Re: NIS server/client on OpenBSD
On 2/10/06, Budhi Setiawan [EMAIL PROTECTED] wrote: Dear All, Can you give me a link HOWTO/FAQ/tutorial to create a NIS server/client on OpenBSD. Found this on google, but dont know how accurate it is. http://www.openbsdsupport.org/sharedhomes.html I could have swore it was in the FAQ. Regards Edd
QUARANTINED: Returned mail: see transcript for details
The message Returned mail: see transcript for details from , sent on 2/10/2006 08:07 was quarantined because it contained either an executable file, a batch file or a screen saver file. All of these types of attachments are considered security risks. Please consult your mail administrator who can release the message.
BSD on x86 and virus
Hi, BSD on x86 has also suffered at the hands of these maniac virus coders, so much so that there are hardly any BSD x86 web servers on the web that haven't been repeatedly p0wned. http://www.webpronews.com/expertarticles/expertarticles/wpn-62-20060209SecurityThroughObscurityThreatenedasMacsBecomeMorePopular.html is the above sentence even remotely true??? Thankyou so much Kind Regards Siju
Re: BSD on x86 and virus
Siju George wrote: Hi, BSD on x86 has also suffered at the hands of these maniac virus coders, so much so that there are hardly any BSD x86 web servers on the web that haven't been repeatedly p0wned. http://www.webpronews.com/expertarticles/expertarticles/wpn-62-20060209SecurityThroughObscurityThreatenedasMacsBecomeMorePopular.html is the above sentence even remotely true??? No, that part was pretty clearly tongue-in-cheek sarcasm, poking fun at someone else's silly statements in another article. Anyone who thinks they will evade viruses and not have to worry about security by simply running Mac OS(anything, including X) is: 1) a fool 2) ignorant of history. (yes, there are lots of fools in the world) I'm sure there are at least a few others old enough to remember the days when noted computer writers were heard to say things like, I doubt there are any real PC-based viruses and I don't think it is even possible to write a virus on a PC. The later was clearly foolish, as many of us were using virus-like tricks to modify closed-source programs for constructive purposes long before the Mac even existed. I'm sure I wasn't the only one who thought of the possibility of replication of such changes. 'course, anyone who thinks they can avoid viruses and not have to worry about security by /simply/ running OpenBSD is a step ahead, but still a fool...and perhaps too confident of history. :) The Internet is nothing less than a free-for-all war zone. Pretend it is less, you will get hurt. Nick.
Re: BSD on x86 and virus
On Fri, 10 Feb 2006 17:10:41 +0530 Siju George [EMAIL PROTECTED] wrote: Hi, BSD on x86 has also suffered at the hands of these maniac virus coders, so much so that there are hardly any BSD x86 web servers on the web that haven't been repeatedly p0wned. http://www.webpronews.com/expertarticles/expertarticles/wpn-62-20060209SecurityThroughObscurityThreatenedasMacsBecomeMorePopular.html is the above sentence even remotely true??? It's ment to be ironic. --- Lars Hansson
Re: BSD on x86 and virus
On 2006-02-10 17:10:41 +0530, Siju George wrote: BSD on x86 has also suffered at the hands of these maniac virus coders, so much so that there are hardly any BSD x86 web servers on the web that haven't been repeatedly p0wned. http://www.webpronews.com/expertarticles/expertarticles/wpn-62-20060209SecurityThroughObscurityThreatenedasMacsBecomeMorePopular.html Troll somewhere else, please. is the above sentence even remotely true??? Have you even read the entire article? Hint: http://en.wikipedia.org/wiki/Irony Best Martin -- http://www.tm.oneiros.de
Re: BSD on x86 and virus
On 2/10/06, Martin Schrvder [EMAIL PROTECTED] wrote: On 2006-02-10 17:10:41 +0530, Siju George wrote: BSD on x86 has also suffered at the hands of these maniac virus coders, so much so that there are hardly any BSD x86 web servers on the web that haven't been repeatedly p0wned. http://www.webpronews.com/expertarticles/expertarticles/wpn-62-20060209SecurityThroughObscurityThreatenedasMacsBecomeMorePopular.html Troll somewhere else, please. I never did troll any list in my life :-) And I never will :-) Of cource I have asked stupid questions here and have been on the path of learning since 3.5. So don't worry! it was never ever meant to troll :-) is the above sentence even remotely true??? Have you even read the entire article? yes :-) but couldn't make out the sarcasm in it :-( Hint: http://en.wikipedia.org/wiki/Irony Thanks a lot again for the link. Kind Regards Siju
Re: NIS server/client on OpenBSD
Edd Barrett wrote: On 2/10/06, Budhi Setiawan [EMAIL PROTECTED] wrote: Dear All, Can you give me a link HOWTO/FAQ/tutorial to create a NIS server/client on OpenBSD. Found this on google, but dont know how accurate it is. http://www.openbsdsupport.org/sharedhomes.html I could have swore it was in the FAQ. Regards Edd For some general theory, which makes the man pages easier to understand: http://docs.sun.com/app/docs/doc/806-4077/6jd6blbd7?a=view
Re: BSD on x86 and virus
On 10/02/06, Siju George [EMAIL PROTECTED] wrote: Hi, BSD on x86 has also suffered at the hands of these maniac virus coders, so much so that there are hardly any BSD x86 web servers on the web that haven't been repeatedly p0wned. http://www.webpronews.com/expertarticles/expertarticles/wpn-62-20060209SecurityThroughObscurityThreatenedasMacsBecomeMorePopular.html is the above sentence even remotely true??? Thankyou so much Kind Regards Siju How could you just take a passage like that out of the context and present it as a genuine by-itself idea? Clearly, the author said that with sarcasm, the passage before this one was virus writers are an incredibly stupid bunch who understand nothing but 80x86 machine language, and moreover, that's all they need to know to hack wreavoc on any operating system. That of course explains why Windows viruses and worms have been so easily transported to Linux systems, completely destroying any and all security there. And to answer you question, yes, the article as a whole does seem to be true, not just remotely true. Constantine.
