Re: [Patch] Possible typo in stdio(3) manpage
On Wed, Jul 02, 2014 at 07:10:06PM -0700, Philip Guenther wrote: On Wed, Jul 2, 2014 at 3:15 PM, Jason McIntyre j...@kerhand.co.uk wrote: i think the phrase going off and computing means use fflush before your code goes elsewhere, to do other things. whatever it means, the wording is kind of tragic, i agree. your diff seeks to tweak bad wording, whereas i prefer to kill it. i'll commit the diff below in the morning (relatively speaking, of course) unless my maibox gets jammed with outrage. ... @@ -148,8 +148,7 @@ or when a large amount of computation is done after printing part of a line on an output terminal, it is necessary to .Xr fflush 3 -the standard output before going off and computing so that the output -will appear. +the standard output so that the output will appear. ...will appear without delay? ...will appear immediately instead of at the next automatic flush? Philip thanks, i settled on tim's immediately suggestion to keep it brief. jmc
Re: openssh
* Mihai Popescu mih...@gmail.com [2014-07-02 17:05]: Better buy a hardisk, copy your data and mail it abroad. Seriously. A truck full of harddisks is a transport link with fantastic bandwidth. Latency kinda sucks, tho. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services GmbH, http://bsws.de, Full-Service ISP Secure Hosting, Mail and DNS. Virtual Dedicated Servers, Root to Fully Managed Henning Brauer Consulting, http://henningbrauer.com/
Re: openssh
On Thu, Jul 03, 2014 at 10:32:42AM +0200, Henning Brauer wrote: * Mihai Popescu mih...@gmail.com [2014-07-02 17:05]: Better buy a hardisk, copy your data and mail it abroad. Seriously. A truck full of harddisks is a transport link with fantastic bandwidth. Latency kinda sucks, tho. Sadly, French researchers have found _at least_ one way to DDoS this transport and make it unusable with very few resources: http://french.about.com/od/vocabulary/a/operationescargot.htm -- Gilles Chehade https://www.poolp.org @poolpOrg
Re: openssh
On Thu, Jul 03, 2014 at 10:32:42AM +0200, Henning Brauer wrote: * Mihai Popescu mih...@gmail.com [2014-07-02 17:05]: Better buy a hardisk, copy your data and mail it abroad. Seriously. A truck full of harddisks is a transport link with fantastic bandwidth. Latency kinda sucks, tho. And if the hard disks are small enough, you can attach them to pigeons, or swallows, even! (African or European) - P -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ Remember to set the evil bit on all malicious network traffic delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: openssh
On Tue, 1 Jul 2014, Gregory Edigarov wrote: Hello, Just out for curiosity. what is the fastest and lightest in cpu terms algorithm in ssh? In recent OpenSSH, chacha20-poly1...@openssh.com is what you want. -d
Re: Why doesn't GCM HTTPS work with nginx?
ssl_protocols TLSv1.2; ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256; was the final solution, since YES, the problem was that Firefox 30 doesn't supports the mentioned cipher yet.. Thank you everyone! (nginx was 100% OK :) ) On Wed, Jul 2, 2014 at 9:01 PM, Christian Weisgerber na...@mips.inka.de wrote: On 2014-07-02, Ez Egy ezegyemailcim...@gmail.com wrote: www.ssllabs.com: ECDHE-RSA-AES256-GCM-SHA384 www.google.com: ECDHE-RSA-AES128-GCM-SHA256 We wanted to make our webserver HTTPS connection more secure (don't look at the self-signed certificate, that doesn't count right now..) We are using an OpenBSD 5.4 64bit, and the openssl ciphers command says that it supports the ECDHE-RSA-AES256-GCM-SHA384 cipher. On client side there is Firefox 30 at least. Firefox doesn't support ECDHE-RSA-AES256-GCM-SHA384. ECDHE-RSA-AES128-GCM-SHA256, yes. ECDHE-RSA-AES256-GCM-SHA384, no. Question: How can we set GCM in nginx? Why couldn't a fresh Firefox connect via HTTPS to foo.com (ECDHE-RSA-AES256-GCM-SHA384,TLSv1.2)? It can connect to www.ssllabs.com via HTTPS (ECDHE-RSA-AES256-GCM-SHA384,TLSv1.2) No, it doesn't. Not with that cipher suite. -- Christian naddy Weisgerber na...@mips.inka.de
