On Thursday, 29 December 2005 at 12:41:29 -0700, Theo de Raadt wrote:
Is it advisable to change the definition to increase the maximum length?
No. I strongly advise you against that.
I won't attempt to do that.
Thanks,
Zoong
On Tue, Jan 03, 2006 at 12:37:29PM +0100, Pailloncy Jean-Gerard wrote:
And also wrote:
The two cables came from two routers of my provider.
The two ips (a.b.c.1 and a.b.c.2) are in the same vlan on the two
different routers.
Broadcast should work.
So on outside, a CARP should be the simple
Hi everybody,
I've a question related to NFS.
I#ve 2 PCs at home. One is a Server (NFS) running 3.8 and the other is my
workstation running current.
Server provides a NFS-Share. Let's call it /nfs
Workstation mounts the NFS-Share into /mnt/nfs
If the Workstation calculates something and I
Hello!
On Tue, Jan 03, 2006 at 03:24:22AM -0800, J.C. Roberts wrote:
My dad (68 years old) has finally succeeded in destroying/infecteding
his MS-Windows NT4 box, in spite of my best efforts to secure the darn
thing (e.g. No MSIE, No Microsoft Networking, stripped of just about
everything MS-ish
On Tue, Jan 03, 2006 at 12:37:29PM +0100, Pailloncy Jean-Gerard wrote:
And also wrote:
The two cables came from two routers of my provider.
The two ips (a.b.c.1 and a.b.c.2) are in the same vlan on the two
different routers.
Broadcast should work.
So on outside, a CARP should be the
Hello all,
Could someone explain this behaviour?
When an IP address is assigned to a bridge member interface, an arp broadcast request to this interface bypasses bridge filter rules. But, an arp
unicast request is blocked as it should.
Setup:
192.168.1.1(00:aa:bb:01:02:03)
Could someone explain this behaviour?
When an IP address is assigned to a bridge member interface, an arp
broadcast request to this interface bypasses bridge filter rules. But, an
arp unicast request is blocked as it should.
If you can, it might be helpful to confirm this somewhere other
Hi there,
I think I know the answer to this, just wanted to double check before I
re-partioned. As postfix runs chrooted in /var/spool/postfix, is it
therfore impractable to have this arrangement:
$ fgrep postfix /etc/fstab
/dev/wd0m /var/spool/postfixffs
I think I know the answer to this, just wanted to double check before I
re-partioned. As postfix runs chrooted in /var/spool/postfix, is it
therfore impractable to have this arrangement:
chroot isn't involved. Have you thought about what you're asking it
to do when it has to move a mail item
Stuart Henderson wrote:
Could someone explain this behaviour?
When an IP address is assigned to a bridge member interface, an arp
broadcast request to this interface bypasses bridge filter rules. But, an
arp unicast request is blocked as it should.
If you can, it might be helpful to confirm
On Tue, Jan 03, 2006 at 02:42:56PM +, Stuart Henderson wrote:
On Tue, Jan 03, 2006 at 12:37:29PM +0100, Pailloncy Jean-Gerard wrote:
And also wrote:
The two cables came from two routers of my provider.
The two ips (a.b.c.1 and a.b.c.2) are in the same vlan on the two
different
On Tue, 3 Jan 2006, Joachim Schipper wrote:
Basically, all mail clients suck. And the one that sucks less is not
very newbie-friendly.
Joachim
Hehehe, I agree. However, I have used a few graphical clients that
weren't too bad. Evolution, Thunderbird, and Sylpheed-Claws. A few
Hello.
Does OpenBSD 3.8 use the APIC (Advanced Programmable Interrupt
Controller) ?
Some cards, e,g telephony and framegrabbers have issues with the
limited standard XT 16 IRQ's.
APIC motherboards give you 24 or more (I've seen as many as 101)
interrupts.
