📌 Core Differences You Should Know
| Feature | Linux | OpenBSD |
|---|
| Init system | systemd/sysvinit | BSD init (/etc/rc) |
| Package manager | apt, yum, dnf, pacman | pkg_add, pkg_delete |
| Services | systemctl, /etc/init.d | rcctl, /etc/rc.conf.local |
| Configuration files | Often scattered | Clean, in /etc |
| Kernel modules | Dynamic (modprobe) | Mostly compiled in |
| Networking | ip, ifconfig, netplan | ifconfig, hostname.if |
| Logs | /var/log | /var/log, syslogd |
🚀 Installation & First Boot
# Start OpenBSD installation (from ISO)
boot> bsd.rd
Follow the interactive install script:
- Choose disk layout (use entire disk or custom)
- Set hostname (ex:
server1)
- Choose sets to install (default is good)
🗃️ Package Management
# Start OpenBSD installation (from ISO)
boot> bsd.rd
🖥️ System Info & Monitoring
# Update package repository
export PKG_PATH=https://cdn.openbsd.org/pub/OpenBSD/$(uname -r)/packages/$(machine -a)/
# Install package
pkg_add vim htop nginx
# Search for package
pkg_info -Q nginx
# Remove package
pkg_delete nginx
# Upgrade all packages
pkg_add -u
⚙️ Service Management
# Enable service at boot
rcctl enable nginx
# Disable service
rcctl disable nginx
# Start/stop/restart service
rcctl start nginx
rcctl stop nginx
rcctl restart nginx
# Check service status
rcctl check sshd
🌐 Networking
Interfaces & IP Setup
# List interfaces
ifconfig
# Configure network manually
ifconfig em0 inet 192.168.1.100 netmask 255.255.255.0
# Set hostname and IP (persist)
echo "inet 192.168.1.100 255.255.255.0" > /etc/hostname.em0
echo "inet 192.168.1.1" > /etc/mygate
echo "nameserver 8.8.8.8" > /etc/resolv.conf
# Restart network
sh /etc/netstart
🔒 Firewall with PF (Packet Filter)
# Default config file
/etc/pf.conf
# Enable PF
pfctl -e
# Check status
pfctl -s all
# Reload config
pfctl -f /etc/pf.conf
# Simple pf.conf example:
block in all
pass out all keep state
👮♂️ User & Group Management
# Add user
useradd -m -G wheel -s /bin/ksh admin
# Set password
passwd admin
# Modify user
usermod -G wheel admin
# Delete user
userdel -r admin
# Add group
groupadd devops
🔐 SSH & Security
# Enable SSH
rcctl enable sshd
rcctl start sshd
# Change port or disable root login
vi /etc/ssh/sshd_config
Port 2222
PermitRootLogin no
# Apply changes
rcctl restart sshd
# Create authorized_keys
mkdir ~/.ssh && chmod 700 ~/.ssh
echo "<public_key>" > ~/.ssh/authorized_keys && chmod 600 ~/.ssh/authorized_keys
💾 Filesystem & Mounting
# Mount manually
mount /dev/sd1a /mnt
# View mounted filesystems
mount
# fstab location
/etc/fstab
# New disk formatting (example)
fdisk -iy sd1
disklabel -E sd1
newfs /dev/sd1a
🕸️ Web Server (httpd or nginx)
OpenBSD httpd (default)
vi /etc/httpd.conf
server "default" {
listen on * port 80
root "/htdocs"
}
rcctl enable httpd
rcctl start httpd
Nginx (via packages)
pkg_add nginx
rcctl enable nginx
rcctl start nginx
🛠️ Crontab & Scheduled Tasks
# Edit user crontab
crontab -e
# View all cron jobs
crontab -l
# Global cron file
/etc/crontab
# Example:
0 2 * * * /usr/local/bin/backup.sh
🧰 Handy Tools to Install
pkg_add vim htop git bash sudo wget curl rsync unzip tmux
# Set default shell
chsh -s /usr/local/bin/bash
🔄 System Updates
# Upgrade OS
sysupgrade
# Update packages after upgrade
pkg_add -u
📎 OpenBSD Directory Structure (Key Paths)
| Path | Purpose |
|---|
/etc | Config files |
/var/log | System logs |
/etc/rc.conf.local | Custom service enable/disable |
/etc/pf.conf | Packet Filter config |
/etc/httpd.conf | OpenBSD httpd config |
/home | User home directories |
🛑 Gotchas for Linux Users
- No
systemctl: use rcctl.
- No dynamic kernel modules: compile-time only.
- Filesystem is strict: default is
ffs, not ext4.
sudo not installed by default — use doas.
✅ Bonus: Configure doas (sudo alternative)
# Install doas (default in OpenBSD)
vi /etc/doas.conf
# Add rule:
permit persist :wheel
# Test
doas ls /root
📚 Resources
