John wrote:
On the wider 'it could be considered political' point - it's time
everyone in or near tech understand that pretty much everything is
political, including technology.
If the OpenBSD Foundation want to avoid 'party political' - sure,
understandable. But 'anything' political? Impossi
Phil wrote:
I guess an an appropriate boot block needs to be installed on the second
disk (I don't know how to do that either). Also I would guess /altroot
would need to be temporarily mounted after each backup to swap the
parameters in the "/" and "/altroot" lines. I'm not knowlegeable enough
t
Jesse Lawton wrote:
Hi, theres probably a simple anwser for this but when I run a service on
my OpenBSD laptop on my LAN I can't access it on other computers in my
LAN.
E.g. I put up a web server on 192.168.1.2 but can only access it on my
laptop.
Any help appreciated.
Thanks
Jesse Lawton
Q
I have a production site with lots of rules which look like:
location "/someplace/*.ext" { pass }
location "/someplace/something.ht*" { block }
Paul Pace wrote:
I just discovered that location block rules in httpd.conf can only be on
separate lines. For example, the following does not pass th
Jonathan Thornburg wrote:
And a related question: I have a pool of ~10 external USB3 backup
disks (all consumer-grade WD or Seagate 2.5" spinning rust, either
2TB or 4TB capacity each), all currently setup with FFS2 filesystems
on top of softraid crypto (/bioctl -c C/). Each backup is to a si
Nick Holland wrote:
If you really want to arrange the deck chairs on the Titanic, get a drive
a lot bigger than you need (say...250G for a firewall), allocate 20GB of
that for your FW at the front of the disk. In a year, replace that first
20G partition with a new one, in the next 20G of the dis
Give aide a try. It isn't exactly a security(8) replacement but it is
fine for detecting filesystem changes.
chrootkit and rkhunter are also fine for detecting suspicious activity
and tracking critical filesystem changes, but adapting them to your
environment might take some work.
Allan Stre
Plenty options here.
I usually either dump the files from the phone to an external pen-drive
(which requires you to have an USB-OTG cable and your phone to support
OTG) or launch an FTP server from Android and download the files into my
OpenBSD machine using an FTP client.
FTP Server is avai
No perfect solution exists, but the following may help.
1) Parse the logs of your web application and ban any IP that attempts
to create multiple accounts. Not great because you may have multiple
users sharing the same public IP. It only works ok if you automate it
via cronjob scripts.
2) Re
Personally, I'd just have your encrypted filesystem not listed in
/etc/fstab at all, since it can't be mounted without attaching the
softraid device manually anyway. Since the password is needed in every
case, just attach the softraid device with bioctl and mount the
filesystem with mount when
Wild guess:
When a request is made against a picture in /storage/, it triggers the
location not found * rule.
The rewritten request does never hit the location "/storage/*" rule
because it now requests /index.php$something instead of any object
within /storage.
Try placing a matching /stor
Stuart Longland wrote:
It's also dead because how how things are being run there. It's a site
for misinformation. "OpenBSD 7.5 is released" isn't misinformation,
it's fact, so has no place on twitter.com or x.com. It's also news
about an open-source free-software project, something that also
An option I can think about is downloading the upgrade kernel and
booting from it, instead of using sysupgrade. The upgrade process will
let you select which sets you want to install and which ones you want to
exclude.
In practice, I think you are better off just installing all the sets and
b
Stuart Henderson wrote:
> Just use a different VCS, for example svn or git. /usr/ports/mystuff
> is listed in .cvsignore in the repository so they don't conflict, and
> there is special handling in ports infrastructure. The directory
> layout underneath it should be as with the main ports tree i.e
Marc Espie wrote:
> On Fri, Oct 15, 2021 at 10:25:17AM -0000, Rubén Llorente wrote:
>> Hi there!
>>
>> I am wondering how does people around here keep local branches of the ports
>> tree for personal use.
>>
>
> Put your own ports into mystuff...
>
Hi there!
I am wondering how does people around here keep local branches of the ports
tree for personal use.
The reason I am asking is because I keep some patched ports which are suited
to solve my problems, but not suited (or useful) for submission to the
official ports tree. Ideally I would upg
primary function
expected from it.
Since interest in having this working is low I am
staying with my workaround of using kwalletd5 instead.
If anybody is willing to debug this problem further I
am willing to provide more information.
Rubén Llorente wrote:
> I have reproduced the issue in Flux
ttps://somedomain.invalid/:0";
chunk "0" "Unknown error"
"Unknown Error" is returned by qtkeychain when unable to operate its
backend.
Either there is a problem with libsecret or the PEBKAC level is
astronomical at this point.
Rubén Llorente wrote:
> Hel
Hello there!
I have been testing some machine for deployment as a workstation. I have set up
XFCE4 as a desktop environment (which is launched by my .xsession file). I have
also set nextcloudclient and installed gnome-keyring-daemon.
I have found that Nextcloud Client is unable to leverage gnom
Hello!
I am porting a stupid program to OpenBSD and found a roadblock.
