14 Nov 2024 02:07:02 Aaron Mason :
> I heard these articles may be written by AI. QuillBot says 82% likely
> for the SFTP article.
hmmm, What happens when the next generation of "A.I" trains on the previous
generations nonsense. Or do they analyse and ignore their own nonsense, lol.
22 Oct 2024 11:07:09 Martin Schröder :
>> What would happen to Linux?
>
> Probably Greg would take over.
Linux would be in trouble if that happened.
Any thoughts on the security and performance of CHERI. The claim is making
existing C codebases memory safe with insignificant modifications to the code
being required.
https://www.cheribsd.org/
19 Aug 2024 02:29:39 Henry Ford :
> Have you enabled the intel driver in xorg.conf?
> I had this same issue, and switching back to the default modesetting
> driver fixed it for me.
I have the same issue on the latest snapshot kernel #266 on a thinkpad t410
with no xorg.conf used.
regards, kc
I'm not sure if this is a pipe dream but atleast I imagine the filesystem API
and /proc avoidance is likely possible.
"https://github.com/AppImage/AppImageKit/issues/98";
Ignore this. Sorry for the junk thread.
Apparently there is a touchpad disable button that I hit whilst trying to work
out why the OpenBSD compatible wireless cards Windows driver isn't working with
Windows.
Unfortunately due to covid the following machine hasn't been updated a great
deal.
The touchpad works in Windows and used to work in OpenBSD but now no movement or
button presses have any affect.
> OpenBSD 7.0-current (GENERIC.MP) #133: Tue Nov 30 00:53:23 MST 2021
> dera...@amd64.openbsd.or
In case you missed Stuarts email that also mentioned that you were booting
the uni processor kernel. Then I will re-mention that HT, if still
re-enabled by you, was disabled by default for security reasons (hunch) on
OpenBSD. Linux came to realise issues later, but decided to stick with
insecure by
On July 20, 2021 10:35:55 AM UTC, Kevin Chadwick wrote:
>On Mon, 19 Jul 2021, 12:47 Christian Weisgerber,
>wrote:
>
>> Look guys, it's simple.
>>
>> If you want IPv6 (SLAAC) autoconfiguration, you set "inet6 autoconf"
>> for that interface.
On 7/6/21 12:27 PM, Valdrin MUJA wrote:
> Hi Folks,
>
> I want to add a small password protection mechanism to
> "boot -s" (single-user mode).
>
> Therefore, I'm working on /sys/stand/boot/boot.c, I've written
> some code in boot.c, and run "make", "make obj", "make install"
> in /sys/. However
>
>
> There is just small ACK packets left. I wonder what is solution for
> small packets in OpenBSD
Checkout set prio in pf.conf...TCP ACKs with no data payload
On 2/15/21 2:14 PM, Ed Ahlsen-Girard wrote:
> I am confident that I can speak for for ... a non-zero number of
> people who use sysupgrade the way it says to on the box and would miss
> it if it went away.
+1
Even though it is a little surprising that some people don't realise how easy it
is
If rather than setuid, a root process calls
setgroups(1000)
setresgid(1000, 1000, 1000)
setresuid(1000, 1000, 1000)
Is there anything to worry about in regard to the caveat in execve(2)?
"If a program is setuid to a non-superuser, but is executed when the real uid is
"root", then the process has
On 1/21/21 3:06 PM, Theo de Raadt wrote:
>> This is just testing with the most permissable settings.
> That statement is wrong. The most permissable setting is to not use
> pledge, and use full POSIX.
>
True, perhaps that explains it. I should have done more testing and not assumed
it might be a
On 1/21/21 2:58 PM, Kevin Chadwick wrote:
>>>840 beep CALL pledge(0xcf4000,0xcae384)
>>>840 beep STRU promise="stdio rpath wpath cpath dpath tmppath inet
>>> mcast fattr chown flock unix d\
>>> ns getpw sendfd recvfd tape
On 1/21/21 2:54 PM, Theo de Raadt wrote:
>>> Run your code under ktrace and see what is actually passed to pledge(),
>>> that might give some clues.
