Just wanted to mention the firefox extension umatrix.
I find it much better than noscript for controlling page speed. That
said I only *notice* slowness compared to like xombrero on older
machines.
I find that to prevent connection timeouts on playstations, the
following is required. Hopefully they will fix their packet AND
connection handling one day.
match from ! $ps3 scrub(tcp reassembly)
match from $ps3 scrub(without tcp reassembly)
On Wed, 3 May 2017 08:02:10 +0200
> Thanks for sharing.
> I’ll re-use this at home.
>
> Br
>
> > 1 maj 2017 kl. 01:43 skrev Kevin Chadwick :
> >
> >
> > I find that to prevent connection timeouts on playstations, the
> > following is requi
erpnext.com is the most featurefull free erp I have found, including cms.
may take a little work to port to OpenBSD and unfortunately uses nodejs
which may violate the w^x.
It would be nice, but thought that I would add that the criticism of
secp256r1 in the eyes of some major cryptographers has moved from far
fetched but being unable to disprove the criticism to making no practical
sense of being true.
On 17 May 2017 19:05, "Bryan" wrote:
> > > OpenBSD 6.1 httpd i
If a client (openssh, putty) insists on nistp521 as openssh offers in
the debug dialogue then the connection fails or falls back to nistp256.
If you create a nistp521 host key and add it to sshd_config then
nistp521 is used successfully.
Not sure if nistp256 could use a nistp521 key or if this is
On Wed, 24 May 2017 23:30:33 -0700
> I can't tell, are you trolling these people?
>
> Or, do you sincerely find these to be an effective set of techniques
> to convince other people of your beliefs?
IBM's revenues have been falling for a while so my guess is the only
hope being that you expect
On Fri, 2 Jun 2017 08:25:57 -0400
> Linux's (and Windows and Solaris and ...) attempts to "fix" this
> problem is one of the reasons I'd consider Linux (and Windows
> and ...) crappy. A complicated solution that creates far more
> problems than it ever solves, and usually at the worst times possi
On 6.1 i386 with syspatch 004 I am running:
time /sbin/bioctl -c C -l /dev/vnd0a -r31 softraid0
I guess I am simply seeing my passphrase input time and the round has
a marginal affect? Perhaps more on memory usage?
Is 31 the highest number of rounds?
I started by trying very high values with a
On Fri, 23 Jun 2017 18:13:20 +0200
> > I started by trying very high values with a simple password and
> > expected to have to wait a long time but it was always around 7
> > seconds?
> very high as in -r 2000 ?
Yeah, 2048? Is there a MAX?
On Fri, 23 Jun 2017 20:24:24 +0200
> > > > I started by trying very high values with a simple password and
> > > > expected to have to wait a long time but it was always around 7
> > > > seconds?
> > > very high as in -r 2000 ?
> >
> > Yeah, 2048? Is there a MAX?
> Not really.
>
> O
the noise.
On 25 Jun 2017 6:17 pm, "Ted Unangst" wrote:
> Kevin Chadwick wrote:
> > On Fri, 23 Jun 2017 20:24:24 +0200
> >
> >
> > > > > > I started by trying very high values with a simple password and
> > > > > &
Last I checked it did. I've even had Windows 8 hard lockups upon install of
virtualbox. I use vmware or microsofts hyperv on pro works well. Microsofts
networking setup makes it especially easy to get a built in openbsd
firewall in Windows. Just turn ip support off on the physical interface and
hav
I've noticed disk checks on a colleagues system many times and will ask
why on Monday and advise that whilst OpenBSD is rock solid it should
still be shutdown gracefully.
I am sure this has already been considered but I shall ask anyway just
in case. Despite running RO root systems in some cases
I understand that given everyone uses gmail, hotmail or mail provided by
some multinational hosting service they assume mail coming from
residential connections cannot be other thing but spam sent from hacked
machines. But someone paying for a static IP in a residential
connection is the opposite
On Fri, 15 Sep 2017 12:24:32 +0200
> I noticed that there were a huge difference between
> plain and encrypted filesystem using OpenBSD.
