Ted Unangst wrote:
On Tue, 6 Sep 2005, Kelly Martin wrote:
I've got an A6 primary partition with various /usr and /var style partitions
within. Pretty standard, but I ran out of disk space. I added a second
primary A6 partition in the freespace of the same disk using fdisk, but
don't do
Theo de Raadt schrieb:
The reason why I bother this list is that I am impressed of OpenBSD from
the technical point of view. I like its consistency and purity. But in
business environments or comparable organizations where money is an
issue, one needs to think about system management very
Recipient of the infected attachment: TATASERVER1, First Storage Group\Mailbox
Store (TATASERVER1), jimmy contractor/Inbox
Subject of the message: Delivery failed
One or more attachments were quarantined.
Attachment attachment.zip was Quarantined for the following reasons:
Virus [EMAIL
On Wed, Sep 07, 2005 at 09:20:51AM +0200, Alexander Hall wrote:
Not that I have an issue with this now, but would it be possible to
extend the current A6 partition and then update the disklabel
accordingly, if there is free space is directly after, or could/will
this hose stuff? I would
Bruno Rohee wrote:
On Wed, Sep 07, 2005 at 09:20:51AM +0200, Alexander Hall wrote:
Not that I have an issue with this now, but would it be possible to
extend the current A6 partition and then update the disklabel
accordingly, if there is free space is directly after, or could/will
this hose
Hello,
Please, can someone give me a clue how to setup a vpn with authentication.
I've set up a vpn between Windows clients and OpenBSD server, everything
works fine. But since most of our clients are using ADSL lines and their
IP's aren't static I had to allow the whole world to connect to my
It was a pleasure being around here.
Special thanks to:
Jared Yanovich (XTTF Problem),
Diana Eichert (USB Disk Problem).
So long, and thanks for all the tips :-)
~Mayuresh
Try this: http://www.thegreenbow.com/vpn.html.
works very very well with openbsd.
Tomas wrote:
Hello,
Please, can someone give me a clue how to setup a vpn with authentication.
I've set up a vpn between Windows clients and OpenBSD server, everything
works fine. But since most of our clients
This is begging for a flamefest indeed, because it's all lies and
zero facts. Please don't bite.
[EMAIL PROTECTED] wrote:
poncenby wrote:
use qmail (http://cr.yp.to/qmail.html) as the
MTA - not sendmail.
Aaaag!!! At the risk of starting a
flame-fest, do yourself a
On 2005-09-07 10:43, Stephan A. Rickauer wrote:
Theo de Raadt schrieb:
That is completely unsustainable. The pieces we build upon are
advancing too fast.
I couldn't tell Linux is advancing slower.
I think he was speaking about software in general.
I don't buy into that method of
I use openvpn, it uses PKI so only hosts with keys that you've signed
will be able to access your vpn. I found an article
(http://blog.innerewut.de/articles/2005/07/04/openvpn-2-0-on-openbsd)
that helped me get it set up. openvpn also has client + server
versions for windows, so it might be
Hello,
I want to put a cgi-script on my OpenBSD server for shell account
creation. Basically that allows users to sign up accounts via the web.
I however know very little about cgi, I could probably write one if I
looked into it but I thought I would ask first, because it is highly
likely that
--- Quoting Xavier Beaudouin on 2005/09/04 at 22:37 +0200:
rbgp2#sh ip bgp
BGP table version is 19, local router ID is 192.168.0.31
Status codes: s suppressed, d damped, h history, * valid, best, i -
internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? -
try poptop. I've used it only in a most basic scenario, but it seemed
to work well.
it does VPN Windows-style (PPTP).
--knitti
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of
Stephan A. Rickauer
Sent: Wednesday, September 07, 2005 8:51 AM
To: misc@openbsd.org
Subject: Sendmail nullclient
Currently, I am struggling with sendmail. I'd like to configure it as
nullclient but
--On 07 September 2005 14:08 +0300, Tomas wrote:
Please, can someone give me a clue how to setup a vpn with
authentication.
I've set up a vpn between Windows clients and OpenBSD
server, everything works fine.
By itself 'vpn' can mean many things... tunnels over IPsec? PPTP?
unencrypted
Will H. Backman wrote:
Here is what I use in Linux (sendmail 8.12.10):
Thanks. But this is not a real nullclient configuration - or at least
not what I was expecting.
According to various documentations, this should be enough.
Unfortunately, it isn't and I am not a sendmail specialist:
To echo the other replies, I highly suggest OpenVPN as well.
