Installing OpenBSD: A Beginner's Guide

by Brad Schonhorst

The OpenBSD website is contains an extermely thorough FAQ and manual that should be any OpenBSD user's primary resource. Below I will go through a basic installation of OpenBSD 3.5 to clarify some points that might be confusing to a new OpenBSD user.

There are many ways you can get OpenBSD up and running on your machine. I will assume you are using the official OpenBSD CD set because if you aren't, you should be. The official CD's are one of the few ways to support the OpenBSD community financially.

A few things you should consider before beginning:

1. Which platform you will be using (e.g., i386, sparc, macppc, etc...). See http://openbsd.org/plat.html for a complete list.
2. Hardware information such as RAM, hard drive size, and ethernet.
3. Network settings (especially if you decide to install without the official CD set).
   • Machine Name
   • Domain Name
   • IP address or DHCP
   • Netmask
   • DNS server
   • Gateway IP
4. How you will lay out your OpenBSD file system. (You can set OpenBSD up as a partition on a multiboot machine. More on that later.)

Now lets get to it...

For this document I will be installing OpenBSD 3.5 onto a Mac with the following:

• 450 MHz G4 processor (old world PowerPC's are not supported yet, so NetBSD is the answer for all those old beige G3 towers)
• 1024 MB RAM
• 10/100 Mbps Ethernet (built-in)
• 25 GB HD
• Matshita PD-2 LF-D110 CD-ROM/DVD-RAM

For information on supported hardware see the OpenBSD platforms page.

Make sure to back up anything on the drive that you need to keep. Don't say I didn't warn you!

Insert the installation CD into the machine and boot from it. Make sure you put the correct CD in for the platform you're installing on. For an i386 install, enter the BIOS and change the boot device to CD-ROM. For macppc just hold down the c key at boot, or boot into Open Firmware (by holding down Apple+Option+o+f) and type:

boot cd:,ofwboot 3.5/macppc/bsd.rd

After the CD boots up and the device driver information scrolls past, the install program will start and ask you what to do. We'll choose i for install.

erase ^?, werase ^W, kill ^U, intr ^C, status ^T
(I)nstall, (U)pgrade or (S)hell? i

If you don't know your terminal type, chances are the default is fine.

Specify terminal type: [vt220] {hit enter}
Do you wish to select a keyboard encoding table? [n] {hit enter}

Now you'll get a warning to back up your data before everything is overwritten:

Proceed with install? [n] y

First the installer runs fdisk(8) and defines the OpenBSD slice (partition). It will list any hard drives it finds and let you choose which one to install on. Usually IDE drive names start with 'wd' such as wd0 and SCSI drives start with 'sd' like sd0. In this example I have two IDE drives and will be installing onto the first. If your drive doesn't show up it may not be supported.

Available disks are: wd0 wd1
Which one is the root disk? (or done) [done] wd0

For macppc only (skip if you are installing on a different platform)

Next your are asked how you want to set up the disk. Will it be shared with an installation of Mac OS or is this hard drive going to be devoted to OpenBSD? If you want to have a dual boot machine, the disk needs to be formatted first with an Apple tool in HFS (Disk Utility would work). Just make sure to leave a second empty partition for your OpenBSD install. For further information, see my dual boot instructions.

For this exercise, I will be using MBR partition table rather than HFS and this will be an OpenBSD-only hard drive.

Use HFS or MBR partition table? [HFS] mbr
Are you *sure* you want to put a MBR disklabel on the disk? [n] y
Have you initialized an MSDOS partition using OpenFirmware? [n] n

At this point you are asked if you want to set up a 1 MB MS-DOS partition. This will store our MBR:

Do you want to initialize the MBR and the MSDOS partition [y] y
Do you wish to write new MBR and partition table [n] y

When the next warning comes up, just hit return. You will then see the current partition information. This will vary depending on what the hard drive had on it. At the top you should take note of the geometry in case you run into trouble. You should see a small partition called DOS which is our MBR partition.