I'm not a developer but I know 6.1 moved to a shiny new side channel
resistant AES. I seem to remember Theo saying that if it is that slow
then even worse; p
We are designing a PCB board that will run OpenBSD and wish to build in
wifi and 3g/UMTS/LTE devices whilst avoiding PCIEX as those are more
expensive than a module.
I assume ar9280 is still the recommended wifi chipset out of all
including surface mount devices?
Are there any opinions on a reli
On Tue, 19 Sep 2017 16:33:46 +0200
> On Tue, Sep 19, 2017 at 03:00:15PM +0100, Kevin Chadwick wrote:
> >
> > We are designing a PCB board that will run OpenBSD and wish to
> > build in wifi and 3g/UMTS/LTE devices whilst avoiding PCIEX as
> > those are more expensiv
On Wed, 20 Sep 2017 16:42:29 + (UTC)
> > Are there any opinions on a reliable or best 3G/UMTS/LTE device. A
> > ublox device was being specified but I am guessing that would have
> > been more work to get going, though it does come with open source
> > Linux drivers, I believe?
>
> Somethi
On Wed, 27 Sep 2017 14:49:19 +0200
> Hi there!
>
> Last night I enjoyed reading through the different presentation
> slides from EuroBSDcon 2017.
>
> Relating to Theo's presentation on 'Pledge and
> Privsep' (https://www.openbsd.org/papers/eurobsdcon2017-pledge.pdf)
> he states that firefox can
On Wed, 27 Sep 2017 21:43:48 -0500
> Why is this happening, and is there anything that I should do to
> correct
>
The system has been getting more and more dynamic to make attackers
fumble in the dark.
> the "Permission denied" error?
If you prefer then add:
/sbin/mount -uo noexec /tmp
to
https://marc.info/?l=openbsd-cvs&m=150714297627574&w=2
PermitOpen ignores arguments after first two.
I guess this is a functionality issue and so might not get an errata?
Can I wait for a patch or should I grab a snapshot?
Tx, Kc
On Thu, 12 Oct 2017 09:34:44 +
> But I have only one question: Is sysmerge not longer needed for
> updating process like in previous releases?
It shall tell you if you need to re-run manually in the boot output
for edited files.
On Tue, 10 Oct 2017 19:35:49 +0100
> From: Kevin Chadwick
> To: misc@openbsd.org
> Subject: Re: reordering libraries:/etc/rc[443]: ./test-ld.so:
> Permission denied Date: Tue, 10 Oct 2017 19:35:49 +0100
>
> On Wed, 27 Sep 2017 21:43:48 -0500
>
>
> > Why i
On Thu, 12 Oct 2017 18:16:02 +
> See https://marc.info/?l=openbsd-cvs&m=150783205404965
Nice, Thankyou
On Thu, 12 Oct 2017 20:38:42 -0600
> > Perhaps I'm mistaken, but it doesn't seem like there's a facility
> > for automatically restarting daemons after a crash or similar. Is
> > the idea just that daemons should be designed to not crash?
>
> Yes. Fail closed. It is the only secure thing to
On Mon, 30 Apr 2018 16:46:49 +
> Is there a recommended best practice when setting up an environment
> with python
> virtualenv with regards to wxallowed.
sthen@ mentioned a compiler option and that only some modules actually
require RWX memory. I don't know the details as to why python call
On Wed, 16 May 2018 10:21:47 +0200
> Hi all!
>
> Just out of curious interest, I've been googling a bit to find
> discussions or threads related to TLS 1.3, what "you guys" think of
> it, and what benefits and drawbacks it brings to the OpenBSD world.
> However, I'm either unlucky or a poor goog
Umatrix is a good javascript control extension. Some websites are even running
bitcoin mining without asking your permission. Theft of electricity in my book.
On Wed, 30 May 2018 11:49:04 +0200
> Are these commandline options or stuff you have to program into your
> apps? They also seem to be more geared towards giving different
> processes different priorities of which gets to use the highest CPU.
