On 04/05/18 23:16, Luke Small wrote:
Can SSH and possibly other programs more easily able to report successful
connections so pf can make stricter bruteforce connection rejecting even
better?
See this paper, that might contain what you're trying to achieve:
https://www.sans.org/reading-room/wh
On 04/05/18 17:40, Marcus MERIGHI wrote:
I'm currently reading https://marc.info/?l=openbsd-misc&m=141435482820277
"crypto softraid and keydisk on same harddrive", 2014-10-26.
jsing@ had this patch, which was tested and worked for the OP - but was
not commited: https://marc.info/?l=openbsd-misc
Hello list,
What I'm going to describe will most probably sound very silly, but I
believe I have a reasonable use case. I'm trying to setup a machine with
full disk encryption using a partition of the same disk as a keydisk.
(take all the time you want to laugh, then carry on reading).
So I'
without wxallowed
- I mount /usr/local read-only
Also, I expect that in the future, less and less packages that I use
require /usr/local to be mounted with wxallowed. I agree, this last
point is not improving my security at all.
--
Etienne
On 01/03/18 14:39, Consus wrote:
It is more complicated than creating a file in a folder.
With a little luck it's not. Both NSD and BIND allow you to include
files in zone configuration like this:
[...]
The only problem here is #3, but it's possible to create e.g. another
pledged process tha
On 11/01/18 14:45, Andreas Thulin wrote:
in order to achieve paranoid disk-wiping?
I don't have a solution to offer for existing disks, but that made me
just think that it would be probably easy to create two partitions on a
disk, one that will be a keydisk
(https://www.openbsd.org/faq/faq14
On 03/01/18 18:54, Theo Buehler wrote:
On Wed, Jan 03, 2018 at 06:07:36PM +, Etienne wrote:
# cd /usr/src/etc && make release
[…]
sh /usr/src/sys/conf/newvers.sh
touch: version: Permission denied
/usr/src/sys/conf/newvers.sh[84]: cannot create version: Permission denied
You probabl
Hello list,
I'm a bit confused. I believe I have correctly applied the instructions
in release(8), but I hit this error when running "make release" in
paragraph 4, on unmodified sources:
# cd /usr/src/etc && make release
[…]
sh /usr/src/sys/conf/newvers.sh
touch: version: Permission denied
/u
On 29/07/17 12:04, Craig Skinner wrote:
What is the best tool to accomplish this these days? Is NSD the
"modern" tool to be using on OpenBSD?
When OpenBSD changed from BIND to NSD & Unbound, I found it simpler to
serve the private domain '.internal' on the LAN;-
An alternative is to use a s
On 13/07/17 09:36, Philippe wrote:
The best option to me was a reverse SSH. A script connect them
automatically to my server @home, opening a specific port so I can
connect to their computers.
It works, it's simple, they don't have to do anything, they even can go
anywhere I'll still be able to
On 2016-10-02 16:54, Peer Janssen wrote:
Goal: Upgrade a working soekris net4801 from OpenBSD 4.6 to 6.0.
First I copied the complete 256 MB SiliconDrive CF-Disk to a newer
SanDisk 8 GB Ultra one and rebootet, which worked smoothly and fine.
[...]
Is a system like the soekris net4801 not suppor
On 12/10/15 15:49, Etienne wrote:
[...] in X. setxkbmap(1) needs a device id as an argument, and I'm
supposed to find that id in the output of "xinput list", but that
output never changes, with the Yubikey plugged in or out. It
permanently shows:
% xinput list
⎡ Virtu
On 09/02/16 11:56, bytevolc...@safe-mail.net wrote:
I have noticed that some people tend to use "I have a doubt" with the
meaning "I have a question/issue/problem". This is different from
"I'm doubting" which means "I have no confidence in" or "I'm
questioning".
I think it is important to note
On 07/07/16 13:56, Ted Unangst wrote:
Etienne wrote:
My browser is behaving strangely, and I suspect it's hitting the limits
set in login.conf. Is there a way to log when a limit has been hit, what
the PID was, and more? I would happily spend the time to tweak them to
match my usage o
Hello list,
My browser is behaving strangely, and I suspect it's hitting the limits
set in login.conf. Is there a way to log when a limit has been hit, what
the PID was, and more? I would happily spend the time to tweak them to
match my usage of the browser, but I'm a little bit blind regardin
On 06/03/16 14:31, Raf Czlonka wrote:
May I know what's triggering it? I have something similar, but I need to
click on a button to run it.
