Basic Infrastructure:

/etc/hostname.x
	inet 192.168.4.x 255.255.255.0 NONE
/etc/mygate
	192.168.4.1
/etc/myname
	hostname
/etc/resolve.conf
	lookup file bind
	nameserver 192.168.4.1

--------------------------------------------------------------------------------

mkdir /home/spc/.ssh
scp .ssh/authorized_keys spc@newserver:/home/spc/.ssh
chmod -R 700 /home/spc/.ssh

--------------------------------------------------------------------------------

To install killall (required by vmware tools)
	pkg add ftp://path/to/packages/skill-x.x.tgz

/etc/profile
	PKG_PATH=ftp://ftp.openbsd.org/pub/OpenBSD/$(uname -r)/packages/i386/
	export PKG_PATH
		ftp://ftp.openbsd.org/pub/OpenBSD/4.0/packages/i386/
		ftp://openbsd.mirrors.pair.com/4.0/packages/i386/

pkg_add ftp://openbsd.mirrors.pair.com/3.8/packages/i386/pico-4.10.tgz
pkg_add ftp://openbsd.mirrors.pair.com/3.8/packages/i386/bash-3.0.16p1.tgz

Create User to SU root
	useradd -m spc
	usermod -G wheel spc
	passwd  spc
	chsh -s bash spc

sudoedit /etc/sudoers

spcsys: base.tgz
	cd /
	mv /tmp/base.tar.gz /
	tar xvfz base.tar.gz

	mv /etc/profile /etc/profile.bak
	ln -s /base/etc/profile.bsd  /etc/profile
	rm /etc/hosts
	ln -s /base/etc/hosts.bsd /etc/hosts

	/etc/motd
		rm /etc/motd
		ln -s /base/etc/motd.bsd  /etc/motd

/etc/motd is overwritten with /etc/rc:
	sysctl -n kern.version | sed 1q
	-> OpenBSD 3.8 (GENERIC) #138: Sat Sep 10 15:41:37 MDT 2005
	/etc/rc: (comment out)
		#if [ $? -eq 0 ]; then
		#        sysctl -n kern.version | sed 1q > $T
		#        echo "" >> $T
		#        sed '1,/^$/d' < /etc/motd >> $T
		#        cmp -s $T /etc/motd || cp $T /etc/motd
		#        rm -f $T
		#fi

/etc/rc.conf
	change httpd flags to ""
	httpd start

/etc/inetd.conf
	uncomment ftp
	inetd restart

pkg_add ftp://openbsd.mirrors.pair.com/3.8/packages/i386/gnuls-4.1p0.tgz
profile: alias ls='gls -F --color=auto' (should be in /base/etc/profile.bsd)

/etc/fstab
	/dev/fd0Ba  /mnt/floppy  ffs    rw,nosuid,noauto 0 0
	/dev/cd0a   /mnt/cdrom   cd9660 ro,nosuid,noauto 0 0

disable root logins via SSH
	make script to do the following:
	#/etc/ssh/sshd_config
		change: #PermitRootLogin yes (commented, but on by default)
		to:      PermitRootLogin no
	kill -HUP `cat /var/run/sshd.pid`


/root/.profile (comment out)
#PATH=...
#export PATH
#if [ -x /usr/bin/tset ]; then
#       eval `/usr/bin/tset -sQ \?$TERM`
#fi

/home/spc/.profile
#PATH=...
#export PATH
echo -n "proceed to root account? "; read ans
if [ "$ans" = "yes" -o "$ans" = "y" ]; then
        exec /usr/bin/sudo /usr/bin/su -
fi

--------------------------------------------------------------------------------

Install ports tree

	cd /usr
	ftp ftp://openbsd.mirrors.pair.com/3.8/ports.tar.gz
	tar -zxvf ports.tar.gz
	cd /usr/ports
		make search key="packagename"
	cd /usr/ports/path/to/package
		make show=FLAVORS
		env FLAVOR="no_x11" make

--------------------------------------------------------------------------------

Packages:

pkg_add ftp://openbsd.mirrors.pair.com/3.8/packages/i386/bash-3.0.16p1.tgz
pkg_add ftp://openbsd.mirrors.pair.com/3.8/packages/i386/pico-4.10.tgz
pkg_add ftp://openbsd.mirrors.pair.com/3.8/packages/i386/bzip2-1.0.3.tgz
pkg_add ftp://openbsd.mirrors.pair.com/3.8/packages/i386/cdrtools-2.01.tgz

pkg_add ftp://openbsd.mirrors.pair.com/3.8/packages/i386/nmap-3.81-no_x11.tgz
pkg_add ftp://openbsd.mirrors.pair.com/3.8/packages/i386/gnuls-4.1p0.tgz
pkg_add ftp://openbsd.mirrors.pair.com/3.8/packages/i386/openvpn-2.0.2.tgz
pkg_add ftp://openbsd.mirrors.pair.com/3.8/packages/i386/openvpn-2.0.4.tgz
pkg_add ftp://openbsd.mirrors.pair.com/3.8/packages/i386/nano-1.2.5.tgz

--------------------------------------------------------------------------------

Optional

Remove the 5 second pause at boot-time permanently, causing boot to load
the kernel immediately without prompting:
	# echo "boot" > /etc/boot.conf

Install additional filesets:
	# cd /
	# tar xzvpf comp38.tgz
Do NOT forget the 'p' option in the above command in order to restore the
file permissions properly!

OLDER INFORMATION < OpenBSD 3.2

Install basic support packages (get via ftp):

	# pkg_add bash-x.x.tgz
	# echo /usr/local/bin/bash >>/etc/shells
	# pkg_add pico-x.x.tgz

Packages commonly added:

	# pkg_add nmap-2.54b25-no_x11.tgz

	If you MUST have pico you can:
		$ cd /usr/ports/mail/pine
		$ make NO_IGNORE=Yes SUBPACKAGE=-pico
	 	$ su
		# make NO_IGNORE=Yes SUBPACKAGE=-pico install

Configure a basic environment:

	edit /etc/inetd.conf and remove comment symbol (#) from
	telnet daemon and run network up script.

	# sh /etc/netstart

Filesystems and drives:

	CDROM device: /dev/cd0a or /dev/cd0c
	mount_cd9660 /dev/cd0c /mnt/cdrom
	mount -t cd9660 /dev/cd0c /mnt/cdrom

Adjust date and time:

	Set the current date to January 27th, 1999 3:04pm
	# date YYYYMMDDHHMM
	# date 199901271504

Control Apache httpd:

	apachectl stop && apachectl start

By default OpenBSD 3.8 now encryptes the swap partition.
To turn this on for OpenBSD 3.7:
Change the kernel state variable
	sysctl -w vm.swapencrypt.enable=1 
/etc/sysctl.conf
	vm.swapencrypt.enable=1  (just uncomment)