Re: [gentoo-user] Microphone not working
On Mon, Jan 5, 2009 at 9:17 PM, Grant emailgr...@gmail.com wrote: The microphone on my laptop isn't working and I'm not sure how to troubleshoot it. I've tried using it in twinkle and arecord but it doesn't work in either. The headset works fine on a different system. Can anyone help with this? Chipset of the audio card? Laptop model? - Grant
Re: [gentoo-user] Xine and Mplayer Sound problems
- Original Message - From: sean tech.j...@verizon.net To: gentoo-user@lists.gentoo.org Sent: Monday, January 05, 2009 4:17 PM Subject: [gentoo-user] Xine and Mplayer Sound problems Recently whenever I try to play a CD, or a file such as an .avi, Xine instead generates a xine-out.wav and no sound. The video portion looks perfect. If I play the xine-out.wav, it is the audio track from the file I tried to play. Trying to play that same .avi with Mplayer yields a pop-up window. It reports an error, DVB card number must be between 1 and 4. Like Xine, the video portion displays without problems. Anyone have any ideas on possible causes? Trying something like Ekiga, which has sound and video, works without problems. Thanks Sean What your USE flags for mplayer and xine? are Xine and Mplayer setup correctly? Make sure there are is no option set to save audio to files.
Re: [gentoo-user] How to prevent Firefox from switching VT?
I would like to make FF stick to a specific VT, or just not switch VT when called from another. Possible? Are you talking about that ? https://bugzilla.mozilla.org/show_bug.cgi?id=425879 Exactly, thanks! I guess that what you call a VT (virtual _terminal_) is a virtual workspace. To continue nitpicking, the wmctrl people call it virtual desktop. Regards, ralf
[gentoo-user] Re: How to prevent Firefox from switching VT?
Ralf Stephan wrote: Hello, I'm using mutt as MUA in an xterm on VT1 and calling up, via urlview, FF on VT2 with a web page from a mail URL. Up to some time recently, Firefox only switched VT the first time I did this, now it does it every time, annoyingly. I would like to make FF stick to a specific VT, or just not switch VT when called from another. Possible? It does not happen here. I'm on KDE 3.5.10. I guess you have Focus Stealing Prevention disabled. KDE Control Center-Desktop-Window Behavior-Advanced-Focus Stealing Prevention Level-Choose at least Low here. If you're on something else than KDE, I don't know :P Look for the equivalent of KDE's focus stealing prevention in your WM/DE (if it has one).
Re: [gentoo-user] Re: How to prevent Firefox from switching VT?
On Wed, Jan 07, 2009 at 01:36:44PM +0200, Nikos Chantziaras wrote: It does not happen here. I'm on KDE 3.5.10. I'm using Gnome. I guess that the KDE's feature your are talking about is a duplicate feature with a Firefox one. -- Nicolas Sebrecht
[gentoo-user] Re: How to prevent Firefox from switching VT?
Nicolas Sebrecht wrote: On Wed, Jan 07, 2009 at 01:36:44PM +0200, Nikos Chantziaras wrote: It does not happen here. I'm on KDE 3.5.10. I'm using Gnome. I guess that the KDE's feature your are talking about is a duplicate feature with a Firefox one. I don't think Firefox has any focus setting. Is this just a FF problem or a general one? What happens if you use another browser? If the same happens, I guess the problem is with Metacity or Compiz (whatever you're using.)
