INSTALLATION NOTES for OpenBSD/alpha 6.7 What is OpenBSD? ---------------- OpenBSD is a fully functional, multi-platform UN*X-like Operating System based on Berkeley Networking Release 2 (Net/2) and 4.4BSD-Lite. There are several operating systems in this family, but OpenBSD differentiates itself by putting security and correctness first. The OpenBSD team strives to achieve what is called a "secure by default" status. This means that an OpenBSD user should feel safe that their newly installed machine will not be compromised. This "secure by default" goal is achieved by taking a proactive stance on security. Since security flaws are essentially mistakes in design or implement- ation, the OpenBSD team puts as much importance on finding and fixing existing design flaws and implementation bugs as it does writing new code. This means that an OpenBSD system will not only be more secure, but it will be more stable. The source code for all critical system components has been checked for remote-access, local-access, denial- of-service, data destruction, and information-gathering problems. In addition to bug fixing, OpenBSD has integrated strong cryptography into the base system. A fully functional IPsec implementation is provided as well as support for common protocols such as SSL and SSH. Network filtering and monitoring tools such as packet filtering, NAT, and bridging are also standard, as well as several routing services, such as BGP and OSPF. For high performance demands, support for hardware cryptography has also been added to the base system. Because security is often seen as a tradeoff with usability, OpenBSD provides as many security options as possible to allow the user to enjoy secure computing without feeling burdened by it. Because OpenBSD is from Canada, the export of Cryptography pieces (such as OpenSSH and IPsec) to the world is not restricted. (NOTE: OpenBSD can not be re-exported from the US once it has entered the US. Because of this, take care NOT to get the distribution from a mirror server in the US if you are outside of Canada and the US.) A list of software and ideas developed by the OpenBSD project is available on the web at https://www.OpenBSD.org/innovations.html. A comprehensive list of the improvements brought by the 6.7 release is also available at https://www.OpenBSD.org/67.html. OpenBSD/alpha runs on a broad range of Alpha processor-based machines, including workstations manufactured by Digital (then Compaq, now HP), as well as OEM motherboards designed by Samsung and Alpha Processor, Inc. Sources of OpenBSD: ------------------- Please refer to https://www.openbsd.org/ftp.html for all the ways you may acquire OpenBSD. OpenBSD 6.7 Release Contents: ----------------------------- The OpenBSD 6.7 release is organized in the following way. In the .../6.7 directory, for each of the architectures having an OpenBSD 6.7 binary distribution, there is a sub-directory. The alpha-specific portion of the OpenBSD 6.7 release is found in the "alpha" subdirectory of the distribution. That subdirectory is laid out as follows: .../6.7/alpha/ INSTALL.alpha Installation notes; this file. SHA256 Output of the cksum(1) program using the option -a sha256, usable for verification of the correctness of downloaded files. SHA256.sig The above file, signed with the OpenBSD signing key for the 6.7 release, usable for verification of the integrity of the above file, and thus of the downloaded files. miniroot67.fs A miniroot filesystem image to be used if you for some reason can't or don't want to use the ramdisk installation method. It can be copied to the swap partition of an existing disk to allow installing or upgrading to OpenBSD 6.7. *.tgz alpha binary distribution sets; see below. bsd A stock GENERIC alpha kernel which will be installed on your system during the install. bsd.mp A stock GENERIC.MP alpha kernel, with support for multiprocessor machines, which can be used instead of the GENERIC kernel after the install. bsd.rd A compressed RAMDISK kernel; the embedded filesystem contains the installation tools. Used for simple installation from a pre-existing system. install67.iso The alpha boot and installation CD-ROM image, which contains the base and X sets, so that install or upgrade can be done without network connectivity. cd67.iso A simple bootable filesystem image consisting of the bsd.rd installation kernel, suitable to be used as a bootable CD-ROM image, but will require the base and X sets be found via another media or network. bootxx, boot The OpenBSD/alpha first and second-level boot loader; useful to update your boot loader if you want to reinstall from an old OpenBSD setup but the existing boot loader is too old to load bsd.rd correctly. netboot The OpenBSD/alpha network boot loader, for bootp or dhcpd protocols. netboot.mop The OpenBSD/alpha network boot loader, for MOP protocol. The OpenBSD/alpha binary distribution sets contain the binaries which comprise the OpenBSD 6.7 release for alpha systems. There are eight binary distribution sets. The binary distribution sets can be found in the "alpha" subdirectory of the OpenBSD 6.7 distribution tree, and are as follows: base67 The OpenBSD/alpha 6.7 base binary distribution. You MUST install this distribution set. It contains the base OpenBSD utilities that are necessary for the system to run and be minimally functional. It includes shared library support, and excludes everything described below. [ 96.9 MB gzipped, 232.8 MB uncompressed ] comp67 The OpenBSD/alpha Compiler tools. All of the tools relating to C, C++ and Objective-C are supported. This set includes the system include files (/usr/include), the linker, the compiler tool chain, and the various system libraries (except the shared libraries, which are included as part of the base set). This set also includes the manual pages for all of the utilities it contains, as well as the system call and library manual pages. [ 48.1 MB gzipped, 186.3 MB uncompressed ] game67 This set includes the games and their manual pages. [ 2.7 MB gzipped, 6.8 MB uncompressed ] man67 This set includes all of the manual pages for the binaries and other software contained in the base set. Note that it does not