This is an old revision of the document!
..:: Notes on OpenBSD ::..
below are my notes on OpenBSD and various configs
i like OpenBSD, and use it where i can, its simple (good and bad), secure out the box, well documented and easy to learn.
there are some things it doesn't do as well. and some apps are not compatible. buts thats ok.
i like that many funcitons/features/apps are baked in, and yet remains light and simple.
the file structure and service management are common sense too.
post install:
create user, add to wheel, operator, staff with #usermod -G wheel operator staff my-user-name
add to staff login group with #usermod -L staff my-user-name
config /etc/doas.conf
with “permit persist keepenv :wheel”
secure ssh server /etc/ssh/sshd_config
by forcing ed22159 host keys, key-auth and disable root-password
patch os #syspatch, and packages #pkg_add -u
firewall config appropriate for host in /etc/pf.conf
normally blocking all , allowing sshd and web with connection thresholds and overflows
if web server, config httpd, acme-client, and php