Re: rc script problem with pgrep / pkill
On 2014-07-02 Wed 11:18 AM |, Leclerc, Sebastien wrote: $ pgrep -f ^tarpitd: \[priv\] 22014 But a check or stop doesn't: $ sudo /etc/rc.d/tarpitd -d check ; echo $? doing rc_read_runfile doing rc_check 1 Show the output of: $ cat /etc/rc.d/tarpitd; \ ls -l /var/run/rc.d/tarpitd; \ cat /var/run/rc.d/tarpitd
Re: OT: Suggestion for hard wire network care AND wireless supported in OpenBSD
On 2014-07-03, Daniel Ouellet dan...@presscom.net wrote: Sorry for the off topic question, but I am looking and researching a PCI network card that would have both the cat5 jack and wireless capability to be use as host into an OpenBSD server to provide access point and the hard wire part to be use as an additional network card. I only have one pci slot free and need to add a third hard wire and want to provide wireless as well from that router. It appear not as easy as I thought to find. Anyone know of one that work? Any suggestion as long as it is supported I don't care. Answer off list is fine as well. Thanks for your time if you know of one. Daniel Assuming you did actually mean PCI and not PCIE, this plus a minipci wireless card might do the trick (but note I do not have one so don't know for sure) http://linitx.com/product/4-port-network-card-with-minipci-slot/11149 Otherwise if PCIE maybe it's possible to find a dual miniPCIE carrier board and use miniPCIE ethernet and wireless modules.. Personally I'd just use a dual port nic and standalone AP though.
Re: Intel Dual Band Wireless AC 7260 support on the horizon?
On Wed, Jul 02, 2014 at 05:33:50PM -0400, Brad Smith wrote: On 02/07/14 2:59 PM, Peter N. M. Hansteen wrote: pci2 at ppb1 bus 2 Intel Dual Band Wireless AC 7260 rev 0x73 at pci2 dev 0 function 0 not configured Have I stumbled onto a new variant, or have I made some silly mistake along the way? The firmware was added so it is already included in the package when and if someone adds the relevant code to iwn(4) to support the 7260 / 3160 controllers but to date the driver does not support these controllers. I'v been trying to get mine working but haven't succeeded so far. Something is probably missing to power up the card because I can't read eeprom. Jul 2 12:10:26 x1 /bsd: iwn0 at pci2 dev 0 function 0 Intel Dual Band Wireless AC 7260 rev 0x83: msi hwty: 20 Jul 2 12:10:26 x1 /bsd: 5k_atta Jul 2 12:10:26 x1 /bsd: iwn_read_eep Jul 2 12:10:26 x1 /bsd: EEPROM found Jul 2 12:10:26 x1 /bsd: iwn0: bad ROM signature 0x Jul 2 12:10:26 x1 /bsd: : could not read EEPROM -- rix
Re: openssh
On Thu, 3 Jul 2014, Peter N. M. Hansteen wrote: From: Peter N. M. Hansteen pe...@bsdly.net To: misc@openbsd.org Date: Thu, 3 Jul 2014 09:41:12 Subject: Re: openssh On Thu, Jul 03, 2014 at 10:32:42AM +0200, Henning Brauer wrote: * Mihai Popescu mih...@gmail.com [2014-07-02 17:05]: Better buy a hardisk, copy your data and mail it abroad. Seriously. A truck full of harddisks is a transport link with fantastic bandwidth. Latency kinda sucks, tho. And if the hard disks are small enough, you can attach them to pigeons, or swallows, even! (African or European) Sounds to me like this means that RFC1149[1] should be updated. Technology has improved somewhat since this RFC was written. [1] http://tools.ietf.org/html/rfc1149 -- Dennis Davis dennisda...@fastmail.fm
Re: openssh
Le 03/07/2014 15:17, Dennis Davis a écrit : On Thu, 3 Jul 2014, Peter N. M. Hansteen wrote: From: Peter N. M. Hansteen pe...@bsdly.net To: misc@openbsd.org Date: Thu, 3 Jul 2014 09:41:12 Subject: Re: openssh On Thu, Jul 03, 2014 at 10:32:42AM +0200, Henning Brauer wrote: * Mihai Popescu mih...@gmail.com [2014-07-02 17:05]: Better buy a hardisk, copy your data and mail it abroad. Seriously. A truck full of harddisks is a transport link with fantastic bandwidth. Latency kinda sucks, tho. And if the hard disks are small enough, you can attach them to pigeons, or swallows, even! (African or European) Sounds to me like this means that RFC1149[1] should be updated. Technology has improved somewhat since this RFC was written. [1] http://tools.ietf.org/html/rfc1149 It was: https://tools.ietf.org/html/rfc2549
