moved to misc@; it's still not on-topic, but this message may be
somewhat interesting
On Fri, Oct 10, 2014 at 07:31:50PM -0400, Ian Grant wrote:
I want to try to implement some form of concealed port knocking in
OpenBSD, along the lines of Martin Kirsch:
Just a notice: there is a new OpenSSL advisory, at
https://www.openssl.org/news/secadv_20140605.txt. Reproduced below for
your convenience.
(No word on the degree to which LibreSSL is vulnerable.)
===
OpenSSL Security Advisory [05 Jun 2014]
SSL/TLS MITM
On Sun, Apr 20, 2014 at 01:30:14PM +, Артур Истомин wrote:
On Sat, Apr 19, 2014 at 11:29:44PM +0200, joasia et damien wrote:
- Wiadomość oryginalna -
On Fri, Apr 18, 2014 at 08:54:06AM +0200, joasia et damien wrote:
Is there any way to change vi-bindings in pdksh?
I don't
On Mon, Apr 14, 2014 at 12:28:15AM -0700, alexander taylor wrote:
The problem I'm trying to solve is that casual users [...] may not bother
creating
passphrases for their private ssh keys. [...] [T]hese keys could be
cryptographically protected under the user's Windows/Linux logon
password
On Mon, Feb 20, 2012 at 05:57:05PM +0100, Roger S. wrote:
I am facing regular and consequent DDoS, and I would like to know how
the OpenBSD community deal with these. Hints and inputs welcome.
The obvious first : my input pipes are not filled, there is plenty of
bandwith available for my
On Thu, Feb 16, 2012 at 11:49:03AM +0100, Markus wrote:
occasionally I'm in the situation where having multiple
configurations for a single network interface are handy to have.
Most seamlessly, [multiple wifi networks] could be handled by using an
arbitrary extension to the hostname.if files,
On Tue, Apr 19, 2011 at 11:56:51AM +0200, Peter N. M. Hansteen wrote:
Alexander Schrijver alexander.schrij...@gmail.com writes:
I think it's a bad idea to disable ssh login while someone is bruteforcing
your
account.
(...) industrial-scale password guessing (...)
If you allow
On Tue, Apr 19, 2011 at 09:08:52AM +, Julien Dyie wrote:
Hi,
after the reading of syslog.conf (5) and syslogd (8), I can't find how to
disable syslog's listening on specifical interfaces.
syslogd always opens a UDP port, but it silently drops all traffic
unless you pass the -u option. Yes,
On Mon, Apr 18, 2011 at 04:26:12PM +0200, Raimo Niskanen wrote:
On Mon, Apr 18, 2011 at 12:10:31PM +0200, Alessandro Baggi wrote:
Hi list. I'm making a program that maps some ip address to a specified
dns. My problem is relative to CNAME record.
:
Supposing that I have 209.85.148.104 ip,
On Wed, Apr 13, 2011 at 09:19:19AM +, nemir nemirius wrote:
Hi,
One of my clients is a major bank. We need to exchange data a few
times a day at different intervals, and they're insisting that we
initiate the VPN on demand with relevent traffic.
It works from their end. Tunnel is
On Thu, Mar 31, 2011 at 05:42:21PM -0700, Matthew Dempsky wrote:
Does anyone use IPcomp and/or PPP-deflate? Would anyone be sad to see these
go?
They seem pretty busted right now (e.g., no userspace support for
enabling IPcomp, and sys/net/zlib.c is broken on 64-bit arches), and
there's
On Thu, Mar 24, 2011 at 07:58:50AM -0700, johhny_at_poland77 wrote:
https://blog.torproject.org/blog/detecting-certificate-authority-compromises-and-web-browser-collusion
Users of Mozilla Firefox that are concerned about this issue should
enable security.OCSP.require in the about:config
On Sat, Mar 19, 2011 at 06:05:49AM -0700, johhny_at_poland77 wrote:
Does somebody has an idea, that what kind of iptables/pf rule must i use to
achieve this?:
i only want to allow these connections [on the output chain]:
on port 53 output only allow udp - dns
on port 80 output only allow
On Fri, Mar 18, 2011 at 03:50:12PM +0100, Stefan Wollny wrote:
Marco Peereboom wrote:
On Fri, Mar 18, 2011 at 07:02:58AM -0700, johhny_at_poland77 wrote:
So our point is, if there is a good method to encrypt the full disk [like
with dm-crypt/AES/under Linux], and we could have an up-to-date
On Sat, Mar 12, 2011 at 07:39:12AM +0100, Antoine Jacoutot wrote:
On Sat, 12 Mar 2011, Indunil Jayasooriya wrote:
# /usr/local/sbin/havp
Starting HAVP Version: 0.91
*Mandatory locking disabled! KEEPBACK settings not used!
