Admin Forces Training

OpenBSD Jumpstart
OpenBSD IntroBSDIntroduction to OpenBSD 
Configure doasBSDExecute commands as root 
Patch your systemBSDPatch your system 
Update firmwareBSDUpdate firmware 
Installing PackagesBSDInstall new software 
Good QuestionsCivicsHow to Ask Good Questions 
IRCNow Mailing ListsCivicsSign up to IRCNow Mailing listsExtend VPS for 1 week
Self-AdminCivicsAdmin your network 
Login classesBSDConfigure login classes 
netcat IRCNetworkTroubleshoot IRC with netcat 
netcatNetworkTroubleshoot applications with netcat 
rcctlBSDStart services automaticallyExtend VPS 1 week
Web Server
Freedom to ForkCivicsFreedom to Fork 
Intro to ChrootBSDLearn about Chroots 
Simple OpenHTTPdWebHost your own web server 
OpenHTTPd WebsiteWebSet up your websiteExtend VPS 1 week
netcat HTTPNetworkTroubleshoot webserver with netcat 
Telnet HTTPNetworkTroubleshoot webserver with telnet 
acme-clientSecurityRequest an SSL cert 
OpenHTTPd TLSWebProvide TLS for webpages 
OpenSSL HTTPNetworkTest TLS for webpages with OpenSSL 
Save OpenSSL certNetworkSave OpenSSL cert 
Multi-user OpenHTTPdWebConfigure webserver for multiple domains 
Open ProxiesWebAvoid blacklists by closing open proxies 
OpenHTTPd ChrootWebOpenHTTPd chroot environment 
OpenHTTPd PerlWebInstall Perl inside OpenHTTPd chrootExtend VPS 1 week
slowcgi?WebConfigure slowcgi 
TLS overview?NetworkTLS introduction 
TLS overview?NetworkTLS overview 
Certificate AuthoritiesNetworkTLS Certificate Authorities 
Free PressCivicsFreedom of Speech and of the Press 
DogfoodingCivicsEat your own dogfood 
IRC Bouncer
Software FreedomCivicsSoftware Freedom 
TLS AccelerationSecurityProvide TLS for multiple services 
TLS Acceleration (multiple)SecurityEncrypt traffic with TLS for multiple services 
TCP/IP Networking
Religious LibertyCivicsFreedom of Religion 
TCP/IP NetworkingNetworkLearn Basics of TCP/IP 
IPv4 NetworkingNetworkLearn IPv4 Networking 
IPv6 NetworkingNetworkLearn IPv6 Networking 
TCP/IP sockets?NetworkLearn Basics of TCP/IP sockets 
IP netmasks?NetworkLearn Basics of IP netmasks 
TCP/UDP ports?NetworkLearn Basics of TCP/UDP ports 
My IP AddressNetworkWhat's my IP Address? 
tcpbench?NetworkBenchmark TCP/IP throughput 
pingNetworkTroubleshoot networking with ping 
traceroute?NetworkTrace packet route 
digNetworkTroubleshoot DNS servers and recordsExtend VPS 1 week
ifconfig?Networkifconfig guide 
Changing addressesNetworkChanging network addresses 
Static NetworkingNetwork 
Autoconf NetworkingNetwork 
Configure ifstated?NetworkConfigure ifstated 
arp?NetworkAddress resolution protocol 
ndp?NetworkNeighbor discovery protocol 
resolv.conf?NetworkConfiguring resolv.conf 
resolvd?NetworkUsing resolvd 
RouteNetworkConfigure route paths 
hostname.if routeNetworkAdd routes to hostname.if at bootup 
netstat?NetworkShow network status 
Route source addressNetworkConfigure routing source addressExtend VPS 1 week
hostapNetworkSet up Host Access Point 
hostapd?NetworkSynchronize Host Access Points 
Packet Filter
Open For EveryoneCivics  
pf.conf?NetworkConfigure Packet Filter 
Packet FilterNetworkSetup firewall with Packet Filter 
DDoS DefenseNetworkDefend against DDoS Attacks 
tcpdumpNetworkRead network packets 
SSDP attackNetwork  
TCP ack floodNetwork  
TCP reset floodNetwork  
UDP FloodNetwork  
amplification attackNetwork  
PF StableNetworkSample PF Firewall for Stable 
PF TestingNetworkSample PF Firewall for Testing 
Packet FilterNetworkPF GuideExtend VPS 1 week
pfctl?NetworkPF GuideControl packet filter
WiFiNetworkConfigure WiFi 
WiFi to EthernetNetworkWiFi to Ethernet 
bridge?NetworkBridge interface 
vlanNetworkvlan interface 
vebNetworkveb interface 
vetherNetworkVirtual Ethernet interface 
carp?NetworkCARP interface 
gre?NetworkGRE interface 
mgre?NetworkMGRE interface 
egre?NetworkEGRE interface 
eoip?Networkeoip interface 
etherip?Networketherip interface 
vxlan?Networkvxlan interface 
mpe?Networkmpe interface 
mpip?Networkmpip interface 
mpw?Networkmpw interface 
bpe?Networkbpe interface 
pppoe?Networkpppoe interface 