dynamically linked suid binaries - Request for enlightment
Hi list, while doing some reading on secure software development (//www.ranum.com/security/computer_security/archives/security-for-developers.pdf) I came across the advice always link your priviliged binaries statically. However a quick check on my system revealed me almost all suid/sgid programs being dynamically linked (the two exceptions traceroute/traceroute6 startle me even more). Since the advice makes sense to me (it keeps some rather complicated machinery out of delicate matters) I'm wondering why it is not followed on OpenBSD. Are there other ways to simply 'do this right'? I would apreciate any pointers for further reading on that matter. No trolling intended, I'm just curious. kind regards tilo
Chase Bank Account Issue #76643JP-M212ax-@
С 1 ÑевÑÐ°Ð»Ñ 2004 г. изменÑÑÑÑ089 #1103; ÑаÑиÑÑ Ð½Ð° доÑÑÑп к ÑеÑи ÐнÑеÑÐ½ÐµÑ Ð¿Ð¾ коммÑÑиÑÑ091 #1077;мÑм ÑелеÑоннÑ099 #1084; линиÑм и на ÑÑлÑги ÑазмеÑени080 #1103; доменнÑÑ Ð¸Ð¼ÐµÐ½, Dear Chase client, Due to concerns, for the safety and integrity of the Chase online banking community we have issued the following warning message. It has come to our attention that your account information needs to be confirmed due to inactive customers, fraud and spoof reports. If you could please take 5-10 minutes out of your online experience and renew your records you will not run into any future problems with the online service. However, failure to confirm your records may result in your Chase account suspension. Once you have confirmed your Chase account records your internet banking service will not be interrupted and will continue as normal. To confirm your Chase bank account records please click here. Thank you for your time, Chase Billing Department *Note - all details are processed automatically by our system not manually by service representatives, so you can confidently use your PIN number without fear of your information being compromised .
Re: Bonehead question...
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hah! That took awhile, but the duplicate IP question got me thinking down that path and I found the one-in-a-billion duplicate... A duplicate _MAC_ address. Whoa, that was a zebra. But at least you all got me thinking down some alternative paths and I was able to put a new NIC in the box. Everything works now! Thanks again, - -- Ed V. IBM: It's Better 'morrow Stuart Henderson wrote: On 2006/02/09 12:24, B.O.F.H. wrote: Network card: Marvell Yukon 88E8001/8003/8010, rev 0x13, Marvell Yukon Lite (0x9) using the sk0 driver. It has an associated PHY of: Marvell Yukon 88E1011 Gigabit PHY, rev. 5 using the eephy0 device. It's attached to port 2 of a Cisco 3524 10/100 switch and autodetects at 100baseT full-duplex. The other PC is attached to port 4 of the same switch and is in the same VLAN group. That doesn't fit with any of the things I thought of (short nat or firewall timeouts or devices having trouble with rfc1323, which I've seen on some ADSL routers)... There aren't any IP address conflicts, I take it? That may cause something like this, but I guess you probably would have noticed. iQIVAwUBQ+zWgafRmhqF/IZAAQqxzg/+ODq4eLXdTg/KoLCDNnkWwDMnIToM+6Fv +SVJofl9AziNqeGeVS2lR6WlDiaR3hMkcIf3shmjybWOvZqTntwZ4vGwhkyg/Lbq TfjtU2j5KdAMVjITtrTuemy4aq1llov/k7J4KGAdYWhJano8hftmienelWKqJWJe sxtSWWU05plU2UHOAOVLvLtMnm1MgGuoLpwV+xhgxgkQNxw297O7B+BsVaX0IoF7 ecYspR4Abi6ftPzvjwMKL3+0LUG2oazFk+3l+8tkVMIB406puyZZsOaHgd1jWFWU yKk+CqWGykbY6AAMp5uQeeppipp+c+eMTC5fPagAulz6dJ3bNJUW+4WNZuRTDZye S2zv+y9S3oNtINd4zyTwLpu/t8TgxVa6m8yjxDZAH5YV1ATBGzUZMoxA/4/JFUAd JcTlPllhc7+ZphR4RYAGZjvP5BXDGCr8uyNETjhwzdaUM4l6N1TRbA8AXrxoOu55 /dlT3S6IO0Za03EjQmn3u73DVLEZ3KQTn36ax40GgixshsrF8Mc7jG+HZjAmpZEA Rlg34YqomIJedJobdspUwe+uCvXsUB2/yknt1E3U4LTK8cgd14r4PMiH62MVi0Zx H1zaabpcHo/C+S8ot+nfjnhW6q4695cUGxHYhpRS78lay49ZR9aazDOid3+QVIRZ 7qz+lgbDZKg= =BQ8w -END PGP SIGNATURE-
Status of pkg_add -u?