*
then, I tried to mount in this way. then, I got the
On Wed, Mar 09, 2011 at 01:30:39AM -0800, erikmccaskey64 wrote:
I use privoxy. In the user.action file i have a redirect rule and a few
websites:
{ +redirect{s@http://@https://@} }
.twitter.com
.facebook.com
Ok! it's working great, e.g.: if i visit any *twitter.com URL it gets
On Wed, Mar 09, 2011 at 03:03:22PM -0430, Andres Perera wrote:
On Wed, Mar 9, 2011 at 9:27 AM, Joachim Schipper
joac...@joachimschipper.nl wrote:
On Wed, Mar 09, 2011 at 01:30:39AM -0800, erikmccaskey64 wrote:
I use privoxy. In the user.action file i have a redirect rule and a
few websites
On Tue, Mar 08, 2011 at 04:38:41PM +0100, Jordi Espasa Clofent wrote:
2011-03-08 10:31, Earin Gregor skrev:
I just wanted to know how the current development of opensmtp is going?
Is it ready for prime time or still considered as to early in development?
On Mon, Mar 07, 2011 at 10:54:09AM +0100, Henrik Engmark wrote:
Is there a way, good or bad, to relax pf enough to let nmap do its
OS detection?
I am on 4.8.
You can always disable pf (pfctl -d). I'd also expect any sensible
configuration without scrub or (implicit) keep state to work, but I
On Mon, Mar 07, 2011 at 05:22:10AM -0500, marc wrote:
Dear all,
I was reading through the docs on how to boot openbsd with the windows 7
boot loader so I learned I have to execute:
dd if=/dev/sd0a of=openbsd.pbr bs=512 count=1
^
The raw device won't be busy while the filesystem
On Mon, Mar 07, 2011 at 11:34:50AM +0100, Daniel Gracia wrote:
El 07/03/2011 10:54, Henrik Engmark escribiC3:
Is there a way, good or bad, to relax pf enough to let nmap do its OS
detection?
I am on 4.8.
Way too vague question; you should at least describe the scenario.
I'm pretty
On Mon, Mar 07, 2011 at 01:04:56PM -0500, marc wrote:
Hi Janne,
Thanks a lot for your answer. I did read this section (actually subsection
'Windows 7') so I'm afraid I'm the only one getting it wrong...
I had the impression that the command:
C:\Windows\system32 bcdedit /set
On Sun, Mar 06, 2011 at 04:14:33PM +0100, Jens A. Griepentrog wrote:
On 03/06/11 02:25, Matthew Dempsky wrote:
[...] Jens A. Griepentrog griep...@wias-berlin.de wrote:
What went wrong? The procedure works for usual hard disks and memory
sticks with sectors of 512 bytes. I would be grateful
On Thu, Feb 24, 2011 at 10:11:22AM +0100, Jan Stary wrote:
On Feb 09 17:56:59, Ingo Schwarze wrote:
text/html; /usr/bin/lynx -stdin -force_html -dump ; copiousoutput
On Feb 09 10:59:54, Marco Peereboom wrote:
text/html; /usr/local/bin/links -dump '%s'; copiousoutput; description=HTML
On Mon, Feb 21, 2011 at 02:31:20PM -0500, Ted Unangst wrote:
On Mon, Feb 21, 2011 at 10:08 AM, Luis Useche use...@gmail.com wrote:
I would love this feature in OpenBSD src list. Is it possible to use the
activitymail script on the OpenBSD CVS repo?
seems like a serious waste of bandwidth.