sppp?Networksppp interface 
tpmr?Networktpmr interface 
tpmr?Networktrunk interface 
aggr?Networkaggr interface 
urndis?Networkurndis interface 
pflow?Networkpflow interface 
pfsync?Networkpfsync interface 
6-in-4 gre (vmm)NetworkTunnel IPv6 inside IPv4 with GRE (vmm) 
6-in-4 greNetworkTunnel IPv6 inside IPv4 with GRE 
4-in-6 gre?NetworkTunnel IPv4 inside IPv6 with GRE 
wg?NetworkWireGuard interface 
tap?NetworkEthernet tunnel pseudo-device interface 
tun?NetworkNetwork tunnel pseudo-device interface 
Domain Name Lookup
DNS OverviewDNSLearn the Domain Name System 
unwindNetworkValidating DNS resolver 
unboundDNSConfigure a local caching nameserver 
DNSSec for Unbound?DNSAdd DNSSec for unbound 
digDNSTroubleshoot DNS records with dig 
hostDNSTroubleshoot DNS records with host 
hostnameDNSSet hostname 
Configure /etc/hostsBSDHost and network name databaseApply for IRC operator
Name Server
Become a NetizenCivics  
Netizen RightsCivics  
DNS RecordsDNSUnderstand DNS record types 
Name RegistrarsDNSChoose a name registrar 
Configure NSDDNSConfigure name server for custom domains 
Zone FileDNS  
NSD ZoneDNS Extend VPS 1 week
nsd master slaveDNS  
Troubleshooting NSDDNS  
rDNSDNSConfigure reverse DNS for vhosts and email 
IPv4 rDNSDNSConfigure IPv4 reverse DNS 
IPv6 rDNSDNSConfigure IPv6 reverse DNSExtend VPS 1 week
Unix Work EthicCivics  
vhostDNSCreate custom vhost 
identdSecurityProvide ident to stop abuse 
Mail Server
OpenSMTPdMailConfigure your mail server 
DNS for MailMailCreate DNS records for email 
SPFMailConfigure SPF records to avoid the spam folder 
DKIMMailConfigure DKIM records to avoid the SPAM folder 
DMARCMailConfigure DMARC records to block phishing and spam 
netcat SMTPNetworkTroubleshoot SMTP with netcat 
SMTP TestingMailSend a test letter 
Getting inboxedMailGetting inboxed 
Open Mail RelayMailBlock open mail relay to avoid sending spam 
smtp?MailSMTP client 
spamd?MailConfigure spam filter 
aliases?MailConfigure aliases for mail 
Simple Network Management Protocol
snmpd?SNMPConfigure SNMPd 
snmp?SNMPConfigure SNMP 
ldapd?LDAPConfigure ldapd 
Servers' RightsCivicsServers' Rights 
Minutemin's CodeCivicsRecite the Code of Honor 
Version Control
Call of DutyCivicsThe Call of Duty 
Restore from CVSwebCodeLearn how to restore files with CVSweb 
gotCodeSet up got version control (clone of git) 
got repoCodeSet up got repo 
got serverCodeSet up got server 
got mirrorCodeSet up got mirror 
gotwebCodeSet up got web accessExtend VPS 1 week
Disk Setup and Backups
Minutemin's ServerCivicsThe Minutemin's Server 
dumpBSDBackup a partition 
openrsyncBSDBackup and sync files 
fdiskBSDPartition Hard Disk 
disklabelBSDEdit Partitions 
disklabel partitioningBSDPartition New Hard Disk 
newfsBSDConstruct a new filesystem 
mountBSDMount partitions 
newdiskBSDAdd a New Hard Disk 
mfs?BSDConstruct a memory-based filesystem 
FFSBSDLearn about the Fast Filesystem 
fsck?BSDFilesystem check consistency check 
quotaBSDEdit disk quotas 
growfsBSDGrow a Disk PartitionGet shell account on server
softraidBSDConfiguring software RAID 
Rebuild softraidBSDRebuilding software RAID 
File servers
nfsd?BSDConfigure NFS 
nfsd?BSDServe files over NFS 
mount_nfsBSDMount NFS filesystems 
nfsd?BSDAutomatically mount NFS filesystems 
ftpd?BSDServe files over FTP 
tftpd?BSDServe files over TFTP 
Text Processing
sed?BSDsed scripting 
awk?BSDawk scripting 
Shell Scripting
ksh intro?BSDshell scripting 
perl introBSDperl scripting 
Virtual Machine
VMM IntroBSDIntro to the VMM Hypervisor 
Vmctl User GuideBSDControl your VPS 
cu?BSDSerial terminal emulator 
Add disk to VM?BSDAdd new storage disk to VPS 
Reinstall VMBSDReinstall OpenBSD inside VMM 
Install OpenBSD inside VMMBSDInstall OpenBSD inside VMM 
Install OpenBSDBSDInstall OpenBSD 
Upgrade OpenBSDBSDUpgrade to OpenBSD 
OpenBSD SysupgradeBSDSysupgrade to OpenBSD 
Vmm SysupgradeBSDSysupgrade OpenBSD VMM Host 
sysmerge?BSDMerge conf files after upgrade 
bsd.rdBSDInstall/Upgrade/Repair with Ramdisk 
Single User ModeBSDBoot OpenBSD into single user mode 
Reset root passwordBSDReset root password 