How functional and safe is pkg_add -u at this point? Also, I just wanted to say thanks for the hard work on the pkg_* tools. They just keep getting better. -- Will Backman - Network Administrator Coastal Enterprises, Inc. http://www.ceimaine.org
Re: dynamically linked suid binaries - Request for enlightment
On Fri, 10 Feb 2006, Tilo Stritzky wrote: Hi list, while doing some reading on secure software development (//www.ranum.com/security/computer_security/archives/security-for-developers.pdf) I came across the advice always link your priviliged binaries statically. However a quick check on my system revealed me almost all suid/sgid programs being dynamically linked (the two exceptions traceroute/traceroute6 startle me even more). Since the advice makes sense to me (it keeps some rather complicated machinery out of delicate matters) I'm wondering why it is not followed on OpenBSD. Are there other ways to simply 'do this right'? I would apreciate any pointers for further reading on that matter. Read man ld.so. The dynamic linker has special provisions to handle s/guid programs. -Otto
Re: syslogd question
On Fri, 2006-02-10 at 10:46:02 -0600, [EMAIL PROTECTED] proclaimed... I am setting up an openbsd box to be the catcher for a couple of AIX boxes to pitch their log files to. Using the standard syslogd, I am wondering if I can set it up so that each of the AIX boxes gets its own log file on the openbsd box. Something like /var/log/aix1.log and /var/log/aix2.log. Sure, check out the man page for syslogd.conf(5).
Re: syslogd question
You could setup different facilities on the separate AIX boxes (local1, local2, local3, etc..) Then on your openbsd box add the following line to your syslogd.conf #AIX box 1 local1.*/var/log/aix1.log #AIX box 2 local2.*/var/log/aix2.log Don't forget to update the syslogd entry in rc.conf. You must enable the -u option. Nils -Original Message- From: eric [mailto:[EMAIL PROTECTED] Sent: vrijdag 10 februari 2006 19:54 To: [EMAIL PROTECTED] Cc: misc@openbsd.org Subject: Re: syslogd question On Fri, 2006-02-10 at 10:46:02 -0600, [EMAIL PROTECTED] proclaimed... I am setting up an openbsd box to be the catcher for a couple of AIX boxes to pitch their log files to. Using the standard syslogd, I am wondering if I can set it up so that each of the AIX boxes gets its own log file on the openbsd box. Something like /var/log/aix1.log and /var/log/aix2.log. Sure, check out the man page for syslogd.conf(5). = A disclaimer applies to this email and any attachments. Refer to http://www.sparkholland.com/emaildisclaimer for the full text of this disclaimer.
Re: Status of pkg_add -u?
On Fri, Feb 10, 2006 at 01:18:58PM -0500, Will H. Backman wrote: How functional and safe is pkg_add -u at this point? it is safe. Functionality depends a lot on the reliability of your package feed, e.g., if you use a ftp server that is likely to not let you in part of the time, pkg_add -u will get lost easily.
Re: syslogd question
On Fri, 10 Feb 2006, eric wrote: On Fri, 2006-02-10 at 10:46:02 -0600, [EMAIL PROTECTED] proclaimed... I am setting up an openbsd box to be the catcher for a couple of AIX boxes to pitch their log files to. Using the standard syslogd, I am wondering if I can set it up so that each of the AIX boxes gets its own log file on the openbsd box. Something like /var/log/aix1.log and /var/log/aix2.log. Sure, check out the man page for syslogd.conf(5). Um, maybe I am missing something but on my box, and the openbsd site there is no syslogd.conf man page. There is a man 5 syslog.conf page and I have read it. Didn't see anything that would apply to this question at all. I also read man 8 syslogd and looked at the -a flag, wondering if that is where I want to be. Is a logging socket the same as a log file? And even if it is, I don't know how I would name the file -- unless it is like snort and uses the ip address. --ja --
Re: OT: wrt OpenBSD, what's a good laptop
The Thinkpads do have a good reputation for xBSD, and I picked up a good condition T30 which runs both NetBSD and OpenBSD without major drama, from a UK corporate left-over outfit called ITClear - www.itclear.co.uk. They were very helpful when the battery didn't charge as it should - sent a second one FoC, though it turned out to be a hardware fault which IBM fixed (*well* worth getting one with a bit of the manufacturer's warranty still left to run!) HTH - Stefek
Re: syslogd question
On 2006/02/10 10:46, [EMAIL PROTECTED] wrote: Or, would it just be easier to throw everything into one file and user perl to split out the two logs? FreeBSD has this, it works in a similar way to the per-program selectors, I don't know how much work it would be to port across. grep is another option, of course - even easier than Perl...
Re: syslogd question
--- [EMAIL PROTECTED] wrote: On Fri, 10 Feb 2006, eric wrote: On Fri, 2006-02-10 at 10:46:02 -0600, [EMAIL PROTECTED] proclaimed... I am setting up an openbsd box to be the catcher for a couple of AIX boxes to pitch their log files to. Using the standard syslogd, I am wondering if I can set it up so that each of the AIX boxes gets its own log file on the openbsd box. Something like /var/log/aix1.log and /var/log/aix2.log. Sure, check out the man page for syslogd.conf(5). Um, maybe I am missing something but on my box, and the openbsd site there is no syslogd.conf man page. There is a man 5 syslog.conf page and I have read it. Didn't see anything that would apply to this question at all. I also read man 8 syslogd and looked at the -a flag, wondering if that is where I want to be. Is a logging socket the same as a log file? And even if it is, I don't know how I would name the file -- unless it is like snort and uses the ip address. Sounds like you want to set up a remote logging server. The OpenBSD man page is surprisingly incomplete in this area so I'm redirecting you over to the FreeBSD site. http://www.freebsd.org/cgi/man.cgi?query=syslog.confapropos=0sektion=0manpath=FreeBSD+5.4-RELEASEformat=html Look for the '+' and '@' signs. But you could have googled yourself.
Re: Bonehead question...