Re: [gentoo-user] Network printing
On Tuesday 06 January 2009 17:04:57 Mark Knecht wrote: For the sake of conversation how about emerge flags? My server: [ebuild R ] net-print/cups-1.3.9-r1 USE=X acl dbus jpeg ldap pam perl png ppds python samba ssl tiff -avahi -gnutls -java -kerberos -php -slp -static -xinetd -zeroconf LINGUAS=en -de -es -et -fr -he -id -it -ja -pl -sv -zh_TW 0 kB [ebuild R ] net-print/hplip-2.8.6b USE=dbus ppds qt3 qt4 -cupsddk -doc -fax -minimal -parport -scanner -snmp 0 kB Mine: [ebuild R ] net-print/cups-1.3.9-r1 USE=acl dbus jpeg pam perl png python ssl tiff -X -avahi -gnutls -java -kerberos -ldap -php -ppds -samba -slp -static -xinetd -zeroconf LINGUAS=en -de -es -et -fr -he -id -it -ja -pl -sv -zh_TW [ebuild R ] net-print/hplip-2.8.6b USE=cupsddk dbus doc -fax -minimal -parport -ppds -qt3 -qt4 -scanner -snmp I don't have X set because X is not installed on this server. I may install it later. I have cupsddk instead of ppds because hplip's ppds USE flag description says it is obsolete and I should use cupsddk instead. One of my clients: [ebuild R ] net-print/cups-1.3.9-r1 USE=X acl dbus jpeg ldap pam perl png ppds python ssl tiff -avahi -gnutls -java -kerberos -php -samba -slp -static -xinetd -zeroconf LINGUAS=en -de -es -et -fr -he -id -it -ja -pl -sv -zh_TW 0 kB [ebuild R ] net-print/hplip-2.8.6b USE=dbus ppds qt3 qt4 -cupsddk -doc -fax -minimal -parport -scanner -snmp 0 kB Mine: [ebuild R ] net-print/cups-1.3.9-r1 USE=X acl dbus jpeg pam perl png python ssl tiff -avahi -gnutls -java -kerberos -ldap -php -ppds -samba -slp -static -xinetd -zeroconf LINGUAS=en -de -es -et -fr -he -id -it -ja -pl -sv -zh_TW [ebuild R ] net-print/hplip-2.8.6b USE=cupsddk dbus doc qt3 -fax -minimal -parport -ppds -qt4 -scanner -snmp The same comment re cupsddk applies on this machine. On Tuesday 06 January 2009 18:44:46 BRM wrote: 1) Modify '/etc/cups/client.conf' and tell it where the server is. If I do that, will I lose the ability to connect the printer to the client? Surely, cups ought to be able to operate with more than one server, no? Otherwise, what do all those offices do that have printers connected to several workstations and share them all around? 2) Configure LP: - use lpstat to see the available printers Do you have a reason for preferring these two programs to the cups Web interface? On the client, lpstat lists all four: the laser and the deskjet, each defined both locally and on the server. I see no reports of any problems. - use lpoptions to set the default printer Is it necessary to declare a default printer to cups? I thought I'd let applications set their own defaults, so that for instance the Deskjet gets coloured work and the laser gets word-processor output etc. I believe you only need HPLIP on the server side, not the client side. But having it there shouldn't do any harm. It's installed on the client so that I can print locally until I get network printing working. I assume that cups on the client will communicate via ipp with cups on the server, whatever printer driver is installed between cups and the printer. (I believe that the DJ4260 doesn't use the traditional HP printer control language, so I'm obliged to use hplip.) -- Rgds Peter
Re: [gentoo-user] Re: How to prevent Firefox from switching VT?
On Wed, Jan 07, 2009 at 02:05:55PM +0200, Nikos Chantziaras wrote: I don't think Firefox has any focus setting. Is this just a FF problem or a general one? It's just a Firefox problem. Looking to the web, it doesn't seem to be WM related as the problem appears on various WM (not only KDE or Gnome). What happens if you use another browser? If the same happens, I guess the problem is with Metacity or Compiz (whatever you're using.) Never had this issue with another browser. I haven't the problem for a while. I can't say if it comes from the switch to compiz. -- Nicolas Sebrecht
Re: [gentoo-user] Re: How to prevent Firefox from switching VT?
On Wed, Jan 07, 2009 at 01:36:44PM +0200, Nikos Chantziaras wrote: Ralf Stephan wrote: Hello, I'm using mutt as MUA in an xterm on VT1 and calling up, via urlview, FF on VT2 with a web page from a mail URL. Up to some time recently, Firefox only switched VT the first time I did this, now it does it every time, annoyingly. I would like to make FF stick to a specific VT, or just not switch VT when called from another. Possible? It does not happen here. I'm on KDE 3.5.10. I guess you have Focus Stealing Prevention disabled. KDE Control Center-Desktop-Window Behavior-Advanced-Focus Stealing Prevention Level-Choose at least Low here. If you're on something else than KDE, I don't know :P Look for the equivalent of KDE's focus stealing prevention in your WM/DE (if it has one). If using xfce4: Settings --- Window Manager Tweaks --- Focus Leave Activate focus stealing prevention unchecked In the field When a wondow raises itself choose the second or the third according to your preferences. TopperH === Momesso Andrea http://topperh.blogspot.com === pgpj6phliMdMa.pgp Description: PGP signature
Re: [gentoo-user] Network printing
