Downgrading to xfree86 3.x
I have an old VLB video card (ATI Graphics Ultra Pro). It does not appear to be supported in xfree86 4.x. How do I downgrade to xfree86 3.x in woody? TIA, Jeffrey -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Downgrading to xfree86 3.x
Quoting Bob Nielsen <[EMAIL PROTECTED]>: > On Thu, Feb 06, 2003 at 08:02:59PM -0600, Jeffrey Taylor wrote: > > I have an old VLB video card (ATI Graphics Ultra Pro). It does not > > appear to be supported in xfree86 4.x. How do I downgrade to xfree86 > > 3.x in woody? > > apt-get install xserver-mach32 xserver-common-v3 > > Debian's 3.x and 4.x versions of X can co-exist without problems. > How to I tell it which version to start? And does anyone have any advice about getting it to work at greater than 8 bpp? TIA, Jeffrey -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Downgrading to xfree86 3.x
Quoting IEEE alias <[EMAIL PROTECTED]>: > Quoting Bob Nielsen <[EMAIL PROTECTED]>: > > On Thu, Feb 06, 2003 at 08:02:59PM -0600, Jeffrey Taylor wrote: > > > I have an old VLB video card (ATI Graphics Ultra Pro). It does not > > > appear to be supported in xfree86 4.x. How do I downgrade to xfree86 > > > 3.x in woody? > > > > apt-get install xserver-mach32 xserver-common-v3 > > > > Debian's 3.x and 4.x versions of X can co-exist without problems. > > > > How to I tell it which version to start? And does anyone have any > advice about getting it to work at greater than 8 bpp? > > TIA, > Jeffrey > Installing XFree86 3.x changes the symlink to point to itself. For this video card, 3.x supports 8 and 16 bit color; 4.x only supports 8 bit color. Neither supports 24 bit color, though the card is capable of it. The card can't be run at the highest dot clock speeds without tearing and other artifacts. I remember that from the old days. Thanks for the help, Jeffrey -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: WordPerfect 8 on Woody
Quoting Jerry Van Brimmer <[EMAIL PROTECTED]>: > Hi, > > I'm trying to install Wordperfect 8 on Woody. I have installed libc5 and > xpm4.7. I have WP8 on a commercial Corel CD. When I cd to the CD root > directory, there I see install.wp. When I type ./install.wp and press > Enter I get this message: > > debian:/cdrom# ./install.wp > bash: ./install.wp: /bin/sh: bad interpreter: Permission denied > debian:/cdrom# > > > What does "bad interpreter" mean? What could be the problem? > > Thanks > IIRC, install.wp is a Bourne shell script. Something isn't working. It is doubtful that you don't have the Bourne shell (/bin/sh). Is your CD perhaps mounted "noexec"? HTH, Jeffrey -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: wget and ftp download problems
Quoting Dave Selby <[EMAIL PROTECTED]>: [snip] > 200 PORT command successful. Consider using PASV. > > 425 Failed to establish connection. > > Error in server response, closing control connection. > Retrying. > > This is a bit of a problem since I wanted to use wget to download open office > etc all from ftp sites . > > Any ideas ? There may be a firewall between you and the FTP server that is blocking active FTP. Try adding --passive-ftp to the wget command line. HTH, Jeffrey -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: security
Quoting Rob Weir <[EMAIL PROTECTED]>: > [DISCLAIMER: I've played with this here at home, and think I've got a > fairly secure system, but I'm no expert, I'm just an interested geek] > > On Mon, Feb 03, 2003 at 02:21:33PM +0100, Russell Coker wrote: > > Is anyone here running a Debian system with no daemons running as root > > other than init, inetd, and sshd, no SUID-root programs other than > > passwd, su, etc, and generally having everything locked down as much > > as possible (chroot's for daemons, etc)? > > I'm running bind9 in a chroot (using Martin's bind9-chroot package); > everything else is as normal. > It has been possible since BIND 8.x to run it non-root. I did it on my main machine (non-Debian). It took a little fiddling with permissions and ownership so it could read & write the configuration and zone files. Figure an hour to get it to work. I should invest another hour to improve the solution. I now think it can be done more securely. Jeffrey -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: good sources.list
Quoting Greg Madden <[EMAIL PROTECTED]>: [snip] > For official Debian mirror sites there is an app, 'netselect', (man > netselect)that will find the quickest mirror for your location. > 'netselect-apt' will use the list of mirrors from Debian.org, find the > fastest one to your location, then write a sources.list file. Interesting > info on different mirror sites. > This does not get the security.debian.org sites, so be sure to add them after running netselect-apt. Jeffrey -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: gpg key in memory
