OpenBSD has received a milestone release. What kind of OS is it and why do specialists value it?

      OpenBSD 7.9 has become the 60th release of the project. For administrators, network engineers, and security specialists, there is a reason to take another look at one of the most stubborn operating systems in open source.

      The new version does not feature flashy user functions. However, there are important infrastructure updates. OpenBSD 7.9 has gained support for up to 255 processor cores on amd64, basic support for Wi-Fi 6, improvements for RISC-V and ARM, deferred hibernation, OpenSSH 10.3, and LibreSSL 4.3.1. The project is gradually bringing the system up to modern hardware and updating components that are critical for infrastructure security. The main principle remains the same: nothing unnecessary and more control.

      OpenBSD is a free UNIX-like operating system from the BSD family. It is not Linux and not a Linux distribution. The project has its own kernel, base system, set of utilities, and development culture. Linux has become a universal environment for servers, clouds, containers, and workstations. OpenBSD has chosen a different role. It is a system for tasks where network, security, control, and predictability are important.

      An important distinction is that OpenBSD develops as a cohesive base system. The kernel, system utilities, documentation, and configurations follow a single project logic. For the administrator, this means fewer heterogeneous layers and a more predictable environment.

      OpenBSD is valued for its neat code, restrained architecture, and detailed documentation. Security here starts not with external protective measures, but with the system itself. The base installation includes a minimum of services, and key mechanisms limit the rights of individual components. For this, the project uses privilege separation, W^X, pledge, and unveil. The idea is simple. If one component fails, it should not gain more access than it really needs.

      OpenBSD is more commonly found not on personal computers, but in infrastructure. Its typical environment includes firewalls, VPN gateways, border nodes, bastion hosts, secure servers, and information security labs. As a desktop, it is also possible, but this is more of a choice for enthusiasts than a mass scenario.

      The influence of OpenBSD extends beyond the system itself. The main example is OpenSSH, the standard tool for secure remote access to servers. It is hard to imagine modern administration without it. OpenBSD has been installed by few, but a significant part of server infrastructure operates daily with technologies that have grown from this project.

      What has changed in OpenBSD 7.9

      OpenBSD 7.9 improves performance with modern processors, networking equipment, and new architectures. Components responsible for secure access and encryption have also been updated.

      On amd64, support for up to 255 processor cores is now available. The scheduler has received a mechanism for selectively disabling specific classes of cores via hw.blockcpu. This is useful for modern processors, where cores may differ in performance and power consumption.

      For laptops, deferred hibernation has been added. If the device is in sleep mode and the battery is nearly drained, the system can enter hibernation. This reduces the risk of sudden shutdowns and data corruption.

      Version 7.9 has introduced basic support for Wi-Fi 6. Support for RISC-V and ARM has been expanded, so OpenBSD continues to keep pace with changes in hardware while maintaining a cautious approach to compatibility.

      The release includes OpenSSH 10.3 and LibreSSL 4.3.1. These are key components for secure remote access, encryption, and basic system security.

      Why OpenBSD is needed

      OpenBSD does not compete with mass operating systems for users. It is a system for infrastructure, where clear configurations, a small set of components, and a minimum of hidden processes are important.

      One reason for this niche is PF. This is the built-in packet filter of OpenBSD, which is used for firewalls, NAT, routing, and network traffic control. Therefore, the system fits well into networking scenarios.

      Firewalls, VPN gateways, border servers, and bastion hosts must operate predictably. Here, an extra service or non-obvious automation can become a problem. OpenBSD is designed for such scenarios.

      The system does not relieve the administrator of responsibility. On the contrary, it requires understanding what is installed, which services are enabled, how permissions and network rules are configured. This is not very convenient for the mass market. For security, it is often an advantage.

      Read also

      Import substitution no longer saves Russian software

      The Russian market received a blank check that it could only dream of. Western suppliers left, licenses guaranteed nothing, risks grew, businesses urgently sought replacements, and the government supported this in every way. But import substitution gave Russian software a chance, but did not make it a competitive product.

      OpenBSD is not for office laptops and not for the mass user. It is installed where unnecessary surprises are not wanted. Fewer services, fewer dependencies, less hidden automation. This is its niche and its practical meaning.

      Why minimalism looks modern again

      OpenBSD can easily be mistaken for a system from the past. It lacks a modern interface, an application marketplace, and built-in AI functions. But as platforms become more complex, the cost of unnecessary components, opaque settings, and automated solutions increases.

      This is especially important for infrastructure. Each unnecessary service needs to be updated, checked, configured, secured from external access, and considered in the threat model. Each dependency can introduce an error or vulnerability.

      OpenBSD responds to this by reducing complexity. The base installation has less unnecessary stuff. Configuration is read directly. Documentation describes the actual behavior of the system.

      This approach has a cost. OpenBSD is not the best choice for those who need maximum hardware support, a familiar desktop, and a wide selection of ready-made software. The system requires more manual understanding and is less forgiving of accidental configuration. Therefore, its audience is narrower than that of popular Linux distributions.

      OpenBSD 7.9 shows that the system has not stagnated in the past, but it also does not change its character. It updates the base layer, hardware support, and security components while maintaining the previous logic. The less unnecessary, the easier it is to control the infrastructure.

      OpenBSD will not become a mass operating system. Its value lies elsewhere. It reminds us that in infrastructure, sometimes it is more important not to add a new capability, but to remove everything that can be done without. In the era of complex platforms, this is yet another way to reduce risk.