[dvzk]

QEMU most likely is not required. OpenBSD's installer is inside a single 4.5 MiB [1] ramdisk kernel image. Chainload or netboot it, or download the ramdisk to ffs on sd0 and run installboot [2]. Once the ramdisk kernel is loaded you can erase the disk containing it.

1. https://cdn.openbsd.org/pub/OpenBSD/7.5/amd64/bsd.rd

2. installboot also needs /usr/mdec/biosboot and /usr/mdec/boot from base75.tgz.

[ninjin]

At least for Hetzner's VPS, I get away with the following and then a reboot:

    wget -O - https://cdn.openbsd.org/pub/OpenBSD/X.Y/arm64/minirootXY.img |
        dd if=/dev/stdin of=/dev/sda

[ralferoo]

This is presumably fine for an initial install, as long as it auto-configures correctly via DHCP.

However, if you ever have issues and need a rescue image, you'd need to figure out how to do something like the OP, and do it while learning how to do it for the first time rather than having had a practice run when you first installed it.

[dvzk]

Nice! I didn't know about miniroot*.img. It's actually just bsd.rd, boot, MBR+PBR, and bootx64.efi. Nothing that can't be safely overwritten while the ramdisk kernel is running.

[exitb]

Taking the "curl | sh" pattern to the next level.

[ninjin]

Thank you, that one cracked me up.

Pardon my potential ignorance, but as someone that usually does the right thing security-wise, is there really much of an advantage to signify(1) and Sha256 if we are pulling the key and hash over the same HTTPS connection as what we are about to verify? It is not like with sysupgrade(8) where we have a trusted key already on disk.

[nopcode]

Signify was created so that a human can relatively easily eyeball the hash and make sure it's legit.

If you're just relying on HTTPS alone it means you're essentially trusting the certificate store that Hetzner put there for you.

[blueflow]

arm64 or amd64? Does Hetzner offer ARM servers?

[ninjin]

They offer both, but there can be differences between locations. Arm64 was the cheapest last time I checked.

https://www.hetzner.com/cloud