Title: Full list of services offered by a default OpenBSD installation | |
Author: Solène | |
Date: 16 February 2021 | |
Tags: openbsd70 openbsd unix | |
Description: | |
# Introduction | |
This article is about giving a short description of EVERY service | |
available as part of an OpenBSD default installation (= no package | |
installed). | |
From all this list, the following list is started by default: cron, | |
dhcpleased, pflogd, sndiod, openssh, ntpd, slaacd, resolvd, sshd, | |
spamlogd, syslogd and smtpd. Network related daemons smtpd (localhost | |
only), openssh and ntpd (as a client) are running. | |
# Service list | |
I extracted the list of base install services by looking at | |
/etc/rc.conf. | |
```shell command starting with a dollar sign meaning it should be run by a regu… | |
$ grep _flags /etc/rc.conf | cut -d '_' -f 1 | |
``` | |
## amd | |
This daemon is used to automatically mount a remote NFS server when | |
someone wants to access it, it can provide a replacement in case the | |
file system is not reachable. More information using "info amd". | |
amd man page | |
## apmd | |
This is the daemon responsible for frequency scaling. It is important | |
to run it on workstation and especially on laptop, it can also trigger | |
automatic suspend or hibernate in case of low battery. | |
apmd man page | |
apm man page | |
## bgpd | |
This is a BGP daemon that is used by network routers to exchanges about | |
routes with others routers. This is mainly what makes the Internet | |
work, every hosting company announces their IP ranges and how to reach | |
them, in returns they also receive the paths to connect to all others | |
addresses. | |
OpenBGPD website | |
## bootparamd | |
This daemon is used for diskless setups on a network, it provides | |
information about the client such as which NFS mount point to use for | |
swap or root devices. | |
Information about a diskless setup | |
## cron | |
This is a daemon that will read from each user cron tabs and the system | |
crontabs to run scheduled commands. User cron tabs are modified using | |
crontab command. | |
Cron man page | |
Crontab command | |
Crontab format | |
## dhcpd | |
This is a DHCP server used to automatically provide IPv4 addresses on | |
an network for systems using a DHCP client. | |
## dhcpleased | |
This is the new default DHCPv4 client service. It monitors multiples | |
interfaces and is able to handle more complicated setup than dhclient. | |
dhcpleased man page | |
## dhcrelay | |
This is a DHCP requests relay, used to on a network interface to relay | |
the requests to another interface. | |
## dvmrpd | |
This daemon is a multicast routing daemon, in case you need multicast | |
spanning to deploy it outside of your local LAN. This is mostly | |
replaced by PIM nowadays. | |
## eigrpd | |
This daemon is an Internal gateway link-state routing protocol, it is | |
like OSPF but compatible with CISCO. | |
## ftpd | |
This is a FTP server providing many features. While FTP is getting | |
abandoned and obsolete (certainly because it doesn't really play well | |
with NAT) it could be used to provide read/write anonymous access on a | |
directory (and many other things). | |
ftpd man page | |
## ftpproxy | |
This is a FTP proxy daemon that one is supposed to run on a NAT system, | |
this will automatically add PF rules to connect an incoming request to | |
the server behind the NAT. This is part of the FTP madness. | |
## ftpproxy6 | |
Same as above but for IPv6. Using IPv6 behind a NAT make no sense. | |
## hostapd | |
This is the daemon that turns OpenBSD into a WiFi access point. | |
hostapd man page | |
hostapd configuration file man page | |
## hotplugd | |
hotplugd is an amazing daemon that will trigger actions when devices | |
are connected or disconnected. This could be scripted to automatically | |
run a backup if some conditions are met like an usb disk inserted | |
matching a known name or mounting a drive. | |
hotplugd man page | |
## httpd | |
httpd is a HTTP(s) daemon which supports a few features like fastcgi | |
support, rewrite and SNI. While it doesn't have all the features a web | |
server like nginx has, it is able to host some PHP programs such as | |
nextcloud, roundcube mail or mediawiki. | |
httpd man page | |
httpd configuration file man page | |
## identd | |
Identd is a daemon for the Identification Protocol which returns the | |
login name of a user who initiatied a connection, this can be used on | |
IRC to authenticate which user started an IRC connection. | |
## ifstated | |
This is a daemon monitoring the state of network interfaces and which | |
can take actions upon changes. This can be used to trigger changes in | |
case of an interface losing connectivity. I used it to trigger a route | |
change to a 4G device in case a ping over uplink interface was failing. | |
ifstated man page | |
ifstated configuration file man page | |
## iked | |
This daemon is used to provide IKEv2 authentication for IPSec tunnel | |
establishment. | |
OpenBSD FAQ about VPN | |
## inetd | |
This daemon is often forgotten but is very useful. Inetd can listen on | |
TCP or UDP port and will run a command upon connection on the related | |
port, incoming data will be passed as standard input of the program and | |
program standard output will be returned to the client. This is an | |
