Re: [PLUG] Two decade old Linux machine comes back to life
Two other wrinkles: a) I don't remember the full blow by blow, but on reflection, I don't think my first mistake was forgetting to clear the root password, but forgetting to clear the user password. The serial console was not in /etc/securetty, so I couldn't log in directly as root, and I had to circle back to enable the users login before I could su to root. I could have redirected console from the kernel command line too and bypassed the problem; and b) when I went to make a backup of what was still on the fujitsu ide 1GB harddisk, connecting the 20-year old debian install to a modern computer with rsync was a challenge. I could make my way past ssh deprecations (at least in one direction), but I got stuck with rsync protocol incompatibilities. I ended up just piping tar through an ssh tunnel. On 10/10/23 21:04, Russell Senior wrote: So, I've been watching a YouTube channel of a local guy named Adrian Black. His channel is called Adrian's Digital Basement. He's into retro computing and does board repair to get old, broken, abandoned computers working again, generally from the Apple II, Commodore 64 era, up to and including IBM AT era machines. Recently, he's mentioned the Gravis UltraSound audio card a few times, which rang a bell with me. I knew that I once had one, and that I probably still had it. Some versions of it, I learned, are quite sought after in the retro computer community. Or, at least sellers have the perception that they are sought after. If you search on e-bay, you will find sellers asking for $500-$1000 for (again) some version of them. They were unique at the time in that they did mixing on the card, rather than in the CPU, or something vaguely like that. They were producing really good quality sound on PC-style computers before the CPUs were really fast enough to be able to do the mixing. I remember having it in the mid-late 1990s, and playing MOD files on it in a linux box. So, in a moment of inspiration, I went down in the basement and looked for the card. And, at first, I only found it visible from the outside of a computer that was wedged behind some other things. So, a day goes by and I'm thinking about it, and then last night I go back down in the basement and extract the box from the corner it is tucked in and pop it open. Sure enough, I have a Gravis UltraSound Plug & Play Version 1.0. It is one of the later versions. The date codes on the chips suggest it was manufactured in the 2nd quarter of 1996 or maybe a little later. Well, so here in front of me is the box it is sitting in. I don't remember very much about the machine it is in, except from the markings it is: an ASUS P/I-P55TP4N motherboard, with ISA and PCI slots, half the memory slots are filled, and it has a Fujitsu IDE hard disk. Not really any idea how long it has been wedged in the corner, except that it's probably been there for "a while". No idea if the power supply even works. So, not wanting to risk the power supply blowing up and killing the maybe-potentially-worth-something GUS (as they were known, there is still support in modern kernels for these boards), I pull the card out, find a PCI video card, a VGA monitor to plug in, also an adapter for an AT-style chonky keyboard connector, and with a little trepidation and sideways thoughts about the location of the nearest fire extinguisher, I turn the power on. And it whirs to life! It became rapidly apparent that this had been a server of some kind, because I had configured it with a serial console, so I find a null-modem cable I can plug into a laptop to get a 9600 baud console shell. Then I remember that I don't remember what the password is or was. So, reboot again, and from the GRUB shell, I supply an init=/bin/bash option to the kernel commandline, which boots me to a semi-functional root shell. I remount the root filesystem read-write, find the password hash in the /etc/passwd file (this was before i'd caved into the modernity of /etc/shadow to hide the password hashes), remove the hash so i can log in temporarily with no password, and reboot. Now I can log in. Maybe or maybe not, I was too dumb to do the same thing for root the first time, but maybe there are a few more reboots, I'm not saying. Anyway, I am in. The machine is a 133MHz Pentium-S, whatever that was. It has 64MB of RAM. The IDE hard disk is 1GB. It is running a 2.4.20 kernel. From looking at the log files, it was shutdown sometime in May 2003, and it's running fine. I notice that the system clock is in October 2023, which is a little surprising, because the network configuration is wrong for what it is plugged into (it had a static config, and the upstream network is different than it once was). It gradually dawns on me that it has a 2023 date, not because of NTP, but because the realtime clock somehow survived, unplugged and ti
[PLUG] Two decade old Linux machine comes back to life
So, I've been watching a YouTube channel of a local guy named Adrian Black. His channel is called Adrian's Digital Basement. He's into retro computing and does board repair to get old, broken, abandoned computers working again, generally from the Apple II, Commodore 64 era, up to and including IBM AT era machines. Recently, he's mentioned the Gravis UltraSound audio card a few times, which rang a bell with me. I knew that I once had one, and that I probably still had it. Some versions of it, I learned, are quite sought after in the retro computer community. Or, at least sellers have the perception that they are sought after. If you search on e-bay, you will find sellers asking for $500-$1000 for (again) some version of them. They were unique at the time in that they did mixing on the card, rather than in the CPU, or something vaguely like that. They were producing really good quality sound on PC-style computers before the CPUs were really fast enough to be able to do the mixing. I remember having it in the mid-late 1990s, and playing MOD files on it in a linux box. So, in a moment of inspiration, I went down in the basement and looked for the card. And, at first, I only found it visible from the outside of a computer that was wedged behind some other things. So, a day goes by and I'm thinking about it, and then last night I go back down in the basement and extract the box from the corner it is tucked in and pop it open. Sure enough, I have a Gravis UltraSound Plug & Play Version 1.0. It is one of the later versions. The date codes on the chips suggest it was manufactured in the 2nd quarter of 1996 or maybe a little later. Well, so here in front of me is the box it is sitting in. I don't remember very much about the machine it is in, except from the markings it is: an ASUS P/I-P55TP4N motherboard, with ISA and PCI slots, half the memory slots are filled, and it has a Fujitsu IDE hard disk. Not really any idea how long it has been wedged in the corner, except that it's probably been there for "a while". No idea if the power supply even works. So, not wanting to risk the power supply blowing up and killing the maybe-potentially-worth-something GUS (as they were known, there is still support in modern kernels for these boards), I pull the card out, find a PCI video card, a VGA monitor to plug in, also an adapter for an AT-style chonky keyboard connector, and with a little trepidation and sideways thoughts about the location of the nearest fire extinguisher, I turn the power on. And it whirs to life! It became rapidly apparent that this had been a server of some kind, because I had configured it with a serial console, so I find a null-modem cable I can plug into a laptop to get a 9600 baud console shell. Then I remember that I don't remember what the password is or was. So, reboot again, and from the GRUB shell, I supply an init=/bin/bash option to the kernel commandline, which boots me to a semi-functional root shell. I remount the root filesystem read-write, find the password hash in the /etc/passwd file (this was before i'd caved into the modernity of /etc/shadow to hide the password hashes), remove the hash so i can log in temporarily with no password, and reboot. Now I can log in. Maybe or maybe not, I was too dumb to do the same thing for root the first time, but maybe there are a few more reboots, I'm not saying. Anyway, I am in. The machine is a 133MHz Pentium-S, whatever that was. It has 64MB of RAM. The IDE hard disk is 1GB. It is running a 2.4.20 kernel. From looking at the log files, it was shutdown sometime in May 2003, and it's running fine. I notice that the system clock is in October 2023, which is a little surprising, because the network configuration is wrong for what it is plugged into (it had a static config, and the upstream network is different than it once was). It gradually dawns on me that it has a 2023 date, not because of NTP, but because the realtime clock somehow survived, unplugged and ticking, for >2 decades. This evening I went downstairs to take a closer look at the battery, and discovered that it's a Dallas DS12B887. And the clock is running about 25 minutes slow. After 20 years and 5 months. Anyway, I just wanted to share that. -- Russell Senior russ...@pdxlinux.org
Re: [PLUG] 2nd try, no response: Re: October PLUG Meeting: Firejail and Linux VPNs
Michael is in charge of AV. As I understand it, a bunch of the historical presentations have been recorded, but are thus far unpublished. So, if you want to see the talk, you should actually show up in person to have the best chance. -- Russell Senior PLUG Volunteer russ...@personaltelco.net On 10/4/23 14:10, J. Hart wrote: Is this being recorded or live streamed ? On 10/4/23 6:32 AM, Michael Dexter wrote: Portland Linux/Unix Group General Meeting Announcement Who: Mark/Xe1phix What: Firejail and Linux VPNs Where: 5500 SW Dosch Rd, Portland When: Thursday, October 5th, 2023 at 7pm Why: The pursuit of technology freedom In this presentation, Xe1phix will cover:
Re: [PLUG] October PLUG Meeting: Firejail and Linux VPNs
A bunch of people I know have been infected recently. None of them were serious cases, but one person in particular had it as recently as last November and got it again a few weeks ago on a trip to New York City. In another case, a co-worker of my spouse had it (in a meeting, sitting next to spouse) a couple weeks ago. Within 24 hours of that exposure, spouse had a fever, no cough or congestion, and isolated in a room and tested negative three days in a row. No one else in our house developed any symptoms. I have heard anecdotal suggestions that the at-home-tests might be giving false negatives that PCR tests detect. Hard to know, given the fragmentary evidence, but it is out there circulating and, speaking from my own anecdotal experience, it isn't fun even when mild. -- Russell Senior russ...@pdxlinux.org On 10/3/23 16:40, Michael Dexter wrote: On 10/3/23 3:47 PM, MC_Sequoia wrote: "The Center has experienced multiple COVID infections, one of which landed someone in the hospital in a coma." Was this fairly recent? Within days. I'm not saying the Center as a building is "infected", but the broader risk is there. "You are welcome to get COVID, but it won't be from PLUG." ... And please don't bring it to PLUG. Michael
Re: [PLUG] Debian 12 Nightmare install
On 9/30/23 21:57, MC_Sequoia wrote: I'm sharing my experience because I've using Debian for 15 years and I've never had an experience like I did the other day with Debian 12 Netinsttall w. Gnome Desktop. [...] I finally was able to successfully get the XFCE Netinstall version installed. However, once installed I had weird wifi connectivity problems w. 2 wifi access points that I use regularly, Everything from key exchange problems, dropping the connection, and ever not associating with an open AP. I don't know about the rest of it, but modern versions of OpenSSH have disabled some crypto algorithms by default. A common one is the ssh-rsa host key algorithm. The failure message gives you a clue (but sometimes ONLY a clue) as to what option you need to activate them again. You can re-enable them from the command line, using for example: ssh -ohostkeyalgorithms=+ssh-rsa username@hostname Or, you can get fancy with .ssh/config and associate a host entry with the needed options, e.g. Host hostname User username HostKeyAlgorithms +ssh-rsa or something vague like that (I didn't check the syntax of the option), maybe someone can correct me. Of course, they weren't deprecated without a reason. When you encounter these messages, you should consider whether you can update the remote system to not rely on the deprecated algorithms, because the pain is only likely to increase in the future. On older Debian, you are probably running a not-yet-fully-modern openssh and therefore have not encountered the deprecations yet. As for the slowness, at the risk of repeating the obvious, because reaching services over the internet crosses potentially many hops and depends on many things working, it's hard to say anything definitive without testing. Could be long DNS delays, could be an overloaded link somewhere along the path, it could be the server at the far end was overloaded. The "mtr" tool is a good place to start, as packet loss or big jumps in delay along the path can give clues. I haven't installed Debian in a while, so I don't have any particular insight or recent experience to share. -- Russell Senior russ...@pdxlinux.org
Re: [PLUG] New CUPS, ancient printers
On 9/29/23 11:50, Keith Lofstrom wrote: Does modern CUPS 2.3.3op2 (Debian 11) and contemporary Ubuntu work with 25yo HP4050n and HP4100n postscript 2 laser (not deskjet) printers? I'm encountering configuration issues, which may be PEBKAC ... You are probably going to need to describe the problems a little more completely to prompt useful thoughts on the subject, particularly since the population of people with your hardware today is likely to be small. While we are waiting for those, I'll just share my fun experience from Wednesday evening when I thought I'd try to print something from either of my inkjet printers: a pre-chip HP deskjet and a Brother. "F-you, low on Cyan!" or equivalent from each one. I had a colleague print it for me and it reminded me I should get a laser printer. https://twitter.com/System32Comics/status/1636611693043388418 When the revolution comes, the lawyers will have a temporary reprieve as the karmic balance is restored first with modern printer vendors. -- Russell Senior russ...@pdxlinux.org
Re: [PLUG] Battery Backup Question
Are you measuring the battery in-circuit or disconnected from the UPS? Did you change the load on the UPS? Does removing some load from the UPS allow it to work? -- Russell On Wed, Sep 27, 2023 at 3:44 PM Dick Steffens wrote: > > On 9/27/23 15:39, Bill Barry wrote: > > On Wed, Sep 27, 2023 at 5:16 PM Dick Steffens wrote: > >> On 9/27/23 14:12, Russell Senior wrote: > >>> I have a UPS in my basement right now, beeping every 14m53s and the > >>> battery is fine. The problem is oxide on the connector. Every 3-4 > >>> months I ritually disconnect and reconnect the battery terminals a few > >>> times to scrape off the oxide layer and it's well again. That is just > >>> to say that underlying causes can vary. There may be a manual > >>> somewhere that describes troubleshooting steps for your UPS, and > >>> describes lights and beeps and what they mean. > >> It did look like there might have been some corrosion on the battery > >> tabs. I applied your technique, and the battery tabs look cleaner. I > >> plugged the unit back into the wall and turned it on. Still has the same > >> problem: green light, then beep-beep followed by no power, which repeats. > >> > >> Right now I'm copying a few things from this machine to my laptop. Then > >> I'll shut down this machine, move the UPS over to the other end of the > >> desk, and plug in the other machine. > >> > >> Then I'll look into whether I need a UPS with more capacity. The one I > >> have is 850. There is a 1500. I'm guessing it's the next level up. Some > >> suppliers still have the 850, but it sounds like it's being retired in > >> favor of the 1500. > >> > >> Time to start researching UPSs again and see who currently makes the > >> best, moderately priced unit. Amazon has the 850 for $117. Best Buy no > >> longer has it. Amazon has the 1500 for $174. Best Buy, $222. > >> > >> Any recommendations for other brands? > >> > >> -- > >> Regards, > >> > >> Dick Steffens > > Why not get a new battery? > > I would expect the current battery, with 12.54v should have at least > started up, so I'm suspicious that it's not the battery. I can take it > up to the place I got it, Battery X-Change of Oregon City, and have them > test it, which I will probably do tomorrow. > > -- > Regards, > > Dick Steffens >
Re: [PLUG] Battery Backup Question
I have a UPS in my basement right now, beeping every 14m53s and the battery is fine. The problem is oxide on the connector. Every 3-4 months I ritually disconnect and reconnect the battery terminals a few times to scrape off the oxide layer and it's well again. That is just to say that underlying causes can vary. There may be a manual somewhere that describes troubleshooting steps for your UPS, and describes lights and beeps and what they mean. -- Russell Senior russ...@personaltelco.net On Wed, Sep 27, 2023 at 12:00 PM Dick Steffens wrote: > > We had a power outage this morning. My CyberPower 800AVR Battery Backup > did not work, meaning that when the power went off, the computer shut > down. After the power was restored, when I turned the unit back on, it > went through a repeating cycle of beep-beep, shut down, then beep-beep, > shut down, and so on. Is it possible that more than the battery may be > the problem? > > -- > Regards, > > Dick Steffens
Re: [PLUG] Recompiling 1989 text2ps.c
I recall using enscript or genscript with a customized header in the 1990s. On Mon, Sep 25, 2023, 23:26 Keith Lofstrom wrote: > No problem, actually a pleasant near-miracle. > > I've used native-postscript printers since the Apple > Laserwriter and BSD, and used Stephen Frede's 1989 (or > earlier) University of New South Wales student project > text2ps.c, to turn ascii text into 10 point Postscript > (with added headers, dates, and page numbers) for printing. > > I just recompiled text2ps for Debian 11, after using > it for years on SVR4, UTek, Redhat, Scientific Linux, > CentOS, etc. Still works the way I expect. > > So, I found Stephen Frede's email address in Australia, > and sent him a 34-year-belated thank you, which should > arrive before he leaves work after 5pm in Sydney. > > Keith > > -- > Keith Lofstrom kei...@keithl.com >
Re: [PLUG] Internship for people with Linux command line familiarity
Priority populations: "Black, Indigenous, People of Color (BIPOC), seniors, LGBTQIA+, immigrants and refugees, houseless or housing insecure, foster youth, domestic violence survivors, people impacted by incarceration, people with disabilities, and those living in poverty" On Sat, Sep 23, 2023 at 3:40 PM Russell Senior wrote: > > I'm involved with a grant funded project in which Personal Telco Project is > to indoctrinate a few people in Community Networking serving a target > population. We want people who are members of the target population, but in > order to meet the project goals we feel like they need to start with a basic > familiarity with Linux command line, since basically every part of the > network management will require it. Our partners are concerned they won't be > able to find anyone with the starting skills we have asked for. As someone > for whom the Year of the Linux Desktop has been every year since 1993, I have > trouble understanding their concern. We are only looking for a few people in > the Portland metro area, and there are certainly a few such people here, it > is just a matter of finding them and funneling them towards the entrance > gate. We aren't in charge of selecting people, but given our partners > concerns it seems appropriate to help them recruit potential candidates, and > PLUG seems like a good place to start looking. > > I have thought about asking local community colleges that teach Linux skills. > > Any other thoughts? > > -- > Russell Senior, President > russ...@personaltelco.net
[PLUG] Internship for people with Linux command line familiarity
I'm involved with a grant funded project in which Personal Telco Project is to indoctrinate a few people in Community Networking serving a target population. We want people who are members of the target population, but in order to meet the project goals we feel like they need to start with a basic familiarity with Linux command line, since basically every part of the network management will require it. Our partners are concerned they won't be able to find anyone with the starting skills we have asked for. As someone for whom the Year of the Linux Desktop has been every year since 1993, I have trouble understanding their concern. We are only looking for a few people in the Portland metro area, and there are certainly a few such people here, it is just a matter of finding them and funneling them towards the entrance gate. We aren't in charge of selecting people, but given our partners concerns it seems appropriate to help them recruit potential candidates, and PLUG seems like a good place to start looking. I have thought about asking local community colleges that teach Linux skills. Any other thoughts? -- Russell Senior, President russ...@personaltelco.net
[PLUG] Booting problems
On Tue, Sep 19, 2023 at 2:41 PM John Jason Jordan wrote: > > I'm back in Ubuntu, following my ninth failed attempt to install Debian > 12. But I should say at the beginning that, like Rich, I've used ext4 > for many years and have never had a problem. My issues with installing > Debian 12 is that it won't boot because of a failure in setting up Grub. > And the root cause of that is because I am too dumb to properly follow > the instructions in the Debian installer. Xubuntu is on a Samsung > M.2 drive of 1TB, and I'm trying to install Debian on a new > Samsung M.2 drive of 2TB. I can easily tell which is which when they > give me the Samsung product name, but while setting up Grub it asks > 'Install grub to your primary drive?' Well, which drive is that? Both > drives have a primary partition for / and a second logical partition > for /home. Your computer will find grub on *one* of the devices and use the configuration it finds there to show you a menu and then pick which OS to boot, which might be on different devices. Your machine's BIOS will tell it which device the machine looks for grub on. If it can't find grub on the first device, it might fall through to other devices (the priority is configured in your BIOS), but once it finds the bootloader (grub), it doesn't fall any further.
