DEV Community

Cover image for Custom OpenBSD Droplet on DigitalOcean

Posted on • Updated on


Custom OpenBSD Droplet on DigitalOcean

* The cover image is originally by KevinYi and edited with great appreciation.


Hi : )
This post shows how to create OpenBSD droplet in DigitalOcean.

The process is simple and small:

  1. DigitalOcean Panel
    • Create FreeBSD drolpet with SSH login enabled.
  2. SSH
    • Download OS image.
    • Write it into the storage.
  3. DigitalOcean Droplet Console
    • Reboot and run the installer.

The detailed steps are below.

✿ ✿ ✿


DigitalOcean Panel

First of all, (sign up as needed and) sign in DigitalOcean.

Then, create FreeBSD droplet in the menu of DigitalOcean: "Create Droplets".

* Note: Both ufs and zfs are acceptable.

Remember to set up "Add your SSH keys".
Besides, we can generate the key via command line like this:

$ ssh-keygen -t rsa -C "%YOUR-EMAIL-ADDRESS%"
Enter fullscreen mode Exit fullscreen mode


Connect to the droplet as root or superusers with SSH client:

$ ssh -i ~/.ssh/%id_rsa% root@%YOUR-HOST%
Enter fullscreen mode Exit fullscreen mode

Download the installer image as minirootXX.fs file:

# fetch
miniroot65.fs                                 100% of 4800 kB   35 MBps 00m00s
Enter fullscreen mode Exit fullscreen mode

Then, stop swap:

# # case ufs:
# swapoff /dev/gpt/swap
# # case zfs:
# swapoff /dev/gpt/swap0
Enter fullscreen mode Exit fullscreen mode

Also, stop geom debugging in order to enable writing data into storage:

# sysctl kern.geom.debugflags=0x10
kern.geom.debugflags: 0 -> 16
Enter fullscreen mode Exit fullscreen mode

Write the installer image into the storage:

# dd if=miniroot65.fs of=/dev/vtbd0 bs=512k
9+1 records in
9+1 records out
4915200 bytes transferred in 0.032766 secs (150008149 bytes/sec)
Enter fullscreen mode Exit fullscreen mode

Are you ready to "Access console"?
Click this button to start DigitalOcean console:

panel image

Keep it open.

OK. Let's reboot the virtual machine.
Type this in your ssh session:

# reboot
Enter fullscreen mode Exit fullscreen mode

Now, ssh is finished.
Switch to DigitalOcean console.


DigitalOcean Droplet Console

Wait for the boot completion with DigitalOcean console open.
The OpenBSD installer will ask you which option to choose clearly as usual!

console image

* Tip: Choosing shell instead of install or autoinstall enables us to apply full disk encryption.
In order to do so, run the command like this (Excerpt) on the shell:
bioctl -c C -l /dev/sd0a softraid0
Run install afterwards.

When configuring networking with the installer, you need to use the value of "PUBLIC IP ADDRESS"/"GATEWAY"/"NETMASK" at the bottom of the console instead of DHCP and so on:

  • IPv4 address for vio0? = "PUBLIC IP ADDRESS"
  • Netmask for vio0? = "NETMASK"
  • Default IPv4 Route = "GATEWAY"
  • DNS nameservers: (For example)

You will get location of sets via http.

After all of the installation are finished and the virtual machine is rebooted, you would say "Hello, OpenBSD":


✿ ✿ ✿

I wish you enjoy happy computing with OpenBSD on DigitalOcean, the cool system and the cool service : )

Top comments (5)

0x746461 profile image

How do you mitigate the crypto password upon reboot when you cant access the web console?

nabbisen profile image

Hi, 0x746461,
I have checked the detail.
This is why I didn't have to enter the password to reboot the virtual machine.

I did twice; One is after running dd if=miniroot??.fs of=/dev/vtbd0 bs=512k. The other is after installation of OpenBSD.

  1. As to the former, I used ssh connection with client certification. This session started when running ssh -i ~/.ssh/%id_rsa% root@%YOUR-HOST% above. Additionally, DigitalOcean console is open then. (Well, I updated my post about it.)
  2. As to the latter, I used DigitalOcean console and just followed the installer.

I hope this would be the answer to your question.

nabbisen profile image

Hi, 0x746461.
Thank you for your question.
Excuse me, but would you tell me in which part of my tutorial you have trouble?
You can't click or run "Access console" to reboot the virtual machine?

0x746461 profile image

I didnt say I had a problem with the tutorial. I was wondering how you mitigate the necessity of having access to the console of the virtual machine to enter the password to unlock the disk upon every reboot.

Thread Thread
nabbisen profile image

Thank you for your detail.
I'll check it this week or next week!