- Original Message From: Peter Humphrey pe...@humphrey.ukfsn.org To: gentoo-user@lists.gentoo.org Sent: Wednesday, January 7, 2009 7:08:12 AM Subject: Re: [gentoo-user] Network printing On Tuesday 06 January 2009 18:44:46 BRM wrote: 1) Modify '/etc/cups/client.conf' and tell it where the server is. If I do that, will I lose the ability to connect the printer to the client? Yes - you lose the ability to connect the printer _directly_ to the client. It is instead connected through the server to the client. This is how CUPS is designed. Surely, cups ought to be able to operate with more than one server, no? Otherwise, what do all those offices do that have printers connected to several workstations and share them all around? They setup a print server to handle the printer. Each client then connects to the print server to gain access to the printer. The print server manages each client and ensures all print jobs get completed. In this case, the CUPS server is the print server, and the CUPS client is what gives the workstations access to the print server by redirecting the printing back-end as appropriate. 2) Configure LP: - use lpstat to see the available printers Do you have a reason for preferring these two programs to the cups Web interface? Yes. lpstat is a LOCAL command that tells you what printers are available to the local system. The CUPS Web interface only tells you what the CUPS _server_ makes available, and lets you manage print jobs for the printer on the _server_ side, not the client side. On the client, lpstat lists all four: the laser and the deskjet, each defined both locally and on the server. I see no reports of any problems. It won't give you any problems. But you need to configure the Workstation/client to only use what is provided by the server. That is the purpose to using CUPS - to centrally locate the printer management so that multiple computers can easily and reliably use the printers. - use lpoptions to set the default printer Is it necessary to declare a default printer to cups? I thought I'd let applications set their own defaults, so that for instance the Deskjet gets coloured work and the laser gets word-processor output etc. No, it's not necessary. The system will select a default printer on its own, but it might not be the one you want. This lets you set a system wide default. AFAIK, applications can't really set their own default printer. May be there is a way to do so, but typically applications use the system default. Now if you are scripting some of this stuff, then you could certainly tell your scripts which printer to use - but that's different than applications like OpenOffice or GIMP. I believe you only need HPLIP on the server side, not the client side. But having it there shouldn't do any harm. It's installed on the client so that I can print locally until I get network printing working. I assume that cups on the client will communicate via ipp with cups on the server, whatever printer driver is installed between cups and the printer. (I believe that the DJ4260 doesn't use the traditional HP printer control language, so I'm obliged to use hplip.) That's correct. print command (e.g. lp) - CUPS Client - IPP - CUPS Server - Drivers - Printer From what I can see in this new thread this year, you just need to do the couple steps to make your Workstations work as CUPS Clients by configuring it as a client and then it should work. When I set up my CUPS server it took me the longest to just get the server working with the printer and a test page printed through the CUPS Web interface. Once I had that working, I just setup the CUPS client.conf per the directions, and all my other Linux systems came on-line with the printer immediately without any problems. I haven't really touched the clients since, though I might need to when I get my Epson printer configured on the CUPS server - just haven't gotten to it yet. The Windows clients came almost as easily - though on Windows you also need a driver; and I've had problems with Vista64 and my printer for that one. Win2k, WinXP were no problem at all. HTH, Ben
[gentoo-user] Permissions of files in /sys/
I'd like to make the file /sys/class/backlight/asus-laptop/brightness writeable for users, so that I don't need to be root anymore to change the brightness. Of course I can chown or chmod ot in local.start but I'm asking if there is a cleaner way. Also, are there any security risks on changing permissions on /sys files? TopperH === Momesso Andrea http://topperh.blogspot.com === pgpbwRBciZ21T.pgp Description: PGP signature
Re: [gentoo-user] Network printing
On Wed, Jan 7, 2009 at 4:08 AM, Peter Humphrey pe...@humphrey.ukfsn.org wrote: On Tuesday 06 January 2009 17:04:57 Mark Knecht wrote: For the sake of conversation how about emerge flags? My server: [ebuild R ] net-print/cups-1.3.9-r1 USE=X acl dbus jpeg ldap pam perl png ppds python samba ssl tiff -avahi -gnutls -java -kerberos -php -slp -static -xinetd -zeroconf LINGUAS=en -de -es -et -fr -he -id -it -ja -pl -sv -zh_TW 0 kB [ebuild R ] net-print/hplip-2.8.6b USE=dbus ppds qt3 qt4 -cupsddk -doc -fax -minimal -parport -scanner -snmp 0 kB Mine: [ebuild R ] net-print/cups-1.3.9-r1 USE=acl dbus jpeg pam perl png python ssl tiff -X -avahi -gnutls -java -kerberos -ldap -php -ppds -samba -slp -static -xinetd -zeroconf LINGUAS=en -de -es -et -fr -he -id -it -ja -pl -sv -zh_TW [ebuild R ] net-print/hplip-2.8.6b USE=cupsddk dbus doc -fax -minimal -parport -ppds -qt3 -qt4 -scanner -snmp I don't have X set because X is not installed on this server. I may install it later. I have cupsddk instead of ppds because hplip's ppds USE flag description says it is obsolete and I should use cupsddk instead. Interesting about the ppds flag. I have ppds in make.comf so I'm going to get that unless I make a change. Independent of what someone said is depreciated, what is chosen by default if nothing is specifically asked for? There have been a number of times in the past where someone changes a flag and it works for most but not all. I'll investigate cupsddk here over the next week or two. Thanks. I don't know what else to suggest. For me this has been pretty much a non-issue. It just works. There is a setting on the server side, available through the cups configuration stuff at http://server_address:631 which tells cups to publish the server. - Mark
[gentoo-user] gtkradiant freezes all but mouse
Hi, it is very amiga like: the only thing working after starting radiant (gtkradiant) is the mouse pointer, but no window can be moved, closed, no workspace switched, no keyboard input leads to any reaction. I was running revdep-rebuild, but the problem still exists. What can i do to solve this problem? Regards
Re: [gentoo-user] kernel linux-2.6.27-gentoo-r7 won't load network!
