3

I recently read this on the OpenBSD misc mailing list: 

"John Darrah" writes:
> Hi. Would it be possible to get SSL on the OpenBSD website(s)?
> It would be just a couple lines to change in nginx.conf/httpd.conf.
> SSL certificates are free from Startcom and cheap from other vendors.
> It would be really nice to have, even if it's not the default. I feel naked
> viewing the site over plain http. Thanks.

If you want encrypted access to the OpenBSD web site, do a CVS checkout and
view it locally...

I'm not a programmer, so that hint doesn't tell me how I can do this.

Warren Young
  • 71,107
  • 16
  • 178
  • 168
gasko peter
  • 5,434
  • 22
  • 83
  • 145

1 Answers1

5

It's all explained on the OpenBSD AnonCVS page. Specifically in this case:

$ cvs -d [email protected]:/cvs get www

This happens over SSH, hence the data copy is encrypted as promised in your quoted email exchange.

Once the site tree has downloaded, open www/index.html in your browser of choice.

When you later want to update the mirror, go into the www directory and say cvs up.

Warren Young
  • 71,107
  • 16
  • 178
  • 168
  • it breaks after a while with this: cvs [checkout aborted]: end of file from server (consult above messages if any) - why? – gasko peter Oct 13 '13 at 19:52
  • @gaskopeter: I tested the command before I posted it. It works just fine here. Are you copying it directly from the post above and running it as-is, without changes? If so, what's the output? – Warren Young Oct 13 '13 at 22:51
  • https://pastee.org/e552g – gasko peter Oct 14 '13 at 15:58
  • 1
    @gaskopeter: It appears to be some problem with the `anoncvs.ca.openbsd.org` machine. Just `cd www` and then say `cvs up` to make CVS check what it has locally and resume downloading what it doesn't yet have. If it fails again, retry `cvs up` as long as it continues giving you `U` or `A` lines, indicating that it's continuing to fetch new things. – Warren Young Oct 14 '13 at 16:19
  • @gaskopeter Also helpful is the OpenBSD FAQ, particularly http://www.openbsd.org/faq/faq5.html#BldGetSrc which talks about getting the source for building the OS by hand. – kurtm Oct 16 '13 at 04:04
  • Do not build from source until you know all details. OpenBSD is not Linux, where people feel exited when they have built their own kernel from source. Use binary snapshots and build from source only if you want to help with testing or you were told so. Advising to build from source would cause PEBKAC mails complaining about their own silly setup, OpenBSD devs is little army and their time could be spent better way then to reply such mails. – jirib Oct 16 '13 at 07:08
  • Yes, as Jiri said, OpenBSD != Linux. That whole section of the FAQ should be considered mandatory reading before proceeding. It tells you why and why not to try compiling things from source. And compiling your own kernel is okay, but changing from the default configuration is frowned upon. – kurtm Oct 16 '13 at 17:16