include any of the manual pages that are included in the other sets. [ 6.9 MB gzipped, 29.9 MB uncompressed ] xbase67 This set includes the base X distribution. This includes programs, headers and libraries. [ 18.2 MB gzipped, 68.2 MB uncompressed ] xfont67 This set includes all of the X fonts. [ 38.4 MB gzipped, 56.6 MB uncompressed ] xserv67 This set includes all of the X servers. [ 7.0 MB gzipped, 24.1 MB uncompressed ] xshare67 This set includes all text files equivalent between all architectures. [ 4.3 MB gzipped, 28.8 MB uncompressed ] OpenBSD System Requirements and Supported Devices: -------------------------------------------------- OpenBSD/alpha 6.7 is expected to run on the following hardware. If you have hardware that is listed here and are unable to run OpenBSD, or if you are able to run OpenBSD on hardware not listed here, please send mail to with as much information as possible. Supported hardware: DS15, DS15A, DS25, ES45, TS15 and TS202C Supported devices: Built-in serial and parallel ports. Built-in Ethernet. Built-in SCSI. Built-in IDE controller. Most PCI devices (see below). Unsupported devices: Floppy drive. XP900, XP1000, CS20, DS10, DS20, DS20L, ES40, 264DP, and other EV6 machines using the Tsunami chipset Supported devices: Built-in serial and parallel ports. Built-in DEC21143 Ethernet. Built-in ISP SCSI. Built-in IDE controller. Built-in USB should work, but has not been thoroughly tested. Most PCI devices (see below). Some ISA devices (see below). Unsupported devices: Floppy drive. ISA devices that require DMA operation. API UP1000, UP1100, UP2000, and UP2000+ and other EV6 machines using the Irongate chipset Supported devices: Built-in serial and parallel ports. Built-in DEC21040 Ethernet. Built-in IDE controller works, though there may be stability issues. Unsupported devices: Floppy drive. ISA devices that require DMA operation. Digital Personal Workstation (Miata) Supported devices: Built-in serial and parallel ports. Built-in DEC21043 Ethernet. Built-in ISP SCSI, when present (i.e. on ``au'' models). Built-in IDE controller. Most PCI devices (see below). Some ISA devices (see below). Unsupported devices: Floppy drive. Built-in audio. ISA devices that require DMA operation. EB164 based machines (including PC164, 164SX, 164LX, but NOT the 164UX) Supported devices: Built-in serial and parallel ports. Built-in PCIIDE controller, when present. PCI graphics card (TGA or VGA compatible). Most PCI devices (see below). Some ISA devices (see below). Unsupported devices: Floppy drive. ISA IDE controller on the EB164. ISA devices that require DMA operation. AlphaStation 600A and 1200 AlphaServer 800 (also known as Digital Server 3300 and 3305), 1000, 1000A AlphaServer 1200, 4000 and 4100 Supported devices: Built-in serial and parallel ports. Built-in DEC21040 Ethernet. Built-in ISP SCSI. PCI graphics card (TGA or VGA compatible). Most PCI devices (see below). Some ISA and EISA devices (see below). Unsupported devices: Floppy drive. Built-in audio. ISA and EISA devices that require DMA operation. AlphaServer 300 and 400, and AlphaStation 200, 250, 255 and 400 Supported devices: Built-in serial and parallel ports. Built-in DEC21040 Ethernet. Built-in ISP SCSI. PCI graphics card (TGA or VGA compatible). Most PCI devices (see below). Some ISA devices (see below). Unsupported devices: Floppy drive. Built-in audio. ISA devices that require DMA operation. AlphaStation 500 and 600 Supported devices: Built-in serial and parallel ports. Built-in DEC21040 Ethernet. Built-in ISP SCSI. PCI graphics card (TGA or VGA compatible). Most PCI devices (see below). Some ISA and EISA devices (see below). Unsupported devices: Floppy drive. Built-in audio. ISA and EISA devices that require DMA operation. AXPpci based machines (including ``Noname'', UDB, Multia) Supported devices: Built-in serial and parallel ports. Built-in DEC21040 Ethernet. Built-in 53C810 SCSI (siop). Built-in IDE controller. (will not boot from IDE, though) PCI graphics card (TGA or VGA compatible). Most PCI devices (see below). Some ISA devices (see below). Unsupported devices: Floppy drive. ISA devices that require DMA operation. DEC 3000 models 300{,L,X,LX} Supported devices: Built-in serial ports. Built-in LANCE Ethernet. Built-in SCSI (53C94). TURBOchannel LANCE Ethernet cards (PMAD-A). TURBOchannel SCSI (53C94) (PMAZ-A). TURBOchannel DEFTA FDDI cards (PMAF-FA). Unsupported devices: Built-in ISDN/audio chip. Built-in framebuffer. Other TURBOchannel cards. DEC 3000 models 400,500,500X,600,700,800,900 Supported devices: Built-in serial ports. Built-in LANCE Ethernet. Built-in SCSI (53C94 or 53CF94-2). TURBOchannel LANCE Ethernet cards (PMAD-A). TURBOchannel SCSI (53C94) (PMAZ-A). TURBOchannel DEFTA FDDI cards (PMAF-FA). Unsupported devices: Built-in ISDN/audio chip. Built-in framebuffer (when applicable). Other TURBOchannel cards. Tadpole AlphaBook Supported devices: Built-in serial ports. Built-in 53C810 SCSI (siop). Built-in PCMCIA slots. 3Com 3C589 and 3C562 PCMCIA Ethernet adapters. Unsupported devices: Built-in display (garbled output). Other PCMCIA cards. At this time none of the following systems are supported: DECpc AXP150 (2000/300) ``Jensen'' systems (EISA-bus PC-like systems) AlphaServer 2000, 2100 and 2100A AlphaServer 8200, 8400, GS60 and GS140 AlphaServer ES47, ES80 and GS1280 AlphaServer GS80, GS160 and GS320 Alpha XL systems (no SRM) DEC 4000, 7000, and 10000 systems (FutureBus+ and XMIBus-based) EB64+ based systems Samsung 164BX and 164UX (no SRM) VME Alpha systems (AXPvme, ALPHAvme) Console frame buffers and keyboards are only supported on systems explicitly mentioned above. On other systems, including all TURBOchannel-based machines, OpenBSD/alpha *must* be used with a serial console. Verifying the OpenBSD Installation Media: ----------------------------------------- As of OpenBSD 5.5, installations are able to verify files for the next release. The OpenBSD 6.7 release was signed with the /etc/signify/openbsd-67-base.pub release key. If you have an existing OpenBSD 5.5 or higher installation, you can run signify(1) to verify the signature and checksum. For example, run the following to verify that the cd67.iso