>
You could set your processor performance low with
On Sat, 9 Jun 2018 15:24:14 +0200
> I just "fixed" anther system (this time amd64) for WEP and used again
> fresh tarballs and it went fine. Perhaps the mirror updated or had
> another issue.
I am glad you are making progress but I just want to be sure that you
know that WEP can be decrypted i
On Mon, 11 Jun 2018 07:56:50 -0600
> In a browser, there are 2 main security components you want: The main
> security advantage is privsep. The other is W^X jit. Other security
> effects will follow from those design choices, especially if you have
> privsep. For instance, the chrome privsep i
On Thu, 21 Jun 2018 08:34:55 -0700 (MST)
> It was a good talk either way.. It's an issue that keeps getting
> larger as time goes on.
Whilst I can see but disagree with a point of view that Open Source
will be locked out if they don't comply with embargos. I would not
participate.
After all, t
On Thu, 21 Jun 2018 12:09:00 -0600
> Wow, just look at that sentence. OpenBSD did not break any embargos.
> This situation may have no relationship to embargo breaking rumours.
> However, false rumours about breaking embargos have to stop,
> especially when spread by people at other open source
On Thu, 21 Jun 2018 13:07:23 -0600
> Kevin Chadwick wrote:
>
> > My point was that signing up in the first
> > place should be criticised, if anything.
>
> So you criticize our previous involvement in embargos where it was
> neccessary?
I think you had little cho
On Fri, 22 Jun 2018 13:18:31 -0700
> The current release (not distro) already has a fix for it:
> https://ftp.openbsd.org/pub/OpenBSD/patches/6.3/common/010_intelfpu.patch.sig
That is the FPU fix. The hyper threading has landed in current/snapshots
but not in stable yet.
Also, I expect the code
You need it licensed to export each product type. Even if it has come from
abroad you then need it licensed to export it back out, lol.
On Wed, 25 Jul 2018 10:04:37 +0100
> FVWM is included, which is good enough, lightweight & zippy.
>
Most apps work fine but evince doesn't want to maximise and minimise
under base fvwm1 these days.
There are plenty of lightweight options like cwm in base and
fvwm2, spectrwm and openbox in port
On Wed, 25 Jul 2018 23:20:47 -0400
> sshfs
>
> This is the Windows client which works well for my lab members who
> like to use Windows.
>
> https://www.nsoftware.com/netdrive/sftp/
Not sure if explorer integration is planned by Microsoft but if you
want speed in place of convenience then the
On Mon, 6 Aug 2018 15:52:11 -0500
> I imagine the answer is this is not implemented or going to be but
> saw this article and figured I would ask.
>
> Seems suspect to not release all details, and have it rejected by ISO
> but yet still being put in both the kernel and Android OS.
>
> https://
On Mon, 3 Sep 2018 18:03:06 -0400
> I would not try to dual boot Windows and OpenBSD. There are too
> many disgusting viri out that smash parts of partitions. OpenBSD
> or anything else on the disk is a sitting duck once not active. Don't
> do it. The AV situation on Windows is out of control
On Mon, 3 Sep 2018 14:42:39 -0400 (EDT)
> Does it make sense to accept such compromises and run Linux for
> security and privacy OR is the better security and privacy of Linux
> more or less a myth and running Windows would be almost the same in
> that respect?
>
> I understand that any response
On Tue, 4 Sep 2018 09:00:11 -0700
> Amazon
> Prime Video and some other stuff now. But between my Android phone and
> Amazon Fire 5 tablet, I can do that stuff anyway, so not really a big
> loss.
If I can get it done easily on OpenBSD, I do.
WRT Amazon prime I have found that they drop the vid
On Tue, 4 Sep 2018 17:00:07 -0400
> >> I would not try to dual boot Windows and OpenBSD. There are too
> >> many disgusting viri out that smash parts of partitions. OpenBSD
> >> or anything else on the disk is a sitting duck once not active.
