I am guessing that many of us also manage linux systems, is anyone
aware of a port or adaptation of security(8) for linux, specifically
Ubuntu or Debian distributions?
Allan
Just send the full path to your script in the ssh command, and set up the
rest of the environment within the script.
On Fri, Dec 8, 2023, at 13:41, Karel Lucas wrote:
> In openBSD V7.4 I would like to see the output of ls in color, and
> therefore would like to know how to configure that. The output of "man
> ls" provides no information about this. Can anyone give me a tip?
You could install colorls from
On Mon, Nov 20, 2023, at 08:15, Nowarez Market wrote:
> Hello,
>
> I came accross an old as enough rich list of *DevOps* software
> but I'm not happy at all about it between commercial and web based
> or Ruby or Ansible (a non gui solution in its opensource ver) solutions.
> (list attached).
>
>
On Mon, Sep 11, 2023, at 00:15, David wrote:
> On Sun, 2023-09-10 at 18:27 -0700, Eric Demer wrote:
>> (I am considering getting a laptop with openBSD, but have
>> not yet done so, which is why I can't easily check on my own.)
>>
>> Does openBSD come with a web browser? The "the FAQ and" parts
On Sun, Aug 13, 2023, at 10:29, Daniele B. wrote:
> You got it, sometimes I have to get to "Personalized Setup" to feel
> like an advanced user.. ;D
I used to tweak my installations in ways that I thought were better but
I frequently ended up shooting myself in the foot.
If you plan to install a
On Sat, May 13, 2023, at 09:19, Sylvain Saboua wrote:
> Filesystem SizeUsed Avail Capacity Mounted on
> /dev/sd1a 986M986M -49.1M 105%/
You have something else using space on your root partition.
>From my machine, (7.3 amd64):
/dev/sd0a 1005M214M740M
I've had this problem for a while, over several releases.
Keyboard will freeze up (key presses do nothing). Mouse pointer
can be moved but clicks do nothing. Only solution was to reboot
using the power button, which does trigger a clean shutdown.
I've been chalking it up to some kind of hardware
On Fri, Apr 14, 2023, at 05:50, Stuart Henderson wrote:
> I never found pkg_info -Q to be a useful tool.
>
> Try pkglocate instead ("pkg_add pkglocatedb" first) which allows
> searching on an index that is built from : - as a
> result it lets you do a substring match on package names, not just
>
On Sun, Aug 28, 2022, at 14:26, Amarendra Godbole wrote:
> I am trying to troubleshoot an unbound error message that caused an
> internet outage. My home network uses Xfinity internet - the cable
> modem router is hooked up to a pcengines firewall that runs OpenBSD
> and onward it goes to a
On Wed, Aug 24, 2022, at 12:28, Shadrock Uhuru wrote:
> i already have /home /etc and /root set for backup,
> are there any other partitions i should bear in mind ?
I always backup /var
Allan
On Sun, Jul 17, 2022, at 1:32 PM, ha...@tutanota.de wrote:
> It would be useful to have a function that lists all dependencies.
You can do this if you install the ports tree, see man 7 ports and
"print-run-depends"
Also the sqlports package may help, though I've never used it.
On Sat, Apr 23, 2022, at 8:51 AM, Stuart Henderson wrote:
> I don't know if there's a way to indicate network/not with fuse (and even if
> there is on other OS, the implementation on OpenBSD is not full featured).
