Admin area

Unix BSD 4.3 Install on Qemu 386

Thursday, September 24, 2020


A practical approach for the Qemu 386 install of the 1986 operating system from Berkeley Systems Distribution, Unix 4.3BSD. Installing and running an original vintage Unix system is a great point of reference concerning the study and appreciation of operating systems. The audience is experienced Unix and Linux administrators.


The copyright declaration as seen inside the mounted ISO download:

ramses@pc1:/u1/qemu/bsd4.3/a$ cat COPYRGHT 

BSD/OS Release 4.3
Copyright 2001 Wind River Systems, Inc.
Copyright 1992,1993,1994,1995,1996,1997,1998,1999,2000,2001
	Berkeley Software Design, Inc.

Portions Copyright by other entities, see individual modules for details.

Use of this software is governed by the Wind River Systems, Inc.
Software License.

If you do not accept the terms of this license, immediately return the
distribution to the place of purchase for a full refund. Further
use of the software will be considered to be acceptance of the terms
of the license.

A Little History

For the past several years there’s been a resurgence of interest in running original classic Unix versions. Year 2019 was especially significant, being the 50th anniversary of Unix. Historical software collectors and museums are again running the first Unix versions from the early 1970’s. The original version of 1969 was called Unics (Uniplexed Information and Computing Service); written in assembly code for word processing on the DEC PDP-7. Soon after, it was rewritten on the PDP-11, with a much simpler high language called B; which then turned in to the portable C Language. From the beginning Unix was written to be portable to any computer. AT&T Bell Laboratories programmers Dennis Ritchie and Ken Thompson, are the originators of Unix and the C Language. There followed many other genius contributors from elsewhere. The history of Unix is fascinating!

In August 2006, InformationWeek magazine rated 4.3BSD Unix, begun in 1988, as “The Greatest Software Ever Written, representing the single biggest innovation of the Internet.” Unix today runs on every computer: iPhone, Android, PS4 PlayStation, your smart TV. Most websites run Unix or Linux (a Unix variant). Every operating system in existence today run lots of BSD Unix source code; especially source code for network sockets; even Microsoft Windows with their Winsocket DLL’s. TCP/IP and many other essential source code, were first written on the BSD 4.x releases of the late 1980’s.

Prior to that, during its infancy, back in the early 70’s, Unix was programmed for tele-typewriters (TTY). The personal computer did not yet exist. Early Unix was mostly run on DEC VAX machines, which consisted of a huge 200 pound computer, the size of a small refrigerator, and a typewriter connected via a serial cable. After entering a command on the tele-typewriter the computer, output returned as a print on a sheet of dot matrix roll paper, fastened on the same typewriter. It was a high-tech innovation of the time. Then in the late 70’s the DEC’s VT100 serial text terminal was released at an affordable price. Electronic console display based computing was finally possible.

The first x86 versions of Unix were ported as soon as the Intel 8086 CPUs were available, in the early 80’s. AT&T purchased rights to the original Unix source code and it was the first to port Unix to the IBM AT personal computer, in 1983. The high end model of the IBM AT typically came with 1MB or 2MB memory, 20MB to 40MB hard disk, and a 5 1/2 inch floppy drive; and it was capable of running a single process at a time, such as the DOS operating system and a BASIC interpreter. This first IBM personal computer was for single user mode, and it did not have networking nor the multi-user capabilities of the DEC VAX with 16 to 64 connected VT100 serial dumb terminals. BSD was the other Unix variant which was greatly enhanced via academic research in university lab environments, especially The University of California Berkeley. In the early 80’s the BSD programmers mostly coded for the VAX. Since the purpose of Unix was to run in multi-user mode, they did not see the IBM AT as a viable choice. So it wasn’t until the early 90’s that a younger generation of BSD programmers really began to port Unix on the much more powerful multitasking CPU for the personal computer, the Intel 386.

Because of “supposed” trademark violations, AT&T in the early 90’s, locked their version as being the “one and only” Unix version; and they attempted to sue startup BSD companies over bogus copy violations. Many years went by before the case was dismissed. Meanwhile, other Unix enthusiasts, from corporations to university geeks, got tired of waiting around, and they forked the OS into other releases, compiled with non-AT&T code; such variants as 4.4BSDLite2, 386BSD, then FreeBSD, then NetBSD, and the list goes on.

Shrewdly, around the same time, another unique Unix variant was begun by a young genius Finish nerd, at home, in his underwear, and his name is Linus Torvalds. He named his kernel Linux, and he released it to the public, free to use and distribute, under the General Public License (GPL); and together with other GPL software utilities called GNU (GNU is Not Unix - recursive), that variant spread like wildfire. Hence, GNU/Linux. I remember in the early 90’s, in college, wanting to get a hold of any Unix version for the 386. It was impossible! And if you did happen to get one pirated, it came with no install mechanism, no install documentation, some with no kernel (a chicken and egg situation, where you had to compile it with another running BSD), no binaries, only source code, no boot floppies. Wow! Soon after, in the mid 90’s, Linux was “everywhere”; simply “available”, with all the binaries needed to get going, on floppy or CD, very easy to install, including detailed instructions.