file was distributed by the OpenBSD team: signify -C -p /etc/signify/openbsd-67-base.pub -x SHA256.sig cd67.iso If you are unable to run or compile signify(1), use sha256(1) with the SHA256 file to see if a file was corrupt during the transfer. Getting the OpenBSD System onto Useful Media: --------------------------------------------- Installation is supported from several media types, including: CD-ROM FFS partitions HTTP If you can burn the bootable CD-ROM mini image, you can boot from it. Creating a bootable CD-ROM: First you need to get access to the OpenBSD bootable CD-ROM (ISO) images. They can be found on one of the OpenBSD mirror servers. Two files are available, install67.iso which contains all of the sets needed for installation, and a smaller cd67.iso which contains just the installer, for a network install. Windows 7 users should be able to do this by right clicking on the install67.iso file and clicking burn to CD. OpenBSD users should be able to do this with the cdio command. "cdio tao install67.iso" Users of other operating systems should consult the appropriate documentation. If you do not have a CD-ROM drive on your alpha: You can copy the miniroot image onto the hard disk you intend to install OpenBSD on. Doing so will overwrite the disk's old contents, however. You must use a Unix-like system to write the miniroot image to the hard disk you will be using for OpenBSD/alpha. You should use the "dd" command to copy the file system image (miniroot67.fs) directly to the raw 'c' device (whole disk) of the target hard disk. It is suggested that you read the dd(1) manual page or ask your system administrator to determine the correct set of arguments to use; it will be slightly different from system to system, and a comprehensive list of the possibilities is beyond the scope of this document. The steps necessary to prepare the distribution sets for installation depend on which method of installation you choose. Some methods require a bit of setup first that is explained below. The installation allows installing OpenBSD directly from HTTP mirror sites over the internet, however you must consider the speed and reliability of your internet connection for this option. It may save much time and frustration to download the distribution sets to a local server or disk and perform the installation from there, rather than directly from the internet. If you are upgrading OpenBSD, you also have the option of installing OpenBSD by putting the new distribution sets somewhere in your existing file system, and using them from there. To do that, do the following: Place the distribution sets you wish to upgrade somewhere in your current file system tree. At a bare minimum, you must upgrade the "base" binary distribution, and so must put the "base67" set somewhere in your file system. It is recommended that you upgrade the other sets, as well. Preparing your System for OpenBSD Installation: ----------------------------------------------- OpenBSD/alpha requires the SRM console. Some alphas come with the AlphaBIOS (also known as the ARC firmware on older machines) instead; this is what Windows NT uses. It is fairly simple to replace the AlphaBIOS with the SRM firmware. Switching your alpha to SRM console: AlphaServer class machines (except for models 300 and 400) and recent enough machines (such as the Miata and later models) have enough flash ROM space to carry both the AlphaBIOS and the SRM console. To switch to SRM from AlphaBIOS, do the following: - enter the AlphaBIOS setup upon startup (F2 key, or Ctrl-B from serial console) - choose "CMOS Setup" from the menu - select "Advanced CMOS Setup" (F6 key, or Ctrl-F from serial console) - change the "Console Selection" setting to "OpenVMS console (SRM)" - confirm your changes with F10 (or Ctrl-U) twice, then enter. - power-cycle your system for the changes to take effect. If you didn't find a "Console Selection" entry (for example on 164SX or 164LX), your system can not hold both the AlphaBIOS and SRM console in flash, and you will have to upgrade your firmware. You can get replacement firmware either from a firmware update CD-ROM, which can be downloaded from ftp://ftp.hp.com/pub/alphaserver/firmware/v73.zip However, this CD-ROM image only supports AlphaServer DS10, DS20, DS20L, and ES40. Firmware update for other models can be picked individually via FTP from ftp://ftp.hp.com/pub/alphaserver/firmware/retired_platforms/ Please refer to http://h18002.www1.hp.com/alphaserver/firmware/index.html for more information. Note that, on most models, upgrading the firmware requires a jumper to be moved on the motherboards; refer to the firmware update instructions for details. AXPpci33 Motherboard specific notes: The 1994 version of the OEM guide has an incorrect pinout for the serial ports. The newer version used to be available at ftp://ftp.digital.com/pub/Digital/axppci/design_guide.ps.Z with a corrected pinout (as well as more information than the 1994 edition). Although ftp.digital.com does not exist anymore, a few copies of this document are scattered accross various ftp servers on the globe, such as ftp://ftp.uniroma2.it/Digital/support/axppci/design_guide.ps.Z or http://vt100.net/mirror/mds-199909/cd1/alpha/axpcidgc.pdf Note that there are two flavors of PC serial connectors. If you have the wrong kind, you won't get any output from the serial console. Using the SRM console: This is not intended to be an exhaustive guide on using the SRM firmware console. It should, however, give you enough information to boot OpenBSD/alpha. To see a list of devices connected to your alpha, you can use the "show device" command. For booting, the devices you are interested in are "dka*" (the disk drives). You can set ROM variables by saying "set VARIABLE VALUE". Some variables you will want to set: auto_action Determines what happens when you turn the power on, halt, or restart your machine. Valid values are: "halt" the system will not autoboot, will restart when rebooted (shutdown -r), and will not restart when halted (shutdown -h). "boot" the system will autoboot on powerup, and when the system is halted (shutdown -h) or rebooted (shutdown -r). "restart" the system will autoboot