Re: I *think* I found the apache2 docs, but it's in .html andIcannotgetfirefox to access it using "file:"+ /path/to/filedir

[rhkramer]

The mad snipper strikes -- mwha ha haha

On Thursday, June 23, 2022 04:05:40 PM Gareth Evans wrote:
> > On 23 Jun 2022, at 01:46, gene heskett  wrote:
> > On 6/22/22 19:39, Gareth Evans wrote:

> >> OK, but I mean do the non-robots.txt-compliant bots actually try to
> >> submit passwords?
> > 
> > If enough of us do it in self defense, I look for then to grow the code
> > to do it. I don't object to them indexing my site, but on a 10 megabit
> > cable connection, they use up all my upload bw on a 24/7 basis when they
> > try to mirror it. That in my lookup table, is a DDS. So them and the
> > camel that rode in on them can be told to go to hell but I won't waste
> > time using flowery words like our senator Bird was so famously fond of
> > using. He could tell you to go to hell and do it in such flowery
> > language that you looked forward to the trip.
> 
> OK.  That's not something I can help with from scratch, but I will watch
> with interest for further discussion.
> 
> Best wishes,
> G


-- 
If you reply: snip, snip, and snip again.  Leave attributions.

A picture is worth a thousand words -- divide by 10 for each minute of video 
(or audio) or create a transcript and edit it to 10% of the original.  (Oxford 
commas not needed.)

Re: I *think* I found the apache2 docs, but it's in .html andIcannotgetfirefox to access it using "file:"+ /path/to/filedir

[Gareth Evans]

> On 23 Jun 2022, at 21:49, gene heskett  wrote:
> 
> On 6/23/22 16:08, Gareth Evans wrote:
>> OK.  That's not something I can help with from scratch, but I will watch 
>> with interest for further discussion.
>> 
>> Best wishes,
>> G
> Well, it working in plain http, so until they get to be a nuisance, I have 
> other irons
> smoking in the fire. Like some fine tuning of the gui fpr one of my cnc'd 
> machines.
> 
> See at the 6040-stf subdir at the link in my sig.
> 
> That machine is about to start making a screw out of hard maple, made to be 
> the
> screw of a combo with a 3d printed nut assembly for a woodworking workbenches
> leg vise. If it works I'll adv in Fine WoodWorking as the only other maker of 
> such
> has quietly vanished about 15 years back up the log.
> 
> He may have missed morning roll call as will I, probably too soon, but I am 
> 87 and
> alone now.
> 
> And I intend to have fun till I miss that famous roll call.  If I can make a 
> few sheckles
> doing it, that's even better. :o)>
> 
> Thank you for the help, Gareth, take care and stay well.

You're welcome, you too.
Gareth

> 
> 
> Cheers, Gene Heskett.
> 
> -- 
> "There are four boxes to be used in defense of liberty:
> soap, ballot, jury, and ammo. Please use in that order."
> -Ed Howdershelt (Author, 1940)
> If we desire respect for the law, we must first make the law respectable.
> - Louis D. Brandeis
> Genes Web page 
> 

Re: I *think* I found the apache2 docs, but it's in .html andIcannotgetfirefox to access it using "file:"+ /path/to/filedir

[gene heskett]

On 6/23/22 16:08, Gareth Evans wrote:

OK.  That's not something I can help with from scratch, but I will watch with 
interest for further discussion.

Best wishes,
G
Well, it working in plain http, so until they get to be a nuisance, I 
have other irons
smoking in the fire. Like some fine tuning of the gui fpr one of my 
cnc'd machines.


See at the 6040-stf subdir at the link in my sig.

That machine is about to start making a screw out of hard maple, made to 
be the
screw of a combo with a 3d printed nut assembly for a woodworking 
workbenches
leg vise. If it works I'll adv in Fine WoodWorking as the only other 
maker of such

has quietly vanished about 15 years back up the log.

He may have missed morning roll call as will I, probably too soon, but I 
am 87 and

alone now.

And I intend to have fun till I miss that famous roll call.  If I can 
make a few sheckles

doing it, that's even better. :o)>

Thank you for the help, Gareth, take care and stay well.


Cheers, Gene Heskett.

