Re: torrent downloads
On April 27, 2017 7:55:42 AM EDT, Thuban wrote: >Hello, >I was wondering if there is any particular reason explaining why there >is no torrent file to retrieve OpenBSD *.fs and *.iso. > >I've been looking on the list and only found this site that doesn't >seems up to date [1]. > >If the reason is a lack of human ressources, I think I can handle it. You are always free to make your own torrent of the openbsd release files :) > >Regards. > >[1] : http://openbsd.somedomain.net/
Re: Linux crypt(3)
Could you modify the existing linux system to also output a suitable bcrypt hash for their password the next time they log in. Leave that running for a while, and then migrate? This way most active users will have their password migrated for them. The remainder can probably afford to reset their password since they're not using the system very often. On Mon, Oct 19, 2015 at 7:38 AM, Adam Wysocki wrote: > Thank you for all the replies! > > On Sat, 17 Oct 2015, Devin Reade wrote: > >> As you're looking into solutions, make sure you're looking at the right >> problem. Your text sounds like you're migrating system account passwords, > > I'm not. These are passwords for the news server. Users are authenticated > using ckpasswd, which uses crypt(). > > On Sat, 17 Oct 2015, Adam Wolk wrote: > >> Don't know if it works out for you but you could generate ssh keys for >> existing accounts and allow users to access the new system using that >> provided ssh key & set the passwords themselves (or just keep using key >> auth and disabling passwords :)). > > I don't want to force users to do anything, I want this change to be > transparent to them... > > -- > "qui hic minxerit aut cacaverit, habeat deos superos et inferos iratos"
iked "failed to get dh secret"
I've been trying to setup a VPN for my android device using strongSwan and iked. When I try to initiate the connection from my device the SA never gets established. I see this in the log: Here's the logs from iked -dvv ikev2_recv: IKE_SA_INIT request from initiator :54158 to 65.19.130.43:500 policy 'policy1' id 0, 1012 bytes ikev2_recv: ispi 0xedd37e5e75d328e5 rspi 0x ikev2_policy2id: srcid IPV4/65.19.130.43 length 8 ikev2_pld_parse: header ispi 0xedd37e5e75d328e5 rspi 0x nextpayload SA version 0x20 exchange IKE_SA_INIT flags 0x08 msgid 0 length 1012 response 0 ikev2_pld_payloads: payload SA nextpayload KE critical 0x00 length 604 ikev2_pld_sa: more than one proposal specified ikev2_pld_sa: more 2 reserved 0 length 292 proposal #1 protoid IKE spisize 0 xforms 34 spi 0 ikev2_pld_xform: more 3 reserved 0 length 12 type ENCR id AES_CBC ikev2_pld_attr: attribute type KEY_LENGTH length 128 total 4 ikev2_pld_xform: more 3 reserved 0 length 12 type ENCR id AES_CBC ikev2_pld_attr: attribute type KEY_LENGTH length 192 total 4 ikev2_pld_xform: more 3 reserved 0 length 12 type ENCR id AES_CBC ikev2_pld_attr: attribute type KEY_LENGTH length 256 total 4 ikev2_pld_xform: more 3 reserved 0 length 8 type ENCR id 3DES ikev2_pld_xform: more 3 reserved 0 length 8 type INTEGR id HMAC_MD5_96 ikev2_pld_xform: more 3 reserved 0 length 8 type INTEGR id HMAC_SHA1_96 ikev2_pld_xform: more 3 reserved 0 length 8 type INTEGR id HMAC_SHA2_256_128 ikev2_pld_xform: more 3 reserved 0 length 8 type INTEGR id HMAC_SHA2_384_192 ikev2_pld_xform: more 3 reserved 0 length 8 type INTEGR id HMAC_SHA2_512_256 ikev2_pld_xform: more 3 reserved 0 length 8 type INTEGR id AES_XCBC_96 ikev2_pld_xform: more 3 reserved 0 length 8 type PRF id HMAC_MD5 ikev2_pld_xform: more 3 reserved 0 length 8 type PRF id HMAC_SHA1 ikev2_pld_xform: more 3 reserved 0 length 8 type PRF id HMAC_SHA2_256 ikev2_pld_xform: more 3 reserved 0 length 8 type PRF id HMAC_SHA2_384 ikev2_pld_xform: more 3 reserved 0 length 8 type PRF id HMAC_SHA2_512 ikev2_pld_xform: more 3 reserved 0 length 8 type PRF id AES128_XCBC ikev2_pld_xform: more 3 reserved 0 length 8 type DH id MODP_2048 ikev2_pld_xform: more 3 reserved 0 length 8 type DH id MODP_2048_224 ikev2_pld_xform: more 3 reserved 0 length 8 type DH id MODP_2048_256 ikev2_pld_xform: more 3 reserved 0 length 8 type DH id MODP_1536 ikev2_pld_xform: more 3 reserved 0 length 8 type DH id MODP_3072 ikev2_pld_xform: more 3 reserved 0 length 8 type DH id MODP_4096 ikev2_pld_xform: more 3 reserved 0 length 8 type DH id MODP_8192 