on powerup, will restart when rebooted (shutdown -r), and will not restart when halted (shutdown -h). Most users will want to set this to "restart". bootdef_dev Default boot device (or list of devices). boot_file Name of the kernel to boot. If this variable is empty, "bsd" will be loaded. Note that this variable does not exist in all versions of the SRM console, in which case you need to always boot manually and specify a kernel filename if it differs from "bsd". boot_osflags Flags to pass to the kernel (there is no need to prefix them with a `-' dash sign). To see a list of all variables on your machine, use the "show" command with no arguments. If there are too many of them, you might want to page with "show | more". You can bypass the boot_file and boot_osflags values from the command prompt, with the -fi (to override boot_file) and -fl (to override boot_osflags) options. For example, boot -fi bsd -fl c dka0 will boot the "bsd" kernel with the "c" flag on dka0. However, some versions of the SRM console (mainly on DEC 3000 series) will only let you specify uppercase filenames. USB support on the XP1000: For some unknown reason, the USB interface found on the XP1000 (and possibly the XP900 and the XP1100) is not enabled unless a specific SRM environment variable is set. If you plan to use USB devices on these machines, enter set usb_enable on at the SRM prompt, followed by init before attempting to install OpenBSD. EISA configuration: A few alpha systems support EISA devices. However, the SRM firmware has only a very limited knowledge of EISA devices and is not able to configure them. Every time an EISA board is added to or removed from the system, the EISA Configuration Utility needs to be run from a floppy disk using the ``runecu'' command at the SRM prompt. An ECU floppy disk is supposed to be provided with EISA-capable systems; this disk will be updated with the current configuration every time it is run, and needs to be writeable. ECU disks should not be shared between systems. Redistributing ECU is not allowed, however a copy of it can be downloaded from: ftp://ftp.hp.com/pub/alphaserver/firmware/other/utility/ecu/ntecuv111a.zip Extract this archive to a newly FAT-formated 3"1/2 floppy disk to get a pristine ECU disk. SRM console boot device restrictions: The SRM firmware on your system may or may not be able to boot from any disk controller you may install in your alpha. The built-in disk controllers on your alpha will always be supported, however on IDE-based machines, such as the EB164, 164SX and 164LX, as well as the low-end Personal Workstation (non-u models), you can plug in a SCSI controller, and boot from it if it is recognized. Recent SRM releases for these machines will be able to boot (or netboot) from the following controllers: QLogic PCI SCSI controllers Symbios Logic (NCR) 53C8xx (but not on PC164) Adaptec AHA-[23]9[34]x[U][W] cards Intel i8255x-based cards (EtherExpress PRO) The following controllers are known not to be supported as boot devices by the SRM: Adaptec AHA-[23]9[34]xU2 cards Depending on your specific model, your mileage may vary, though. OpenBSD/alpha console device restrictions: On systems with no framebuffer supported (currently all TURBOchannel-based machines), OpenBSD/alpha must be used with a serial console. Setting an Alpha system to use a serial console is system-specific. Although most models will default to serial console if no keyboard is connected on powerup, this behaviour can't be relied upon. The recommended procedure is: DEC 3000/[4-9]00 Flip the `S3' switch on the back of the machine (up for glass console, down for serial console). When configured to use a serial console, it is also necessary to set the ``server'' SRM environment variable to ``on'' for the system to autoboot on powerup despite the lack of a keyboard and mouse plugged in. DEC 3000/300 family machines Console is selected by the `W2' jumper block, to the edge of the logic board, near the memory banks. Setting the jumper cap on pins 1-2 selects glass console, and on pins 2-3 selects serial console. All other machines From the SRM console, enter either set console serial or set console graphics at the SRM prompt, then enter init or cycle power. Installing the OpenBSD System: ------------------------------ Installing OpenBSD is a relatively simple process. If you take your time and are careful to read the information presented by the installer, you shouldn't have any trouble. There are several ways to install OpenBSD onto a disk. The easiest way is to boot from the bootable CD-ROM mini image, then install from your favorite source. Network booting is supported through means of dhcpd(8) and tftpd(8). Booting from CD-ROM installation media: At the SRM console prompt, enter show device to find the device ID of your CD-ROM drive (the device ID is usually in the second column (``bootdev'') and should start with DKA for a SCSI CD-ROM drive). If your drive shows up with a drive number with trailing zeros, you will want to ignore them (unless it is DKA0). For example, if your CD-ROM drive is listed as DKA600, you want to use dka6 (device IDs are case insensitive). Insert the OpenBSD/alpha CD-ROM and enter boot DEVICE where DEVICE is the dka device name. You should see info about the primary and secondary boot and then the kernel should start to load. If the kernel fails to load or the spinning cursor has stopped and nothing further has happened, you either have a hardware problem or your alpha is not currently supported by OpenBSD; try booting from the network instead if possible. Booting from Network: In order to bootstrap via the network, you must provide a second system to act as a boot server. It is convenient if this is a second OpenBSD machine as the necessary services are already installed, although source code for such programs as dhcpd can be found in OpenBSD's source tree, and should be reasonably portable to other Unix-like operating systems. More information on diskless booting can be found in the OpenBSD diskless(8) manual page. Alpha systems can download their boot code over the network either using the old DEC MOP protocol, or the common bootp protocol. Older systems, such as