> Certainly some fuse filesystem types would want to be considered local
> (ntfs-3g
I had an SMB network share mounted on a directory under my $HOME (via
FUSE using usmb package), and overnight security(8) tried to check it for
setuid/setgid files. That did not go well. I see that I could have set
the SUIDSKIP environment variable but I didn't think about that in advance
and even
On Thu, Mar 17, 2022, at 3:22 PM, Nick Holland wrote:
> On 3/17/22 3:18 PM, Allan Streib wrote:
>> I have used the two-port version of this with Linux and it "just worked,"
>> wondering if anyone has used this (or something similar) successfully with
>> OpenBS
I have used the two-port version of this with Linux and it "just worked,"
wondering if anyone has used this (or something similar) successfully with
OpenBSD? I am looking to manage a few switches via their console/RS232
interfaces.
https://www.startech.com/en-us/cards-adapters/icusb2324i
On Tue, Nov 30, 2021, at 3:47 PM, Crystal Kolipe wrote:
> There are plenty of SSDs that work just fine with OpenBSD, and have done
> for a long time.
>
> We've used Corsair, Sandisk, and Kingston SSDs in various OpenBSD machines
> for many years with very few issues.
$ dmesg | grep ^sd
sd0 at
Recently a 4K monitor became available at work, it appears to support
3840x2160 at 60Hz only. My video card (ATI Radeon HD 5870) will do that
but only at 30Hz. Anyone know of a supported card that will do 3840x2160
60Hz on DisplayPort?
Allan
I'm attemting to run an ubuntu mirror for use by local systems, using
httpd on OpenBSD 7.0-stable.
I am running into some issues that look like a bug in httpd but I am
not certain.
When I attempt to install a server using this mirror I will often (but
not always) get an error similar to the one
On Thu, Nov 18, 2021, at 6:36 PM, Allan Streib wrote:
> Anyone successfully using SuperMicro's IPMIView20 java
> application on OpenBSD with any of the jdk packages?
I discovered that the noVNC package includes support for the ATEN iKVM
vnc protocol variant used on some SuperMicro
Anyone successfully using SuperMicro's IPMIView20 java application on OpenBSD
with any of the jdk packages? I have it basically working, I can log in to
rempte BMC, see sensors and control power etc. but the iKVM remote console just
silently fails.
I have a ktrace file that I am digging
On OpenBSD 7.0-release, comparing the output of OpenLDAP's
ldapsearch(1) to ldap(1) search, the ldap(1) search output is
missing the last attribute of each directory entry.
e.g. from a directory I am working on at work:
$ ldapsearch -LLL -x -H ldapi://%2fvar%2frun%2fldapi -b
Specific example, if I want to configure a vlan with vnetid 101,
can I name the interface vlan101 or should/must it be named
vlan0?
Allan
On Thu, Sep 16, 2021, at 6:43 PM, Allan Streib wrote:
> On Tue, Sep 14, 2021, at 5:09 PM, Allan Streib wrote:
> > Seen a few of these in my logs (OpenBSD 6.9 release amd64)
> >
> > Sep 14 02:12:05 relayd[78491]: rsae_send_imsg: privenc poll
> > timeout, key
On Tue, Sep 14, 2021, at 5:09 PM, Allan Streib wrote:
> Seen a few of these in my logs (OpenBSD 6.9 release amd64)
>
> Sep 14 02:12:05 relayd[78491]: rsae_send_imsg: privenc poll timeout,
> keyop #946
> Sep 14 02:12:06 relayd[78491]: relay_dispatch_ca: privenc
Seen a few of these in my logs (OpenBSD 6.9 release amd64)
Sep 14 02:12:05 relayd[78491]: rsae_send_imsg: privenc poll timeout,
keyop #946
Sep 14 02:12:06 relayd[78491]: relay_dispatch_ca: privenc result after
timeout
The number after "keyop" varies.
Seems to correlate with
On Sat, Jul 10, 2021, at 11:30 AM, Stuart Henderson wrote:
> On 2021-07-10, Peter Nicolai Mathias Hansteen wrote:
> > For whatever reason your pf.conf did not parse to a valid config, so rc’s
> > own default rules were kept in place.
>
> Yep. dmesg -s might give a clue.
Thank you both, I
Hi,
I have a KVM host running OpenBSD 6.9 for a few days. It crashed today for some
reason, and when I logged in and realized the uptime had changed, I checked the
pf rules out of curiosity since I have been experimenting with pf. These rules
are very different from what is in /etc/pf.conf.
