Re: Generate CA & Certificates key

Generating certificates and a CA (focused on web but the concept works for whatever SSL situation you are using): http://it.toolbox.com/blogs/securitymonkey/howto-securing-a-website-with-client-ssl-certificates-11500 Once you get the concept of certificate generation then look into the

Re: /usr/bin/ssh: can't load library 'libcrypto.so.14.0' on ALIX board

cp /usr/lib/libcrypto.so.13.0 /usr/lib/libcrypto.14 Don't knock it, it works. As well if you are having libm issues (ie. things (like httpd) can't find isnan or isinf symbols) check to see if you have /usr/ibm.3.0 and of so just move /usr/lib/libm.so.2.4 out of the way (like to /root). Th

Re: What crypto card to buy?

In my experience I would say not to bother with one unless you intend on doing high throughput SSL. I've had nothing but issues using them on Soekris gear (but that was many releases ago). As for no blowfish, well that is a blessing as when the card locks up and is very far away (like in an

Re: drift in ntpd may not catch up on bad clock and keep slipping.

I've seen this happen too but ended up just shutting off ntpd entirely and croned an rdate in it's place. In my case the clock goes WAAY out and even when I fix it it flys way out on the next NTP interval. Even if I restart NTPD the damned thing flies way out again a while later. I'm

Re: Disk performance/benchmarking

dd(1) and iogen should give you said rough estimation. As for transmission issues. First take a look on either side for network 'errors'.. $ netstat -I hme0 NameMtu Network Address Ipkts IerrsOpkts Oerrs Colls hme0150008:00:20:c2:5f:f0 1498294 0 7

Re: Disk performance/benchmarking

If it is doing anything but the benchmark the results will be useless but you probably already know that. Assuming the machine is completely idle with no services currently running (other than the one used to log in) then just try a bunch of test cases for the usage pattern you expect to se

Re: A joke

On 1-Jun-06, at 10:22 AM, Andrew Pinski wrote: On Jun 1, 2006, at 1:44 AM, Rico wrote: Manager: George, I need a program to output the string Hello World! You forgot one: a lazy person #!/bin/sh echo "Hello World!" Why waste an extra shell process not to mention all that extra typing?

Re: pre-orders

On 9-Mar-06, at 1:06 PM, Harry Putnam wrote: Considering your input to this thread about donations wouldn't it be smart to make it a little easier to find the donations pages? I see nothing about where to do donations there or anywhere in this thread. It is pretty obvious where to look:

Re: OpenBSD hardware router

I am using a 4501 with the accelerator and when it works I agree it can easily saturate a T1/E1. The only problem is the card randomly wedges (personal observations on 3.7 to current) so I've been advised to effectively shut the card off (kern.usercrypto=0). On 4-Feb-06, at 12:43 PM, Siegbe

fatal: evp_crypt: EVP_Cipher failed

I have been having issues lately with the HiFn based crypto cards locking up in 3.7 and 3.8. They are usually fine but under some undefined load they lock up and it seems rather random as to when it happens and how much load causes it. The cards are used to help out with a VPN between a few