Re: SSH failed on 4.0-S
At 12:25 PM +0200 2000/6/19, Alessandro de Manzano wrote: >>> Jun 19 10:48:27 gandalf sshd[438]: fatal: rsa_private_decrypt() failed >> >>This means the key could not be processed for some reason. Are you certain >>you are using an sshd from 4.0-STABLE? The most common cause of this error > > well, I think yes, because I upgraded all via CVSUP using this supfile: Yup. The RSAREF library can't handle keys longer than 1024 bits. If you upgrade with the /usr/ports/security/rsaintl library, that should solve the problem (unless you're in the US, in which case you can't do that for copyright reasons that will require that you continue to use the RSAREF library instead). -- These are my opinions -- not to be taken as official Skynet policy == Brad Knowles, <[EMAIL PROTECTED]>|| Belgacom Skynet SA/NV Systems Architect, Mail/News/FTP/Proxy Admin || Rue Colonel Bourg, 124 Phone/Fax: +32-2-706.13.11/12.49 || B-1140 Brussels http://www.skynet.be || Belgium To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: SSH failed on 4.0-S
On Mon, 19 Jun 2000 13:54:52 +0200, Brad Knowles wrote: > If you upgrade with the /usr/ports/security/rsaintl library, that argh! I have not that port! :-? I've only security/rsaref note: just in case, in /etc/make.conf I _do_ have USA_RESIDENT=NO , so why I have not "supped" rsaintl ? tnx! Alessandro de Manzano Playstos - TIMA S.p.A. Corso Sempione 63 20149 Milano, Italy tel.: +39-023314153 fax: +39-02315678 email: [EMAIL PROTECTED] http://www.playstos.com To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: hosts.allow: deny set but ping requests come through
Tobias Roth <[EMAIL PROTECTED]> writes: > Your tcp dump says that you send out an ICMP reply. ICMP != tcp. Correct. "Dan Larsson" <[EMAIL PROTECTED]> writes: > These have nothing to do with icmp restrictions, use firewall rules > to limit icmp: 'man 8 ipfw' Good point and thanks for the pointer. Now it is way more restrictive than I wanted it to be but at least the ping requests from the specific machine in question don't get answered anymore. Roland To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: SSH failed on 4.0-S
On Mon, Jun 19, 2000 at 02:05:49PM +0200, Alessandro de Manzano wrote: > On Mon, 19 Jun 2000 13:54:52 +0200, Brad Knowles wrote: > > > If you upgrade with the /usr/ports/security/rsaintl library, that > > argh! I have not that port! :-? > > I've only security/rsaref It is avtually named librsaref, but it doesn't compile! This is what I got: ===> Extracting for librsaintl-1.1 >> Checksum OK for librsaintl/rsa_eay.c. >> Checksum OK for librsaintl/rsa_err.c. >> Checksum OK for librsaintl/rsa_intlstubs.c. >> Checksum OK for librsaintl/cryptlib.h. ===> Patching for librsaintl-1.1 ===> Configuring for librsaintl-1.1 ===> Building for librsaintl-1.1 Warning: Object directory not changed from original /usr/ports/security/librsain tl/work cc -O -pipe -DTERMIOS -DANSI_SOURCE -DNO_IDEA -DL_ENDIAN -DDEVRANDOM=\"/dev/uran dom\" -c rsa_err.c -o rsa_err.o rsa_err.c:77: `RSA_F_RSA_NULL' undeclared here (not in a function) rsa_err.c:77: initializer element is not constant rsa_err.c:77: (near initialization for `RSA_str_functs[8].error') rsa_err.c:115: `RSA_R_INVALID_MESSAGE_LENGTH' undeclared here (not in a function ) rsa_err.c:115: initializer element is not constant rsa_err.c:115: (near initialization for `RSA_str_reasons[16].error') rsa_err.c:124: `RSA_R_RSA_OPERATIONS_NOT_SUPPORTED' undeclared here (not in a fu nction) rsa_err.c:124: initializer element is not constant rsa_err.c:124: (near initialization for `RSA_str_reasons[25].error') *** Error code 1 Stop in /usr/ports/security/librsaintl/work. *** Error code 1 Stop in /usr/ports/security/librsaintl. *** Error code 1 Stop in /usr/ports/security/librsaintl. *** Error code 1 Stop in /usr/ports/security/librsaintl. su-2.03# And then it stops there! > > note: just in case, in /etc/make.conf I _do_ have USA_RESIDENT=NO , so why I have >not "supped" rsaintl ? > > > tnx! > > > > > Alessandro de Manzano > > Playstos - TIMA S.p.A. > Corso Sempione 63 > 20149 Milano, Italy > > tel.: +39-023314153 > fax: +39-02315678 > email: [EMAIL PROTECTED] > > http://www.playstos.com > > > > > To Unsubscribe: send mail to [EMAIL PROTECTED] > with "unsubscribe freebsd-stable" in the body of the message -- __o regards, Gunnar ---_ \<,_ email: [EMAIL PROTECTED] (_)/ (_) To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: bug in the syscons fonts ?
