On Linux I have mounted another fs inside the user's home folder (it is
mounted twice). I don't know if OpenBSD has that feature.
On Wed, Jun 14, 2017 at 6:38 AM, Ville Valkonen
wrote:
> Hi,
>
> one option is to use local nfs mounts. That's what I've done.
>
> --
> Regards,
> Ville
>
>
> On Jun
After reading this thread I wondered why haven't I gotten an update in a
while. So I checked and syspatch -c show no output but found it had a 1
return code. It turns out my URL in /etc/installurl was no longer a valid
mirror for some reason (didn't investigate, just fixed). I suppose it's a
goo
I had the same issue with boot option in vm.conf and never solved my
difficulty using the vm.conf file itself (I assumed I must have
misunderstood the doc). Instead I used the command line option for vmctl
starting the machine. After I installed the O/S using bsd.rd I did not
need that option any
Hi folks,
I am in the learning process about vmd. When I read the vmctl(8) man
page I have incorrectly got the idea that I can have a VM that has a
vio interface but without a mapping to a host tap interface, simply by
omitting the -i option from the "vmctl start vmX" command. However,
if I read
On Mon, Aug 28, 2017 at 6:18 PM, Mike Larkin wrote:
> On Mon, Aug 28, 2017 at 06:03:16PM -0400, Bryan Harris wrote:
>> If the vio is connected to the virtual switch, and the switch is
>
> But the vio(4) interface isn't visible to the host. So what you said there
> d
group
called tap, but I never connected the dots.
V/r,
Bryan
On Mon, Aug 28, 2017 at 6:52 PM, Mike Larkin wrote:
> On Mon, Aug 28, 2017 at 06:48:20PM -0400, Bryan Harris wrote:
>> On Mon, Aug 28, 2017 at 6:18 PM, Mike Larkin wrote:
>> > On Mon, Aug 28, 2017 at 06:03:16PM -0
Hi Trond,
We must have been typing at the same time, yes that ended up working.
I tried a * character first but that didn't work (and wasn't in the
man page anyway).
V/r,
Bryan
On Mon, Aug 28, 2017 at 9:32 PM, trondd wrote:
> On Mon, August 28, 2017 6:03 pm, Bryan Harris wrote:
I got curious so I looked at the man page. It seems to me one could
authenticate a location i.e. folder/directory based on this part.
> A location section may include most of the server configuration rules except
> alias, connection,hsts, listen on, location, tcp and tls.
V/r,
Bryan
Sent
I don't think you can know the host header unless you decrypt the https
using a certificate. It seems that idea would require SNI but I don't know
if they have SNI in relayd/httpd. (I could be wrong about that.)
In mine I have listen on $ext_addr port 443 tls. Then exists
/etc/ssl/ipaddr:443.cr
Here is what I did, which I learned from the httpd & relayd book by Michael
W Lucas (I recommend). I cannot remember why I set the top header options,
I must have been trying to learn about them. The host ones are to figure
out the site and send the connection to the table above.
ext_addr="..."
There is a book called relayd and httpd. I think it has what you need.
V/r,
Bryan
> On Oct 12, 2017, at 1:33 PM, Andreas Thulin wrote:
>
> Hi!
>
> Before anything, thanks for yet another awesome OpenBSD release! I’ll
> extend my gratitude into the pockets of the Foundation and finally donate
Re: physical access, it seems not a technical problem. I.e. keep laptop
with you, hire a guard, etc. I'm not very technical, but could the hash be
stored in usb stick or online?
Maybe construct yourself a "computer safe" to make it harder for people to
get access while you're away? I.e. increas
I don't know the answer but I'm curious. What does "pfctl -sr" command
show? Can you do dns lookups?
PS - my rules have the "pass out all" rule at the bottom.
V/r,
Bryan
On Fri, Oct 20, 2017 at 6:59 AM, Markus Rosjat wrote:
> Hi there,
>
> I was wondering, after reading mr hansteens excelent
Did you already have a cert for datagenic.com but which didn’t include the new
name?
