Note that this is based on Joel Carnat's Cruising a VPS at OpenBSD Amsterdam which is a very good guide to getting up and running. There were just a few things that I tripped over along the way, but if you have any questions I don't answer, that's a good place to go look for answers.

Booking Your VM

The first thing you need to do is click the Book your VM yellow button on OpenBSD Amsterdam. Note that this won't ask for payment up front, just technical details for the VPS, plus a public SSH key so you can get in. Also, be aware that the form is processed manually by Mischa, so there may be a delay, depending on what time of day you book the VM.

Here's a list of the information required: * Your name * Your email address * A public SSH key used for accessing your VM * The hostname for your VM. You can change this later, but the default DNS that Mischa configures for your VM will be hostname.openbsd.amsterdam * Default username on your VM. Again, you can change this, but this will be the way you get in the first time. * RAM and HDD configuration options * A note * Your VAT number if applicable

Paying

Once you receive the email from Mischa, it includes all the information needed to get into your VM. But rather than diving right in, you should pay for your VM so you don't forget in all the excitement of getting something new running.

Once you've paid, ssh into your VM. Directions are included in the onboarding email, but it wasn't entirely clear to me that I could simply ssh username@hostname.openbsd.amsterdam but you can. Or you can use the IPv4 or IPv6 address included in the email, which is what I did initially.

You can also ssh into the host rather than your VM, using the same username and SSH key and the port number provided in the email. No need to do that just yet, though. See “Connecting to the console” for that.

Initial Configuration

The random password for root on your VM is appended to the end of the ssh key you provided, so you may need to take a look at that, but as the first thing you do on your VM should be to change that, you don't need to.

ssh username@hostname.openbsd.amsterdam cat ~/.ssh/authorized_keys su - passwd root

At this point, set the new root password for your VM. Then you'll configure doas

cat > /etc/doas.conf permit keepenv persist :wheel permit nopass root ^D

Note that when actually using doas you will be prompted for the password on your account. It's probably simplest to set that password to something you'll remember and can type at this point.

passwd username

And now it's time to update your system. There is much more information available in the Upgrade your VM page.

sysupgrade syspatch reboot

Connecting to the console

Since you've restarted your VM, now you're waiting for it to reboot. The upgrade page has a section titled “Connect to the console” which will cover the details. Note that you will need the root password mentioned above at the start of the “Initial Configuration” section (or what you changed it to) if you want to do anything more than passively watch your VM rebooting.

The main time you're going to need to connect to the console will be if you Full Disk Encrypt (FDE) your VM, or if you attempt to upgrade and something goes wrong, but I've found that I just don't use the console on the host much.

Joel has more details on connecting to and using the console on his page.

Enjoy!

With that, your VPS should be up and running. Your next steps will depend on what you're planning to do with it, but for me, the very next step was configuring DNS to point to it and waiting for that to propagate, and then setting up the PTR records, which is well-documented. If you have untrusted users on your system, you'll want to protect your PTR as well, and even block access to the PTR daemon using firewall rules.

#tech #OpenBSD

Discuss... Reply to this in the fediverse: @davepolaschek@writing.exchange