Dec 24, 2025

Keeping OpenBSD Up To Date

Effortlessly update your OpenBSD devices

Johnathan Chronister

openbsdsecuritypatchingupdatesupgradesadministration

362 words - estimated time to read 1 Minute, 38 Seconds

2025-12-24 12:58 +0100

OpenBSD Release Model Explained

The OpenBSD release model is explained in great detail on the official website but I will start by saying that there are generally two release models:

NOTE: I am not referring to OpenBSD “flavors” ( releases, current, stable ). To quickly clarify what stable is … security fixes get backported into the two most recent OpenBSD releases. Therefore, stable = a supported release + backported security fixes. None of this is really important if you always keep your systems upgraded to the latest release.

release

Standard OpenBSD releases follow a six month release cycle. This is what most people will want to use and this article will only cover this option.

current

This is where development takes place. It involves pulling down source code and compiling from source. Although not recommended for production, I have found it to be just as stable. In nearly thirty years of using OpenBSD, I have only had one instance in which current failed to compile. It was resolved in less than three hours.

Information about current: https://www.openbsd.org/faq/faq5.html

Updating

Update System - Start by updating the system using “syspatch”:

NOTE: You will be prompted if the patch requires a reboot.

# /usr/sbin/syspatch

Update Packages - Update installed packages ( if any ) using “pkg_add”:

NOTE: -u = update installed packages, -v = verbose output, -i = interactive

# /usr/sbin/pkg_add -uvi

Update Firmware - Update any required firmware.

# /usr/sbin/fw_update

Now your system is up to date.

Upgrading

Upgrade System - Once a new release comes out ( i.e. 7.8 -> 7.9 ):

NOTE: You will need a console for this one as you will reboot and upgrade via console. Keep this in mind for remote installations.

# /usr/sbin/sysupgrade

Once this completes you should go through each step previously used to update the system:

Update System - Start by updating the system using “syspatch”:

NOTE: You will be prompted if the patch requires a reboot.

# /usr/sbin/syspatch

Update Packages - Update installed packages ( if any ) using “pkg_add”:

NOTE: -u = update installed packages, -v = verbose output, -i = interactive

# /usr/sbin/pkg_add -uvi

Update Firmware - Update any required firmware.

# /usr/sbin/fw_update