FreeBSD or OpenBSD

[CP]

I am going to be installing one of these at some stage over the next month or so, which one would you recommend for a Uni student with too much time on his hands? And why

OpenBSD, for many reasons:

- The source code is a perfect example of how to do safe programming, so it will benifit you
- The whole OS is smaller and cleaner, so it will be easier for you to get into it
- The security offered by OpenBSD will keep hackers at bay
- OpenBSD comes with a _GREAT_ packet filter: pf
- There are less idiots on the mailing lists (yes, this is a factor)
- The FAQ is the most excellent I'Ve ever seen with MANY MANY answers and it serves as a HOWTO at some points even. *The man pages are also clear and clean.
- OpenBSD is less complete than FreeBSD, so *you* could help the project by making new ports/packages or writing patches, etc.
- A lot of features are included in the default (GENERIC) kernel, so you don't need to always recompile.
- You will also have an OS that gives a VERY professionnal feel to you as an admin
- Services such as BIND and Apache are installed by default (though they are not enabled by default). *They've been audited for security problems and they are installed in a chroot which means if an attacker breaks in using either, he has nothing to touch besides your http or name server.
- The FTP server has a nice option with which you can see users with commands such as 'who' and 'w'
- Installation takes 10 to 15 minutes once you've seen it once or twice.
- The fact that there are no remote exploit means you can wait for a new official release before upgrading
- They use a lot of cryptography: the blowfish cipher for login, mod_ssl is installed by default for Apache, memory and swap can be crypted
- Its file system (FFS) supports softupdates which is better than journaling
- There's a project called 'Stephanie' to bring to OpenBSD features from trusted operating systems. *You can for example make access lists and you can put flags on some files, such as append-only, no-remove, etc. and these flags also affect the root account. *And to remove a flag, you must reboot the system, so an attacked would be immediately noticed.
- OpenBSD has one of the best IPsec implementation, it's also IPv6 ready
- You can get help from myself, Ashcrow and Kint
- The blowfish just looks cool
- There are releases every 6 months (June 1st and December 1st), so you can plan an upgrade better than with FreeBSD (which had to delay FreeBSD 4.5 by ~3-4 weeks and delayed 5.0 by 14 months). *Also, new releases rarely contain a buttload of new features. *Usually: 3-4 new good features, other minor features, couple of thousand bugfixes and security fixes and new 3rd party applications (ports + binary packages) and new hardware support.
- OpenBSD 3.0 supports 10 architectures (including x86, macppc, sparc64 and alpha). *FreeBSD 4.5 supports 2.
- EVERY network card is supported by OpenBSD (there's a guy who just does that)
- /etc cannot be modified by packages
- There's no /usr/local/etc like in FreeBSD
- It installs with only one floppy (which is more convienent than 2 for FreeBSD)
- You have the option to escape to a shell during the install
- sudo and XFree86 are better integrated with the system than in FreeBSD

[CP]

Wow, those are quite a few good reasons. My next question is how easy is it to install. Will I be able to get the installation files, and other packages for that matter, over a NZ server?

ncftp /pub/OpenBSD/3.0/i386 > ls -l *.tgz bsd
-r--r--r-- 1 12187 mirror 23469942 Oct 19 15:58 base30.tgz
-r--r--r-- 1 12187 mirror 16315830 Oct 19 15:58 comp30.tgz
-r--r--r-- 1 12187 mirror 1075078 Oct 19 15:58 etc30.tgz
-r--r--r-- 1 12187 mirror 2772511 Oct 19 15:58 game30.tgz
-r--r--r-- 1 12187 mirror 5641583 Oct 19 15:58 man30.tgz
-r--r--r-- 1 12187 mirror 1704594 Oct 19 15:58 misc30.tgz
-r--r--r-- 1 12187 mirror 8853776 Oct 19 15:58 xbase30.tgz
-r--r--r-- 1 12187 mirror 30471502 Oct 19 15:58 xfont30.tgz
-r--r--r-- 1 12187 mirror 21536096 Oct 19 15:58 xserv30.tgz
-r--r--r-- 1 12187 mirror 1683519 Oct 19 15:58 xshare30.tgz
-r--r--r-- 1 12187 mirror 4332626 Oct 19 15:58 bsd
ncftp /pub/OpenBSD/3.0/i386 >

These are the packs you can install. The ones which are _needed_:
bsd
etc30.tgz
base30.tgz

This accounts to ~28 megs. If you add compilers, man pages and misc (which you should) you get 52 megs. Not too much to download.

[CP]

Not a matter of size, I have to pay for international traffic. Well I do where I will be downloading it. I have found it on a NZ ftp server but don't know how often it is updated, and from looking at the OpenBSD site it doesn't look like they have a NZ mirror, which means it is unofficial and therefore unsupported. Am I right in that?
Also will my TNT2 work, and will my VIA based onboard soundcard work?

There's no official NZ mirror (there's one in australia though). You TNT2 card should work, but don't expect 3D, it's not what OpenBSD is about. I don't know about the VIA soundcard. I use OpenBSD for servers/firewall purposes only

[CP]

I don't really care about 3D, I just want to have a half decent looking system. And if it only supports it with 16 colours and at 640*480, then it would kind of make learning it painful. The sound isn't all that important either. I don't really need an official mirror though do I? If I found out what packages I wanted I could just download them individually couldn't I. And where are the best install instructions? Thanks for all the help

No you don't need an official mirror, just use the autralian one. The best guide is covered in the FAQ on www.openbsd.org . You can also try mine: http://darkhost.mine.nu:81/openbsd-en.html

[Ashcrow]

I am pretty sure the sound card should work fine but it will need to be configured. OpenBSD is the way to go!

And yeah, once your system is installed, you can download binary packages or use the ports system to add new applications.