password. Subsequent logins to the graphical interface will require this password.
  • A complete REST API has been created for FreeNAS, allowing a FreeNAS instance to be controlled remotely.
  • The “Permit Sudo” field has been added to the add and edit screens for Users and Groups. A column in View Groups and View Users now indicates whether or not “Permit Sudo” has been set.
  • HTTP and HTTPS access to the FreeNAS graphical interface are no longer mutually exclusive. The fields “WebGUI HTTP Port” and “WebGUI HTTPS Port” have been added to System Settings -> General.
  • An “Edit” button has been added to the “Hostname” field of System Information to make the hostname easier to change.
  • The results from the latest ZFS scrub now appear in Volume Status.
  • Netatalk has been updated to version 3.1.0.
  • The AIO options have been removed from CIFS.
  • Fourteen TLS-related fields have been added to the Advanced Mode of FTP.
  • An “IPv4 Address” column has been added to the View Jails screen.
  • A shell button has been added to Jails, making it easy to access the command line of the selected jail.
  • A “Create directory” checkbox has been added to the Add Storage function of a jail so that the user does not have to first access the jail’s shell to make sure that the directory already exists. A “Read-Only” checkbox has also been added to this screen.
  • A jails templating system has been added, allowing the quick deployment of new jails from existing templates and the ability to create custom templates. Linux jail support has also been added and installation templates are included for Debian-7.1.0, Gentoo-20130820, Ubuntu-13.04, Centos-6.4, Fedora-19, and Suse-12.3.
  • A link to the online FreeBSD manual pages has been added to Help.
  • Added bxe(4) driver for Broadcom NetXtreme II Ethernet 10Gb PCIe adapter.
  • Added padlock(4) driver which provides cryptographic hardware acceleration for VIA C3, C7 and Eden processors.

FreeBSD Journal announced

The FreeBSD Foundation has announced that it will launch the FreeBSD Journal in January 2014. The Journal will be a bi-monthly publication and will be available on the web or as an Android/iPhone/Kindle app.

We are preparing the debut our new online magazine, the FreeBSD Journal. We created high-quality brochures to teach people about FreeBSD. We also visited companies to help facilitate collaboration efforts with the Project.

The first issue will be focusing on (the then released) FreeBSD 10, the ZFS file system, the ARM Beaglebone Black on FreeBSD, the Clang compiler, and many other interesting subjects

It’s great to see the FreeBSD Foundation funding a purely FreeBSD focused magazine, and I’m sure the high quality content will make more companies move over to this rock solid operating system.

freebsd_journal_promo