Your VM is a clean install of OpenBSD 6.6-release. You can ssh into it:
$ ssh username@XXX.XXX.XXX.XXX OpenBSD 6.6 (GENERIC) #353: Sat Oct 12 10:45:56 MDT 2019 ... $
Get the password from ~/.ssh/authorized_keys and switch to root.
$ awk '{print$NF}' .ssh/authorized_keys
XXXXXXXXXXXXXXXXXXXXXXXXXX
$ su -
Password:
#
Add your username to /etc/doas.conf:
# echo 'permit username' > /etc/doas.conf #
Update /etc/pf.conf, test, and load it:
# echo 'pass in quick proto { icmp, icmp6 } all' >> /etc/pf.conf
# pfctl -nf /etc/pf.conf
# pfctl -f /etc/pf.conf
# pfctl -sr
block return all
pass all flags S/SA
block return in on ! lo0 proto tcp from any to any port 6000:6010
block return out log proto tcp all user = 55
block return out log proto udp all user = 55
pass in quick proto icmp all
pass in quick proto ipv6-icmp all
#
Check 6.6 errata and apply available patches.
# syspatch ... Relinking to create unique kernel... done; reboot to load the new kernel Errata can be reviewed under /var/syspatch # reboot Connection to XXX.XXX.XXX.XXX closed by remote host.
To get connected to the console you need to have access to the host your VM is running on. The same username and public SSH key, as provided for the VM, are used to create a local user on the host.
When this is done you can use [vmctl(8)] to manage your VM.
The options you have are:
$ vmctl console id $ vmctl start [-c] id $ vmctl stop [-fw] id
-f Forcefully stop the VM without attempting a graceful shutdown.
-w Wait until the VM has been terminated.
-c Automatically connect to the VM console.
Connect to the console with:
$ vmctl console id
Note: id can also be your VM name.
There are currently a couple of known issues.
It's possible the clock to drift at some point. When this becomes severe you can also add a workaround in cron for it:
*/15 * * * * /usr/sbin/rdate -s pool.ntp.org
The issue is known to the OpenBSD developers and they are investigating solutions.
The other issue which can cause some headache is connectivity loss. As a workaround run ping from cron:
*/5 * * * * /sbin/ping -c3 <your gateway> > /dev/null
Alternative is to run ping in tmux with something like:
@reboot /usr/bin/tmux new -d 'while true; do ping -i5 <your gateway>; done' \;