> >> Don't do it. The AV situation on Windows is ou
On Wed, 5 Sep 2018 11:09:01 +0100
> If the partition is
> intact then surely it is not difficult to fix and with some boot
> loaders like GAG would likely be unaffected.
I should probably say that GAG won't work with UEFI. UEFI sucks in so
many ways and yet could have been great.
On Wed, 5 Sep 2018 11:11:06 -0400
> So: back to the disk-wipe malware (and most other malware). Good
> backups limit the impact that. And, you need a diversity of backup
> mechanisms to defend against the backups getting hit by malware.
*yawn* This is nonsense!
On Mon, 10 Sep 2018 13:30:37 +0100
> OpenBSD is the best OS for both tasks (I've worked for an ISP doing
> both roles, on other operating systems).
+1
I much prefer the OpenBSD options including spamd and smtpd to the
Linux options. Linux options seem to focus on filtering and
inspection which
On Tue, 11 Sep 2018 11:23:36 +0100
> dropping/prevention especially with Linux tools. Postfix is decent
> wherever it runs, of course.
I guess I meant trapping and timing out not dropping before someone
calls foul.
It is really interesting which disposable addresses receive spam.
Obvious ones b
On Thu, 13 Sep 2018 10:23:11 -0400
> > Uhmm … Reality?
> > https://techcrunch.com/2018/09/12/security-flaw-in-nearly-all-modern-pcs-and-macs-leaks-encrypted-data/?guccounter=1
> >
>
> Somewhat better writup from the source:
>
> https://blog.f-secure.com/cold-boot-attacks/
>
> The vulnerabi
On Mon, 17 Sep 2018 13:20:22 -0700
> I don't mind throwing in PostgreSQL, but where are some good
> table/column examples?
SQL is for centralisation of many servers, it will likely be slower
otherwise.
There is greyscanner in ports. You can use that as a model for your own
scripts to do extra c
On Wed, 19 Sep 2018 07:03:56 -0700
> This is the thread that I wished to start that pertains to OpenBSD.
> If usage of an SSH app on anyone's phone to access an OpenBSD server
> isn't relevant from a security point of view, well, let's ignore the
> communication breach from a hardware/software is
On Thu, 11 Oct 2018 12:32:06 +0200
> The gdb from packages is then called egdb.
Make sure cgdb is using egdb, if you use cgdb too.
Documentation is required for gdb unlike eclipse and could be better but
once you find the commands you need it is actually more capable than
eclipse.
On 10/21/18 4:49 PM, Edgar Pettijohn III wrote:
I wanted to give cgdb a shot. How do I make sure its using egdb?
cgdb --help
cgdb -d egdb
I've made the pledge and entered the veil with Chrome.
Sound works without restarting sndiod in other applications like aucat
and mozilla apps.
For some reason the sound does not work in chrome even without enabling
the veil but restarting sndiod makes it work.
I found some pulseaudio conso
On 10/25/18 9:12 AM, Alexandre Ratchov wrote:
> i did a quick test, playback works in chrome; any hints on how to
> reproduce the sound problem?
Thankyou. It is my fault. I must have been tired or it's been working so long
without any notice side effects that I missed the obvious.
I use the follo
On 10/30/18 8:05 PM, Mario Theodoridis wrote:
> I ran into this problem as well.
> I ended up writing a script that parses the SPF entries out of the greylist
> and
> if reasonable, whitelists those ranges and removes the grey
> list entries. It runs every 15 minutes.
smtpctl now has an spf walk
On 10/31/18 9:42 AM, Marco Menne wrote:
> Bluetooth I never liked. :-)
Especially when the Bluetooth spec, specified ecdh without following the
security requirements of must validate the curves as clearly laid out by GECC
(guide to ECC).