ikev2_pld_xform: more 3 reserved 0 length 8 type DH id MODP_1024 ikev2_pld_xform: more 3 reserved 0 length 8 type DH id MODP_1024_160 ikev2_pld_xform: more 3 reserved 0 length 8 type DH id ECP_256 ikev2_pld_xform: more 3 reserved 0 length 8 type DH id ECP_384 ikev2_pld_xform: more 3 reserved 0 length 8 type DH id ECP_521 ikev2_pld_xform: more 3 reserved 0 length 8 type DH id ECP_224 ikev2_pld_xform: more 3 reserved 0 length 8 type DH id ECP_192 ikev2_pld_xform: more 3 reserved 0 length 8 type DH id BRAINPOOL_P224R1 ikev2_pld_xform: more 3 reserved 0 length 8 type DH id BRAINPOOL_P256R1 ikev2_pld_xform: more 3 reserved 0 length 8 type DH id BRAINPOOL_P384R1 ikev2_pld_xform: more 0 reserved 0 length 8 type DH id BRAINPOOL_P512R1 ikev2_pld_payloads: payload KE nextpayload NONCE critical 0x00 length 264 ikev2_pld_ke: dh group MODP_2048 reserved 0 ikev2_pld_payloads: payload NONCE nextpayload NOTIFY critical 0x00 length 36 ikev2_pld_payloads: payload NOTIFY nextpayload NOTIFY critical 0x00 length 28 ikev2_pld_notify: protoid NONE spisize 0 type NAT_DETECTION_SOURCE_IP ikev2_nat_detection: peer source 0xedd37e5e75d328e5 0x 184.151.36.170:54158 ikev2_pld_notify: NAT_DETECTION_SOURCE_IP detected NAT, enabling UDP encapsulation ikev2_pld_payloads: payload NOTIFY nextpayload NOTIFY critical 0x00 length 28 ikev2_pld_notify: protoid NONE spisize 0 type NAT_DETECTION_DESTINATION_IP ikev2_nat_detection: peer destination 0xedd37e5e75d328e5 0x 65.19.130.43:500 ikev2_pld_payloads: payload NOTIFY nextpayload NOTIFY critical 0x00 length 8 ikev2_pld_notify: protoid NONE spisize 0 type ikev2_pld_payloads: payload NOTIFY nextpayload NONE critical 0x00 length 16 ikev2_pld_notify: protoid NONE spisize 0 type sa_state: INIT -> SA_INIT ikev2_sa_negotiate: score 4 sa_stateok: SA_INIT flags 0x00, require 0x00 sa_stateflags: 0x00 -> 0x10 sa (required 0x00 ) ikev2_sa_keys: failed to get dh secret group 24 len 256 secret 256 exchange 256 ikev2_resp_recv: failed to get IKE SA keys sa_state: SA_INIT -> CLOSED from any to any policy 'policy1'
Re: iked "failed to get dh secret"
On Mon, Oct 19, 2015 at 12:09 PM, Adam Van Ymeren wrote: > I've been trying to setup a VPN for my android device using strongSwan and > iked. > > When I try to initiate the connection from my device the SA never gets > established. I see this in the log: > Here's the logs from iked -dvv God damn gmail keyboard shotcuts, sent before I was finished. The relevant part of the log appears to be: ikev2_sa_keys: failed to get dh secret group 24 len 256 secret 256 exchange 256 ikev2_resp_recv: failed to get IKE SA keys Not sure how to debug this further. Any thoughts what would trigger this error?
Re: Upgrade from 5.7 to 5.8 : bsd.rd doesn't complete boot
On 19 Oct 2015 4:55 p.m., "Jean-Philippe Provost" < jphilippe.prov...@gmail.com> wrote: > > Hi, > > I don't have any CD. I just downloaded the bsd.rd for 5.8 and it wont boot > and ask what I want to do. > > Since I have 5.7 installed on it, the dmesg I got is the one from 5.7 boot > and not bsd.rd (5.8) boot. > > Am I clear? > > -- > *Jean-Philippe Provost* > > > 2015-10-19 16:16 GMT-04:00 Peter N. M. Hansteen : > > > On 10/19/15 22:04, Jean-Philippe Provost wrote: > > > >> Hi all, > >> > >> I've downloaded the bsd.rd from the folder 5.8 on ftp.OpenBSD.org and put > >> it in /. > >> > >> I reboot and type boot bsd.rd. > >> > >> It loads, but at the "end", it sticks at *root on rd0a swap on rd0b dump > >> on > >> rd0b* > >> > >> ââ¬â¹I did the same thing yesterday with my laptop and everything was > fine. > >> > >> Any ideas? The box is a Dell Inspiron ââ¬â¹ > >> > > > > a dmesg always helps diagnose the problem, see eg > > http://www.openbsd.org/faq/faq4.html#getdmesg for how to collect one. > > > > and of course, for a more general (and slightly more verbose) procedure > > for reporting bugs, see http://www.openbsd.org/report.html > > > > Good luck! > > > > -- > > Peter N. M. Hansteen, member of the first RFC 1149 implementation team > > http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ > > "Remember to set the evil bit on all malicious network traffic" > > delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds. > Do you have a serial port on the machine and another machine available? You can capture the complete dmesg from the bsd.rd kernel on a second machine.
