> On 27 Sep 2015, at 22:38, Eric Furman <ericfur...@fastmail.net> wrote: > > You really don't get it. Running OpenBSD in a VM gives you no > security benefits of OpenBSD. Your base security will be your > host, in this case FreeBSD. And on top of that you are running > a very complex piece of software, the VM. Who knows what > security holes are in it.
I do get it. I guess you wrote this before reading my last reply. That explains the situation. Yes, the base security will be my host. Putting an OpenBSD VM on there does not (IMHO) significantly decrease the security of that host. I agree that it is adding complexities and there could be potentially unforeseen security issues due to the combination. e.g. something like OpenBSDâs ability to generate random number could somehow be affected by the underlying VM that would not be present on bare metal. Here is the actual blog post I wrote a while back about the setup: https://www.quernus.co.uk/2015/07/27/openbsd-as-freebsd-router/ <https://www.quernus.co.uk/2015/07/27/openbsd-as-freebsd-router/> The main goal of running OpenBSD in a VM was to provide easier configured and more convenient IPSEC tunnel termination than FreeBSD can offer out of the box. -Matt â Matt Hamilton Quernus m...@quernus.co.uk +44 117 325 3025 49b Easton Business Centre Felix Road, Easton Bristol, BS5 0HE Quernus Ltd is a company registered in England and Wales. Registered number: 09076246