/etc/apm/resume I presume :^)
man 8 apmd
Thanks.
On 06/03/16 05:12, Ray Lai wrote:
#!/bin/sh
if [[ $1 == "home" ]]; then
doas ifconfig run0 nwid foonet wpa wpakey ultrasecret
doas dhclient run0
fi
Yup. The goal of wifind is to do exactly this, the moment I resume my laptop,
without my interaction.
May I know what's triggering it? I
Hello list,
I came across that blog post
https://blog.filippo.io/untrusting-an-intermediate-ca-on-os-x/ and I
have been trying to find an equivalent way of doing so in
OpenBSD/LibreSSL, to no avail. Am I missing something?
Oh, and yes, I know, this should not be needed if we could really tru
On 2016-02-22 13:05, Kenneth Westerback wrote:
Documenting every conformance with DHCP standards in the man page is
unlikely to be popular. :-)
I guess it makes sense to document one thing in one place only. I just
wish I had known where to look in the first place. :-)
Cheers,
Hello there,
It seems to me that dhcpd is ignoring "option routers" when there is a
"option classless-static-routes" in the same configuration block. Ex:
with the following:
option routers 192.168.0.254;
option classless-static-routes 192.168.32.0/24 192.168.0.1;
dhcpd will start, th
On 01/24/16 21:55, Stuart Henderson wrote:
I'm not sure what failover options isc-dhcpd has, I haven't felt the
need for anything more than OpenBSD dhcpd's -y/-Y myself.
Maybe I don't either. Thanks for pointing this out!
--
Étienne
On 2016-01-22 12:40, Stuart Henderson wrote:
I'm running 5.8/i386 on this machine.
You are trying to use syntax for OpenBSD's dhcpd with ISC dhcpd from
packages.
That was it! Thank you so much, I was really confused.
It's a bit disappointing to see that ISC dhcp-options' manpage doesn't
o
On 01/22/16 09:02, Raf Czlonka wrote:
Is this by any chance because the above is not valid CIDR and should
have been, 192.168.32.0/24?
I just tried, I'm afraid it doesn't make any change.
Hi Étienne,
I don't think you've mentioned the release version of
On 2016-01-21 12:28, Raf Czlonka wrote:
I didn't add a prefix, it's been added in the log by the program
itself. My
config file looked like below:
option domain-name-servers 192.168.0.71, 192.168.0.149;
option classless-static-routes 192.168.32/24 192.168.0.1;
On 2016-01-21 12:28, Raf Czlonka wrote:
I didn't add a prefix, it's been added in the log by the
program itself. My
config file looked like below:
option domain-name-servers 192.168.0.71, 192.168.0.149;
option classless-static-routes 192.168.32/24
1
On 2016-01-21 00:27, Stuart Henderson wrote:
man dhcp-options(5) shows the option classless-static-routes, however,
when I use it, dhcpd fails to start and returns:
dhcpd: /etc/dhcpd.conf line 49: unknown option
dhcp.classless-static-routes
It looks like it should just be "classless-static-ro
Hello there,
man dhcp-options(5) shows the option classless-static-routes, however,
when I use it, dhcpd fails to start and returns:
dhcpd: /etc/dhcpd.conf line 49: unknown option
dhcp.classless-static-routes
I suspect this is just a mismatch between the documentation and the
options with
Hello there,
As far as I could find, the Yubikey is incompatible with my keyboard
mapping, and even the personalisation tool can't help. So I'm trying to
configure a different keymap for just for that device. That works fine
on the console with wsconctl, but I can't get it to work in X.
setxk
On 2015-10-09 16:04, Martín Ferco wrote:
I'm looking for alternatives to host our OpenBSD web frontends
off-site. Up
[...]
vcloud air, but haven't heard from him yet, and was starting to take a
look
at virtustream -- they seem to offer ESXi hypervisors as well as VMware
vloud air.
My two ce
On 2015-09-25 15:05, Stuart Henderson wrote:
Is there any chance that dig (src/usr.sbin/bind/bin/dig/) could be
build
with -DDIG_SIGCHASE to enable dnssec verification in future releases?
Where would be a proper place to request that?
