azarus' page

Why I switched to OpenBSD

Date: 2017-12-26

I've always had a thing for simple, concise and readable software. In fact, my favourite pieces of software are from the suckless project, especially st, the terminal emulator and dwm, the dynamic window manager.

Now, I've grown rather disappointed in the Linux desktop. The few remaining somewhat "sane" distros (Gentoo, Artix, Void) are good, but they still don't really make me all that happy anymore. Lacklustre/bad documentation for common programs (*don't* get me started on `info`), bloated GNU utilities everywhere, and the whole philosophy doesn't appeal to me anymore. The Linux kernel grows everyday, with code of rather questionable quality. And userspace isn't looking good, either. We have PulseAudio, systemd, glibc becoming somewhat necessary for a normal desktop. One can always use alternatives, like I did for a while, with just plain ALSA, OpenRC and musl libc, but it just becomes a constant hassle to be fixing everything all the time. For example, Firefox dropped ALSA support and it left me either installing a compatibility shim, called apulse, or completely migrating to PulseAudio, which I'd really rather not!

After quite some consideration, I decided to give the *BSDs a try. First, I tried FreeBSD, and here's a great guide for the FreeBSD desktop. FreeBSD has quite some neat features, like native ZFS, jails and bhyve! I read through most of the FreeBSD handbook, fixed some issues in the German translation, and installed it on one of my spare SSDs on my trusty, corebooted X230. It was quite nice, and just about everything worked without too much tinkering (I was suprised!), but there were some minor niggles, like fiddly WiFi (which wasn't a complete deal-breaker for me).

And as such, I decided to give OpenBSD a go. OpenBSD's philosophy appeals to me very strongly. They believe in strong security, and their aspiration is to be the *number one* in the industry for security. They also believe in full disclosure, frequent source code audits, and they make frequent security innovations they are the source of programs that I can barely live without (OpenSSH and tmux are notable examples). After installing the most recent OpenBSD snapshot with full disk encryption on my laptop, I was positively amazed. Up-to-date versions of all the software I use were available as binary packages, networking was a piece of cake to setup (a failover bridge with my wired and wireless interface allows me to never miss a packet when I dock and undock my laptop), documentation was delightful (actually useful manpages), xenocara (the OpenBSD fork of worked without any tweaking, my games worked (emulators are available for almost every console) all the suckless software I have compiled without any hiccups and the community was very helpful if I had any issues and they have the same affinity for simple, secure software that I have.

Yesterday, I switched my VPS (from which you're reading this page) to OpenBSD as well. It took some tweaking to work from my VPS provider, but it was worth it. Prosody (the XMPP server I'm using) works just as well on OpenBSD as it does on Linux, and OpenBSD httpd is a perfect fit for this website. It's small, simple, secure by default, and easy to configure.

The only machine I haven't switched over is my main desktop computer. The reasons I haven't are that OpenBSD doesn't yet have good drivers for my AMD GPU, and that Wine doesn't work on OpenBSD.