Re: [PLUG] Make secure shell work
I don't remember about debian, but ubuntu either doesn't install openssh-server or doesn't enable it by default. That should be all you need to do on either one. On machineA: sudo apt install openssh-server # make sure the openssh-server package is installed sudo systemctl enable ssh # make sure the ssh service starts on reboot sudo systemctl start ssh # make sure the ssh service is running now Then from machine B: ssh machineA It will probably prompt you to accept a new "host key" for machneA. It's okay to do that. Let us know if you run into any trouble with that. After that works, we can move on to fun things like ssh keys. -- Russell On Sun, Sep 17, 2023 at 3:32 PM John Jason Jordan wrote: > > On Sun, 17 Sep 2023 15:08:24 -0700 > Russell Senior dijo: > > >On Sun, Sep 17, 2023 at 11:05 AM John Jason Jordan > >wrote: > > > >> Several times over the years I gave tried to get ssh working, and I > >> always failed. > > > >Wait, what? > > > >Ssh shouldn't be hard. Like, at all. Let's fix that. What doesn't > >work? > > Good idea, but I'm currently in the middle of installing Debian 12 > Bookworm as a dual boot, using the brand new 2TB M.2 drive that I > bought this morning from Best Buy at Jantzen Beach. I recently bought > one for $120, but the price today was only $100. Ssh will have to wait, > but I'm eager to learn how to do it.
[PLUG] Make secure shell work
On Sun, Sep 17, 2023 at 11:05 AM John Jason Jordan wrote: > Several times over the years I gave tried to get ssh working, and I > always failed. Wait, what? Ssh shouldn't be hard. Like, at all. Let's fix that. What doesn't work? -- Russell Senior russ...@personaltelco.net
Re: [PLUG] Print a brochure or booklet in LibreOffice Writer
On 9/7/23 11:43, Dick Steffens wrote: 20 years ago I used to use Word Perfect in Win 95, and it was easy to print a booklet. I'm trying to achieve the same results in LibreOffice Writer 7.3.7.2 in Xubuntu 22.04. I have successfully managed to format the pages so that pages 1 and 4 print on one sheet, and 2 and 3 on another. My problem is that duplex printing, which usually works fine, is not working. I'm getting separate sheets. The paper is defined as 11.0 wide by 8.5 high. The pages are formatted as 5.5 wide by 8.5 high, so the end result should be one piece of paper that, when folded, reads like a booklet with page 1 on the front, pages 2 and 3 in the middle, and page 4 on the back. In the print dialog: Under properties of my HP MFP 148dw Duplex [On(Portrait)] and Paper tray [Automatic]. Range and Copies All Pages At the bottom there is a blue circle with a white dot in the middle next to the word Brochure. Clicking on it does not produce a change. I think the problem is the printer, but don't know what to do next. What am I missing? You could try to trick it by putting one sheet of paper in the printer at a time, then manually reload it in the correct orientation to print on the back. I agree this sounds like a printer problem. HP, so no surprise. NO CYAN! -- Russell Senior russ...@pdxlinux.org
[PLUG] ANNOUNCEMENT: September General Meeting is an UnPLUG at Rose City Book Pub
Portland Linux/Unix Group General Meeting Announcement We are going to do another Un-PLUG at the Rose City Book Pub this week for the PLUG meeting. Michael asked me to do the announcement, so here it is. Details below. We hope to have speakers again next month and the month after and forever and ever! Who: YOU! What: Un-PLUG: unsorted, on/off topic discussion by, for, and between us ... and anyone else within earshot Where: Rose City Book Pub, 1329 Northeast Fremont Street, Portland, OR, 97212 on the back patio When: Thursday, September 7, 2023 at 7pm Why: The pursuit of technology freedom Bio: all shapes and sizes Talk: yes, hopefully! Rules and Requests: PLUG is open to everyone and does not tolerate abusive behavior on its mailing lists or at its meetings -- Russell Senior PLUG Volunteer russ...@pdxlinux.org
Re: [PLUG] No Speaker for September yet, anybody want to or have a lead?
Building access and a sponsor, I think. I'd love to get back into PSU if possible. On Sun, Sep 3, 2023, 11:22 Michael Ewan wrote: > Remind me why we had a problem with the PSU venue, was it access to the > building, i.e. someone with an ID card to let folks in after hours? > Just curious now that I am a staff employee at PSU. > > > On Sun, Sep 3, 2023 at 3:47 AM Russell Senior > wrote: > > > We think we should defer you until a later date and go with the social > > hour this month while the weather is still decent. The PLUG general > > monthly meetings are the first thursday of the month, so the next date > > will be October 5th. Or November 2. Let us know what works better for > > you and what you'd like to talk about. > > > > Thanks! > > > > -- > > Russell Senior > > PLUG Volunteer > > russ...@pdxlinux.org > > > > On 9/1/23 16:50, markrobertcurry wrote: > > > Hello Russell & PLUG, > > > It would depend on which talk PLUG would be most interested in me > giving. > > > If you pick one of he talks I listed that's already completed, I'm > > > prepared to do it whenever. > > > If you pick one of the talks that are 85% completion, I'll need more > > > time to finalize it. > > > If you pick the talk I remastered for BSidesPDX: > > > (How To Create A Persistent, LUKS Encrypted USB With A LUKS > > > Killswitch Using Parrot Linux) > > > I rewrote all the slides, and they're ready to present. > > > I also recorded video tutorials of the whole process. > > > which will make it way easier for anyone interested in following along > > > (making it more of a workshop than a talk) > > > (I forgot the syntax during a live demo once, i'll never let that > > > happen again) > > > I also made a cheatsheet with all the CLI syntax used in the talk. > > > (along with a corresponding descriptions). > > > Honestly, I'm honored and super excited to get the chance to talk at a > > > Linux User Group! > > > I'm completely flexible as to when you would like me to give the talk. > > > I eagerly await the decision of the LUG board members. > > > > > > Thank you for time, and I appreciate you responding to my CFP > submission. > > > (I submitted talks to all the Portland InfoSec Meetups a month ago, > > > and only 2/8 of them responded) > > > I expected the InfoSec community in Portland to be much more put > > > together than it appears. > > > I moved here from from Iowa to work at Intel. > > > And the InfoSec monthly meetups were incredible! > > > Top of the industry CSOs would be there, and between 700-1,000 > > > attendees would show up each month. > > > I could really use some help meeting other people in the industry, > > > anyone's help would be greatly appreciated! > > > > > > > > > Sent from Proton Secure Email > > > > > > > > > > > > Original Message > > > On Aug 30, 2023, 12:52 PM, Russell Senior < russ...@pdxlinux.org> > wrote: > > > > > > > > > Thanks Mark! I forwarded this to Michael (also cc'd here). Would > > > you prefer this month or a later one? It might be better for us to > > > defer you until the weather is worse and the outdoor patio is less > > > viable, although if you are warming it up for BSides, then maybe > > > this month is better for you. -- Russell Senior PLUG Volunteer > > > russ...@pdxlinux.org On 8/29/23 20:06, markrobertcurry wrote: > > > > Hello Russell (and PLUG), > I am a Linux Engineer, I have studied > > > Linux for 12yr now. > I have given talks at 9 InfoSec conferences > > > over the years. > I recently remastered an old talk I gave years > > > ago titled: > "How To Create A Persistent, LUKS Encrypted USB With > > > A LUKS Killswitch > Using Parrot Linux" > I rewrote it for BSides > > > this year, but I think it would be a great > talk to give at a > > > PLUG meetup as well. > > Here is the CFP for the talk: > > ## > > > -- ## > > > > > In this presentation, I will cover: > > > Securely wipe > > > files/device partitions (6 different methods). > > Format the USB > > > device with Parrot Linux hybrid ISO. > > Create an Ext3 filesystem > > > on the persi
Re: [PLUG] No Speaker for September yet, anybody want to or have a lead?
We think we should defer you until a later date and go with the social hour this month while the weather is still decent. The PLUG general monthly meetings are the first thursday of the month, so the next date will be October 5th. Or November 2. Let us know what works better for you and what you'd like to talk about. Thanks! -- Russell Senior PLUG Volunteer russ...@pdxlinux.org On 9/1/23 16:50, markrobertcurry wrote: Hello Russell & PLUG, It would depend on which talk PLUG would be most interested in me giving. If you pick one of he talks I listed that's already completed, I'm prepared to do it whenever. If you pick one of the talks that are 85% completion, I'll need more time to finalize it. If you pick the talk I remastered for BSidesPDX: (How To Create A Persistent, LUKS Encrypted USB With A LUKS Killswitch Using Parrot Linux) I rewrote all the slides, and they're ready to present. I also recorded video tutorials of the whole process. which will make it way easier for anyone interested in following along (making it more of a workshop than a talk) (I forgot the syntax during a live demo once, i'll never let that happen again) I also made a cheatsheet with all the CLI syntax used in the talk. (along with a corresponding descriptions). Honestly, I'm honored and super excited to get the chance to talk at a Linux User Group! I'm completely flexible as to when you would like me to give the talk. I eagerly await the decision of the LUG board members. Thank you for time, and I appreciate you responding to my CFP submission. (I submitted talks to all the Portland InfoSec Meetups a month ago, and only 2/8 of them responded) I expected the InfoSec community in Portland to be much more put together than it appears. I moved here from from Iowa to work at Intel. And the InfoSec monthly meetups were incredible! Top of the industry CSOs would be there, and between 700-1,000 attendees would show up each month. I could really use some help meeting other people in the industry, anyone's help would be greatly appreciated! Sent from Proton Secure Email Original Message ---- On Aug 30, 2023, 12:52 PM, Russell Senior < russ...@pdxlinux.org> wrote: Thanks Mark! I forwarded this to Michael (also cc'd here). Would you prefer this month or a later one? It might be better for us to defer you until the weather is worse and the outdoor patio is less viable, although if you are warming it up for BSides, then maybe this month is better for you. -- Russell Senior PLUG Volunteer russ...@pdxlinux.org On 8/29/23 20:06, markrobertcurry wrote: > Hello Russell (and PLUG), > I am a Linux Engineer, I have studied Linux for 12yr now. > I have given talks at 9 InfoSec conferences over the years. > I recently remastered an old talk I gave years ago titled: > "How To Create A Persistent, LUKS Encrypted USB With A LUKS Killswitch > Using Parrot Linux" > I rewrote it for BSides this year, but I think it would be a great > talk to give at a PLUG meetup as well. > > Here is the CFP for the talk: > > ## -- ## > > In this presentation, I will cover: > > > Securely wipe files/device partitions (6 different methods). > > Format the USB device with Parrot Linux hybrid ISO. > > Create an Ext3 filesystem on the persistent partition. > > Create LUKS encrypted container on the persistent partition. > > Create a mount point, and mount the new LUKS encrypted partition. > > Dump the header information of a LUKS device. > > Add a nuke slot to the LUKS header. > > Create a binary backup of the LUKS header and keyslot area. > > Encrypt the LUKS header with OpenSSL for secure storage. > > Decrypt the LUKS header with OpenSSL for secure storage. > > Erase all LUKS key slots on persistant partition. > > Restore LUKS header from binary backup file. > > ## -- ## > > > Here are the slides: > https://gitlab.com/xe1phix/ParrotSecWiki/-/blob/InfoSecTalk/Xe1phix-InfoSec-Talk-Materials/How-To-Create-A-%5BPersistent%5D-%5BLUKS-Encrypted%5D-USB-Device-With-%5BParrot-Linux%5D-v2-%5BBSidesPDX%5D-2023/How-To-Create-A-%5BPersistent%5D-%5BLUKS-Encrypted%5D-USB-Device-With-%5BParrot-Linux%5D-v2-%5BSlides%5D/Xe1phix-_Encrypted-Persistent-USB-NukeSlot_-Slides-_v15.7.84_.pdf> > > If you aren't interested in this talk, > I have several completed talks on hand: > > Secure Linux VPNs - Mullvad (Wireguard, OpenVPN) + ProtonVPN > > Encrypting files with friends using GnuPG > > Intro to Linux filesystems (ZFS, Btrfs, XFS, and Ext4) > > Secure Linux San
[PLUG] No Speaker for September yet, anybody want to or have a lead?
Hi folks, Neither Michael (last I checked) nor I have a speaker lined up for September 7. Does anyone have something they'd like to talk about or know anyone who might? If not, we are rapidly heading for another UnPLUG at, presumably, Rose City Book Pub again. I joked last month that the last speaker was responsible for finding the next speaker, or they had to speak again. But everyone just laughed. I thought it sounded like a great idea. Anyway, ANY IDEAS? Reply to plug@pdxlinux.org or me. Thanks! -- Russell Senior PLUG Volunteer russ...@pdxlinux.org
Re: [PLUG] Zoom error 10?
I have been successfully joining Zoom meetings in my browser (firefox). There is a hard to see link on the meeting page, you can refuse to open their application and just click the "join in browser" link instead. Since I've been using the browser version exclusively for the last 6 months or more, I don't know anything (recent) about the Zoom application. At a rough approximation, Wayland is a "modern" window management system to replace X11, the latter of which has supported graphical applications on Linux/Unix since the dawn of time. The distinction is intended to be invisible to normal users. More detail and perhaps accuracy is available here: https://en.wikipedia.org/wiki/Wayland_(protocol) -- Russell On Fri, Aug 18, 2023 at 3:13 PM Denis Heidtmann wrote: > > I installed the latest Zoom (at Zoom's insistence). The package manager > shows version 2.0.106600.0904 > doubleclick (runs software install) show version 5.15.7.6521 > > When I attempt to run zoom via a link in an email I get unexpected error > code 10. I occasionally find that zoom is already running; On those > occasions I use top to kill that instance. I still get the error. Running > in a terminal gets me to the screen where I can input the meeting number; I > get the same error. > > I am above my pay grade on this. I am hoping for some help. > I am running Ubuntu 20.04.6 LTS > > Thanks, > -Denis
Re: [PLUG] Seeking a Universal Remote
Looks like this is Linux software that will let you program your remote. Caveat, I found it in the Internet, no personal experience. https://github.com/jaymzh/concordance On Sat, Aug 5, 2023, 20:58 Russell Senior wrote: > This is all semi-gibberish to me, but I did find this: > >https://gist.github.com/amhendley/89965125556b219f84fd > > On 8/5/23 07:42, Michael Rasmussen wrote: > > Looking for a universal remote for TVs that is Linux programmable. I > > have a Logitech Harmony 650 that works fine - until I need to change it. > > > > Any suggestions? > > > >
Re: [PLUG] Seeking a Universal Remote
This is all semi-gibberish to me, but I did find this: https://gist.github.com/amhendley/89965125556b219f84fd On 8/5/23 07:42, Michael Rasmussen wrote: Looking for a universal remote for TVs that is Linux programmable. I have a Logitech Harmony 650 that works fine - until I need to change it. Any suggestions?
Re: [PLUG] Replacing github public key
>>>>> "Rich" == Rich Shepard writes:
Rich> -rw--- 1 rshepard users 1766 Jul 31 07:16 id_rsa.github
Rich> -rw-r--r-- 1 rshepard users 406 Jul 31 07:16 id_rsa_github.pub
I don't know if that's a typo, but the private key (the one without the
.pub suffix) has filename punctuation that does not match the public key
('.github' instead of a '_github'). Perhaps that was your problem.