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Bizarrely enough it was an onboard Marvell/Broadcom from Asus, which just happened to have the same MAC as a connector's SK-9521 (also uses the Marvell/Broadcom chip) running in an HP server box. Not sure if the SK had ever been flashed, but there it was with a duplicate MAC. I have to admit, I've heard the Internet legends about such things, but always figured folks were full of hooey. Now it's happened to me. Live and learn I guess. - -- Ed V. My Go this amn keyboar oesn't have any 's. Mike Gould wrote: I have to know, what were the two devices with the same MAC. Had they been reprogrammed or reflashed somehow? Mike B.O.F.H. wrote: iQIVAwUBQ+0CbafRmhqF/IZAAQrm7g/7BiM5xJhAJ7cibBGOqHAsFxUI/LOrBfwd tD4ceUgl4ffncYzDq0S36RVfX9hrMPulFn199or3nB5gFktrMF6gTwJKNqa7/KBH o5vqiNGnYn5uOHx3oEm9y0efRvXKMXtRutDl9OElKD4Wp2JHD4kEXnPTjVZznqFG OLPCBsosw7TQG2dUgqzxho7LTBOhQ5lbGuC47EYe8GuOxu2SKVvW+x4JUPyQQzhg qA5aByz3AtZLpWDaWF6fUI5C7UzTKNz2H8no1xF6AeEEkp5LGVOkfkMDEmJNKKDW 8SC4uAXGF0yADhfO1v7CEBp7c8iB02S4InwTS3B/EPofOlHtL2yWakDASpABaMHp 4hGDLIqRt308L+XZi29Lzo29kokZ41k+yCuXYRqxS/9JPZjEatdStf3WiInVeDpV wViWGL3Px4hZABDetZlXM1QU/6a3xHpEL9PDUN+skhnj1jTJKqFzOd/8YYLVdd4N 8YCCssAMv11NfStqaeIvlm4s+sYU9HrVhgBjQPHLtPQDd8ou9JmqeTkE9ZweDR7F /ba/8HjqlDg22kjX2hvj5dMsdUIsPEJSIJew3MgdIzDv2u0OWQB4PNPZPe0do51S GKzUfnmMCREMK8EouE1iOg4TIIA/3m+n5k01UZAoJ8ZkhsjtJrNpMku+4I1s8NPj g65COpmQVug= =QpPY -END PGP SIGNATURE-
Re: syslogd question
On Fri, Feb 10, 2006 at 10:46:02AM -0600, [EMAIL PROTECTED] wrote: I am setting up an openbsd box to be the catcher for a couple of AIX boxes to pitch their log files to. Using the standard syslogd, I am wondering if I can set it up so that each of the AIX boxes gets its own log file on the openbsd box. Something like /var/log/aix1.log and /var/log/aix2.log. Or, would it just be easier to throw everything into one file and user perl to split out the two logs? I did a little googling around and found one page that looked like exactly my answer but it was 404 and not in the google cache. I work for an ISP and I think that the best way to handle this is not to seperate by machine, but by service. ie: we have a farm of a dozen webservers, another dozen smtp servers, a bunch of imap servers, dns,.. When a customer needs help, say logging into on of the ftp servers, I can tail the auth logs grep for their username. They could hit anyone of the boxes at a given time, so this way is the only practical solution. Also, if a dns zone is not being propagated, I can grep for the zone and see what all of the servers are doing, with relevant time stamps. If you need per machine, then just refine your grep. Craig.
openBSD 3.8 window scaling problem: packets dropped on enc0?
scp from linux to linux via an ipsec tunnel between openBSD gateway and lancom 1611+ router fails( hangs) if tcp window scaling is enabled. This is my setup: Redhat Linux ES3 --- dc0 openBSD IPSEC dc1 internet - lancom 1611+ --- Redhat Linux ES4 RHES3 does scp a.a host:/directory ask for password, and then hangs, given the file is larger that about 1300 bytes. tcpdump on openBSD dc0 and enc0 shows: RHES3 sends SYN with wscale=0, receives SYN with wscale=3 sends and receives some small packets during negotiation sends a first full size packet, which I see on dc0, but not on enc0 and hangs, repeating this first packet. This only happens, when RHES3 is copying data to RHES4. If RHES3 is copying data from RHES4, it works, but very slow. The problem can be worked around by setting net.ipv4.tcp_window_scaling=0 on RHES3, effectively disabling the window scale feature. Is this a known problem? Or possibly caused by some sort of misconfiguration? I will happily provide more details, tcpdumps etc. if you are interested. I found that Stephen Hemminger claims on Linux World Expo Feb. 2005 that openBSD might fail to track state when window scaling is in effect. See http://developer.osdl.org/shemminger/LWE2005_TCP.pdf .
Re: syslogd question
On 2006-02-10 10:46:02 -0600, [EMAIL PROTECTED] wrote: I am setting up an openbsd box to be the catcher for a couple of AIX boxes to pitch their log files to. Using the standard syslogd, I am wondering if I can set it up so that each of the AIX boxes gets its own log file on the openbsd box. Something like /var/log/aix1.log and /var/log/aix2.log. Use syslogng (it's in ports). Best Martin -- http://www.tm.oneiros.de
Re: syslogd question
Craig, I'm going to second this, even though I don't work at an ISP (however, I do work with large amounts of syslog data). If you want to keep things organized, it's better to keep the syslog files organized by service. When you've got data coming from a large amount of servers, you want to: 1. Separate by service (ftp, ssh, mail, auth, etc.). 2. Use any external processing systems sparingly, and test them heavily for performance. 3. Have your scripts separate the machines, if needed, by machine name. Have them process syslog data after it's received. I'm using that setup and approach to handle data from approx. 20 commercial UNIX machines and various network devices at one location, and 2 OpenBSD 3.8 boxes and a Windows Server 2003 machine at another. It works very well. Take care, Mitch -Original Message- From: [EMAIL PROTECTED] on behalf of Craig Skinner Sent: Fri 2/10/2006 4:45 PM To: misc@openbsd.org Subject: Re: syslogd question On Fri, Feb 10, 2006 at 10:46:02AM -0600, [EMAIL PROTECTED] wrote: I am setting up an openbsd box to be the catcher for a couple of AIX boxes to pitch their log files to. Using the standard syslogd, I am wondering if I can set it up so that each of the AIX boxes gets its own log file on the openbsd box. Something like /var/log/aix1.log and /var/log/aix2.log. Or, would it just be easier to throw everything into one file and user perl to split out the two logs? I did a little googling around and found one page that looked like exactly my answer but it was 404 and not in the google cache. I work for an ISP and I think that the best way to handle this is not to seperate by machine, but by service. ie: we have a farm of a dozen webservers, another dozen smtp servers, a bunch of imap servers, dns,.. When a customer needs help, say logging into on of the ftp servers, I can tail the auth logs grep for their username. They could hit anyone of the boxes at a given time, so this way is the only practical solution. Also, if a dns zone is not being propagated, I can grep for the zone and see what all of the servers are doing, with relevant time stamps. If you need per machine, then just refine your grep. Craig.