Maxime Henrion wrote: > > I've noticed a weird thing in the fonts of syscons that i think may be a > bug. I am a french user, so i have these lines in my rc.conf to have > FreeBSD correctly displaying my accentued characters : > > keymap="fr.iso.acc" > font8x8="cp850-8x8" > font8x14="cp850-8x14" > font8x16="cp850-8x16" > scrnmap="iso-8859-1_to_cp437" > > The problem is that when i type a "à" (an "a" with a backquote for > thoses who cant see it correctly), i get a "D" on the screen ! This only > occurs while i'm on a text console, not under X. > Have i done something wrong ? Thanks for help ! > Try this configuration: keymap="fr.iso.acc" font8x8="iso-8x8" font8x14="iso-8x14" font8x16="iso-8x16" (delete the "scrnmap" line). -- JMA ** Jose M. Alcaide // [EMAIL PROTECTED] // [EMAIL PROTECTED] ** ** "Beware of Programmers who carry screwdrivers" -- Leonard Brandwein ** To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: bug in the syscons fonts ?
"Jose M. Alcaide" wrote: > Maxime Henrion wrote: > > > > I've noticed a weird thing in the fonts of syscons that i think may be a > > bug. I am a french user, so i have these lines in my rc.conf to have > > FreeBSD correctly displaying my accentued characters : > > > > keymap="fr.iso.acc" > > font8x8="cp850-8x8" > > font8x14="cp850-8x14" > > font8x16="cp850-8x16" > > scrnmap="iso-8859-1_to_cp437" > > > > The problem is that when i type a "à" (an "a" with a backquote for > > thoses who cant see it correctly), i get a "D" on the screen ! This only > > occurs while i'm on a text console, not under X. > > Have i done something wrong ? Thanks for help ! > > > > Try this configuration: > > keymap="fr.iso.acc" > font8x8="iso-8x8" > font8x14="iso-8x14" > font8x16="iso-8x16" > > (delete the "scrnmap" line). > > -- JMA > ** Jose M. Alcaide // [EMAIL PROTECTED] // [EMAIL PROTECTED] ** > ** "Beware of Programmers who carry screwdrivers" -- Leonard Brandwein ** I've tried and when i'm doing this, all the accentued characters are fucked up :/ Any ideas ? - Maxime Henrion To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: 4.0 CD, crypto and SSH
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Mon, 19 Jun 2000, Gregory Bond wrote: ... : I'm not in the US (and the installed make.conf confirms it), and I've : installed The funny thing about sysinstall is that no matter what you do, it always sets your USA_RESIDENT variable to "NO" reguardless of what is written in /etc/make.conf, as I got bitten with that when I fired up sysinstall to configure a new hard-drive and later on in the day realized the upgrades on crypto software I did wasn't working "right". I mentioned it on the list about it but never did file a PR which is what I should have done, this behaviour is in 4.0 RELEASE and STABLE up to at least May 30 (which is what I'm running) : I've obviously done something dumb, but I'll claim it is because : sysinstall is misleading! Somewhat, yes :) : Greg. Matt Heckaman [EMAIL PROTECTED] http://www.lucida.qc.ca -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.1 (FreeBSD) Comment: http://www.lucida.qc.ca/pgp iD8DBQE5ThSedMMtMcA1U5ARApv1AJ9r64GOUd/nRYcGTtNGfcW3N3xdWQCgq2EP zjdOTIG+cF3NPKD5kv1DIec= =4o1t -END PGP SIGNATURE- To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: 4.0 CD, crypto and SSH
On Mon, Jun 19, 2000 at 02:40:09AM -0700, Kris Kennaway wrote: > On Mon, 19 Jun 2000, Szilveszter Adam wrote: > > > OK, the answer is ports/security/librsaintl. > > ...as documented in the handbook (although I just checked and it doesn't > mention the port, only the package) and I could not find the package on our mirror or on the mirror in the Czech Republic, although the latter does mirror the internat crypto code in its cvsup server capacity. Maybe the package is available from internat only? If so, is it becuase there is a reason for that? -- Regards: Szilveszter ADAM Szeged University Szeged Hungary To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: ESS 1969 sound support?