--
Russell Senior
russ...@pdxlinux.org
Re: [PLUG] wikis breaking on updates (was: Re: Upgrage Breaks MediaWiki - why?)
On 7/31/23 23:15, Ben Koenig wrote: The longterm success and/or failure of any software project comes down to the maintainability of the codebase. Projects with good, clean codebases get more love because the cost of contributing is much lower. Given how many big projects use moinmoin I think it's safe to say that nobody has bothered to fix it because it's a hot fucking mess. The wikipedia entry says "a steamed or boiled bean pudding". I think what actually happened is that v1.x achieved a kind of stability and it basically didn't change for a decade and the people who knew how it worked kind of wandered away. It was only the abandonment of python2 that has led to the "crisis". There has been a slow moving effort to build a v2 of MoinMoin, but it's reportedly not ready for production, or wasn't when I looked last (again, about a year ago). -- Russell Senior russ...@pdxlinux.org
Re: [PLUG] wikis breaking on updates (was: Re: Upgrage Breaks MediaWiki - why?)
Moinmoin isn't a binary, fwiw. On Mon, Jul 31, 2023, 17:31 Ted Mittelstaedt wrote: > > > a dead-end solution with a future of pain, fragility, and > >(probably) unpatched security vulnerabilities while people scramble to > find > and implement a solution (that may no >longer exist within even a > reasonable > set of parameters). > > I feel compelled to point out that if people spent half the time simply > paying a software programmer to upgrade the codebase of these projects that > they spend complaining about the projects becoming dead end, that they > would > have updated projects that work for a tenth of the price that Micro$oft > wants them to pay for windows versions of things. > > How many hundreds if not thousands of wikis on the Internet that use > Moinmoin have ever just considered posting a message "We just upgraded to > Debian Bullseye and we get 10 compiler errors when attempting to build > Moinmoin on it. $5000 to the first person who fixes that and produces a > functioning binary, and feeds the changes back into the public source" > > OR, how many of them have picked up a compiler and tried their hand at > fixing it themselves? > > Ted > > -Original Message- > From: PLUG [mailto:plug-boun...@pdxlinux.org] On Behalf Of Paul Heinlein > Sent: Monday, July 31, 2023 8:38 AM > To: Portland Linux/Unix Group > Subject: Re: [PLUG] wikis breaking on updates (was: Re: Upgrage Breaks > MediaWiki - why?) > > On Sun, 30 Jul 2023, Russell Senior wrote: > > > A slightly related story: Debian's wiki is moinmoin. Moinmoin v1.x is > > based on python 2. Python2 is (of course) deprecated and pretty much > > abandoned as of Debian Bullseye. It seems somewhat ironic that the > > wiki that proudly announces Debian 12 (bookworm) as of July 22, has to > > run Debian 10 (buster, i.e. oldoldstable) because that's the last > > version that supports python2 enough to run the wiki. > > > > > > https://u35970666.ct.sendgrid.net/ls/click?upn=TqJK0v-2BTL1dmkjS-2FZRB > > wGRDG4t3PuCk88LFqqcTvyYGDJGeFNIjwU8pGkcA3tIrkXxPogHNGRue04tX0s41yELyVT > > 2kQTzNKeJ1a3JRIU5c-3DkyL0_VIYZ4N8dmyIPGy7Y8nsPO1q5dom4O0HMDO1WKXG4iy6c > > RPYqUFHozao-2Fpbo-2BoZqOchXuKORABSzW180gWYBHeRPNrdK7edxBEXDVaeFmkWm4xn > > UhizY9EOtln7Mj8LEiArb78-2BbHAD0AsaSTK9AWj1JB0cOk7hkn-2BvgslB0tXdYqMV8B > > ZkiZeBlgfBwozTDycTSoXvNA4kNrtVykLP6PwQ-3D-3D > > > > I have a particularly acute awareness of this because Personal Telco's > > wiki also uses moinmoin, and it stopped working when I tried to update > > to Debian 11 (bullseye) about a year ago. We had a brief outage while > > I figured out what had gone wrong. > > This is a sadly familiar story. A high-level software package depends on > dozens, perhaps hundreds, of lower-level language runtimes, libraries, and > even utilities. One or more of those lower-level packages gets deprecated, > drops features, becomes orphaned, or simply doesn't keep up with the rest > of > the dependency ecosystem. > > Voila -- a dead-end solution with a future of pain, fragility, and > (probably) unpatched security vulnerabilities while people scramble to find > and implement a solution (that may no longer exist within even a reasonable > set of parameters). > > I feel vaguely guilty every time I say it, but if computers were easy I > wouldn't have a job. > > -- > Paul Heinlein > heinl...@madboa.com > 45°22'48" N, 122°35'36" W > >
Re: [PLUG] Github question
https://docs.github.com/en/site-policy/other-site-policies/github-account-recovery-policy On Mon, Jul 31, 2023 at 3:24 PM Michael Ewan wrote: > > That is the tricky part. My Github account was linked in some corporate > magic with my company email, and even though I remember the password it > wants to verify with my old inaccessible company email. I guess I will > need to create a new account and forget about whatever I was working on in > my personal account. > > On Mon, Jul 31, 2023 at 3:13 PM Rich Shepard > wrote: > > > On Mon, 31 Jul 2023, Michael Ewan wrote: > > > > > How does one delete a GitHub account? I have one from my previous > > employer > > > that I need to delete and use a previous personal (school) account. > > > > Login to your github account. In the upper, right corner there's a symbol > > at > > the right end; click on it. > > > > Select Settings -> My Account and that should allow you to delete it. > > Otherwise it's somewhere else in the settings menu. > > > > Rich > >
[PLUG] wikis breaking on updates (was: Re: Upgrage Breaks MediaWiki - why?)
A slightly related story: Debian's wiki is moinmoin. Moinmoin v1.x is based on python 2. Python2 is (of course) deprecated and pretty much abandoned as of Debian Bullseye. It seems somewhat ironic that the wiki that proudly announces Debian 12 (bookworm) as of July 22, has to run Debian 10 (buster, i.e. oldoldstable) because that's the last version that supports python2 enough to run the wiki. https://packages.debian.org/search?keywords=python-moinmoin I have a particularly acute awareness of this because Personal Telco's wiki also uses moinmoin, and it stopped working when I tried to update to Debian 11 (bullseye) about a year ago. We had a brief outage while I figured out what had gone wrong. -- Russell Senior russ...@personaltelco.net On Sun, Jul 30, 2023 at 12:17 PM Ben Koenig wrote: > > --- Original Message --- > On Sunday, July 30th, 2023 at 11:31 AM, Michael Rasmussen > wrote: > > > > Short Story: > > Running MediaWiki, a php based app > > Upgraded my Archlinux host with `pacman -Syu` > > MediaWiki Breaks with this error: > > > > Installing some PHP extensions is required. > > Required components > > You are missing a required extension to PHP that MediaWiki requires to > > run. Please install: > > intl (more information) > > > > Long Story: > > intl has been required since v1.36 - several versions back that I have > > used all along > > > > I checked php.ini to verify that it had not be chanced in the process. I > > found: > > > > extension=intl.so > > [intl] > > ;intl.default_locale = > > ; happens within intl functions. The value is the level of the error > > produced. > > intl.error_level = E_WARNING > > intl.use_exceptions = 0 > > > > So that is in place and functional. > > > > Do you have any idea about what to check? Arch normally reliable source > > of help has come up dry thus far. > > > > -- > > > > Michael Rasmussen > > Be Appropriate && Follow Your Curiosity > > I'd check the release notes and migration log for the new version of > mediawiki. It sounds like there was a change to the dependencies and it might > not be happy with the version you have installed. > > You can also verify that this module is for the same version of PHP as your > mediawiki installation. > -Ben
Re: [PLUG] Absolute vs. Relative sound level?
If pavucontrol makes it too loud, you can damped the speakers with a small piece of Sugru. ;-) -- Russell Senior russ...@personaltelco.net On Sun, Jul 23, 2023, 16:50 Tomas Kuchta wrote: > - pavucontrol - > > On Sun, Jul 23, 2023, 01:03 Dick Steffens wrote: > > > Is there a way to view and change the sound level in Linux? I'm > > interested in knowing what the hardware setting is for playing sound. I > > know I can change the level with the + and - keys on my laptop, or also > > from the program playing the music, but I'd like to know what the system > > thinks the number is from where I start raising or lowering the level, > > and I'd like to be able to set the level to a specific point. > > > > -- > > Regards, > > > > Dick Steffens > > >
Re: [PLUG] autofs not working
On 7/22/23 16:36, bri...@pounceofcats.com wrote: I've set up autofs on 3 different computers and it works great. computer #4 will not work. I've checked everything I can think of and all I get is No such file or directory service autofs status says it is running. my fstab is set up correctly (verified by creating a mount point and using it) I've checked all of the configuration files against the working machine. I'm out of ideas. What distribution? I don't really know anything about autofs, but I didn't see you mention permissions. Probably worth checking those. -- Russell Senior russ...@pdxlinux.org
Re: [PLUG] Question on USB audio drivers in linux and Logitech H390 Headphones
Did you find this? https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776995 It suggests a fix using pactl. Tomas has wisely suggested in the past that virtually all problems can be solved with some combination of Sugru and pavucontrol. Those words echo in my ears. On 7/21/23 13:43, Russell Senior wrote: Unlikely big volume range -- Russell Senior russ...@pdxlinux.org
Re: [PLUG] Question on USB audio drivers in linux and Logitech H390 Headphones
On 7/21/23 11:21, American Citizen wrote:
Some work this morning has shown the following
% lsusb -t
is identical for both the old and new headphones
% sudo lshw -C sound
shows slight differences
Old headphones:
product: Logitech USB Headset Logitech USB Headset
vendor: Logitech USB Headset
version: 0.12
capabilities: usb-1.10 audio-control usb
New headphones:
product: Logitech Logi USB Headset Consumer Control
vendor: Logitech
version: 0.15
capabilities: usb-2.00 audio-control usb
So the new headphones wants a USB 2.0 interface? Is that the correct
interpretation here? (I did try both the older USB-1.1 and USB-2
interfaces with the new headphones, nothing worked properly)
% sudo dmesg shows major differences
old headphones:
[72334.465879] usb 1-1.3: new full-speed USB device number 16 using
ehci-pci
[72335.887506] usb 1-1.3: New USB device found, idVendor=046d,
idProduct=0a8f, bcdDevice= 0.12
[72335.887512] usb 1-1.3: New USB device strings: Mfr=3, Product=1,
SerialNumber=0
[72335.887513] usb 1-1.3: Product: Logitech USB Headset
[72335.887514] usb 1-1.3: Manufacturer: Logitech USB Headset
[72336.655509] input: Logitech USB Headset Logitech USB Headset as
/devices/pci:00/:00:1a.0/usb1/1-1/1-1.3/1-1.3:1.3/0003:046D:0A8F.0015/input/input60
[72336.714020] hid-generic 0003:046D:0A8F.0015: input,hidraw1: USB
HID v1.11 Device [Logitech USB Headset Logitech USB Headset] on
usb-:00:1a.0-1.3/input3
New headphones:
[72432.988954] usb 1-1.3: new full-speed USB device number 17 using
ehci-pci
[72433.103922] usb 1-1.3: New USB device found, idVendor=046d,
idProduct=0a7a, bcdDevice= 0.15
[72433.103925] usb 1-1.3: New USB device strings: Mfr=1, Product=2,
SerialNumber=0
[72433.103927] usb 1-1.3: Product: Logi USB Headset
[72433.103928] usb 1-1.3: Manufacturer: Logitech
[72433.146175] usb 1-1.3: Warning! Unlikely big volume range (=2304),
cval->res is probably wrong.
[72433.146179] usb 1-1.3: [7] FU [Sidetone Playback Volume] ch = 1,
val = -3840/-1536/1
[72433.180951] usb 1-1.3: Warning! Unlikely big volume range
(=10496), cval->res is probably wrong.
[72433.180954] usb 1-1.3: [2] FU [USB Audio Playback Volume] ch = 2,
val = -10496/0/1
[72433.212798] usb 1-1.3: Warning! Unlikely big volume range (=4352),
cval->res is probably wrong.
[72433.212800] usb 1-1.3: [5] FU [USB Audio Capture Volume] ch = 1,
val = -1536/2816/1
[72433.214496] input: Logitech Logi USB Headset Consumer Control as
/devices/pci:00/:00:1a.0/usb1/1-1/1-1.3/1-1.3:1.3/0003:046D:0A7A.0016/input/input61
[72433.273108] hid-generic 0003:046D:0A7A.0016: input,hidraw1: USB
HID v1.11 Device [Logitech Logi USB Headset] on
usb-:00:1a.0-1.3/input3
The odd messages about big volume range configuration parameters
possibly incorrect is a hint as to why the headphones play with 1/2
volume. Something is obviously wrong here as far as configuration
parameters
Here's where the warning message is coming from (git blame
sound/usb/mixer.c):
6bc170e4e8ac4 sound/usb/mixer.c (Daniel Mack 2014-05-24
10:58:16 +0200 1800) /*
6bc170e4e8ac4 sound/usb/mixer.c (Daniel Mack 2014-05-24 10:58:16
+0200 1801) * Are there devices with volume range more than
255? I use a bit more
80acefff3bc7b sound/usb/mixer.c (Oleksij Rempel 2011-03-10 14:53:38
+0100 1802) * to be sure. 384 is a resolution magic number
found on Logitech
80acefff3bc7b sound/usb/mixer.c (Oleksij Rempel 2011-03-10 14:53:38
+0100 1803) * devices. It will definitively catch all buggy
Logitech devices.
80acefff3bc7b sound/usb/mixer.c (Oleksij Rempel 2011-03-10 14:53:38
+0100 1804) */
80acefff3bc7b sound/usb/mixer.c (Oleksij Rempel 2011-03-10 14:53:38
+0100 1805) if (range > 384) {
17156f23e93c0 sound/usb/mixer.c (Ruslan Bilovol 2018-05-04 04:24:04
+0300 1806) usb_audio_warn(mixer->chip,
82c1cf0a7fe13 sound/usb/mixer.c (Michał Mirosław 2014-08-03
15:09:57 +0200 1807) "Warning! Unlikely big volume range (=%u),
cval->res is probably wrong.",
6bc170e4e8ac4 sound/usb/mixer.c (Daniel Mack 2014-05-24 10:58:16
+0200 1808) range);
Question:
Does the snd-usb-audio kernel module need to be updated to work
properly with the newer Logitech H390 headset? The incorrect volume
parameter settings found in the dmesg would indicate to me that
updating is required.
Those values look wrong, so it could be they are being read wrong. Did
the headset come with a "driver CD" or anything like that? If so, maybe
worth looking to see what's on it.