Am Mittwoch, 7. Januar 2009 07:26:44 schrieb Alan McKinnon: e1000e breaks the hardware e1000 does not break the hardware Or maybe it's the other way round Nope. None does. That bug was only present in one or two .27 release candidates and has been fixed since weeks. Bye... Dirk signature.asc Description: This is a digitally signed message part.
Re: [gentoo-user] Permissions of files in /sys/
Momesso Andrea wrote: I'd like to make the file /sys/class/backlight/asus-laptop/brightness writeable for users, so that I don't need to be root anymore to change the brightness. Of course I can chown or chmod ot in local.start but I'm asking if there is a cleaner way. Also, are there any security risks on changing permissions on /sys files? TopperH === Momesso Andrea http://topperh.blogspot.com === I have never did this but since /sys is populated during bootup, anything you change by hand will not survive a reboot. I would think you would have to find out what creates the file and then get it to create it with the permissions you want. I'm not sure but could udev be doing this? I'm not sure about the security concerns but I do see why having a user being able to adjust the brightness would be a good idea. I wonder why it is set up the way it is? Dale :-) :-)
Re: [gentoo-user] Permissions of files in /sys/
On Wednesday 07 January 2009 19:43:54 Dale wrote: I have never did this but since /sys is populated during bootup, anything you change by hand will not survive a reboot. I would think you would have to find out what creates the file and then get it to create it with the permissions you want. I'm not sure but could udev be doing this? Yes. -- alan dot mckinnon at gmail dot com
Re: [gentoo-user] Microphone not working
The microphone on my laptop isn't working and I'm not sure how to troubleshoot it. I've tried using it in twinkle and arecord but it doesn't work in either. The headset works fine on a different system. Can anyone help with this? Chipset of the audio card? Laptop model? It's one of those built-in intel-hda cards and the laptop is an Acer. The mic actually used to work. - Grant
Re: [gentoo-user] Re: weird cron mail problem: basically solved
090106 Harry Putnam wrote: Philip Webb purs...@ca.inter.net writes: 090106 Willie Wong wrote: you may want to change the root line to root=purslow, so the mail gets sent to purslow instead of postmaster (which according to /etc/mail/aliases becomes root again). That doesn't work, but adding ' /dev/null' or '-s' in crontab does. The latter seems simpler, so that's what I've done. It doesn't explain why the problem suddenly arose last Sunday after I made a simple editing change in .fetchmailrc nothing like this had happened before with the same crontabssmtp.conf : perhaps there's an obscure bug, but the irritating problem has been resolved I have other jobs today. I don't see the actual change made to fetchmailrc. The problem started after I commented the line 'set logfile /home/purslow/Mail/logfile'. You can introduce an unprintable CHAR into a *.rc file and not be able to see it. you might want to use vim to check each line. You can hit the el (l) lowercase on each line to expose most kinds of unprintable char: 1) : 2) l 3) enter Then the line appears in the command area with any unprintable chars, I tried that, but there's no sign of an unprintable character. Do you control this machine ? Yes, I built it no-one else ever gets near it. Nearly all of the problem seems clear now, so for the record: the basic problem arose because when I went over to downloading mail via a user cronjob for security, I didn't add '-s' to 'fetchmail'; as a result, Fetchmail was writing several lines to ~/Mail/logfile every 5 min with the obvious result that the file got very big; frustrated by this, I took a quick look the simple fix seemed to be to remove the line in ~/.fetchmailrc which defined it (see above); as soon as I did this (early Sun), msgs starting arriving in my spamtrap mysteriously originating at 'r...@myisp'; moreover, other lines continued to be added to logfile , which I realised came from Procmail, so I altered ~/.procmailrc to suppress those (successfully); to try to stop the mail msgs, I restored the original ~/.fetchmailrc , but that had no effect, at which point I sought help via this list. The correct procedure is to stop the msgs at source with 'fetchmail -s', so having done that, the real-life irritation has gone away. It's also clear how the rogue e-mails arose: when a cronjob ouputs msgs, they are handled by Cron itself (see 'man cron'), not eg by Fetchmail, so Cron sent them to 'root', which led all around the haystack. What remains unclear is why restoring the original ~/.fetchmailrc didn't cause the msgs to be sent again to ~/Mail/logfile , but that's not important enough to take more of my time. -- ,, SUPPORT ___//___, Philip Webb ELECTRIC /] [] [] [] [] []| Cities Centre, University of Toronto TRANSIT`-O--O---' purslowatchassdotutorontodotca
