e...@thyrsus.com said:
> The deal we've struck with them is: They supply the hardware, we'll do the
> software integration. I think they're our best bet for a real single-board
> solution.
I don't think we want a single board solution. It won't track new versions
with newer CPU chips, or if i
Clark B. Wierda :
> I can commit to writing the diffs for both of these boards using Eric's
> HOWTO as the baseline. Does that help define scope and advance the
> critical path?
It certainly does.
--
http://www.catb.org/~esr/";>Eric S. Raymond
Hal Murray :
> > Not immediately; there's still the Odroid C2 and BeagleBone to do.
>
> Forget them. They aren't worth your time.
I already have the Odroid, and Mark asked me to support it at Penguicon.
You can ask him why he thinks it's important; I remember that he gave
me some reasons, but le
On Tue, May 24, 2016 at 8:47 PM, Gary E. Miller wrote:
> Yo Hal!
>
> On Tue, 24 May 2016 17:30:04 -0700
> Hal Murray wrote:
>
> > > Not immediately; there's still the Odroid C2 and BeagleBone to do.
> >
> > Forget them. They aren't worth your time.
>
> +1.
>
> The Odroid hardware is nice, but t
Yo Hal!
On Tue, 24 May 2016 17:30:04 -0700
Hal Murray wrote:
> > Not immediately; there's still the Odroid C2 and BeagleBone to do.
>
> Forget them. They aren't worth your time.
+1.
The Odroid hardware is nice, but they have not been maintaining their
code base. Their versions of things l
> Not immediately; there's still the Odroid C2 and BeagleBone to do.
Forget them. They aren't worth your time.
There aren't any HAT equivalents for BeagleBone and the Odroid web site is
broken enough that I couldn't even order one.
---
There is actually a Cape with GPS but it also has GPR
Hal Murray :
> I like it. The disadvantage is that you may need some adapters. Has the
> world switched to HDMI yet? (I'm still using VGA and PS2, but I have USB
> keyboards.)
There's a lot of both HDMI and DVI out there. New monitors tend to have both
jacks. I believe VGA is in sharp decline
e...@thyrsus.com said:
> No doubt you're right, but I don't think that sort of bug will hit us until
> we change kernels - that is, unpin the image we're using. I'll add such a
> warning then.
Do we need a warning about NOT running apt-get update/upgrade?
> Better yet, we provide a script,
Hal Murray :
> e...@thyrsus.com said:
> > Now that I'm thinking about it - probably the NTPsec site should have a
> > HOWTOs category, and both this thing and both time-service HOWTOs should
> > move there. Later to be joined by others.
>
> I like that suggestion.
>
> It seems like the fastest wa
e...@thyrsus.com said:
> Now that I'm thinking about it - probably the NTPsec site should have a
> HOWTOs category, and both this thing and both time-service HOWTOs should
> move there. Later to be joined by others.
> But I'm not wedded to that plan. Do you have a better or different idea?
I li
Gary E. Miller :
> > Interestingly enough, my wife Cathy came up with this one as I was
> > explaining the problem to her over dinner. Score one for sharp
> > Philadelphia lawyers.
>
> Lawyers know logic. Buy her a steak.
By coincidence, we have a custom of going out for a (relatively inexpensi
Hal Murray :
>
> e...@thyrsus.com said:
> > Would it suffice to say "Never put a Pi on an un-NATted address until you
> > have removed the default account?"
>
> I don't think that's quite good enough.
It's OK, I think I have a better solution now.
> What are your longer term plans for this docu
Yo Eric!
On Tue, 24 May 2016 18:49:29 -0400
"Eric S. Raymond" wrote:
> > I do not want the best to be the enemy of the better. I'll settle
> > for the next small improvement.
>
> There's a simpler way. First step becomes changing the default-user
> password using a local display and keyboar
e...@thyrsus.com said:
> There's a simpler way. First step becomes changing the default-user
> password using a local display and keyboard, *before* the Ethernet is
> plugged in.
I like it. The disadvantage is that you may need some adapters. Has the
world switched to HDMI yet? (I'm still us
Gary E. Miller :
> Yo Eric!
>
> On Tue, 24 May 2016 18:03:51 -0400
> "Eric S. Raymond" wrote:
>
> > > Or even disable password logins altogether and use ssh keys only.
> > > But that's not for the HOWTO's target audience, unfortunately.
> >
> > Actually ./clockbuilder --secure does exactly th
e...@thyrsus.com said:
> Would it suffice to say "Never put a Pi on an un-NATted address until you
> have removed the default account?"
I don't think that's quite good enough.
What are your longer term plans for this document? Is it going to live on
www.catb.org forever, or migrate to someplac
The parts list should probably mention power. You either need a wall-wart
type unit or a USB A-to-micro-B cable and a place to plug it in to steal
power.
I think the "Download the 2016-03-18 Raspbian Lite image zip file to your host"
step should have a wget line that can be cut-pasted.
"If
Yo Eric!
On Tue, 24 May 2016 18:03:51 -0400
"Eric S. Raymond" wrote:
> > Or even disable password logins altogether and use ssh keys only.
> > But that's not for the HOWTO's target audience, unfortunately.
>
> Actually ./clockbuilder --secure does exactly that. Gary's argument
> is that the
Yo Kurt!
On Tue, 24 May 2016 23:45:39 +0200
Kurt Roeckx wrote:
> > > Would it suffice to say "Never put a Pi on an un-NATted address
> > > until you have removed the default account?"
> >
> > Most people's NATs leak a lot. Or they have IPv6 end around.
> >
> > Just change the password, to a
Kurt Roeckx :
> Can I just suggest that you don't allow password based logins over
> the network?