--
Russell Senior
russ...@pdxlinux.org
Re: [PLUG] Question on USB audio drivers in linux and Logitech H390 Headphones
IIRC, usb-audio is a generic driver that should support any USB audio device. The firmware update would be updating the firmware in the headset. Do you have a firmware blob to update with? Can you just use dfu-util? The problem with the old headset (if my pile of old-broken headsets are any indication) is a tiny broken wire, either at the plug or at the earphone. -- Russell Senior russ...@personaltelco.net On Thu, Jul 20, 2023 at 5:56 PM American Citizen wrote: > > As a follow up some pertinent information on this problem > > https://unix.stackexchange.com/questions/468631/how-do-you-update-the-firmware-on-a-usb-device-with-a-device-firmware-update-df > > shows how to update the firmware for USB devices > > Unfortunately the fwupd service is solidly broken on my openSuse Linux > system. > > Trying to start the fwupd service solidly crashes with the error that > the TPM (trusted processor module) does not have a GUID. > > Basically I am stuck in the water without an oar or paddle. > > Does anyone have a working fwup manager service running on their linux PC? > >
Re: [PLUG] Help with weird device errors
It might be unrelated. Or maybe somehow touching a disk is triggering a probe of the floppy. Just wild speculation. Trying to disable the drive in bios or rmmod'ing the floppy driver might change the behavior. On Sat, Jul 15, 2023, 22:23 Michael Ewan wrote: > I did think of removing the floppy in BIOS, but the question still presents > itself, why do I get errors when accessing a mounted disk? > > On Sat, Jul 15, 2023 at 10:15 PM Russell Senior > > wrote: > > > This might be relevant: > > > > > > > https://unix.stackexchange.com/questions/53513/linux-disable-dev-fd0-floppy > > > > -- > > Russell > > > > On Sat, Jul 15, 2023 at 9:28 PM Michael Ewan > > wrote: > > > > > > I am setting up a file server, currently Ubuntu Server 22.04. I have > > three > > > 1TB data disks, two act normally, the third is telling me there are > > errors > > > on the floppy device. Could someone shed some light on this? Thanks. > > > The disks are in an LVM volume group, the logical volumes are specified > > as > > > the whole disk to isolate one from the other. They have an XFS file > > > system. I was running Bonnie++ to exercise the disks. Here is the > dmesg > > > output. > > > This is repeatable. > > > > > > [105001.499913] xfs filesystem being mounted at /data2 supports > > timestamps > > > until 2038 (0x7fff) > > > [111473.198440] floppy0: disk absent or changed during operation > > > [111473.198449] print_req_error: 4 callbacks suppressed > > > [111473.198451] blk_update_request: I/O error, dev fd0, sector 0 op > > > 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 > > > [111473.198526] floppy0: disk absent or changed during operation > > > [111473.198529] blk_update_request: I/O error, dev fd0, sector 0 op > > > 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 > > > [111473.198543] Buffer I/O error on dev fd0, logical block 0, async > page > > > read > > > [111475.418535] floppy0: disk absent or changed during operation > > > [111475.418543] blk_update_request: I/O error, dev fd0, sector 0 op > > > 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 > > > [111475.418627] floppy0: disk absent or changed during operation > > > [111475.418630] blk_update_request: I/O error, dev fd0, sector 0 op > > > 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 > > > [111475.418645] Buffer I/O error on dev fd0, logical block 0, async > page > > > read > > > [111476.023674] floppy0: disk absent or changed during operation > > > [111476.023682] blk_update_request: I/O error, dev fd0, sector 0 op > > > 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 > > > [111476.023812] floppy0: disk absent or changed during operation > > > [111476.023815] blk_update_request: I/O error, dev fd0, sector 0 op > > > 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 > > > [111476.023825] Buffer I/O error on dev fd0, logical block 0, async > page > > > read > > >
Re: [PLUG] Help with weird device errors
This might be relevant: https://unix.stackexchange.com/questions/53513/linux-disable-dev-fd0-floppy -- Russell On Sat, Jul 15, 2023 at 9:28 PM Michael Ewan wrote: > > I am setting up a file server, currently Ubuntu Server 22.04. I have three > 1TB data disks, two act normally, the third is telling me there are errors > on the floppy device. Could someone shed some light on this? Thanks. > The disks are in an LVM volume group, the logical volumes are specified as > the whole disk to isolate one from the other. They have an XFS file > system. I was running Bonnie++ to exercise the disks. Here is the dmesg > output. > This is repeatable. > > [105001.499913] xfs filesystem being mounted at /data2 supports timestamps > until 2038 (0x7fff) > [111473.198440] floppy0: disk absent or changed during operation > [111473.198449] print_req_error: 4 callbacks suppressed > [111473.198451] blk_update_request: I/O error, dev fd0, sector 0 op > 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 > [111473.198526] floppy0: disk absent or changed during operation > [111473.198529] blk_update_request: I/O error, dev fd0, sector 0 op > 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 > [111473.198543] Buffer I/O error on dev fd0, logical block 0, async page > read > [111475.418535] floppy0: disk absent or changed during operation > [111475.418543] blk_update_request: I/O error, dev fd0, sector 0 op > 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 > [111475.418627] floppy0: disk absent or changed during operation > [111475.418630] blk_update_request: I/O error, dev fd0, sector 0 op > 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 > [111475.418645] Buffer I/O error on dev fd0, logical block 0, async page > read > [111476.023674] floppy0: disk absent or changed during operation > [111476.023682] blk_update_request: I/O error, dev fd0, sector 0 op > 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 > [111476.023812] floppy0: disk absent or changed during operation > [111476.023815] blk_update_request: I/O error, dev fd0, sector 0 op > 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 > [111476.023825] Buffer I/O error on dev fd0, logical block 0, async page > read
[PLUG] REMINDER: July General Meeting is another Un-PLUG at Rose City Book Pub
On 6/21/23 15:03, Russell Senior wrote: Portland Linux/Unix Group General Meeting Announcement Michael has a speaker semi-committed, but now for August. Which leaves us bereft of edutainment in the short term. So, as suggested earlier, we are going to do another Un-PLUG at the Rose City Book Pub in early July. Michael asked me to do the announcement, so here it is. Details below. Who: YOU! What: Un-PLUG: unsorted, on/off topic discussion by, for, and between us ... and anyone else within earshot Where: Rose City Book Pub, 1329 Northeast Fremont Street, Portland, OR, 97212 on the back patio When: Thursday, July 6, 2023 at 7pm Why: The pursuit of technology freedom Bio: all shapes and sizes Talk: yes, hopefully! Rules and Requests: PLUG is open to everyone and does not tolerate abusive behavior on its mailing lists or at its meetings
[PLUG] ANNOUNCEMENT: July General Meeting is another Un-PLUG at Rose City Book Pub
Portland Linux/Unix Group General Meeting Announcement Michael has a speaker semi-committed, but now for August. Which leaves us bereft of edutainment in the short term. So, as suggested earlier, we are going to do another Un-PLUG at the Rose City Book Pub in early July. Michael asked me to do the announcement, so here it is. Details below. Who: YOU! What: Un-PLUG: unsorted, on/off topic discussion by, for, and between us ... and anyone else within earshot Where: Rose City Book Pub, 1329 Northeast Fremont Street, Portland, OR, 97212 on the back patio When: Thursday, July 6, 2023 at 7pm Why: The pursuit of technology freedom Bio: all shapes and sizes Talk: yes, hopefully! Rules and Requests: PLUG is open to everyone and does not tolerate abusive behavior on its mailing lists or at its meetings -- Russell Senior PLUG Volunteer russ...@pdxlinux.org
Re: [PLUG] A hardware issue [UPDATE 2]
On Thu, Jun 15, 2023 at 4:01 PM Rich Shepard wrote: > On Thu, 15 Jun 2023, Michael Ewan wrote: > > > sudo umount /boot/efi > > sudo fsck /dev/sda1 > > sudo mount /boot/efi > > Logged in as root: > # umount /boot/efi > # fsck /dev/sda1 > fsck from util-linux 2.27.1 > fsc.fat 3.0.28 (2015-05-16) > 0x41: Dirty bit is set. Fs was not properly unmounted and some data may be > corrupt. > 1) Remove dirty bit > 2) No action > ? > # mount /dev/sda1 > > What's a dirty bit? It literally says right there "Fs [filesystem] was not properly unmounted [because you power cycled it, rather than reboot] and some data may be corrupt [although it won't be, because you weren't writing anything to the filesystem when you powercycled it, but the OS doesn't know that, it just noticed that the dirty bit was still set because you had not unmounted it cleanly]" > How do I remove it? > Press '1' at the prompt, like the rudimentary menu suggests. Or, alternatively (after unmounting) auto-repair with: fsck.vfat -y /dev/sda1 There is a manual page for fsck.vfat on most systems: man fsck.vfat -- Russell Senior russ...@personaltelco.net
Re: [PLUG] A hardware issue [UPDATE]
Does it still boot despite the warning? If so, after booting, you ought to be able to unmount /boot and do the fsck. On Thu, Jun 15, 2023, 09:32 Rich Shepard wrote: > On Thu, 15 Jun 2023, Rich Shepard wrote: > > > The desktop is still turned on but needs rebooting and I need to learn > > what's wrong so I can fix it. > > UPDATE: > > /var/log/syslog tells me: > Jun 15 05:35:10 salmo kernel: [ 36.853148] FAT-fs (sda1): Volume was not > properly unmounted. Some > data may be corrupt. Please run fsck. > > /dev/sda1 is /boot/efi type vfat (rw) > > How do I fsck the /boot partition? > > Rich >
Re: [PLUG] Sluggish response
Memory can be surprisingly cheap. Find out exactly what kind of memory your machine uses and what its maximum is. I use the crucial.com system to identify the make/model of the computer and it should give you a rundown of what it takes. They you can shop around for the matching specs. I have a bunch of computers I've maxed out to like 32GB. I think the last batch I got from freegeek's online ebay store. -- Russell On Tue, Jun 13, 2023 at 5:53 PM Dick Steffens wrote: > On 6/13/23 14:30, Russell Senior wrote: > > Using any swap at all, which you are, implies it's a memory pressure > issue. > > See if you can add more memory. Also, check "top" and sort by memory use. > > > > The biggest culprit is VirtualBoxVM, but I need it to run transcription > playback software. I haven't found any Linux tools that work with a foot > pedal for starting and stopping playback. There used to be one called > transcribe, but it disappeared a few years ago. Of course, several > others turned up when I just went looking. I'll have to experiment with > them and see if they'll do the job. The current program I use on Win7, > GearPlayer 4, has been upgraded to the point where it requires Win10. > I'm not all that interested in replacing my virtual Win7. > > PID USER PR NIVIRTRESSHR S %CPU %MEM TIME+ COMMAND > 2061 rsteff20 0 4847072 2.1g 2.1g S 15.3 27.4 1960:53 > VirtualBoxVM > 1656 rsteff20 0 3587936 468764 91172 S 15.0 5.8 106:08.50 > thunderbird > 211291 rsteff20 0 948480 463596 21044 S 0.0 5.8 0:27.43 > gnome-software > 147367 rsteff20 0 32.8g 379524 131392 S 1.0 4.7 54:15.38 > brave > 255269 rsteff20 0 1130.9g 163716 110792 S 1.3 2.0 0:02.96 brave > 255117 rsteff20 0 1130.9g 152504 109708 S 0.0 1.9 0:46.28 brave > 255202 rsteff20 0 1130.9g 145808 109784 S 0.0 1.8 0:01.47 brave > 147401 rsteff20 0 32.6g 126224 58864 S 1.0 1.6 126:21.29 > brave > 212269 root 20 0 4302448 113208 12160 S 1.0 1.4 71:43.79 > Muse.Service > 1344 rsteff20 0 418448 85380 19460 S 0.0 1.1 3:15.55 > xfce4-panel > 873 root 20 0 365564 78364 52932 S 6.0 1.0 180:29.09 > Xorg > 253864 root 20 0 437088 78188 27232 S 0.0 1.0 0:01.38 fwupd > 147403 rsteff20 0 32.4g 76472 47904 S 0.0 1.0 11:04.62 > brave > 1406 rsteff20 0 1218504 76340 26152 S 0.0 1.0 6:01.23 > Thunar > 147448 rsteff20 0 1130.9g 66212 43440 S 0.0 0.8 0:07.16 brave > 255382 rsteff20 0 1130.9g 66100 50572 S 0.0 0.8 0:00.01 brave > 147415 rsteff20 0 32.4g 40088 23276 S 0.0 0.5 0:52.85 brave > 148296 rsteff20 0 32.6g 39624 26444 S 0.0 0.5 4:54.82 brave > > Of course, this is a limited list, but there are a lot of brave entries > on it. But other than Thunderbird, most of these seem to be small > amounts of usage. > > I'll do some more research on alternatives to GearPlayer. Assuming I > find something, I'll need to learn how to share files with my wife's > Win7 machine. I know it's possible, but I haven't put the time into it, > since I can do it between her machine and my virtual Win7 machine. > > The other thing is that while it's annoying, I can live with the > problem, and life keeps happening. Tomorrow we try to go get > strawberries and then have to process them for freezing. And that's way > more interesting and important that a sluggish machine. :-) > > -- > Regards, > > Dick Steffens > >
Re: [PLUG] Sluggish response
Using any swap at all, which you are, implies it's a memory pressure issue. See if you can add more memory. Also, check "top" and sort by memory use. -- Russell Senior russ...@personaltelco.net On Tue, Jun 13, 2023 at 2:26 PM Dick Steffens wrote: > I'm running Xubuntu 20.04. I'm experiencing longer than expected delays > from time to time. Generally, within any application, things are fine. I > don't have any issues with delays in programs like LibreOffice Writer. > It's mostly when starting an application. Sometimes it's when copying or > moving a file from one directory to another. The most recent example is > I had just finished editing an .m4a recording with Audacity. I exported > it as a .mp3 file. My default is to save files to the desktop and them > move them to the directory where I want them to live. It took nearly a > minute to move the 4.3 MB .mp3 file from the desktop to another > directory. I plan to keep the original file, but I couldn't move it > until the process of moving the .mp3 file completed. Then I could move > the .m4a file. It is also 4.3 MB, and also took nearly a minute to move. > > Another example is how long it takes some applications to load. I recall > starting up LibreOffice Writer in just a couple seconds. Now it takes > closer to 30 seconds. Top doesn't give me any useful clues as to whether > something is hogging all the processing power. > > The processor is an Intel(R) Core(TM) i3-4130 CPU @ 3.40GHz. > > free -h tells me > rsteff@ENU-1:~$ free -h >totalusedfree shared buff/cache > available > Mem: 7.6Gi 4.6Gi 169Mi 756Mi 2.9Gi 2.0Gi > Swap: 2.0Gi 857Mi 1.2Gi > rsteff@ENU-1:~$ > > While I do have a number of applications running, I've always had a > similar number running and response in them used to be pretty quick. > > What else can I do to try to figure out what's slowing things down? > > Thanks. > > -- > Regards, > > Dick Steffens > >
[PLUG] RFC: more UnPLUGs?
Leaving the UnPLUG a few days ago, there was at least one person who suggested we do more of them. For those who did not attend, we had about 10 people attend, including a few newbies, who we got to know a bit. The weather was pleasant and the back patio at Rose City Book Pub was capacious enough for us. I like the speaker-centered PLUG meetings too, but I'm wondering if (particularly during the summer months of nice weather) we should consider having a secondary UnPLUG meeting, maybe, I don't know, third Thursdays or something? It doesn't have to be at the same location. Maybe someone who wants to nominate somewhere new can do some scouting or something. Thoughts? -- Russell Senior PLUG Volunteer russ...@pdxlinux.org
[PLUG] ANNOUNCEMENT: General Monthly Meeting is Un-PLUG at Rose City Book Pub
Portland Linux/Unix Group General Meeting Announcement As previously mentioned, this month Michael Dexter has an unbreakable commitment to be elsewhere at our regularly scheduled time, so our recently-regular venue at the Latvian Center is unavailable. A vague consensus emerged to meet up at the Rose City Book Pub on NE Fremont Street (address below) and see if we can grab some tables on the back patio. So, that's the plan. Details below. Who: YOU! What: Un-PLUG: unsorted, on/off topic discussion by, for, and between us ... and anyone else within earshot Where: Rose City Book Pub, 1329 Northeast Fremont Street, Portland, OR, 97212 on the back patio When: Thursday, June 1, 2023 at 7pm Why: The pursuit of technology freedom Bio: all shapes and sizes Talk: yes, hopefully! Rules and Requests: PLUG is open to everyone and does not tolerate abusive behavior on its mailing lists or at its meetings -- Russell Senior russ...@pdxlinux.org
Re: [PLUG] [PLUG-ANNOUNCE] No speaker, no venue (so far) for June!
"Kevin Williams" writes: > Lucky Lab would be fine. Rose City Book Pub sounds really good! > I am hearing a slight lean towards Rose City Book Pub for a trial run. Last chance to weigh in with opinions/thoughts. I'll pick something tomorrow! >> On Saturday, May 27th, 2023 at 3:24 AM, Russell Senior >> wrote: >> >> >> > Russell Senior russ...@pdxlinux.org writes: >> > >> > > Still no speaker, but Jason Bergstrom floated the idea of: d) just >> > > meeting up somewhere for "afters", but not-before-or-after-anything >> > > and rather in-place-of. >> > > >> > > That struck me as fun and desirable. Are other people interested in >> > > just jumping straight to nerd-socializing at 7pm or something? If so, >> > > does someone want to suggest a centrally-located venue? My thoughts >> > > turn to one of the Lucky Labs but let's not let my narrow thinking be >> > > limiting. >> > >> > >> > Clinton suggests: >> > >> > I like Rose City Book Pub. >> > https://www.rosecitybookpub.com/ >> > >> > It tops the Yelp list of quiet bars >> > https://www.yelp.com/search?find_desc=Quiet+Bar&find_loc=Portland%2C+OR >> > The others are more cocktail/lounge places. >> > >> > They have music scheduled for Thursday evening >> > https://www.rosecitybookpub.com/events-1?view=calendar&month=05-2023 >> > >> > but the beer garden, in the back, could be accommodating. >> > https://www.yelp.com/biz_photos/rose-city-book-pub-portland?select=ayXH7SoX1xlubXA9KZWrEQ >> > >> > https://photos.app.goo.gl/qLneSNzzCfjrodpXA >> > >> > We should, at least, keep it in mind for future post-talk beer. >> > >> > - Clinton >> > >> > Thoughts? >> >> I probably won't be there, I just wanna say, the book pub is excellent. My >> partner and I used to be regulars there. We haven't been in a long time >> since we moved farther out east. >> >> > >> > -- >> > Russell Senior >> > russ...@pdxlinux.org >> -- Russell Senior russ...@pdxlinux.org
Re: [PLUG] [PLUG-ANNOUNCE] No speaker, no venue (so far) for June!
Russell Senior writes: > Still no speaker, but Jason Bergstrom floated the idea of: d) just > meeting up somewhere for "afters", but not-before-or-after-anything > and rather in-place-of. > > That struck me as fun and desirable. Are other people interested in > just jumping straight to nerd-socializing at 7pm or something? If so, > does someone want to suggest a centrally-located venue? My thoughts > turn to one of the Lucky Labs but let's not let my narrow thinking be > limiting. Clinton suggests: I like Rose City Book Pub. https://www.rosecitybookpub.com/ It tops the Yelp list of quiet bars https://www.yelp.com/search?find_desc=Quiet+Bar&find_loc=Portland%2C+OR The others are more cocktail/lounge places. They have music scheduled for Thursday evening https://www.rosecitybookpub.com/events-1?view=calendar&month=05-2023 but the beer garden, in the back, could be accommodating. https://www.yelp.com/biz_photos/rose-city-book-pub-portland?select=ayXH7SoX1xlubXA9KZWrEQ https://photos.app.goo.gl/qLneSNzzCfjrodpXA We should, at least, keep it in mind for future post-talk beer. - Clinton Thoughts? -- Russell Senior russ...@pdxlinux.org
Re: [PLUG] [PLUG-ANNOUNCE] No speaker, no venue (so far) for June!