Besides doing a dmesg | grep irq, is
On Tue, Jan 03, 2006 at 03:36:51PM +, Craig Skinner wrote:
Hi there,
I think I know the answer to this, just wanted to double check before I
re-partioned. As postfix runs chrooted in /var/spool/postfix, is it
therfore impractable to have this arrangement:
$ fgrep postfix /etc/fstab
On Tue, Jan 03, 2006 at 02:43:22PM +0100, Sebastian Rother wrote:
Hi everybody,
snip
nfs server server:/nfs: not responding
The workstation will not hang but the shell where I did e.g.
ls /mnt/nfs hangs and can't get killed anyway.
Even a sudo umount -f /mnt/nfs stoped working and
Does OpenBSD 3.8 use the APIC (Advanced Programmable Interrupt
Controller) ?
yes, but only with the bsd.mp kernel.
--- martin [EMAIL PROTECTED] wrote:
Hi.
I just ordered both the Mikrotik Routerboard 44 ($89) and the Soekris
lan1641 ($95). Both 4-port NIC boards. I'll let you know how the
perform.
I'm also puzzled by the claims of performance issues and saturating the
bus PCI bus previously mentioned as
On Tue, Jan 03, 2006 at 04:59:18PM +0100, Joachim Schipper wrote:
Yes. What you want to do is not theoretically impossible, but it is
highly impractical. Postfix manages its spool by moving files about;
move is quick within a filesystem, but no faster than copy across
filesystems. (And
On 1/3/06, martin [EMAIL PROTECTED] wrote:
Besides doing a dmesg | grep irq, is there another way at seeing the
assigned interrupts.
# vmstat -i
-- ach
On Tue, 3 Jan 2006, Sebastian Rother wrote:
Hi everybody,
I've a question related to NFS.
I#ve 2 PCs at home. One is a Server (NFS) running 3.8 and the other is my
workstation running current.
Server provides a NFS-Share. Let's call it /nfs
Workstation mounts the NFS-Share into
martin [EMAIL PROTECTED] wrote:
Besides doing a dmesg | grep irq, is there another way at seeing the
assigned interrupts. e.g. For Linux cat /proc/interrupts reveals:-
vmstat(8)
vmstat -zi
On Tue, 3 Jan 2006 17:27:27 +0100 (CET)
Otto Moerbeek [EMAIL PROTECTED] wrote:
On Tue, 3 Jan 2006, Sebastian Rother wrote:
Hi everybody,
I've a question related to NFS.
I#ve 2 PCs at home. One is a Server (NFS) running 3.8 and the other is my
workstation running current.
On Mon, Jan 02, 2006 at 11:31:13PM +0100, Otto Moerbeek wrote:
OK, then the cpio man page in -current is in error.
That's my mistake, I asked jmc@ to change it to 64GB where it is actually
8GB, cpio doesn't add a space or null termination on the 12th digit so it
should be ok, only tar and ustar
On Tue, Jan 03, 2006 at 06:03:16PM +0100, Peter Philipp wrote:
Index: cpio.1
===
RCS file: /cvs/src/bin/pax/cpio.1,v
retrieving revision 1.22
diff -u -r1.22 cpio.1
--- cpio.1 15 Nov 2005 00:00:28 - 1.22
+++
Chris Zakelj wrote:
Justin H Haynes wrote:
Thanks Nick Holmes and misc for
http://www.openbsdsupport.org/GalleryInChroot.html. It was very
helpful in getting Gallery working in OpenBSD in the chrooted Apache
environment for me. However, I need to use an external smtp server to
handle
On Tue, Jan 03, 2006 at 10:34:48AM -0600, Justin H Haynes wrote:
Chris Zakelj wrote:
Good Idea. Actually, since everyone may not even need this little hack,
I've just changed it to create in /var/www/etc/:
resolv.conf.local
resolv.conf.OpenNIC
Then users can copy one if they need it. here
On Tue, Jan 03, 2006 at 12:45:46PM -0500, Michael Erdely wrote:
On 1/3/06, Joachim Schipper [EMAIL PROTECTED] wrote:
Since /etc/X11/xdm/TakeConsole runs with root permission on every user
logout to prevent /dev/console sniffing I modified it to perform the
shutdown if the flag file is
Hi and happy new year to all,
I try to apply a nexthop blackhole filter without success on OpenBSD 3.8.
