Re: LiveUSB OpenBSD and LiveCD-OpenBSD site updated

[Jan Stary]

On Apr 06 09:47:01, Mihai Popescu wrote:
> > Andres Perera 
> 
> > if you cant install through network because you only got one machine
> 
> So you can't install OpenBSD but you CAN download the pre-made OpenBSD images?
> 
> >and feel that guerrilla overwriting your mbr after installing the locks 
> >within another os in
> > order to do a hdd boot is too risky, you're left with this
> 
> I've used OpenBSD in a multiboot and it was working perfectly fine, no
> guerilla there.
> 
> > the page you linked does not provide that
> 
> It does not, since the page is for a specific purpose. If you take
> your time and go back to the root of FAQ you may find what you are
> looking for. But I guess is nicer for you to spread crazy thing on the
> list.

Please, don't feed this.  This project brings nothing,
and its page spreads disinformation. Just follow
http://www.openbsd.org/faq/faq14.html#flashmemLive

Re: LiveUSB OpenBSD and LiveCD-OpenBSD site updated

[Andres Perera]

On Fri, Apr 6, 2012 at 2:17 AM, Mihai Popescu  wrote:
>> Andres Perera 
>
>> if you cant install through network because you only got one machine
>
> So you can't install OpenBSD but you CAN download the pre-made OpenBSD images?

need another machine for bootp

>
>>and feel that guerrilla overwriting your mbr after installing the locks 
>>within another os in
>> order to do a hdd boot is too risky, you're left with this
>
> I've used OpenBSD in a multiboot and it was working perfectly fine, no
> guerilla there.

can't install in the first place if your only bootable media can be
usb sticks. the alternative to downloading premade images is making
them in qemu, which is more work for little gain

>
>> the page you linked does not provide that
>
> It does not, since the page is for a specific purpose. If you take
> your time and go back to the root of FAQ you may find what you are
> looking for. But I guess is nicer for you to spread crazy thing on the
> list.

Havege entropy gathering

[Kevin Chadwick]

I was looking at this entropy gatherer (havege) and was wondering if
OpenBSD uses any similar techniques?

www.irisa.fr/caps/projects/hipsor/

Re: LiveUSB OpenBSD and LiveCD-OpenBSD site updated

[Dan Shechter]

Hi, Sorry for the newbe question, but what is wrong with what he is doing?

Best regards,
Dan



On Mon, Apr 2, 2012 at 8:56 AM, Jan Stary  wrote:

> On Apr 01 21:30:58, Girish Venkatachalam wrote:
> > After a long long time. Sigh.
>
> Please stop spreading this. All it does is give wrong
> instruction and diverts people who should instead read
> http://www.openbsd.org/faq/faq14.html#flashmemLive

Re: fork failed: resource temporarily unavailable

[Otto Moerbeek]

On Thu, Apr 05, 2012 at 04:10:36PM +0200, Otto Moerbeek wrote:

> On Thu, Apr 05, 2012 at 03:11:20PM +0200, David Coppa wrote:
> 
> > On Thu, Apr 5, 2012 at 3:01 PM, Mattieu Baptiste  
> > wrote:
> > > Hi all,
> > >
> > > Since the switch to rthreads, and the new snapshot packages, I see a
> > > lot of these errors after some time using my desktop machine:
> > > fork failed: resource temporarily unavailable
> > >
> > > Then, I cannot start any process, and the machine starts to become
> > > unusable, till the next reboot. I'm using a lot firefox, thunderbird
> > > and XFCE.
> > >
> > > Do you see these errors? How could I track this?
> > 
> > As a workaround, modify the staff class (which your user should be
> > part of) with these values:
> > 
> > openfiles-cur=1024
> > openfiles-max=2048
> > maxproc-cur=512
> > maxproc-max=1024
> > 
> > And increase maxproc to 1024 in your .xsession (ulimit -Sp 1024).
> > 
> > Cheers,
> > David
> 
> Hmm, didn't a diff go in that made the limits per-process again?
> 
>   -Otto

Actuyally, no. This was a case of wishful thinking. Though something
is in the works. The above workaround wil do until something is
actually commited. 

-Otto

Re: Havege entropy gathering

[Ted Unangst]

On Fri, Apr 06, 2012, Kevin Chadwick wrote:
> I was looking at this entropy gatherer (havege) and was wondering if
> OpenBSD uses any similar techniques?
> 
> www.irisa.fr/caps/projects/hipsor/

No.  We don't think limiting entropy to being used as a seed for a
random number generator is a limitation.

Re: Havege entropy gathering

[Janne Johansson]

OpenBSD will use RNGs on CPU:s that have them, like the VIA C7 series.