the DEC 3000 systems, can only use the MOP protocol. Booting from a bootp or dhcp server: You will need to set up dhcpd on the server, which can serve bootp protocol requests. Start by editing the /etc/dhcpd.conf on the bootserver, and declare an information block. Here is an example: subnet 10.0.0.0 netmask 255.0.0.0 { host piper { always-reply-rfc1048 "true"; filename "netboot"; option root-path "/alpha"; hardware ethernet 08:00:2b:3d:28:2a; fixed-address 10.42.42.42; } } Do not forget to start dhcpd. You will also need to start tftpd, for the system to download the "netboot" file from the server in the /tftpboot directory. Booting from a MOP server: You will need to copy netboot.mop into /tftpboot/mop/1a2b3c4d5e6f.SYS, where "1a2b3c4d5e6f" represents the six octets of your Ethernet address, which can be obtained with ``show dev'' at the SRM prompt. For example, the filename for the machine in the dhcp example above would be "08002b3d282a.SYS". Note that the MAC portion of the filename must be lower case, but the "SYS" extension must be upper case. Do not forget to start mopd. Common netboot steps: A few more services need to be enabled on the boot server. First, add the Ethernet address to /etc/ethers file, as in: 08:00:2b:3d:28:2a piper and start rarpd. Second, you will need to export a directory for your new machine to mount over NFS, in order to get its kernel. This is accomplished by adding an entry to /etc/exports such as: /alpha piper The NFS server (which may be a different machine than the MOP or dhcp server) will need to run nfsd, mountd, and the rpc portmapper. See the exports(5) manpage for more information. Last, you will need to add an entry for your system in /etc/bootparams, to point to the NFS server. For example: piper root=myserver:/alpha and start bootparamd. Once loaded, the boot loader will mount /alpha over NFS and load the kernel from there. Installing using the CD-ROM or Network procedure: You should now be ready to install OpenBSD. The following is a walk-through of the steps you will take while getting OpenBSD installed on your hard disk. The installation procedure is designed to gather as much information about your system setup as possible at the beginning, so that no human interaction is required as soon as the questions are over. The order of these questions might be quite disconcerting if you are used to other installation procedures, including older OpenBSD versions. If any question has a default answer, it will be displayed in brackets ("[]") after the question. If you wish to stop the installation, you may hit Control-C at any time, but if you do, you'll have to begin the installation process again from scratch. Using Control-Z to suspend the process may be a better option, or at any prompt enter "!" to get a shell, from which "exit" will return you back to that prompt. Boot your machine from the installation media as described above. It will take a while to load the installation kernel, especially from a slow network connection or a CD-ROM, most likely more than a minute. If some action doesn't eventually happen, or the spinning cursor has stopped and nothing further has happened, either your boot media is bad, your diskless setup is incorrect, or you may have a hardware or configuration problem. Once the kernel has loaded, you will be presented with the OpenBSD kernel boot messages which contain information about the hardware that was detected and supported by OpenBSD. After the kernel is done initializing, you will be asked whether you wish to do an "(I)nstall", "(U)pgrade" or an "(A)utoinstall". Enter "I" for a fresh install or "U" to upgrade an existing installation. Enter "A" to start an unattended installation where all of your answers are supplied in a response file (more on that in "Preparing an unattended installation of OpenBSD"). If you are connected with a serial console, you will next be asked for your terminal type. You should choose the terminal type from amongst those listed. (If your terminal type is xterm, just use vt220). The first question you will be asked is the system hostname. Reply with the name of the system, without any domain part. You will now be given an opportunity to configure the network. The network configuration you enter (if any) can then be used to do the install from another system using HTTP, and will also be the configuration used by the system after the installation is complete. The install program will give you a list of network interfaces you can configure. For each network interface you select to configure, you will be asked for: - the symbolic host name to use (except for the first interface setup, which will reuse the host name entered at the beginning of the installation). - the IPv4 settings: address and netmask. If the IP address should be obtained from a DHCP server, simply enter "dhcp" when asked for the address. - the IPv6 settings (address, prefix length, and default router). You may enter "autoconf" when asked for the address for the interface to configure automatically via router solicitation messages. After all interfaces have been configured, if there have been any IPv4 interfaces setup, you will be asked for the IPv4 default route. This step is skipped if you only have one IPv4 interface setup, and it is configured with DHCP. The install program will also ask you for your DNS domain name, and the domain name servers, unless this information has already been obtained from a DHCP server during interface setup. You will then be asked to enter the initial root password of the system, twice. Although the install program will only check that the two passwords match, you should make sure to use a strong password. As a minimum, the password should be at least eight characters long and a mixture of both lower and uppercase letters, numbers and punctuation characters. You will then be asked whether you want to start sshd(8) by default. You will next be asked whether you intend to run the X Window System on your machine. The install program needs to know this, to change a configuration setting controlling whether the X server will be able to access the xf86(4) driver; it is not necessary to answer "y" to this question