./clockmaker --secure makes that change.
--
http://www.catb.org/~esr/";>Eric S. Raymond
___
devel mailing list
devel@ntpsec.org
http://list
Paul Fertser :
> On Tue, May 24, 2016 at 02:38:23PM -0700, Gary E. Miller wrote:
> > The primary defense is simple, change passwords FIRST.
>
> Or even disable password logins altogether and use ssh keys only. But
> that's not for the HOWTO's target audience, unfortunately.
Actually ./clockbuilde
On Tue, May 24, 2016 at 02:38:23PM -0700, Gary E. Miller wrote:
> Yo Eric!
>
> On Tue, 24 May 2016 17:33:06 -0400
> "Eric S. Raymond" wrote:
>
> > Hal Murray :
> > >
> > > e...@thyrsus.com said:
> > > > See my reply to Gary and your text about NATs and firewalls.
> > > > Nobody has convinced
Yo Eric!
On Tue, 24 May 2016 17:33:06 -0400
"Eric S. Raymond" wrote:
> Hal Murray :
> >
> > e...@thyrsus.com said:
> > > See my reply to Gary and your text about NATs and firewalls.
> > > Nobody has convinced me that this procedure *isn't* taking
> > > security seriously, nor will they until
Hal Murray :
>
> e...@thyrsus.com said:
> > See my reply to Gary and your text about NATs and firewalls. Nobody has
> > convinced me that this procedure *isn't* taking security seriously, nor will
> > they until I understand how any machine other than the one I port-forward to
> > is visible to o
Yo Eric!
On Tue, 24 May 2016 17:09:27 -0400
"Eric S. Raymond" wrote:
> > Yeah, since you took so long to get to my email. :-)
>
> That's not really funny, and actually pisses me off a little. I "took
> so long to get to your email" because I was working my ass off
> answering 10e6 other ema
Gary E. Miller :
> > There is now one photo, of the blue-wire mod required for the Chinese
> > board. What others would you suggest?
>
> Maybe one that shows 'North Up" ?
The blue-wire image already does that. I'll add another pointer to it.
"If this isn't clear enough, see link:bluewire.jpg[th
Yo Hal!
On Tue, 24 May 2016 13:47:48 -0700
Hal Murray wrote:
> e...@thyrsus.com said:
> > See my reply to Gary and your text about NATs and firewalls.
> > Nobody has convinced me that this procedure *isn't* taking security
> > seriously, nor will they until I understand how any machine other
> >
e...@thyrsus.com said:
> See my reply to Gary and your text about NATs and firewalls. Nobody has
> convinced me that this procedure *isn't* taking security seriously, nor will
> they until I understand how any machine other than the one I port-forward to
> is visible to outsiders.
Your mention
Paul Fertser :
> Hello Eric,
>
> On Tue, May 24, 2016 at 03:29:34PM -0400, Eric S. Raymond wrote:
> > Now check your security. You need to be behind a NAT box or firewall
> > for the next several steps.
>
> Sorry to chime in again with my nitpicks but this particular wording
> seems to m
Paul Fertser :
> On Sun, May 22, 2016 at 04:44:33PM -0400, Eric S. Raymond wrote:
> > Paul Fertser :
> > > Host name lookup on common GNU/Linux systems goes through libnss and
> > > so the actual precondition for the above command to work is that the
> > > "hosts" line in /etc/nsswitch.conf has mdn
Yo Eric!
On Tue, 24 May 2016 15:29:34 -0400
"Eric S. Raymond" wrote:
> > The security section would obviously be generally useful. It's
> > worth mentioning firewalls and/or NAT boxes. I think there should
> > be a warning about plugging in a Pi that isn't protected one way or
> > the other.
Clark B. Wierda :
> It might be easier to follow if the "clockmaker" sequence is presented
> separately from the "manual" sequence. Likely, this would be different
> parts of the same document.
I considered doing it that way. I didn't because I think having the manual
intructions and some theory
Hal Murray :
> Big picture, only half thought out...
>
> Please consider breaking this into several modular chunks. The idea is that
> the chunks might be useful on their own and/or referenced by other HOWTOs.
> The examples that come to mind are setting up a similar system to use a
> GR-701W
Yo Eric!
Serious progress!
On Tue, 24 May 2016 10:46:32 -0400
"Eric S. Raymond" wrote:
> Gary E. Miller :
> > Great progress, but...
> >
> > It could use some photos, got a smart phone with camera?
>
> There is now one photo, of the blue-wire mod required for the Chinese
> board. What other
Gary E. Miller :
> Great progress, but...
>
> It could use some photos, got a smart phone with camera?
There is now one photo, of the blue-wire mod required for the Chinese
board. What others would you suggest?
> "a HAT uses an internal RS-232 interface "
>
> ±5v to ±15V? I think not, and not
e...@thyrsus.com said:
> Yes. I had been using a tiny 4-port unpowered hub, and seeing occasional
> failures that looked like the Pis might not always be getting the amperage
> they needed. They were sporadic ...
I'm surprised the screwups weren't more frequent.
--
These are my opinions.
Hal Murray :
> I'm missing something. What is that hub for? Are you using it to power all
> the Pi-s?
Yes. I had been using a tiny 4-port unpowered hub, and seeing
occasional failures that looked like the Pis might not always be
getting the amperage they needed. They were sporadic and I might
e...@thyrsus.com said:
> * an Anker 10-port powered USB hub, because Mark turned out to be
> unsurpringly right that el cheapo unpowered hubs aren't stable
> enough (ordered)
I'm missing something. What is that hub for? Are you using it to power all
the Pi-s?
USB provides 100 mA by defau
38 matches
Mail list logo