>>>
>>>
>>840 beep CALL pledge(0xcf4000,0xcae384)
>>840 beep STRU promise="stdio rpath wpath cpath dpath tmppath inet
>> mc
On 1/21/21 2:18 PM, Stuart Henderson wrote:
> Run your code under ktrace and see what is actually passed to pledge(),
> that might give some clues.
>
>
840 beep CALL pledge(0xcf4000,0xcae384)
840 beep STRU promise="stdio rpath wpath cpath dpath tmppath inet mcast
fattr c
I can live without exec promises. However I believe I have stumbled across an
issue on 6.8 and current.
When I try to exec /bin/sh where promises is a string of all possible promises
from the man page and the second parameter is exec promises.
unix.Pledge(promises, "")
I get
sh[97964]: pledge "s
On 1/19/21 10:59 AM, Kevin Chadwick wrote:
> Sorry, I think that I must have ran groupadd first which brought users and
> groups IDs, out of sync.
Ok, after failing to reproduce it this morning;
With admin safely jumping to 1020,
I worked it out.
groupadd elansys
useradd admin
userdel
> For example, does 'admin' exist in /etc/passwd? What does "grep elansyssftp
> /etc/group" return?
I had played a little. So it shows /bin/ksh and test user etc.
/etc/passwd
admin:*:1018:1018::/home/admin:/bin/ksh
/etc/group
admin:*:1019:
elansyssftp:*:1018:test
Sorry, I think that I must h
When I run the following commands, the elansyssftp group isn't populated. Yet
using a differently named group seems to work. I seem to have been able to do
so, on two different systems.
useradd -m -s /sbin/nologin -p `cat /etc/ssh/ssh_host_ed25519_key.pub |
/usr/bin/encrypt -b a` admin
groupadd el
On 10/29/20 5:20 PM, Kevin Chadwick wrote:
> I believe it actually operates at layer 2/3 below IP and uses the default gw
> IP
> to decide where to operate for a peer to peer link.
I'm not actually sure how that makes any sense as it uses UDP which is layer 4.
But this says l
On 10/29/20 4:00 PM, Pierre Emeriaud wrote:
>>> Is there a reason why wg needs such a large bind?
>> I don't know why wg does that, because I haven't looked at the code.
>> Your configuration is definately pushing the limits.
> Allright many thanks Theo. Maybe Jason can chime in on this topic.
I b
On 2020-08-17 06:06, Stuart Henderson wrote:
>> With the recent news. I decided to take a look again at Firefox and after a
>> days
>> use on multiple systems, it even seems to be faster than Chrome.
>>
>> I notice significant work on pledge support. Does anyone know if it's
>> comparable
>> to C
With the recent news. I decided to take a look again at Firefox and after a days
use on multiple systems, it even seems to be faster than Chrome.
I notice significant work on pledge support. Does anyone know if it's comparable
to Chrome on that front now or still held back by not being designed wi
Has anyone else noticed stalls when using a https link in /etc/installurl.
I found that downloading the following file works fine in Chrome but stalls at
128K every time via ftp before completing a significant time later.
https://ftp.heanet.ie/pub/OpenBSD/snapshots/packages/amd64/bzip2-1.0.8.tgz
With this patch I have been able to bring the device down and back up with a
subsequently successful dhclient and http download.
Annoying how quirky and poorly documented, chips often are!
Thank You
On 2020-06-29 08:35, Kevin Chadwick wrote:
> After leaving this up all weekend, the issue seems to have occurred without an
> ifconfig down command too. Though the down triggers it immediately.
Perhaps it's a hw issue. I have tried updating the coreboot firmware to see if
it helps
On 2020-06-29 07:36, Stefan Sperling wrote:
> There is one interop problem in 6.7 which has been fixed in -current
> by reverting a change which was committted between 6.6 and 6.7:
> https://marc.info/?l=openbsd-cvs&m=159100149411516&w=2
> Perhaps that applies to your situation? Could you check if
After upgrading via sysupgrade for a few releases, I have had to cold boot to
get dhclient athn0 working on an ar9280 in client mode.