if you only intend to run X client programs on a remote display. If you are installing using a serial console, and since by default, the OpenBSD/alpha installation will only start terminals on the primary display device, the installation program will ask you whether you want to also enable an additional terminal on that line, and will allow you to select the line speed. You will now be given the possibility to setup a user account on the forthcoming system. This user will be added to the "wheel" group. Enter the desired login name, or "n" if you do not want to add a user account at this point. Valid login names are sequences of digits and lowercase letters, and must start with a lowercase letter. If the login name matches this criteria, and doesn't conflict with any of the administrative user accounts (such as "root", "daemon" or "ftp"), you will be prompted for the user's descriptive name, as well as its password, twice. As for the root password earlier, the install program will only check that the two passwords match, but you should make sure to use a strong password here as well. If you have chosen to setup a user account, and you had chosen to start sshd(8) on boot, you will be asked if you want to allow sshd(8) logins as root. Depending on the installation media you are using, you may now be given the opportunity to configure the time zone your system will use. If the installation program skips this question, do not be alarmed: the time zone will be configured at the end of the installation. The installation program will now tell you which disks it can install on, and ask you which it should use. Reply with the name of your root disk. The file system layout is stored in the OpenBSD disk label. Each file system is stored in its own "disk label partition", which is a subdivision of the OpenBSD disk partition you created. In the text below, "partition" refers to these subdivisions. You will be shown a default layout with the recommended file systems. This default layout is based on the disk size. You will be given the choice of accepting the proposed layout, editing it, or creating your own custom layout. These last two choices will invoke the disklabel(8) interactive editor, allowing you to create your desired layout. Within the editor, you will see at least a "c" partition of fstype "unused". This represents the whole disk and cannot be modified. You must create partition "a" as a native OpenBSD partition, i.e. one with "4.2BSD" as the fstype, to hold the root file system. In addition to partition "a" you should create partition "b" with fstype "swap", and native OpenBSD partitions to hold separate file systems such as /usr, /tmp, /var, and /home. You will need to provide a mount point for all partitions you define. Partitions without mount points, or not of the 4.2BSD fstype, will neither be formatted nor mounted during the installation. For quick help while in the interactive editor, enter "?". The "z" command (which deletes all partitions and starts with a clean label), the "A" command (which performs the automatic partition layout) and the "n" command (to change mount points) are of particular interest. Although the partitions' position and size are written in exact sector values, you do not need a calculator to create your partitions! Human-friendly units can be specified by adding "k", "m" or "g" after any numbers to have them converted to kilobytes, megabytes or gigabytes. Or you may specify a percentage of the disk size using "%" as the suffix. Enter "M" to view the entire manual page (see the info on the "-E" flag). To exit the editor enter "q". After the layout has been saved, new filesystems will be created on all partitions with mount points. This will DESTROY ALL EXISTING DATA on those partitions. After configuring your root disk, the installer will return to the list of available disks to configure. You can choose the other disks to use with OpenBSD in any order, and will get to setup their layout similarly to the root disk above. However, for non-root disks, you will not be proposed a default partition layout. When all your disks are configured, simply hit return at the disk prompt. After these preparatory steps have been completed, you will be able to extract the distribution sets onto your system. There are several install methods supported: HTTP, CD-ROM, or a local disk partition. To install via HTTP: To begin an HTTP install you will need the following pieces of information: 1) Proxy server URL if you are using a URL-based HTTP proxy (squid, CERN FTP, Apache 1.2 or higher). You need to define a proxy if you are behind a firewall that blocks outgoing HTTP connections (assuming you have a proxy available to use). 2) The IP address (or hostname if you configured DNS servers earlier in the install) of an HTTP server carrying the OpenBSD 6.7 distribution. The installation program will try to fetch a list of such servers; depending on your network settings, this might fail. If the list could be fetched, it will be displayed, and you can choose an entry from the list (the first entries are expected to be the closest mirrors to your location). 3) The directory holding the distribution sets. Then refer to the section named "installation set selection" below. To install from CD-ROM: When installing from a CD-ROM, you will be asked which device holds the distribution sets. This will typically be "cd0". If there is more than one partition on the CD-ROM, you will be asked which partition the distribution is to be loaded from. This is normally partition "a". You will also have to provide the relative path to the directory on the CD-ROM which holds the distribution, for the alpha this is "6.7/alpha". Then refer to the section named "installation set selection" below. To install from a local disk partition: When installing from a local disk partition, you will first have to identify which disk holds the distribution sets. This is normally "wdN" or "sdN", where N is a number. Next you will have to identify the partition within that disk that holds the distribution; this is a single letter between "a" and "p". You will also have to identify the type of file system residing in the partition