On Tue, Feb 22, 2011 at 03:04:25PM +0100, Pete Vickers wrote:
Now that the IPv4 address space if fully allocated, perhaps it's time to
update the comments in /etc/hosts ? Here is my attempt at a reasonably concise
update:
# Assignments from RFC5735 (supersedes RFC1918)
#
# Allocated for
On Sun, Feb 20, 2011 at 10:23:32PM +0100, Peter [prive] wrote:
Trying to find the problem I did the following:
I added 1 rule as the first rule.
pass out quick log (user) proto tcp to port 54321
Can you post a minimal pf.conf that exhibits this problem? It looks like
you have other rules as
On Fri, Feb 18, 2011 at 04:54:57PM -0500, Ted Unangst wrote:
On Fri, Feb 18, 2011 at 3:35 PM, Joachim Schipper
joac...@joachimschipper.nl wrote:
Actually, if one could specify an encryption password for the memory
written to disk, a stolen hibernating system would be less dangerous
than
On Sat, Feb 19, 2011 at 10:08:50PM +0800, Ana Zgombic wrote:
Hi Misc,
i'm trying to collect firsthand experience on implementing application
level bandwidth throttling.
background: i'm looking at playing with thttpd and i want to remove
the bandwidth throttling code since it looks
On Fri, Feb 18, 2011 at 10:51:27AM -0600, Orestes Leal R. wrote:
does it exists?
Not yet.
Joachim
--
PotD: converters/wv2 - library functions to access Microsoft Word/Excel files
http://www.joachimschipper.nl/
On Fri, Feb 18, 2011 at 05:17:57PM +, Kevin Chadwick wrote:
On Fri, 18 Feb 2011 16:17:25 +0100 Joachim Schipper wrote:
On Fri, Feb 18, 2011 at 10:51:27AM -0600, Orestes Leal R. wrote:
does it exists?
Not yet.
Hibernate offers more integrity of user data but it's a lot less
On Fri, Feb 18, 2011 at 06:41:26PM +0100, Pascal Stumpf wrote:
I am too experiencing the booting problems described a few days ago for
the SL410. With the MP kernel, booting would sometines just stop at
mtrr: Pentium Pro MTRR support,
forcing a hard reset of the machine. Other times it just
On Wed, Feb 09, 2011 at 10:31:05AM +0100, Ezequiel Garzsn wrote:
On Fri, Feb 4, 2011 at 10:35 PM, Benny Lofgren bl-li...@lofgren.biz wrote:
On 2011-02-04 21.12, Ezequiel Garzsn wrote:
Hello! [F]rom my fresh OpenBSD VPS, which I
assume has had a default installation (...) I tried lynx
On Tue, Feb 01, 2011 at 05:51:01PM +, Kevin Chadwick wrote:
/usr/local/libexec/symux: can't load library 'libfontconfig.so.6.0'
OK, I figured this out: I must have accidentally gotten the wrong
xbase47.tgz fileset. problem solved.
For the archives:
You also get a missing library
On Mon, Jan 31, 2011 at 05:10:04PM +, Jason McIntyre wrote:
On Mon, Jan 31, 2011 at 11:28:13AM +0100, Henning Brauer wrote:
then i change my mind and we should add a note that the default pass
behaviour (NOT rule, even tho there kinda is a default rule
internally...) doesn't lead to
On Mon, Jan 31, 2011 at 01:29:40PM -0600, tra...@subspacefield.org wrote:
I have a script to sort of kickstart an installation after doing a
bare install of OpenBSD, and it's designed to be idempotent (won't
hurt to run it several times).
Currently I install some packages, but that's a bit
On Wed, Jan 26, 2011 at 10:56:02AM +0100, Leslie Jensen wrote:
Upon installation of noip I ran the command noip2 -C to configure it.
I want noip to run a script every 30 minutes that sends a mail to me
at the end of the updating of the address.
