[nelsonic]

We use OpenBSD for our VPSes on Hetzner, bare metal (for security focussed clients) and older (but still good) hardware in our Home Lab. OpenBSD is excellent on older (no longer supported by Cupertino) Apple hardware. We have an Intel Mac Mini Cluster with near-perfect uptime. If you need to run any kind of server (Web, Mail, DNS, NFS, Database) where you need stability & security, look no further. Some learning curve, but totally worth it.

[mxuribe]

Have you tried such Openbsd installations vs FreeBSD? I forget the differences between OpenBSD and FreeBSD, so forgive the naivety. (I think NetBSD is more for embedded stuff, and Ghost and Dragonfly are more for conventional desktop use-cases if i recall correctly.)

I'm asking because i have not touched any BSD for over 2 decades...and I'm getting the itch to try some out...and was wondering if for server-type use cases (like you noted) whether OpenBSD is preferred over FreeBSD or the reverse, and why? Thanks in advance for any feedback you might provide!

[spauldo]

FreeBSD is a heavier, more capable system, suitable for large servers. It's got its own virtualization platform (bhyve), an LXC-ish container system (jails), native ZFS, dtrace, Linux emulation, and a bunch more. It makes for a decent workstation and has pretty decent hardware support.

NetBSD is small and simple. It's a lot like an old-school UNIX. It makes a decent platform for small services. I run bind and dhcpd on a NetBSD machine. The source code is very pleasant to read. It uses the pkgsrc software repository. It's my preferred platform for writing POSIX code.

OpenBSD still carries much of the general feel of NetBSD and can fill a similar niche on a network, but the security focus stands out in their documentation, subprojects (OpenSSH, LibreSSL, OpenNTPD, etc.), APIs (see pledge(8)), and policies. It makes for a great firewall. I'd say it also requires the most know-how.

All of them have excellent documentation (especially compared to Linux distros) and the base system is developed alongside the kernel, giving you a very consistent experience compared to Linux distros where everything is developed in isolation. If you write C, it's worth keeping a BSD system around just for the manpages and to make sure you're not letting Linuxisms creep into your codebase.

[mxuribe]

Thank you, this helped alot!

[tete]

> Linux emulation

Just to clarify. It's not emulation in the sense it's slower or something. They call it compatibility layer, which is better, but also nobody knows what it means.

This is simplifying a bit, but it's essentially "Linux is just a kernel" so the interface is just Linux syscalls, so the FreeBSD kernel when executing a Linux binary simply answers like Linux (so it has those system calls). How this is used in practice is that on your file system you have Ubuntu/RedHat/... "installed" (so the files and the file hierarchy are lying there) and you either directly or in a FreeBSD jail execute things in there or the binary you have.

I don't know how well it works in the present but in the past that means you could simply download the Unreal Tournament 2004 multiplayer demo or Enemy Territory or other games and just play them as if you were running Linux, 3D acceleration and all, without VM without real emulating, just the kernel providing what a Linux kernel would provide.

Also "heavy" is very very relative and subjective. You can totally have a tiny FreeBSD and a huge OpenBSD and one could argue OpenBSD is "heavy" because it comes with three window managers, an HTTP server, a full blown SMTPD server, ACME client and a ton of stuff that eg a server install of Debian or Ubuntu doesn't come with. But also if you run eg. ZFS things are heavy of course. FreeBSD has however had a time when it tried to strip a lot of stuff from the default install and make stuff either optional or make things available through ports/packages only.

And also there are surprises to be had with such overviews: Eg. your Lenovo laptop likely will give you a more "out of the box" experience on OpenBSD compared to FreeBSD with things like simple wifi setup, sound often doing the right thing (work, come out the right place, etc.) compared to FreeBSD. Also with stuff like HTTPD with ACME being available in a simple way after install I'd say OpenBSD is easier than FreeBSD.

FreeBSD to me feels a bit more like "it can be everything you want it to be". Ports and packages can be complicated if you just start out, compared to OpenBSDs "just use packages" stance. On OpenBSD things in my experience are more of a "it works or doesn't" and when it works often out of the box and/or with docs, while on FreeBSD it's more like it throws some tools into your direction you can build stuff (poudriere, jails, a build system with many options). So it's really cool if you want flexibility but a bit more like you have to figure out if it's possible and how. But that might simply be because of the use cases I used it for.

That said all of them are real general purpose systems, unlike eg. some Linux distributions. So it's not like "OpenBSD is for routers" even though it often seems like it. There are time when the GPU support is better on OpenBSD than FreeBSD's. But also FreeBSD has official NVIDIA drivers, so it's all not that clear cut.

[spauldo]

I don't have much to disagree with there, only that any survey answer is the difference between complex things is going to be simplified. I'm thumb typing here and no one's paying me to write a book.