Both isakmpd and openvpn recommend using digital certs to control
access.
Openvpn also has the auth-user-pass-verify switch which calls a
script/app to do additional authentication. Think poor-man's 2-phase
authentication: have
--On 07 September 2005 15:28 +0200, Stephan A. Rickauer wrote:
According to various documentations, this should be enough.
Unfortunately, it isn't and I am not a sendmail specialist:
include(`../m4/cf.m4')
define(`__OSTYPE__',`')
FEATURE(`nullclient', `myiphere')
Hi,
Post a dmesg.
I had a similar problem with ral when i tried to use it in a box with pcibios
2.1
From ral(4):
CAVEAT
PCI ral adapters seem to strictly require a system supporting PCI 2.2 or
greater and will likely not work in systems based on older revisions of
the PCI
Ever had a look at http://untroubled.org/nullmailer/ ?
--
Technology doesn't secure systems, people do - and they use their minds.
-- Richard Forno
Stuart Henderson wrote:
/usr/share/sendmail/cf/clientproto.mc edited appropriately works when I
try it - if it doesn't work for you, post a description and relevant
lines from the system log.
Thanks, I modified a copy of that file according to my needs and did the
following:
m4
Joel Dinel wrote:
Ever had a look at http://untroubled.org/nullmailer/ ?
Nope - thanks. Only knew 'ssmtp' of which the FreeBSD guys have a
wonderful documentation for:
http://www.freebsd.org/doc/en/books/handbook/outgoing-only.html
Don't know what the OpenBSD philosophy is here, but
You had the right idea with authpf.
What I have done in the past is add the VPN pass rule to the authpf
rule... Therefore, people have to ssh in, then the VPN can be
established.
You could do something similar.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
When using this tool, I've noticed that the diff output will show a number
of packages in old but not in new -- they appear in the diff list with
a leading minus sign, but there is no applicable update with a leading plus
sign.
Should I be concerned?
Don't know what the OpenBSD philosophy is here, but without learning
sendmail I am/was not able to simply configure my system as 'send-only'
machine...
Perhaps I'm just smoking crack here, but your machine was pretty
much send-only before you started playing with it. What's the
difference
At 10:03 PM 9/7/2005 +1000, you wrote:
Hello,
I want to put a cgi-script on my OpenBSD server for shell account
creation. Basically that allows users to sign up accounts via the web.
I however know very little about cgi, I could probably write one if I
looked into it but I thought I would ask
C. Bensend wrote:
Perhaps I'm just smoking crack here, but your machine was pretty
much send-only before you started playing with it. What's the
difference between your send-only thing and Sendmail listening
only to localhost (which it does on OpenBSD by default)?
I'd like to have mail not
There's always a way. You could put the info somewhere within the chroot
and have a cron job check it every minute and add the user. Just one
idea, and it has drawbacks in a couple of areas...
L. V. Lammert wrote:
At 10:03 PM 9/7/2005 +1000, you wrote:
Hello,
I want to put a cgi-script on
Joel Dinel wrote:
But yeah, the default sendmail with a simple smarthost setting
(DSmachine.whatever.com in sendmail.cf) would have also done the trick.
It would keep on delivering local mail, which is nice (think all of the
weekly/daily reports).
I'd like to have it the other way around: Mail
Hi,
MAXHOSTNAMELEN in /usr/include/sys/param.h is the longest host name
length, right? Is there a similar constant for IP addresses (also for IPv6)?
Also, why is char b[18] used in /usr/src/lib/libc/net/inet_ntoa.c?
The length of XXX.XXX.XXX.XXX + 0 is two bytes less.
Regards
Alex
Stephan A. Rickauer wrote:
Joel Dinel wrote:
But yeah, the default sendmail with a simple smarthost setting
(DSmachine.whatever.com in sendmail.cf) would have also done the trick.
It would keep on delivering local mail, which is nice (think all of the
weekly/daily reports).
I'd like to have
On Wed, Sep 07, 2005, Stephan A. Rickauer wrote:
Sep 7 15:57:57 gimli.lan.ini.unizh.ch sm-mta[22088]: j87DvvaL000188:
to=[EMAIL PROTECTED], delay=00:00:00, xdelay=00:00:00,
mailer=relay, pri=30344, relay=130.60.230.185 [130.60.230.185],
dsn=5.6.0, stat=Data format error
Most likely the
On Wed, Sep 07, 2005 at 12:29:22PM +0200, Alexander Hall wrote:
Well, I was referring to the OBSD MBR partition (of type A6) (aka BIOS
partitions), a' la fdisk(8). Maybe a bit unclear on that.