I've just added this to the ports version of BIND (ports/n
Hello there,
Is there any chance that dig (src/usr.sbin/bind/bin/dig/) could be build
with -DDIG_SIGCHASE to enable dnssec verification in future releases?
Where would be a proper place to request that?
Cheers,
--
Étienne
On 2015-03-01 17:38, Kenneth Gober wrote:
FAT (and FAT32) would probably involve less experimentation. to bypass
the
limitations of FAT, I recommend using tar(1) and split(1).
tar cfC - /filesystem-to-back-up . | split -b 2000m
that will produce a tar file split into 2GB chunks named xaa,
Hello there,
Could anyone recommend which filesystem type to use when backing up a
few hundred GB of files from NetBSD onto a USB disk, planning to restore
them on an OpenBSD machine. I remember distantly that last time I tried
with FFS, it didn't work.
Cheers,
--
Étienne
On 2015-01-12 09:45, Jan Stary wrote:
Am Sonntag, den 11.01.2015, 20:45 + schrieb
etie...@magickarpet.org:
> Is there a way to have a different keymap in boot? Not that it's really
> necessary to type "boot bsd.rd", but it would be much more efficient
> when typing a passphrase to decrypt a
On 2015-01-12 15:49, Theo de Raadt wrote:
The underlying problem here is that the boot loader doesn't support
key=
maps.
And even if we hacked something together, it would be a significant
undertaking, since all the architectures are so different.
Thanks. That's what I thought, but I was hop
Hello list,
Is there a way to have a different keymap in boot? Not that it's really
necessary to type "boot bsd.rd", but it would be much more efficient
when typing a passphrase to decrypt a softraid partition to boot from.
Cheers,
--
Étienne
On 2015-01-05 19:51, Ted Unangst wrote:
I would like to know if there is any trigger in CARP, any way to run a
script on a CARP interface status change? I could monitor
/var/log/messages for that, but is there any cleaner, more efficient
way?
ifstated?
Thanks! Sorry, I promise, none of my se
Hello list,
I would like to know if there is any trigger in CARP, any way to run a
script on a CARP interface status change? I could monitor
/var/log/messages for that, but is there any cleaner, more efficient
way?
Cheers,
--
Étienne
On 2014-11-14 19:59, patrick keshishian wrote:
As I say, I never have had this issue with x120e, which I've
been using for over 3 years with OpenBSD, mainly following
snapshots.
Thanks for the info. Clearly, I need to open the beast for inspection.
Cheers!
--
Étienne
On 2014-11-14 18:56, Gregor Best wrote:
("93C" is just a typical value, I've seen any between 92 and 98). I
usually have just the time to log in before the system logs me out and
shuts down. This laptop normally runs at around 80??C, and I think the
temperature reading in OpenBSD is correct, bec
On 2014-11-14 18:27, Etienne wrote:
Hello list,
Sorry for answering to myself, that was my first post and I didn't
expect the attachements to be concatenated after my message. Please let
me reformat:
x100e# dmesg
OpenBSD 5.6 (GENERIC.MP) #333: Fri Aug 8 00:20:21 MDT 2014
Hello list,
I seem to have a little hardware related problem. I have been using a
Lenovo x120e for some time, and OpenBSD ran nicely on it until April. As
soon as I upgraded to 5.5, and from quite early after kernel loading,
the console started showing and repeating at regular intervals:
acp
cool, i'll look forward for getting a boxed copy... :)
any ideas where to find one of those in montreal ?
Regards and congrats for the release!
- erob
On April 17, 2009 12:37:22 pm Jean-Francois wrote:
> Absolutely *Splendid*
>
> As of today for order to France what is the channel ?
>
> Regard
On February 24, 2009 01:43:18 pm you wrote:
> All,
>
> I just forget the dot !! in the 'rm -r ./dev' so I have no /dev anymore
> on my server box.
> One can tell me if this is possible to backup the system without freshh
> install ?
> This is a i386 4.4 OpenBSD. One could eventually send me a way o
On Sat, 31 Jan 2009 13:03:11 + (UTC)
Stuart Henderson wrote:
> On 2009-01-31, Predrag Punosevac wrote:
> > I am seeking advice about the backup strategies and possible use
> > of CVS to accomplish this task.
>
> ..