Download 4.3BSD [612MB]:

$ mkidr -p /u1/qemu/4.3bsd
$ cd /u1/qemu/4.3bsd
$ wget

About This BSD Version

This BSD 4.3 version, which began in 1988, seems to have been last patched in 2001 for the 386, by Wind River Systems. It includes many utilities from the late 90’s, such as for example, SSH. Wind River in the 90’s began selling CDROM software subscriptions, which included open source, free source software and technical documentation. When the Internet began in the mid 90’s, it was via telephone line dial-up, and downloading a 600MB CDROM, which today takes a couple of minutes, back then it took a whole day, if you were lucky not to get disconnected. Also, there were no cell phone, so if someone called your home telephone, you also got disconnected. So most Unix and Linux enthusiasts ordered CD disks by mail. Some came on the back of books, and that’s how I got started learning Unix in 1994, with a Slackware Linux CDROM, from the back of a book, with detailed instructions. It was great! A couple of months before, I had installed at work, an earlier Slackware Linux on a malfunctioning Compaq 386SX25 using about twenty five 1.44MB floppies, patiently downloaded from a local public Mustang BBC dial-up forum in Miami. It was impressive! However, the dial-up download took forever. Add to that the fact that it was 1994 and there was yet “No Public Internet”. Those were the days!

[Read more…]

Verify OpenSSL TLS 1.2

Thursday, September 24, 2020

In an effort to combat cyber crime, major tech companies are advocating encryption for the entire Internet through the free certificate service called “Let’s Encrypt”; meaning that in the not so distant future the following will block public web pages from running browsers:

    * Web paged running on http port 80
    * Web pages with self-signed certificates
    * Web pages with weak encryption
    * Web pages without TLS 1.2 certified encryption
    * Web pages still encrypting with old SSL3

Below find some examples on how to quickly test if your site complies with OpenSSL TLS 1.2.

TLS is supported on OpenSSL 1.0.1 or above. Verify your version:

~$ openssl version
OpenSSL 1.1.1d  10 Sep 2019

Verify a TLS 1.2 enabled website by querying its certificate and spotting its cipher at the bottom. If it returns error handshake messages and no cipher, then it probably does not support TLS 1.2. It should return something like this:

[Read more…]

Apache SSL TLS Certificate Creation Script

Friday, September 11, 2020


Brief notes on how to create an Apache OpenSSL certificate using a bash script under Debian 10. A website that is not encrypted can become a threat to visitors, and often many providers block websites that are not SSL/TLS enabled. The audience is experienced Linux administrators.


    * Root CA certificate = the main self-signed certificate from the Root certificate authority that signs all other certificates or intermediate certificates.
    * Intermediate CA certificate = a certificate created by an intermediate certificate authority (CA), signed by the Root CA.
    * CA Bundle certificate = the merge of Root CA certificate an the Intermadiate CA certificate, valid as a root certificate.
    * Certificate = the certificate received and signed by the Intermediate CA certificate.
    * Certificate Chain = the end certificate, along with the CA Bundle certificate.
    * The intermediate method has more security, so that intrusion of one intermediate certificate authority does not affect the entire root.

The Script

The OpenSSL script below is simple; the variables need to be modified inside. It creates the following (4) four files:

    * Raw private key.
    * RSA private key.
    * CSR, certificate signing request.
    * Self-signed certificate, for testing.

Creating the private key in at least two formats seems like a good idea. Always keep private keys truly private and secure.

[Read more…]

Tiny Core Linux Customization

Wednesday, September 9, 2020


Brief notes for the Tiny Core Linux rescue Kernel; customized and minimized to a 25MB; containing many useful administrative utilities; very useful for rescue, offline cold backups, restores, troubleshooting boot problems, disaster recovery. It can launch from a local Linux boot loader, an external USB hard disk, or a USB stick, or a virtual/physical CDROM ISO. The distro is very well maintained with the latest kernels. The Tiny Core Linux Team did a great job with this mini distro and the Linux community celebrates their work.

Main site:

The utilities that I most used: LVM, mount, sshd, rsync, scp, netcat, netstat, tar, chroot.


http://tinycorelinux … yCorePure64-11.0.iso [28MB]

GRUB2 Boot

Add to an existing GRUB2 system, to enable rescue boot from a regular local hard disk. Copy the Tiny Core kernel and ramdisk:

# mount -o loop TinyCorePure64-11.0.iso /mnt
# mkdir -p /boot/tce/optional
# cp /mnt/boot/vmlinuz64 /boot/tcvmlinuz64
# cp /mnt/boot/corepure64.gz /boot/tccorepure64.gz
# cp -r /mnt/boot/cde/* /boot/tce/
# chmod 0444 /boot/tcvmlinuz64
# chmod 0444 tccorepure64.gz
# chmod 0750 /boot/tce

Add the GRUB2 entry:

# cat /etc/grub.d/40_custom
menuentry "Tiny Core 11.1 Rescue" {
linux /tcvmlinuz64 noswap nozswap nohdcp superuser vga=791 tz=GM-5 host=foo
initrd /tccorepure64.gz

Rebuild the GRUB2 configuration, then test it:

# grub2-mkconfig -o /boot/grub2/grub.cfg

# reboot

[Read more…]