2012/4/6 Kevin Chadwick :
> I was looking at this entropy gatherer (havege) and was wondering if
> OpenBSD uses any similar techniques?
>
> www.irisa.fr/caps/projects/hipsor/
>



--
 To our sweethearts and wives.  May they never meet. -- 19th century toast

Re: Havege entropy gathering

[Christian Weisgerber]

Kevin Chadwick  wrote:

> I was looking at this entropy gatherer (havege) and was wondering if
> OpenBSD uses any similar techniques?
> 
> www.irisa.fr/caps/projects/hipsor/

Broadly speaking, yes.

"HAVEGE combines on-the-fly hardware volatile entropy gathering with
 pseudo-random number generation."

This is the way all practical random number generators now work,
including OpenBSD's kernel one, Yarrow as implemented e.g. by
FreeBSD, or even Intel's on-chip Bull Mountain.

I don't want to sound too disparaging of the HAVEGE people, but
once you cut through the bluster, what remains is that they use the
processor cycle counter as their sole source of entropy, which they
then feed into their own deterministic pseudo-random number generator.

I suspect their choice of entropy source will not find general
approval *cough, cough*, and rather than designing your own PRNG
to stretch the randomness, you can do what OpenBSD and Intel did
and just use an off-the-shelf cryptographic stream cipher.

-- 
Christian "naddy" Weisgerber  na...@mips.inka.de

A little trouble using altq and cbq to do QoS.

[Alex Santos]

Hello everybody!
Pleased to meet you, my name is Alex, I am a network analyst who lives
in Brazil and I'm new here in the list of OpenBSD. I started working
recently with the system and I must say I am very pleased with the
performance and simplicity to perform configuration and system
resources.

Congratulations to the development team for the excellent work! =D

Well, do not know if this problem has already gone through the list
and if anyone can help me: I am setting up a laboratory in OpenBSD 4.6
and my desire is to apply a QoS policy to control the consumption of
bandwidth on a LAN.

I set up a simple scenario using VMWare to test:

Internal Network  -Internet (NAT VMware)
- WebServer (NAT VMWare)
192.168.20.0/24   -192.168.86.130/24
 - 192.168.86.132/24

Unfortunately I am struggling to limit the bandwidth by up to a
maximum of 128 Kbps for the local network as a whole and restrict the
use of HTTP connections by 20%. I read the OpenBSD documentation found
at this link (http://www.openbsd.org/faq/pf/queueing.html) and set the
PF firewall to work with the CBQ as follows:

# NAT (vic0 is my external network interface card and vic1 is my
internal network interface card)
nat on vic0 from vic1:network to any -> vic0:0

# Qos Rules
# I want to deliver only 16 kbytes per second to my internal network,
divided in two groups on this test:
# 20% to use of http (25,6 Kbps or 3.2 Kbytes per second)
# 80% to all of another services (102,4 Kbps or 12.8 kbytes per second)
# Eu nco quero que uma fila filha pegue a largura de banda disponmvel
na rede para ela.

altq on vic0 cbq bandwidth 128Kb queue {std, http}
queue std bandwidth 80% cbq(default, red)
queue http bandwidth 20% cbq(red)

# First, i've released the access to internet on all ports from my
internal network:
pass in on vic1 inet proto tcp from vic1:network to any keep state

# Second, applied the rule with quick rule to make sure this will
apply the queue http to limit traffic to 3.2 kbytes on port 80.
pass out quick on vic0 inet proto tcp from any to any port 80 keep
state queue http

# Third, i've released all traffic. Is just to test.
pass# to establish keep-state

The problem is that even applying the rule I notice that I can make
downloads via http at rates of 500 kilobytes per second (5 Mbps), even
notifying them they should not take the band borrowed from the main
queue. Also, notice that he is exceeding the stipulated limit of 128
Kbps.

I tried to monitor traffic queues with the command pfctl -sq -vvv in
debug mode and it is actually falling in the rule:

queue root_vic0 on vic0 bandwidth 128Kb priority 0 cbq( wrr root ) {std,
http}
  [ pkts:  69477  bytes:4349645  dropped pkts:  0 bytes:  0 ]
  [ qlength:   0/ 50  borrows:  0  suspends:  0 ]
  [ measured:39.8 packets/s, 17.19Kb/s ]
queue  std on vic0 bandwidth 102.40Kb cbq( red default )
  [ pkts:   2215  bytes: 382255  dropped pkts:245 bytes:  24762 ]
  [ qlength:   0/ 50  borrows:  0  suspends: 47 ]
  [ measured: 0.0 packets/s, 0 b/s ]
queue  http on vic0 bandwidth 25.60Kb cbq( red )
  [ pkts:  67262  bytes:3967390  dropped pkts: 538162 bytes: 29273235
]
  [ qlength:  26/ 50  borrows:  0  suspends:   2221 ]
  [ measured:39.8 packets/s, 17.19Kb/s ]


Has anyone experienced this problem and can give me a hand? ^^''

Best wishes to all!

Re: Havege entropy gathering

[Christian Weisgerber]

Janne Johansson  wrote:

> OpenBSD will use RNGs on CPU:s that have them, like the VIA C7 series.