>
> > I have seen a thread about 2-3 months ago on misc in which there
> >
On Thu, 11 Sep 2008 10:06:23 -0400
Etienne Robillard <[EMAIL PROTECTED]> wrote:
> On Thu, 11 Sep 2008 05:54:18 +0100
> Tomas Bodzar <[EMAIL PROTECTED]> wrote:
>
> > Hi,
> >
> > Just my view as a beginner with this system (or BFU :-)).Using -current or
>
e iso would
have
the right code for this cheap ass nic card. It seems I will have to wait on
4.4-release,
or perhaps I could take a guess and pick another snapshot and burn it on a cd,
or even
debug rtw armed with my guts and dr pepper :-)
Thanks!
- Etienne
ught maybe rtw0 will work in 4.4-current, or perhaps the nic
is damaged, but apparently it seem to work well with ifconfig,
so I'm kinda clueless. Any pointers how to get rtw0 working
in OpenBSD 4.3 would be kindly appreciated.
Thanks!
erob
--
Etienne Robillard
Software Developer, Green
On Wed, 13 Aug 2008 17:08:02 + (UTC)
[EMAIL PROTECTED] (Christian Weisgerber) wrote:
> Etienne Robillard <[EMAIL PROTECTED]> wrote:
>
> > export TERM=cons25
>
> Bad.
>
> > alias ls='colorls -FG'
> >
> > Sorry i confused freebsd c
s -FG'
Sorry i confused freebsd console (cons25) with obsd console (vt220), but with
cons25
and colorls the console looks pretty.. ;)
Regards,
-Etienne
.html
> Sent from the openbsd user - misc mailing list archive at Nabble.com.
>
Perhaps. But I'd simply use `ls -FG' for that..
in ~/.kshrc put:
alias ls='ls -FG'
Regards,
-Etienne
On Mon, 16 Jun 2008 11:07:33 -0600
"Philip Guenther" <[EMAIL PROTECTED]> wrote:
> On Mon, Jun 16, 2008 at 10:18 AM, Etienne Robillard
> <[EMAIL PROTECTED]> wrote:
> > I'm using OpenBSD 4.3 with Perl 5.8.8, but somehow
> > I cannot remove packages anymo
ideas what could cause this, or do I need to recompile Perl
from the base distribution ?
Thanks in advance
Etienne
k to reinstall than "cross-upgrade".
In any cases one is still interested in upgrading GNU libstdc++ from
OpenBSD (3.9) 4.1 to 4.2 (and maybe 4.3):
http://gthc.org/papers/upgrading-libstdc++-to-openbsd-4.2.txt
Comments and improvements are welcomed. :)
Regards,
Etienne
--
Etienne Robillard <[EMAIL PROTECTED]>
grade the whole system.
Note that I'm not implicitely seeking technical support
here -- only trying to occupy some spare time learning
how GCC et al can be used or 'misused' in OpenBSD..
Regards,
Etienne
On Sun, 23 Sep 2007 21:52:00 +0200
Joachim Schipper <[EMAIL PROTECTED]>
ive, maybe you could try compiling ``ysm`` ? [1]
Regards,
Etienne
1. http://ysmv7.sourceforge.net/
On Sat, 22 Sep 2007 20:05:57 -0500
Sean Darby <[EMAIL PROTECTED]> wrote:
> I'm not sure if my message (below) went through, it didn't seem to post.
> Attempting again. S
included in attachment ...
install: ./i386-unknown-openbsd4.2/bits/basic_file.h: No such file or directory
*** Error code 71
Any ideas what should be done for upgrading libstdc++ to 4.2 ?
Regards,
- -Etienne
iEYEARECAAYFAkb1xLUACgkQdXKAffkXj4OUQgCfR0nL6doj45ydgjD4vTsYHD9X
UCgAoL8EFbMGrYfoyjswy+3sXkF/7dKu
=ip5E
-END PGP SIGNATURE-
[demime 1.01d removed an attachment of type application/octet-stream which had
a name of out]
Hi,
I'm trying to install openbsd on an ultrasparc IIi, and I need to run an
X server on it. Unfortunately, I can't get several consoles :
# echo "Hi, console" > /dev/ttyC0
Hi, console
# echo "Are you configured ?">/dev/ttyC1
ksh: cannot create /dev/ttyC1 : Device not configured
Is this a bug
58 matches
Mail list logo
