Notes: OSX, FreeBSD, OpenVPN and NFS

For my own convenience I want to access my FreeBSD home directory from my laptop. [OpenVPN]( seemed the least trouble and since I have a limited number of systems, I settled on distributing static keys. These are my notes. See the OpenVPN documentation, specifically the [OpenVPN 2.0 HOWTO](, and the FreeBSD manpages for details.

Configuring the server (FreeBSD) side:

1. install openvpn2 using ports or package.
1. configure openvpn for both server and a client: 1. create a directory /usr/local/etc/openvpn with a subdirectory keys/. 1. copy the easy-rsa/2.0/ directory to /usr/local/etc/openvpn/easy-rsa. 1. create ca cert, . ./build-ca. 1. create a server cert and key, . ./build-key-server server. 1. create client cert and key, . ./build-key client. 1. copy config sample to /usr/local/etc/openvpn/openvpn.conf 1. edit to suit, I like to put the log and status to /var/log, use log-append and bump up the log detail to 4. 1. add openvpn\_enable="YES" to /etc/rc.conf. 1. start the daemon with /usr/local/etc/rc.d/openvpn start.
1. Add an entry to /etc/newsyslog.conf to handle our new logfile: /var/log/openvpn.log 600 7 * @T00 J
1. I set up NFS to serve home directories on the private network used for the OpenVPN tunnel: 1. Either use sysinstall or do it yourself to add to /etc/rc.conf: * nfs_server\_enable="YES" * rpcbind\_enable="YES" * nfs\_server\_options=”-t -u -h -n 4”

1. add to /etc/exports /home -network -mask" 1. start the daemons with /etc/rc.d/rpcbind start, /etc/rc.d/nfsd start and /etc/rc.d/mountd start

Configuring the client (OSX) side:

1. Install openvpn2 from darwinports or you can make life easy and grab [Tunnelblick]( which has prebuilt packages along with a minimalist GUI.
1. Copy the ca.crt, client.crt and client.key from the server to the appropriate directory for the client host. This is ~/Library/openvpn in my case.
1. Start the tunnel. Note that it syslogs, so look in the for errors and warnings.
1. From the Finder, choose Go, then Connect to Server (apple-K). In the dialogue box put nfs://

If all went well, you should have a new folder named “home” on the desktop. It’s almost certain that your UID/GID don’t match on the two systems so look there if the mount is read-only.


Matias Tactile Pro keyboard

I spend a lot of time at the keyboard, often upwards of eight hours a
day. A couple of years ago I [blogged about
and how I love the rugged Type-M buckling spring design. I keep a few
around with PS2 and USB adapters for home and work but for the Mac, I
was using a vintage 1990 Apple Extended Keboard II. This keyboard is
often referred to as the “Nimitz”, supposedly after its codename
during development, and the name is apt- it is huge and overbuilt.
I’ve been using it with an [iMate adb-usb
adapter]( for years
and while the setup was sometimes dodgy, it usually worked. The
keyboard is not as industrial as IBM’s best and after sixteen years of
intermittant use the spacebar is showing signs of wear and the keyboard is
suffering key bounce and missing key presses. So it was time to
replace it.

But replace it with what? I got my hands on a new, sans box
EnduraPro/104 a few years ago and it was a good keyboard. I used it
until the rubber nub on the pointing stick wore out but it wasn’t the
Type-M. I’ve seen one and think the Avant is overpriced, even for a
niche product. So I gambled that the reviews and comments on the
[Matias Tactile Pro]( were accurate
and bought one from [Small Dog](, my favorite
vendor for things Mac-related. It’s not cheap, but I hoped that the
price was an indication of quality.

I’ve been using it for a couple of days and, yes, it is a quality
keyboard. The first thing that struck me when I took it out of the box
was that it was relatively light. The second was that the little feet
to change the angle have two positions- up and down- and they are
slightly springy. It’s different from my old Nimitz, a little firmer,
the keys slightly smaller and the travel is maybe a little shorter but
it’s as good and maybe better. It’s firm and loud and within a few
minutes I didn’t notice the differences. I’m not making any more typos
than I do normally and I appreciate the two integrated USB ports. Back
to back, I prefer the old Type-M but I prefer the Tactile Pro to the

Well done, Matias.


