-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
It's a little bit of both. The OpenBSD port and package of Tor were out of date last time I checked, so the first difference is that you want to build from source. If you do so, though, you have to make the unprivileged user yourself. This is covered in _Absolute OpenBSD 2nd Ed._ and on the web. It's a technique that OpenBSD popularized, so it's easy to do.
The general sysadmin experience with OpenBSD involves more manual config file editing and man page reading, as I've mentioned previously. Some things (like having tons of open files) have to be enabled by default, as they're a complication and a potential security risk. However, most users find it very convenient and elegant in the long run.
Another example that I forgot to mention earlier: encrypting swap on Debian or Ubuntu involves apt-getting and such. On OpenBSD, it involves changing two characters of /etc/sysctl.conf.
I don't want to beat a dead horse, so I'll leave most of the specifics out. Also, the beginning of _Absolute OpenBSD 2nd Ed._ explains the differences better than I can.
Libertas
On 11/05/2014 11:20 AM, Niklas Kielblock wrote:
Is there much of a difference between setting up Tor on OpenBSD vs. Linux or other Unix(like) systems?
Or is this just about setting up OpenBSD in general, or additional security for relays (disk encryption, memory protection) whose use isn't common on most general servers?
I would love to start a larger conversation about running Tor on OpenBSD. I've been considering making a guide describing the process. However, that violates the OpenBSD philosophy to some extent. They tend to only help those who help themselves - in the long term, only those who want to learn Unix and who RTFMs continue using OpenBSD.[1] Hopefully, though, we can spark enough interest that node operators will take that initiative. I know there's been a lot more interest in OpenBSD on Hacker News et al. since the surveillance revelations.
_______________________________________________ tor-relays mailing list tor-relays@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-relays