New build of hbsdfw

12 views
Skip to first unread message

Shawn Webb

unread,
Nov 19, 2023, 2:00:00 PM11/19/23
to HardenedBSD Users
Hey all,

Just a quick note that a new build of hbsdfw is out. It's *LIGHTLY*
tested (major emphasis on LIGHTLY.) It's the first build based on
HardenedBSD 14-STABLE (prior builds were based on 13-STABLE.)

Default username: root
Default password: hbsdfw

If you're upgrading an existing hbsdfw or OPNsense install, your
procedures are as follows:

1. Back up your existing config
2. Reinstall
3. Restore your config

Reports back of successes and failures alike are very much
appreciated. Reports of "this works for me" are just as important as
"I'm having an issue with _____."

https://hardenedbsd.org/~shawn/hbsdfw/hbsdfw_installer_vga_14-20231119-080917.iso.xz

SHA256 (hbsdfw_installer_vga_14-20231119-080917.iso.xz) =
a964085c4e35afce9e4eae0c07e51416dbf44bb162821fe810759540b9abfd8e

$ wc -c hbsdfw_installer_vga_14-20231119-080917.iso.xz
1369998732 hbsdfw_installer_vga_14-20231119-080917.iso.xz

Thanks,

--
Shawn Webb
Cofounder / Security Engineer
HardenedBSD

https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc
signature.asc

Shawn Webb

unread,
Nov 19, 2023, 3:32:01 PM11/19/23
to HardenedBSD Users
On Sun, Nov 19, 2023 at 11:59:55AM -0700, Shawn Webb wrote:
> Hey all,
>
> Just a quick note that a new build of hbsdfw is out. It's *LIGHTLY*
> tested (major emphasis on LIGHTLY.) It's the first build based on
> HardenedBSD 14-STABLE (prior builds were based on 13-STABLE.)
>
> Default username: root
> Default password: hbsdfw
>
> If you're upgrading an existing hbsdfw or OPNsense install, your
> procedures are as follows:
>
> 1. Back up your existing config
> 2. Reinstall
> 3. Restore your config
>
> Reports back of successes and failures alike are very much
> appreciated. Reports of "this works for me" are just as important as
> "I'm having an issue with _____."
>
> https://hardenedbsd.org/~shawn/hbsdfw/hbsdfw_installer_vga_14-20231119-080917.iso.xz
>
> SHA256 (hbsdfw_installer_vga_14-20231119-080917.iso.xz) =
> a964085c4e35afce9e4eae0c07e51416dbf44bb162821fe810759540b9abfd8e
>
> $ wc -c hbsdfw_installer_vga_14-20231119-080917.iso.xz
> 1369998732 hbsdfw_installer_vga_14-20231119-080917.iso.xz

A little further testing revealed that Unbound is broken. I need to
update a Python script to take into account the switch from
HardenedBSD 13-STABLE to 14-STABLE.

So, if you use Unbound in your hbsdfw deployment, skip this build. If,
like me, you run Unbound (or another DNS resolver) on a separate
system, you're good.
signature.asc

Shawn Webb

unread,
Nov 20, 2023, 8:06:10 AM11/20/23
to HardenedBSD Users
A new build is out, which fixes the aliases issue:

https://hardenedbsd.org/~shawn/hbsdfw/hbsdfw_installer_vga_14.0-20231120-054335.iso.xz

SHA256 (hbsdfw_installer_vga_14.0-20231120-054335.iso.xz) =
e9697b4775b2887ea051bc1fce9fbb04482b0dd7d544e78dd269ca45cd94ff47

$ wc -c hbsdfw_installer_vga_14.0-20231120-054335.iso.xz
1369926736 hbsdfw_installer_vga_14.0-20231120-054335.iso.xz
signature.asc
Reply all
Reply to author
Forward
0 new messages