I guess Linux and some Intel products did the same or copie
On 11/15/18 4:00 PM, Jarkko Oranen wrote:
> However, unless you're using really bad install media (like USB flash
> memory or something) I don't think OpenBSD is very likely to suffer a
> corrupted filesystem even on power outage unless you're doing very
> heavy IO (and even then it's probably fine
On 11/16/18 10:06 AM, Daniel Polak wrote:
>>> The main benefit of read-only is not having to do disk checks but the time
>>> for
>>> root is negligible.
>> well, it's not just time fsck'ing, those checks can fail, and then if
>> you don't have OOB you have to go visit the machine ..
True, but the
On 11/15/18 9:53 PM, Stuart Henderson wrote:
> well, it's not just time fsck'ing, those checks can fail, and then if
> you don't have OOB you have to go visit the machine ..
I assume sync doesn't solve that entirely?
On 11/16/18 3:43 PM, Jarkko Oranen wrote:
> As far as I'm aware, they are/were originally separated largely due to
> historical reasons anyway, not because it's inherently better to keep
> them separate.
However they came about it is inherently better. Linux often takes the easy
rather than best r
On 11/20/18 4:43 PM, Chris Bennett wrote:
> AMD? I have read about problems with non-CPU chips being compromised.
> Another architecture? I have never used anything other than Intel/AMD.
I can't comment on SUN etc. but AMD would be the way to go if you can.
Theo has said in a recent presentation
On 11/21/18 4:00 PM, Gerhard Schweiger wrote on bugs@:
> Then comes in openbsd 6.1 amd64, and now the same huge speed difference
> between with or without encryption as found on OpenBSD 6.4.Is there any
> tweak I could test or is this just bad luck on my VPS or something else?
> Speed goes down so
On 11/22/18 9:24 AM, Karel Gardas wrote:
> in an attempt to update today from ftp.spline.de I've been kicked out
> after -current update with pkg_add -u complaining about wrong libc
> versions. Packages complains like:
Likely you have a snapshot or packages out of sync. The packages take a lot
lon
On 2020-03-17 02:48, Aaron Mason wrote:
> It's worth noting that httpd didn't go over ~30% in the test, whereas
> the Go web server absolutely slammed the system.
I wonder if this is linked to Go's concurrency.
Personally I would look into tweaking httpd defaults and relayd as GOs net/http
runs e
My upgrades usually follow chromium pkg upgrades. In fact, I have a script on
my phone that greps the chromium pkg version. I test on my own laptop first.
On 2020-04-07 18:21, Rudolf Leitgeb wrote:
> You have no chance defending your desktop against each and every attacker, no
> matter
> which operating system you have running.
True if you consider physical attacks and for most hardware, otherwise mostly
false. Anything can be hacked is also one o
On 2020-04-08 12:08, Rudolf Leitgeb wrote:
>> I believe that is false too.
> You're kidding, yes? Did you somehow miss the opensmtp hole?
>
> https://poolp.org/posts/2020-01-30/opensmtpd-advisory-dissected/
OpenSMTPD does not listen to the internet, by default and even if you do set it
to, it onl
On 2020-04-08 18:02, Rudolf Leitgeb wrote:
> A public facing server with ftp, http, smtp and sshd would have had to be
> patched
> in regular intervals to remain reasonably secure.
False, even though you have lowered the bar from "anything/everything is
hackable".
httpd and libressl have done q
On 2020-04-08 18:39, Claus Assmann wrote:
> - Client-side exploitation: This vulnerability is remotely exploitable
> in OpenSMTPD's (and hence OpenBSD's) default configuration. Although
You missed some out. I assume on purpose.
Client-side exploitation: This vulnerability is remotely exploitabl
On 2020-04-09 10:55, Rudolf Leitgeb wrote:
> My point was, that security is an ongoing effort. Flaws and new
> exploit venues are discovered. There will be different numbers
> of flaws for different operating systems, but none remains unscathed
> for years. As soon as your server does anything usef
> Now this whole debate boils down to "how much effort is someone willing to
> invest
> into hacking Cord's computers?", and that's something I can't answer.
And how competent Cord is at defending his computer because they may not be able
to if he is competent enough, which is my point; It is
Not sure but there wouldn't be much incentive anyway as there aren't many steam
games that run on Linux!