Re: OpenBSD installer info prohibit-password > without-password ?
On 1 Nov 2015 7:06 a.m., "ludovic coues" wrote: > > 2015-11-01 8:56 GMT+01:00 S : > > when installing OpenBSD > > Alow root ssh login? (yes, no, prohibit-password) [no] prohibit-password > > > > after install , in /etc/sshd_config > > PermitRootLogin without-password > > > > so, why not using "without-password" at installation procedure for consistency? > > > > http://www.openbsd.org/errata58.html That doesn't really answer the question. > > -- > > Cordialement, Coues Ludovic > +336 148 743 42
Re: Daily digest, Issue 3641 (37 messages)
On Tue, Nov 24, 2015 at 1:42 PM, Alan Corey wrote: > re: bootable cylinder limit? > > All manner of things seem to have broken when I went from a 500 gig > drive to 1 TB, or maybe it's because I added Linux. For years I've > been using the method that used to be in the OpenBSD FAQ of using dd > to write out the first sector of the partition you want to boot to a > file, copying that into the Windows partition, then setting it up in > Windows boot.ini. It worked this time for a week or so, and only > Linux broke, OpenBSD and Windows still work. > > I used lilo because it was willing to install into the Linux > partition, not the MBR. That might be possible with grub, I'm now > reading http://www.gnu.org/software/grub/manual/grub.html. Seems like > I might need to chain load grub from the Windows bootloader. I wanted > each OS self-contained so as a last resort if I flagged that partition > bootable the OS installed there would boot, or I could link a copied > bootsector from boot.ini. > > I've used lilo (and loadlin) before, not grub. Grub seemingly won't > boot Windows, it has to be the other way around. I did get lilo up by GRUB should be able to boot windows. I've had grub installed to the MBR and used the chainloader command to load the windows bootloader. > putting the Debian install CD back in and it seems limited to LBA32, > not LBA48 as dmesg shows my drive using. Yes, the problem with LBA, > not CHS, is that you need really big (unsigned) integers. > > I hate it when you want to return to a simpler way of life and find it > doesn't work anymore. I have a bootable floppy image from Windows 95 > so I just tried to set that up as the bootable part of a CD (worked > before) so I could run Norton Utilities to look at the MBR. Comes up > not finding command.com. Same thing happens with a Dell Diagnostics > CD I made in 2008. All this fancy crap... > > -- > Credit is the root of all evil. - AB1JX
Re: how to Bridging with a wireless NIC
On Tue, Feb 16, 2016 at 8:54 PM, Tuyosi Takesima wrote: > hi all , > > > my room has no wired lan cord . > > my situation is > > internet > | > wifi router > 192.168.100.254 > | > |wireless > | > rum0:dhcpcd > openbsd > re0 > | > |wired LAN > | > video recorder > > my intension is that > video recorder recieves address from wifi router ( ***not from openbsd***) > > debian linux has > https://wiki.debian.org/BridgeNetworkConnections#Bridging_with_a_wireless_NIC > . > but this setting is compex and hard to follow . > > openbsd has logical simplicity . > so are there someone who overcome it ? http://www.openbsd.org/faq/faq6.html#Bridge On your openbsd system /etc/hostname.rum0 should read dhcp /etc/hostname.re0 should read up /etc/hostname.bridge0 should read add rum0 add re0 up That should do it > - > regards
Re: how to Bridging with a wireless NIC
On Wed, Feb 17, 2016 at 12:39 PM, Stefan Sperling wrote:
> On Wed, Feb 17, 2016 at 10:54:54AM +0900, Tuyosi Takesima wrote:
>> wifi router
>> 192.168.100.254
>> |
>> |wireless
>> |
>> rum0:dhcpcd
>
> This kind of bridge between two wireless devices requires support for
> the WDS ("wireless distribution system") extension for both the wifi
> router and rum0. https://en.wikipedia.org/wiki/Wireless_distribution_system
> This functionality is not part of standard 802.11.