Still no speaker, but Jason Bergstrom floated the idea of: d) just meeting up somewhere for "afters", but not-before-or-after-anything and rather in-place-of. That struck me as fun and desirable. Are other people interested in just jumping straight to nerd-socializing at 7pm or something? If so, does someone want to suggest a centrally-located venue? My thoughts turn to one of the Lucky Labs but let's not let my narrow thinking be limiting. -- Russell Senior russ...@pdxlinux.org PLUG Volunteer On 5/15/23 23:50, Russell Senior wrote: Hi folks, I heard from Michael Dexter this evening that he's got an unbreakable engagement on the evening of June 1, which is nominally PLUG General Meeting night. That kind of means we also don't have the venue, because he's an integral part of opening the door and prepping the facilities at the Latvian Center. So, it seems we either: a) skip June; b) find another venue, and if b) then c) find a speaker. Thoughts?
Re: [PLUG] Question on a quick CLI program for validating a csv file
https://stackoverflow.com/questions/29642102/how-to-make-awk-ignore-the-field-delimiter-inside-double-quotes
On Sun, May 21, 2023 at 1:05 PM Russell Senior
wrote:
> Rich Shepard writes:
>
> > I download .csv files from agency databases where strings are double
> quoted
> > and contain commas within them, as well as using commas to separated
> fields.
> >
> > I start my gawk script with
> > BEGIN { FS="," }
> > and it separates (or counts, or selects) fields ignoring commas within
> > quoted strings.
>
> a) gawk DOES NOT do anything magical about "quoted" delimiters.
> b) -F, in the command line and FS="," in the script are equivalent.
>
> $ cat /tmp/test.csv
> A,B,C
> D,"e,f,g",F
> $ gawk 'BEGIN { FS="," } { print NF,$0 }' /tmp/test.csv
> 3 A,B,C
> 5 D,"e,f,g",F
>
> Please note the number of fields computed: gawk IS NOT ignoring commas
> within quoted strings.
>
>
> --
> Russell Senior
> russ...@personaltelco.net
>
Re: [PLUG] Question on a quick CLI program for validating a csv file
Rich Shepard writes:
> I download .csv files from agency databases where strings are double quoted
> and contain commas within them, as well as using commas to separated fields.
>
> I start my gawk script with
> BEGIN { FS="," }
> and it separates (or counts, or selects) fields ignoring commas within
> quoted strings.
a) gawk DOES NOT do anything magical about "quoted" delimiters.
b) -F, in the command line and FS="," in the script are equivalent.
$ cat /tmp/test.csv
A,B,C
D,"e,f,g",F
$ gawk 'BEGIN { FS="," } { print NF,$0 }' /tmp/test.csv
3 A,B,C
5 D,"e,f,g",F
Please note the number of fields computed: gawk IS NOT ignoring commas
within quoted strings.
--
Russell Senior
russ...@personaltelco.net
Re: [PLUG] Sending a Google-Earth Pro image via email
Does this help at all? https://support.google.com/earth/search?q=downloading+a+kml+file -- Russell Senior russ...@personaltelco.net On Thu, May 18, 2023 at 1:30 PM Rich Shepard wrote: > I'm trying to send myself a KML image from Google Earth Pro, but the only > MUAs made available are the web browser mailer or Google. The Tools -> > Options -> select the mailer does not allow any other option, such as > alpine > or mutt. > > Does anyone know of a way to use the MUA installed on the host to mail (or > save) that .kml georeferenced image? > > Rich >
[PLUG] No speaker, no venue (so far) for June!
Hi folks, I heard from Michael Dexter this evening that he's got an unbreakable engagement on the evening of June 1, which is nominally PLUG General Meeting night. That kind of means we also don't have the venue, because he's an integral part of opening the door and prepping the facilities at the Latvian Center. So, it seems we either: a) skip June; b) find another venue, and if b) then c) find a speaker. Thoughts? -- Russell Senior PLUG volunteer russ...@pdxlinux.org
Re: [PLUG] Any Ubiquiti Experts?
If you have created a backup config, you can restore it after the factory reset, if necessary or desirable. The goal of my suggestion is just to rule out an accidental misconfiguration of some obscure setting that might be preventing the connection. On Fri, May 12, 2023, 05:47 Ben Koenig wrote: > --- Original Message --- > On Friday, May 12th, 2023 at 5:15 AM, Tomas Kuchta < > tomas.kuchta.li...@gmail.com> wrote: > > > > > . > > > > > > I'd think that Russell's suggestion about backup + reset to factory + > > update to the latest firmware + reconfigure is the least costly and > > intrusive option to start with. > > > > If you still cannot connect to the wifi hotspot after that - then it > would > > be prudent to start trouble shoot. Let's cross that bridge when > > > > -T > > A factory reset is the MOST intrusive option because you are little wiping > out all data and preferences on a device and taking it offline. Remember > that the device is currently functioning as intended on other networks so > why mess with that? So before making changes to the configuration or > firmware we should try to isolate the point of failure. Isolate the > problem then root cause. > > Something about this Verizon hotspot network is different from the others. > What is it? > > By far the easiest thing to do here is change the Verizon hotspot to > broadcast an OPEN network, no encryption. If that works then we know > more-or-less where the problem is. > > Not saying this is a solution. OPEN encryption should not fail on any > device and will tell us if the Verizon hotspot is using an encryption > scheme that the Bullet M2 can't handle. > -Ben >
Re: [PLUG] Any Ubiquiti Experts?
[...] This is probably just some stupid WPA2/3 glitch. Yeah, that is a plausible theory. Modern radios usually support older ones without a problem, so my initial N radio vs AC theory didn't really make a lot of sense (as I said at the time). I like the WPA quirk better. To reiterate, I'd start by making a back up of the Bullet M2 configuration (off device, to your laptop or whatever) and then reset to factory defaults, and then reconfigure it from scratch and see if that helps. Then I'd try updating to the latest firmware on the Bullet M2 and see if that helps. There is a new version of ubiquiti firmware as of a few weeks ago (the website implies it was released May 2, 2023): https://www.ui.com/download/airmax-m > -Ben >
Re: [PLUG] Any Ubiquiti Experts?
> The problem people are likely to encounter is clashing network numbering. > Like, for example, 192.168.1.x/24 on both sides of a router. Personal Telco > has *many* (NAT'ing) routers stuck behind an ISP's (NAT'ing) gateway > routers and they work exactly as expected. As long as you take care with > your network numbering, it all works fine. > I'll amend this with the caveat that apparently double NAT can cause problems for uPnP. But that has no business working at all, so no loss. ;-) > -- > Russell Senior > russ...@personaltelco.net >
Re: [PLUG] Any Ubiquiti Experts?
r multilayer NAT is at all widespread in industry is baloney. > The only people that do it are either gurus who are trying to save a buck > on Internet connections or are trying to get completely untenable > situations working for connectivity, or utter bumbling amateurs who don't > know the difference between a public IP and a private IP. And 95% of the > people using multilayer NAT that I see posting problems about it are of the > latter type and half of them don't even know they are doing it. It > absolutely is not considered good network practices by any measure. For > that matter NAT itself isn't even considered good network practice. > The problem people are likely to encounter is clashing network numbering. Like, for example, 192.168.1.x/24 on both sides of a router. Personal Telco has *many* (NAT'ing) routers stuck behind an ISP's (NAT'ing) gateway routers and they work exactly as expected. As long as you take care with your network numbering, it all works fine. -- Russell Senior russ...@personaltelco.net
Re: [PLUG] Any Ubiquiti Experts?
Michael, One other thought about your problem. Maybe you have some other setting in the Bullet that is preventing your connection (maybe locked on a channel or something). You might consider making a backup of your Bullet configuration and then "factory reset" it and try configuring it again from scratch. -- Russell Senior russ...@personaltelco.net On Wed, May 10, 2023 at 8:54 PM Michael Barnes wrote: > On Wed, May 10, 2023 at 7:35 PM Tomas Kuchta > > wrote: > > > On Wed, May 10, 2023, 17:47 Michael Barnes > wrote: > > > > > I have a local network using an Ubiquiti Bullet M2 feeding a Netgear > > router > > > that serves my various devices. The Bullet serves as an access point > and > > > pulls from an available wifi source. > > > I got a hotspot from Verizon for internet access. When I log into the > > > Bullet to select a source, the hotspot shows up on the list, but is not > > > selectable. It has good signal strength, just not the little circle > that > > > allows me to select it. > > > . > > > > > > I am confused about your network topology. So, you get in internet over > > wifi from somewhere, received by the bullet - that feeds Netgear router > by > > what? (Ethernet cable?) Then you get your other wifi devices connected to > > Netgear or back to bullet on different vlan or ?? Very confusing Now > > you want the bullet to be able to get internet from 2nd source (hotspot), > > but only when it is on? > > > > It loos like pretty complex order. Perhaps you need some low level access > > to the Linux network config on the bullet. If that is so, please consider > > a) simplifying your network topology and b) installing wrt on the bullet > so > > that you can configure the network and routing directly. > > > > -T > > > > Tomas > > > > Sorry if it was confusing. > > The bullet is connected to an antenna that picks up internet via wifi. The > ethernet from the bullet goes through a POE injector into the Internet/WAN > port of the Netgear router. My various devices (TV, Portal, a couple > Raspberry Pis, etc.) all connect to the Netgear router. Most of the time > there is local wifi available for me to connect to, but not always. When > wifi is not available, I have turned on the hotspot on my phone and > connected to it. However, when I leave, the network looses internet. > Lately, I've been having to use my phone a lot and have used up my meager > (6GB) monthly data allocation. Trying to resolve this, I obtained a > Verizon hotspot with 100GB monthly data. When I log into the bullet to > tell it what wifi to connect to, it shows the hotspot on the list, but does > not have the little circle that allows that source to be selected. > > Otherwise, every time I change the internet source, I have to go to every > device and log onto the new wifi. With up to seven or more devices, and > sometimes changing internet sources daily, that is a real pain. It is so > much easier to just have everything connected to the local network and only > change the bullet access point. And since lately local wifi hasn't always > been available to me, I wanted to use the hotspot. > > Does that clarify it at all? Any ideas on why the bullet connects to pretty > much everything but the Verizon hotspot? I am suspecting the issue is with > the Verizon hotspot, but not sure. > > Michael >
Re: [PLUG] Any Ubiquiti Experts?
While bridging an AP-mode interface is fine, without hacky tricks adding a wifi station mode interface to a bridge DOES NOT WORK, by design. Infrastructure mode wifi only uses three MAC addresses (to save 6 bytes of packet header). See https://en.wikipedia.org/wiki/IEEE_802.11#Layer_2_%E2%80%93_Datagrams, You need four to bridge at the station. I learned this painfully in 2005. You can get around this by using WDS (that uses 4 MAC addresses), or adhoc mode (IBSS). Both require the cooperation of the AP (which you won't have from the Verizon hotspot's firmware). There is also something called Proxy ARP (at least in OpenWrt), which I've never used and (iirc) has its own shortcomings, probably more dire than just routing. Multi-layer NAT usually isn't a problem. The computational load is distributed across the devices that you are traversing, and almost everyone uses NAT already. It only becomes awkward to manage if you want to initiate connections from the "outside" to the "inside". The only unexpected thing with Michael's situation is that the Bullet doesn't want to associate with the Verizon hotspot. A Bullet M2 is an 802.11N radio. Maybe the Verizon hotspot is requiring an 802.11ac radio to connect, but that seems unlikely, as a lot of little IOT devices won't have 802.11ac radios either. I'd make sure to reboot everything and try again (which you've probably done already). You might confirm you are using an up-to-date firmware on the Bullet M2 in case there were bug fixes. With OpenWrt on the Netgear, you could configure a station mode interface there, but since we don't understand what the problem is with the Bullet, it's not clear that would help beyond removing a device from the chain. You are probably using the Bullet with a directional antenna to be able to connect to a more distant AP (which you wouldn't need with the Verizon hotspot, if it is nearby). One other thing to note, modern OpenWrt might not fit easily on a Bullet M2 anymore, primarily because it only has 32MB of RAM. OpenWrt was historically very good at squeezing things into tiny spaces, but upstream kernel growth and modern devices with more resources (and less consequent pressure to keep things small) have led to progressive abandonment of older, more constrained devices. Even 8MB of flash (with the Bullet M2 has) is becoming inadequate these days. But the 32MB of RAM is the more painful constraint at the moment. I have experimented (thus far, unsuccessfully on a single attempt) to update the RAM chip in a Bullet M2 to 64MB with a pin-compatible part from the same product line, and it ALMOST worked (it booted and ran for 30 seconds or so before panicking). -- Russell Senior russ...@personaltelco.net On Thu, May 11, 2023 at 8:50 AM Ted Mittelstaedt wrote: > Yeah one of the problems with schemes like this is you are running double > and sometimes triple network address translation and it can be SLOW if it > even works at all. > > Here is my suggestion: > > Get an Atheros-based chipset router. Install either dd-wrt or Openwrt on > it. Configure the unit as a wifi-to-ethernet bridge. Associate it to the > Verizon hotspot and use the translation on the hotspot. > > As for the Bullet that matters how your source wifi is configured. If the > bullet is being supplied by a WISP then you will be getting a single > assigned public IP from that and will need to use your netgear router to > handle that. Otherwise if it's just getting connectivity from some > friend's wifi elsewhere then the bullet also needs to be in bridged mode. > > Broadcom-based chips don't handle bridging properly, never have. > > You have way too many routers involved here. You need to be thinking > bridging, not routing. > > Ted > > -Original Message- > From: PLUG On Behalf Of Michael Barnes > Sent: Wednesday, May 10, 2023 8:54 PM > To: Portland Linux/Unix Group > Subject: Re: [PLUG] Any Ubiquiti Experts? > > On Wed, May 10, 2023 at 7:35 PM Tomas Kuchta > > wrote: > > > On Wed, May 10, 2023, 17:47 Michael Barnes > wrote: > > > > > I have a local network using an Ubiquiti Bullet M2 feeding a Netgear > > router > > > that serves my various devices. The Bullet serves as an access point > > > and pulls from an available wifi source. > > > I got a hotspot from Verizon for internet access. When I log into > > > the Bullet to select a source, the hotspot shows up on the list, but > > > is not selectable. It has good signal strength, just not the little > > > circle that allows me to select it. > > > . > > > > > > I am confused about your network topology. So, you get in internet > > over wifi from somewhere, received by the bullet - that fe
Re: [PLUG] Any Ubiquiti Experts?
So, the bullet is in station mode. And the bullet must be routing (not bridging). What kind of Netgear router are you using? Is it possible to log in to the Verizon hotspot to see what it thinks? -- Russell Senior russ...@personaltelco.net On Wed, May 10, 2023, 20:54 Michael Barnes wrote: > On Wed, May 10, 2023 at 7:35 PM Tomas Kuchta > > wrote: > > > On Wed, May 10, 2023, 17:47 Michael Barnes > wrote: > > > > > I have a local network using an Ubiquiti Bullet M2 feeding a Netgear > > router > > > that serves my various devices. The Bullet serves as an access point > and > > > pulls from an available wifi source. > > > I got a hotspot from Verizon for internet access. When I log into the > > > Bullet to select a source, the hotspot shows up on the list, but is not > > > selectable. It has good signal strength, just not the little circle > that > > > allows me to select it. > > > . > > > > > > I am confused about your network topology. So, you get in internet over > > wifi from somewhere, received by the bullet - that feeds Netgear router > by > > what? (Ethernet cable?) Then you get your other wifi devices connected to > > Netgear or back to bullet on different vlan or ?? Very confusing Now > > you want the bullet to be able to get internet from 2nd source (hotspot), > > but only when it is on? > > > > It loos like pretty complex order. Perhaps you need some low level access > > to the Linux network config on the bullet. If that is so, please consider > > a) simplifying your network topology and b) installing wrt on the bullet > so > > that you can configure the network and routing directly. > > > > -T > > > > Tomas > > > > Sorry if it was confusing. > > The bullet is connected to an antenna that picks up internet via wifi. The > ethernet from the bullet goes through a POE injector into the Internet/WAN > port of the Netgear router. My various devices (TV, Portal, a couple > Raspberry Pis, etc.) all connect to the Netgear router. Most of the time > there is local wifi available for me to connect to, but not always. When > wifi is not available, I have turned on the hotspot on my phone and > connected to it. However, when I leave, the network looses internet. > Lately, I've been having to use my phone a lot and have used up my meager > (6GB) monthly data allocation. Trying to resolve this, I obtained a > Verizon hotspot with 100GB monthly data. When I log into the bullet to > tell it what wifi to connect to, it shows the hotspot on the list, but does > not have the little circle that allows that source to be selected. > > Otherwise, every time I change the internet source, I have to go to every > device and log onto the new wifi. With up to seven or more devices, and > sometimes changing internet sources daily, that is a real pain. It is so > much easier to just have everything connected to the local network and only > change the bullet access point. And since lately local wifi hasn't always > been available to me, I wanted to use the hotspot. > > Does that clarify it at all? Any ideas on why the bullet connects to pretty > much everything but the Verizon hotspot? I am suspecting the issue is with > the Verizon hotspot, but not sure. > > Michael >
Re: [PLUG] Renaming file with back slashes and spaces
The filename does NOT have backslashes, just spaces. The backslashes are displayed to *quote* the spaces. That is, show that the spaces are part of the filename instead of whitespace delimiters between different filenames. On Thu, May 4, 2023, 08:39 Rich Shepard wrote: > I have a file from an agency in which words are sepatated by back slashes > and spaces. Wrapping the name in double quotes (as user and root) fails: > > [root@caddis /home/rshepard/projects# mv "Topo\ TNM\ Style\ Template\ > Users\ Guide.pdf" Users-Guide.pdf > mv: cannot stat 'Topo\ TNM\ Style\ Template\ Users\ Guide.pdf': No such > file or directory > > What have I missed? > > TIA, > > Rich > >
Re: [PLUG] What are the permissions for .ssh/authorized_keys?