The program is a terminal game launcher. It is intended to serve roguelike
games over telnet or SSH.The main project site is
http://github.com/paxed/dgamelaunch.
So far I have sanitized the autoconf config file to use OpenB
Hello everybody.
I have been porting a stupid old program to OpenBSD. I hit a bit or a
road block because this program uses crypt() but the man page at OpenBSD
is not clear enough regarding a couple of details.
Specifically: the man page does not provide a clear explanation of the
format in which
wrote:
> On 2020-07-29, Rubén Llorente wrote:
>> Thank you for the advice. I will search for those ones and see what I can
>> find.
>>
>> I still need to solve the printer issue. So far it looks like receipt
>> printers use very simple interfaces. Somebo
That sounds cool.
I was considering a network printer, whit the POS here is not going to be
networked.
Out of curiosity, which printer it is that you are using?
ibs...@ripsbusker.no.eu.org wrote:
> So I would not need to deal with USB printers anymore, I got a thermal
> printer with an ethernet
sure you can get the documentation for it, as these are
> often configurable (eg. continuous vs. triggered scanning) via scanning
> special barcodes.
>
> John
>
>
> On Sun, Jul 26, 2020 at 07:20 Erling Westenvik
> wrote:
>
>> On Sat, Jul 25, 2020 at 08:47:48P
Hello,
I am considering to set a Point of Sale (POS) solution for a small
business. Given the chance I'd like to use OpenBSD for it. It is
supposed to be very basic and the software would be a web application
running in a remote server. No pole screen or cash drawer support is
required.
This leav
:
> [-- text/plain, encoding 8bit, charset: utf-8, 61 lines --]
>
> Hi
>
>>From: Rubén Llorente
>>To: misc@openbsd.org
>>Subject: Re: pass 'password manager' problem
>>Date: Fri, 21 Feb 2020 16:22:37 - (UTC)
>>
>>Do you have a ~.gn
Do you have a ~.gnupg/gpg.conf ? Pass works fine for me.
Shadrock Uhuru wrote:
> [-- text/plain, encoding 7bit, charset: utf-8, 6 lines --]
>
> running 'pass username' returns
> "gpg: Sorry, we are in batchmode - can't get input",
> am i missing a piece of software or setting ?
>
> shadrock
>
Hi there.
I have yet to see a smartphone I would trust with anything important.
Nowadays I have a real laptop for computer stuff and leech free wifi, and a
Nokia feature phone from 2016.
I tried to get an Android phone into a "secure state" by replacing the OS with
LineageOS, but the Android b
If it is for your personal use only, you can have a look at the Opennic Project.
They have an alternate DNS structure separated for the regular DNS Root. They
provide Dynamic DNS for their .dyn unofficial TDL.
It is free of charge and you need no special client for it to work, only
ftp/curl/wge
Hello.
I am running a Java application that throws a non-fatal warning when used. The
warning states that, in order for the application to work properly, the JCE
Unlimited Strength Jurisdiction Policy files should be downloaded to
/usr/local/jre-1.8.0/lib/security
I used to think that OpenJDK alr
Nick Holland wrote:
> Now, I suspect (nb: I am not a cryptographer or SSH coder. But I sat at
> a table with one once, and was completely in awe) the key has to be held
> in unlocked form in RAM, so perhaps a very serious breach that allowed
> the raw access of system RAM might produce it...but wo
Eduard - Gabriel Munteanu wrote:
> Hi,
>
> It currently seems impossible to verify downloads from a computer
> without OpenBSD, for a few reasons:
>
> 1. No securely-distributed public key
> 2. Lack of signify packages in e.g. Linux distros, or
> securely-distributed sources
I have not used the
Dmitrij D. Czarkoff wrote:
> Webkit1-based browsers (Luakit, Midori, surf, Vimb and Xombrero) use
> unmaintained engine, so nobody fixes even known issues. People who care
> about security should probably avoid these.
I heard the developer of Surf (Webkit-1 based browser) say that he
suspects th
Giancarlo Razzolini wrote:
> It is really nice to finally see TLS on openbsd.org. How about redirecting
> http to https?
I dislike the idea.
An http->https redirect does not prevent a MITM by itself.
It also prevents the easy use of caching or proper proxies with the site.
Purely informative s
Giancarlo Razzolini wrote:
> It is really nice to finally see TLS on openbsd.org. How about redirecting
> http to https?
I dislike the idea.
For one, it does not stop a MITM by itself.
In addition, enforced encryption makes it hard to cache and/or use proper
http proxies with the site.
Pure
On Tue, 26 Apr 2016 12:32:22 -0400, stan wrote:
> Given that, most of the things we are doing with FreeBSD, Apache,
> Samba, NFS etc, do not concern me as to doing them with OpenBSD. but I
> am a bit concerned about the mailserver. We use it for internal mail,
> and it gets mail from a large vari
On Tue, 26 Apr 2016 06:15:22 +, David Lou wrote:
> When I say 'blog', I'm referring to a website that contains essentially
> many pages of content. Each content page has attributes such as title,
> date, category, tags, and so on. When a user browsers this website, the
> content pages are serv
37 matches
Mail list logo