identified. Currently, you can only install from partitions that have been formatted as the Berkeley fast file system (ffs). You will also have to provide the relative path to the directory on the file system where the distribution sets are located. Note that this path should not be prefixed with a "/". Then refer to the next section. Installation set selection: A list of available distribution sets found on the given location will be listed. You may individually select distribution sets to install by entering their names or wildcards (e.g. "*.tgz" or "base*|comp*"), or you may enter "all" to select all the sets (which is what most users will want to do). You may also enter "abort" to deselect everything and restart the selection from scratch, or unselect sets by entering their name prefixed with "-" (e.g. "-x*"). It is also possible to enter an arbitrary filename and have it treated as a file set. When you are done selecting distribution sets, enter "done". The files will begin to extract. After the files have been extracted, you will be given the choice to select a new location from which to install distribution sets. If there have been errors extracting the sets from the previous location, or if some sets have been missing, this allows you to select a better source. Also, if the installation program complains that the distribution sets you have been using do not match their recorded checksums, you might want to check your installation source (although this can happen between releases, if a snapshot is being updated on a mirror server with newer files while you are installing). The last thing you might need to configure, if you did not get the chance to earlier, is the time zone your system will be using. For this work properly, it is expected that you have installed at least the "base67" and "bsd" distribution sets. The installation program will then proceed to save the system configuration, create all the device nodes needed by the installed system, and will install bootblocks on the root disk. On multiprocessor systems, if the bsd.mp kernel has been installed, it will be renamed to "bsd", which is the default kernel the boot blocks look for. The single processor kernel, "bsd", will be available as "bsd.sp". Finally, you will be asked whether you would like to install non-free firmware files (which can't be tightly integrated to the OpenBSD system) on first boot, by invoking fw_update(8) on the next boot. Congratulations, you have successfully installed OpenBSD 6.7. When you reboot into OpenBSD, you should log in as "root" at the login prompt. You should create yourself an account, if you skipped this step during installation, and protect it and the "root" account with good passwords. The install program leaves root an initial mail message. We recommend you read it, as it contains answers to basic questions you might have about OpenBSD, such as configuring your system, installing packages, getting more information about OpenBSD, sending in your dmesg output and more. To do this, run mail and then just enter "more 1" to get the first message. You quit mail by entering "q". Some of the files in the OpenBSD 6.7 distribution might need to be tailored for your site. We recommend you run: man afterboot which will tell you about a bunch of the files needing to be reviewed. If you are unfamiliar with UN*X-like system administration, it's recommended that you buy a book that discusses it. Preparing an unattended installation of OpenBSD: ------------------------------------------------ If "(A)utoinstall" is chosen at the install prompt or if the installation system detects that it booted from the network, and isn't interrupted within 5 seconds, it attempts a fully-automatic installation. The installer runs dhclient(8) on the network interface the system booted from, or in case of multiple interfaces it will ask which one to use. Upon success, it retrieves a response file via HTTP. If that fails, the installer asks for the response file location, which can be either a URL or a local path, and retrieves the response file from there. The "next-server" DHCP option specifies the hostname part of the URL, as in "http:///install.conf". The "filename" DHCP parameter specifies the installer mode, e.g. "auto_install". On architectures where this parameter is used for netbooting, create a symbolic link named "auto_install" pointing to the boot program. The response file contains lines with key/value pairs separated by an equals sign "=", where the key is a non-ambiguous part (up to the question mark) of the installer question, consisting of whitespace separated words. The value is what would have been entered at the interactive prompt. Empty lines and lines beginning with a "#" character are ignored. The installer uses default answers in case of missing answers. Here is a response file example that uses a hashed password (see encrypt(1) for more details) for root and a public ssh key for the user that is created during the installation. System hostname = openbsd Password for root = $2a$14$Z4xRMg8vDpgYH...GVot3ySoj8yby Setup a user = puffy Password for user = ************* Public ssh key for user = ssh-ed25519 AAAAC3NzaC1...g3Aqre puffy@ai What timezone are you in = Europe/Stockholm Location of sets = http HTTP Server = ftp.eu.openbsd.org The "System hostname" key above matches the following full question asked during an interactive installation: System hostname? (short form, e.g. 