It's logged somewhere. Figure out where. On Wed, Apr 26, 2023 at 12:32 PM Rich Shepard wrote: > On Wed, 26 Apr 2023, Russell Senior wrote: > > > type 51 is an indication that the server is rejecting the key you are > > trying to use. Success would be type 52. You need to look at the salmo > logs > > to find out why. > > Russell, > > There are no ssh logs in /var/log/ or root's home directory. > > In salmo/.ssh/ caddis is the only entry in authorized_keys and one of three > in known_hosts (the other two being my web site host and github). > > Rich > >
Re: [PLUG] What are the permissions for .ssh/authorized_keys?
" debug1: Offering public key: /home/rshepard/.ssh/id_ed25519 ED25519 SHA256:kzkp07EYCHEBeOLgGgKYbPGD1IdtDpJl2gPVSfYYXtk debug3: send packet: type 50 debug2: we sent a publickey packet, wait for reply debug3: receive packet: type 51 " type 51 is an indication that the server is rejecting the key you are trying to use. Success would be type 52. You need to look at the salmo logs to find out why. On Wed, Apr 26, 2023 at 11:09 AM Rich Shepard wrote: > On Wed, 26 Apr 2023, MC_Sequoia wrote: > > > Here's where I think the problem is: > > "debug1: Trying private key: /home/rshepard/.ssh/id_ed25519_sk > > debug3: no such identity: /home/rshepard/.ssh/id_ed25519_sk: No such > file or directory > > debug1: Trying private key: /home/rshepard/.ssh/id_xmss > > debug3: no such identity: /home/rshepard/.ssh/id_xmss: No such file or > directory > > debug1: Trying private key: /home/rshepard/.ssh/id_dsa > > debug3: no such identity: /home/rshepard/.ssh/id_dsa: No such file or > directory > > debug2: we did not send a packet, disable method" > > Mike, > > There are no _sk suffixes or _xmss in either salmo/.ssh/ or caddis/.ssh/. > Salmo's ssh: > ssh_host_dsa_key.pub > ssh_host_ed25519_key > ssh_host_rsa_key.pub > ssh_config > ssh_host_ecdsa_key > ssh_host_ed25519_key.pub > sshd_config > ssh_host_dsa_key > ssh_host_ecdsa_key.pub > ssh_host_rsa_key > > I'll futz with this later today. > > What's interesting is that I've not had these issues with any other desktop > or laptop over the past 25+/- years. > > Thanks, > > Rich > >
Re: [PLUG] MediaWiki configuration
On 4/20/23 19:25, Keith Lofstrom wrote: Any recent MediaWiki deployers on the list? For many years, [...] IF YOU HAVE SET UP MEDIAWIKI RECENTLY, CAN YOU POINT ME AT GOOD /RECENT/ TUTORIALS? I haven't, and have no experience with MediaWiki (and still nominally maintain a teetering MoinMoin wiki), but have you looked at this: https://www.mediawiki.org/wiki/Manual:Installing_MediaWiki -- Russell Senior russ...@pdxlinux.org
Re: [PLUG] Transferring public key shows error
If you are using public key authentication (which you want), you need that turned on, not commented out. This stuff pretty much works out of the box, but it seems like you've figured out a way to screw it up. Generally speaking, putting it in a blender and pressing the puree button isn't the best way of figuring out how it works. On Thu, Apr 20, 2023 at 10:09 AM Rich Shepard wrote: > On Thu, 20 Apr 2023, Rich Shepard wrote: > > > Since the only two external servers to which I connect have my public > key, I > > don't need it locally. Yes? > > Not so. > > I commented out #PubkeyAuthentication yes on both salmo and caddis; > rebooted > both. > > From salmo: > $ ssh caddis > ssh: connect to host caddis port n: Connection refused > > From caddis: > $ ssh salmo > rshepard@salmo: Permission denied (public key) > > I'm totally stymied. > > Rich >
Re: [PLUG] Transferring public key shows error
Without looking it up, passphrase is the encryption that protects the private key on the client system, so that the super user (or others able to read files) can't just read/copy your private key. The passphrase never leaves your machine, or the ssh process that is used to authenticate to the server. The advice suggested by the internet is to check /var/log/auth.log on the server side (caddis) to see why it's rejecting your connection. On Thu, Apr 20, 2023 at 9:31 AM Rich Shepard wrote: > On Thu, 20 Apr 2023, Russell Senior wrote: > > > "debug2: we did not send a packet, disable method" > > That seems relevant. > > Russell, > > To me, too. But, does that mean disable passphrase authentification in > /etc/ssh/sshd_config on both machines? > > If I do that what does it mean when I login to github or my website host, > both of which ask for, and accept, my passphrase. Are these two different > from intra-LAN ssh? > > Thanks, > > Rich > >
Re: [PLUG] Transferring public key shows error
"debug2: we did not send a packet, disable method" That seems relevant. On Thu, Apr 20, 2023, 06:57 Rich Shepard wrote: > On Wed, 19 Apr 2023, Russell Senior wrote: > > > I find it is pretty helpful to read the messages. If the messages are too > > terse, add verbose or debug flags. Then read what it says. > > Is there anything listening on caddis's port n? > > Russell, > > My apologies; I completely forgot to use the -v option to ssh. > > Looking at the output of 'ssh -vvv salmo' (because it has more details than > 1 or 2 vs) shows everything working until a public key packet is sent and > received, yet there's no reason I see why it quits then: > > debug1: SSH2_MSG_NEWKEYS sent > debug1: expecting SSH2_MSG_NEWKEYS > debug3: receive packet: type 21 > debug1: SSH2_MSG_NEWKEYS received > debug2: set_newkeys: mode 0 > debug1: rekey in after 134217728 blocks > debug1: Will attempt key: /home/rshepard/.ssh/id_ed25519 ED25519 > SHA256:hYzUmycAbseyYetGxTEN+LN56sffyLVysiwVB7S3ZKQ > debug2: pubkey_prepare: done > debug3: send packet: type 5 > debug3: receive packet: type 7 > debug1: SSH2_MSG_EXT_INFO received > debug1: kex_input_ext_info: > server-sig-algs= > debug3: receive packet: type 6 > debug2: service_accept: ssh-userauth > debug1: SSH2_MSG_SERVICE_ACCEPT received > debug3: send packet: type 50 > debug3: receive packet: type 51 > debug1: Authentications that can continue: publickey > debug3: start over, passed a different list publickey > debug3: preferred publickey,keyboard-interactive,password > debug3: authmethod_lookup publickey > debug3: remaining preferred: keyboard-interactive,password > debug3: authmethod_is_enabled publickey > debug1: Next authentication method: publickey > debug1: Offering public key: /home/rshepard/.ssh/id_ed25519 ED25519 > SHA256:hYzUmycAbseyYetGxTEN+LN56sffyLVysiwVB7S3ZKQ > debug3: send packet: type 50 > debug2: we sent a publickey packet, wait for reply > debug3: receive packet: type 51 > debug1: Authentications that can continue: publickey > debug2: we did not send a packet, disable method > debug1: No more authentication methods to try. > rshepard@salmo: Permission denied (publickey). > [rshepard@caddis ~]$ > > Caddis' public key is in salmo's authorized_keys, and vice-versa. > > Rich >
Re: [PLUG] Transferring public key shows error
I find it is pretty helpful to read the messages. If the messages are too terse, add verbose or debug flags. Then read what it says. Is there anything listening on caddis's port n? On Wed, Apr 19, 2023 at 2:56 PM Rich Shepard wrote: > On Wed, 19 Apr 2023, Russell Senior wrote: > > > So, you can use an editor to remove the offending line 2, and you'll be > > asked to accept the new hostkey the next time to connect. > > Russell, > > The authorized_keys on both hosts each contains the public key of the > other. > > The known_hosts on the laptop (caddis) contains only a key for salmo > created > at 14:42, when I tried to ssh from caddis to salmo. I could not: > > $ ssh salmo > The authenticity of host '[salmo]:n ([192.168.55.1]:n)' can't be > established. > ED25519 key fingerprint is > SHA256:/RInRdtcIMbpPu3LZmpg5wfAWi9ozQwgKLPnTQEDcxg. > This key is not known by any other names > Are you sure you want to continue connecting (yes/no/[fingerprint])? yes > Warning: Permanently added '[salmo]:n' (ED25519) to the list of known > hosts. > rshepard@salmo: Permission denied (publickey) > > Going the other way, from salmo to caddis (where salmo's known_hosts has > only caddis as an entry) also fails: > > $ ssh caddis > ssh: connect to host caddis port n: Connection refused > > With only two hosts on the network it shouldn't be this difficult to get > them to communicate. > > What am I still missing? > > Rich >
Re: [PLUG] Transferring public key shows error
Your client is complaining about the new host key. You need to remove the old hostkey from your *CLIENT'S* known_hosts file. The message is telling you what it doesn't like "Offending ED25519 key in /home/rshepard/.ssh/known_hosts:2". So, you can use an editor to remove the offending line 2, and you'll be asked to accept the new hostkey the next time to connect. -- Russell On Wed, Apr 19, 2023 at 2:23 PM Rich Shepard wrote: > On Wed, 19 Apr 2023, Rich Shepard wrote: > > > Should salmo's id_ed25519.pub be in caddis' .ssh/authorized_keys? > > I think that I found the problem: salmo's id_ed25519.pub has only one line > and it's for a host no longer on the LAN. > > So, I'll generate a new keypair for salmo, using the same passphrase, then > copy that public key to caddis. > > Well, when I somehow, unintentionally, FUBAR a host I don't do it halfway. > Sigh. > > More when I make these changes. > > Rich >
Re: [PLUG] Transferring public key shows error
There is also a config for the server: sshd_config On Wed, Apr 19, 2023, 13:14 Rich Shepard wrote: > On Wed, 19 Apr 2023, Paul Heinlein wrote: > > > It looks to me like sshd on salmo is configured to accept only public key > > authentication. It won't take your password. > > Paul, > > I was wrong. When I ssh into github or my website host I need to use my > passphrase. > > But, in both salmo's and caddis' /etc/ssh/ssh_config only > PasswordAuthentication yes > is set. I'm still getting that error. > > Regards, > > Rich >
Re: [PLUG] Transferring public key shows error
What was your goal in copying the public key? -- Russell Senior russ...@personaltelco.net On Wed, Apr 19, 2023, 11:05 Rich Shepard wrote: > Generated a key pair and, following the Slackware OpenSSH instructions > tried to use scp to put the laptop's public key on the desktop: > > $ scp id_ed25519.pub rshep...@salmo.appl-ecosys.com: > /home/rshepard/.ssh/authorized_keys > The authenticity of host '[salmo.appl-ecosys.com]: > ([192.168.55.1]: ED25519 key fingerprint is > SHA256:/RInRdtcIMbpPu3LZmpg5wfAWi9ozQwgKLPnTQEDcxg. > This key is not known by any other names > Are you sure you want to continue connecting (yes/no/[fingerprint])? yes > Warning: Permanently added '[salmo.appl-ecosys.com]:14982' (ED25519) to > the list of known hosts. > rshep...@salmo.appl-ecosys.com: Permission denied (publickey). > lost connection > > What have I done incorrectly here? > > TIA, > > Rich >
Re: [PLUG] Capture output of ssh -vv
Also, "cat /proc/sys/kernel/hostname" is a pretty robust way of figuring
out which host your shell is on.
--
Russell Senior
russ...@pdxlinux.org
On 4/18/23 18:13, King Beowulf wrote:
On 4/18/23 14:30, Rich Shepard wrote:
I'm setting up a laptop and configuring ssh on it so I can transfer files
between it (hostname: caddis) and the desktop (hostname: salmo).
When I tried 'ssh salmo' I was asked for my password on salmo. Entered that
and was immediately returned to the shell prompt.
Then I tried 'ssh -vv salmo' and was presented with a long list of data,
ending with ssh asking me for my salmo password. Entered that and was
immediately returned to the shell prompt.
Since I cannot retain the screen display would the tee command copy the
output to a file so I can see why my efforts are failing? Is there a better
way for me to debug the failure to connect?
Regards,
Rich
Rich,
Are you sure you are not "connecting"? Of course ssh will drop you to a
shell prompt...on the other PC!
You can set your prompt to display host name so you know where you are.
In each PC home director I have a ~/.bashrc with
PS1="\u@\h: \W "
case `id -u` in
0) PS1="${PS1}# ";;
*) PS1="${PS1}$ ";;
esac
(This is actually in the default if no .bashrc is present, see /etc/profile)
Example of Xfce terminal ssh to my hobby server:
---
beowulf@gandalf: ~ $ ssh aragorn
(beowulf@aragorn) Password:
Last login: Tue Apr 18 16:44:39 2023 from 192.168.1.3
Linux 5.15.94.
A rolling stone gathers no moss.
-- Publilius Syrus
beowulf@aragorn:~$
---
Now, if it just drops you silently back to the original prompt, sshd may
not be running:
Is /etc/rc.d/rc.sshd set to executable?
-Ed
Re: [PLUG] 3rd party vpn Defense evasion
Can you elaborate, in general terms, on what the goal is? -- Russell Senior russ...@personaltelco.net On Tue, Apr 18, 2023 at 8:38 AM Ishak Micheil wrote: > Greetings, > I am tasked to identify a solution to detecting users obfuscating their ip, > using verity of VPN services. > > What we've done > - Prevent users from installing software (VPN Cliens) > > - Possibly having a code on endpoints, to collect ip addresses tied to wifi > or LAN connection prior to attaching to VPN service, > > any other ideas? >
Re: [PLUG] USB 3 port running very slowly - why?