So I choose the settings accordingly when
On Sat, Jan 08, 2011 at 09:50:36PM +0100, Pieter Verberne wrote:
On Sat, 8 Jan 2011 21:03:56 +0100, Henning Brauer wrote:
* Pieter Verberne pieterverbe...@xs4all.nl [2011-01-08 17:23]:
I'm not sure if it is a good idea (or even possible) but I'm
trying to
run OpenBSD as guest in qmemu on a
On Fri, Jan 07, 2011 at 05:50:25AM -0500, Eric Furman wrote:
On Fri, Jan 07 2011 at 59:07, Girish Venkatachalam wrote:
Many websites these days Akamize or do whatever that gives them a
different IP address
everytime you access it.
Don't use stupid shit like Akamize. Problem solved.
On Tue, Jan 04, 2011 at 02:34:08PM +, Rodolfo Gouveia wrote:
I have a machine with 4.7 softraid CRYPTO.
On the upgrade48.html it's recommended to rebuild the softraid volume
to use some of the upcoming features.
Thing is I can't rebuild a CRYPTO softraid volume.
# bioctl -v softraid0
On Fri, Dec 31, 2010 at 04:19:53PM -0600, Matt Evans wrote:
A friend and I are both on dynamic IP residential broadband
connections. We both use OpenBSD boxes as edge devices.
We were wondering if it were possible to create an ipsec tunnel between
us, even though we both have dynamic public
On Wed, Dec 29, 2010 at 08:04:14AM -0800, S Mathias wrote:
Are there any programs blocking ip, and has frequently updated lists,
like the peerguardian on windows?
sorry for the question, but i looking for this kind of application :O
Five minutes' research shows that PeerGuardian is mainly
On Tue, Dec 28, 2010 at 01:51:19PM +0900, Joel Rees wrote:
Just want to check on whether the situation with my sort-of new
install of 4.8 is normal, and if my guess as to how to approach it is
correct.
I didn't have time last night to go through and tweak everything I
know to tweak, and
On Mon, Dec 27, 2010 at 10:08:09AM -0500, Frank Bax wrote:
On 12/27/10 09:35, Dmitrij D. Czarkoff wrote:
I use a custom script to remove automaticly installed dependencies to the
manually installed packages I deleted.
If you had used -D dependencies when you manually deleted a
package; the
On Mon, Dec 27, 2010 at 10:34:31AM -0500, Frank Bax wrote:
I see this message in /var/log/daemon about every 10 minutes or so
(starting about an hour ago); what does this mean?
Dec 27 10:30:01 bax inetd[28318]: pop3/tcp server failing (looping),
service terminated
It means you'll want to
On Mon, Dec 27, 2010 at 01:41:07PM -0600, Orestes Leal R. wrote:
Martin Schrvder mar...@oneiros.de wrote:
2010/12/27 Orestes Leal R. l...@cubacatering.avianet.cu:
the 2 programs work ok, but the do not execute from crontab when I
logged
out from console,ssh.
but when I logged on into an ssh
On Fri, Dec 24, 2010 at 11:00:48AM +0100, Webcharge wrote:
Must be the holiday season *sigh* my OpenBSD server is suddenly
giving the occassional read-timeout on the /var slice of the main
harddisk:
There is a second harddisk installed, with OpenBSD formatted slices,
but of different
On Sun, Dec 19, 2010 at 08:07:45AM -0500, Josh Smith wrote:
Dear Misc@,
I have a largeish ( around 10 gb) mail archive stored in a mbox file
and it's starting to get a bit unwieldy to maintain, it's difficult to
search through and etc. With that in mind I was wondering what others
on the
I'm sure most of you are already aware, but
http://news.ycombinator.com/item?id=2014004 suggests that Jason fixed a
potentially-dangerous bug in the IPSEC code in the NETSEC timeframe
(src/sys/netinet/ip_esp.c r1.75).
Joachim
On Sun, Dec 12, 2010 at 09:11:16PM -0700, Travis King wrote:
Joel Wiramu Pauling j...@aenertia.net wrote:
Marti Martinez ma...@ece.arizona.edu wrote:
Ted Unangst ted.unan...@gmail.com wrote:
At some point you're going to realize that the javascript that
decrypts your mail has to come
On Sun, Dec 12, 2010 at 01:00:17PM -0600, Yarin wrote:
As the documentation explains, when poll() is interrupted by a signal, it
should return -1/EINTR.