I receive the bogon list from cymru and try to force blackholing of the
routes without success. Here is my configuration :
group BGPBogon {
remote-as 65333
announce
On Tue, Jan 03, 2006 at 07:04:36PM +0100, Joachim Schipper wrote:
On Tue, Jan 03, 2006 at 12:45:46PM -0500, Michael Erdely wrote:
Add dad to the operator group which can run /sbin/shutdown without sudo.
That's not a very good idea.
$ ls -la /dev/wd*
brw-r- 1 root operator0,
Hi all, sorry for bothering.
My problem is as follows:
0. 3.8 GENERIC
1. I am creating 1.5Gb all-zeroes file with dd
2. vnconfig -ck /dev/svnd0c file.img
3. fdisk -e /dev/rsvnd0c
4. dislabel -E /dev/rsvnd0c
5. newfs /dev/rsvnd0c
6. mount /dev/svnd0c /mnt
7. copying in files into /mnt
And after
On Wed, 4 Jan 2006, Vladas Urbonas wrote:
Hi all, sorry for bothering.
My problem is as follows:
0. 3.8 GENERIC
1. I am creating 1.5Gb all-zeroes file with dd
2. vnconfig -ck /dev/svnd0c file.img
3. fdisk -e /dev/rsvnd0c
use fdisk -i svnd0, much easier.
4. dislabel -E /dev/rsvnd0c
I really appreciate this work. Until it is complete, here are a few
quick and dirty things I do to make the upgrade process a little
easier. Probably common sense to many, but I'll share it all the same:
https://justinhaynes.com/weblog/package-updates-in-openbsd-38/
-Justin
Hello folks,
sorry for being OT, but i have written some code and would like to
test it on 64 bit little/big endian box and have none to try. Would it
be the case some here kind enough to provide me with shell access?
I am seeking not only OBSD environments.
Thanks a lot for your time and
On 12/31/05, Travers Buda [EMAIL PROTECTED] wrote:
The Nazis thought their Enigma machine was perfect.
Do you know why Enigma was broken? Primarily because the operators
didn't follow procedure and made a series of other mistakes (This
doesn't seem too important). As is typical, the problem
The first thing I did was add a flag file to my dad's home directory
and made sure he cant modify or delete it.
# touch /home/dad/.xshutdown
# chown root:wheel /home/dad/.xshutdown
# chmod 400 /home/dad/.xshutdown
login: dad
password:
dadsbox $ ls -l .xshutdown
-r
are you running ntpd? are you running ntpd with the kernel adjtime
patch i posted to tech a few days ago?
On 1/1/06, Cyrus Lopez [EMAIL PROTECTED] wrote:
I have a machine with a sempron64 and it seems that time is a tad bit too
fast. Every minute it skips ahead about 15-20 seconds. After about
Ted Unangst wrote:
On 12/31/05, Travers Buda [EMAIL PROTECTED] wrote:
The Nazis thought their Enigma machine was perfect.
Do you know why Enigma was broken? Primarily because the operators
didn't follow procedure and made a series of other mistakes (This
doesn't seem too important). As is
Spews seems to be having some issues. www.spews.org refuses
connections from here.
The spews list will be updated once their site is again
reachable from www.openbsd.org
-Bob
* Bryan Irvine [EMAIL PROTECTED] [2005-12-30 10:49]:
Recently the spews1 file that gets
On Tuesday 03 January 2006 15:16, Ted Unangst wrote:
are you running ntpd? are you running ntpd with the kernel adjtime
patch i posted to tech a few days ago?
On 1/1/06, Cyrus Lopez [EMAIL PROTECTED] wrote:
I have a machine with a sempron64 and it seems that time is a tad bit too
fast.
On Tuesday, January 3, martin wrote:
Does OpenBSD 3.8 use the APIC (Advanced Programmable Interrupt
Controller) ?
In bsd.mp, yes.
Some cards, e,g telephony and framegrabbers have issues with the
limited standard XT 16 IRQ's.
How so?