netgear ma521
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi there, i got an problem here. I got an old laptop 100mhz 10,4. So there is no internal network interface so i want to run an wireless lan card in it (cardbus). But i don't get it work. I was already reading the OpenBSD FAQ but no effect if i plugged in the card i got this error as output of dmesg : cic_chip_socket_enable: status cpcic_wait_ready: ready never happened, status = 0c maybe someone can help me with this or can give me a link with an detail installation. P.S Sorry for my bad english : more you dont learn on german schools. mfg eSpo iD8DBQFD7UEbG9dcSNK/NL4RArQdAJ9Pg6qUJve7MHzurhckkaolOyd4QgCcDA2N yWpuA5/0iVwl0yAjWPLNzD0= =aFF1 -END PGP SIGNATURE-
Upgrading 3.6 to 3.8, and compiling -current
Hello, At a remote location, I have two boxes that are connected with each other via a serial cable, and through a router to the internet. One of the boxes is OpenBSD 3.6, and I'd like to upgrade it to 3.8, and then compile -current (I want to play with the kernel alongside sensors.h / lm(4)). What's the best way to do it? I guess, wget'ing the bsd.rd from ftp.openbsd.org mirror would be the best installation media, but then upon reboot should I choose 'upgrade' and do 3.6 - 3.7, then repeat the procedure with 3.7 - 3.8, then cvsup and compile the -current from sources? Or should I 'install' 3.8, then cvsup -current, and compile? If I'll choose to install 3.8, then will I be able to leave my partitioning scheme and contents of my custom partitions intact? Or will I have to repartition the drive? tvc:constant {172} df -h ; disklabel wd0 ; fdisk wd0 FilesystemSize Used Avail Capacity Mounted on /dev/wd0a 250M 35.5M 202M15%/ /dev/wd0p 3.0G 2.0K 2.8G 0%/backup2002 /dev/wd0n 2.0G 2.4M 1.9G 0%/home /dev/wd0m 7.9G 2.0K 7.5G 0%/mozilla /dev/wd0o39.4G 5.9G 31.5G16%/share /dev/wd0d 250M 2.0K 238M 0%/tmp /dev/wd0g 2.0G 773M 1.1G40%/usr /dev/wd0h 250M 119M 118M50%/usr/X11R6 /dev/wd0i 3.9G 486M 3.3G13%/usr/local /dev/wd0e 501M 6.0M 470M 1%/var /dev/wd0f 501M 304K 476M 0%/var/log /dev/wd0k1006M 546K 955M 0%/var/mail /dev/wd0l 250M 2.0K 238M 0%/var/qmail /dev/wd0j1006M 5.7M 950M 1%/var/www # using MBR partition 0: type A6 off 63 (0x3f) size 134223012 (0x80014a4) # /dev/rwd0c: type: ESDI disk: ESDI/IDE disk label: HDS722580VLAT20 flags: bytes/sector: 512 sectors/track: 63 tracks/cylinder: 16 sectors/cylinder: 1008 cylinders: 16383 total sectors: 160836480 rpm: 3600 interleave: 1 trackskew: 0 cylinderskew: 0 headswitch: 0 # microseconds track-to-track seek: 0 # microseconds drivedata: 0 16 partitions: #size offsetfstype [fsize bsize cpg] a: 524097 634.2BSD 2048 16384 328 # (Cyl.0*- 519) b: 2097648 524160 swap# (Cyl. 520 - 2600) c: 1608364800unused0 0# (Cyl.0 - 159559) d: 524160 26218084.2BSD 2048 16384 328 # (Cyl. 2601 - 3120) e: 1048320 31459684.2BSD 2048 16384 328 # (Cyl. 3121 - 4160) f: 1048320 41942884.2BSD 2048 16384 328 # (Cyl. 4161 - 5200) g: 4194288 52426084.2BSD 2048 16384 328 # (Cyl. 5201 - 9361) h: 524160 94368964.2BSD 2048 16384 328 # (Cyl. 9362 - 9881) i: 8388576 99610564.2BSD 2048 16384 328 # (Cyl. 9882 - 18203) j: 2097648 183496324.2BSD 2048 16384 328 # (Cyl. 18204 - 20284) k: 2097648 204472804.2BSD 2048 16384 328 # (Cyl. 20285 - 22365) l: 524160 225449284.2BSD 2048 16384 328 # (Cyl. 22366 - 22885) m: 16777152 230690884.2BSD 2048 16384 328 # (Cyl. 22886 - 39529) n: 4194288 398462404.2BSD 2048 16384 328 # (Cyl. 39530 - 43690) o: 83885760 440405284.2BSD 2048 16384 328 # (Cyl. 43691 - 126910) p: 6296787 1279262884.2BSD 2048 16384 328 # (Cyl. 126911 - 133157*) Disk: wd0 geometry: 10011/255/63 [160826715 Sectors] Offset: 0 Signature: 0xAA55 Starting Ending LBA Info: #: idC H S -C H S [ start: size ] *0: A60 1 1 - 8354 254 63 [ 63: 134223012 ] OpenBSD 1: 000 0 0 -0 0 0 [ 0: 0 ] unused 2: 000 0 0 -0 0 0 [ 0: 0 ] unused 3: 000 0 0 -0 0 0 [ 0: 0 ] unused tvc:constant {173} P.S. Is the upgrade really that simple and straightforward on OpenBSD as it seems to be? :-) P.P.S. BTW, as you can see I have some free disc space left... Is it possible to install two versions of OpenBSD on separate slices of one HDD and multiboot them? Or better and simpler just do the upgrade? :-) Thanks, Constantine.