Re: [gentoo-user] Microphone not working
On Wed, Jan 7, 2009 at 7:28 PM, Grant emailgr...@gmail.com wrote: The microphone on my laptop isn't working and I'm not sure how to troubleshoot it. I've tried using it in twinkle and arecord but it doesn't work in either. The headset works fine on a different system. Can anyone help with this? Chipset of the audio card? Laptop model? It's one of those built-in intel-hda cards and the laptop is an Acer. The mic actually used to work. We have the same problem then! I had a laptop Acer (now it's my girfriends') Aspire 5720G. After a kernel upgrade the mic stopped working. So far I had no luck. My girlfriend just bought an external microphone (she's more pragmatic than me) and that worked. Sorry I'm not able to help. - Grant
Re: [gentoo-user] gtkradiant freezes all but mouse
This don't address your original problem, but it is just a tip to use when X freezes (so you don't have to reboot): http://en.wikipedia.org/wiki/Magic_SysRq_key To use the keys compile the kernel with CONFIG_MAGIC_SYSRQ set. On Wed, Jan 7, 2009 at 5:48 PM, Frank Schwidom schwi...@gmx.net wrote: Hi, it is very amiga like: the only thing working after starting radiant (gtkradiant) is the mouse pointer, but no window can be moved, closed, no workspace switched, no keyboard input leads to any reaction. I was running revdep-rebuild, but the problem still exists. What can i do to solve this problem? Regards
Re: [gentoo-user] Permissions of files in /sys/
Alan McKinnon wrote: On Wednesday 07 January 2009 19:43:54 Dale wrote: I have never did this but since /sys is populated during bootup, anything you change by hand will not survive a reboot. I would think you would have to find out what creates the file and then get it to create it with the permissions you want. I'm not sure but could udev be doing this? Yes. So sounds like he should find and edit the udev rule or make his own rule and set the permissions like he wants. Also, could he change just this one file in /sys and not have security concerns? Whenever the OP comes back, he's got some catching up to do. LOL Dale :-) :-)
Re: [gentoo-user] Microphone not working
On Wed, Jan 7, 2009 at 2:19 PM, damian damian.o...@gmail.com wrote: On Wed, Jan 7, 2009 at 7:28 PM, Grant emailgr...@gmail.com wrote: The microphone on my laptop isn't working and I'm not sure how to troubleshoot it. I've tried using it in twinkle and arecord but it doesn't work in either. The headset works fine on a different system. Can anyone help with this? Chipset of the audio card? Laptop model? It's one of those built-in intel-hda cards and the laptop is an Acer. The mic actually used to work. We have the same problem then! I had a laptop Acer (now it's my girfriends') Aspire 5720G. After a kernel upgrade the mic stopped working. So far I had no luck. My girlfriend just bought an external microphone (she's more pragmatic than me) and that worked. Sorry I'm not able to help. You guys might need to specify your specific model of hda-intel in /etc/modprobe.d/alsa since it may not be auto-detecting the capabilities of which chipset your laptop has. For example on my desktop I added this line: options snd-hda-intel model=6stack-dig Please read the kernel module documentation for a large list of hda-intel chips and configurations. Hopefully you can find one that works for you (if that has anything to do with it). /usr/src/linux/Documentation/sound/alsa/ALSA-Configuration.txt good luck :) Paul
Re: [gentoo-user] Permissions of files in /sys/
On Wed, Jan 7, 2009 at 8:29 AM, Momesso Andrea momesso.and...@gmail.com wrote: I'd like to make the file /sys/class/backlight/asus-laptop/brightness writeable for users, so that I don't need to be root anymore to change the brightness. Of course I can chown or chmod ot in local.start but I'm asking if there is a cleaner way. I guess you need to use udevinfo to get the important information about /sys/class/backlight/asus-laptop/brightness and then write up a rule, slap it into a file in /etc/udev/rules.d/ and enjoy your new permissions. :) I don't have that device on my system so I can't really suggest anything more specific. Here's a udev rules HOWTO that might help: http://www.reactivated.net/writing_udev_rules.html (specifically Controlling permissions and ownership) Good luck :) Paul
Re: [gentoo-user] Microphone not working
You guys might need to specify your specific model of hda-intel in /etc/modprobe.d/alsa since it may not be auto-detecting the capabilities of which chipset your laptop has. For example on my desktop I added this line: options snd-hda-intel model=6stack-dig I remember I also tried that, but probably I haven't tried hard enough. Thanks Paul!