APIC motherboards give you 24 or more (I've seen as
On Tue, Jan 03, 2006 at 08:24:44PM +0200, Juha Erkkila wrote:
On Tue, Jan 03, 2006 at 07:04:36PM +0100, Joachim Schipper wrote:
On Tue, Jan 03, 2006 at 12:45:46PM -0500, Michael Erdely wrote:
Add dad to the operator group which can run /sbin/shutdown without sudo.
That's not a very
Is there a good/cheap SATA RAID card that doesn't use that retarded soft RAID?
In other words, will this card present itself to OBSD at install as a
single disk?
http://www.lsilogic.com/products/megaraid/sata_150_4.html
--Bryan
On Tue, 3 Jan 2006, Bryan Irvine wrote:
Is there a good/cheap SATA RAID card that doesn't use that retarded soft
RAID?
In other words, will this card present itself to OBSD at install as a
single disk?
http://www.lsilogic.com/products/megaraid/sata_150_4.html
yes,
-Otto
Hello,
You should consider getting more public IP addresses as you need three
public addresses on each external connection, ideally.
I can't. But I can put the two external interfaces on the
same physical lan and add ip alias addresses. I can also
plug other interfaces on the external lans
Hello!
On Tue, Jan 03, 2006 at 11:15:46AM -0800, patrick ~ wrote:
The first thing I did was add a flag file to my dad's home directory
and made sure he cant modify or delete it.
# touch /home/dad/.xshutdown
# chown root:wheel /home/dad/.xshutdown
# chmod 400 /home/dad/.xshutdown
On 1/3/06, Ted Unangst [EMAIL PROTECTED] wrote:
On 1/2/06, Travers Buda [EMAIL PROTECTED] wrote:
You've made it very clear that CGD won't be imported into OpenBSD, yet
you've never explained why, or why you ported it in the first place.
Care to let us in on why? I expect your reply will
I'm testing a new VPN tunnel using ipsecadm and manual keying.
Everything looks ok, but packets aren't making it to enc0 and beyond
on the remote side (either way). I can watch the packet count
increment on the relevant pass rules (see below), so I know it's
making it all the way up to
On Tue, 3 Jan 2006 20:24:44 +0200, Juha Erkkila [EMAIL PROTECTED]
wrote:
On Tue, Jan 03, 2006 at 07:04:36PM +0100, Joachim Schipper wrote:
On Tue, Jan 03, 2006 at 12:45:46PM -0500, Michael Erdely wrote:
Add dad to the operator group which can run /sbin/shutdown without sudo.
That's not a
On Tuesday 03 January 2006 17:11, J.C. Roberts wrote:
The rule of thumb for granting privileges is simple; avoid granting
permissions whenever possible.
Check the ownership/privileges on /tmp/.X11-unix/X0 after you start kde or Xorg.
Also check the ownership/privileges on the /dev/[pt]typ*
Hello list members.
I'd like to direct this post to those that develop code for OpenBSD.
I'd like a start developing software, and in turn, contribute to
projects like OpenBSD and others. Right now, I'm working as a
sysadmin/infosec person. I can write some simple perl and shell scripts,
but
Ted Unangst wrote:
On 1/2/06, Travers Buda [EMAIL PROTECTED] wrote:
You've made it very clear that CGD won't be imported into OpenBSD, yet
you've never explained why, or why you ported it in the first place.
Care to let us in on why? I expect your reply will be a short no just
like a few of
Ted Unangst wrote:
On 12/31/05, Travers Buda [EMAIL PROTECTED] wrote:
The Nazis thought their Enigma machine was perfect.
Do you know why Enigma was broken? Primarily because the operators
didn't follow procedure and made a series of other mistakes (This
doesn't seem too important). As
I asked a similar question on here recently and had some good books
recommended to me. This relates to C programming.
http://marc.theaimsgroup.com/?l=openbsd-miscm=113596339716980w=2
As a starting point, until my books arrive, I have been working from
this online primer, which is getting me
On Tue, 3 Jan 2006 15:03:31 +0100, Hannah Schroeter [EMAIL PROTECTED]
wrote:
On Tue, Jan 03, 2006 at 03:24:22AM -0800, J.C. Roberts wrote:
My dad (68 years old) has finally succeeded in destroying/infecteding
his MS-Windows NT4 box, in spite of my best efforts to secure the darn
thing (e.g. No
On Tuesday, January 3, Joe S wrote:
Do you have any recommendations on how I should get started?
