The OpenBSD project produces a freely
available, multi-platform 4.4BSD-based UNIX-like operating system. Our
goals place emphasis on correctness,
security, standardization, and
OpenBSD supports binary emulation of most
binaries from SVR4 (Solaris), FreeBSD, Linux, BSDI, SunOS, and HPUX.
This FAQ specifically covers only the most recent release of
OpenBSD, version 4.2.
CD bootable means that OpenBSD will boot directly from the CD. The
CD set will boot on several hardware platforms.
See chapter 3 of this FAQ for details of
obtaining OpenBSD on CD.
More information on OpenBSD platforms can be found on the
People sometimes ask why we support so many "odd" machines.
The short answer is, "because we want to".
If enough skilled people (sometimes, "enough" is only one really skilled
person!) wish to maintain support for a platform, it will be
There are practical benefits to keeping OpenBSD multi-platform: when new
platforms come out, the code tree is relatively free of
portability-breaking bugs and design flaws.
The OpenBSD platforms include 32 bit and 64 bit processors, little and
big endian machines, and many different designs.
And yes, supporting "unusual" platforms has helped produced a
higher-quality code base for more "common" platforms.
1.3 - Is OpenBSD really free?
OpenBSD is all free. The binaries are free. The source is free. All
parts of OpenBSD have reasonable copyright terms permitting free
redistribution. This includes the ability to REUSE most parts of the
OpenBSD source tree, either for personal or commercial purposes. OpenBSD
includes NO further restrictions other than those implied by the
original BSD license. Software which is written under stricter licenses
cannot be included in the regular distribution of OpenBSD. This is
intended to safeguard the free use of OpenBSD. For example, OpenBSD can
be freely used for personal use, for academic use, by government
institutions, by non-profit making organizations and by commercial
OpenBSD, or parts of it, can also be freely incorporated into
People sometimes ask if it bothers us that our free work is put into
The answer is, we would prefer that our good code be widely used
than that commercial software vendors reimplement and create badly coded
incompatible alternative solutions to already solved problems.
For example, it is likely that SSH is a widely used protocol due to
this freedom, much more widely used than if restrictions had been placed
on how people used the OpenSSH code.
This isn't to say we would object to financial
or hardware support in thanks.
In fact, it is stunning how little support of any kind comes from
companies that depend upon OpenBSD for their products, but there is no
requirement of compensation.
The maintainers of OpenBSD support the project largely from their own
pockets. This includes the time spent programming for the project,
equipment used to support the many ports, the network resources used to
distribute OpenBSD to you, and the time spent answering questions and
investigating users' bug reports. The OpenBSD developers are not
independently wealthy and even small contributions of time, equipment,
and resources make a big difference.
1.4 - Why might I want to use OpenBSD?
New users frequently want to know whether OpenBSD is superior to some
other free UNIX-like operating system. That question is largely
unanswerable and is the subject of countless (and useless) religious
debates. Do not, under any circumstances, ask such a question on an
OpenBSD mailing list.
Below are some reasons why we think OpenBSD is a useful operating
system. Whether OpenBSD is right for you is a question that only you
OpenBSD is thought of by many security professionals as the
most secure UNIX-like operating system,
as the result of a never-ending comprehensive source code
OpenBSD is a full-featured UNIX-like operating system available
in source form at no charge.
OpenBSD integrates cutting-edge security technology suitable for
building firewalls and private
network services in a distributed environment.
OpenBSD benefits from strong ongoing development in many areas,
offering opportunities to work with emerging technologies with an
international community of programmers and end-users.
OpenBSD attempts to minimize the need for customization and
For the vast majority of users, OpenBSD "Just Works" on their
hardware for their application.
Not only is tweaking and customizing rarely needed, it is actively
1.5 - How can I help support OpenBSD?
We are greatly indebted to the people and organizations that have
contributed to the OpenBSD project. They are acknowledged by name
on the donations page.
OpenBSD has a constant need for several types of support from the user
community. If you find OpenBSD useful, you are strongly encouraged to
find a way to contribute. If none of the suggestions below are right for
you, feel free to propose an alternative by sending e-mail to
Buy an OpenBSD CD set. It includes
the current full release of OpenBSD, and is bootable on many
platforms. It also generates revenue to support the OpenBSD project,
and reduces the strain on network resources used to deliver the
distribution via the Internet. This inexpensive three-CD set
includes full source. Remember, your friends need their own copy!
Donate money. The project has a
constant need for cash to pay for equipment, network connectivity,
and expenses relating to CD publishing. Manufacturing CDs requires
an up-front out-of-pocket investment for the OpenBSD developers,
without guaranteed return. Send e-mail to
find out how to contribute. Even small donations make a profound
Donate equipment and parts. The
project has a constant need for general and specific hardware. Items
such as IDE and SCSI disks, and various types of RAM are always
welcome. For other types of hardware such as computer systems and
motherboards, you should inquire as to current need. Write to
arrange for shipment.
Donate your time and skills. Programmers who enjoy writing
operating systems are naturally always welcome, but there are
literally dozens of other ways that people can be useful. Follow
mailing lists and help answer new-user
Help maintain documentation by submitting new FAQ material (to
firstname.lastname@example.org). Form a local
user group and get your friends hooked
on OpenBSD. Make a case to your employer for using OpenBSD at work.
If you're a student, talk to your professors about using OpenBSD as
a learning tool for Computer Science or Engineering courses. It's
also worth mentioning one of the most important ways you should not
try to "help" the OpenBSD project: do not waste your time engaging
in operating system flame wars. It does not help the project to find
new users and can cause substantial harm to important relationships
that developers have with other developers.
1.6 - Who maintains OpenBSD?
OpenBSD is maintained by a development team spread across many different
countries. The project is coordinated by
Theo de Raadt, located in Canada.
