Re: [leaf-user] rebooting
On Thu, 6 Jun 2002, J wrote: The fact that you are unable to reboot indicates that you have a problem. This could be a hardware problem or a configuration issue. Reloading the init scripts is not likely to fix your problem, so heading in that direction is not advised. Try the generic lrp image and see if you can reboot then. Try the off-the-shelf Bering image and see if you can reboot then. If these reboot OK, then you have a config issue. If not, then I would venture to guess you have a hardware problem. It could be net card, it could be display card, or it could be system bios. Somewhere on the website there is a suggested format for requesting assistance. You might read it, and someone might be able to help you further. Okay, i've come to the conclusion that bering (at least in my config) can't reboot my machine. That said, what would be the best way of achieving the same effect as a reboot? ie. how would I flush everything and rerun all the startup scripts? I need to do this, as pump is incapable of holding my cable modem connection for more than a couple of hours. For the life of me, i can't figure out why it works at startup and not once it's running. Shorewall is configured to work w/ dhcp (it says so in its startup script), and i'm allowing all connections and ports.. i can't see any reason for a dhcp request to fail. It's bothersome that windows can reboot my machine, and linux can't. Windows can maintain my internet connection, linux can't. Admittedly, I am relatively new at this, but I've literally looked everywhere in this bering set up for a solution. Regards, -- JCA __ Do You Yahoo!? Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com ___ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html -- Timothy Burt Internet Specialist ___ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
RE: [leaf-user] Secure Shell Setup
The link I provided gives the answer to this question You need to generate a key pair on the MindTerm Client. Then put the public key onto the trinux box, into the authorized_keys or authorized_keys2 file. Or both, if you don't know which one you got. .. Configuring SSH can be a real challenge. My suggestion is to use an environment that is not restricted by floppy size (ie not LEAF) and follow the detailed instructions in the install docs for OpenSSH. Once you learn most of the gotchas, then try to make it work on the LEAF box. This is really the best advice I can give you. RedHat (and I am sure other distros as well) will run SSH out of the box. You might start there, get it working, then try to add LEAF. .. On Tue, 4 Jun 2002, David Pitts wrote: Thanks. You are correct in that I want to shell TO the LRP box. I will try this. When you say, put the public key on the LRP box, where would it go? Which directory? Thanks for your assistance with this. David Pitts IT Services Manager Reid Library University of Western Australia Ph: 61 (08) 9380 3492Fax: 61 (08) 9380 1012 Email: [EMAIL PROTECTED] -Original Message- From: T Burt [mailto:[EMAIL PROTECTED]] Sent: Tuesday, 4 June 2002 12:52 PM To: David Pitts Cc: [EMAIL PROTECTED] Subject: Re: [leaf-user] Secure Shell Setup I will try and jump in here You did not specify whether you are trying to ssh FROM the LEAF box or INTO the LEAF box. I am going to assume that you want to ssh INTO the LEAF box. If this is the case, then you want to create the key on the box you are doing the ssh from. This could be a PC, a MAC or another *nix box. Take the public key from the generated pair, and place it on the LEAF box. This will allow you to ssh into the LEAF box using the key as authentication. If this is not the case, you can still use the key pair you generate on the PC or MAC or other *nix. In this situation, put the private key on the LEAF box, and the public key onto the box that you want to ssh into. Sigh... But there is more to setting up ssh. File and directory permissions are critical to ssh and it will fail until you get everything setup correctly. I believe I coached someone thru setting up SSH on Trinux last year sometime. You might review the postings for November and December of 2001 in the Trinux-Talk archives. Try http://trinux.sourceforge.net ... Here it is.. I found it http://www.geocrawler.com/archives/3/5032/2001/11/50/7034175/ Look around, there are more messages on that board. I hope this helps... On Tue, 4 Jun 2002, David Pitts wrote: Hi all. I have been trying to setup OpenSSH but I'm having a problem creating the key. I have ssh.lrp, ssh-key.lrp and libz.lrp. Do I also need Makekey? It looks like running ssh will start ssh-keygen which I guess creates a key?? When I run ssh-keygen or ssh I get an error message saying that libcrypto.so.0.9.6 can't be found. The libz I have includes libcrypt-2.0.7.so. Does this mean I have some sort of version conflict? Can anyone point me to a collection of the necessary files without this conflict? Thanks for your attention. David Pitts ___ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm -- -- leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html -- Timothy Burt Internet Specialist ___ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Bering: Unequal cost static default routes out twointerfaces???