I will defend my "heaviness" argument, though. Sure, you can run OpenBSD on large hardware, but it's not going to be able to take advantage of it like FreeBSD can. Which makes sense if you think about it - FreeBSD optimizes for heavy workloads. Conversely, if you set up minimal installs, OpenBSD will be smaller. Again, that makes sense, since OpenBSD focuses on security over features (plus the only truly secure code is the code that doesn't exist). There's a lot of overlap in the middle, of course.

I wouldn't use OpenBSD for a NAS, and I wouldn't use FreeBSD for a diskless firewall. Not because they can't do those things - they just each have their strengths and weaknesses.

[ch_123]

The "lightweight" nature of OpenBSD is a matter of perspective - if you are happy with OpenBSD's feature set, then it's a plus. On the other hand, FreeBSD has a lot of additional features, including ZFS, which may be of interest. The last I checked, FreeBSD was more performant in various benchmarks, particularly regarding multi-core performance.

[dijit]

FreeBSD has a bit more of a lax attitude historically to security[0] and seems to prefer being reasonably performant and "easy to use" (this is subjective, but they care about supporting packages outside of base very much, and bundle non-FreeBSD produced packages as part of their base).

OpenBSD on the other hand is perfectly happy to leave oodles of performance on the table for security. They were the first OS to completely drop Hyperthreading support for example, years before spectre/meltdown.

So with these things in mind, FreeBSD is a lot more performant.

[0]: https://vez.mrsk.me/freebsd-defaults

[nelsonic]

FreeBSD has the same roots as OpenBSD but the former has a “compatibility” focus whereas the latter has the security focus. Having a background in security, the choice was obvious for me. But each person/org should decide based on their needs. Haven’t had any issues running it on all major hardware (Dell, HP, Lenovo, Apple, etc) the UI isn’t as pretty as macOS on Desktop, but it runs Firefox & Chrome, etc. so you can do everything you need. If you have an older Lenovo or Mac lying around collecting dust, dive in!

[wang_li]

There was FreeBSD and NetBSD. NetBSD supporting many platforms while FreeBSD supported just x86. There was some contention between NetBSD developers and Theo and crew left to create OpenBSD. They all more or less have common ancestry being derivatives of 386BSD.

[mxuribe]

Yeah, i knew there was some aspects of decendancy across the different BSDs.

And, I mentioned NetBSD for embedded stuff...but really, i *think* its that NetBsd is simply installed on tons of different hardware....so not only embedded....i kinda remembered that about NetBSD.

But, its the other BSDs - in particular FreeBSD vs OpenBSD - that i always forget the differences...but got it now. Thanks!

[Brian_K_White]

freebsd = utility

openbsd = security

netbsd = portability

freebsd: performance, features, drivers, software compat - closest to linux in utility & usability though unlike linux in execution

openbsd: safety for exposed services

netbsd: portable across many cpu & hardware platforms - big-endian powerpc sun, hitachi sh3 jornada, etc, easiest to port to a new arch

[Melatonic]

Can FreeBSD be stripped down to be more like OpenBSD security wise while still keeping the performance benefits ?

[mxuribe]

Oh this is a wonderful and succinct summary; thanks!

[riedel]

Actually that is mostly current HW compat. NetBSD would be I guess the one for legacy HW compat.

[cestith]

OpenBSD does support some older hardware already not supported by, say, most Linux distributions. As an example MacPPC has’t had support from most Linux distributors since IBM Power went little-endian, but OpenBSD runs fine on it.

NetBSD is, however, the gold standard for an OS that runs on just about anything. Their (maybe unofficial) slogan has been “Of course it runs NetBSD!”. Their logo has a flag in it because they “plant their flag” on so many platforms.

https://wiki.netbsd.org/ports/

[mxuribe]

Yeah, thanks that helps! Its the old convenience vs security balancing act :-)

[nelsonic]

100%. I put off learning/using OpenBSD for a decade until a breach at a client (we weren’t responsible for DevOps/SysAdmin) made me pick it up because I don’t have time to be a full-time Linux Sysadmin anymore. Just want the servers to run without having to think about them. Wish I’d done it sooner. Lost at lot of time on Linux, Docker, K8s, etc. that I could have skipped completely with OpenBSD. Our servers are an order of magnitude simpler now, just single services per VM and I sleep better. ;-)

[mxuribe]

> ...I don’t have time to be a full-time Linux Sysadmin anymore. Just want the servers to run without having to think about them...

Very salient comment there! And, while not the only reason for me, but what you noted is sort of one reason that's triggering the itch in me to go back to playing with the BSDs. Don't get me wrong, I still do love fiddling around with some areas of linux once in a while....but then, there are other uses/areas where i just want a server to do its thing, and for my maintenance to be a little less (at least less than some linux distros require). So maybe i'm not the only one? :-)

[nelsonic]

Yeah, time is finite and fleeting and the older I get the faster it seems to go!