Since my latest upgrade to a snapshot of Jun 17 kernel #275 with the previous
kernel being from Jun 2nd #237. I seem to have to cold boot after running
ifconfig ath
On 2020-06-14 13:58, Kevin Chadwick wrote:
> set reassemble yes no-df
> match scrub (random-id max-mss 1389)
>
> Should I drop the no-df from set reassemble? Any other recommendations
> welcome?
To be clear. Previously, with scrub (no-df... the set reassemble line was
missing/default.
We are basing the server part of our products on OpenBSD.
We care more about reducing support issues than say performance.
We will have batteries but I hope to deploy some kind of root partition
redundancy, for upgrades.
However, Is sync or softdep a better default for the best chance of avoidin
On 2020-06-11 23:47, Dirk Coetzee wrote:
> I always thought that 'sync' mount option is enough to avoid corruption of
the FS.
> Am I just "fooling" myself ?
> I guess it boils down to a matter of preference and business requirements.
>
> "slow writes" vs "no writes".
It's a good point, per
On 2020-06-02 23:27, Chris Narkiewicz wrote:
> Somebody on StackOverflow advised on modifying /etc/rc
> and run bioctl before disks are mounted, but I'm not sure
> if this is a right approach, especially that attaching
> more disks might change the /dev/sd* numberign.
That would cause yourself mai
On 2020-06-01 13:30, Theo de Raadt wrote:
>> I wonder, if 99% of users just use /etc/ssl/cert.pem? whether a flag that
>> breaks/enables other use cases (removes capath support at runtime), might
>> work?
> I guess you don't understand unveil. You didn't understand what Stuart
> just said *at al
On 2020-06-01 11:20, Stuart Henderson wrote:
> We went through this earlier when unveil was added to nc. The way capath
> directories are often populated in the real world is not compatible with
> unveil, you would need to resolve all files in capath, recursively resolve
> symlinks, and add the cha
On 2020-05-28 18:38, Amarendra Godbole wrote:
> It indeed is written by someone lacking knowledge about everything. It
> is funny, and gave me a good laugh - the comments are even funnier!
Be aware that the author deletes your comments and replaces them with his own,
under your name, whilst hiding
On 2020-05-28 14:40, Michael Steeves wrote:
> but I'm wondering if there's some other way to get any more detail out of the
> laptop about what's going on?
ifconfig has a debug flag.
A packet capture from another device with monitor mode, may be a helpful option
too. e.g. iwm or athn
http://open
>> Is there any sort of supported way of wiring up login_duo with
>> OpenSMTPD and Dovecot, or using bsdauth in some way to enforce a
>> second auth factor?
>
>bsdauth isn't really setup for multi factor, the only way I've seen
>this
>done is splitting the password field into a fixed-length OTP a
On 2020-05-21 09:55, Anders Andersson wrote:
>> I am a huge fan of minimal and custom installations
>> as I mostly use OpenBSD to host simple HTTP servers.
> ...
>> I would like to get your opinion on that.
> From what I've seen, those goals are not compatible with OpenBSD, as
> in: You're just mak
On May 20, 2020 9:31:19 PM UTC, Edgar Pettijohn wrote:
>On Wed, May 20, 2020 at 08:48:20PM +0200, Valdrin MUJA wrote:
>> Hi Misc,
>>
>> I have an interactive shell program which has an authentication
>section and I want to login via my program. How can I do that?
>>
>> Actually I want to run thi
The unveil man page is perfectly correct and it is not hard to test it's
behaviour.
I just wonder if it may aid unveil adoption in languages other than C, if it
explicitly mentioned that exec is not required on a dir to allow reading the
files within, e.g. if the dev is more used to filesystem pe
On May 11, 2020 7:27:49 PM UTC, i...@aulix.com wrote:
>Please let me know, what are analogues of SELinux and AppArmor in OBSD
>
http://www.openbsd.org/mail.html
You are supposed to "do your homework" and try googling and searching the
mailing list archive before asking questions.