#
Stuart Henderson writes:
> I would prefer to use almost anything else though and get versioned
> backups. Probably my most used backup/restore action is to get back a
> version of some file from yesterday so something that will only write
> the changes is useful. I quite like borg for this but
Mike Larkin writes:
> This is happening because you changed the kernel on your machine after
> you booted, then did a hibernate. The new kernel no longer matches the
> kernel loaded in memory. The kernels have to be identical. We do a few
> checks to ensure this is the case, and that's the check
Heinrich Rebehn writes:
> I noticed that OpenBSD 6.8 switched to using less(1) for the
> manager. While this seems to offer many new useful options, I really
> dislike the clrscreen upon exit.
Have a look at -X argument to less(1):
-X | --no-init
Disables sending the termcap
Jay Hart writes:
> I lost internet access today for 4 hours due to a network problem. Trying to
> troubleshoot the problem I ended up placing my backup router
> in service.
>
> Its still at 6.7, it there anyway I can update it to 6.9 without doing a full
> re-install, or has the only train
Predrag Punosevac writes:
> predrag@oko$ scanimage -L
>
> No scanners were identified. If you were expecting something different,
> check that the scanner is plugged in, turned on and detected by the
> sane-find-scanner tool (if appropriate). Please read the documentation
> which came with this
Leon Fischer writes:
> If you run xrdb(1) then ~/.Xdefaults won't be evaluated.
Well that's interesting and good to know, thanks! That doesn't seem
obvious from looking at mentions of "Xdefaults" in either the X(7) or
xrdb(1) man pages, unless it's implied in this from xdrb(1):
Xrdb does
Stuart Henderson writes:
> Seems that your terminal in X is not configured to run a login shell.
> By default that is done for xterm via .Xdefaults in a new user's profile
> directory (copied from /etc/skel) but if you use a different terminal
> or have modified these files, that won't be used.
"tetrahe...@danwin1210.me" writes:
> It looks like the custom $PATH is not being passed from the login shell
> on downwards, since ~/.profile is only read by a login shell.
I just was looking into the same thing last night. The ksh shell in the
xterm didn't seem to be processing my .profile.
"Francisco Valladolid H." writes:
> I'm searching the PF FAQ for OpenBSD 5.9 in the history docs without
> success.
Did you try archive.org?
https://web.archive.org/web/20160430175649/https://www.openbsd.org/faq/pf/index.html
Allan
Radek writes:
> I don't have an access to the DHCP server side. That's the problem and
> I'm trying to find a way to have the same IP address at any time. The
> client is permanently connected to the network.
Can you configure a permanent IP address in the client configuration
(hostname.if
Duncan Patton a Campbell writes:
> fdisk seems unwilling to allow more than 2T in the partition:
Look at the b command for disklabel(8) to set the OpenBSD disk
boundaries.
Allan
Paul Pace writes:
> When I load a page from OpenBSD served with relayd and httpd with
> Content-Security-Policy set to default-src self, I can see that a basic
> HTML page that normally renders with all of the text in the center is
> now rendered on the left.
When you enable content security
Chris Bennett writes:
> So, what happens with 104.149.1.112? Does anybody get to actually use
> it? Or is it just a placeholder?
Here is my understanding. View the address 104.149.1.112 in binary
format:
01101000.10010101.0001.0111
The /28 netmask is:
Mike Coddington writes:
> There was a useful tool that someone posted on misc a while back called
> netcalc. I think this is its website:
> https://jamsek.dev/posts/2019/Sep/21/ipv4-and-ipv6-cidr-subnet-calculator/
> Check it out if you want to get a better grasp on CIDR notation.
