On 12/30/2018 12:33 AM, Philip Guenther wrote:
On Sat, Dec 29, 2018 at 11:29 AM Ipsen S Ripsbusker <
ip...@ripsbusker.no.eu.org> wrote:
Aside from compatibility, what is the purpose of primary groups,
compared to secondary groups?
Said otherwise, why do we have both primary and secondary group
Hello,
I have a semi-working vpn from Windows 10 client to OpenBSD 6.4
running iked using machine certificates authentication method.
When I connect to the VPN, I can ping from Win 10 to the ip address of
enc0 on the other side (10.1.0.2). Unbound is listening on that ip
address, and DNS queries
Tarsnap?
Sent from my iPhone
> On Sep 2, 2018, at 10:43 AM, Kurtis wrote:
>
> Hey all,
>
> I'm just wondering if anyone has any suggestions with any Online File Backup
> / Synchronization services?
>
> I used Dropbox for a long time but decided to drop it in favor of pCloud.
> It's about ti
> On Aug 7, 2018, at 7:15 AM, Kevin Chadwick wrote:
>
> On Mon, 6 Aug 2018 15:52:11 -0500
> It may be more likely that some zealous chrome devs
> decided https everywhere was utterly important and so misleading
> messages were the order of the day.
For some reason I thought https everywher
Last resort shut down VM then backup.
I like the tool called tarsnap. It backs up to a remote service and you keep a
private key. Everything is encrypted before it “exits” your VM for the remote
side. Also very cheap.
I only backup a few files and spent barely a penny.
> Your current account
The webserver is called httpd (not the apache one). I like this book but
some people don't need the extra help of a book (I do).
https://www.michaelwlucas.com/tools/relayd
On Mon, Jun 25, 2018 at 11:49 AM John Long wrote:
> On Mon, 2018-06-25 at 10:15 -0500, Vijay Sankar wrote:
> > Here is my d
Ah okay. In my different situation I did
mv /etc/ssl/cert /tmp
Then ran command again.
I will try -D next time instead.
V/r,
Bryan
> On May 25, 2018, at 5:51 PM, Scott Vanderbilt wrote:
>
>> On 5/25/2018 2:41 PM, Bryan Harris wrote:
>> Did you already have a cert for
Did you already have a cert for datagenic.com but which didn’t include the new
name?
I think the -A argument only makes a new cert when old one doesn’t exist.
Otherwise tries to use found cert and failed because old cert doesn’t have new
name. At least that’s my understanding.
Or maybe I misu
I'll ask a dumb question. Why do you need extra root directives? Can't you
do this?
location "^/phpapp/*" {
directory index "index.php"
}
location "*.php" {
fastcgi socket "/run/php-fmp.sock
}
Bryan
On Wed, Apr 11, 2018 at 10:32 AM, Mischa wrote:
> > On 11 Apr 2018, at 12:14, Gregory Ediga
Alternate?: go back to original config and change
server "default"
to
server "example.com"
And maybe an alias for "www.example.com."
Just a thought.
V/r,
Bryan
I once had incorrect VM time causing OCSP response like it was out of date,
and syspatch refused in a similar way. But different than your situation I
think.
V/r,
Bryan
On Fri, Jan 12, 2018 at 7:19 AM, Stuart Henderson
wrote:
> On 2018-01-12, dmitry.sensei wrote:
> > Strange message from syspa
My preference is to purchase a book. I have had a good experience with
Absolute OpenBSD, Httpd & Relayd, the tarsnap book, and the Book of PF.
I would buy a book about OpenSMTPD and also ikev2 but I didn't see any.
Just my $0.02, I like books better than online tutorials.
V/r,
Bryan
On Thu, Jan
Re: question:
> How did you solve the "like" factor?
I don't know how true, but I like these passages.
"My mother had a favorite saying (origin unknown): "You can get used to
anything if you do it long enough. Even hanging." She trotted out that
saying whenever my siblings or I complained about
I don't know the answer but I'm curious. What does "pfctl -sr" command
show? Can you do dns lookups?