However, I'm getting a return indicating that all of the polling descriptors
are ready, but when I check their flags out, none of them are
On Sun, Dec 12, 2010 at 03:44:18PM +0400, OpenBSD Geek wrote:
To remove users from example group users, i usually do it by editing the
file /etc/group, and remove it manually.
Is there a way from command line to remove some users from a specific
group ?
I want to do a script like that :
On Thu, Dec 09, 2010 at 10:41:32PM +0100, roberth wrote:
Brad Tilley b...@16systems.com wrote:
Adam M. Dutko wrote:
How do[es Lavabit] deal with legal jurisdiction? Technically the
government can still subpoena and they'd have to turn over the
documents in the persons account,
On Sat, Dec 04, 2010 at 06:28:04PM -0700, Clint Pachl wrote:
When I open [the UPS developer's guide] with xpdf(1) I get a [message]
to download the the latest Adobe crapware to view it.
This is cheating, but have you tried throwing it into Google docs?
Joachim
On Mon, Nov 29, 2010 at 06:52:38PM -0800, Scott Stanley wrote:
Someone gave me a bunch of HP Proliant DL360 G3 servers, so I promptly
went to install 4.8 i386 on one to see if it was worth keeping.
(I'm just playing around at home with these)
Installer makes it all the way to installation
On Tue, Nov 23, 2010 at 01:38:04PM +0100, carlopmart wrote:
I will to know your opinion about using virtual firewalls in virtual
infraestructures like vmware, kvm ,xen, etc (...) [What about]
security?
Let me add one more reason to the ones already offered: there are *many*
side-channel
On Wed, Nov 24, 2010 at 01:03:00AM +0200, Kapetanakis Giannis wrote:
I've recently tested login_ldap and ypldap on OpenBSD 4.8 as a test
case for an authpf gateway for ldap users.
Apart from these solution and having in mind that PAM is not (and
probably never will be) an option, what would
On Sat, Nov 06, 2010 at 01:22:43PM +0100, Jean-Francois wrote:
I think of installing as a ftp daemon vsftpd or pure-ftpd since both
seems to be simple and secure.
Would you recommend one or the other in terms of security or
scalability ?
vsftpd wins for security. You may also want to
On Sat, Nov 06, 2010 at 02:13:46PM +0100, Jan Stary wrote:
For some time now, I have been using the following sysctl's
mentioned in FAQ 6.6.4, which sped up my network traffic
considerably:
net.inet.tcp.recvspace
net.inet.tcp.sendspace
net.inet.udp.recvspace
net.inet.udp.sendspace
Now
On Sat, Nov 06, 2010 at 04:29:22PM +0100, Jan Stary wrote:
On Nov 06 15:47:54, Claudio Jeker wrote:
On Sat, Nov 06, 2010 at 02:13:46PM +0100, Jan Stary wrote:
For some time now, I have been using (...)
net.inet.tcp.recvspace
net.inet.tcp.sendspace
net.inet.udp.recvspace
On Tue, Nov 02, 2010 at 12:53:15PM +0800, Edwin Eyan Moragas wrote:
as i understand, sendmail is initially configured to send emails
locally (ie, users on the same host).
i'm setting up PHP on chrooted apache. mini_sendmail-chroot is already
installed. i don't have any shells copied to the
On Tue, Nov 02, 2010 at 02:23:23AM +1300, Jammer wrote:
I'm experiencing problems setting up an OpenBSD box as a
firewall/Wireless Access Point(...)
Firstly my setup:
* I've tried this using OpenBSD v4.1, v4.6 and a 4.8 snapshot from
29/10/20 all with similar results.