[gentoo-user] Restricting Firefox website access
I'd like to restrict the websites one of the computers on my network can access in Firefox. It only needs to access 2 different domain names and I don't want it to be able to access any others. I can restrict it at the router if necessary because the router is a Gentoo system. Does anyone have suggestions on this? - Grant
Re: [gentoo-user] Restricting Firefox website access
On Wed, Jan 7, 2009 at 3:44 PM, Grant emailgr...@gmail.com wrote: I'd like to restrict the websites one of the computers on my network can access in Firefox. It only needs to access 2 different domain names and I don't want it to be able to access any others. I can restrict it at the router if necessary because the router is a Gentoo system. Does anyone have suggestions on this? You could perhaps install a proxy on the local machine and set it up only to allow access to whitelisted sites. There might be some kind of kiosk-type firefox add-ons to disallow people from making changes to the settings, etc. Paul
[gentoo-user] SSH login with both key AND password?
Hi, Normally I'm using SSH with regular password login, and I've read about generating a keypair and having a password-less connection that way. Is there a way to require both the key AND a password? Basically if I put the key in my SSH client at work, I don't want a co-worker to be able to login to my home PC, or someone to grab my phone, etc. Is there a way to put a passphrase on the key (seperate from my user account password)? Maybe that would work... Otherwise I've thought about having a dummy SSH account and then su - realuser to get access, but that seems kind of messy. I've always used password login and IP-restricted it, but now I'm traveling more and never know what IP I might be connecting from, so using a key seems to be the best plan, or maybesome kind of portknocking (but that's difficult from restricted ssh environments such as a phone). Thanks, Paul
[gentoo-user] Re: SSH login with both key AND password?
Paul Hartman wrote: Hi, Normally I'm using SSH with regular password login, and I've read about generating a keypair and having a password-less connection that way. Is there a way to require both the key AND a password? Basically if I put the key in my SSH client at work, I don't want a co-worker to be able to login to my home PC, or someone to grab my phone, etc. Is there a way to put a passphrase on the key (seperate from my user account password)? It is. It's even the default behavior when you create the key (openssh will ask you for a password.)
Re: [gentoo-user] Re: SSH login with both key AND password?
On Wed, Jan 7, 2009 at 5:45 PM, Nikos Chantziaras rea...@arcor.de wrote: Paul Hartman wrote: Hi, Normally I'm using SSH with regular password login, and I've read about generating a keypair and having a password-less connection that way. Is there a way to require both the key AND a password? Basically if I put the key in my SSH client at work, I don't want a co-worker to be able to login to my home PC, or someone to grab my phone, etc. Is there a way to put a passphrase on the key (seperate from my user account password)? It is. It's even the default behavior when you create the key (openssh will ask you for a password.) I guess I should have tried before asking! Every HOWTO/tutorial I googled seemed to really emphasize the no more password entry! aspect of key login. Thanks. Paul
Re: [gentoo-user] Re: SSH login with both key AND password?
On Wednesday January 7 2009 22:01:14 Paul Hartman wrote: I guess I should have tried before asking! Every HOWTO/tutorial I googled seemed to really emphasize the no more password entry! aspect of key login. Thanks. That's right: no more password logins. However, you should (optionaly) lock your key with a passphrase. Regards, Norberto
Re: [gentoo-user] SSH login with both key AND password?