Clearly you h
Here's a game.
Name as many operating systems as you can that encrypt the page file or swap
space by default?
On 2020-05-09 16:25, i...@aulix.com wrote:
> Note: Since these MS / U.S. government keys are deeply sticking in Intel XEON
> processor hardware, it doesn’t play a role, what other OS you install or boot
> afterwards: Debian/UBUNTU Linux, OpenBSD, … If your software uses Intel
> AES-NI hardware e
On 2020-05-09 14:34, i...@aulix.com wrote:
> D-waves has too uncoupled qubits if I understand it correctly, it is nothing
> to do about qubits quantity as we used to think about it. Like a "cluster" of
> completely isolated hosts (which is already not a cluster or course).
I don't care for the d
On 2020-05-09 14:31, i...@aulix.com wrote:
> guessed by quantum provided session symmetric cipher is strong enough?
Quantum does not break any in use today and AES-256 symmetric is expected to be
quantum resistant in any case.
I personally prefer AES-256 ctr over the more complex GCM. I am not a
On 2020-05-09 07:41, Martin wrote:
> This one
> https://www.tomshardware.com/news/d-wave-5000-qubit-first-sale,40470.html
> is the most powerful 5000qbits quantum computer sells nowadays.
D-waves definition of qubit is different and their machines will never be
capable of breaking public key cryp
On 2020-05-09 07:41, Martin wrote:
> This one
> https://www.tomshardware.com/news/d-wave-5000-qubit-first-sale,40470.html
> is the most powerful 5000qbits quantum computer sells nowadays.
>
> Moreother, D-Wave opened online service to access 5000qbit remotely for
> solving 'special' tasks which
On 2020-05-07 14:48, Aisha Tammy wrote:
>> I wouldn't want to read an OS written in Rust and I would love to see secure
>> developments in C even if it hampers potential performance. Things like Go
>> are
>> not suitable for an OS with many small programs.
>>
> Curious about why... though admitted
On 2020-04-21 17:54, Kevin Chadwick wrote:
>> Nope, it's definitely the wrong place to fix things.
>>
>> You should fix your pipes (change the timeouts or whatever).
>>
>> If worse comes to worst, pkg_add could *possibly* retry running ftp(1),
>> but th
On 2020-05-07 14:10, Consus wrote:
> On Thu, May 07, 2020 at 04:00:15PM +0200, i...@aulix.com wrote:
>> Dear OpenBSD fans,
>>
>> Can you please comment negative appraisal from the following website:
>>
>> https://isopenbsdsecu.re/quotes/
>>
>> I did not want to hurt anyone, just looking for a secur
On 2020-04-30 13:55, Chad Hoolie wrote:
> Any idea about relayd though? I don't see any mentioning of 1.3 in man
> relayd.conf:
I'm not a dev but tls1.3 dropped RSA and I think requires ecdsa key support that
relayd currently lacks.
Although httpd was originally based on relayd. I assume the cod
Go/Golang can cross compile non graphical programs for many systems including
OpenBSD from Windows etc.
This means that web apps can be almost as cross platform. Of course the browser
isn't so easily built/bundled cross platform with many app creation technologies
supporting OSX, Windows, Linux an
der
>
> There's also the https://www.playonbsd.com/ website that has more
> information on gaming with BSD systems.
>
Both very cool
> Kevin Chadwick wrote:
>> Not sure but there wouldn't be much incentive anyway as there
>> aren't many steam games
On 2020-04-20 22:47, Marc Espie wrote:
> Nope, it's definitely the wrong place to fix things.
>
> You should fix your pipes (change the timeouts or whatever).
>
> If worse comes to worst, pkg_add could *possibly* retry running ftp(1),
> but that makes little sense.
I agree ftp/tcp should be re-
> There are some unavoidable complexities to the sheer size of the tree,
> and the necessities of updates not to fail...
