Note that the information in some older books may no longer be accurate or relevant to modern OpenBSD.
"I think we're gonna need a bigger web server."
OpenBSD has a solid reputation for security and stability. It's well known for the OpenSMTPd mail server, the LibreSSL cryptography library, and the PF packet filter. But nobody ever talks about the load balancer, or the web server.
Until now.
The httpd web server provides a fast, stable, secure environment for your web applications. The relayd load balancer lets you distribute Internet application load across multiple hosts. Between the two, you can slash hundreds of thousands of dollars off the cost of building, deploying, and managing applications.
The first sentence of this book is "This is a book about building the network you need." Taking it from there, Peter walks you through the whys and the hows of building the high performance, low maintenance network you need, using OpenBSD tools. The book covers all bases, from the basic one machine configuration and basic local area networks, all the way up to configurations with traffic shaping and load balancing with "self-healing" networks and countermeasures against common problems such as DoS attempts and spamming. A basic understanding of TCP/IP and some Unix knowledge is assumed. The official book website for a sample chapter, table of contents and errata can be found here.
A guide to what you need to know about SSH. This book will help you eliminate passwords on your network, tunnel unencrypted protocols through secure channels, build VPNs with OpenSSH, and more. Focuses on the OpenSSH server, the OpenSSH client, and the PuTTY client. Michael W. Lucas is the author of Absolute OpenBSD and other BSD books. The official SSH Mastery 2nd edition website is here.
Michael W. Lucas brings us the long anticipated second edition of his wildly successful book about using OpenBSD. This book covers all aspects of the OpenBSD system for new UNIX and BSD users alike. The official Absolute OpenBSD 2nd edition website is here.
A guide for system and network administrators who need to move to a more secure operating system and a reference for seasoned OpenBSD users who want to fully exploit every feature of the system. This book covers all aspects of OpenBSD, including systrace, Kerberos V, IPv6 and IPsec, and the development environment.
Unix-like operating systems use a rudimentary access control system: the root account can do anything, while other users are peasants with only minimal access. This worked fine in UNIX's youth, but today, system administration responsibilities are spread among many people and applications. Different people may need different slices of root's power. However pros and cons are considered as well. This book also thoroughly covers sudo's extended features. The official Sudo Mastery website is here.
DNS is one of the oldest protocols on the Internet, and was designed for a network without hostile users. Anyone who wants to break into a network starts by investigating the target's Domain Name Service.
In addition to providing a manual for BIND, this book thoroughly targets the extensions which are available in the port net/isc-bind. DNS Security Extensions, or DNSSEC, harden DNS. But learning DNSSEC requires wading through years of obsolete tutorials, dead ends, and inscrutable standards. Strengths and weaknesses of DNSSEC are discussed.
The official DNSSEC Mastery website is here.
ssldump, a utility that can be
used to monitor SSL connections.
He has written several commercial and free SSL implementations.