Paul Hartman wrote on 08/01/09 00:28: Hi, Normally I'm using SSH with regular password login, and I've read about generating a keypair and having a password-less connection that way. Is there a way to require both the key AND a password? Basically if I put the key in my SSH client at work, I don't want a co-worker to be able to login to my home PC, or someone to grab my phone, etc. Is there a way to put a passphrase on the key (seperate from my user account password)? Maybe that would work... Otherwise I've thought about having a dummy SSH account and then su - realuser to get access, but that seems kind of messy. I've always used password login and IP-restricted it, but now I'm traveling more and never know what IP I might be connecting from, so using a key seems to be the best plan, or maybesome kind of portknocking (but that's difficult from restricted ssh environments such as a phone). By default ssh-keygen creates a key pair with a passphrase. It's your choice to enter or omit a passphrase. If you've generated a key without a passphrase, you can add a passphrase using ssh-keygen -p Entering a passphrase encrypts the private part of the key, which you keep only on the server. You only need the public part of the key on the client. Cheers, Dave
Re: [gentoo-user] Re: SSH login with both key AND password?
Norberto Bensa wrote on 08/01/09 01:11: On Wednesday January 7 2009 22:01:14 Paul Hartman wrote: I guess I should have tried before asking! Every HOWTO/tutorial I googled seemed to really emphasize the no more password entry! aspect of key login. Thanks. That's right: no more password logins. However, you should (optionaly) lock your key with a passphrase. You can use ssh-agent if you want to do a (one-time) unlock of a passphrase-protected key pair. `eval ssh-agent` will do the trick nicely, assuming you're on a *nix client. Cheers, Dave
Re: [gentoo-user] kernel linux-2.6.27-gentoo-r7 won't load network!
Neil Bothwick wrote: On Tue, 6 Jan 2009 15:06:28 +, Peter Humphrey wrote: I've seen a dev complain that most of the problems he's had to deal with have been due to oldconfig, so I don't use it at all. I copy the config in from the previous tree, then I run menuconfig and search for lines ending in [NEW] or [DEPRECATED]. How is this different from using make oldconfig, apart from the UI? I don't know; I just pick up my clues where I can. Perhaps there's a difference in handling of unchanged or default values. Unchanged values are just that. When a config option is new, make oldconfig prompts for a choice,with a default option (the same default that menuconfig uses). The only real difference is that with menuconfig you have to go through the options, looking for those marked NEW (and risking missing an important one) while oldconfig presents them to you in sequence,asking for your choice on each one. I have boxes running 2.6.28 on which I have used oldconfig on every change since switching them from2.4 to 2.6 Amen to that. I've been doing that since 2.4 also and I'm not having any problems. Any other way is just creating unnecessary work.
Re: [gentoo-user] SSH login with both key AND password?
Dave Jones wrote: Paul Hartman wrote on 08/01/09 00:28: Hi, Normally I'm using SSH with regular password login, and I've read about generating a keypair and having a password-less connection that way. Is there a way to require both the key AND a password? Basically if I put the key in my SSH client at work, I don't want a co-worker to be able to login to my home PC, or someone to grab my phone, etc. Is there a way to put a passphrase on the key (seperate from my user account password)? Maybe that would work... Otherwise I've thought about having a dummy SSH account and then su - realuser to get access, but that seems kind of messy. I've always used password login and IP-restricted it, but now I'm traveling more and never know what IP I might be connecting from, so using a key seems to be the best plan, or maybesome kind of portknocking (but that's difficult from restricted ssh environments such as a phone). By default ssh-keygen creates a key pair with a passphrase. It's your choice to enter or omit a passphrase. If you've generated a key without a passphrase, you can add a passphrase using ssh-keygen -p Entering a passphrase encrypts the private part of the key, which you keep only on the server. You only need the public part of the key on the client. Cheers, Dave Other way around, the server (i.e. the machine your logging into) has the public key stored in the authorized_keys file. The client (i.e. the machine your sitting at) has the private key. So the private key would be sitting on your machine at work, but is in turn encrypted and you need the passphrase to decrypt it. On another note, ssh-agent has been mentioned, but you might want to take a look at keychain (it's in portage). It's a nice script you can add to your bashrc or similar, it will take car of checking if there's already a running ssh-agent or not, and if not, ask for the password to any private keys and start ssh-agent. I use it on all my machines so on first boot I put in my password, then passwordless access between machines. If an attacker manages to get the key file off disk however, it is still encrypted and not much good to them. Shawn
[gentoo-user] Problem with resolv.conf
Hi all, I have a strange problem that the resolv.conf file is reset to the default file every time I reboot my computer. Does anyone has similar problem before? Thanks, Hung
Re: [gentoo-user] Problem with resolv.conf
Hung Dang schrieb: Hi all, I have a strange problem that the resolv.conf file is reset to the default file every time I reboot my computer. Does anyone has similar problem before? Thanks, Hung I had a problem like this when I used vpn. Never solved it so. kh
Re: [gentoo-user] Problem with resolv.conf
Hung Dang wrote: Hi all, I have a strange problem that the resolv.conf file is reset to the default file every time I reboot my computer. Does anyone has similar problem before? Thanks, Hung dhcpcd does this. Are you running dhcp on the machine?