I have noticed recently that I occasionally get a gz truncated message (I think
due to tcp timeout) and then the dependent package doesn't get updated. I then
re-run pkg_add -
On 2020-04-14 09:21, Stefan Sperling wrote:
> Regarding other chipsets, if you want the fastest possible AP on OpenBSD
> your best option right now is to get a bwfm(4) device, which offloads almost
> all of its 802.11 operation into a firmware blob running in the embedded
> system on the device.
I
You can also install Windows after and boot OpenBSD quite easily by following
the faq. This is not easy on grub/Linux as grub is greedy. Atleast the guides
that I found for grub/Linux, failed to work. I have no interest in running Linux
these days though and little interest then. I had the notion t
On April 12, 2020 7:07:01 PM UTC, Patrick Harper wrote:
>The effort to support Chromium and Firefox (sans ESR) on OpenBSD akin
>to Windows/macOS/'Linux' has not happened.
On atleast current as Theo showed, Chromium is just as well if not better
supported on OpenBSD than on Linux, these days.
I
Not sure but there wouldn't be much incentive anyway as there aren't many steam
games that run on Linux!
> Now this whole debate boils down to "how much effort is someone willing to
> invest
> into hacking Cord's computers?", and that's something I can't answer.
And how competent Cord is at defending his computer because they may not be able
to if he is competent enough, which is my point; It is
On 2020-04-09 10:55, Rudolf Leitgeb wrote:
> My point was, that security is an ongoing effort. Flaws and new
> exploit venues are discovered. There will be different numbers
> of flaws for different operating systems, but none remains unscathed
> for years. As soon as your server does anything usef
On 2020-04-08 18:39, Claus Assmann wrote:
> - Client-side exploitation: This vulnerability is remotely exploitable
> in OpenSMTPD's (and hence OpenBSD's) default configuration. Although
You missed some out. I assume on purpose.
Client-side exploitation: This vulnerability is remotely exploitabl
On 2020-04-08 18:02, Rudolf Leitgeb wrote:
> A public facing server with ftp, http, smtp and sshd would have had to be
> patched
> in regular intervals to remain reasonably secure.
False, even though you have lowered the bar from "anything/everything is
hackable".
httpd and libressl have done q
On 2020-04-08 12:08, Rudolf Leitgeb wrote:
>> I believe that is false too.
> You're kidding, yes? Did you somehow miss the opensmtp hole?
>
> https://poolp.org/posts/2020-01-30/opensmtpd-advisory-dissected/
OpenSMTPD does not listen to the internet, by default and even if you do set it
to, it onl
On 2020-04-07 18:21, Rudolf Leitgeb wrote:
> You have no chance defending your desktop against each and every attacker, no
> matter
> which operating system you have running.
True if you consider physical attacks and for most hardware, otherwise mostly
false. Anything can be hacked is also one o
My upgrades usually follow chromium pkg upgrades. In fact, I have a script on
my phone that greps the chromium pkg version. I test on my own laptop first.
On 2020-03-17 02:48, Aaron Mason wrote:
> It's worth noting that httpd didn't go over ~30% in the test, whereas
> the Go web server absolutely slammed the system.
I wonder if this is linked to Go's concurrency.
Personally I would look into tweaking httpd defaults and relayd as GOs net/http
runs e
On 2020-03-04 11:38, Ottavio Caruso wrote:
> Probably not what you were looking for but, back in the days when I
> was ultra paranoid about my web browsing, I used to use stripped down
> live usb installations of Linux distros (DSL was one of them that I
> remember). I ignore if OpenBSD comes with
On 2020-03-04 01:06, whistlez...@riseup.net wrote:
> in the following message:
> https://marc.info/?l=openbsd-misc&m=158110613210895&w=2
> Theo discourages to use unveil instead of chroot.
> I asked if he suggests the same for the browser but he asked that chroot
> is onlye for *root*.
I thought t
On 2020-02-17 15:09, Julius Zint wrote:
> Some feedback from the OpenBSD community on this would also be appreciated.