I am by no means a routing expert, but I believe there may be a fundamental flaw in your intentions. I think you can provide redundent connectivity for outbound connections in the manner you describe, but for inbound, it is a different story. Basically, if you get a static IP from the Cable ISP and a different static IP from the DSL provider, then your inbound connections (for http or smtp or whatever) will be routed to the IP of either provider as configured by your DNS. If the cable company gives you x.x.x.x and the DSL is y.y.y.y and you configure your DNS as mail.yourdomain.com -- x.x.x.x When the circuit connecting x.x.x.x goes down, all of the servers trying to deliver mail will hold up until x.x.x.x comes back on-line. You will need to adjust DNS to get them to use y.y.y.y as your mail server. DNS changes propogate slowly. Too slowly. In the case of mail, you could setup y.y.y.y as a lower priority MX record, and that might work, but http and other protocols don't work that way. If your router is also serving as your mail server, it should properly handle which network card to send the reply packets out on (egress?). If your mail server is within your NAT domain, then you might consider setting up different NAT subnets for each of your ISP's and configure the mail server to use an IP alias on the same port for the two subnets. It could be seen by both connections then MX 10 -- x.x.x.x -- 192.168.10.111 -- your.mail.server and MX 20 -- y.y.y.y -- 192.168.20.111 -- your.mail.server (by aliases) I believe you are correct that BGP would solve your problem most properly, but is not an option. In that case, your routable addresses would change route when x.x.x.x went down. If email is critical, then you might consider using an email server that is external to your connection, like rent-a-redhat.com for $99 a month. Then your email connectivity becomes an outbound connection, which you can handle. The only trouble with this solution, is that a 2 MB attatchment going crom cubicle A to cubicle B must egress and ingress your DSL, which if it is ADSL, will be a bottleneck. I hope this helps On Tue, 4 Jun 2002, Rob Fegley wrote: Hello! Please excuse if I've missed this topic elsewhere on this list, in the man pages, or in a HOWTO somewhere. I'm about 2000 messages behind in my reading on this list. I'll disclose right up front that most of my experience is in Cisco gear and occasionally Alteon load-balancers, so excuse me if my questions seem a bit stupid or if my expectations about how something should work in LEAF or Bering are contorted to the Cisco world. Honestly, if I could run BGP with my Cable and DSL providers, I wouldn't be posting any of the following questions. In any event, I have DSL already and will be accepting a cable modem circuit this afternoon. I'm hoping to just toss another interface in my Bering box, and add another default route out that interface. However, my questions are these: -With equal metrics assigned to two default routes, will traffic that ingresses on one interface be routed back out of that same interface upon server reply, since I'm port-forwarding inbound connections? This would imply that a port-forwarding session table entry would take precedence over the routing table, right? This would be my most preferred option, because it allows the greatest flexibility and imparts the hardest work on Bering to figure out. -If not, then I need to apply a better cost to the interface that will do most of my hosting, then apply some sort of periodic test that would flush my better cost default route in the event that it's upstream path dies. The problem here is that both interfaces will be plugging into a switch (on separate VLANs), but even if the interfaces were crossover-cabled to my cable modem (bridge) and DSL bridge, the Bering box should never see that interface link go down, so there is no route flushing mechanism since a Layer 2 path always exists. Essentially, I am looking for Bering to have some knowledge almost like a hello timer to some upstream device, such that if visibility to that device (not necessarily another router, maybe my ISP's DNS server) goes away, then a process kicks off to flush my current preferred default route and uses the higher cost default. To read into this from a Cisco perspective, I am looking for some method of simulating neighbor adjacency without p! eering with an upstream router, which is not an option. Both of the two previous questions are aimed at how the traffic flows back out to an external client who made an initial inbound connection to something on my network. -Finally, in either an equal- or unequal-cost metric setup, does my outbound source NAT (for my browsing) take place pre- or post-routing? In essence, by NATting my internal subnet (or host) to an interface or an address within the address/netmask applied to that