Any help or recommendations would be appreciated.
Just get started. Learn C. Look at code. Read code. Understand.
--Toby.
On Tue, 3 Jan 2006, Dave Feustel wrote:
On Tuesday 03 January 2006 17:11, J.C. Roberts wrote:
The rule of thumb for granting privileges is simple; avoid granting
permissions whenever possible.
Check the ownership/privileges on /tmp/.X11-unix/X0 after you start kde or
Xorg.
Come on,
At 02:35 PM 1/3/2006 -0800, you wrote:
Hello list members.
I'd like to direct this post to those that develop code for OpenBSD.
I'd like a start developing software, and in turn, contribute to projects
like OpenBSD and others. Right now, I'm working as a sysadmin/infosec
person. I can write
On Tue, 3 Jan 2006 22:46:50 +0100, Hannah Schroeter [EMAIL PROTECTED]
wrote:
Hello!
On Tue, Jan 03, 2006 at 11:15:46AM -0800, patrick ~ wrote:
The first thing I did was add a flag file to my dad's home directory
and made sure he cant modify or delete it.
# touch /home/dad/.xshutdown
#
On Tuesday 03 January 2006 17:50, Otto Moerbeek wrote:
On Tue, 3 Jan 2006, Dave Feustel wrote:
On Tuesday 03 January 2006 17:11, J.C. Roberts wrote:
The rule of thumb for granting privileges is simple; avoid granting
permissions whenever possible.
Check the
Dave Feustel wrote:
Check the ownership/privileges on /tmp/.X11-unix/X0 after you start kde or
Xorg.
You can stop repeating this now, you have already demonstrated your
ignorance.
Joachim Schipper wrote:
I'm afraid this'll result in lots of questions on [EMAIL PROTECTED] I, for one,
would be stumped as to why I'd want OpenNIC.
No particular reason. I just needed someone for the sake of example,
and they're the ones who sprang to mind. My use of them was in no way
an
Travers Buda wrote:
Ted Unangst,
Yes, I've looked at the archives.
You've made it very clear that CGD won't be imported into OpenBSD, yet
you've never explained why, or why you ported it in the first place.
Care to let us in on why? I expect your reply will be a short no just
like a
On Tue, 03 Jan 2006 17:34:57 -0500, Dave Feustel
[EMAIL PROTECTED] wrote:
On Tuesday 03 January 2006 17:11, J.C. Roberts wrote:
The rule of thumb for granting privileges is simple; avoid granting
permissions whenever possible.
Check the ownership/privileges on /tmp/.X11-unix/X0 after you
We all have our favorite beginer, advanced and reference book(s) for C but I
prefer:
Begin: ISBN 0-393-96945-2 || C Programming: A Modern Aproach by K. N. King
( A real spoon feeder )
Middle: ISBN 0201433079 || Advanced Programming in the UNIX Environment
( get some interesting things done )
On Tuesday 03 January 2006 18:20, J.C. Roberts wrote:
I'm not really a KDE user. Heck, I even resist installing X11 whenever
possible.
I am getting ever closer to adopting your point of view re X11 and KDE.
--
Lose, v., experience a loss, get rid of, lose the weight
Loose, adj., not tight, let
On 1/3/06, Sebastian Rother [EMAIL PROTECTED] wrote:
Blowfish is secure but Twofish is faster and as secure as Blowfish.
wrong. apples are as fast as tables. bluefish encrypts faster than twofish.
don't know about rekeying etc.
At least if there some quant. computers 128Bit will not save ya
http://www.onlamp.com/lpt/a/6384
Inside NetBSD's CGD
by Federico Biancuzzi
12/21/2005
OpenBSD didn't import CGD even if Ted Unangst wrote a port some time ago. Do
you think
OpenBSD's svnd is already offering the same features?