Hit enter twice again and the fdisk(8) utility will start up so we can make any changes to the disk layout. I have noticed with some Mac installs that the OpenBSD partition that gets created does not reflect the entire size of the hard drive. Make sure that the total number of sectors shown at the top is close to the sum of the sizes listed in the table. If things don't add up you can take a look at my example.

fdisk: 1> quit

(End of the macppc-only instructions.)

Moving on

For an i386 install you are given the option to install OpenBSD on only part of the selected drive in case you want to boot other OS's. In this case I'm using the whold drive for OpenBSD.

Do you want to use *all* of wd0 for OpenBSD [no] yes

Disk Labeling

Now your installation will proceed to disk labeling, depending on your hard drive and platform. (I seem to run into trouble with macppc.)

Now the fun part. The install should run the disklabel(8) program so that you can start laying out the file system. The label will contain the OpenBSD partitions in an MBR partition which will take up a small amount of space at the beginning of the disk.

Partitioning?

When we talk about partitioning in OpenBSD, there are two different ideas being discussed. First, partitioning traditionally means the splitting up of a disk so that you can boot more than one OS from the same hard drive. The second meaning is the creation of slices within your OpenBSD partition.

Technically you only need two: one for the root file system and one for swap. You can make a more secure system by adding a few more partitions. A good place to start would be with /, swap, /home, /tmp, /usr, and /var, but if you have some specific tasks in mind for the machine you will want to change your layout accordingly. For example, if you are setting up a Squid proxy or IDS you will want a large /var/log partition. This way if your logs run wild you will only fill up a single slice and not the entire hard drive. Also, by partitioning out /home, /var, /tmp, etc., you can set different security controls over your partitions using mount(8).

Warning: wd0 has no label
Do you want to create one with the disklable editor? [y] {hit enter}

Next you are shown an example of what a partition label might look like. Just hit enter.

Below are the commands you will definitely be using. If you need other options, use the ? key for help.

• p: Prints the label as it is currently set up.
• a: Add a new partition
• d: Delete a partition
• q: Quit and save the new changes
• ?: Help

First lets print out our current label and see what's there.

Initial label editor (enter '?' for help at any prompt)
> p
 device: /dev/rwd0c
 type: ESDI
 disk: ESDI/IDE disk
 label: IBM-DPTA-372730
 bytes/sector: 512
 sectors/track: 63
 tracks/cylinder: 16
 sectors/cylinder: 1008
 cylinders: 16383
 total sectors: 53464320
 free sectors: 53461296
 rpm: 3600

16 partitions:
#        size    offset    fstype    [fsize   bsize    cpg]
 a:  53461296      3024    unused         0       0
 c:  53464320         0    unused         0       0
 i:      2048         1     MSDOS

The 'c' partition represents the entire OpenBSD partition or in this case the entire hard drive. The 'i' partition (macppc only) is reserved for the MBR partition so don't delete it! If you won't be installing any other OS's on this disk then you can safely delete the other partitions.

Now we'll delete the empty 'a' partition so we can divide it up into our file system slices. I'll enter d for delete and then a, which is the partition to delete.

> d a

Now if I print out the label I will be left with 'c' and 'i'. For an i386 install you will just have 'c'.

If you haven't already figured out how you want to assign your space, do so now. I am setting up a desktop machine so I will assign the following:

/             1G
swap          1G
/home        10G
/tmp          3G
/usr          6G
/var          4G

First off, lets add the root (/) directory. You really just need to type a and the disklabel program will prompt you for the rest.

> a
 partition: [a] {hit enter}
 offset: [3024] {hit enter}
 size: [53461296] 1G
 Rounding to nearest cylinder: 2097648
 FS type: [4.2BSD] {hit enter}
 mount point : [none] /

Now if I print out the current label I should see my new partition. Notice that the mount point for the partition is shown after the pound (#) symbol.

> p
16 partitions:
#        size    offset    fstype    [fsize   bsize    cpg]
 a:   2097648      3024    4.2BSD      2048   16384     16  # /
 c:  53464320         0    unused         0       0
 i:      2048         1     MSDOS

Now we can go through and add the other partitions. Usually swap is partition 'b' so that will be next.