installing with no floppy and no CD, only an ethernet connection
I want to put up 3.8 on my laptop. Can I download and run a DOS or Windoz pgm? I don't think I'm up to a PXE install., (It's the TCP scripting that frightens me.) --jg
Re: Upgrading 3.6 to 3.8, and compiling -current
On 2006/02/11 02:43, Constantine A. Murenin wrote: One of the boxes is OpenBSD 3.6, and I'd like to upgrade it to 3.8, and then compile -current (I want to play with the kernel alongside sensors.h / lm(4)). 3.8 - current/3.9-beta requires tedious and unnecessary steps. don't bother, install a snapshot. bsd.rd or tar xzpf should do nicely (see openbsd.org upgrade guide and 'following -current' for details - some parts of 'following -current' refer to compiler changes which you don't need to worry about if you install object code rather than upgrade from source). If I'll choose to install 3.8, then will I be able to leave my partitioning scheme and contents of my custom partitions intact? Or will I have to repartition the drive? should be fine intact - you have plenty of space on /usr for the libs which are now larger since they have debugging information (and very useful it is too). if you were tighter on space (mainly in /usr), you would want to make sure softdep is off while you upgrade. P.S. Is the upgrade really that simple and straightforward on OpenBSD as it seems to be? :-) yes, pretty much. P.P.S. BTW, as you can see I have some free disc space left... Is it possible to install two versions of OpenBSD on separate slices of one HDD and multiboot them? Or better and simpler just do the upgrade? :-) upgrade is probably simpler.
Re: Upgrading 3.6 to 3.8, and compiling -current
I'm hardly an expert so I hope you get some other opinions but here are my thoughts: On 2/10/06, Constantine A. Murenin [EMAIL PROTECTED] wrote: At a remote location, I have two boxes that are connected with each other via a serial cable, and through a router to the internet. One of the boxes is OpenBSD 3.6, and I'd like to upgrade it to 3.8, and then compile -current (I want to play with the kernel alongside sensors.h / lm(4)). What's the best way to do it? I guess, wget'ing the bsd.rd from ftp.openbsd.org mirror would be the best installation media, but then upon reboot should I choose 'upgrade' and do 3.6 - 3.7, then repeat the procedure with 3.7 - 3.8, then cvsup and compile the -current from sources? Or should I 'install' 3.8, then cvsup -current, and compile? The FAQ somewhere suggests of course, starting with a fresh install is always best. If I'll choose to install 3.8, then will I be able to leave my partitioning scheme and contents of my custom partitions intact? Or will I have to repartition the drive? The install script does run fdisk and disklabel but there's no reason you can't simply quit both immediately without making changes. All installing consists of is untarring the various install sets, writing some /etc/*.conf files with info from the user, using MAKEDEV to make various device nodes (not that I really understand what that means) and--oh--running newfs. I guess it would kill your partitions then. Probably upgrading is your best bet then, and I'm pretty sure you can go 3.6-3.8 immediately. Perhaps you could install by hand if all else fails? tvc:constant {172} df -h ; disklabel wd0 ; fdisk wd0 FilesystemSize Used Avail Capacity Mounted on ... /dev/wd0m 7.9G 2.0K 7.5G 0%/mozilla You have an entire partition for mozilla? I'm curious why (I'm somewhat a newbie, I like enlightenment). ... P.S. Is the upgrade really that simple and straightforward on OpenBSD as it seems to be? :-) Yes. P.P.S. BTW, as you can see I have some free disc space left... Is it possible to install two versions of OpenBSD on separate slices of one HDD and multiboot them? Or better and simpler just do the upgrade? :-) Of course it's possible to multiboot them, so long as they live on separate MBR partitions. Then just use $sudo fdisk -e wd0 flag n #n is 0 or 1, the partition you want to boot from to switch between each. But reallly... it's simpler to upgrade. -Kousu
Re: netgear ma521
On Sat, Feb 11, 2006 at 02:42:42AM +0100, Moritz Lutz wrote: Hi there, i got an problem here. I got an old laptop 100mhz 10,4. So there is no internal network interface so i want to run an wireless lan card in it (cardbus). But i don't get it work. I was already reading the OpenBSD FAQ but no effect if i plugged in the card i got this error as output of dmesg : cic_chip_socket_enable: status cpcic_wait_ready: ready never happened, status = 0c maybe someone can help me with this or can give me a link with an detail installation. Sounds like the laptop is too old to support 32 bit CardBus cards. Provide a full dmesg in future, but what you want to look for is the presence of cbb(4) in your dmesg. You might have some luck aquiring an old prism card off ebay, look for a card without the golden bar on the end, those are 16bit PCMCIA cards which should work fine.
