Posted on by remy

Installing OpenBSD 6.5

Let’s go!

I will run thru the installation process and point out the choices I made: Defaults answers are shown in []’s and are selected by pressing RETURN

(I)nstall, (U)pgrade, (A)utoinstall or (S)hell? I
Choose your keyboard layout ('?' or 'L' for list) [default]
System hostname? (short form, e.g. 'foo') hostname
Which network intercae do you wish to configure? (or 'done') [vio0]
IPv4 address for vio0? (or 'dhcp' or 'none) [dhcp]
IPv6 address for vio0? (or 'autoconf' or 'none') [none] autoconf
Which network intercae do you wish to configure? (or 'done') [done]
DNS domain name? (e.g. 'example.com') [my.domain] foo.com

Password for root account? (will not echo)
Password for root account? (again)
Start sshd(8) by default? [yes]
Do you expect to run the X window System? [yes] no
Setup a user? (enter a lower-case loginname, or 'no) [no] username
Full name for user username? [username]
Password for user username? (will not echo)
Password for user username? (again)
Allow root ssh login? (yes, no, prohibit-password) [no]
What timezone are you in? ('?' for list) [Europe/Amsterdam]
Which disk is the root disk? ('?' for details) [sd0]
Use (W)hole disk MBR, whole disk (G)PT or (E)dit? [whole]
User (A)auto layout, (E)dit auto layout or create (C)ustom layout? [a] a

(I noticed that the /var partition is only getting 5G and /home is getting 22G. I rather have a much bigger /var directory: 25G and a much smaller /home of 2G, but at the moment I am not really familiar with the editor I get, so I’m hoping to alter this after installation, or read into it and do it at a next installation.

Let's install the sets!
Location of sets? (disk http or 'done') [http]
HTTP proxy URL? (e.g. 'http://proxy:8080', or 'none') [none]
HTTP Server? (hostname, list#, 'done' or '?') [?]

Choose the nearest mirror from the list:

HTTP Server? (hostname, list#, 'done' or '?') [?] 32
HTTP Server? (hostname, list#, 'done' or '?') [ftp.nluug.nl]
Server directory? [pub/OpenBSD/6.5/amd64]
Set name(s)? (or 'abort' or 'done') [done] -game*
Set name(s)? (or 'abort' or 'done') [done]
...
Location of sets? (disk http or 'done') [done]
...
Ready!!! Let’s reboot!

So installing OpenBSD is a rather straight forward process. The most important thing is to disallow root access over ssh. Let’s now dive into hardening this OpenBSD install.