VMM Hosting
Configure VMMNetworkOffer Hosting with VMM 
Hosting ProvidersNetworkChoose a Hosting Provider 
Configure DHCP serverNetworkConfigure DHCP server 
Configure rad serverNetworkSet up Router Advertisements for IPv6 
Configure slaacd daemon?NetworkConfigure slaacd daemon 
diskless?BSDRun OpenBSD on diskless systemsAcquire admin access
System Administration
edBSDed text editor 
tar?BSDTape archives 
Change editorBSDChange default editor 
ksh historyBSDAdd history for shell commands 
Editing crontabBSDEditing crontab 
group?BSDManage groups 
localtimeBSDSet time zone 
Write image to usbBSDWrite image to USB 
symbolic linksBSDCreate symbolic links 
fstabBSDEdit filesystem table 
dmesgBSDDisplay system message buffer 
hierBSDOpenBSD filesystem hierarchy 
psBSDMonitor Processes 
renice?BSDRenice processes 
fstat?NetworkShow file status 
fuser?NetworkShow process using a file 
killBSDSend signals to processes 
kernel panicsBSDDealing with kernel panics 
sysctlBSDGetting and setting kernel state 
swapctlBSDManage system swap space 
OOM errorBSDOut of memory error 
atactlBSDGet disk information 
vipwBSDEdit the password fileExtend VPS 1 week
System Logging
syslogdBSDConfigure system logging 
Remote syslogdBSDConfigure remote system logging 
newsyslog?BSDLog rotation 
System Logging
OpenBSD mailing list?BSDOpenBSD mailing list 
IndependenceCivicsDeclaration of Network Independence 
ConstitutionCivicsRead the Constitution and Bill of Rights 
United We ServeCivics  
PrivacyCivicsRight to Privacy 
Homestead VPSCivics  
Made on IRCCivics  
The Startup DreamCivics  
Due ProcessCivics  
Checks and BalancesCivics  
Rule by LawCivics Extend VPS 1 week
portsBSDInstall software from ports tree 
pkg_add updates?BSDKeep software updated 
ntpdNetworkUpdate date and time from network automaticallyExtend VPS 1 week
Stopping Abuse
Abuse Guide?SecurityInvestigation techniques to report criminals 
Team SecuritySecurityPrevent security leaksExtend VPS 1 week
Manage PasswordsShellCreate secure passwords 
Encrypt FilesShellEncrypt files with OpenSSL 
signifySecurityVerify OpenBSD software 
limitsSecuritySetting resource limits 
File PermissionsSecurityFix insecure file permissionsExtend VPS 1 week
pledgeSecurityRestrict system operations 
unveilSecurityUnveil parts of restricted filesystems 
setuidSecurityAudit setuid root binaries 
security?SecuritySecurity checks 
securitySecurityTeam security 
Configure vlanNetworkConfigure vlan 
pair?NetworkConfigure pair interface 
Configure veb?NetworkConfigure veb 
Configure bridge?NetworkConfigure bridge 
Configure natNetworkConfigure NAT 
Static routingNetworkConfigure static routing 
RIPdNetworkConfigure RIPd 
route6d?NetworkConfigure route6d 
OSPFdNetworkConfigure OSPFd 
BGPdNetworkConfigure BGPd 
Configure DHCP serverNetwork  
DVMRPd?NetworkConfigure DVMRPd 
mrouted?NetworkConfigure Multicast Routing 
Configure RADIUS server?NetworkConfigure RADIUS server 
Configure npppd server?NetworkConfigure npppd server 
Configure DHCP client?Network  
VPNs and Proxies
ikedNetworkProvide Roadwarrio IPSec VPNs 
VPN clientsSecurityConfigure IPSec VPN client 
Test VPNSecurityTest IP address behind VPN 
site-to-site ikedSecurityProvide site-to-site IPSec 
Secure Shell
sshdSecurityConfigure and start sshd 
ssh fingerprintsSecurityVerify SSH fingerprints 
ssh agent?SecurityConfigure ssh agent 
OpenSSHSecurityConfigure ssh and connect securely 
Generate SSH KeysSecurityGenerate SSH keysExtend VPS 1 week
SSH keysSecurityVerify ssh keys 
SSH backdoorSecurityConfigure ssh side channel to avoid DDoS 
Chroot SFTPSecurityConfigure sftp inside a chroot 
Chroot sshdNetworkConfigure ssh users inside a chroot 
Chroot openrsyncNetworkConfigure openrsync inside a chrootExtend VPS 1 week
Further Reading
OpenBSD BooksBSDOpenBSD recommended reading 
Unix BooksBSDUnix recommended reading 
Welcome to the TeamCivicsLearn Team Responsibilities 
Testing ServersCivicsLearn Team Procedure for Testing 
AnnouncementsCivicsAnnounce downtime and updates for usersExtend VPS 1 week