On April 12, 2020 7:07:01 PM UTC, Patrick Harper wrote:
>The effort to support Chromium and Firefox (sans ESR) on OpenBSD akin
>to Windows/macOS/'Linux' has not happened.
On atleast current as Theo showed, Chromium is just as well if not better
supported on OpenBSD than on Linux, these days.
I
You can also install Windows after and boot OpenBSD quite easily by following
the faq. This is not easy on grub/Linux as grub is greedy. Atleast the guides
that I found for grub/Linux, failed to work. I have no interest in running Linux
these days though and little interest then. I had the notion t
On 2020-04-14 09:21, Stefan Sperling wrote:
> Regarding other chipsets, if you want the fastest possible AP on OpenBSD
> your best option right now is to get a bwfm(4) device, which offloads almost
> all of its 802.11 operation into a firmware blob running in the embedded
> system on the device.
I
> There are some unavoidable complexities to the sheer size of the tree,
> and the necessities of updates not to fail...
I have noticed recently that I occasionally get a gz truncated message (I think
due to tcp timeout) and then the dependent package doesn't get updated. I then
re-run pkg_add -
On 2020-04-20 22:47, Marc Espie wrote:
> Nope, it's definitely the wrong place to fix things.
>
> You should fix your pipes (change the timeouts or whatever).
>
> If worse comes to worst, pkg_add could *possibly* retry running ftp(1),
> but that makes little sense.
I agree ftp/tcp should be re-
der
>
> There's also the https://www.playonbsd.com/ website that has more
> information on gaming with BSD systems.
>
Both very cool
> Kevin Chadwick wrote:
>> Not sure but there wouldn't be much incentive anyway as there
>> aren't many steam games
Go/Golang can cross compile non graphical programs for many systems including
OpenBSD from Windows etc.
This means that web apps can be almost as cross platform. Of course the browser
isn't so easily built/bundled cross platform with many app creation technologies
supporting OSX, Windows, Linux an
On 2020-04-30 13:55, Chad Hoolie wrote:
> Any idea about relayd though? I don't see any mentioning of 1.3 in man
> relayd.conf:
I'm not a dev but tls1.3 dropped RSA and I think requires ecdsa key support that
relayd currently lacks.
Although httpd was originally based on relayd. I assume the cod
On 2020-05-07 14:10, Consus wrote:
> On Thu, May 07, 2020 at 04:00:15PM +0200, i...@aulix.com wrote:
>> Dear OpenBSD fans,
>>
>> Can you please comment negative appraisal from the following website:
>>
>> https://isopenbsdsecu.re/quotes/
>>
>> I did not want to hurt anyone, just looking for a secur
On 2020-04-21 17:54, Kevin Chadwick wrote:
>> Nope, it's definitely the wrong place to fix things.
>>
>> You should fix your pipes (change the timeouts or whatever).
>>
>> If worse comes to worst, pkg_add could *possibly* retry running ftp(1),
>> but th
On 2020-05-07 14:48, Aisha Tammy wrote:
>> I wouldn't want to read an OS written in Rust and I would love to see secure
>> developments in C even if it hampers potential performance. Things like Go
>> are
>> not suitable for an OS with many small programs.
>>
> Curious about why... though admitted
On 2020-05-09 07:41, Martin wrote:
> This one
> https://www.tomshardware.com/news/d-wave-5000-qubit-first-sale,40470.html
> is the most powerful 5000qbits quantum computer sells nowadays.
>
> Moreother, D-Wave opened online service to access 5000qbit remotely for
> solving 'special' tasks which
On 2020-05-09 07:41, Martin wrote:
> This one
> https://www.tomshardware.com/news/d-wave-5000-qubit-first-sale,40470.html
> is the most powerful 5000qbits quantum computer sells nowadays.
D-waves definition of qubit is different and their machines will never be
capable of breaking public key cryp
On 2020-05-09 14:31, i...@aulix.com wrote:
> guessed by quantum provided session symmetric cipher is strong enough?
