Hi,

I'm using syspatch -c in the monitoring system for a number of OpenBSD
machines at work.
From time to time the host listed in /etc/installurl becomes
unavailable for hours. (I've seen that both with a dedicated mirror or
with the cdn) causing monitoring errors because the agent (check_mk)
is stuck.

Adding a timeout option to the ftp(1) command run by syspatch -c is
enough for me to not have the OpenBSD machines appear unresponsiv in
the monitoring system.

Would something like this make sense ?

Index: syspatch.sh
===================================================================
RCS file: /local/cvs/src/usr.sbin/syspatch/syspatch.sh,v
diff -u -p -u -r1.169 syspatch.sh
--- syspatch.sh	27 Oct 2025 16:30:24 -0000	1.169
+++ syspatch.sh	21 Feb 2026 07:39:01 -0000
@@ -173,7 +173,7 @@ ls_missing()
 	local _c _f _cmd _l="$(ls_installed)" _p _sha=${_TMP}/SHA256
 
 	# don't output anything on stdout to prevent corrupting the patch list
-	unpriv -f "${_sha}.sig" ftp -N syspatch -MVo "${_sha}.sig" \
+	unpriv -f "${_sha}.sig" ftp -w 30 -N syspatch -MVo "${_sha}.sig" \
 		"${_MIRROR}/SHA256.sig" >/dev/null
 	unpriv -f "${_sha}" signify -Veq -x ${_sha}.sig -m ${_sha} -p \
 		/etc/signify/openbsd-${_OSrev}-syspatch.pub >/dev/null

-- 
Matthieu Herrb