>
> OpenBSD doesn't support WDS, so you're out of luck and your plan won't work
> like this. Sorry. If the wifi router supports WDS you could try to build
> a wireless bridge with some other device (e.g. some device running OpenWRT)
> and run a cable to your OpenBSD box from there.
>
My bad, I didn't realize you couldn't bridge this way. I have the
reverse setup going in my room, wire from gateway to BSD box which
provides an additional access point to other wireless devices in my
room.
I know it doesn't meet your original requirements but you could set up
your openbsd box to host a second LAN off of re0 and then nat-to its
address on the wireless. Or just set up a second network and
configure your routing tables approriately and you shouldn't need NAT.
Android device detach/attach loop
I was attempting to to use android's adb toolbut when I enable usb debugging on my phoneit appears to repeatedly detach/reattach the device. Anyone experience this before or have any advice on how to debug this? Here's the output of /var/log/messages with some usb debugging enabled and ugendebug set to 0x First connecting with usb debugging disabled Jan 2 15:12:26 adam-laptop /bsd: uhub0: intr status=0 Jan 2 15:12:26 adam-laptop /bsd: uhub0: port 5 status=0x0501 change=0x0001 Jan 2 15:12:26 adam-laptop /bsd: uhub0: intr status=0 Jan 2 15:12:26 adam-laptop /bsd: uhub0: port 5 status=0x0500 change=0x0001 Jan 2 15:12:26 adam-laptop /bsd: uhub0: port 5, device disappeared after reset Jan 2 15:12:26 adam-laptop /bsd: uhub0: port 7 status=0x0500 change=0x0001 Jan 2 15:12:26 adam-laptop /bsd: uhub0: port 8 status=0x0500 change=0x0001 Jan 2 15:12:27 adam-laptop /bsd: uhub0: port 5 status=0x0500 change=0x0001 Jan 2 15:12:27 adam-laptop /bsd: uhub3: intr status=0 Jan 2 15:12:27 adam-laptop /bsd: uhub3: port 1 status=0x0101 change=0x0001 Jan 2 15:12:27 adam-laptop /bsd: uhub3: intr status=0 Jan 2 15:12:27 adam-laptop /bsd: uhub0: intr status=0 Jan 2 15:12:27 adam-laptop /bsd: uhub3: intr status=0 Jan 2 15:12:27 adam-laptop /bsd: uhub3: port 1 status=0x0100 change=0x0011 Jan 2 15:12:27 adam-laptop /bsd: uhub3: port 1, device disappeared after reset Jan 2 15:12:27 adam-laptop /bsd: uhub3: port 1 status=0x0100 change=0x0011 Jan 2 15:12:27 adam-laptop /bsd: uhub0: port 5 status=0x0501 change=0x0001 Jan 2 15:12:28 adam-laptop /bsd: uhub0: intr status=0 Jan 2 15:12:28 adam-laptop /bsd: uhub0: port 5 status=0x0500 change=0x0001 Jan 2 15:12:28 adam-laptop /bsd: uhub0: port 5, device disappeared after reset Jan 2 15:12:28 adam-laptop /bsd: uhub0: port 5 status=0x0500 change=0x0001 Jan 2 15:12:28 adam-laptop /bsd: uhub3: intr status=0 Jan 2 15:12:28 adam-laptop /bsd: uhub3: port 1 status=0x0100 change=0x0001 Jan 2 15:12:28 adam-laptop /bsd: uhub0: intr status=0 Jan 2 15:12:28 adam-laptop /bsd: uhub0: port 5 status=0x0501 change=0x0001 Jan 2 15:12:28 adam-laptop /bsd: uhub0: intr status=0 Jan 2 15:12:29 adam-laptop /bsd: uhub0: port 5 status=0x0500 change=0x Jan 2 15:12:29 adam-laptop /bsd: uhub0: port 5, device disappeared after reset Jan 2 15:12:29 adam-laptop /bsd: uhub0: port 5 status=0x0500 change=0x Jan 2 15:12:29 adam-laptop /bsd: uhub0: intr status=0 Jan 2 15:12:29 adam-laptop /bsd: uhub0: port 5 status=0x0501 change=0x0001 Jan 2 15:12:30 adam-laptop /bsd: uhub0: port 5 status=0x0503 change=0x Jan 2 15:12:30 adam-laptop /bsd: ugen2 at uhub0 port 5 "Samsung Galaxy Nexus" rev 2.00/2.16 addr 2 Jan 2 15:12:30 adam-laptop /bsd: ugen_set_config: ugen2 to configno 1, sc=0xd5562000 Jan 2 15:12:30 adam-laptop /bsd: ugen_set_config: ifaceno 0 Jan 2 15:12:30 adam-laptop /bsd: ugen_set_config: endptno 0, endpt=0x81(1,128), sce=0xd556229c Jan 2 15:12:30 adam-laptop /bsd: ugen_set_config: endptno 1, endpt=0x02(2,0), sce=0xd5562364 Jan 2 15:12:30 adam-laptop /bsd: ugen_set_config: endptno 2, endpt=0x82(2,128), sce=0xd556242c Then I enabled usb debugging on the phone. It appears to set up a second interface on device (ifaceno 1) and then detaches immediately afterwards. Jan 2 15:12:52 adam-laptop /bsd: uhub0: intr status=0 Jan 2 15:12:52 adam-laptop /bsd: uhub0: port 5 status=0x0500 change=0x0001 Jan 2 15:12:52 adam-laptop /bsd: ugen_detach: sc=0xd5562000 flags=1 Jan 2 15:12:52 adam-laptop /bsd: uhub0: intr status=0 Jan 2 15:12:52 adam-laptop /bsd: ugen2 detached Jan 2 15:12:52 adam-laptop /bsd: uhub0: port 5 status=0x0501 change=0x0001 Jan 2 15:12:53 adam-laptop /bsd: uhub0: port 5 status=0x0503 change=0x Jan 2 15:12:53 adam-laptop /bsd: ugen2 at uhub0 port 5 "Samsung Galaxy Nexus" rev 2.00/2.16 addr 2 Jan 2 15:12:53 adam-laptop /bsd: uhub0: intr status=0 Jan 2 15:12:53 adam-laptop /bsd: ugen_set_config: ugen2 to configno 1, sc=0xd5562000 Jan 2 15:12:53 adam-laptop /bsd: ugen_set_config: ifaceno 0 Jan 2 15:12:53 adam-laptop /bsd: ugen_set_config: endptno 0, endpt=0x81(1,128), sce=0xd556229c Jan 2 15:12:53 adam-laptop /bsd: ugen_set_config: endptno 1, endpt=0x02(2,0), sce=0xd5562364 Jan 2 15:12:53 adam-laptop /bsd: ugen_set_config: endptno 2, endpt=0x82(2,128), sce=0xd556242c Jan 2 15:12:53 adam-laptop /bsd: ugen_set_config: ifaceno 1 Jan 2 15:12:53 adam-laptop /bsd: ugen_set_config: endptno 0, endpt=0x83(3,128), sce=0xd55625bc Jan 2 15:12:53 adam-laptop /bsd: ugen_set_config: endptno 1, endpt=0x03(3,0), sce=0xd55624f4 Jan 2 15:12:53 adam-laptop /bsd: uhub0: port 5 status=0x0501 change=0x0001 Jan 2 15:12:53 adam-laptop /bsd: ugen_detach: sc=0xd5562000 flags=1 Jan 2 15:12:53 adam-laptop /bsd: ugen2 detached Jan 2 15:12:54 adam-laptop /bsd: uhub0: port 5 status=0x0503 change=0x Jan 2 15:12:54 adam-laptop /bsd: ugen2 at uhub0 port 5 "Samsung Galaxy Nexus" rev 2.00/2.16 addr 2 Jan 2 15:12:54 adam-laptop /bsd: u
Re: Android device detach/attach loop
On 01/03/17 02:15, Anthony J. Bentley wrote: Adam Van Ymeren writes: I was attempting to to use android's adb toolbut when I enable usb debugging on my phoneit appears to repeatedly detach/reattach the device. Anyone experience this before or have any advice on how to debug this? Jan 2 15:12:30 adam-laptop /bsd: ugen2 at uhub0 port 5 "Samsung Galaxy Nexus" rev 2.00/2.16 addr 2 This seems to be a problem with the Galaxy Nexus, and I've seen it on mine. I did buy another Galaxy Nexus to pass on to any dev with potential interest but couldn't reproduce the problem on the new phone; maybe I forgot to enable USB debugging. Interesting, it doesn't happen plugging my Galaxy Nexus into a Linux of macOS machine, also doesn't happen on OpenBSD using different android phones. Definitely something specific with the combination of OpenBSD and the Galaxy Nexus. I did some more digging, if I'm reading this right, shortly after the device connects, ehci.c reads the "Connect Status Change" register, triggers another uhub_explore, which calls uhub_port_connect, which detaches the existing device. I'm reading the linux usb drivers to try to fiure out what it's doing different, but this isn't my area of expertise :). Follows is some more debugging information if anyone is interested Here's the lsusb -v output from a linux machine: Bus 002 Device 003: ID 04e8:6860 Samsung Electronics Co., Ltd Galaxy (MTP) Device Descriptor: bLength18 bDescriptorType 1 bcdUSB 2.00 bDeviceClass0 bDeviceSubClass 0 bDeviceProtocol 0 bMaxPacketSize064 idVendor 0x04e8 Samsung Electronics Co., Ltd idProduct 0x6860 Galaxy (MTP) bcdDevice2.16 iManufacturer 2 Samsung iProduct3 Galaxy Nexus iSerial 4 01498FC00901A01C