Quoting Benedict Verheyen <[EMAIL PROTECTED]>: > Hi, > > is it possible (like with ssh) to have gpg ony ask you your passphrase > once and then remember it for the duration of a session? > This would be handy if one is writing a lot of emails and you don't want > to bother every single time to type your passphrase. > I chose quit a long and difficult passphrase and it isn't fun to type > it over and over again when i want to encrypt or sign an email. > > Any sollution to this other than chosing a simpler and shorter > passphrase? Look at ssh-agent and ssh-add. eval `ssh-agent` ssh-add Note back-quotes. This will start up persistent ssh-agent process. ssh-add will prompt for passphrase and add key. You need to kill ssh-agent manually, it will outlast session, IIRC. There is a way to have ssh-agent start a new sub-shell and terminate when sub-shell exits. You can add other keys besides default (RSA key in ~/.ssh) by file name. HTH, Jeffrey -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Wireless LAN
Avoid anything with the Raytheon chip (WebGear Aviator 2.4, among others). The ray_cs driver does not work in Woody. HTH, Jeffrey Quoting Jeff <[EMAIL PROTECTED]>: > Rusty Minden, 2002-Nov-20 22:30 -0800: > > I am going to be getting a wireless LAN 802.11b for my home > > network. I would like to get one that is supported by GNU/Linux. > > Does anyone have any suggestions? > > > > I have two desktop computers and a laptop computer I will be > > setting up. The Laptop and one desktop run Debian Sarge on the > > 2.4.18 kernel. The other computer runs Windows ME for the wife. > > I have a small network in my computer lab set up with the server > > and the laptop when I am in the room, but wireless would be a > > good addition. > > > > Thanks for any suggestions. > > I just did this myself. I got a Linksys WAP11 ver.2.2 AP and a > Linksys WMP11 Wireless PCI Card for a PC. As for PCMCIA, I have > Lucent WaveLAN GOLD card that works nicely as well. This is all with > Woody. The WMP11 uses the hermes module. > > jc > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
ipchains syslog facility
In Debian 3.0r0, what syslog facility does IPchains log to? The messages are showing up on all virtual terminals, but not in any of the /var/log files. TIA, Jeffrey -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: How insecure are cable connections, versus dialup?
Your exposure is how much time you spend connected. Cable or dial-up makes little difference. In both cases you should have a firewall. Disabling unneeded servers is a good idea in all cases. Debian 3.0 installs and enables all kinds of insecure services (e.g., SunRPC, portmapper) by default. Jeffrey Quoting Chip Rose <[EMAIL PROTECTED]>: > I'm thinking of getting a Cox cable connection/modem, and was wondering > how hard it is to make the static IP address secure. I don't have a lot > of knowledge in this area. What is needed? A cable modem that I could > lease or buy on Ebay, and a network interface card, and turn off all > unneeded services - how easy would it be for someone to hack me, and what > all could they generally accomplish? Is getting a cable connection a > no-no for someone of my limited knowledge level? > > Thank, > > Chip > > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: How insecure are cable connections, versus dialup?
Quoting Alvin Oga <[EMAIL PROTECTED]>: > cable ... its you and all your neighbors watching/sharing that copper > Can you provide evidence for this? That cable modems run in "promiscuous" mode? Jeffrey -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Cracked cracker?
It probably isn't a person, it is a program/script. And in either case, it is dumb. Quoting Michael Olds <[EMAIL PROTECTED]>: > This is a small sample from my access log. Can someone explain to me why > this person would repeatedly attempt access to my computer using the same IP > and the same requests over and over? This isn't to the point of being a DOS > attack; can't they see I don't have any of these things that they think will > enable them to crack my machine? Or is there something else going on here? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Apologies re: VPN + Roadwarrior
Sorry for the multiple sends. Some of the original addresses had typos that I corrected and resent. Bad dog! Apologies, Jeff -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: VPN + Roadwarrior
>From "Building Linux VPNs", FreeS/WAN has some basic interoperability
with:
KAME: FreeBSD, NetBSD, OpenBSD, BSDi
PGPnet
Windows 2000
F-Secure VPN
IRE Safenet/SoftPK
SSH IPSec Express
Gauntlet GVPN
Xedia's AccessPoint QVPN
Checkpoint SecuRemote VPN-1/Firewall-2
Raptor Firewall, Raptor MobileNT T
Testing was not comprehensive and there are no guarantees of ease of
setup.