There is also
Родин Максим writes:
> If I change url to ldaps://ldap1.mydomain.ru
> or to ldap+tls://ldap1.mydomain.ru
> then smtpd -dv shows:
> """
> _
> vdomains[50952]: warn: ldap_parse_url fail
> vdomains[50952]: warn: ldap_connect error
> vdomains[50952]:
Kirill Peskov writes:
> I'm currently trying to figure out, how to set global environment
> variable, valid for multiple users including root, so Ansible will be
> able to accept it as "fact" for both root and non-root users. I've
> already tried to play with .cshrc files and /etc/rc.local,
Lee Nelson writes:
> I had considered some late-running script that would query the MAC's of
> each NIC and then configure them accordingly or rewrite the hostname.*
> files and call netstart on them, but that just seems sloppy and
> unreliable.
What about DHCP? It supports MAC-specific
Stuart Henderson writes:
> The same happens with 6.7 and -current.
>
> Hopefully this will be improved in libressl, but libressl clients
> aren't the only ones who will have problems with this - if you're in
> contact with the server admins I would recommend they remove the
> expired cert from
I ran into a problem today due to the expiration of the AddTrust
External CA Root. This prevented my OpenBSD 6.6 smtpd from sending email
through my campus mail-relay host.
I was referred to a web page[1] that describes the issue. It claims that
some OpenSSL clients do not properly follow trust
(To misc@ readers, this reply includes an earlier reply from me that
inadvertently wasn't copied to the list).
Allan Streib writes:
> multifred writes:
>
>> To boot OpenBSD you have to use the internal SATA or ATA devices.
>
> Thanks, I will try that. Was about to report t
With extra time while in quarantine I idly tried to install 6.6 on an
older iMac[1] I have.
Using install66.fs on a USB flash drive, when starting (holding ALT key)
it was offered as a boot disk choice.
It reaches the boot> prompt, then reaches the "entry point at..." and
crashes (machine
bofh writes:
> Hi,
> I searched through the archives and saw a couple of discussions about
> using Dnsmasq from a long time ago.
>
> Is that the best way to let the stuff in my home to have valid dns
> entries in my home network?
I've not worked with dnsmasq so can't comment on it.
> How
Theo de Raadt writes:
> Reality hasn't changed. A sector is still 512 bytes, and
> disklabel has to fit in it.
OK.
Allan
Theo de Raadt writes:
> OpenBSD has apparently become popular amongst people who can't think
> and connect "real world constraints" and "reality" with "no alternative
> decision was possible". This is very common amongst people who won't
> lift their finger.
I'm not the one complaining about
Theo de Raadt writes:
> Allan Streib wrote:
>
>> Seems like one of those numbers that was chosen long ago, when disks
>> had orders of magnitude less storage capacity they have now, and 16
>> partitions really would have been more than enough.
>
> the wo
Ingo Schwarze writes:
> The limitation to 16 partitions definitely feels painful to me.
Well, one pragmatic solution is to add another disk -- 16 more
partitions. Not always possible, granted.
Seems like one of those numbers that was chosen long ago, when disks
had orders of magnitude less
> So, can I setup openBSD labels on x86_64 without legacy/GPT partition first ?
IIRC yes you can, as long as you don't need to boot from that disk.
Allan
Paolo Aglialoro writes:
> Btw, does "rcctl enable xenodm" also allow running programs remotely
> with ssh -X|Y u...@obsd.box, or is there something more to do?
Yes, in my experience I use it with -Y.
Allan
Paolo Aglialoro writes:
> considering that 6.6 nuked X for my T23 as mentioned in previous recent
> post, I decided to refresh my old Dell L400, which was lagging behind at
> 6.2, with a fresh 6.6 install.
>
> Unfortunately X crashes. The first error in the log file was about setting
>
If you want it available only to remote hosts with an ssh session, why
not tunnel the tomcat port over the ssh connection?
Steve Williams writes:
> Hi,
>
> For a R project, I am trying to get guacamole working to be able to
> access systems on my home network remotely.
>
> Guacamole (I
Patrick Harper writes:
> My understanding of -current is that it is meant for testing, not usage.