On 16-Jun-00 Kevin M. Dulzo wrote: > On Thu, Jun 15, 2000 at 09:41:37AM +0100, Steve O'Hara-Smith wrote: >> >> There was a patch by Takanori Watanabe that got the thing >> recognised with the mixer working but no PCM. Unfortunately it no longer >> applies cleanly. > > It was a minor fix to add a NULL argument to the attach function > if I remember correctly. Is there any chance anyone would commit the mixer No, I know the one you are thinking of. It used to be quite easy to get the thing recognised as a SBPro with about three lines in pcisupport.c, but that stopped working for me at about the time the old sound stuff (voxware) started moaning about compatability shims. Taknori Watanabe's patch (which I now have a variant that applies cleanly to an up to date -STABLE if anyone wants it) is a rather more sophisticated affair that makes sbc.c recognise the card and ess.c attempt to drive it properly. I have been looking at it closely over the weekend and the missing part seems to be the configuration of the on board DMA controller. Tonight I intend to find some sample code that does it (the docs are inscrutable) and patch it in. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: SSH failed on 4.0-S
On 19-Jun-00 Alessandro de Manzano wrote: > On Mon, 19 Jun 2000 13:54:52 +0200, Brad Knowles wrote: > >> If you upgrade with the /usr/ports/security/rsaintl library, that > > argh! I have not that port! :-? > > I've only security/rsaref I think that should be /usr/ports/security/librsaintl, at least I have that one. Unfortunately it fails compile (for me, anyone got better results ?) with: rsa_err.c:77: `RSA_F_RSA_NULL' undeclared here (not in a function) rsa_err.c:77: initializer element is not constant rsa_err.c:77: (near initialization for `RSA_str_functs[8].error') rsa_err.c:115: `RSA_R_INVALID_MESSAGE_LENGTH' undeclared here (not in a function) rsa_err.c:115: initializer element is not constant rsa_err.c:115: (near initialization for `RSA_str_reasons[16].error') rsa_err.c:124: `RSA_R_RSA_OPERATIONS_NOT_SUPPORTED' undeclared here (not in a function) rsa_err.c:124: initializer element is not constant rsa_err.c:124: (near initialization for `RSA_str_reasons[25].error') To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
Re: Desperate : make buildworld NEVER works!!!!!
"Kevin Oberman" <[EMAIL PROTECTED]> writes: > It seems odd that we have had at least a half dozen reports of signal > 11s during buildworld over the past 3 days. I have the same problem > with my K6-2 system. The hardware has been rock solid for months, but > I now can't buildworld without a "signal 11" exactly as has been > reported here. Very suspicious, at least. Well, some of those cases were the known (and documented -- and, for that matter, fixed) bugs in 3.4-R's install procedure. When you discount those, I don't think we've seen an unusual number of such reports. If the segv's were occuring in the same place, that could indicate a problem with FreeBSD itself, but if they occur in different places on each run through a buildworld, you have pretty conclusive proof that it's a question of flaky hardware. A lot of FreeBSD installs are on cheap hardware. In fact, it's hard to buy PC-class hardware that qualifies as dependable by traditional server standards. So we're stuck with a pretty high rate of reports of hardware problems. It's one thing for my Windows game box to be tolerant of memory problems, but I don't *want* my FreeBSD machines to do the same. Be well. Lowell Gilbert To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