> a
 partition: [b] {hit enter}
 offset: [2100672] {hit enter}
 size: [51363648] 1G
 Rounding to nearest cylinder: 2097648
 FS type: [swap] {hit enter}

From here you can add any the other partitions you want. When you are done, use the print (p) command to view them.

> p
16 partitions:
#        size    offset    fstype    [fsize   bsize    cpg]
 a:   2097648      3024    4.2BSD      2048   16384     16  # /
 b:   2097648   2100672      swap
 c:  53464320         0    unused         0       0
 d:  20971440   4198320    4.2BSD      2048   16384     16  # /home
 e:   6291936  25169760    4.2BSD      2048   16384     16  # /tmp
 f:  12582864  31461696    4.2BSD      2048   16384     16  # /usr
 g:   9419760  44044560    4.2BSD      2048   16384     16  # /var
 i:      2048         1     MSDOS

If it all looks good, you can move on. Type q to save changes and quit.

> q
 Write new label?: [y] {hit enter}

Now disklabel goes through each partition you created and verifies its size. You can hit return and cycle through them all. When you're satisfied, type done.

The root file system will be mounted on wd0a.
wd0b will be used for swap space.
Mount pint for wd0d (size=10485720k)? (or 'none' or 'done') [/home] done

If you have any other disks you are asked if you want to initialize them next.

Hit enter and you are asked once again if you really want to write the new label and erase your disk.

Are you really sure that you're ready to proceed? [n] y

The partitions will now be set up on the disk. If you ran into the Mac hard drive size problem and had to use fdisk you may see some warnings about cylinder groups.

Network Settings

Now you will be asked several questions about the new machine's network setup. This happens before installation in case you are doing a net install from a floppy or boot CD. You will want to put in your own hostname and domain name. You shouldn't just pick any domain name unless its registered to you. If you're not sure what to pick, just use the default for now. I will be using plumblossom.org in this example.

System hostname (short form, e.g. 'foo'): playground
Configure the network? [y] {hit enter}

A list of your network cards will show up here. Their name will vary depending on the vender. I only have one to initialize.

Available interfaces are: gem0
Which one do you wish to initialize? (or 'done') [gem0] {hit enter}

You can assign a separate hostname to the ethernet interface. Usually you will just want it to be the same as the hostname you entered previously.

Symbolic (host) name for gem0? [playground] {hit enter}

The default media for gem0 is
media: Ethernet autoselect (100baseTX full-duplex)
Do you want to change the default media" [no] {hit enter}

Now you get to enter your IP address. You can just type dhcp if you plan to receive an IP address from your router or DHCP server. Also, be aware that things will break if you set up more than one interface with DHCP on the same OpenBSD machine.

IP address for gem0? (or 'dhcp') 192.168.168.1

Put the netmask you are using here or hit return if you are on a /24 network:

Netmask? [255.255.255.0] 255.255.0.0
No more interfaces to initialize.

Now you can enter the domain name for your network. If you will receive an IP address from a DHCP server just hit enter and don't put anything here.

DNS domain name? (e.g. 'bar.com') [my.domain] plumblossom.org

Next enter the IP address of your name server. If you are using DHCP you may be able to leave it blank.

DNS name server? (IP address or 'none') [none] 192.168.1.100
Use the nameserver now? [y] y

Next you are asked for the IP address of your gateway. If you're using DHCP make sure to specify dhcp.

Default route? (IP address, 'dhcp' or 'none') 192.168.1.1
add net default: gateway 192.168.1.1
Edit hosts with ed? [n] {hit enter}

Finally you are given the opportunity to manually check and configure your network interface. If you type yes, you will be dropped into a shell prompt to work from.

Do you want to do any manual network configuration? [n] {hit enter}

Installation Options

Now you set the password for the root account.

Password for root account (will not echo):
Password (again):

Installation media: You can now choose how you want to install OpenBSD. We will be using the official OpenBSD CD so just type c.

Sets can be located on a (m)ounted file system; a (c)drom, (d)isk or (t)ape
device; or a (f)tp, (n)fs or (h)ttp server.
Where are the install sets? (or 'done') c

At this point the install program will list possible CD-ROM devices.

