Released May 1, 2014 Copyright 1997-2014, Theo de Raadt. ISBN 978-0-9881561-3-5 5.5 Song: "Wrap in Time"
All applicable copyrights and credits are in the src.tar.gz,
sys.tar.gz, xenocara.tar.gz, ports.tar.gz files, or in the
files fetched via |
This is a partial list of new features and systems included in OpenBSD 5.5. For a comprehensive list, see the changelog leading to 5.5.
AcceptEnv
pattern with a wildcard. OpenSSH prior to 6.6 could
be tricked into accepting any environment variable that contains the
characters before the wildcard character.
-o
ssh-keygen(1)
option. We intend to make the new format the default in the near
future. Details of the new format are in the PROTOCOL.key
file.
PROTOCOL.chacha20poly1305
file.
Match
keyword that allows conditional configuration to be
applied by matching on hostname, user and result of
arbitrary commands.
known_hosts
or checking host certificate names.
PermitTTY
to disallow TTY allocation, mirroring the
longstanding no-pty
authorized_keys
option.
ProxyUseFDPass
option that supports the use of
ProxyCommands
that establish a connection and then pass a
connected file descriptor back to
ssh(1).
This allows the ProxyCommand
to exit rather than staying
around to transfer data.
Match
blocks, skip 'exec
' clauses
other clauses predicates failed to match.
Host
'
and 'Match
' directives that use the expanded hostname a chance
to be applied.
BindAddress
work with UsePrivilegedPort
.
(bz#1211)
AuthorizedKeysCommand
inside a Match
block.
(bz#2161)
GatewayPorts
setting. (bz#1297)
Connection from ...
" message.
(only shown at loglevel>=verbose)
getsockname failed: Bad file descriptor
" in
ssh -W
. (bz#2200, debian#738692)
Match
blocks. (bz#2184)
UsePrivilegedPort=yes
when
BindAddress
is not specified.
Host
' directives in
ssh_config(5)
files to be case-insensitive again. (regression in 6.5)
Following this are the instructions which you would have on a piece of paper if you had purchased a CDROM set instead of doing an alternate form of install. The instructions for doing an FTP (or other style of) install are very similar; the CDROM instructions are left intact so that you can see how much easier it would have been if you had purchased a CDROM instead.
Quick installer information for people familiar with OpenBSD, and the use of the "disklabel -E" command. If you are at all confused when installing OpenBSD, read the relevant INSTALL.* file as listed above!
Play with your BIOS options to enable booting from a CD. The OpenBSD/i386 release is on CD1. If your BIOS does not support booting from CD, you will need to create a boot floppy to install from. To create a boot floppy write CD1:5.5/i386/floppy55.fs to a floppy and boot via the floppy drive.
Use CD1:5.5/i386/floppyB55.fs instead for greater SCSI controller support, or CD1:5.5/i386/floppyC55.fs for better laptop support.
If your machine can boot from USB, you can write install55.fs or miniroot55.fs to a USB stick and boot from it.
If you can't boot from a CD, floppy disk, or USB, you can install across the network using PXE as described in the included INSTALL.i386 document.
If you are planning on dual booting OpenBSD with another OS, you will need to read INSTALL.i386.
To make a boot floppy under MS-DOS, use the "rawrite" utility located at CD1:5.5/tools/rawrite.exe. To make the boot floppy under a Unix OS, use the dd(1) utility. The following is an example usage of dd(1), where the device could be "floppy", "rfd0c", or "rfd0a".
# dd if=<file> of=/dev/<device> bs=32k
Make sure you use properly formatted perfect floppies with NO BAD BLOCKS or your install will most likely fail. For more information on creating a boot floppy and installing OpenBSD/i386 please refer to this page.
The 5.5 release of OpenBSD/amd64 is located on CD2. Boot from the CD to begin the install - you may need to adjust your BIOS options first. If you can't boot from the CD, you can create a boot floppy to install from. To do this, write CD2:5.5/amd64/floppy55.fs to a floppy, then boot from the floppy drive.
If your machine can boot from USB, you can write install55.fs or miniroot55.fs to a USB stick and boot from it.
If you can't boot from a CD, floppy disk, or USB, you can install across the network using PXE as described in the included INSTALL.amd64 document.
If you are planning to dual boot OpenBSD with another OS, you will need to read INSTALL.amd64.
Burn the image from the FTP site to a CDROM, and power on your machine while holding down the C key until the display turns on and shows OpenBSD/macppc boot.
Alternatively, at the Open Firmware prompt, enter boot cd:,ofwboot /5.5/macppc/bsd.rd
Put CD3 in your CDROM drive and type boot cdrom.
If this doesn't work, or if you don't have a CDROM drive, you can write CD3:5.5/sparc64/floppy55.fs or CD3:5.5/sparc64/floppyB55.fs (depending on your machine) to a floppy and boot it with boot floppy. Refer to INSTALL.sparc64 for details.
Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install will most likely fail.
You can also write CD3:5.5/sparc64/miniroot55.fs to the swap partition on the disk and boot with boot disk:b.
If nothing works, you can boot over the network as described in INSTALL.sparc64.
