I run an OpenBSD instance with encrypted root on Vultr VPS since v6.2. It has never been reinstalled. I only used the OpenBSD native upgrade methods. Using 6.5, I used sysupgrade(8). And it went as smooth as expected.Continue reading...
The other day, I stumbled upon NomadBSD ; a live system for USB drives. I don’t use FreeBSD… but I liked to look of that “(…) desktop system that works out of the box (…)”. So I decided to give a little make up to my already-running-out-of-the-box OpenBSD.Continue reading...
When for some reasons, the Let’s Encrypt certificate has not be renewed on your Synology and those bloody stupid Web browsers won’t let you connect to the DSM for “Security Reasons”, you can still count on SSH to solve the problem.Continue reading...
I own a server at Online.net which now runs VMware ESXi free edition. The thing is VMs have to access the Wild Wild Web and provide public services while still being protected. So let’s configure OpenBSD to do so.Continue reading...
My ESXi is provided by Online.net and accessible from Internet. Reading the VMware documentation, one can see:
ESXi includes a firewall that is enabled by default.
At installation time, the ESXi firewall is configured to block incoming and outgoing traffic, except traffic for services that are enabled in the host’s security profile.
But the default security profile is way too loose! So here’s how to harden it a bit.Continue reading...