bNumConfigurations 1 Configuration Descriptor: bLength 9 bDescriptorType 2 wTotalLength 62 bNumInterfaces 2 bConfigurationValue 1 iConfiguration 0 bmAttributes 0x80 (Bus Powered) MaxPower 500mA Interface Descriptor: bLength 9 bDescriptorType 4 bInterfaceNumber0 bAlternateSetting 0 bNumEndpoints 3 bInterfaceClass 255 Vendor Specific Class bInterfaceSubClass255 Vendor Specific Subclass bInterfaceProtocol 0 iInterface 5 MTP Endpoint Descriptor: bLength 7 bDescriptorType 5 bEndpointAddress 0x81 EP 1 IN bmAttributes2 Transfer TypeBulk Synch Type None Usage Type Data wMaxPacketSize 0x0200 1x 512 bytes bInterval 0 Endpoint Descriptor: bLength 7 bDescriptorType 5 bEndpointAddress 0x02 EP 2 OUT bmAttributes2 Transfer TypeBulk Synch Type None Usage Type Data wMaxPacketSize 0x0200 1x 512 bytes bInterval 0 Endpoint Descriptor: bLength 7 bDescriptorType 5 bEndpointAddress 0x82 EP 2 IN bmAttributes3 Transfer TypeInterrupt Synch Type None Usage Type Data wMaxPacketSize 0x001c 1x 28 bytes bInterval 6 Interface Descriptor: bLength 9 bDescriptorType 4 bInterfaceNumber1 bAlternateSetting 0 bNumEndpoints 2 bInterfaceClass 255 Vendor Specific Class bInterfaceSubClass 66 bInterfaceProtocol 1 iInterface 0 Endpoint Descriptor: bLength 7 bDescriptorType 5 bEndpointAddress 0x83 EP 3 IN bmAttributes2 Transfer TypeBulk Synch Type None Usage Type Data wMaxPacketSize 0x0200 1x 512 bytes bInterval 0 Endpoint Descriptor: bLength 7 bDescriptorType 5 bEndpointAddress 0x03 EP 3 OUT bmAttributes2 Transfer TypeBulk Synch Type None Usage Type Data wMaxPacketSize 0x0200 1x 512 bytes bInterval 0 Device Qualifier (for other device speed): bLength10 bDescriptorType 6 bcdUSB 2.00 b
Re: Funding for Skylake support
On 1/7/2017 3:19 PM, Peter Membrey wrote: Hi all, I've gotten OpenBSD up and running on a new Intel NUC, but unfortunately Skylake isn't supported. I was able to get X working in software accelerated mode, but it would be great to see true support for the chipset. Unfortunately I don't have the necessary skills to work on this myself, but I am willing to put my money where my mouth is. I realise that for a lot of people, the issue is time and not money, but that aside, would anybody be interested in focusing on adding support for Skylake? The deliverable would be getting Skylake support merged. Happy to discuss what sort of funding would be needed. I would also be interested in helping fund Skylake support. Happy to donate some upfront to anyone interested in working on Skylake. -Adam
Re: Loss of USB connection if I "wiggle the cable at device end"
On January 24, 2017 12:34:35 PM EST, Alexander Keller wrote: >Noted same issue on certain devices including a keyboard peripheral of >mine. Have included a patch. > >[demime 1.01d removed an attachment of type image/jpeg which had a name >of patch.jpg] patch.jpg. what.
Re: AMD Ryzen
On April 1, 2017 8:02:07 AM EDT, Karel Gardas wrote: >If you do have hardware available, why you just don't attempt to boot >latest snapshot? Should take you just few minutes and then you can >even report here together with dmesg output about your experience... Could be he's debating purchasing hardware. Damn this list can be snarky. > >On Sat, Apr 1, 2017 at 6:24 AM, Damian McGuckin >wrote: >> Has anybody achieved an installation of OpenBSD on this yet please? >> >> Just curious whether it is worth the effort to try. >> >> Regards - Damian >> >> Pacific Engineering Systems International, 277-279 Broadway, Glebe >NSW 2037 >> Ph:+61-2-8571-0847 .. Fx:+61-2-9692-9623 | unsolicited email not >wanted here >> Views & opinions here are mine and not those of any past or present >employer -- Sent from my Android device with K-9 Mail. Please excuse my brevity.