How are you transferring? I have had experience recently with dd and not setting a "reasonable" block size, thereby relying on the default 512 byte blocks, which means LOTS of syscalls to do the IO. Setting the block size to something like 16M made it go a lot faster. Could that be your problem? -- Russell Senior russ...@personaltelco.net On Mon, Apr 17, 2023 at 10:38 PM American Citizen wrote: > Hello all: > > Someone gave me a PNY 256 gig flash memory stick, with USB 3.0 advertised. > > However when uploading to it, the actual rate varies from around 1.5 > MiB/sec to 10.6 Mib/sec, which is way lower than the advertised USB 3.0 > speed of 5 GiB/sec (? if we believe the information below) > > I ran the %lsusb command to try to see what is going on here. > > Any ideas on why it will take hours to transfer 208 gigs to it? > > - Randall > > -- information dump --- > > HP Z420 workstation USB Controller information > --- > > SYSTEM: OpenSuse Leap 15.4 on 64 bit hardware > Workstation has 2 USB3 ports and 1 USB2 port on the front panel > > Operating System: openSUSE Leap 15.4 > KDE Plasma Version: 5.24.4 > KDE Frameworks Version: 5.90.0 > Qt Version: 5.15.2 > Kernel Version: 5.14.21-150400.24.55-default (64-bit) > Graphics Platform: X11 > Processors: 6 × Intel® Xeon® CPU E5-1650 v2 @ 3.50GHz > Memory: 31.3 GiB of RAM > Graphics Processor: NV106 > > (from USB devices Info Center) > xHCI Host Controller (3) > Manufacturer: Linux 5.14.21-150400.24.55-default xhci-hcd > Serial #: :08:00.0 > Class 9 (Hub) > Subclass 0 (Unused) > Protocol 3 > USB Version 3.00 > > Vendor ID 0x1d6b (Linux Foundation) > Product ID 0x0003 (3.0 root hub) > > Speed 5,000 Mbit/s > Channels 4 > Max. Packet Size 9 > > USB 3.2.1 FD > > Manufacturer: PNY > Serial #: 071C2B1F12A4F803 > > Class 0 ((Defined at Interface level)) > Subclass 0 > Protocol 0 > USB Version 3.20 > > Vendor ID 0x154b (PNY) > Product ID 0x1006 > > Speed 5,000 Mbit/s > Channels 0 > Max. Packet Size 9 > > (from %lsusb -d 154b:1006 -v command) > > PNY Flash Memory Stick - 256 gigs > > Bus 003 Device 003: ID 154b:1006 PNY USB 3.2.1 FD > Device Descriptor: >bLength18 >bDescriptorType 1 >bcdUSB 3.20 >bDeviceClass0 >bDeviceSubClass 0 >bDeviceProtocol 0 >bMaxPacketSize0 9 >idVendor 0x154b PNY >idProduct 0x1006 >bcdDevice1.10 >iManufacturer 1 PNY >iProduct2 USB 3.2.1 FD >iSerial 3 071C2B1F12A4F803 >bNumConfigurations 1 >Configuration Descriptor: > bLength 9 > bDescriptorType 2 > wTotalLength 0x002c > bNumInterfaces 1 > bConfigurationValue 1 > iConfiguration 0 > bmAttributes 0x80 >(Bus Powered) > MaxPower 504mA > Interface Descriptor: >bLength 9 >bDescriptorType 4 >bInterfaceNumber0 >bAlternateSetting 0 >bNumEndpoints 2 >bInterfaceClass 8 Mass Storage >bInterfaceSubClass 6 SCSI >bInterfaceProtocol 80 Bulk-Only >iInterface 0 >Endpoint Descriptor: > bLength 7 > bDescriptorType 5 > bEndpointAddress 0x81 EP 1 IN > bmAttributes2 >Transfer TypeBulk >Synch Type None >Usage Type Data > wMaxPacketSize 0x0400 1x 1024 bytes > bInterval 0 > bMaxBurst 3 >Endpoint Descriptor: > bLength 7 > bDescriptorType 5 > bEndpointAddress 0x02 EP 2 OUT > bmAttributes2 >Transfer TypeBulk >Synch Type None >Usage Type Data > wMaxPacketSize 0x0400 1x 1024 bytes > bInterval 0 > bMaxBurst 3 > > --- > >
Re: [PLUG] Audio card for clear voice output [RESOLVED]
On 4/17/23 17:22, Rich Shepard wrote: On Sun, 16 Apr 2023, Rich Shepard wrote: Please provide recommendations for an add-in PCIe audio card that outputs clear voice as well as music to speakers and headphones/headsets. It was a hardware issue. Zoom would not work with the Panasonic headphones or speakers. But, it has no problem with the Yamaha CM500 headset where both mic and headphone are together. Have you counted the little rings on the end of the connector? A headset jack has 4 electrically-separated pads: tip, ring, ring, sleave (TRRS). Ground, L, R, and Microphone (the arrangement can sometimes vary): https://en.wikipedia.org/wiki/Phone_connector_(audio)#TRRS -- Russell Senior russ...@pdxlinux.org
Re: [PLUG] Audio card for clear voice output
Can you collect an example? Like, record through the air (e.g. with a digital audio recorder maybe even in your phone) a few seconds of the distortion you are hearing and share it somewhere? Does it sound any different through headphones? Fwiw, I have zero problems with voice output on my linux machine with rando audio hardware, including usb-audio dongles that often come with headsets. -- Russell Senior russ...@personaltelco.net
Re: [PLUG] rsync command syntax => RDIFF-BACKUP
Dirvish is just a wrapper on rsync. On Sat, Apr 15, 2023, 12:47 MC_Sequoia wrote: > "Dirvish makes snapshot copies of changed files. So the cron job that runs > at 00:30 each night copies changes in files in the 8 vaults (directories > or partitions). What I want to follow that daily update is to copy only > the changed files from bkup1 to bkup2." > > So, you're using a disk imaging tool to create incremental backups and the > using a remote file synchronization tool to do another incremental backup. > > Why not just use 1 tool such as rdiff-backup? It's simpler and it has more > useful backup & recover features. > > "Rdiff-backup backs up one directory to another, possibly over a network. > The target directory ends up a copy of the source directory, but extra > reverse diffs are stored in a special subdirectory of that target > directory, so you can still recover files lost some time ago. > > The idea is to combine the best features of a mirror and an incremental > backup. Rdiff-backup also preserves subdirectories, hard links, dev files, > permissions, uid/gid ownership (if it is running as root), modification > times, acls, eas, resource forks, etc. > > Finally, rdiff-backup can operate in a bandwidth efficient manner over a > pipe, like rsync. Thus you can use rdiff-backup and ssh to securely back a > hard drive up to a remote location, and only the differences will be > transmitted." > > https://rdiff-backup.net/ > >
Re: [PLUG] rsync command syntax
You probably want the -H option too, to preserve hardlinks. Also, my lizard brain is telling me you want trailing slashes too. I'll take Michael's suggestion about -z as given without further research and suggest: rsync -v -a -H /media/bkup1/ /media/bkup2/ I also suggest reading "man rsync" to confirm. In a cronjob, the -v maybe isn't needed. On 4/15/23 08:16, Rich Shepard wrote: I want to write a cron job for root to copy the daily backup from /media/bkup1/ to /media/bkup2/. Is this rsync command sufficient? rsync -avz /media/bkup1 /media/bkup2 TIA, Rich
Re: [PLUG] Am I the only one who's at Hillsdale brewery & pub?
You missed a good talk! The subject sounded a little intimidating for a general audience, but I thought the speaker did a great job of making it understandable. -- Russell Senior russ...@pdxlinux.org On 4/6/23 21:32, elcaset wrote: Is anybody else coming here?
[PLUG] REMINDER: April PLUG Meeting: Proxy Execution in the Linux Scheduler
Portland Linux/Unix Group General Meeting Announcement Who: John Stultz, Google What: Proxy Execution in the Linux Scheduler Where: 5500 SW Dosch Rd, Portland When: Thursday, April 6th, 2023 at 7pm Why: The pursuit of technology freedom Bio: John Stultz works for Google in the Android Systems team focusing on performance and working with the upstream Linux kernel community. He's spent most of his career prior working on AOSP devboards, Android upstreaming, PREEMPT_RT and Timekeeping. Talk: Proxy Execution in the Linux scheduler for resolving priority inversion in cases where priority inheritance isn't sufficient. Rules and Requests: Please bring and properly fit a mask unless actively presenting PLUG is open to everyone and does not tolerate abusive behavior on its mailing lists or at its meetings Do not leave valuables in your car Calagator Page: http://calagator.org/events/1250480369 Google Maps Link: https://www.google.com/maps/place/5500+SW+Dosch+Rd,+Portland,+OR+97239 <https://www.google.com/maps/place/5500+SW+Dosch+Rd,+Portland,+OR+97239> Some might head to Hillsdale Brewery & Public House near the Library: https://www.mcmenamins.com/hillsdale-brewery-public-house <https://www.mcmenamins.com/hillsdale-brewery-public-house> Rideshares likely available PLUG Page with information about all PLUG events: http://pdxlinux.org/ -- Russell Senior russ...@pdxlinux.org
Re: [PLUG] Google Bard - entry level sys-admin, learning fast?
Keith Lofstrom writes: > A computer adept friend described his experiences with > the Google Bard A.I. (which is probably subscribed to > this list, howdy Bard! Surname first, are you Asian?) > > Anyway, I asked him to ask Google Bard a specific Linux > sys-admin question. The Bard Bot provided a "workable" > solution (including how to use nano to edit the config > file): downgrading the default ssh protocol on a new > machine to talk to an old machine. That does work, > but screws up default ssh to other machines. You can enable deprecated crypto stuff with modern ssh to talk to an older version of ssh. I do this semi-frequently. You can also add those options to your .ssh/config file to be specific to the host you are talking to. Here's an example ripped straight from my shell history: ssh -oKexAlgorithms=+diffie-hellman-group1-sha1 -ohostkeyalgorithms=+ssh-rsa -ociphers=+3des-cbc admin@192.168.100.100 That would translate to something like the following in a .ssh/config file: host 192.168.100.100 User admin KexAlgorithms +diffie-hellman-group1-sha1 HostKeyAlgorithms +ssh-rsa Ciphers +3des-cbs Your remote host will educate you on what you need by persistently throwing errors at you until you get it right. Also "man ssh_config" is your friend. -- Russell Senior russ...@personaltelco.net
[PLUG] ANNOUNCEMENT: April PLUG Meeting: Proxy Execution in the Linux Scheduler
Portland Linux/Unix Group General Meeting Announcement Who: John Stultz, Google What: Proxy Execution in the Linux Scheduler Where: 5500 SW Dosch Rd, Portland When: Thursday, April 6th, 2023 at 7pm Why: The pursuit of technology freedom Bio: John Stultz works for Google in the Android Systems team focusing on performance and working with the upstream Linux kernel community. He's spent most of his career prior working on AOSP devboards, Android upstreaming, PREEMPT_RT and Timekeeping. Talk: Proxy Execution in the Linux scheduler for resolving priority inversion in cases where priority inheritance isn't sufficient. Rules and Requests: Please bring and properly fit a mask unless actively presenting PLUG is open to everyone and does not tolerate abusive behavior on its mailing lists or at its meetings Do not leave valuables in your car Calagator Page: http://calagator.org/events/1250480369 Google Maps Link: https://www.google.com/maps/place/5500+SW+Dosch+Rd,+Portland,+OR+97239 <https://www.google.com/maps/place/5500+SW+Dosch+Rd,+Portland,+OR+97239> Some might head to Hillsdale Brewery & Public House near the Library: https://www.mcmenamins.com/hillsdale-brewery-public-house <https://www.mcmenamins.com/hillsdale-brewery-public-house> Rideshares likely available PLUG Page with information about all PLUG events: http://pdxlinux.org/ -- Russell Senior PLUG Volunteer
Re: [PLUG] Webinar software recommendationsx
Personal Telco has its own jitsi server too. Installation on Debian seemed relatively painless (although, full disclosure, a colleague set it up, not me). On Sun, Mar 12, 2023, 16:48 Randy Bush wrote: > > If you want to start with a small group, don't care about most of the > > features, but are totally committed to open source, then look at > > https://jitsi.org/ > > fwiw, for this and similar purposes, i have a jitsi on debian. works > well, minimal maintenance. > > randy >
Re: [PLUG] "Ancient" Verizon fiber Re: Verizon towers ...
I would not expect a fax to work on their voip product. More tragic from my perspective, pulse dialing doesn't work. On Tue, Mar 7, 2023, 18:38 Seth Alford wrote: > I can't get Comcast VOIP to handle my HP fax machine. Yes, I occasionally > still have to send a fax. Does anyone know how Ziply does with a fax > machine? > > Thanks, > > --Seth > > On Tue, Mar 7, 2023 at 3:26 PM MC_Sequoia > wrote: > > > "Anyway, single-mode fiber seems like a much more efficient, > > spectrum-thrifty, and "ecological" way to move bits, than > > towers and microwave-mmwave transmitters and the occasional > > radar-blinded aircraft." > > > > If only people did what is the most efficient & "ecological". > > > > I've been using the most efficient form of transportation known to > > humankind for 2 centuries now for over a decade. Nobody cares. > > > > Ain't nobody giving up their cars. Ain't nobody giving up their cell > > phone. I wish I could have a landline for $10 / mth and a phone that > > doesn't cost hundreds of dollars and can all to easily be damaged or > > destroyed. > > > > > > >
Re: [PLUG] Venue for next month ...
Larry Brigman writes: > Take light rail to downtown Hillsboro (3rd street station?) to find a > few places for after-hours. Sports Look is right at the stop. Other > places are only a couple of blocks away. Fwiw, anecdotally, public transit time from Hillsboro Transit Center to my home in NE Portland is 1.5 hours (and 35 minutes by car). -- Russell Senior russ...@pdxlinux.org
Re: [PLUG] Verizon towers for internet
Russell Senior writes: > Ted Mittelstaedt writes: > >> Consumer Cellular is $20 a month with 1GB $50 a month unlimited. > > From https://www.consumercellular.com/shopping/choose/plan: > > "On unlimited data plans, access to high speed data may be reduced after > 50GB of use, and you may experience slower speeds for the remainder of > your billing cycle." I just looked at some traffic graphs. I move about 50GB of internet traffic (up+down) on my network every day. My mom, who lives by herself, moves about 10GB per day. So, that's about 5 days of 83yo internet-hating lady usage, per month. Multiplying by 6 to get a full month, means $300 of Consumer Cellular service. -- Russell Senior russ...@pdxlinux.org
Re: [PLUG] Verizon towers for internet
Ted Mittelstaedt writes: > Consumer Cellular is $20 a month with 1GB $50 a month unlimited. >From https://www.consumercellular.com/shopping/choose/plan: "On unlimited data plans, access to high speed data may be reduced after 50GB of use, and you may experience slower speeds for the remainder of your billing cycle." -- Russell Senior russ...@pdxlinux.org
Re: [PLUG] Verizon towers for internet
Ted Mittelstaedt writes: > It works but of course it's very easy to go over 300Mbt and then they charge > overage fees which can be quite high > > At the end of the 30 days ask them the price of an unlimited account. > > I always ask people doing this why don' t you just get an unlimited > data cell plan and tether to your phone. Unlimited cell phone plans are often not actually unlimited, and sometimes quite expensive. > If you need ethernet then setup dd-wrt with an Atheros-based chipset > device in client bridged mode. There is a better way: usb-tethering to an openwrt router with a usb port. Fwiw, I have heard feedback from people using the T-mobile at-home-internet and they weren't particularly happy. Particularly for things like online meetings where latency is important, it became unusable. I would expect Verizon to be similar. -- Russell Senior russ...@pdxlinux.org
Re: [PLUG] Venue for next month ...
On Sun, Mar 5, 2023 at 3:08 AM John Sechrest < sechr...@seattleangelconference.com> wrote: > I have found for the many workshops and meetings that I run in Seattle, > that having a consistent place and time, with low friction makes a > different in attendance. > Yes, I agree. Consistent location and time is important. When I started going to PLUG meetings 20 years ago, I recall it taking me like three months to figure out where I was supposed to be and when. I kept remembering the next day, or too late in the evening, and so forth. However, we are in a transition phase right now and some uncertainty and variability is already built in, so the incremental cost is relatively small. > > To that end, I had someone scrape all of the "tech" meetup happenings in > the seattle area meetup and built a spreadsheet of venues, sponsors and > meeting room sizes. > > That ended up with some insight into the opportunities > > While there is then the associated pain of keeping something up to date, > The ability to look at the venue list can be helpful to the community. > > This is what my list looks like in Seattle. > > > https://docs.google.com/spreadsheets/d/1dFNsuOkeeZjtDX6gchl6HDWdhrUbp7lFwGHcZTolGUU/edit?usp=sharing > > I was able to get it updated a couple of times by using Filipina Virtual > assistants. > > I wonder if there is any interest in building a data set like this for > portland, so you can give a gift to the community organizers who are > trying to make a stronger ecosystem? > We already have calagator.org, which has a lot of this information. But your methodology also helped remind me calagator exists and might be exploited for this purpose. > > > > On Sun, Mar 5, 2023 at 7:05 AM Russell Senior > wrote: > > > There is more work to do in exploring the General Meeting venue solution > > space. The Portland Building was nice, and vaguely workable, with some > > downsides: > > > >a) building access is at least as bad as PSU. Outside door locked, > > calls to building security were not particularly welcome due to the walk > > involved for the poor guy, meaning we had to station someone at the door > > to let people in. > > > >b) they are going to want to start charging, unless we can find a > > bureau sponsor (which is possible); > > > >c) they want a city employee to babysit us (which *might* be > > possible, but it's hard to imagine, I have some feelers out); > > > > I am going to keep pushing, because I think it's bad policy to treat > > community groups as unwanted aliens in public buildings, but I'm just > > one person. Victory is not assured. > > > > On the plus side, no one was frisked for nail clippers. > > > > I am going to ping the PSU people again, but I think the most likely > > venue for April at this point is probably back at the Latvian Center. > > > > > > -- > > Russell Senior > > russ...@pdxlinux.org > > > > > -- > -- > [image: www.seattleangelconference.com] > <http://www.seattleangelconference.com/> > > *JOHN SECHREST* > *Founder, *Seattle Angel Conference > TEL (541) 250-0844EMAIL sechr...@seattleangel.com > Schedule A Meeting <http://sechrest.youcanbookme.com/> > > http://seattleangelconference.com > @nwangelconf > > An Investor driven event bringing together new investors and new > entrepreneurs to expand the startup ecosystem. >
[PLUG] List-Id: Portland Linux/Unix Group
Wes set the list hostname back to pdxlinux.org (from the temporary lists.pdxlinux.org) which should make your old mail filters happy. -- Russell Senior russ...@pdxlinux.org
[PLUG] Venue for next month ...