> Are there
> enought people interessted in a Trusted Boot with OpenBSD?
I'm interested
On 2020-02-08 16:40, Otto Moerbeek wrote:
> When booting, the contents of the existing dmesg buffer are examined.
> If the current contents are deemed to be a dmesg, it is not cleared.
> It's possible the (random) contents of the buffer are seen as valid by
> chance and are thus regarded as dmesg c
On February 8, 2020 2:24:21 PM UTC, Justin Noor wrote:
>I have the same output on a Protecli firewall device (it’s not in
>production yet) running 6.6 stable, and have yet to figure out what it
>is.
I have seen similar on an intel i3 but then it has just been short term
(snapshot or maybe partic
>
>> I am considering replacing all chroot use with unveil in my processes even
>> where
>> no filesystem access is required.
>
> I am discouraging this.
>
> unveil is a complicated mechanism, and we may still discover a bug in
> it.
>
> Almost all the chroot in the tree are to empty unwriteab
On 2020-02-06 07:56, mabi wrote:
> Thanks Mischa! I should have thought about that but I couldn't remember
> having done this with previous APU models and OpenBSD versions.
I expect you known but you can add this into /etc/boot.conf
I also recently forgot or found I had to edit /etc/ttys too to g
I am considering replacing all chroot use with unveil in my processes even where
no filesystem access is required. Is there any guidance on whether that is the
best practice, where you only intend to run on OpenBSD?
On 2020-02-06 07:59, Charlie Burnett wrote:
> I apologize if this was a question I've somehow missed the answer to!
OpenBSD takes a more fine grained approach in isolating functions rather than
whole programs ideally by the person best suited to do the job (the program
developer). Isolating whole
On 2020-01-31 12:16, KatolaZ wrote:
> For instance, golang has had native support
> for pledge(2) and unveil(2) for a while now.
The semantics are a little different to C unveil but it certainly works and
bundled by default in the golang.org/x. Not sure the documentation is great.
It's a little i
On 2020-01-30 10:57, Handreas wrote:
> "Can't say much for the performance of a suite of servers which have
> all been taken down to handle the security threat du jour."
>
> Repeat it again?
> https://www.qualys.com/2020/01/28/cve-2020-7247/lpe-rce-opensmtpd.txt?_ga=2.120267019.2069438099.15803818
On 2020-01-29 13:07, Oriol Demaria wrote:
> I understand that root might be required to open privileged ports, but then
> how commands are run as root when you exploit opensmtpd vulnerability?
Giles has said further information is coming but it root isn't just required for
privileged ports but al
On 2020-01-27 19:13, Patrick Kristiansen wrote:
> Is there something like the FreeBSD daemon(8) command for OpenBSD, which
> can run a process in the background and restart it if it crashes?
Of course init does this for getty but as others have pointed out, restarting
daemons listening to the netw
On 2019-12-31 14:10, Kevin Chadwick wrote:
> I believe the mail boxes are chrooted into too.
Actually that may be incorrect with the chroot being more broad than that as
they should be owned by root otherwise!
On 2019-12-31 13:13, Eike Lantzsch wrote:
> I regret having mentioned fetchmail.
> It happens as part of setting up dovecot with virtual users.
Do you need virtual users. I saw all the guides recommending this and wrote
scripts to manage system users instead. Every box is owned by the login user a
On 2019-12-31 05:19, g...@isdaq.com wrote:
> he completely misses the mark.
> rather than think "hmm 75% of commits are only 20 chars or less which seem
Having watched the video now, that particular part of the talk is poor. He
doesn't seem to even know that stable exists. My original thought was
On 2019-12-30 13:09, Gustavo Rios wrote:
> Is qmail dead ?
>
Not Dead (I would hope the original unpatched verson is)
https://www.fehcom.de/sqmail/sqmail.html
> Does anyone here use openbsd with qmail+ldap ?