As a teen I had infinite time to compile Linux and debug stuff. Now I just want to spend time with family/outdoors and not be stuck in a windowless room negotiating with a black box. ;-P

[SanjayMehta]

OpenBSD is security focused while FreeBSD will remind you of older X-Windows workstations.

[mxuribe]

Thanks!

And, wow, do i miss the old X-window workstations...well, i should clarify that i LOVED those (I think they were Sparc?) workstations that ran Solaris or SunOS back in the day! Man, that takes me back some years...but i really loved those machines! :-)

[mghackerlady]

OpenBSD supports sparc very well and is compatible with old sunos stuff (iirc). Unfortunately no 68k anymore (okay, technically there's a niche flavour of 68k that still is supported because of a very dedicated man in Japan)

[brynet]

> OpenBSD supports sparc very well and is compatible with old sunos stuff (iirc)

No 32-bit sparc anymore (only UltraSPARC, aka sparc64).

No SunOS compatibility (despite Theo de Raadt inventing it for NetBSD, before being copied by other BSDs).

https://marc.info/?l=openbsd-tech&m=161435521906992&w=2

> Technically there's a niche flavour of 68k that still is supported because of a very dedicated man in Japan

luna88k, while related, is not 68k.

https://www.openbsd.org/luna88k.html

[ninjin]

Modern operating system booting on hardware that is closing in on 40 years old in just over three minutes, this is wild to see:

https://www.youtube.com/watch?v=btwiiZw3B2s

Kenji Aoyama truly is aligned with the best of the hacker spirit. As for getting your hands on a luna88k, I have no clue. The only thing I managed to find was a broken one that sold for ~USD 750 at an online auction.

[mghackerlady]

I must've read about the sunos thing somewhere and imagined it still existed.

>luna88k, while related, is not 68k

I misremembered it as being similar to the relationship between the 6502 and the 65C816

[JdeBP]

It's worth mentioning at this point that one can still get (Open)Solaris descendent operating systems: OmniOS, SmartOS, and Tribblix. The latter still has SPARC in its installation guide.

* https://tribblix.org/install-sparc.html

[mxuribe]

Oh wow, that's pretty cool! Thanks for sharing!

Another part of my nostalgia with those old workstations (besides the core OS) was the desktop environment, i think CDE or motif or something like that. Something about the look and feel of that DE i always thought was cool!

[SanjayMehta]

What's the situation with Broadcom wifi on your intel macs?

We've run into instability issues with the newer Linux kernels (starting with 6.x, I think) and have had to stop upgrading.

[keyle]

I've just setup a new ThinkPad with openbsd. You just need to put the firmware needed on a usb stick, mount it and run one command, fw_update -p ./ It wasn't hard.

[nelsonic]

Ah, we have all connected via Ethernet. Side-stepped the WiFi issue. ;-) But have read of others successfully navigating it.

[anthk]

I use OpenBSD among Hyperbola GNU/Linux, soon to be rebased from a deblobbed OpenBSD 7.0 hard fork. IT's dumb easy to setup too. Also, I daily use nvi, oksh, oed (a portable ed for GNU/Linux) among Xenocara and CWM, and this way the environment it's almost the same as OBSD but with a GNU/Linux kernel.

[mghackerlady]

(technically it's just a Linux kernel. GNU doesn't do any kernel work aside from deblob scripts)

[anthk]

Yeah, I'm aware of FSFLA and Linux Libre, but Hurd is not ready yet and it's being worked on with LLM's (something really anti-GNU, as it's propietary SAAS).

https://lists.gnu.org/archive/html/bug-hurd/2026-03/msg00100...

In the end Hyperbola BSD will be more free than OpenBSD and the former GNU maintainers themselves...

[mghackerlady]

I don't really see the LLM use as anti-GNU. It would be no different if the code was written in a proprietary IDE with fancy code completion. GNU doesn't restrict contributors to using exclusively free software for their contributions (if they did, they likely wouldn't have gotten very far considering how much work apple did on GCC). As long as the license is free and GPL compatible, it isn't inherently non-GNU (though, they'd encourage you not to use a SaSS for your own sake)

Now, is LLM code in the hurd a good thing? No, absolutely not. Ignoring the licensing limbo of LLM output that still isn't settled , LLMs make pretty bad code often enough that I wouldn't trust it to work on something as niche and relatively undocumented as the hurd.

[anthk]

A local LLM with GPL compatible input and with options to properly tag the source with a full backtracking of the code? Maybe, but that's not what's happening, but massive license laundering.

[mghackerlady]

I never said anything to the contrary, I agree 100%

[MarsIronPI]

I want to use OpenSMTPD so badly, but it doesn't have proper support for authentication via LDAP (at least, as far as I can tell). It insists on reading plaintext passwords from the LDAP server, rather than BINDing as the user in question.