--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis
Genes Web page 

Re: I *think* I found the apache2 docs, but it's in .html andIcannotgetfirefox to access it using "file:"+ /path/to/filedir

[Gareth Evans]

> On 23 Jun 2022, at 01:46, gene heskett  wrote:
> 
> On 6/22/22 19:39, Gareth Evans wrote:
>>> On Wed 22 Jun 2022, at 22:42, gene heskett  wrote:
>>> On 6/22/22 16:51, Gareth Evans wrote:
 On Wed 22 Jun 2022, at 21:16, gene heskett  wrote:
> On 6/22/22 10:45, Gareth Evans wrote:
> [and I sniped a few kilobytes of.]
> 
> I think I've got it, but I did find what may be a bug in mod auth_plain.
> 
> Its asking for a username and pw, but nothing seems to satisfy it
 I didn't see you had replied before sending my previous message, please 
 ignore.
 
 Can't find anything about mod_auth_plain but if you mean mod_auth_basic 
 this requires usernames/passwords to be set up, not looking at /etc/passwd
 
 https://www.howtogeek.com/devops/how-to-setup-basic-http-authentication-on-apache/
 
 This also has a link to setting up LetsEncrypt.
 
> , so
> I disabled it, no man page hat I can find, and now its showing me
> the directory I want as the root of this server, with one subdir
> I can click on, and the first file I put there.
> 
> However I need to compose an explanatory README to go with it as
> I had to invent my own method of installing it on a u-booting rpi.  Its a
> preempt-rt kernel needed to run the armhf version of linuxcnc from
> the buildbot. I run the bleeding edge development version on all 4
> of my machines I've built or rebuilt. I play the part of the caged
> canary in the coal mine, checking for showstoppers as development
> is ongoing and has been since the net arrived. Its a NIST project, re-
> done in gpl and was once on the no export list. See at linuxcnc.org.
> 
> So the plain text version is working and you should be able to see it at
>  (or something like that)
 Yes.
>>> Good, so I'll quit tinkering for today.
> That file in the armhf subdir is just under 30 megabytes, so if paying
> for the bandwidth, don't click on it.
> 
> Making progress, I think, Thanks Gareth.
> 
> However, if there is a way to implement a OTP so I can keep track of the
> users,
> I could use some help with that as long as I don't setup a universal pw
> the bots
> can use. What I'd like is a true OTP with a 2 week lifetime.  Can that
> be done?
 I see there are various offerings (web search for "apache otp") but there 
 doesn't seem to be an official offering.
> I haven't done that DDG search, preferring to rely more on the real users 
> experience.
> The idea being that if the bot figures its worth in, and has his master ask 
> for a OTP,
> the 1 or 2 week expiry would eventually run them off. I figure that the 
> botmasters
> patience would be used up and I would get blacklisted, based on TANSTAAFL.
> 
> They aren't using much bandwidth now, and despite the weird port #, several 
> of them
> have already started looking at me.
> 
> I know of two others working on machines to be run by rpi4's, using my kernel 
> cuz
> the foundation would never approve, but all the other machines are being 
> worked on,
> I think I am the only one on the planet actually doing it.  And I did it 
> first with a rpi3b
> but its tongue was dragging on the floor doing it. The rpi4b can run the 
> machine while building
> the next git pull of linuxcnc.  A huge difference in the efficiency between 
> that and a wintel box..
> 
> With linuxcnc not running, or with it running but F2 toggled off. power draw 
> for the pi,
> interfacing and its lcd monitor is about 22 watts. Those machines running on 
> wintel
> boxes are drawing over 200 watts each with the machine powered down.
> 
>> OK, but I mean do the non-robots.txt-compliant bots actually try to submit 
>> passwords? 
> 
> If enough of us do it in self defense, I look for then to grow the code to do 
> it.
> I don't object to them indexing my site, but on a 10 megabit cable connection,
> they use up all my upload bw on a 24/7 basis when they try to mirror it. That 
> in
> my lookup table, is a DDS. So them and the camel that rode in on them can be
> told to go to hell but I won't waste time using flowery words like our 
> senator Bird
> was so famously fond of using. He could tell you to go to hell and do it in 
> such
> flowery language that you looked forward to the trip.

OK.  That's not something I can help with from scratch, but I will watch with 
interest for further discussion.