So, basically, I wondered if it would be possible to extend
MBR: ||A6
At 05:13 PM 9/7/2005 +0200, Stephan A. Rickauer wrote:
C. Bensend wrote:
Perhaps I'm just smoking crack here, but your machine was pretty
much send-only before you started playing with it. What's the
difference between your send-only thing and Sendmail listening
only to localhost (which it
[snip cut whack]
I want to put a cgi-script on my OpenBSD server for shell account
creation. Basically that allows users to sign up accounts via the web.
[chainsaw noises cut cut]
You can't add a user via cgi with a normal OBSD installation, since Apache
is running chroot'd.
Not directly no,
At 08:16 AM 9/7/2005 -0700, Darrin Chandler wrote:
There's always a way. You could put the info somewhere within the chroot
and have a cron job check it every minute and add the user. Just one idea,
and it has drawbacks in a couple of areas...
There are always ways, .. but I would not
Theo de Raadt wrote:
If this is what your real agenda is -- baiting -- then you should
consider staying off our project's mailing lists.
It is not about baiting, but about learning. Learning involves asking
questions. Questions may offend people. It is not my intention to upset
people as
Antoine Jacoutot wrote:
Stephan A. Rickauer wrote:
Seems to be so easy ... any ideas?
Sure, edit the following file (or copy it under a new name) :
/usr/share/sendmail/cf/submit.mc
Great, that's a big step. The remaining problem is I don't know how to
configure it in a way the hostname of
At 06:03 PM 9/7/2005 +0200, Stephan A. Rickauer wrote:
Great, that's a big step. The remaining problem is I don't know how to
configure it in a way the hostname of my BSD box does not show up in the
from address. Right now, mail is send from [EMAIL PROTECTED].
/etc/myname
Lee
--On 07 September 2005 10:40 -0500, L. V. Lammert wrote:
There are always ways, .. but I would not consider recommending such
sophisticated solutions for the basic user level of this poster.
If it's necessary to ask questions of this nature, perhaps running a
server automatically handing out
Antoine Jacoutot wrote:
This way, every messages will be sent to your.mailserver.com and the
sendmail daemon will not need to be started.
Even if it is obvious, I forgot to say you'll have to regenerate your
submit.cf file and move it over /etc/mail.
Regards,
Antoine
Antoine Jacoutot wrote:
Even if it is obvious, I forgot to say you'll have to regenerate your
submit.cf file and move it over /etc/mail.
Er ... ja, did that ;)
Finally I was also able to fix my last problem by using
FEATURE(masquerade_envelope)dnl, otherwise my postfix server would
refuse
On Wed, 7 Sep 2005, Alexander Hall wrote:
Not that I have an issue with this now, but would it be possible to extend the
current A6 partition and then update the disklabel accordingly, if there is
free space is directly after, or could/will this hose stuff? I would feel more
comfortable with
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of
Stuart Henderson
Sent: Wednesday, September 07, 2005 12:13 PM
To: Misc OpenBSD
Subject: Re: Shell account cgi script
--On 07 September 2005 10:40 -0500, L. V. Lammert wrote:
There are always
Hi,
I've been trying to update the terminfo database to match the terminals
I usually login from, that is a Konsole (TERM=xterm), a redhat linux
console (TERM=linux) and cygwin or putty from windows. Mainly because
shell line editing is broken in a few cases and colours don't work.
I've
On 9/7/05, Will H. Backman [EMAIL PROTECTED] wrote:
Perhaps the OpenBSD community can at least come up with some general
hints for people who wish to use OpenBSD for hosting shell accounts.
IMHO a good method of this is by setting up a chroot for user shells,
whereby a user can log in and at
--On 07 September 2005 18:32 +0100, MikeG wrote:
If that is the case can anyone a way to get my new entries into
terminfo.db, or extract all the existing ones into the expanded
database format?
See /usr/src/share/termtypes/Makefile
Also what governs the width of pages generated by man(1)?
Stephan A. Rickauer wrote:
I tried putting a line into 'genericstable' but that wouldn't work.
'MASQUERADE_AS...' does not help either.