Not strictly true. Depends on your needs, and tolerance for things not
always working perfectly.
Allan
Claus Assmann writes:
> On Wed, Apr 08, 2020, Kevin Chadwick wrote:
>
>> OpenSMTPD does not listen to the internet, by default and even if you do set
>> it
>
> From: Qualys Security Advisory
> To: oss-secur...@lists.openwall.com
> Message-ID: <20200224184538.GF17396@localhost.localdomain>
>
>
Daniel Jakots writes:
> On Wed, 8 Apr 2020 13:12:54 +1000, Stuart Longland
> wrote:
>
>> Silly question… how do you install the dependencies of a port from
>> binaries automatically?
>
> https://man.openbsd.org/bsd.port.mk#FETCH_PACKAGES but it doesn't work
> very reliably, sadly.
>
I didn't
Antoine Jacoutot writes:
> "patches waiting, but didn't do anything" might be interesting (i.e
> patches are available); dunno...
syspatch -c
Allan
Dumitru Moldovan writes:
> Might want to look at https://github.com/tridactyl/tridactyl or
> https://github.com/lusakasa/saka-key. Have tried the former and didn't
> quite fancy it. Have just discovered the latter one, giving it a try…
Thanks for the tip on saka-key. It looks interesting and
I used to use xxxterm, then xombrero, and really liked the minimal
approach and keyboard driven navigation.
Any other former users of this browser, what are you using today to
achieve any of this functionality in your browser?
Allan
Stuart Henderson writes:
> You will at least need to relax the "unveil" restrictions in /etc/chromium.
> Whichever files have .config/chromium or .cache/chromium you will need to copy
> for the _a variant.
Thanks, yes that is what I needed to do.
> That might not be the only thing you need to
Per the man page I have tried to launch chrome with an alternate data
directory hoping to achieve separate profiles.
$ chrome --user-data-dir=~/.config/chromium_a
[75336:1591778608:0129/114259.294272:ERROR:process_singleton_posix.cc(280)]
Failed to create
You asked about the base image, so maybe there is some reason you can't
use it, but Supervisor is in ports/packages.
Allan
Patrick Kristiansen writes:
> Hi everyone,
>
> Is there something like the FreeBSD daemon(8) command for OpenBSD, which
> can run a process in the background and restart
lu hu writes:
> So I think ChallengeResponseAuthentication should be set to NO, since
> it is not used by anything by default (you need manual steps as root
> to use ex.: skey).
If you want it set to NO, if you feel safer that way, set it to NO on
your systems.
IMHO
Allan
jeanfrancois writes:
> Thanks for that insight on using LaTeX (from ports).
If you look on CTAN there are several invoicing pacakges.
https://ctan.org/topic/invoice
Allan
Edgar Pettijohn writes:
>
> May need to use rcctl to change it's class to ldap.
>
> Untested:
> rcctl set ldapd class ldap
Yes, that's it.
Only the class can't be changed with rcctl, it gives an error:
rcctl: "ldapd_class" is a read-only variable set in login.conf(5)
That gave me the clue
Edgar Pettijohn writes:
> May need to use rcctl to change it's class to ldap.
>
> Untested:
> rcctl set ldapd class ldap
I will try that.
I had used usermod to set the class on the _ldapd user.
$ userinfo _ldapd
login _ldapd
passwd *
uid 100
groups _ldapd
change NEVER
class ldap
Allan Streib writes:
> I see that fstat -u _ldapd always ends at FD 119 when the hang occurs:
>
> [...]
> _ldapd ldapd 42641 117* internet stream tcp 0x0 172.29.202.69:389 <--
> 172.29.200.108:47864
> _ldapd ldapd 42641 118* internet stream tcp
Claudio Jeker writes:
> I guess the problem is in the error handling of one of the filter codes
> which leaks an fd. At least I suspect that the error message about filter
> type is suggesting that.