Best wishes,
G


>> I was wondering why you are interested in OTP/scheduled password 
>> regeneration for this use case, and whether a simple (or not so simple) 
>> password may be sufficient for bandwidth preservation purposes.
>> 
>> Thanks
>> G
>> 
>> I think its called netfilter now, so I expect I better find out how to
>> use it.
>> 
>> In the meantime,  a man page for robots.txt would be nice  but I expect
>> DDG can find that..
 Best wishes,
 Gareth
>>> Take care and stay well.
>>> 
> Cheers, Gene 

Re: I *think* I found the apache2 docs, but it's in .html andIcannotgetfirefox to access it using "file:"+ /path/to/filedir

[gene heskett]

On 6/22/22 19:39, Gareth Evans wrote:

On Wed 22 Jun 2022, at 22:42, gene heskett  wrote:

On 6/22/22 16:51, Gareth Evans wrote:

On Wed 22 Jun 2022, at 21:16, gene heskett  wrote:

On 6/22/22 10:45, Gareth Evans wrote:
[and I sniped a few kilobytes of.]

I think I've got it, but I did find what may be a bug in mod auth_plain.

Its asking for a username and pw, but nothing seems to satisfy it

I didn't see you had replied before sending my previous message, please ignore.

Can't find anything about mod_auth_plain but if you mean mod_auth_basic this 
requires usernames/passwords to be set up, not looking at /etc/passwd

https://www.howtogeek.com/devops/how-to-setup-basic-http-authentication-on-apache/

This also has a link to setting up LetsEncrypt.


, so
I disabled it, no man page hat I can find, and now its showing me
the directory I want as the root of this server, with one subdir
I can click on, and the first file I put there.

However I need to compose an explanatory README to go with it as
I had to invent my own method of installing it on a u-booting rpi.  Its a
preempt-rt kernel needed to run the armhf version of linuxcnc from
the buildbot. I run the bleeding edge development version on all 4
of my machines I've built or rebuilt. I play the part of the caged
canary in the coal mine, checking for showstoppers as development
is ongoing and has been since the net arrived. Its a NIST project, re-
done in gpl and was once on the no export list. See at linuxcnc.org.

So the plain text version is working and you should be able to see it at
 (or something like that)

Yes.

Good, so I'll quit tinkering for today.

That file in the armhf subdir is just under 30 megabytes, so if paying
for the bandwidth, don't click on it.

Making progress, I think, Thanks Gareth.

However, if there is a way to implement a OTP so I can keep track of the
users,
I could use some help with that as long as I don't setup a universal pw
the bots
can use. What I'd like is a true OTP with a 2 week lifetime.  Can that
be done?

I see there are various offerings (web search for "apache otp") but there 
doesn't seem to be an official offering.
I haven't done that DDG search, preferring to rely more on the real 
users experience.
The idea being that if the bot figures its worth in, and has his master 
ask for a OTP,
the 1 or 2 week expiry would eventually run them off. I figure that the 
botmasters

patience would be used up and I would get blacklisted, based on TANSTAAFL.

They aren't using much bandwidth now, and despite the weird port #, 
several of them

have already started looking at me.

I know of two others working on machines to be run by rpi4's, using my 
kernel cuz
the foundation would never approve, but all the other machines are being 
worked on,
I think I am the only one on the planet actually doing it.  And I did it 
first with a rpi3b
but its tongue was dragging on the floor doing it. The rpi4b can run the 
machine while building
the next git pull of linuxcnc.  A huge difference in the efficiency 
between that and a wintel box..


With linuxcnc not running, or with it running but F2 toggled off. power 
draw for the pi,
interfacing and its lcd monitor is about 22 watts. Those machines 
running on wintel

boxes are drawing over 200 watts each with the machine powered down.

OK, but I mean do the non-robots.txt-compliant bots actually try to 
submit passwords? 


If enough of us do it in self defense, I look for then to grow the code 
to do it.
I don't object to them indexing my site, but on a 10 megabit cable 
connection,
they use up all my upload bw on a 24/7 basis when they try to mirror it. 
That in

my lookup table, is a DDS. So them and the camel that rode in on them can be
told to go to hell but I won't waste time using flowery words like our 
senator Bird
was so famously fond of using. He could tell you to go to hell and do it 
in such

flowery language that you looked forward to the trip.

I was wondering why you are interested in OTP/scheduled password regeneration 
for this use case, and whether a simple (or not so simple) password may be 
sufficient for bandwidth preservation purposes.

Thanks
G

I think its called netfilter now, so I expect I better find out how to
use it.

In the meantime,  a man page for robots.txt would be nice  but I expect
DDG can find that..

Best wishes,
Gareth

Take care and stay well.


Cheers, Gene Heskett.
--
"There are four boxes to be used in defense of liberty:
 soap, ballot, jury, and ammo. Please use in that order."
-Ed Howdershelt (Author, 1940)
If we desire respect for the law, we must first make the law respectable.
 - Louis D. Brandeis