Quantum does not break any in use today and AES-256 symmetric is expected to be
quantum resistant in any case.
I personally prefer AES-256 ctr over the more complex GCM. I am not a
On 2020-05-09 14:34, i...@aulix.com wrote:
> D-waves has too uncoupled qubits if I understand it correctly, it is nothing
> to do about qubits quantity as we used to think about it. Like a "cluster" of
> completely isolated hosts (which is already not a cluster or course).
I don't care for the d
On 2020-05-09 16:25, i...@aulix.com wrote:
> Note: Since these MS / U.S. government keys are deeply sticking in Intel XEON
> processor hardware, it doesn’t play a role, what other OS you install or boot
> afterwards: Debian/UBUNTU Linux, OpenBSD, … If your software uses Intel
> AES-NI hardware e
Here's a game.
Name as many operating systems as you can that encrypt the page file or swap
space by default?
On May 11, 2020 7:27:49 PM UTC, i...@aulix.com wrote:
>Please let me know, what are analogues of SELinux and AppArmor in OBSD
>
http://www.openbsd.org/mail.html
You are supposed to "do your homework" and try googling and searching the
mailing list archive before asking questions.
Clearly you h
The unveil man page is perfectly correct and it is not hard to test it's
behaviour.
I just wonder if it may aid unveil adoption in languages other than C, if it
explicitly mentioned that exec is not required on a dir to allow reading the
files within, e.g. if the dev is more used to filesystem pe
On May 20, 2020 9:31:19 PM UTC, Edgar Pettijohn wrote:
>On Wed, May 20, 2020 at 08:48:20PM +0200, Valdrin MUJA wrote:
>> Hi Misc,
>>
>> I have an interactive shell program which has an authentication
>section and I want to login via my program. How can I do that?
>>
>> Actually I want to run thi
On 2020-05-21 09:55, Anders Andersson wrote:
>> I am a huge fan of minimal and custom installations
>> as I mostly use OpenBSD to host simple HTTP servers.
> ...
>> I would like to get your opinion on that.
> From what I've seen, those goals are not compatible with OpenBSD, as
> in: You're just mak
>> Is there any sort of supported way of wiring up login_duo with
>> OpenSMTPD and Dovecot, or using bsdauth in some way to enforce a
>> second auth factor?
>
>bsdauth isn't really setup for multi factor, the only way I've seen
>this
>done is splitting the password field into a fixed-length OTP a
On 2020-05-28 14:40, Michael Steeves wrote:
> but I'm wondering if there's some other way to get any more detail out of the
> laptop about what's going on?
ifconfig has a debug flag.
A packet capture from another device with monitor mode, may be a helpful option
too. e.g. iwm or athn
http://open
On 2020-05-28 18:38, Amarendra Godbole wrote:
> It indeed is written by someone lacking knowledge about everything. It
> is funny, and gave me a good laugh - the comments are even funnier!
Be aware that the author deletes your comments and replaces them with his own,
under your name, whilst hiding
On 2020-06-01 11:20, Stuart Henderson wrote:
> We went through this earlier when unveil was added to nc. The way capath
> directories are often populated in the real world is not compatible with
> unveil, you would need to resolve all files in capath, recursively resolve
> symlinks, and add the cha
On 2020-06-01 13:30, Theo de Raadt wrote:
>> I wonder, if 99% of users just use /etc/ssl/cert.pem? whether a flag that
>> breaks/enables other use cases (removes capath support at runtime), might
>> work?
> I guess you don't understand unveil. You didn't understand what Stuart
> just said *at al
On 2020-06-02 23:27, Chris Narkiewicz wrote:
> Somebody on StackOverflow advised on modifying /etc/rc
> and run bioctl before disks are mounted, but I'm not sure
> if this is a right approach, especially that attaching
> more disks might change the /dev/sd* numberign.
That would cause yourself mai
1 - 100 of 891 matches
Mail list logo