Available CD-ROMs are: cd0.
Which one contains the install media? (or 'done') [cd0] {hit enter}

Now you need to specify which platform's install sets to use. We want to choose the sets for macppc in this example.

Pathname to the sets: (or 'done') [3.5/macppc] {hit enter}

Next you get to choose which sets to install. If you want to run the X Window System you might as well choose them all. For a more secure firewall box you might leave out all but the following: bsd, base34.tgz, and etc34.tgz. This would be a very minimal system with no man pages or compilers! Leaving out the compilers (comp34.tgz) gives you an added measure of security (makes it quite hard to compile devious programs), but it also means that you will have to compile all upgrades on another machine running with the same hardware and then transfer the patched binaries over.

In this example I will choose everything except bsd.rd.

The following sets are available. Enter a filename, 'all' to select all
the sets, or done. You may deselect a set by prepending a '-' to its name.

          [X] bsd
          [ ] bsd.rd
          [X] base35.tgz
          [X] etc35.tgz
          [X] misc35.tgz
          [X] comp35.tgz
          [X] man35.tgz
          [X] game35.tgz
          [ ] xbase35.tgz
          [ ] xshare35.tgz
          [ ] xfont35.tgz
          [ ] xserv35.tgz

First I will select all the sets and then I will subtract the one I don't want.

File Name? (or 'done') [bsd.rd] all

          [X] bsd
          [X] bsd.rd
          [X] base35.tgz
          [X] etc35.tgz
          [X] misc35.tgz
          [X] comp35.tgz
          [X] man35.tgz
          [X] game35.tgz
          [X] xbase35.tgz
          [X] xshare35.tgz
          [X] xfont35.tgz
          [X] xserv35.tgz

File Name? (or 'done') [bsd.rd] -bsd.rd

          [X] bsd
          [ ] bsd.rd
          [X] base35.tgz
          [X] etc35.tgz
          [X] misc35.tgz
          [X] comp35.tgz
          [X] man35.tgz
          [X] game35.tgz
          [X] xbase35.tgz
          [X] xshare35.tgz
          [X] xfont35.tgz
          [X] xserv35.tgz

Looks good! Lets go ahead and start the install.

File Name? (or 'done') [bsd.rd] done
Ready to install sets? [y] {hit enter}

Now the sets I have selected will be installed on my machine. When they are finished I will be asked if I want to add more distribution sets.

Where are the install sets? (or 'done') done

You will be asked if you want sshd to start up by default. This question is new to OpenBSD 3.5.

Do you wish sshd(8) to be started by default? [yes] y

If you want to run X just hit enter (assuming you installed all the x-sets above).

Do you expect to run the X Window System? [y] {enter}

Now you are asked what time zone you live in. The installer script will set a symbolic link of /etc/localtime to the time zone you specify. If you are not sure of the correct syntax for your zone, enter ? (a question mark).

What timezone are you in? ('?' for list) [Canada/Mountain] America/New_York

Now the computer sets up the /dev directory and boot blocks. When it's finished you will see a congratulations banner and a prompt. Enter the command halt to gracefully shut down the computer.

CONGRATULATIONS! Your OpenBSD install has been successfully completed!
 To boot the new system, enter halt at the command prompt. Once the
 system has halted, reset the machine and boot from the disk.
 # halt
 syncing disks... done

The operating system has halted.

On i386 you may press any key to reboot into OpenBSD:

Please press any key to reboot.

Final steps for macppc

If you installed on a Mac you will need to boot into Open Firmware and tell it to boot the BSD kernel from now on.

To do so, restart the computer (probably using the reset or power button) and hold down Option+Apple+o+f to boot Open Firmware. Now we just need to set the boot device to the hard drive that containts OpenBSD and tell it to boot the kernel located at /bsd.

ok
0 > setenv boot-device ultra0:,ofwboot /bsd
0 > mac-boot

Now your new OS should start up!

(End of macppc-only instructions.)

Final Notes

After you boot up for the first time, make sure to read the Afterboot(8) man page or check out my first boot list for some final configurations.

For clarification or corrections: bschonhorst@gmail.com