Just install 4.8 or
On Sat, Oct 30, 2010 at 02:44:50PM -0700, Philip Guenther wrote:
On Sat, Oct 30, 2010 at 10:34 AM, Maurice Janssen maur...@z74.net wrote:
(...) I extracted the src.tar.gz from the 4.8 CDROM and
synchronized the src tree to -stable through CVS. I expected to see
about 5 files being changed,
On Tue, Oct 26, 2010 at 04:24:04AM -0700, Russell wrote:
On 10/22/2010 09:43 AM, Joachim Schipper wrote:
On Thu, Oct 21, 2010 at 07:46:50PM +0200, Bret S. Lambert wrote:
On Thu, Oct 21, 2010 at 05:38:54PM +, Jay K wrote:
My ideal setup would be:
1) no passwords (* in /etc/passwd
On Thu, Oct 21, 2010 at 07:46:50PM +0200, Bret S. Lambert wrote:
On Thu, Oct 21, 2010 at 05:38:54PM +, Jay K wrote:
My ideal setup would be:
1) no passwords (* in /etc/passwd or via vipw)
2) only ssh for remote access
i.e. no password-based security, only something better
On Thu, Oct 21, 2010 at 02:02:26PM -0400, Adam M. Dutko wrote:
I recently tried to list contents of some of the CVS servers without doing a
checkout to see if it would be feasible to write a small script to identify
hot spots in the development tree based on recent commits. I believe this
On Thu, Oct 14, 2010 at 03:28:20PM -0400, Brad Tilley wrote:
Brad Tilley wrote:
I created (...) /etc/profile to force sh and ksh to logout users
after a certain period of idleness:
$ cat /etc/profile
# Force sh and ksh to logout idle users after 15 minutes
# Prevent normal users
On Wed, Oct 13, 2010 at 09:09:29AM +, Leif Blixt wrote:
Brad Tilley brad at 16systems.com writes:
I was experimenting with a program to meet PCI DSS 1.2 password length
and content/complexity requirements and integrating it with login.conf
for users who have shell access to OpenBSD
On Thu, Oct 07, 2010 at 03:44:38AM +0200, Guillaume Duali wrote:
On 01/10/2010 17:27, Guillaume Duali wrote:
On my laptop, I install the latest iso file downloaded here :
ftp://ftp.fr.openbsd.org/pub/OpenBSD/snapshots/i386/install48.iso
And with it, the acpi is bugged.
If I do a classic
On Thu, Oct 07, 2010 at 10:27:43AM +0200, Guillaume Duali wrote:
On Thu, 7 Oct 2010 06:02:10 +0200, Tomas Bodzar
tomas.bod...@gmail.com wrote:
4.8 is closed for a quite long time. Support can start only in current
so 4.9 is nearest possible release which will support your HW ;-)
Ho ok ^^
On Thu, Oct 07, 2010 at 01:34:50PM +0200, g.du...@otasc.org wrote:
If I understand you think to combine C and Python ?
Do you think is good to code the tool in C, with only shell interface,
and add the graphical front-end in Python ?
In this case Python will call on each click the C binary
On Fri, Oct 01, 2010 at 09:31:18AM +0200, Claer wrote:
On Thu, Sep 30 2010 at 45:10, Tilo Stritzky wrote:
On 30/09/10 00:40 Claer wrote:
I have a minipci umts modem that is reconized fine by OpenBSD (4.7-stable)
but I'm unable to find the good pppd configuration to establish the
On Fri, Oct 01, 2010 at 10:45:30AM +0200, Massimo Lusetti wrote:
On Wed, 29 Sep 2010 Theo de Raadt dera...@cvs.openbsd.org wrote:
[Ted Unangst wrote: -- Joachim Schipper]
[/dev/arandom] is more efficient. There is almost always enough entropy
for
arandom, and if there isn't, you
On Fri, Oct 01, 2010 at 08:42:04AM -0400, Michael W. Lucas wrote:
I have to build a new mail relay host, and would like to use spamd and
smtpd on OpenBSD. I'm required to provide antivirus scanning of mail
contents, however. Has anyone attached any antivirus software to this
combination?
On Wed, Sep 29, 2010 at 09:57:53AM -0400, Simon Perreault wrote:
I'm trying to use /dev/srandom, but I can't get even a single byte out
of it.