Re: AMD Ryzen
Sorry, I guess I read more snark in your message then was actually there. I apologize. Original Message From: Karel Gardas Sent: April 1, 2017 2:33:07 PM EDT To: Adam Van Ymeren Cc: OpenBSD general usage list , Damian McGuckin Subject: Re: AMD Ryzen On Sat, Apr 1, 2017 at 4:17 PM, Adam Van Ymeren wrote: > > > On April 1, 2017 8:02:07 AM EDT, Karel Gardas wrote: >>If you do have hardware available, why you just don't attempt to boot >>latest snapshot? Should take you just few minutes and then you can >>even report here together with dmesg output about your experience... > > Could be he's debating purchasing hardware. Damn this list can be snarky. If so, then I clearly misunderstood OP's "Just curious whether it is worth the effort to try." -- well, not native English speaker here. Anyway, being snarky was not my idea...
Trouble getting PPPoE working, any ideas?
I've been trying to replace my ISP provided router with an OpenBSD 5.6 system, but I can't get PPPoE working. Using the userspace pppd daemon on a linux machine appears to work, but no luck using pppoe(4). I did some debugging using wireshark, and for some reason when my OpenBSD system sends the very first PPP discovery packet, it receives no response. I can't find any meaningful difference between the packet that OpenBSD is sending and the packet that my linux machine is sending. As reported by wireshark, the successful packet from linux is describe below. My ISP decided that the internet service needs to be under a VLAN with id 35. Length: 36-bytes Ethernet II, Src: 00:b5:6d:03:b8:9a, Dst: ff:ff:ff:ff:ff:ff 802.1Q Virtual Lan, PRI: 0, CFI: 0, ID: 35 Type: PPPoE Discovery (0x8863) PPPoE Discovery: Version: 1 Type: 1 Code: Active Discovery Initiation (PADI) (0x09) Session ID: 0x Payload Length: 12 PPPoE Tags: Host-Uniq: bf0f Raw hex: ff ff ff ff ff ff 00 b5 6d 03 b8 9a 81 00 00 23 0010 88 63 11 09 00 00 00 0c 01 01 00 00 01 03 00 04 0020 bf 0f 00 00 The unsuccessful packet from my OpenBSD machine looks like this Length: 64-bytes Ethernet II, Src: 00:0d:b9:35:ac:Dc Dst: ff:ff:ff:ff:ff:ff 802.1Q Virtual LAN, PRI: 3, CFI: 0, ID: 35 Type: PPPoE Discovery (0x8863) PPPoE Discovery Version: 1 Type: 1 Code: Active Discovery Initiation (PADI) (0x09) Session Id: 0x Payload Length: 12 PPPoE Tags Host-Uniq: 54c6dda5 Raw Hex: ff ff ff ff ff ff 00 0d b9 35 ac dc 81 00 60 23 0010 88 63 11 09 00 00 00 0c 01 01 00 00 01 03 00 04 0020 54 c6 dd a5 00 00 00 00 00 00 00 00 00 00 00 00 0030 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 The main differences I see are: MAC addresses are different, obviously. The BSD ethernet frame has extra padding to bring it to 64-bytes, whereas the linux packet is only 36-bytes The BSD vlan tag has priority 3 set, rather than priority 0 in the linux packet. The PPPoE Host-Uniq tag is different, but this appears to be a random or pseudo-random value. I also plugged in to the other end of my ISP provided router and captured the discovery packet from it. It looks the same as the linux packet, except it's padded to 60-bytes and the host-uniq tag is different. The vlan priority is set to 0 in that packet as well. I've tried to get pf to set the pri tag on my vlan packets to 0, but I'm new to pf and I couldn't get it to work. I tried this rule and a few other variants match out all set prio 0 My best guesses at what's going wrong: 1) Some sort of MTU failure that isn't visible in wireshark. I messed around with the MTU values for the pppoe0 and re0 interfaces, but didn't have any luck there yet. 2) Some lame bug in my ISP's equipment that is failing due to the VLAN priority being 3 instead of 0, or the packet being padded to 64-bytes. Sorry for the marathon long email, I wanted to include everything I thought was relevant. If anyone has any ideas on where I can look to debug this further I'd really appreciate it. Anyone know why I can't get the vlan pri set to 0? Or is there a way I can write raw ethernet frames to the wire. Is a raw socket low-level enough for this? Thanks for the help! -Adam
Re: Trouble getting PPPoE working, any ideas?