I think the -A argument only makes a new cert when old one doesn’t exist.
Otherwise tries to use found cert and failed because old cert doesn’t have new
name. At least that’s my understanding.
Or maybe I misu
Ah okay. In my different situation I did
mv /etc/ssl/cert /tmp
Then ran command again.
I will try -D next time instead.
V/r,
Bryan
> On May 25, 2018, at 5:51 PM, Scott Vanderbilt wrote:
>
>> On 5/25/2018 2:41 PM, Bryan Harris wrote:
>> Did you already have a cert for
The webserver is called httpd (not the apache one). I like this book but
some people don't need the extra help of a book (I do).
https://www.michaelwlucas.com/tools/relayd
On Mon, Jun 25, 2018 at 11:49 AM John Long wrote:
> On Mon, 2018-06-25 at 10:15 -0500, Vijay Sankar wrote:
> > Here is my d
Last resort shut down VM then backup.
I like the tool called tarsnap. It backs up to a remote service and you keep a
private key. Everything is encrypted before it “exits” your VM for the remote
side. Also very cheap.
I only backup a few files and spent barely a penny.
> Your current account
> On Aug 7, 2018, at 7:15 AM, Kevin Chadwick wrote:
>
> On Mon, 6 Aug 2018 15:52:11 -0500
> It may be more likely that some zealous chrome devs
> decided https everywhere was utterly important and so misleading
> messages were the order of the day.
For some reason I thought https everywher
Tarsnap?
Sent from my iPhone
> On Sep 2, 2018, at 10:43 AM, Kurtis wrote:
>
> Hey all,
>
> I'm just wondering if anyone has any suggestions with any Online File Backup
> / Synchronization services?
>
> I used Dropbox for a long time but decided to drop it in favor of pCloud.
> It's about ti
Hello,
I have a semi-working vpn from Windows 10 client to OpenBSD 6.4
running iked using machine certificates authentication method.
When I connect to the VPN, I can ping from Win 10 to the ip address of
enc0 on the other side (10.1.0.2). Unbound is listening on that ip
address, and DNS queries
Re: question:
> How did you solve the "like" factor?
I don't know how true, but I like these passages.
"My mother had a favorite saying (origin unknown): "You can get used to
anything if you do it long enough. Even hanging." She trotted out that
saying whenever my siblings or I complained about
My preference is to purchase a book. I have had a good experience with
Absolute OpenBSD, Httpd & Relayd, the tarsnap book, and the Book of PF.
I would buy a book about OpenSMTPD and also ikev2 but I didn't see any.
Just my $0.02, I like books better than online tutorials.
V/r,
Bryan
On Thu, Jan
I once had incorrect VM time causing OCSP response like it was out of date,
and syspatch refused in a similar way. But different than your situation I
think.
V/r,
Bryan
On Fri, Jan 12, 2018 at 7:19 AM, Stuart Henderson
wrote:
> On 2018-01-12, dmitry.sensei wrote:
> > Strange message from syspa
Alternate?: go back to original config and change
server "default"
to
server "example.com"
And maybe an alias for "www.example.com."
Just a thought.
V/r,
Bryan
I'll ask a dumb question. Why do you need extra root directives? Can't you
do this?
location "^/phpapp/*" {
directory index "index.php"
}
location "*.php" {
fastcgi socket "/run/php-fmp.sock
}
Bryan
On Wed, Apr 11, 2018 at 10:32 AM, Mischa wrote:
> > On 11 Apr 2018, at 12:14, Gregory Ediga
On 12/30/2018 12:33 AM, Philip Guenther wrote:
On Sat, Dec 29, 2018 at 11:29 AM Ipsen S Ripsbusker <
ip...@ripsbusker.no.eu.org> wrote:
Aside from compatibility, what is the purpose of primary groups,
compared to secondary groups?
Said otherwise, why do we have both primary and secondary group
26 matches
Mail list logo