$ hexdump -n 1 /dev/srandom
It just hangs there, sleeping. If I use /dev/urandom instead, it returns
immediately, as expected:
$ hexdump -n 1
On Wed, Sep 29, 2010 at 09:39:06AM -0600, Theo de Raadt wrote:
On Wed, Sep 29, 2010 at 9:57 AM, Simon Perreault
simon.perrea...@viagenie.ca wrote:
I'm trying to use /dev/srandom, but I can't get even a single byte out
of it.
Independent of other problems, I don't think you should be
On Mon, Sep 27, 2010 at 04:33:03PM +0200, Martin Schrvder wrote:
2010/9/27 Brad Tilley b...@16systems.com:
The absence of reports doesn't prove that the flaws don't exist (and
no, I'm not sitting on a 0day for OpenBSD :).
I agree. I only meant that history shows Linux has these and
On Mon, Sep 27, 2010 at 07:46:56AM -0700, Pauline Merton wrote:
I will be moving users from an openbsd 3.7 to openbsd 4.7 server.
Do I just copy over /etc/passwd and /etc/shadow?
No, that function is handled by /etc/master.passwd on OpenBSD. Copy that
file (and /etc/groups, if appropriate)
Date: Sat, 25 Sep 2010 21:35:29 +0200
From: Joachim Schipper joac...@joachimschipper.nl
To: misc@openbsd.org
Subject: Re: help configuring Huawei E182E
Message-ID: 20100925193529.gb22...@polymnia.joachimschipper.nl
Mail-Followup-To: misc@openbsd.org
References: b678c347d7c941b7b12f5e90cf58e9bf
On Wed, Sep 22, 2010 at 02:04:39PM -0600, Beavis wrote:
Greetings List,
I would like to ask if someone has done routing via pf(4) (non-NAT
rules). My idea is to be able to route packets from one interface to
the other. say from tun0 to rl0. I've been googling a lot and most of
the rules im
On Tue, Sep 21, 2010 at 10:03:54PM -0400, LOL wrote:
Does openBSD have a tools that search packages ? The only way I found it's
by installing ports tree but I think it's a bit stupid to have all the tree
just to a search.
Does openBSD has a boot manager like Grub or Boot0 for FreeBSD ?
On Wed, Sep 15, 2010 at 08:21:57PM -0300, Hugo Osvaldo Barrera wrote:
On Wed, Sep 15, 2010 at 17:02, Joachim Schipper
In the specific case of Subversion, it's easy enough to invoke it
directly from SSH (...)
I know, I've used svn+ssh for some time. The issue is I have several
On Wed, Sep 15, 2010 at 12:34:48PM -0300, Hugo Osvaldo Barrera wrote:
I'm planning on having a few servers (including SVN) listening on 127.0.0.1
on machine A, and then tunneling into that machine from machine B to use
those services.
However, how safe is lo this sort of tunnel? Is there a
On Mon, Sep 13, 2010 at 10:59:56AM +0200, Pete Vickers wrote:
I'm trying to set up a box such that normal users are chroot'd to their home
directories, and can only use sftp.
Any clues what I'm doing wrong ? Google seems to hint that the chroot
directory might have to be owned by root, but
On Mon, Aug 30, 2010 at 10:07:06AM +0200, Jean-Francois wrote:
Might you please indicate how in the construction of an IP packet the mac
address in incorporated into it. Is the job of the OS or of the IF ? If the
OS
is responsible for it, how is it processed and is it possible to change the
On Thu, Aug 26, 2010 at 01:26:25PM +0200, Johan Linnir wrote:
We need help/support with setting up a couple of pf firewalls with
carp etc. and are of course willing to pay for it if we find the
right resource. Please reply off list if you're interested or can
recommend a company/person whom
On Wed, Aug 25, 2010 at 01:00:36PM -0400, Juan Miscaro wrote:
Hi gang,
I have found Linux info [1] on restricting users to file transfers
(sftp, scp, rsync, etc) using rssh. Is this recommended from OpenSSH
developers? Is there a native way of doing this (in OpenBSD, in
Linux)?
[1]
On Tue, Aug 17, 2010 at 12:27:04PM +0200, Matt wrote:
Quite possibly more of a 'which software' question:
I am looking for a way to have two parties share documents securely
through an OpenBSD server.