'foo') While the installation is in progress the installer writes all output to the file /ai.log, which is available as mail on the freshly installed system after the initial reboot. If the installation is successful the system will reboot automatically; otherwise, you will be dropped back into the shell where you can look at the /ai.log file or try again. Upgrading a previously-installed OpenBSD System: ------------------------------------------------ Warning! Upgrades to OpenBSD 6.7 are currently only supported from the immediately previous release. The upgrade process will also work with older releases, but might not execute some migration tasks that would be necessary for a proper upgrade. The best solution, whenever possible, is to backup your data and reinstall from scratch. As a minimum, if the toolchain (the "comp" set) was installed, you should remove all files within /usr/include before attempting to upgrade. To upgrade OpenBSD 6.7 from a previous version, start with the general instructions in the section "Installing OpenBSD". Boot from the CD-ROM. When prompted, select the (U)pgrade option rather than the (I)nstall option at the prompt in the install process. You will be presented with a welcome message, and depending on how you are connected to the system, you will be asked to set the terminal type or to choose a keyboard layout. The upgrade script will ask you for the existing root partition, and will use the existing filesystems defined in /etc/fstab to install the new system in. It will also use your existing network parameters. From then, the upgrade procedure is very close to the installation procedure described earlier in this document. However, it is strongly advised that you unpack the etc.tgz and the xetc.tgz files found in /var/sysmerge in a temporary directory and merge changes by hand, or with the help of the sysmerge(8) helper script, since all components of your system may not function correctly until your files in "/etc" are updated. Getting source code for your OpenBSD System: -------------------------------------------- Now that your OpenBSD system is up and running, you probably want to get access to source code so that you can recompile pieces of the system. You can get the pieces over the internet using anonymous CVS, rsync, FTP or HTTP(s). For more information, see: https://www.OpenBSD.org/anoncvs.html https://www.OpenBSD.org/ftp.html Using online OpenBSD documentation: ----------------------------------- Documentation is available if you first install the manual pages distribution set. Traditionally, the UN*X "man pages" (documentation) are denoted by "name(section)". Some examples of this are intro(1), man(1), apropos(1), passwd(1), passwd(5) and afterboot(8). The section numbers group the topics into several categories, but three are of primary interest: user commands are in section 1, file formats are in section 5, and administrative information is in section 8. The "man" command is used to view the documentation on a topic, and is started by entering "man [section] topic". The brackets [] around the section should not be entered, but rather indicate that the section is optional. If you don't ask for a particular section, the topic with the least-numbered section name will be displayed. For instance, after logging in, enter man passwd to read the documentation for passwd(1). To view the documentation for passwd(5), enter man 5 passwd instead. If you are unsure of what man page you are looking for, enter apropos subject-word where "subject-word" is your topic of interest; a list of possibly related man pages will be displayed. Adding third party software - packages and ports: -------------------------------------------------------- As complete as your OpenBSD system is, you may want to add any of several excellent third party software applications. There are several ways to do this. You can: 1) Use the OpenBSD package collection to grab a pre-compiled and tested version of the application for your hardware. 2) Use the OpenBSD ports collection to automatically get any needed source file, apply any required patches, create the application, and install it for you. 3) Obtain the source code and build the application based upon whatever installation procedures are provided with the application. Instructions for installing applications from the various sources using the different installation methods follow. You should also refer to the packages(7) manual page. Installing applications from the ftp.OpenBSD.org package collection: All available packages for your architecture have been placed on ftp.OpenBSD.org in the directory pub/OpenBSD/6.7/packages/alpha/ You may want to peruse this to see what packages are available. The packages are also on the OpenBSD mirror sites. See https://www.OpenBSD.org/ftp.html for a list of current mirror sites. Installation of a package is very easy. 1) become the superuser (root) 2) use the "pkg_add" command to install the software "pkg_add" is smart enough to know how to download the software from the OpenBSD HTTP server. Example: $ su Password: # pkg_add \ http://ftp.OpenBSD.org/pub/OpenBSD/6.7/packages/alpha/emacs-21.4p32.tgz Installing applications from the OpenBSD ports collection: See https://www.openbsd.org/faq/faq15.html#Ports for current instructions on obtaining and installing OpenBSD ports. You should also refer to the ports(7) manual page. Installing other applications: If an OpenBSD package or port does not exist for an application you're pretty much on your own. The first thing to do is ask if anyone is working on a port -- there may be one in progress. If no such port exists, you might want to look at the FreeBSD ports or NetBSD pkgsrc for inspiration. If you can't find an existing port, try to make your own and feed it back to OpenBSD. That's how our ports collection grows. Some details can be found in the OpenBSD Porter's Handbook at https://www.openbsd.org/faq/ports/ with more help coming from the mailing list, . Administrivia: -------------- There are various mailing lists available via the mailing list server at . To get help on using the mailing list server, send mail to that address with an empty body, and it will reply with instructions. More information about the various OpenBSD mailing list and proper netiquette is available at https://www.OpenBSD.org/mail.html To report bugs, use the "sendbug" command shipped with OpenBSD, and fill in as much information about the problem as you can. Good bug reports include lots of details. Additionally, bug reports can be sent by mail to: bugs@OpenBSD.org As a favor, please avoid mailing huge documents or files to the mailing lists. Instead, put the material you would have sent on a web server, then mail the appropriate list about it, or if you'd rather not do that, mail the list saying you'll send the data to those who want it. For more information about reporting bugs, see https://www.OpenBSD.org/report.html