easy way to turn a program into a network program, it is not widely | |
used because it doesn't scale well as the whole process of running a | |
new program upon every connection can push a system to its limit. | |
inetd man page | |
## isakmpd | |
This daemon is used to provide IKEv1 authentication for IPSec tunnel | |
establishment. | |
## iscsid | |
This daemon is an iSCSI initator which will connect to an iSCSI target | |
(let's call it a network block device) and expose it locally as a | |
/dev/vcsi device. OpenBSD doesn't provide a target iSCSI daemon in its | |
base system but there is one in ports. | |
## ldapd | |
This is a light LDAP server, offering version 3 of the protocol. | |
ldap client man page | |
ldapd daemon man page | |
ldapd daemon configuration file man page | |
## ldattach | |
This daemon allows to configure programs that are exposed as a serial | |
port, such as gps devices. | |
## ldomd | |
This daemon is specific to the sparc64 platform and provide services | |
for dom feature. | |
## lockd | |
This daemon is used as part of a NFS environment to support file | |
locking. | |
## ldpd | |
This daemon is used by MPLS routers to get labels. | |
## lpd | |
This daemon is used to manage print access to a line printer. | |
## mountd | |
This daemon is used by remote NFS client to give them information about | |
what the system is currently offering. The command showmount can be | |
used to see what mountd is currently exposing. | |
mountd man page | |
showmount man page | |
## mopd | |
This daemon is used to distribute MOP images, which seem related to | |
alpha and VAX architectures. | |
## mrouted | |
Similar to dvmrpd. | |
## nfsd | |
This server is used to service the NFS requests from NFS client. | |
Statistics about NFS (client or server) can be obtained from the | |
nfsstat command. | |
nfsd man page | |
nfsstat man page | |
## npppd | |
This daemon is used to establish connection using PPP but also to | |
create tunnels with L2TP, PPTP and PPPoE. PPP is used by some modems | |
to connect to the Internet. | |
## nsd | |
This daemon is an authoritative DNS nameserver, which mean it is | |
holding all information about a domain name and about the subdomains. | |
It receive queries from recursive servers such as unbound / unwind | |
etc... If you own a domain name and you want to manage it from your | |
system, this is what you want. | |
nsd man page | |
nsd configuration file man page | |
## ntpd | |
This daemon is a NTP service that keep the system clock at the correct | |
time, it can use ntp servers or sensors (like GPS) as time source but | |
also support using remote servers to challenge the time sources. It | |
can acts a daemon to provide time to other NTP client. | |
ntpd man page | |
## ospfd | |
It is a daemon for the OSPF routing protocol (Open Shortest Path | |
First). | |
## ospf6d | |
Same as above for IPv6. | |
## pflogd | |
This daemon is receiving packets from PF matching rules with a "log" | |
keyword and will store the data into a logfile that can be reused with | |
tcpdump later. Every packet in the logfile contains information about | |
which rule triggered it so it is very practical for analysis. | |
pflogd man page | |
tcpdump | |
## portmap | |
This daemon is used as part of a NFS environment. | |
## rad | |
This daemon is used on IPv6 routers to advertise routes so client can | |
automatically pick up routes. | |
## radiusd | |
This daemon is used to offer RADIUS protocol authentication. | |
## rarpd | |
This daemon is used for diskless setups in which it will help | |
associating an ARP address to an IP and hostname. | |
Information about a diskless setup | |
## rbootd | |
Per the man page, it says « rbootd services boot requests from | |
Hewlett-Packard workstation over LAN ». | |
## relayd | |
This daemon is used to accept incoming connections and distribute them | |
to backend. It supports many protocols and can act transparently, its | |
purpose is to have a front end that will dispatch connections to a list | |
of backend but also verify backend status. It has many uses and can | |
also be used in addition to httpd to add HTTP headers to a request, or | |
apply conditions on HTTP request headers to choose a backend. | |
relayd man page | |
relayd control tool man page | |
relayd configuration file man page | |
## resolvd | |
This daemon is used to manipulate the file /etc/resolv.conf depending | |
on multiple factors like configured DNS or stragegy change in unwind. | |
resolvd man page | |
## ripd | |
This is a routing daemon using an old protocol but widely supported. | |
## route6d | |
Same as above but for IPv6. | |
## sasyncd | |
This daemon is used to keep IPSec gateways synchronized in case of a | |
fallback required. This can be used with carp devices. | |
## sensorsd | |
This daemon gathers monitoring information from the hardware like | |
temperature or disk status. If a check exceeds a threshold, a command | |
can be run. | |
sensorsd man page | |
sensorsd configuration file man page | |
## slaacd | |
This service is a daemon that will automatically pick up auto IPv6 | |
configuration on the network. | |
## slowcgi | |
This daemon is used to expose a CGI program as a fastcgi service, | |
allowing httpd HTTP server to run CGI. This is an equivalent of inetd | |
but for fastcgi. | |
slowcgi man page | |