Re: [leaf-user] To Bering users: help us to release 1.0
If I can come up to speed quickly enough, I would be glad to help. One feature that I particularly liked in Trinux, is the ability to download packages from an ftp or http server during system startup. This takes the pressure off the space limitations of the floppy, and allows one to include more functionality if you have the RAM to spare. There are security considerations if you are booting a firewall, but for other purposes, it can be very useful. Has anyone considered using snarf to retrieve packages from a nearby server? Just think.. A real shell, a real vi and sshd without giving up something important! Also... In Trinux, Matt dynamically sets up the size of the ramdisk based on the available memory. More memory = more ramdisk. If there is the possiblity of getting these features into your release, I might take the initiative. Thanks! -- Timothy Burt Internet Specialist ___ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Boot problems with Supersize (1680) floppy
Has anyone had difficulties booting the Supersize floppy? I have one machine that stops booting at the Loading prompt. The floppy is good, cause it works on other machines. Any guesses if this would be a Syslinux problem? Or initrd? Does anyone know of an URL or reference that might provide some insight into compatibility issues of the 1680 format? Could it be a bios issue? Or an older floppy drive? The problem box is an old Digital slim profile Pentium 100 mhz with 64 MB. My source has a truckload of them. They are perfect for use as a router... If only it would boot! Thanks in advance! -- Timothy Burt Internet Specialist ___ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Summary: [leaf-user] Boot problems with Supersize (1680) floppy
Thank you all for your replies, you have all been most helpful. To make up some deficiencies in my post... I used the idiot image for 1680 from the downloads. Since my redhat box doesn't have a device for 1680, I used the Windows exe version, which works great! Thank you. The floppy I created works OK in several boxes, except for this Old Pentium, that I got for cheap. However, the 1440 version of the old lrp DOES work in the Old Pentium, so the floppy drive is good, but perhaps not good enough. I have a couple of spare 1.44 drives, so I will try that next. And report back the results when I do... BTW, these boxes do come with a 1 GB SCSI drive and an adaptec 2940 controller, so all is not lost. I will probably just hook up a cdrom and load a redhat on there, since I already have the wireless stuff working on Redhat. Thanks again! -- Timothy Burt Internet Specialist ___ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: Summary: [leaf-user] Boot problems with Supersize (1680) floppy
On Mon, 3 Jun 2002, Ray Olszewski wrote: A few comments ... 1. We don't have idiots here (at least I don't think we do), so I infer from your use of the phrase idiot image for 1680 that you are using Dave Cinege's old LRP 2.9.8, not one of the newer LEAF distributions that this list primarily supports. This increases the plausibility of the guess (that someone else made) that you have a syslinux problem. Try a newer image from one of the current LEAF versions and see if that helps. Sorry for the unintended inference. You are right, it is the original LRP distribution that bears the idiot moniker. I liked the name. It kinda stuck. I am sorry that my message got confused. What I meant was that it is the OLD lrp version THAT WORKS. It is the current LEAF version that fails. idiot-image_1440KB_FAT_2.9.8_Linux_2.2 -- boots OK Bering_1.0-rc2_img_bering_1680.exe -- Hangs on Loading.. 2. I'm surprised that RH does not include /dev/fd0u1680, but you can easily make it yourself with the mknod command. The major and minor values you need (taken from my Debian workstation) are 2, 44. We shouldn't rule out the possibility that your Win2K box's handling of the 1680 format was marginal, causing it to work with some drives and not others. Thank you for the major/minor. You saved me from having to hunt it down in the driver. 