OpenBSD

[10] OpenBSD supports a variety of system architectures including x86-64, IA-32, ARM, PowerPC, and 64-bit RISC-V. Its default GUI is the X11 interface.

Several proprietary systems are based on OpenBSD, including devices from Armorlogic (Profense web application firewall), Calyptix Security,[19] GeNUA,[20] RTMX,[21] and .vantronix.

[34] The project also includes three window managers in the main distribution: cwm, FVWM (part of the default configuration for Xenocara), and twm.

Developers have applied these enhancements to OpenBSD versions of many common applications, such as tcpdump, file, tmux, smtpd, and syslogd.

[49] The project has a policy of continually auditing source code for problems, work that developer Marc Espie has described as "never finished ... more a question of process than of a specific bug being hunted."

He went on to list several typical steps once a bug is found, including examining the entire source tree for the same and similar issues, "try[ing] to find out whether the documentation ought to be amended", and investigating whether "it's possible to augment the compiler to warn against this specific problem.

[54] Also, because the ports tree contains unaudited third-party software, it is easy for users to compromise security by installing or improperly configuring packages.

De Raadt made the email public on 14 December by forwarding it to the openbsd-tech mailing list and suggested an audit of the IPsec codebase.

"[60] In December 2017, Ilja van Sprundel, director at IOActive, gave a talk at the CCC[61] as well as DEF CON,[62] entitled "Are all BSDs created equally?

OpenBSD runs nearly all of its standard daemons within chroot and privsep security structures by default, as part of hardening the base system.

[80] In 2017, Isotop,[81] a French project aiming to adapt OpenBSD to desktops and laptops, using xfce then dwm, started to be developed.

[82] OpenBSD includes a number of third-party components, many with OpenBSD-specific patches,[34] such as X.Org, Clang[83] (the default compiler on several architectures), GCC,[43][note 3] Perl, NSD, Unbound, ncurses, GNU binutils, GDB, and AWK.

[86] Alternatively, a system administrator may opt to upgrade to the next snapshot release using sysupgrade, or by using the -current branch of the CVS repository, in order to gain pre-release access to recently added features.

OpenBSD's developers regularly meet at special events called hackathons,[88] where they "sit down and code", emphasizing productivity.

[93] Chuck Cranor[94] and De Raadt concluded this practice was "counter to the open source philosophy" and inconvenient to potential contributors.

De Raadt's decision allowed users to "take a more active role", and established the project's commitment to open access.

[93] OpenBSD is notable for its continued use of CVS (more precisely an unreleased, OpenBSD-managed fork named OpenCVS), when most other projects that used it have migrated to other systems.

[96] According to the GNU Project, OpenBSD includes small "blobs" of proprietary object code as device firmware.

[97] Since OpenBSD is based in Canada, no United States export restrictions on cryptography apply, allowing the distribution to make full use of modern algorithms for encryption.

To ensure that all licenses were properly adhered to, an attempt was made to contact all the relevant copyright holders: some pieces of code were removed, many were replaced, and others, such as the multicast routing tools mrinfo and map-mbone, were relicensed so that OpenBSD could continue to use them.

It also serves as a legal safeguard over other projects which are affiliated with OpenBSD, including OpenSSH, OpenBGPD, OpenNTPD, OpenCVS, OpenSMTPD and LibreSSL.

[118] Since 2014, several large contributions to the OpenBSD Foundation have come from corporations such as Microsoft,[119] Facebook, and Google as well as the Core Infrastructure Initiative.

[120] In 2015, Microsoft became the foundation's first gold level contributor[121] donating between $25,000-50,000 to support development of OpenSSH, which had been integrated into PowerShell in July, and later into Windows Server in 2018.

[124][125] OpenBSD is freely available in various ways: the source can be retrieved by anonymous CVS,[126] and binary releases and development snapshots can be downloaded by FTP, HTTP, and rsync.

[127] Prepackaged CD-ROM sets through version 6.0 can be ordered online for a small fee, complete with an assortment of stickers and a copy of the release's theme song.

[130] Subsequent releases used variations such as a police daemon by Ty Semaka,[131] but eventually settled on a pufferfish named Puffy.

[145] E-Railed (OpenBSD Mix),[146] a techno track performed by the release mascot Puff Daddy, the famed rapper and political icon.

An unusual blend of both hip-hop and medieval-style music, a parody of the tale of Robin Hood intended to express OpenBSD's attitude to free speech.

A parody of the Fish Licence skit and Eric the Half-a-Bee Song by Monty Python, with an anti-software patents message.

The song was styled after the works of Johnny Cash, a parody of the Spaghetti Western and Clint Eastwood and inspired by liberal license enforcement.

Bar chart showing the proportion of users of each BSD variant from a 2005 BSD usage survey of 4330 users. [ 15 ] [ note 1 ]
OpenBSD console login and its messages
OpenBSD developers at c2k1 hackathon at MIT , June 2001
OpenBSD hackathon s2k17