>
I switched to OpenSMTPD
> I liked the presentation. An excerpt from https://isopenbsdsecu.re/about/:
>> This website was done because studying mitigations is fun, not to get
>> involved in a huge flamewars or endless bike-shedding on mailing lists.
It is not my place to comment, however I will say that it did not rea
>Agree this is likely the problem, unfortunately in PHP-land sometimes
>you can't avoid it. For platforms such as Drupal (just to pick an
>example I am familiar with) some of the modules will run shell commands
>to do things such as send email.
>
>Allan
The php mail() function runs /bin/sh sendm
> Even after many tries, I have not yet been able to corrupt the
> filesystem so fsck cannot repair it without manual intervention.
Another less severe corner fail case I have found is that on a couple of buggy
386 laptops (that will be replaced soon anyway) with temperamental over temp
shutdown
Whilst getting current packages from the leaseweb mirror. I kept getting a stall
followed by poll:hangup with 6.5 openrsync -v -a --delete
Eventually all the packages download as it gets further each time.
I tried building the latest openrsync from the current src tree still on 6.5 but
I get the
>FFS isn't a journaling filesystem so any 'wear', even on primitive
>flash storage, won't be enough to worry about.
I disagree, depending on a few variables. If you can't get a better device then
be prepared to replace the storage or count writes and create new files,
keeping the old. KARL and
On 5/31/19 5:28 PM, Ted Unangst wrote:
> Kevin Chadwick wrote:
>> Does anyone debug golang on OpenBSD and can advise on llvm/gcc or provide any
>> other insight?
>
> I just use log.
>
Yep, not missing a trick then and apparently the old recommendation, Thanks all.
It seems delve which is suggested by golang.org due to optimised binary support
expects a Linux /proc and Linux threads (FreeBSD delve github issue tracker). So
I guess without delve then building unoptimised binaries would be required which
is possibly to be expected when debugging. I'm not sure t
On 5/24/19 8:30 PM, Jean-Francois Simon wrote:
> Hi,
>
> Out of interest, I'd like to let you know a specific use of OpenBSD with PF,
> in
> virtualbox, 2 virtual network card Bridged to physical NIC, and building up a
> subnet with NAT and hence running Packet Filter as the machine's firewall.
>
On 4/25/19 9:27 PM, Christian Weisgerber wrote:
> ... and this has now been supplanted by /usr/sbin/sysupgrade.
How difficult would it be to have a sysupgrade flag to make the upgrade newfs
/usr, to save having to rm the files shown in upgrade.html. (I guess it should
work for all users with sane
On 4/27/19 8:23 AM, Otto Moerbeek wrote:
> Additionally, in many cases using a symlink has unclear effects, since
> it is hard to determine if the first malloc call (malloc inits itself
> on first use) happens before of after the chroot call. I would argue
> that in many cases people were thinking
On 4/4/19 10:57 AM, Cord wrote:
> Hi, my english seems very bad because my problem is not to make secure the
> ssh key. My problem is how do not be hacked.
> I have talked about the ssh key stealing to show signs that my pc was been
> compromised.
> I can for sure make secure my ssh key but how t
On 1/7/19 9:47 AM, Mihai Popescu wrote:
> Hello,
>
> Each first time i start chromium after reboot, i get this error:
> libGL error: failed to open drm device: No such file or directory
> libGL error: failed to load driver: r600
>
Your user(s) needs access to atleast /dev/drm0, if you want bette
On 11/22/18 9:24 AM, Karel Gardas wrote:
> in an attempt to update today from ftp.spline.de I've been kicked out
> after -current update with pkg_add -u complaining about wrong libc
> versions. Packages complains like:
Likely you have a snapshot or packages out of sync. The packages take a lot
lon
On 11/21/18 4:00 PM, Gerhard Schweiger wrote on bugs@:
> Then comes in openbsd 6.1 amd64, and now the same huge speed difference
> between with or without encryption as found on OpenBSD 6.4.Is there any
> tweak I could test or is this just bad luck on my VPS or something else?
> Speed goes down so
1 - 100 of 893 matches
Mail list logo