On Sun, Apr 12, 2015 at 4:28 PM, Adam Van Ymeren wrote: > I did some debugging using wireshark, and for some reason > when my OpenBSD system sends the very first PPP discovery packet, it > receives no response. > My best guesses at what's going wrong: > 2) Some lame bug in my ISP's equipment that is failing due to the > VLAN priority being 3 instead of 0, or the packet being padded to 64-bytes. For anyone following along or anyone who may hit the same issue, setting the VLAN priority to 0 fixes the issue. My ISP is Bell in Ontario. I was unable to set the priority using PF however, I ended up compiling a custom kernel that always sets it to 0. I was linked to this thread in private of someone hitting the same issue and it appears that this at least used to be a bug in PF. https://www.marc.info/?l=openbsd-misc&m=138003688820372&w=2 I'll investigate futher when I have time and hopefully follow up with a bug report. Cheers, -Adam
Re: NATing out enc0 traffic
Thanks for posting your adventure. I didn't have enough PF knowledge to help debug, but it was an interesting read. On Mon, Jun 1, 2015 at 3:11 PM, Justin Mayes wrote: > I have this working. After learning more about route vs policy ipsec tunnels > I added a policy for 'any' to 10.x and return traffic from the net is now > passed back. I will go back to my cave now > > > -Original Message- > From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf Of > Justin Mayes > Sent: Friday, May 29, 2015 11:10 AM > To: misc@openbsd.org > Subject: Re: NATing out enc0 traffic > > I think I am understanding this better after some more reading. My ipsec > tunnel just connects the two subnets and when my nat traffic returns from the > internet it does not match the policy for the tunnel because the source > address is not 192.x. What I need is some tunneling protocol that I can route > like pptp or l2tp which is what npppd is for. I do not have access to > configure the amazon side of the vpn for pptp or l2tp so I do not think this > is not going to be possible. That seems odd. I assumed this would be a common > setup > > -Original Message- > From: Justin Mayes > Sent: Thursday, May 28, 2015 1:52 PM > To: misc@openbsd.org > Subject: RE: NATing out enc0 traffic > > I just wanted to send an update based on some feedback. My subject is > misleading so let me clarify. I'm not attempting to nat between the networks > on either side of the vpn. For examples sake assume 192.168.0.0/24 on one > side of tunnel and 10.10.10.0/24 on the other. I'm trying to allow servers > on one side 10.x of the tunnel to access the internet via the other side of > the tunnel 192.168.0.1. Egress works, 10.x client gets to the internet and > replies come back. The return traffic comes back and the gateway drops it. I > assume that pf translates it back to the 10.x address and has no route for > that. I need it to go back through enc0. > > J > > -Original Message- > From: owner-m...@openbsd.org [mailto:owner-m...@openbsd.org] On Behalf Of > Justin Mayes > Sent: Wednesday, May 27, 2015 2:47 PM > To: misc@openbsd.org > Subject: NATing out enc0 traffic > > Greetings everyone > > I am playing with amazon virtual private clouds (VPC). I have set a few up. I > have no issues connecting ipsec from openbsd <-> amazon VPC. All of these > VPCs so far have their own internet connection going out from amazon that > works fine. > > > [OpenBSD][VPC]<->Internet > > > Next I am setting up a VPC that has no internet gateway. Instead the default > gateway is the vpn and all traffic is sent back through the ipsec tunnel and > then out the local network gateway. > > [Internet] > ^ > | > | > | > [OpenBSD]<---ipsec-->[VPC] > > > I added these relevant lines to pf.conf > > Match out on $ext_if from !($ext_if:network) nat-to ($ext_if) pass quick on > enc0 keep state (if-bound) > > With tcpdump and pfctl I can tell that traffic from the vpc (10.0.0.0/8) > comes across the tunnel and gets NATed out. I can see that traffic leave the > external interface and I can see the reply come back to the external > interface. The reply never hits enc0 though and never makes it back to the > client. Is there another piece to the setup I am missing? I assume what I am > trying to do is possible. I would appreciate any insight or advice anyone may > have in regards to this type of setup. > > J
Re: Why does my 5.7 laptop suspend when I close the lid?
On Tue, Jun 30, 2015 at 2:38 PM, Alan Corey wrote: > I didn't ask it to do that and I don't know how to unsuspend. As far > as I'm concerned this is an undocumented "feature". If I want to > suspend I'll type zzz. I haven't found a way to turn this off. > > -- > Credit is the root of all evil. - AB1JX > # sysctl hw.lidsuspend=0 Or maybe is machdep.lidsuspend, I forget.
Re: Why does my 5.7 laptop suspend when I close the lid?
On Tue, Jun 30, 2015 at 2:42 PM, Adam Van Ymeren wrote: > On Tue, Jun 30, 2015 at 2:38 PM, Alan Corey wrote: >> I didn't ask it to do that and I don't know how to unsuspend. As far >> as I'm concerned this is an undocumented "feature". If I want to >> suspend I'll type zzz. I haven't found a way to turn this off. >> >> -- >> Credit is the root of all evil. - AB1JX >> > > # sysctl hw.lidsuspend=0 > > Or maybe is machdep.lidsuspend, I forget. It is machdep. To turn it off always put. machdep.lidsuspend=0 in your /etc/sysctl.conf file. Also the installer prompts you if you want this behaviour, so its hardly undocumented. http://www.openbsd.org/faq/faq4.html
Custom bsd.rd contents
I'm trying to modify the contents of the ram disk in a bsd.rd kernel. Is there any documentation on this process? Or can anyone point in my a good direction to start looking? Thanks for the help.