Re: installing with no floppy and no CD, only an ethernet connection
Julesg wrote: I want to put up 3.8 on my laptop. Can I download and run a DOS or Windoz pgm? you can download lots of DOS and Windows programs. Few will help you with this task, however. :) I don't think I'm up to a PXE install., (It's the TCP scripting that frightens me.) What TCP scripting? Set up a DHCP server, a TFTP server. Pretty easy. There's a nice little FAQ entry about it, even. Kinda cool to watch a machine boot nothing :) If you really don't have a floppy and a CDROM and don't want to do a PXE boot, you are pretty well eliminating most of the standard install processes. About all that is left is pull the hard disk out, get an adapter to attach to another machine (either via IDE port or via USB...picked up a really slick one for $20 recently), install on another machine, replace in your laptop, reconfigure the network appropriately. 'course, you could probably get/borrow a USB floppy drive or CDROM drive as well. But taking apart laptops is fun! (it is the reassembly that causes hair loss) Nick.
missing network driver
I tried to upgrade an old server with 3.8 via a floppy. It was running 3.7 with a DB and web server previously. During the upgrade, it did not detect the NIC. As it was a test server, I tried a re-install rather than an upgrade...same thing. The 3.7 install disk works so I know it is not a problem with the card or the floppy. I tried pulling the floppy38.fs several times and running a dd to put the a couple of known good floppies all with the same results. Below is the dmesg from the 3.7 server after the rebuild. Any help would be appreciated. Thanks, Mike Calvi OpenBSD 3.7 (GENERIC) #50: Sun Mar 20 00:01:57 MST 2005 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC cpu0: Intel Pentium II (GenuineIntel 686-class, 512KB L2 cache) 267 MHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,MMX real mem = 670658560 (654940K) avail mem = 604454912 (590288K) using 4278 buffers containing 33636352 bytes (32848K) of memory mainbus0 (root) bios0 at mainbus0: AT/286+(70) BIOS, date 03/03/00, BIOS32 rev. 0 @ 0xf0530 apm0 at bios0: Power Management spec V1.2 (BIOS mgmt disabled) apm0: APM power management enable: unrecognized device ID (9) apm0: APM engage (device 1): power management disabled (1) apm0: AC on, battery charge unknown pcibios0 at bios0: rev 2.1 @ 0xf/0xdb2 pcibios0: PCI IRQ Routing Table rev 1.0 @ 0xf0d20/144 (7 entries) pcibios0: PCI Interrupt Router at 000:04:0 (Intel 82371FB ISA rev 0x00) pcibios0: PCI bus #1 is the last bus bios0: ROM list: 0xc/0x8000 0xc8000/0x5000 cpu0 at mainbus0 pci0 at mainbus0 bus 0: configuration mode 1 (no bios) pchb0 at pci0 dev 0 function 0 Intel 82443BX AGP rev 0x03 ppb0 at pci0 dev 1 function 0 Intel 82443BX AGP rev 0x03 pci1 at ppb0 bus 1 vga1 at pci1 dev 0 function 0 ATI Rage Pro rev 0x5c wsdisplay0 at vga1: console (80x25, vt100 emulation) wsdisplay0: screen 1-5 added (80x25, vt100 emulation) pcib0 at pci0 dev 4 function 0 Intel 82371AB PIIX4 ISA rev 0x02 pciide0 at pci0 dev 4 function 1 Intel 82371AB IDE rev 0x01: DMA, channel 0 wired to compatibility, channel 1 wired to compatibility wd0 at pciide0 channel 0 drive 0: IBM-DHEA-38451 wd0: 16-sector PIO, LBA, 8063MB, 16514064 sectors wd0(pciide0:0:0): using PIO mode 4, Ultra-DMA mode 2 wd1 at pciide0 channel 1 drive 0: WDC WD600BB-32CCB0 wd1: 16-sector PIO, LBA, 57241MB, 117231408 sectors wd1(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2 uhci0 at pci0 dev 4 function 2 Intel 82371AB USB rev 0x01: irq 11 usb0 at uhci0: USB revision 1.0 uhub0 at usb0 uhub0: Intel UHCI root hub, class 9/0, rev 1.00/1.00, addr 1 uhub0: 2 ports with 2 removable, self powered Intel 82371AB Power Mgmt rev 0x02 at pci0 dev 4 function 3 not configured ahc1 at pci0 dev 6 function 0 Adaptec AIC-7890/1 U2 rev 0x00: irq 11 scsibus0 at ahc1: 16 targets cd0 at scsibus0 targ 4 lun 0: YAMAHA, CRW4416S, 1.0g SCSI2 5/cdrom removable tx0 at pci0 dev 9 function 0 SMC 83C170 (EPIC/100) rev 0x06: irq 11 address 00:e0:29:09:3d:42 qsphy0 at tx0 phy 3: QS6612 10/100 PHY, rev. 1 isa0 at pcib0 isadma0 at isa0 pckbc0 at isa0 port 0x60/5 pckbd0 at pckbc0 (kbd slot) pckbc0: using irq 1 for kbd slot wskbd0 at pckbd0 (mux 1 ignored for console): console keyboard, using wsdisplay0 pmsi0 at pckbc0 (aux slot) pckbc0: using irq 12 for aux slot wsmouse0 at pmsi0 mux 0 pcppi0 at isa0 port 0x61 midi0 at pcppi0: PC speaker sysbeep0 at pcppi0 lpt0 at isa0 port 0x378/4 irq 7 lm0 at isa0 port 0x290/8: W83781D npx0 at isa0 port 0xf0/16: using exception 16 pccom0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo pccom1 at isa0 port 0x2f8/8 irq 3: ns16550a, 16 byte fifo fdc0 at isa0 port 0x3f0/6 irq 6 drq 2 fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec biomask ef65 netmask ef65 ttymask ffe7 pctr: 686-class user-level performance counters enabled mtrr: Pentium Pro MTRR support dkcsum: wd0 matched BIOS disk 80 dkcsum: wd1 matched BIOS disk 81 root on wd0a rootdev=0x0 rrootdev=0x300 rawdev=0x302
Re: missing network driver
