Important OpenBSD systems should be installed onto a pair of mirrored disks so that malfunction of a single disk won't shut down services and cause data loss. OpenBSD FAQ has section about Installing to a Mirror which covers both MBR and GPT partitioning schemes. Seasoned admins familiar with OpenBSD's way of naming devices and tools such as fdisk and disklabel will find everything they need regarding mirrored setup there. This article adds a bit more information about installing OpenBSD to a mirror in newcomer friendly format.
Most of the OpenBSD systems I am in charge of are deployed in data centres, powered by UPSs which provide them with electrical power during periods of public grid power outages. But there is also a number of OpenBSD systems I administer, which are deployed in much less favourable conditions; where frequent power outages last longer than UPS batteries do, or where there are no UPSs at all (such as branch office routers in godforsaken places where having electricity and Internet access at all is considered a lucky circumstance). These latter systems are likely to have high rate of unclean shutdowns caused by prolonged or unexpected power outages, which in turn increase the probability of their inability to boot without human intervention. This article describes steps to make OpenBSD system more resilient to unexpected power outages by minimising the possibility of inconsistent file systems after unclean shutdowns, which is achieved by mounting all disk partitions in read-only mode. Filesystems which have to be writable - /var /dev and /tmp - are mounted as writable memory file systems.
The Point-to-Point Tunneling Protocol (PPTP) is an obsolete method for implementing virtual private networks. It has many well known security issues, and nowadays shouldn't be used at all. However, all Microsoft Windows versions from last two decades ship with PPTP client included which makes it very convenient. As of OpenBSD 5.3, npppd – New Point to Point Protocol Daemon – became a part of OpenBSD base system. The following article describes how to configure it as a PPTP server which authenticates users from RADIUS.