Write 5.5/alpha/floppy55.fs or 5.5/alpha/floppyB55.fs (depending on your machine) to a diskette and enter boot dva0. Refer to INSTALL.alpha for more details.
Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install will most likely fail.
After connecting a serial port, Thecus can boot directly from the network either tftp or http. Configure the network using fconfig, reset, then load bsd.rd, see INSTALL.armish for specific details. IOData HDL-G can only boot from an EXT-2 partition. Boot into linux and copy 'boot' and bsd.rd into the first partition on wd0 (hda1) then load and run bsd.rd, preserving the wd0i (hda1) ext2fs partition. More details are available in INSTALL.armish.
Boot over the network by following the instructions in INSTALL.hp300.
Boot over the network by following the instructions in INSTALL.hppa or the hppa platform page.
Write miniroot55.fs to the start of the CF or disk, and boot normally.
Write miniroot55.fs to a USB stick and boot bsd.rd from it or boot bsd.rd via tftp. Refer to the instructions in INSTALL.loongson for more details.
Copy 'boot' and 'bsd.rd' to a Mach or UniOS partition, and boot the bootloader from the PROM, and the bsd.rd from the bootloader. Refer to the instructions in INSTALL.luna88k for more details.
You can create a bootable installation tape or boot over the network.
The network boot requires a MVME68K BUG version that supports the NIOT
and NBO debugger commands. Follow the instructions in INSTALL.mvme68k
for more details.
You can create a bootable installation tape or boot over the network.
The network boot requires a MVME88K BUG version that supports the NIOT
and NBO debugger commands. Follow the instructions in INSTALL.mvme88k
for more details.
After connecting a serial port, boot bsd.rd over the network via DHCP/tftp. Refer to the instructions in INSTALL.octeon for more details.
To install, burn cd55.iso on a CD-R, put it in the CD drive of your machine and select Install System Software from the System Maintenance menu. Indigo/Indy/Indigo2 (R4000) systems will not boot automatically from CD-ROM, and need a proper invocation from the PROM prompt. Refer to the instructions in INSTALL.sgi for more details.
If your machine doesn't have a CD drive, you can setup a DHCP/tftp network server, and boot using "bootp()/bsd.rd.IP##" using the kernel matching your system type. Refer to the instructions in INSTALL.sgi for more details.
After connecting a serial port, boot over the network via DHCP/tftp. Refer to the instructions in INSTALL.socppc for more details.
Boot from one of the provided install ISO images, using one of the two commands listed below, depending on the version of your ROM.
ok boot cdrom 5.5/sparc/bsd.rd or > b sd(0,6,0)5.5/sparc/bsd.rd
If your SPARC system does not have a CD drive, you can alternatively boot from floppy. To do so you need to write floppy55.fs to a floppy. For more information see this page. To boot from the floppy use one of the two commands listed below, depending on the version of your ROM.
ok boot floppy or > b fd()
Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install will most likely fail.
If your SPARC system doesn't have a floppy drive nor a CD drive, you can either setup a bootable tape, or install via network, as told in the INSTALL.sparc file.
Boot over the network via mopbooting as described in INSTALL.vax.
Using the Linux built-in graphical ipkg installer, install the openbsd55_arm.ipk package. Reboot, then run it. Read INSTALL.zaurus for a few important details.
src.tar.gz
contains a source archive starting at /usr/src
.
This file contains everything you need except for the kernel sources, which are
in a separate archive. To extract:
# mkdir -p /usr/src # cd /usr/src # tar xvfz /tmp/src.tar.gz
sys.tar.gz
contains a source archive starting at /usr/src/sys
.
This file contains all the kernel sources you need to rebuild kernels.
To extract:
# mkdir -p /usr/src/sys # cd /usr/src # tar xvfz /tmp/sys.tar.gz
Both of these trees are a regular CVS checkout. Using these trees it is possible to get a head-start on using the anoncvs servers as described here. Using these files results in a much faster initial CVS update than you could expect from a fresh checkout of the full OpenBSD source tree.
If you already have an OpenBSD 5.4 system, and do not want to reinstall, upgrade instructions and advice can be found in the Upgrade Guide.
A ports tree archive is also provided. To extract:
# cd /usr # tar xvfz /tmp/ports.tar.gz
The ports/ subdirectory is a checkout of the OpenBSD ports tree. Go read the ports page if you know nothing about ports at this point. This text is not a manual of how to use ports. Rather, it is a set of notes meant to kickstart the user on the OpenBSD ports system.
The ports/ directory represents a CVS (see the manpage for cvs(1) if you aren't familiar with CVS) checkout of our ports. As with our complete source tree, our ports tree is available via AnonCVS. So, in order to keep current with it, you must make the ports/ tree available on a read-write medium and update the tree with a command like:
# cd /usr/ports # cvs -d anoncvs@server.openbsd.org:/cvs update -Pd -rOPENBSD_5_5
[Of course, you must replace the server name here with a nearby anoncvs server.]
Note that most ports are available as packages on our mirrors. Updated packages for the 5.5 release will be made available if problems arise.
If you're interested in seeing a port added, would like to help out, or just would like to know more, the mailing list ports@openbsd.org is a good place to know.