To be more precise, OpenBSD adds hardware RNGs to its sources of
unpredictable external events.  See the comment block at the top
of /sys/dev/rnd.c for an explanation of the whole system.

With Bull Mountain, Intel would like you to stop bothering with a
system RNG altogether and get all your random numbers directly with
the RDRAND instruction.  Unfortunately, RDRAND can fail, so you
have to deal with error handling.  Inconvenient.  When/if OpenBSD
is going to get support for Bull Mountain, it will just be as another
entropy source that ends up feeding arc4random().

-- 
Christian "naddy" Weisgerber  na...@mips.inka.de

rthreads enabled in -current

[swilly]

http://marc.info/?l=openbsd-cvs&m=132928856921225&w=2

I'm not sure how I missed this news until now, but it's really great
to see things like this being moved along. Congratulations to everyone
who has helped make this possible, and know that your work is
appreciated - I've been patiently looking forward to OpenBSD's
solution to such a complex problem.

Leia nesta Páscoa

[Livraria Apolo 70]

NOSSOS SANTOS E BEATOS E OUTROS QUE PORTUGAL ADOROU, OS

Alberto Julio Silva

+Esta obra sobre os Santos i ja, de certo modo, resposta `s indicagues
pastorais para o Ano da Fi, dada, atravis da Congregagco para a Doutrina
da Fi, pelo Santo Padre Bento XVI `s Conferjncias Episcopais, ao dizer:
Os Santos e os Beatos sco autjnticas testemunhas da fi, portanto sera
oportuno que as Conferjncias Episcopais se empenhem em difundir o
conhecimento dos Santos do prsprio territsrio; in Prefacio ...

21.00  - 18.90 

CONTOS DE PASCOA

Joao Cesar Das Neves

Do Mesmo autor: Autos de Natal, Contos de Natal e Parabolas sobre Jesus.

+Deus escreve continuamente pequenos artigos []. Depois, toma cada uma
dessas gemas e parte-a delicadamente em pedagos mais pequenos. Algumas
deixa ficar intactas, mas a muitas divide em secgues, varias ligadas umas
`s outras por fios. Como as conchas no mar, algumas estco inteiras e
completas, ...

9.95  - 8.96 

TEMPO DA MUSICA MUSICA DO TEMPO

Eduardo Lourenco

Novo livro da colecgco +Obras de Eduardo Lourengo; que a Gradiva tem
vindo a editar em estreita colaboragco com o autor. Desta feita, trata-se
de textos iniditos, retirados das paginas diarmsticas do ensamsta  um
conjunto de reflexues +ocasionais; suscitadas pela audigco de pegas
musicais, seja em salas de concertos, em casa ou durante as suas
numerosas deslocagues. Aqui, o filssofo revela a sua sensibilidade aos
estados de alma dos trechos musicais e a sua imensa erudigco, que torna
possmvel o ...

13.50  - 12.15 

MACONARIA UNIVERSAL

Miguel Martin Albo

Fensmeno associativo singular, a magonaria, na sua expressco mais
ancestral - as lojas operativas - surge, sobretudo de construtores
(arquitectos, canteiros e pedreiros) da Europa medieval, mas i a partir
do siculo XVIII que, com o novo modelo de lojas especulativas - cujo
papel nas revolugues liberais foi fundamental -, comega a desfrutar de
grande reconhecimento social e polmtico. Com efeito, devido ` capacidade
de antecipar as mais significativas transformagues sociais e polmticas, a
Magonaria soube, ...

22.15  - 19.94 

PORTUGAL A PE

Nuno Ferreira

Em Fevereiro de 2008, o jornalista Nuno Ferreira (ex-Expresso e
ex-Pzblico) inicia a pi um longo e demorado piriplo pelo que i
habitualmente designado "Portugal profundo". Ao longo da viagem, enquanto
passa por vagabundo, contrabandista ou peregrino a Fatima, redescobre um
pams esquecido, muitas vezes entregue a si prsprio, que luta
desesperadamente contra a desertificagco. A caminhar do Algarve ao Minho
ptde ir observando Portugal com a cadjncia de uma cbmera lenta e atenta
aos ...

19.80  - 17.82 

EXTREMAMENTE ALTO E INCRIVELMENTE PERTO

Jonathan Safran Foer

Oskar Schell tem nove anos e i inventor, francsfilo, tocador de tamborim,
ator shakesperiano, joalheiro, pacifista. Alim disso, esta a empreender
uma busca urgente e secreta atravis das cinco zonas de Nova Iorque a fim
de encontrar a fechadura onde entra uma chave misteriosa que pertencera
ao pai, morto no atentado contra o World Trade Center. Oskar, uma
inspirada criagco do autor, i encantador, exasperante e inesquecmvel.

16.50  - 14.85 

Para deixar de receber a newsletter por favor clique Aqui

---