Re: openssh
On Thu, 3 Jul 2014, Blaise Hizded wrote: From: Blaise Hizded bla...@ovh.fr To: misc@openbsd.org Date: Thu, 3 Jul 2014 14:41:10 Subject: Re: openssh Le 03/07/2014 15:17, Dennis Davis a écrit : On Thu, 3 Jul 2014, Peter N. M. Hansteen wrote: From: Peter N. M. Hansteen pe...@bsdly.net To: misc@openbsd.org Date: Thu, 3 Jul 2014 09:41:12 Subject: Re: openssh On Thu, Jul 03, 2014 at 10:32:42AM +0200, Henning Brauer wrote: * Mihai Popescu mih...@gmail.com [2014-07-02 17:05]: Better buy a hardisk, copy your data and mail it abroad. Seriously. A truck full of harddisks is a transport link with fantastic bandwidth. Latency kinda sucks, tho. And if the hard disks are small enough, you can attach them to pigeons, or swallows, even! (African or European) Sounds to me like this means that RFC1149[1] should be updated. Technology has improved somewhat since this RFC was written. [1] http://tools.ietf.org/html/rfc1149 It was: https://tools.ietf.org/html/rfc2549 Oops, my apologies to all. My research was obviously conducted without due diligence. I must try harder. Further afternoon, armchair research shows a later RFC[2] with an extension for IPv6. Nice to see the IETF on the ball :-) [2] http://tools.ietf.org/html/rfc6214 -- Dennis Davis dennisda...@fastmail.fm
Re: openssh
Em 03-07-2014 05:36, Gilles Chehade escreveu: On Thu, Jul 03, 2014 at 10:32:42AM +0200, Henning Brauer wrote: * Mihai Popescu mih...@gmail.com [2014-07-02 17:05]: Better buy a hardisk, copy your data and mail it abroad. Seriously. A truck full of harddisks is a transport link with fantastic bandwidth. Latency kinda sucks, tho. Sadly, French researchers have found _at least_ one way to DDoS this transport and make it unusable with very few resources: http://french.about.com/od/vocabulary/a/operationescargot.htm https://what-if.xkcd.com/31/ -- Giancarlo Razzolini GPG: 4096R/77B981BC
Re: opensshbb
BbBbbU Sent from my BlackBerry 10 smartphone on the Rogers network. From: Dennis Davis Sent: Thursday, July 3, 2014 10:18 To: misc@openbsd.org Subject: Re: openssh On Thu, 3 Jul 2014, Blaise Hizded wrote: From: Blaise Hizded bla...@ovh.fr To: misc@openbsd.org Date: Thu, 3 Jul 2014 14:41:10 Subject: Re: openssh Le 03/07/2014 15:17, Dennis Davis a ?crit : On Thu, 3 Jul 2014, Peter N. M. Hansteen wrote: From: Peter N. M. Hansteen pe...@bsdly.net To: misc@openbsd.org Date: Thu, 3 Jul 2014 09:41:12 Subject: Re: openssh On Thu, Jul 03, 2014 at 10:32:42AM +0200, Henning Brauer wrote: * Mihai Popescu mih...@gmail.com [2014-07-02 17:05]: Better buy a hardisk, copy your data and mail it abroad. Seriously. A truck full of harddisks is a transport link with fantastic bandwidth. Latency kinda sucks, tho. And if the hard disks are small enough, you can attach them to pigeons, or swallows, even! (African or European) Sounds to me like this means that RFC1149[1] should be updated. Technology has improved somewhat since this RFC was written. [1] http://tools.ietf.org/html/rfc1149 It was: https://tools.ietf.org/html/rfc2549 Oops, my apologies to all. My research was obviously conducted without due diligence. I must try harder. Further afternoon, armchair research shows a later RFC[2] with an extension for IPv6. Nice to see the IETF on the ball :-) [2] http://tools.ietf.org/html/rfc6214 -- Dennis Davis dennisda...@fastmail.fm
Re: openssh