## smtpd | |
This daemon is the SMTP server that will be used to deliver mails | |
locally or to remote email server. | |
smtpd man page | |
smtpd configuration file man page | |
smtpd control command man page | |
## sndiod | |
This is the daemon handling sound from various sources. It also | |
support sending local sound to a remote sndiod server. | |
sndiod man page | |
sndiod control command man page | |
mixerctl man page to control an audio device | |
OpenBSD FAQ about multimedia devices | |
## snmpd | |
This daemon is a SNMP server exposing some system metrics to SNMP | |
client. | |
snmpd man page | |
snmpd configuration file man page | |
## spamd | |
This daemon acts as a fake server that will delay or block or pass | |
emails depending on some rules. This can be used to add IP to a block | |
list if they try to send an email to a specific address (like a | |
honeypot), pass emails from servers within an accept list or delay | |
connections for unknown servers (grey list) to make them and reconnect | |
a few times before passing the email to the SMTP server. This is a | |
quite effective way to prevent spam but it becomes less relevant as | |
sender use whole ranges of IP to send emails, meaning that if you want | |
to receive an email from a big email server, you will block server | |
X.Y.Z.1 but then X.Y.Z.2 will retry and so on, so none will pass the | |
grey list. | |
## spamlogd | |
This daemon is dedicated to the update of spamd whitelist. | |
## sshd | |
This is the well known ssh server. Allow secure connections to a shell | |
from remote client. It has many features that would gain from being | |
more well known, such as restrict commands per public key in the | |
~/.ssh/authorized_keys files or SFTP only chrooted accesses. | |
sshd man page | |
sshd configuration file man page | |
## statd | |
This daemon is used in NFS environment using lockd in order to check if | |
remote hosts are still alive. | |
## switchd | |
This daemon is used to control a switch pseudo device. | |
switch pseudo device man page | |
## syslogd | |
This is the logging server that receives messages from local programs | |
and store them in the according logfile. It can be configured to pipe | |
some messages to command, program like sshlockout uses this method to | |
learn about IP that must be blocked, but can also listen on the network | |
to aggregates logs from other machines. The program newsyslog is used | |
to rotate files (move a file, compress it and allow a new file to be | |
created and remove too old archives). Script can use the command | |
logger to send text to syslog. | |
syslogd man page | |
syslogd configuration file man page | |
newsyslog man page | |
logger man page | |
## tftpd | |
This daemon is a TFTP server, used to provide kernels over the network | |
for diskless machines or push files to appliances. | |
Information about a diskless setup | |
## tftpproxy | |
This daemon is used to manipulate the firewall PF to relay TFTP | |
requests to a TFTP server. | |
## unbound | |
This daemon is a recursive DNS server, this is the kind of server | |
listed in /etc/resolv.conf whose responsibility is to translate a fully | |
qualified domain name into the IP address behind, asking one server at | |
a time, for example, to ask www.dataswamp.org server, it is required | |
to ask the .org authoritative server where is the authoritative server | |
for dataswamp (within .org top domain), then dataswamp.org DNS server | |
will be asked what is the address of www.dataswamp.org. It can also | |
keep queries in cache and validates the queries and replies, it is a | |
good idea to have such a server on a LAN with many client to share the | |
queries cache. | |
unbound man page | |
unbound configuration file man page | |
## unwind | |
This daemon is a local recursive DNS server that will make its best to | |
give valid replies, it is designed for nomad users that may encounter | |
hostile environments like captive portals or dhcp offered DNS server | |
preventing DNSSEC to work etc.. Unwind polls a few DNS sources | |
(recursive from root servers, provided by dns, stub or DNS over TLS | |
server from configuration file) regularly and choose the fastest. It | |
will also act as a local cache and can't listen on the network to be | |
used by other clients. It also supports a list of blocked domains as | |
input. | |
unwind man page | |
unwind configuration file man page | |
unwind control command man page | |
## vmd | |
This is the daemon that allow to run virtual machines using vmm. As of | |
OpenBSD 6.9 it is capable of running OpenBSD and Linux guests without | |
graphical interface and only one core. | |
vmd man page | |
vmd configuration file man page | |
vmd control command man page | |
vmm driver man page | |
OpenBSD FAQ about virtualization | |
## watchdogd | |
This daemon is used to trigger watchdog timer devices if any. | |
## wsmoused | |
This daemon is used to provide a mouse support to the console. | |
## xenodm | |
This daemon is used to start the X server and allow users to | |
authenticate themselves and log in their session. | |
xenodm man page | |
## ypbind | |
This daemon is used with a Yellow Page (YP) server to keep and maintain | |
a binding information file. | |
## ypldap | |
This daemon offers a YP service using a LDAP backend. | |
## ypserv | |
This daemon is a YP server. |