PS - my rules have the "pass out all" rule at the bottom.
V/r,
Bryan
On Fri, Oct 20, 2017 at 6:59 AM, Markus Rosjat wrote:
> Hi there,
>
> I was wondering, after reading mr hansteens excelent
Re: physical access, it seems not a technical problem. I.e. keep laptop
with you, hire a guard, etc. I'm not very technical, but could the hash be
stored in usb stick or online?
Maybe construct yourself a "computer safe" to make it harder for people to
get access while you're away? I.e. increas
There is a book called relayd and httpd. I think it has what you need.
V/r,
Bryan
> On Oct 12, 2017, at 1:33 PM, Andreas Thulin wrote:
>
> Hi!
>
> Before anything, thanks for yet another awesome OpenBSD release! I’ll
> extend my gratitude into the pockets of the Foundation and finally donate
Here is what I did, which I learned from the httpd & relayd book by Michael
W Lucas (I recommend). I cannot remember why I set the top header options,
I must have been trying to learn about them. The host ones are to figure
out the site and send the connection to the table above.
ext_addr="..."
I don't think you can know the host header unless you decrypt the https
using a certificate. It seems that idea would require SNI but I don't know
if they have SNI in relayd/httpd. (I could be wrong about that.)
In mine I have listen on $ext_addr port 443 tls. Then exists
/etc/ssl/ipaddr:443.cr
I got curious so I looked at the man page. It seems to me one could
authenticate a location i.e. folder/directory based on this part.
> A location section may include most of the server configuration rules except
> alias, connection,hsts, listen on, location, tcp and tls.
V/r,
Bryan
Sent
Hi Trond,
We must have been typing at the same time, yes that ended up working.
I tried a * character first but that didn't work (and wasn't in the
man page anyway).
V/r,
Bryan
On Mon, Aug 28, 2017 at 9:32 PM, trondd wrote:
> On Mon, August 28, 2017 6:03 pm, Bryan Harris wrote:
group
called tap, but I never connected the dots.
V/r,
Bryan
On Mon, Aug 28, 2017 at 6:52 PM, Mike Larkin wrote:
> On Mon, Aug 28, 2017 at 06:48:20PM -0400, Bryan Harris wrote:
>> On Mon, Aug 28, 2017 at 6:18 PM, Mike Larkin wrote:
>> > On Mon, Aug 28, 2017 at 06:03:16PM -0
On Mon, Aug 28, 2017 at 6:18 PM, Mike Larkin wrote:
> On Mon, Aug 28, 2017 at 06:03:16PM -0400, Bryan Harris wrote:
>> If the vio is connected to the virtual switch, and the switch is
>
> But the vio(4) interface isn't visible to the host. So what you said there
> d
Hi folks,
I am in the learning process about vmd. When I read the vmctl(8) man
page I have incorrectly got the idea that I can have a VM that has a
vio interface but without a mapping to a host tap interface, simply by
omitting the -i option from the "vmctl start vmX" command. However,
if I read
I had the same issue with boot option in vm.conf and never solved my
difficulty using the vm.conf file itself (I assumed I must have
misunderstood the doc). Instead I used the command line option for vmctl
starting the machine. After I installed the O/S using bsd.rd I did not
need that option any
After reading this thread I wondered why haven't I gotten an update in a
while. So I checked and syspatch -c show no output but found it had a 1
return code. It turns out my URL in /etc/installurl was no longer a valid
mirror for some reason (didn't investigate, just fixed). I suppose it's a
goo
On Linux I have mounted another fs inside the user's home folder (it is
mounted twice). I don't know if OpenBSD has that feature.
On Wed, Jun 14, 2017 at 6:38 AM, Ville Valkonen
wrote:
> Hi,
>
> one option is to use local nfs mounts. That's what I've done.
>
> --
> Regards,
> Ville
>
>
> On Jun
26 matches
Mail list logo