There is more work to do in exploring the General Meeting venue solution space. The Portland Building was nice, and vaguely workable, with some downsides: a) building access is at least as bad as PSU. Outside door locked, calls to building security were not particularly welcome due to the walk involved for the poor guy, meaning we had to station someone at the door to let people in. b) they are going to want to start charging, unless we can find a bureau sponsor (which is possible); c) they want a city employee to babysit us (which *might* be possible, but it's hard to imagine, I have some feelers out); I am going to keep pushing, because I think it's bad policy to treat community groups as unwanted aliens in public buildings, but I'm just one person. Victory is not assured. On the plus side, no one was frisked for nail clippers. I am going to ping the PSU people again, but I think the most likely venue for April at this point is probably back at the Latvian Center. -- Russell Senior russ...@pdxlinux.org
Re: [PLUG] Alternative Meeting Locations
I posted a link (earlier in this thread) with some discussion of MultCoLib as a venue. I just checked the hours for Central Branch, and they close at 6pm on Thursdays. Some other branches, e.g. Hollywood Branch, are open until 8pm on Thursdays. -- Russell Senior russ...@personaltelco.net On Wed, Jan 25, 2023 at 11:46 AM Rich Shepard wrote: > On Wed, 25 Jan 2023, Russell Senior wrote: > > > PSU was becoming hostile to outsiders even before the pandemic. You need > a > > card key (i.e. be an active student or faculty/staff) to get into any of > > their buildings, even their library. I volunteer as an industry advisor > > for Portland State Aerospace Society/OreSat and building access even with > > such an association is problematic. I'd personally love to go back to > > hosting meetings at Portland State, but figuring out how to get the > > general public inside remains an unsolved problem. > > Does the main Multnomah County library have available, accessible meeting > rooms? It's not far from PSU. > > Rich >
Re: [PLUG] Alternative Meeting Locations
For at least two decades (the length of time I've been attending PLUG meetings) the General Monthly Meeting has been 7pm on the first Thursday of the Month (although we occasionally needed to work around holidays, like July 4th). We haven't met in person since March 2020. -- Russell Senior russ...@personaltelco.net On Wed, Jan 25, 2023 at 11:23 AM Sasha Hakakha wrote: > I'm confused, is there a set scheduled meeting time? > > On Wed, Jan 25, 2023, 10:38 AM Mark Allyn wrote: > > > I thought we meet at PSU. > > > > On Wed, Jan 25, 2023 at 10:22 AM Michael Dexter > > wrote: > > > > > All, > > > > > > On 1/25/23 6:57 AM, Kevin Williams wrote: > > > > Alternative meeting locations would be fine. Are we thinking this for > > > the March meeting and after? Are we still good for a 6:30 start time at > > the > > > Hillsdale location? > > > > > > I am waiting on the announcement text for the February meeting and the > > > official start would be 7PM. > > > > > > I can stand by this venue. > > > > > > Michael > > > > > >
Re: [PLUG] Alternative Meeting Locations
On Wed, Jan 25, 2023 at 10:38 AM Mark Allyn wrote: > I thought we meet at PSU. > PSU was becoming hostile to outsiders even before the pandemic. You need a card key (i.e. be an active student or faculty/staff) to get into any of their buildings, even their library. I volunteer as an industry advisor for Portland State Aerospace Society/OreSat and building access even with such an association is problematic. I'd personally love to go back to hosting meetings at Portland State, but figuring out how to get the general public inside remains an unsolved problem. > > On Wed, Jan 25, 2023 at 10:22 AM Michael Dexter > wrote: > > > All, > > > > On 1/25/23 6:57 AM, Kevin Williams wrote: > > > Alternative meeting locations would be fine. Are we thinking this for > > the March meeting and after? Are we still good for a 6:30 start time at > the > > Hillsdale location? > > > > I am waiting on the announcement text for the February meeting and the > > official start would be 7PM. > > > > I can stand by this venue. > > > > Michael > > >
Re: [PLUG] Alternative Meeting Locations
https://multcolib.org/public-meeting-rooms-use-guidelines Ben suggested we might consider departing from our First Thursday tradition too. Maybe some weekend day afternoon? I couldn't think of a very strong reason to not consider it. One issue with library rooms is that they tend to close with the library branch at 8pm, which is a little bit early for us (we have traditionally finished between 8:30 and 9pm). So, we'd need to move up the start time to use a library meeting room. They have the advantage of "free" though, and the other rules I see in the link above seem consistent with our purposes and practices.
Re: [PLUG] Question on Linux Firewalls (and hardware)
OpenWrt comes with a default firewall, which you can of course modify to your needs. The CPU required depends on the speed of the links, and what exactly you want to do. NAT will use some cycles, but a 10 year old MIPS based router can NAT a few hundred megabits. On Thu, Jan 19, 2023, 15:04 American Citizen wrote: > To all: > > If possible I would like to talk privately to anyone who has installed a > Linux Firewall, preferably OPNsense, onto a linux box as right now I am > trying to get up to speed on firewall issues and current > state-of-the-art. I am considering using a Beelink mini-pc as the > platform, but it will have to be loaded with one of the linux flavors OS. > > See > https://www.amazon.com/Beelink-Intel-2-9Ghz-USB3-0-Type-C/dp/B09J4D6TMG/ > > I am trying to determine if this is a good choice for the hardware or > not? I am NOT going to use Win11, of course. > > - Randall > > >
Re: [PLUG] Mozilla Firefox, Cloudflare DNS Resolver and Digital Citizenship
What is particularly bizarre is that both you (Ben) and Mike are emailing from protonmail. Maybe proton is filtering messages from proton addresses that aren't delivered directly, but are mediated through a mailing list reflector. -- Russell Senior russ...@personaltelco.net On Sun, Jan 15, 2023 at 11:33 PM Ben Koenig wrote: > Not to derail someone else's conversation here, but I can't help but point > out the absurd circumstances surrounding this message. > > From my perspective, you have provided a very spirited response to what I > can only guess was Mike's critique of your attitude towards censorship. > Looks like he might have been trying to set the record straight, but of > course I'll never know because I never saw his email show up on this list. > > And, as it turns out after a quick review of PLUG's email archives, I've > not received any of the emails he has sent to this list. If I wasn't the > type of person who enjoys investigating discrepencies in a repeating > pattern then I would probably just continue my life of blissful ignorance > in a world where "MC_Sequoia " does not exist, > and "American Citizen " is just some random > internet weirdo who responds to imaginary messages. > > Funny isn't it, the conclusions we can come to when communication breaks > down? I could assume that I'm being targeted for my anti-google views or I > could shrug it off as some minor technical mishap. Or I could assume > nothing and send a message to the relevant support group and make it their > problem. Kind of sucks to be in that situation where I'm just stuck between > two organizations with no personal control over either. I am at the mercy > of the PLUG List admins and Proton Mail support team. Ya > > I just think it's amusing to see a conversation about censorship get > "censored". Clearly someone doesn't want me to see Mike's opinions on this > subject. #SARCASM > -Ben > > > --- Original Message --- > On Sunday, January 15th, 2023 at 7:21 PM, American Citizen < > website.read...@gmail.com> wrote: > > > > Hello Mike: > > > > My post has engendered quite a response. I appreciate that you are > > willing to go through with a fine toothed comb to get to the bottom of > > everything. > > > > I am willing to be corrected. I trust that what I have said does not > > come over with a air of self-righteousness (or virtue signaling) > > > > I apologize and ask to retract my statement "force" inferring that COO > > Michelle Zatlyn said that, as that is not true as you have pointed out. > > Thank you for correcting this misstatement. Actually when I composed my > > post, I thought I might be making a mistake here. > > > > Please listen to > > > https://www.armstrongeconomics.com/world-news/wef/schwab-wants-a-digital-citizenship-to-use-the-internet/ > > at 1 min 20 secs into this interview where Cloudflare COO Michelle > > Zatlyn stumbled around saying "better digital citizenship" but she wants > > everyone in the world to embrace digital citizenship. This is pretty > > plain from what she said. > > > > I am NOT unaware of the goals of the WEF community to establish the > > digital citizenship requirements (see https://www.dqindex.org/en/) > > > > But I am NOT in favor of unelected people to have the final say so as to > > who is allowed to say so on the internet and who can be censored. I > > trust that you agree with this. We need to have an open discussion about > > who we are allowing to have the final word and why we believe this. > > > > The past 2 or 3 weeks, I have carefully documenting censorship via the > > major search engines and this is an alarming discovery which should > > concern everyone on the planet. I did NOT ask to be censored from > > certain websites, such as the United States Geological Survey, yet here > > I am. And I did NOT ask certain topics on the search engines to be > > censored, but this has occurred. > > > > We need to have free and open discussions, not be censored by some > > entity based in the United Nations or elsewhere claiming that they have > > the last word. This is assuming authority. > > > > I appreciate that you have taken the time to carefully respond. > > > > And I agree with you that trust begins with an honest intention to have > > an open-minded discussion based upon facts, data and sound logic. > > > > Thank you for your post. It is appreciated by me. > > > > Randall > > >
Re: [PLUG] trying to lock down DNS addresses problem
You can buy your own bridging cable modem (basically coax-in/ethernet-out media converter), something like an ARRIS SURFboard SB8200, and use your own router. Your router will be provisioned over DHCP and be offered DNS servers to use, but you aren't obligated to use them. Comcast will still control the firmware on the Surfboard (even though you own it), but if all it's doing is bridging, it doesn't matter. On Fri, Jan 13, 2023 at 1:11 PM American Citizen wrote: > To all: > > Some careful troubleshooting with removing the Firefox browser (and > cache and local files) and reinstalling revealed the problem with the > DNS issue was due to advanced settings called "DNS over HTTP" or DoH was > being used to push the requests to the Cloudflare DNS servers. > > I was NOT even aware that this setting had been set. After the new > install of firefox, it is NOT using the DoH option and things seem normal > > The VPN is now working correctly, and the VPN is pushing its DNS > requests to the private encrypted non-logged VPN DNS associated with the > VPN IP, just as ProtonVPN advertised so I am happy about this. > > In the clear, Comcast Communications is directing my system's DNS > request to 3 of their DNS servers located in Beaverton OR. > > I am hopeful of changing that, but I might not be able to, since I do > NOT have control of the firmware in the Netgear C6300v2 cable modem, as > Comcast reserves the right to push firmware upgrades solely from them > and NOT from the user. > > Maybe I will have to find a better cable modem / router WIFI box?? (but > Comcast might disallow on their network) > > Randall > > >
Re: [PLUG] URL to download xubuntu live?
On Fri, Jan 13, 2023 at 12:55 PM MC_Sequoia wrote: > > > http://mirror.us.leaseweb.net/ubuntu-cdimage/xubuntu/releases/22.04/release/xubuntu-22.04.1-desktop-amd64.iso > > > > For what it's worth, FFOX balked at this link w. a message that it's > insecure, non-https, and that the file may be tampered with or corrupted > during download. > Distribution distributors tend to rely on cryptographic signatures over https for validation. I just followed the xubuntu download link, and that was the default URL. Manually adding an 's' works too, e.g.: https://mirror.us.leaseweb.net/ubuntu-cdimage/xubuntu/releases/22.04/release/xubuntu-22.04.1-desktop-amd64.iso Further, you can check the sha256sum against: https://mirror.us.leaseweb.net/ubuntu-cdimage/xubuntu/releases/22.04/release/SHA256SUMS $ sha256sum -c SHA256SUMS xubuntu-22.04.1-desktop-amd64.iso: OK and then the validity of that file with the detached signature: https://mirror.us.leaseweb.net/ubuntu-cdimage/xubuntu/releases/22.04/release/SHA256SUMS.gpg with something like: $ gpg --verify SHA256SUMS.gpg SHA256SUMS gpg: Signature made Thu 11 Aug 2022 03:33:54 AM PDT gpg:using RSA key 843938DF228D22F7B3742BC0D94AA3F0EFE21092 gpg: Good signature from "Ubuntu CD Image Automatic Signing Key (2012) < cdim...@ubuntu.com>" [unknown] gpg: WARNING: This key is not certified with a trusted signature! gpg: There is no indication that the signature belongs to the owner. Primary key fingerprint: 8439 38DF 228D 22F7 B374 2BC0 D94A A3F0 EFE2 1092 You might need to hunt down the Ubuntu CD signing public key and import it to your local keychain if you are starting from a non-Ubuntu platform and it's not already installed. > > This https link to Ubuntu's official site provides a good intro to Ubuntu, > https://ubuntu.com/desktop and here's a link to the many flavors of the > Ubuntu Desktop distro, of which there are now 8, > https://ubuntu.com/desktop/flavours >
Re: [PLUG] URL to download xubuntu live?
http://mirror.us.leaseweb.net/ubuntu-cdimage/xubuntu/releases/22.04/release/xubuntu-22.04.1-desktop-amd64.iso Ubuntu derived iso's are "live-cd" with an install option. On Fri, Jan 13, 2023 at 12:23 PM Rich Shepard wrote: > A friend who still uses Windows asked me today for an open source > replacement for Office365 and Acrobat. I followed up by sending him the > URLs > for LibreOffice.org and several web sites that offer F/OSS replacements for > Acrobat on Windows. > > He's not yet ready to defenestrate, but I'd like to send him the URL for > Xubuntu live that he can download to a thumb drive, and play with it as he > continues recovering from surgery to bypass an aneurism behind his knee. I > looked on the Xubuntu web site and didn't see a download link for a live > version, only the ready-to-install-and-run version. Unless, that is, that's > what he should get. > > Advice appreciated, > > Rich >
Re: [PLUG] trying to lock down DNS addresses problem
https://support.mozilla.org/en-US/kb/dns-over-https-doh-faqs On Fri, Jan 13, 2023 at 1:05 AM Russell Senior wrote: > Because I don't have the router you have, I am lacking any particular > insight into what it is doing, so anything I suggest is pure guesswork. > Vendor firmware on commercial off the shelf routers is quite varied and > sometimes bordering on arbitrary in how they choose to behave. > > One other thing to be aware of, some browsers (including Firefox) are > doing DNS over HTTPS (or similar) by default these days. You can check the > setting in General / Network Settings / Enable DNS over HTTPS, and the > associated destination. Mine defaults to Cloudflare. I generally don't use > other browsers, but others may be doing something similar. You can, of > course, choose a different DNS over HTTPS provider, or you can turn it off > in Firefox's Settings. Further research into this behavior and its nuances > might be needed. > > -- > Russell Senior > russ...@personaltelco.net > > On Thu, Jan 12, 2023 at 5:55 PM American Citizen < > website.read...@gmail.com> wrote: > >> Hello all: >> >> I am currently hitting an unusual problem with two DNS addresses which I >> have set up in both the NetGear C6300v2 cable modem/router which has the >> option to manually set the DNS addresses (which I did) and with the >> openSuse Linux Leap 15.4 OS using NetManager, which has the option to >> set the DNS addresses in the configured connection. (and I did manually >> configure them too) . >> >> I am expecting to see DNS addresses 208.67.220.220 and 208.67.222.222 >> when landing on either the https://www.dnsleaktest.com/ website or the >> https://surfshark.com/dns-leak-test website, but to my surprise both >> sites keep coming up with two Cloudflare DNS addresses >> >> IP HostnameISP Country >> 108.162.218.150 NoneCloudflare Newark, United States >> 108.162.218.190 NoneCloudflare Newark, United States >> >> I am concerned about this, as I do NOT want cloudflare doing the DNS >> lookups, I expected ExpressVPN DNS numbers to show up. >> >> Any ideas on how to fix this problem? >> >> Randall >> >>
Re: [PLUG] trying to lock down DNS addresses problem
Because I don't have the router you have, I am lacking any particular insight into what it is doing, so anything I suggest is pure guesswork. Vendor firmware on commercial off the shelf routers is quite varied and sometimes bordering on arbitrary in how they choose to behave. One other thing to be aware of, some browsers (including Firefox) are doing DNS over HTTPS (or similar) by default these days. You can check the setting in General / Network Settings / Enable DNS over HTTPS, and the associated destination. Mine defaults to Cloudflare. I generally don't use other browsers, but others may be doing something similar. You can, of course, choose a different DNS over HTTPS provider, or you can turn it off in Firefox's Settings. Further research into this behavior and its nuances might be needed. -- Russell Senior russ...@personaltelco.net On Thu, Jan 12, 2023 at 5:55 PM American Citizen wrote: > Hello all: > > I am currently hitting an unusual problem with two DNS addresses which I > have set up in both the NetGear C6300v2 cable modem/router which has the > option to manually set the DNS addresses (which I did) and with the > openSuse Linux Leap 15.4 OS using NetManager, which has the option to > set the DNS addresses in the configured connection. (and I did manually > configure them too) . > > I am expecting to see DNS addresses 208.67.220.220 and 208.67.222.222 > when landing on either the https://www.dnsleaktest.com/ website or the > https://surfshark.com/dns-leak-test website, but to my surprise both > sites keep coming up with two Cloudflare DNS addresses > > IP HostnameISP Country > 108.162.218.150 NoneCloudflare Newark, United States > 108.162.218.190 NoneCloudflare Newark, United States > > I am concerned about this, as I do NOT want cloudflare doing the DNS > lookups, I expected ExpressVPN DNS numbers to show up. > > Any ideas on how to fix this problem? > > Randall > >
Re: [PLUG] Linux laptop recommendations?
I understand there are problems with suspend. See, for example: https://luisartola.com/solving-the-framework-laptop-battery-drain/ On Sun, Dec 18, 2022, 17:17 Randy Bush wrote: > https://frame.work/ >
Re: [PLUG] Restart mdadm? SOLVED
Probably a good idea to record what /proc/mdstat looks like when things are working, ahead of time, too. On Mon, Nov 28, 2022 at 11:28 AM John Jason Jordan wrote: > On Mon, 28 Nov 2022 11:26:01 -0500 > Tomas Kuchta dijo: > > >TB is hot plug interface. As such, I'd sort of expect that HW and SW > >assumes that it can safely traverse power states and that connection > >resets may be OK. > > > >If that is what is happening, it is of course pretty nasty thing to do > >to md arrays. Native higher level file systems btrfs/zfs may fare > >better, but I would be skeptical and expect similar problems. JBOD > >should be more resilient. > > > >In any case system logs, particularly power state changes should > >confirm what is actually happening. > > Russell Senior dijo: > > >Another good starting point is: cat /proc/mdstat > > Both comments above added to my mdadm.txt file for next time this > happens. Thanks! >