3. The third realistic possibility is a marginal floppy drive, one that can't quite manage to read the additional tracks that the 1680 format uses. If the target hardware uses a standard floppy drive, you might see if swapping in a newer one improves the device's performance. This is actually the easiest, since I have a newly purchased drive on hand. Thank you for the complete and accurate diagnosis! I am impressed with the quality of the responses I have gotten, from all of you. Thanks again. At 12:53 PM 6/3/02 -0700, T Burt wrote: Thank you all for your replies, you have all been most helpful. To make up some deficiencies in my post... I used the idiot image for 1680 from the downloads. Since my redhat box doesn't have a device for 1680, I used the Windows exe version, which works great! Thank you. The floppy I created works OK in several boxes, except for this Old Pentium, that I got for cheap. However, the 1440 version of the old lrp DOES work in the Old Pentium, so the floppy drive is good, but perhaps not good enough. I have a couple of spare 1.44 drives, so I will try that next. And report back the results when I do... BTW, these boxes do come with a 1 GB SCSI drive and an adaptec 2940 controller, so all is not lost. I will probably just hook up a cdrom and load a redhat on there, since I already have the wireless stuff working on Redhat. -- ---Never tell me the odds!-- Ray Olszewski -- Han Solo Palo Alto, California, USA[EMAIL PROTECTED] --- ___ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html -- Timothy Burt Internet Specialist ___ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: Summary: [leaf-user] Boot problems with Supersize (1680) floppy
On Mon, 3 Jun 2002, Jeff Newmiller wrote: The temptation with RH is to leave all those services it installs by default running... which is risky for a firewall. RH was notorious for having everything enabled, but they surprised me and changed that in RH 7.2. The default now, is to disable almost everything and also install an ipchains filter that is too tight to allow even ssh. Definitely a move in the right direction. -- Timothy Burt Internet Specialist ___ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
Re: [leaf-user] Secure Shell Setup
I will try and jump in here You did not specify whether you are trying to ssh FROM the LEAF box or INTO the LEAF box. I am going to assume that you want to ssh INTO the LEAF box. If this is the case, then you want to create the key on the box you are doing the ssh from. This could be a PC, a MAC or another *nix box. Take the public key from the generated pair, and place it on the LEAF box. This will allow you to ssh into the LEAF box using the key as authentication. If this is not the case, you can still use the key pair you generate on the PC or MAC or other *nix. In this situation, put the private key on the LEAF box, and the public key onto the box that you want to ssh into. Sigh... But there is more to setting up ssh. File and directory permissions are critical to ssh and it will fail until you get everything setup correctly. I believe I coached someone thru setting up SSH on Trinux last year sometime. You might review the postings for November and December of 2001 in the Trinux-Talk archives. Try http://trinux.sourceforge.net ... Here it is.. I found it http://www.geocrawler.com/archives/3/5032/2001/11/50/7034175/ Look around, there are more messages on that board. I hope this helps... On Tue, 4 Jun 2002, David Pitts wrote: Hi all. I have been trying to setup OpenSSH but I'm having a problem creating the key. I have ssh.lrp, ssh-key.lrp and libz.lrp. Do I also need Makekey? It looks like running ssh will start ssh-keygen which I guess creates a key?? When I run ssh-keygen or ssh I get an error message saying that libcrypto.so.0.9.6 can't be found. The libz I have includes libcrypt-2.0.7.so. Does this mean I have some sort of version conflict? Can anyone point me to a collection of the necessary files without this conflict? Thanks for your attention. David Pitts ___ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html -- Timothy Burt Internet Specialist ___ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
[leaf-user] Boot fails at Loading message..
I found the perfect platform at a local used computer dealer (in Los Angeles). Brand and model... Digital Celebris DL5100 50 Mhz pentium with 64 MB ram for $29.00 or 100 MHZ pentium with 64 MB ran for $39.00 It boots the 1440 stock LRP disk fine, but when I try to boot with either a Dachstein or Bering SuperDisk (1680), the boot hangs immediately after displaying the Loading message. The SuperDisks were downloaded and created on a Win2000 box (cause Redhat doesn't have a /dev/fd0u1680 :-(). Note... the Dachstein and Bering disks boot and run OK on three other machines I have tried. HAS ANYONE ENCOUNTERED BOOT PROBLEMS WITH THE SUPERDISK FORMAT? ANYONE KNOW OF AN EASY WORKAROUND? BTW, I am new to this list, but I have been around UNIX for a couple decades. I have contributed to the Trinux project, and I am looking forward to helping out here as well... Thanks in advance. Anyone in Southern California who wants directions to the cheap hardware can email me. -- Timothy Burt Internet Specialist ___ Don't miss the 2002 Sprint PCS Application Developer's Conference August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