RD: In a sense, OpenBSD's svnd appears to offer some of the same
--- Quoting Jason Dixon on 2006/01/03 at 17:08 -0500:
I'm testing a new VPN tunnel using ipsecadm and manual keying.
Everything looks ok, but packets aren't making it to enc0 and beyond
on the remote side (either way). I can watch the packet count
increment on the relevant pass rules
On Tue, 3 Jan 2006, Joel Knight wrote:
Check the usual suspects?
net.inet.ip.forwarding=1?
Appropriate pass rules on the internal interface?
Verify the return path doesn't have a problem?
Also, make sure you're not blocking the ipencap packets.
Check various places with tcpdump - see what's
On Jan 3, 2006, at 7:14 PM, Joel Knight wrote:
--- Quoting Jason Dixon on 2006/01/03 at 17:08 -0500:
I'm testing a new VPN tunnel using ipsecadm and manual keying.
Everything looks ok, but packets aren't making it to enc0 and beyond
on the remote side (either way). I can watch the packet
On Jan 3, 2006, at 7:32 PM, Adrian Close wrote:
On Tue, 3 Jan 2006, Joel Knight wrote:
Check the usual suspects?
net.inet.ip.forwarding=1?
Appropriate pass rules on the internal interface?
Verify the return path doesn't have a problem?
Also, make sure you're not blocking the ipencap
On Tue, 03 Jan 2006 14:16:17 -0600, Ted Unangst [EMAIL PROTECTED]
wrote:
are you running ntpd? are you running ntpd with the kernel adjtime
patch i posted to tech a few days ago?
On 1/1/06, Cyrus Lopez [EMAIL PROTECTED] wrote:
I have a machine with a sempron64 and it seems that time is a
One thing you will *NOT* find in any college courses are system-level
coding principles practices. OS code is written in C, which is FAR
different than 'application level' coding taught in the vast majority of
courses.
Im taking a university degree that teaches unix system programming in
knitti wrote:
On 1/3/06, Ted Unangst [EMAIL PROTECTED] wrote:
On 1/2/06, Travers Buda [EMAIL PROTECTED] wrote:
You've made it very clear that CGD won't be imported into OpenBSD, yet
you've never explained why, or why you ported it in the first place.
Care to let us in on why? I expect
Hi,
knitti wrote:
...
At least if there some quant. computers 128Bit will not save ya day
anymore.
quantum computers are the real big buzzword to scare people into
irrational behaviour. nobody knows whether or when quantum computer
will be able to brute force 128 bit keys. and whether twofish
On Tue, Jan 03, 2006 at 06:18:47PM -0500, Chris Zakelj wrote:
Joachim Schipper wrote:
I'm afraid this'll result in lots of questions on [EMAIL PROTECTED] I, for
one,
would be stumped as to why I'd want OpenNIC.
No particular reason. I just needed someone for the sake of example,
and
On Tue, Jan 03, 2006 at 11:40:26PM +0100, Sebastian Rother wrote:
Yes OpenBSD uses Blowfish and yes it si secure and YES it could be blf
with 448Bit. But OpenBSD uses (as far as I know) just 128Bit.
This is not true, vnconfig does read a maximum of 128 bytes (1024bit) and
the key can not be
On Tue, Jan 03, 2006 at 05:06:02PM -0600, L. V. Lammert wrote:
One thing you will *NOT* find in any college courses are system-level
coding principles practices. OS code is written in C, which is FAR
different than 'application level' coding taught in the vast majority of
courses.
L.V. - the
--- Quoting Jason Dixon on 2006/01/03 at 19:39 -0500:
Yes, although that's more of a part B problem when we're still
discussing part A. The packets aren't even making it as far as
enc0, so there certainly won't be anything to return yet.
In your original email you say that [packets are]
Andreas Bartelt wrote:
...