User A can not look into directory B but is allowed in dir C, that
sort of thing. Sharing
On Sat, Aug 14, 2010 at 12:04:56AM +0400, open...@e-solutions.re wrote:
Hi,
I installed OpenBSD 4.7 for web hosting (test).
So i have 3 websites for 3 users (1 site per user) :
www.first.xx (user : firstxx)
www.2nd.xx (user : 2ndxx)
www.third.xx (user : thirdxx)
All web pages are
On Tue, Aug 10, 2010 at 07:00:37PM +0200, Martin Schrvder wrote:
2010/8/10 Iqigo Ortiz de Urbina inigoortizdeurb...@gmail.com:
Mainstream open source monitoring is pretty much about munin, cacti,
nagios, zabbix. You can make any of these run on openbsd, AFAIK.
A munin port would be highly
On Fri, Aug 06, 2010 at 12:18:06PM -0500, Ahlsen-Girard, Edward F CTR USAF
AFSOC AFSOC/A6OK wrote:
Nick Holland wrote:
On 08/06/10 18:38, Aaron Lewis wrote:
How much space should i put for a separated partition, mounted on
/usr/obj, is 4 GiB more or less ?
4GB is significantly bigger
On Fri, Aug 06, 2010 at 06:19:07PM +0100, Kevin Chadwick wrote:
On Fri, 06 Aug 2010 12:14:09 -0400
Nick Holland n...@holland-consulting.net wrote:
I'm also a bit dubious about anything which involves qemu as a solution,
as I've seen too many people immediately jump on using qemu when much
On Fri, Jul 23, 2010 at 10:43:36AM -0400, Michael W. Lucas wrote:
Hi,
I'm running 4.7 GENERIC.MP#0 amd64 with the cwm window manager. Read
the man pages and searched, but no answer to this.
My employer runs SSH on a specific non-standard port. (Yes, I know,
but that's the rule and it's
On Sun, Jun 27, 2010 at 02:13:01PM +0930, Damon McMahon wrote:
Greetings,
I need someone to hit me with a clue-stick here. I was trying to get a
status of ping(1) using ^T but it appeared not to be sending a SIGINFO
command. Reading through the man pages I see that stty(1) defines this
On Wed, Jun 23, 2010 at 12:36:38PM +0200, Ektor Wetterstrvm wrote:
I know http://bulk.fefe.de/scalability/ is wrong / outdated /
non-scientific / whatever... But what about this? Phoronix has more
credibility imho...
On Mon, Jun 21, 2010 at 03:03:08PM +0200, Tony Berth wrote:
did the following:
after navigating to: http://openbsd.org/anoncvs.html#starting
applied:
# *cd /usr; cvs checkout -P -rOPENBSD_4_7 src*
using *cvsroot=anon...@anoncvs.fr.openbsd.org:/cvs*
That gets you -stable. Don't apply
On Sun, Jun 20, 2010 at 01:54:21PM +0800, Aaron Lewis wrote:
Aaron Lewis wrote:
I'm looking for some crypt methods that will encrypt the whole
disk, rather than saving it to a single file.
And i need it to be supported both Linux and OpenBSD, is it
possible?
in most cases
On Thu, Jun 17, 2010 at 01:35:29PM +0200, Robert wrote:
Joachim Schipper wrote:
Easy enough, just create a softraid CRYPTO volume on top of a softraid
RAID-0 volume. Do keep good backups, including of the key you use.
I remember that I asked something similar a year ago and the answer
On Wed, Jun 16, 2010 at 08:43:29PM +0100, Harry Palmer wrote:
Beginning my effort to encrypt a 300GB drive in a 64bit Ultrasparc,
I followed these initial steps:
1. used disklabel to create a single slice a on the drive
2. made a file system with newfs (is it necessary to have so many
On Thu, Jun 17, 2010 at 09:43:46AM +0100, Harry Palmer wrote:
Have you considered softraid crypto?
Thanks for this independent advice. Looks like it works at the block
device level which must be better.
I must say that while the official openbsd documentation I've seen is
second to none,
1 - 100 of 1215 matches
Mail list logo