Re: [gentoo-user] Problem with resolv.conf
KH wrote: Hung Dang schrieb: Hi all, I have a strange problem that the resolv.conf file is reset to the default file every time I reboot my computer. Does anyone has similar problem before? Thanks, Hung I had a problem like this when I used vpn. Never solved it so. kh I want to amend my last statement: dhcpcd *CAN* do this. signature.asc Description: OpenPGP digital signature
Re: [gentoo-user] Problem with resolv.conf
Eric Martin wrote: Hung Dang wrote: Hi all, I have a strange problem that the resolv.conf file is reset to the default file every time I reboot my computer. Does anyone has similar problem before? Thanks, Hung dhcpcd does this. Are you running dhcp on the machine? # Generated by dhcpcd # /etc/resolv.conf.head can replace this line Eric: Thanks for a quick reply. You are correct. Every time I reboot my machine dhcpcd override resolv.conf file. I only use dhcpcd in my system and below is the content of the new resolv.conf # Generated by dhcpcd # /etc/resolv.conf.head can replace this line # /etc/resolv.conf.tail can replace this line I guest the head and tail of the resolv.conf can be replace by /etc/resolv.conf.head and /etc/resolv.conf.tail files. My question is I have several Gentoo machines, how ever this problem only happen with the new one. Do you have any suggestion for my problem? Thanks Hung
Re: [gentoo-user] Re: rsh failed : Connection reset by peer
Chuanwen Wu wrote: I guess maybe rsh does not allow to login as root. Probably not, RSH was abandoned years ago and I'm surprised there are any applications still around that haven't moved to ssh. Exposing the root user to an already unsafe transmission is asking for trouble IMHO. Unfortunately I can't help with the configuration but I thought a brief warning should accompany any discussion on RSH. Matt
[gentoo-user] Best and most gentoo-compatible PC
Hi everybody, I am going to buy a new desktop PC and, because of some reasons I cannot explain here in details, I have to choose among these configurations (ordered by increasing price ;-) ): 1. FSC ESPRIMO P5625 E80+ uBTX: MCP78B Chipset AMD Phenom X3 8450 (2,1 GHz) TripleCore(1,5MBSLC), 4*1024 MB DDR2 800, NVIDIA Geforce 9500 512MB Dual DVI, SATA II 250 GB 7.2k, DVD RW SML. Price: 650 a.u. (arbitrary units) 2. Dell Precision Workstation T 3400: Intel Core 2 Duo Processor E8200 (2.66GHz, 4MB Cache, 1066MHz FSB)375W,4GB (4 x 1024MB) 800 MHz ECC DDR2-SDRAM Memory, HD 250 GB SATA2 7.200,16x DVD+/-RW Dual 256MB nVidia Quadro FX 570. Price: 950 a.u. 3. FSC Celsius W370: Core 2 Quad Q9400 4*2.66 GHz, 2 x 2GB DDR2 800, NVIDIA Quadro FS 370 256 MB, 2xSATA II 500 GB 7.2k, DVD RW SML. Price: 900 a.u. 4. Dell Precision Workstation T-5400: Single Quad Core Xeon 5410 (2,33GHz, 1333, 2x6MB), Intel 5000XChipset, 4GB (4 x 1024MB) Quad Channel FBD 667Mhz Memory,250GB SATA Festplatte 7.2k, 16x DVD+/-RW, 512 MB nVidia quadro FX1700(MRGA14L). Price: 1400 a.u. About my needs: I am a C-developer, have to compile/run/debug programs several tenths of time a day and analyse postprocessed, two-, three- and four-dimensional (space+time) results on the same PC. All under Gentoo, of course ;-) HD size is not a problem, there is a big NFS-Volume I can mount ;-) These are my questions: - is the most expensive PC (4.) worth to be considered? Does its speed-up justify its price? - is there any compatibility problem with any of these configurations and Gentoo? I do not want to run any other distribution! As far as I know, nVidia and 2D acceleration issues should be solved by now... - additional ideas/comments are welcome, but on these configurations only ;-). Thanks Max