Posts

If you arrived here, it’s because you are tired of script kiddies attempting to brute force your server with sshd and polluting its logs. The good news is that NetBSD has preinstalled a solution to deal with such situations that is more convenient than the famous fail2ban: the blocklistd. The blocklistd is a deamon that has only one life purpose: monitor the number of failed connection attempt with some system service. After a defined threshold of failures, it will block the connection for a predefined time, for example, 6 hours. ...

Supposing you want to host a static pages site or your blog generated with Hugo on bozotic, but need a certificate for HTTPS, given that HTTP is almost dead and buried, here a tutorial on how to do it on NetBSD. First, install acmesh with pkgin: pkgin install acmesh After that, the command acme.sh will be available. Do all of the following as root (su root). Subscribe to Let’s Encrypt using the client, only a email is necessary: ...

Who deals with embedded Linux already had the situation where there’s the need to inspect the contents of a system that executes from RAM. Usually, it exists only compressed as a single file at a boot folder, or is thrown around at an EFI partition or /boot formatted using FAS16/32, like on a RaspberryPi. The command for that is simple, with the initramfs on this example being called rootfs.cpio.zst: zstdcat rootfs.cpio.zst | cpio -idmv That’s it. Since it isn’t really a file system, there’s no need to mount it. It will expand all their root tree contents inside the folder that you called the command, ready to be inspected.

If do you use applications like mdnds on NetBSD on a simple OrangePi Zero, soon will take notice that it will fill the RAM, even if not used for anything. One solution is to activate the good and old swap, who is disabled by default on a OrangePi Zero NetBSD image. As root, do the following commands to create a swapfile with 2Gb. Febronia# dd if=/dev/zero of=/swapfile bs=1m count=2048 Febronia# chmod 600 /swapfile Febronia# swapctl -a -p 0 /swapfile Febronia# echo "/swapfile none swap sw,priority=0 0 0" >> /etc/fstab And that’s it. I should already show on “top” and on /proc/meminfo.

Do you have a dynamic IP connection and your domain service has DDNS? Possible, it also accept DDClient to update your A or AAAA records with your dynamic IP. Unfortunately, of the time of this article, the DDClint at NetBSD repositories only accept IPv4. Thus if you need IPv6, you got a problem. Below, there’s the procedure to install the current version from GitHub on a NetBSD system. First, supposing that you still don’t have installed pkgin to make use of binary packages on NetBSD beyond pkgsrc, who is a overkill just to install a single small application, configure it: ...

Do you know that NetBSD has a simple web server pre-installed called Bozotic? It is very simple, so simple that it can be configured with just a single command line, and quite useful to serve file lists or static web pages. Like this blog. Supposing that you has a valid domain certificate, be using let’s encrypt of something else, who creating and validating is beyond the scope of this tutorial, all that needs to be done is: ...

One of the most irrational things on Linux, when they don’t have to deal with Windows, it why use SAMBA/CIFS. It’s cumbersome to configure, and don’t feel at home on Linux at all. And there’s NFS, that unfortunately ins’t much better at the simplicity aspect (if you use authentication), and actually, can be even worse if you use some exotic distribution without the required kernel modules. But there’s something that all slightly more advanced users has on his file server that usually is shipped by default: SSH. ...

Without further ado, NetBSD 9.2 can’t use the onboard OrangePi Zero wifi adapter. This doesn’t mean much of a deal, given that Linux in practice can’t as well, at least without a quite poor out-of-tree driver. Thus, everything below although done on an OrangePi Zero, it’s valid to say that it is valid to any device running NetBSD 9.2 with a recognized wifi adapter. It will be used the DLink N300 Nano / DWA-131 adapter, one of the cheapest that is possible to get. This adapter is plug and play on NetBSD 9.2, not requiring manual loading of modules. It will show on “ifconfig” only as urtwn0: ...

So, you acquired a OrangePi? Time to make it work with something that is not Linux for… reasons. Not my concern. I know my reasons, it was simple will to use something different from the OS that I use to work for years. And that should be compiled from sources, since going to http://www.armbsd.org/arm/ is too easy. You must learn how its done, maybe it will be useful someday. Without further ado, let’s go. ...