44 Sent from my Samsung Epic⢠4G Touch Original message From: Giancarlo Razzolini grazzol...@gmail.com Date: 07/03/2014 9:56 AM (GMT-06:00) To: Gilles Chehade gil...@poolp.org,misc@openbsd.org Subject: Re: openssh Em 03-07-2014 05:36, Gilles Chehade escreveu: On Thu, Jul 03, 2014 at 10:32:42AM +0200, Henning Brauer wrote: * Mihai Popescu mih...@gmail.com [2014-07-02 17:05]: Better buy a hardisk, copy your data and mail it abroad. Seriously. A truck full of harddisks is a transport link with fantastic bandwidth. Latency kinda sucks, tho. Sadly, French researchers have found _at least_ one way to DDoS this transport and make it unusable with very few resources:      http://french.about.com/od/vocabulary/a/operationescargot.htm https://what-if.xkcd.com/31/ -- Giancarlo Razzolini GPG: 4096R/77B981BC
Dragonflybsd's pf concurrent instead of single-threaded
This seems relevant to a lot of interest. commit 3a0038bfb239dd522057809c52d7d23dd2134c38 Author: Matthew Dillon dillon at apollo.backplane.com http://lists.dragonflybsd.org/mailman/listinfo/commits Date: Thu Jun 26 20:40:32 2014 -0700 pf - make the bulk of PF concurrent under normal operation * state and ip fragment tables are now per-cpu. * packet paths acquire pf_token shared instead of exclusive. Packet processing runs concurrently. * Any dynamic rules updates will run synchronously for now. * State expiration from the pfpurge thread runs synchronously for now. More work can be done here. * ioctl (and also pfsync) paths acquire pf_token exclusively. That is, primarily pfctl commands. This includes rules updates and state scans. More work can be done here. Summary of changes: sys/net/pf/Makefile| 2 + sys/net/pf/if_pfsync.c | 85 +++--- sys/net/pf/if_pfsync.h | 2 + sys/net/pf/pf.c| 260 -- sys/net/pf/pf_ioctl.c | 427 +++-- sys/net/pf/pf_norm.c | 118 -- sys/net/pf/pfvar.h | 17 +- 7 files changed, 588 insertions(+), 323 deletions(-) http://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/3a0038bfb239dd522057809c52d7d23dd2134c38 -- DragonFly BSD source repository
Re: OT: Suggestion for hard wire network care AND wireless supported in OpenBSD
On 7/3/14, 6:41 AM, Stuart Henderson wrote: On 2014-07-03, Daniel Ouellet dan...@presscom.net wrote: Sorry for the off topic question, but I am looking and researching a PCI network card that would have both the cat5 jack and wireless capability to be use as host into an OpenBSD server to provide access point and the hard wire part to be use as an additional network card. I only have one pci slot free and need to add a third hard wire and want to provide wireless as well from that router. It appear not as easy as I thought to find. Anyone know of one that work? Any suggestion as long as it is supported I don't care. Answer off list is fine as well. Thanks for your time if you know of one. Daniel Assuming you did actually mean PCI and not PCIE, this plus a minipci wireless card might do the trick (but note I do not have one so don't know for sure) http://linitx.com/product/4-port-network-card-with-minipci-slot/11149 Otherwise if PCIE maybe it's possible to find a dual miniPCIE carrier board and use miniPCIE ethernet and wireless modules.. Personally I'd just use a dual port nic and standalone AP though. Well could be pcie. It support x4 pci-e. As for the stand alone, I did have one. It blow up and with all the backdoor into them these days, I was looking to find something different and possibly all in my OpenBSD router. It may not be possible, but I am looking if that could be done. Thanks for your time and feedback. As you said, I may be out of luck, will see.
Re: openssh
Peter N. M. Hansteen [pe...@bsdly.net] wrote: On Thu, Jul 03, 2014 at 10:32:42AM +0200, Henning Brauer wrote: * Mihai Popescu mih...@gmail.com [2014-07-02 17:05]: Better buy a hardisk, copy your data and mail it abroad. Seriously. A truck full of harddisks is a transport link with fantastic bandwidth. Latency kinda sucks, tho. And if the hard disks are small enough, you can attach them to pigeons, or swallows, even! (African or European) Drones.