1.7 - When is the next release of OpenBSD?
The OpenBSD team makes a new release every six months, with target release
dates in May and November. More information on the development cycle
can be found here.
1.8 - What is included with OpenBSD?
OpenBSD is distributed with a number of third-party software products,
GCC versions 2.95.3 and 3.3.5. GNU
C Compiler. The OpenBSD team has added the
stack protection technology, enabled by default, and used throughout the
OpenBSD userland and by default on applications compiled on OpenBSD.
Installed as part of the comp42.tgzfile set.
Perl 5.8.8, with patches and
improvements from the OpenBSD team.
Our improved and secured version of the Apache 1.3 web server.
The OpenBSD team has added default
chrooting, privilege revocation, and other security-related
improvements. Also includes mod_ssl and DSO support.
As can be seen, the OpenBSD team often patches third-party products
(typically) to improve the security or quality of the code. In
some cases, the user will see no difference in operation, in other
cases, there ARE operational differences which may impact some users.
Keep these enhancements in mind before blindly adding different versions
of the same software.
You may get a bigger version number, but a less secure system.
Of course, additional applications can be added through the OpenBSD
packages and ports system.
1.9 - What is new in OpenBSD 4.2?
The complete list of changes made to OpenBSD 4.1 to create OpenBSD 4.2
can be found on plus42.html, and highlights
on the OpenBSD 4.2 Information page, however
here are a few changes the OpenBSD team anticipate will require or
warrant some special note to people upgrading or installing OpenBSD 4.2
who are familiar with older versions:
libexpat is part of xbase42.tgz, not a package
This will prove to be a problem for many users, and for 4.3, will be
part of base43.tgz, but for OpenBSD 4.2, many users will have
to install xbase42.tgz.
More details in the 4.2 Upgrade
XF3 is no longer included:
XF3 was provided on the i386 platform to support some very old display
hardware that is now rarely used.
With the new version of X.org and its new build process, support for
XF3 was dropped.
It is expected few people will be impacted by this.
driver may change how disks are handled:
Systems using the ahci(4) driver may find SATA disks which had been
recognized and handled by the
(i.e., wd0) to become
(i.e., sd0) devices.
More details in the 4.2 Upgrade Guide
SSH protocol 1 discouraged on new installs:
New OpenBSD installs will default to not accepting SSH v1 connections.
Changes in the way sudo(8) passes environment:
will now reset the environment to a small default set
with only certain variables preserved from the previous environment.
[i386, amd64] boot(8) enhancements: boot(8)
will now ignore any /etc/boot.conf file if the CTRL key is held
down when boot starts.
This can be handy for recovering from some configuration errors.
boot(8) for i386 can now boot an amd64 kernel, and vice versa, which can
make changing platforms easier.
1.10 - Can I use OpenBSD as a desktop system?
This question is often asked in exactly this manner -- with no
explanation of what the asker means by "desktop".
The only person who can answer that question is you, as it depends on
what your needs and expectations are.
While OpenBSD has a great reputation as a "server" operating system, it
can be and is used on the desktop.
Many "desktop" applications are available through
packages and ports.
As with all operating system decisions, the question is: can it do the
job you desire in the way you wish?
You must answer this question for yourself.
It might be worth noting that a large amount of OpenBSD development is
done on laptops.
1.11 - Why is/isn't ProductX included?
People often ask why a particular product is or isn't included with
The answer is based on two things: the wishes of the developers and
compatibility with the goals of the
A product will not be included simply because it is "neat" -- it must
also be "free" for use, distribution and modification by our standards.
A product must also be stable and secure -- a bigger version number does
not always mean a better product.
License is often the biggest problem: we want OpenBSD to remain usable
by any person anywhere in the world for any purpose.
Another major consideration is the wishes of the developers.
The OpenBSD developers are the ultimate judges of what does and doesn't
go into the project.
Just because an application is "good" doesn't mean the OpenBSD project
wishes to devote the resources needed to maintaining it, or that
they will share other's enthusiasm about its place in OpenBSD.
Some commonly asked questions about third-party products:
Why is Sendmail included, it is "known insecure"?!
had an imperfect security record, however the Sendmail authors and
maintainers have been very receptive to reworking their code to make it
much more secure (and this is a sadly uncommon response).
The recent security history of Sendmail is not much different than some
of the supposedly "more secure" alternatives.
Why isn't Postfix included?
The license is not free, and thus
can not be considered.
Why isn't qmail or djbdns included?
Neither program is what many Unix users "expect" out of a mail or
In the case of djbdns, also the license, or lack of: the
inability to distribute a modified version of this software keeps it
from being considered.
Why is Apache included? It isn't needed by many people!
Because the developers want it.
Why isn't a newer version of Apache included?
The license on
newer versions is unacceptable.
Why isn't bzip2 included instead of gzip?
Performance is horrible, and benefit is minimal.
Impact on slower platforms, such as m68k or VAX would be unacceptable.
Why isn't there a graphical or
For a number of reasons, including the goal of keeping the installation
boot media able to be a single floppy disk, the fact that one installer
can be used on all platforms in all configurations, and the fact that
after the second or third OpenBSD install, most users find the OpenBSD
installation system among the fastest and easiest installers of any OS.
Most developers and users greatly prefer the speed, power, and ease of
use of the current installer to any of the more "colorful" or "pretty"
installers on some other platforms.
In most cases, these topics have been discussed in painful detail on
the mail lists, please see archives
if you need more information.
Of course, If you wish to use one of these packages and your use is
compatible with the license of the products, no one will stop you (that
wouldn't be very free if we tried, would it?).
However, your needs may change -- you may not want to develop a
"Killer Application" that you can't sell, distribute, or get rich from
because you incorporated non-free software into it.