[EMAIL PROTECTED] wrote: I tried to upgrade an old server with 3.8 via a floppy. It was running 3.7 with a DB and web server previously. During the upgrade, it did not detect the NIC. As it was a test server, I tried a re-install rather than an upgrade...same thing. The 3.7 install disk works so I know it is not a problem with the card or the floppy. I tried pulling the floppy38.fs several times and running a dd to put the a couple of known good floppies all with the same results. ... OpenBSD 3.7 (GENERIC) #50: Sun Mar 20 00:01:57 MST 2005 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC ... tx0 at pci0 dev 9 function 0 SMC 83C170 (EPIC/100) rev 0x06: irq 11 address 00:e0:29:09:3d:42 qsphy0 at tx0 phy 3: QS6612 10/100 PHY, rev. 1 Apparently, the tx driver was replaced for 3.8, and got a new name: epic(4). The epic(4) driver appears to be in floppy38.fs, bsd.rd and GENERIC. It is not in the B or C floppies. If the the floppy38.fs or bsd.rd are not working properly for you, boot from either, mount a disk partition, drop a dmesg to that partition, then boot normally to show us what you are getting on 3.8. If you try to do a normal upgrade, you will probably have some difficulties due to the change in the driver name (you might be able to fix that by copying your hostname.tx0 to hostname.epic0 before the upgrade media is booted), however a normal install should work fine (assuming you use the right boot disk). Regardless...I'd recommend bsd.rd over a boot floppy... Nick.
Fetching a remote ssh port
I wanted to fetch a remote ssh port into my home computer which is behind the cable modem and the NAT that the cable system is doing on the address it's DHCP gave out to me. That way I could, from any third location, say from my laptop on the road, ssh into my home computer through the tunnel that ssh establishes. I was successful in doing this under the circumstances where I assigned a spare IP address as a second alias to the machine where I wanted to establish the remote open end of the tunnel. First I modified the /etc/ssh/sshd_config in the remote computer so that I had the parameter: GatewayPorts clientspecified instead of the default which is no. Then I issued a ssh -R aliasIPaddress:22:localhost:22 [EMAIL PROTECTED] and left it running. Then I signed into a third site and did a ssh [EMAIL PROTECTED] and after giving my password at my home computer everything worked great. I could see that as soon as I listed the contents of my home directory, I was in the home computer rather than the one at the remote site. That way I would be able to initiate a connection into my home computer even though it was behind a NAT. Now the aliasIPaddress binding is supposed to be optional, and I thought that instead of using up a IP address at the remote site, it would be nice to just set up listening on, say, port 435 for ssh and just forward that particular port to the home machine. Accordingly I set up listening on two ssh ports in the sshd_config of the remote machine. Port 22 Port 435 and I changed the other parameter to: gatewayPorts yes Which means, to my understanding, that a forwarded port on any address would be allowed. Then I tried: ssh -R 435:localhost:22 [EMAIL PROTECTED] The ssh above did connect, but I saw an error message (approx:) remote port forwarding failed. And attempts to connect from a third (outside) site like: ssh -p 435 [EMAIL PROTECTED] half worked, but left me at the remote site -- in other words the port forwarding didn't work, as anticipated by the error message in trying to set up the tunnel. All three sites are Intel. The remoteIP is OpenBSD3.8 and the home machine is 3.7. Before I dig into every possible bit of ssh history, configuration and software setups, it there anyone out there successfully using port fetching (with -R, as opposed to port forwarding with -L) who could discuss it a bit with me? Thanks, Austin
Re: Fetching a remote ssh port
On Fri, Feb 10, 2006 at 11:56:37PM -0700, Austin Hook wrote: I wanted to fetch a remote ssh port into my home computer which is behind the cable modem and the NAT that the cable system is doing on the address it's DHCP gave out to me. That way I could, from any third location, say from my laptop on the road, ssh into my home computer through the tunnel that ssh establishes. I was successful in doing this under the circumstances where I assigned a spare IP address as a second alias to the machine where I wanted to establish the remote open end of the tunnel. First I modified the /etc/ssh/sshd_config in the remote computer so that I had the parameter: GatewayPorts clientspecified instead of the default which is no. Then I issued a ssh -R aliasIPaddress:22:localhost:22 [EMAIL PROTECTED] Instead of using an IP alias, you can just do: $ ssh -R '*::localhost:22' [EMAIL PROTECTED] and as long as you use an uprivileged port then you won't need root. Now the aliasIPaddress binding is supposed to be optional, and I thought that instead of using up a IP address at the remote site, it would be nice to just set up listening on, say, port 435 for ssh and just forward that particular port to the home machine. Accordingly I set up listening on two ssh ports in the sshd_config of the remote machine. By remote machine do you mean the intermediate machine? You don't need to do this. [...] ssh -R 435:localhost:22 [EMAIL PROTECTED] You don't need the port numbers on both ends of the forward to match what the sshd is configured for. The ssh above did connect, but I saw an error message (approx:) remote port forwarding failed. And attempts to connect from a third (outside) site like: That failed because sshd is already listening on port 435. -- Darren Tucker (dtucker at zip.com.au) GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69 Good judgement comes with experience. Unfortunately, the experience usually comes from bad judgement.