I guess a possibility. But why stopping at FD 119 in the fstat output? I
have several hundred
Allan Streib writes:
> Running a rather busy ldapd host, and seeing some hangs in responses to
> queries.
I see that fstat -u _ldapd always ends at FD 119 when the hang occurs:
[...]
_ldapd ldapd 42641 112* internet stream tcp 0x0 172.16.0.169:389 <--
172.16.0.38:44708
_ldap
Running a rather busy ldapd host, and seeing some hangs in responses to
queries.
Some (possibly irrelevant) messages in /var/log/daemon
Aug 28 12:47:51 ldap02 ldapd[39626]: filter type 5 not implemented
Aug 28 12:48:19 ldap02 last message repeated 13 times
Aug 28 12:49:41 ldap02 last
With OpenLDAP slapd I would run slapcat periodically to dump out the
directory in LDIF format for backup.
What is the best approach for backing up ldapd?
Thanks,
Allan
Philip Guenther writes:
> There are four options here:
> 1) change the software to not use the name 'bcrypt' for a non-static
> function. OpenBSD has only been using it for 15 years...
Agree, but for now I'm trying to keep changes to a minimum as I work out
larger issues. This is in an erlang
Probably an elementary question stemming from my lack of C expertise.
I am trying to complile some C code that includes its own "bcrypt"
function. This is conflicting with the declaration in pwd.h.
error: conflicting types for 'bcrypt'
int bcrypt(char *, const char *, const char *);
Martijn van Duren writes:
> You haven't given enough information for a definitive answer, but my
> guess is that you run php through php-fpm, which is by default chrooted
> to /var/www. Since shell_exec and system first call /bin/sh and you
> most likely didn't copy it to /var/www/bin/sh it
ropers writes:
> 1. I think the same behaviour may be what's going on with your
> so-called "ghost" files.
> I.e.: Files and file descriptors get created, the files get unlinked,
> but Firefox still has them open and *is still growing* them, which
> continues until it actually fclose(3)s them.
Richard Ulmer writes:
> I heard multiple times now, that Firefox leaks memory. Maybe I'll give
> a new browser a shot. Iridium looked interesting, but upon research I
> found a lot of people concerned about whether this project has the
> resources to keep up with Chromiums security standards.
Claudio Jeker writes:
> On Fri, Jun 21, 2019 at 02:11:53PM +, slackwaree wrote:
>> Hello,
>>
>> I wonder if the following scenario can be solved with OpenBSD on 1 single
>> machine or with VMM:
>>
>> I got 3 OpenBSD vms, all of them are exactly the same running squid except
>> they use
Andrew Luke Nesbit writes:
> I am a user of Apple PowerBook G4, POWER8, and POWER9. I am new to
> OpenBSD and I intend to experiment with it on these architectures.
Unless https://www.openbsd.org/plat.html is out of date, it doesn't look
like OpenBSD is currently supporting POWER8 or POWER9
Dan Shechter writes:
> Greetings of the day!!
Spam giveaway. No recruiter in the USA would use that phrase. That and
the other grammatical and sentence structure errors are red flags.
Allan
Paul de Weerd writes:
> Not exactly what you're looking for, but I have a startech.com 2 Port
> SATA 6Gbps PCI Express eSATA controller card [1]. I use this to
> (occasionally) connect an external disk shelve (using a port
> multiplier) to my machine.
Incidentally, does OpenBSD support
Mihai Popescu writes:
> I am looking for a command or port application to copy large text from
> terminal into the clipboard for immediate paste operation in another
> window. I use to do that with left mouse click select then middle
> click. It should be something like script(1), but for
Tom Smyth writes:
> we have an in house shell script based deployment system for our
> OpenBSD boxes in the field this involves the boxes pulling config
> files over https but Im always concerned that if the downloaded files
> are incomplete or empty that this would break the configs and require
Found a cheap card on eBay, dmesg shows it as ATI Radeon HD 7470,
working well in
OpenBSD 6.4-current (GENERIC.MP) #499: Mon Dec 10 11:33:10 MST 2018.