Web based testing tools at:
http://ipsec.wit.antd.nist.gov/
http://isakmp.test.ssh.fi/
http://www.vpnc.org/conformance.html
I recommend this book if you are thinking of some kind of VPN. See my
review at: http://www.ercb.com/feature/feature.0063.html
HTH,
Jeffrey
Quoting Noah L. Meyerhans <[EMAIL PROTECTED]>:
> On Thu, Dec 12, 2002 at 09:39:27AM -0500, Phillip Hofmeister wrote:
> > If you implement IPSec, my experience (as of 6 months ago) with IPSec is
> > that it works great, as long as you use the same implementation on all
> > host.
>
> I don't really agree with that. I have used several different IPsec
> implementations and interoperated successfully. The latest combination
> that I tried was the Linux 2.5 native IPsec communicating with
> FreeS/WAN. No problem. I've documented the steps I had to go through
> to get the {Free,Net}BSD IPsec implementation to interoperate with
> FreeS/WAN using X.509 certs for authentication. Again, very few
> problems.
>
> www.freeswan.org has quite a bit of interoperability documentation.
> Basically, the only difficulties come from the fact that the Internet
> Key Exchange (IKE) protocol, defined in RFC 2409, has so damn many
> configurable parameters that it's easy to missconfigure it. Since there
> isn't (and probably won't ever be) a standard set of defaults, this can
> get confusing.
>
> noah
>
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Exchange Calendar client?
Quoting Johann Spies <[EMAIL PROTECTED]>: > On Fri, Dec 13, 2002 at 08:49:07AM -0500, Robert L. Harris wrote: > > > > > > Did it. It was as effective as throwing a roll of bounty paper towels > > in the ocean. Remember, he's the CEO, I'm a tech peon, he knows all, I > > don't. > > I did some research a few months ago and found two other products > besides Ximian's Connector which claim to be exchange replacements or > which can be used as clients. Unfortunately I can not remember the > specific names but one was a product issued by Samsung. IIRC, it is OpenMail, purchased from H-P. (They may have renamed it.) HTH, Jeffrey -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Getting smtp-auth to work with Postfix
So what are you specifying for the value of smtpd_recipient_restrictions? And why can't you add one of the required values? Jeffrey Quoting jennyw <[EMAIL PROTECTED]>: > Any tips on this? I'm running Woody, so I tried these directions: > > http://people.brad-x.com/~diamondc/postfix-tls-smtpauth.html > > But it didn't work. Here are the log entries when I try to start > Postfix: > > Dec 19 00:20:41 towanda postfix/smtpd[9525]: fatal: parameter > "smtpd_recipient_r > estrictions": specify at least one working instance of: > check_relay_domains, rej > ect_unauth_destination or reject > Dec 19 00:20:42 towanda postfix/master[9512]: warning: process > /usr/lib/postfix/ > smtpd pid 9525 exit status 1 > Dec 19 00:20:42 towanda postfix/master[9512]: warning: > /usr/lib/postfix/smtpd: b > ad command startup -- throttling > > Thanks! > > Jen > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
ISA PnP boot up
What is the preferred why in Debian 3.0 to bring ISA PnP up (i.e., run "isapnp /etc/isapnp.conf") at boot time? TIA, Jeffrey -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: ISA PnP boot up
Quoting nate <[EMAIL PROTECTED]>: > Jeffrey Taylor said: > > What is the preferred why in Debian 3.0 to bring ISA PnP up (i.e., run > > "isapnp /etc/isapnp.conf") at boot time? > > last I checked, all you had to do was to install it(isapnptools), the > installation will put a script in /etc/rcS.d(I think) which calls > it on boot. Thanks Nate. I eventually found that. My problem now is that the i82365.o module complains when loaded about "init_module: Device or resource busy" when I try and start the pcmcia service. It's an ISA card reader, so I thought the ISA PnP wasn't up. Anyone have any ideas or Web sites to debug this tangle? Thanks, Jeffrey -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: installation question
Before you install, be sure and write down i/o port addresses, IRQ values, NIC types, disk geometry, PnP values and any other hardware information you can think of. Unless you have an oddball NIC, the drivers should be in the drivers.tgz file. I used the boot floppy method (6 floppies) to do a network install on a 486. It went very smoothly. HTH, Jeffrey Quoting Joris Huizer <[EMAIL PROTECTED]>: > Hello everybody, > > I just joined this list so sorry if my question has > allready been questioned before. > > I'm thinking about installing the Debian linux > distribution. I'm currently using RedHat 8.0 but it > seems the messed a bit and some programs won't install > (Including nedit, koules) - hopefully they will under > Debian :-) > > I haven't installed Debian before - so I don't know > how it works. I found at > http://www.debian.org/releases/stable/i386/ch-install-methods.en.html, > section 4.4, that I can install after downloading a > few files without boot floppies. > > Now, my question, is about the part about lilo, > http://www.debian.org/releases/stable/i386/ch-rescue-boot.en.html#s-boot-initrd > - it says, > > You should now see the debian installer dbootstrap > running. If you do not use any removable medium, you > want to check very early that your network connection > is working and before irreversibly partitioning your > hard disk. So you maybe need to insmod some additional > kernel modules for this, for instance for your network > interface... > > Well, rather than just try or something I thought I > better ask :-) how can make it load the network > interface, the ethernet card and stuff? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Debian and IPV6
Are you sure sshd is listening on the IPv6 ports? Check sshd was not started with -4 option and what ListenAddress in /etc/ssh/sshd_config is set to. HTH, Jeffrey Quoting Russ Cook <[EMAIL PROTECTED]>: > I have enabled IP6 on my home network, configured my network, > and obtained tunneling and ip addressed through Freenet6. > I can ping6 all machines on my network, but ssh -6 does not > work. I get errors that the connection was refused. SSH works > fine with Ipv4 protocol. I can telnet6 to IPV6 web servers on > the web, and Mozilla works fine. Can anyone tell me what I > need to check on my network machines? I suspect perhaps a > problem in /etc/services or /etc/protocols, but don't see > anything wrong. > > Thanks for any suggestions. > > Russ > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Debian and IPV6
What does "netstat -A inet6 -an" say? When you say "sshd -6" does not work, what are the symptoms? No change? Error messages? Check syslogs. Also try connecting with verbose option, "ssh -v" or even "ssh -vvv". Jeffrey Quoting Russ Cook <[EMAIL PROTECTED]>: > Thanks for the reply. I checked as suggested, and sshd is configured > to listen on port 22. It is not started with -4 option, and no > ListenAddresses are specified (they are commented out). Again, sshd > works with normal (-4) option, but not with -6. I have not tinkered > with config files, they are in default setup. Thanks in advance for > any further hints. > > Regards, >Russ > > On Sat, 28 Dec 2002, Jeffrey Taylor wrote: > > > Are you sure sshd is listening on the IPv6 ports? Check sshd was not > > started with -4 option and what ListenAddress in /etc/ssh/sshd_config > > is set to. > > > > HTH, > > Jeffrey > > > > > > Quoting Russ Cook <[EMAIL PROTECTED]>: > > > I have enabled IP6 on my home network, configured my network, > > > and obtained tunneling and ip addressed through Freenet6. > > > I can ping6 all machines on my network, but ssh -6 does not > > > work. I get errors that the connection was refused. SSH works > > > fine with Ipv4 protocol. I can telnet6 to IPV6 web servers on > > > the web, and Mozilla works fine. Can anyone tell me what I > > > need to check on my network machines? I suspect perhaps a > > > problem in /etc/services or /etc/protocols, but don't see > > > anything wrong. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: /etc/resolv.conf keeps getting overwritten
Your DHCP client is probably overwriting /etc/resolv.conf. Do a "man dhclient.conf" for details how to configure. Possibly adding the following line to /etc/dhclient.conf will do it. append domain-name "domain1.com domain2.com"; HTH, Jeffrey Quoting Nori Heikkinen <[EMAIL PROTECTED]>: > as root, i modified the "search" line in my new box's /etc/resolv.conf > to include a few more domains i want searched. the changes persist > anywhere from two minutes to two hours, but it always seems to get > overwritten with the initial one! this is really obnoxious, as i don't > want to have to keep typing in full domain names. > > i don't changed anything as root between relapses, so i can't figure out > what's causing this. any ideas? > > thanks, > > > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: mail server
Quoting Derrick 'dman' Hudson <[EMAIL PROTECTED]>: [snip] > Almost. Some sites will reject your connection just because you have > a dynamic address. > For these sites, route e-mail thru your ISP. (I use Postfix, not exim, so the details are left as an exercise for the reader.) HTH, Jeffrey -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Turning off printer and other daemons
Is there a general way to disable start up of specific daemons at boot time. I know I can rip the whole package out, or do a "update-rc.d -f remove lpd", but is there a more elegant way? Some have files in /etc/default with XYZRUN=no. Does this work in general? TIA, Jeffrey -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
eRacks.com
Anyone ever bought anything from eRacks.com? I found just the laptop I want at at reasonable price with Linux pre-installed. Now I just need to find out if they are any good. TIA, Jeffrey -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