Bruce Schneier recommends using 256 bit keys in order to achieve 128 bit
overall strength for a symmetric cipher. You can read it in 'applied
cryptography'. The reason for this recommendation is related to
collision attacks.
oops, typo. It's in the newer book
On Jan 3, 2006, at 8:51 PM, Joel Knight wrote:
--- Quoting Jason Dixon on 2006/01/03 at 19:39 -0500:
Yes, although that's more of a part B problem when we're still
discussing part A. The packets aren't even making it as far as
enc0, so there certainly won't be anything to return yet.
In
--- Quoting Jason Dixon on 2006/01/03 at 21:11 -0500:
The original post says that packets aren't making it to enc0 and
beyond on the remote side. Yes, I admit that I was a bit
contradictory in the next sentence that says it's making it all the
way up to remote enc0, but I was trying to
On 1/4/06, Nick Holland [EMAIL PROTECTED] wrote:
knitti wrote:
cgd gives users some choice over how to build their encrypted partition.
you're able to use different ciphers.
More stuff to test to make sure it works perfectly...
Knobs are not a selling feature for OpenBSD developers (in
On Jan 3, 2006, at 9:34 PM, Joel Knight wrote:
--- Quoting Jason Dixon on 2006/01/03 at 21:11 -0500:
The original post says that packets aren't making it to enc0 and
beyond on the remote side. Yes, I admit that I was a bit
contradictory in the next sentence that says it's making it all the
On 1/3/06, knitti [EMAIL PROTECTED] wrote:
cgd gives users some choice over how to build their encrypted partition.
you're able to use different ciphers.
in the unlikely case of a cipher getting broken, you have the possibility to
switch instantly, using a tool you know with stable code an the
On 1/3/06, kami petersen [EMAIL PROTECTED] wrote:
on a related subject: what's keeping that diff you did to add salting to
vnconfig from hitting the tree? (or something like it)
nobody commented on it. the lifecycle of this entire conversation has
gone something like:
whiners demand cgd
On 1/3/06, veins [EMAIL PROTECTED] wrote:
--- Ted Unangst [EMAIL PROTECTED] wrote:
On 1/3/06, kami petersen [EMAIL PROTECTED] wrote:
on a related subject: what's keeping that diff you did to add salting to
vnconfig from hitting the tree? (or something like it)
nobody commented on it.
--- Ted Unangst [EMAIL PROTECTED] wrote:
On 1/3/06, kami petersen [EMAIL PROTECTED] wrote:
on a related subject: what's keeping that diff you did to add salting to
vnconfig from hitting the tree? (or something like it)
nobody commented on it.
[...]
I didn't see that diff :(
Still need
--- Ted Unangst [EMAIL PROTECTED] wrote:
On 1/3/06, knitti [EMAIL PROTECTED] wrote:
cgd gives users some choice over how to build their encrypted partition.
you're able to use different ciphers.
in the unlikely case of a cipher getting broken, you have the possibility
to
switch
After some gentle persuading by Adrian Close, I dropped ipsecadm and
went back to automatic key exchange with isakmpd. A quick
configuration based on the east/west and all is good. Same PF
configuration, no changes there except for the addition of ISAKMP
traffic. Don't know what the
On 01/03/2006 09:45:02 PM, Ted Unangst wrote:
On 1/3/06, kami petersen [EMAIL PROTECTED] wrote:
on a related subject: what's keeping that diff you did to add
salting to
vnconfig from hitting the tree? (or something like it)
i don't believe that the people asking for cgd really even intend
Karl O. Pinc wrote:
On 01/03/2006 09:45:02 PM, Ted Unangst wrote:
On 1/3/06, kami petersen [EMAIL PROTECTED] wrote:
on a related subject: what's keeping that diff you did to add
salting to
vnconfig from hitting the tree? (or something like it)
i don't believe that the people asking for
On Tue, 3 Jan 2006, Dave Feustel wrote:
On Tuesday 03 January 2006 17:50, Otto Moerbeek wrote:
On Tue, 3 Jan 2006, Dave Feustel wrote:
On Tuesday 03 January 2006 17:11, J.C. Roberts wrote:
The rule of thumb for granting privileges is simple; avoid granting
permissions
93 matches
Mail list logo