Allan
Allan Streib writes:
> Still having this issue on -current as of Dec10. machdep.allowaperture=2
> does get me past this, but am
-profile card that is working on
6.4/current?
Thanks,
Allan
Allan Streib writes:
> Same issue, also on a Dell machine with ATI Radeon HD 2400 XT.
>
> Allan
>
> OpenBSD 6.4 (GENERIC.MP) #0: Sat Nov 17 22:15:46 CET 2018
>
> r...@syspatch-64-amd64.openbsd.org:/usr/src/s
Andy Bradford writes:
> After Jonathan suggested adding some printf debug statements, I
> continued to do so and was able to see that the rdev->bios variable that
> is being inspected at lines 834--840 in radeon_bios.c has neither ATOM
> nor MOTA in the string at that address for
Same issue, also on a Dell machine with ATI Radeon HD 2400 XT.
Allan
OpenBSD 6.4 (GENERIC.MP) #0: Sat Nov 17 22:15:46 CET 2018
r...@syspatch-64-amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 4141871104 (3949MB)
avail mem = 4007075840 (3821MB)
mpath0 at root
scsibus0
Gilles Chehade writes:
> On Thu, Nov 08, 2018 at 12:40:51PM -0500, Allan Streib wrote:
>> Prior to 6.4, in smtpd.conf(5), the relay directive supported the "as"
>> parameter:
>>
>> If the as parameter is specified, smtpd(8) will rewrite the sender
Prior to 6.4, in smtpd.conf(5), the relay directive supported the "as"
parameter:
If the as parameter is specified, smtpd(8) will rewrite the sender
advertised in the SMTP session. address may be a user, a domain
prefixed with ‘@’, or an email address, causing smtpd(8) to rewrite
Luthing writes:
> Hey,
> I am partitioning my disk manually like :
> ~80% for /root partition
> ~20% for swap
>
> That's all
> Any idea?
https://www.openbsd.org/faq/faq4.html#Partitioning
Allan
Stuart Henderson writes:
> If you aren't sure about a change you're about to make, keep a spare
> root shell open (or at least keep the editor open - save the file
> but don't exit - and test on another terminal).
I would add that this is not really OpenBSD-specific. Yes there's no
direct
Have you looked at OpenBSD's ldapd(8) instead of openldap?
It supports SASL PLAIN auth, according to the 6.3 man page.
I don't currently use SASL but otherwise have found the config of ldapd
to be much simpler than slapd.
Yes, last time I had set up OpenLDAP with SASL it was fragile and
Carlos Lopez writes:
> Uhmm … Reality?
> https://techcrunch.com/2018/09/12/security-flaw-in-nearly-all-modern-pcs-and-macs-leaks-encrypted-data/?guccounter=1
Somewhat better writup from the source:
https://blog.f-secure.com/cold-boot-attacks/
The vulnerability seems to be when a computer is
I need to set up DHCP for several VLANs. The server has 1 physical
interface (bnx1) available for this.
My naive thought is I create the vlans with bnx1 as the "parent", e.g.
/etc/hostname.vlan101:
inet 172.16.101.253 255.255.255.0 NONE parent bnx1 vnetid 101
/etc/hostname.vlan102:
inet
This has been a recurring problem for a least a couple of releases. I'm
currently on 6.3 release with syspatches. Generally happens after
machine has been up for a while; if I reboot and burn the DVD right away
it usually works.
$ doas growisofs -dvd-compat -Z
Kevin Chadwick writes:
> Windows updates do still take way too long though and perhaps they are
> gathering usage information, not that I care much. I hear they are
> working on the speed in insider previews.
Windows 10 has a lot of telemetry and data collection that sends
information back to
1 - 100 of 182 matches
Mail list logo