MASQUERADE_AS should work if you put it in submit.mc
Or, what you could do is to tell your mail server to accept mail to
*.yourdomain.com
If your server is
On Fri, Jun 17, 2005 at 11:03:57PM +, David Cathcart wrote:
On my IBM x40 when I connect a usb2 (hi-speed) device (umass(4)) after a
clean boot it attaches to ehci(4) and operates at usb2 hi-speed's. But
after the first suspend-to-disk (Fn+F12) (and all subsequent
suspends/suspend to
Has anyone ever tried to kill a flash disk by building an FFS on it and
writing to it repeatedly?
Also, is there a way to have the filesystem keep track of the number of
writes that have occured since creation?
Or, alternatively, a way to count them from boot or mount?
Jack
On 7/15/05, knitti
On Wed, 7 Sep 2005 13:37:45 -0400 Mike Hernandez [EMAIL PROTECTED]
wrote:
On 9/7/05, Will H. Backman [EMAIL PROTECTED] wrote:
Perhaps the OpenBSD community can at least come up with some general
hints for people who wish to use OpenBSD for hosting shell accounts.
IMHO a good method of
On 9/7/05, Adam [EMAIL PROTECTED] wrote:
On Wed, 7 Sep 2005 13:37:45 -0400 Mike Hernandez [EMAIL PROTECTED]
wrote:
If someone is wanting to give people shell accounts, then they
generally want people to be able to access more than just the shell
itself. The whole point is to let them use the
On Tuesday, September 6, Kelly Martin wrote:
I've got an A6 primary partition with various /usr and /var style partitions
within. Pretty standard, but I ran out of disk space. I added a second
primary A6 partition in the freespace of the same disk using fdisk, but
cannot figure out how to
Mike Hernandez [EMAIL PROTECTED] wrote:
On the contrary, they can do anything that the administrator makes it
possible for them to do. Many of the web hosting accounts I've signed
up for came with a jailed shell that I could use to work with the
files on the server but nothing more.
And web
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of
Mike Hernandez
Sent: Wednesday, September 07, 2005 2:47 PM
To: Adam; misc@openbsd.org
Subject: Re: Shell account cgi script
On 9/7/05, Adam [EMAIL PROTECTED] wrote:
On Wed, 7 Sep 2005 13:37:45
On 9/7/05, Adam [EMAIL PROTECTED] wrote:
And web hosting is not shell hosting is it? What does work with
mean anyways? You need all the binaries to work with, and they
need all their libs to function. Sure, you could copy all the binaries
and libraries of the entire OS into the chroot, but
Mike Hernandez [EMAIL PROTECTED] wrote:
Work with means using various programs like vim or emacs or sed, etc
to manipulate the files. And yes you need the binaries and their
associated libraries for each program you want a jailed user to be
able to run. You don't need an entire OS made
On Wednesday, September 7, Alexander Hall wrote:
Well, I was referring to the OBSD MBR partition (of type A6) (aka BIOS
partitions), a' la fdisk(8). Maybe a bit unclear on that.
So, basically, I wondered if it would be possible to extend
MBR: ||A6 partition..|Unpartitioned|...|
On 9/7/05, Adam [EMAIL PROTECTED] wrote:
It's a useful idea in some scenarios, in others it's not.
Right, and providing shell accounts is in the not category.
Adam
OK I have to concede here. I didn't realize how powerful user classes
were. After doing some research I see that all of
Why not give OpenVPN a try, works well with OpenBSD and Windows XP and
has various options for password protection along with a nice 'stealth'
mechanism preventing it from appearing to none authorised clients.
http://openvpn.net
Tomas wrote:
Hello,
Please, can someone give me a clue how
Simon,
This takes the thread even OT, is the stealth mechanism built in, or is
there a special directive to be added?
Thanks.
Dimitri
On Wednesday 07 September 2005 4:59 pm, you wrote:
Why not give OpenVPN a try, works well with OpenBSD and Windows XP and
has various options for password
--On 07 September 2005 17:30 -0400, Dimitri Yioulos wrote:
This takes the thread even OT, is the stealth mechanism built in,
or is there a special directive to be added?
It uses a pre-shared key, so it doesn't happen by default with TLS
(read about tls-auth in doco to learn how to enable
On Wednesday 07 September 2005 5:58 pm, you wrote:
--On 07 September 2005 17:30 -0400, Dimitri Yioulos wrote:
This takes the thread even OT, is the stealth mechanism built in,
or is there a special directive to be added?
It uses a pre-shared key, so it doesn't happen by default with TLS
From time to time we get people offering us machines like ss10's
and such. Well we don't need those anymore (we have a few test
ones running in the project, and then quite a few more ss20's
spread around, and enough spares here and there -- even in the server
room here the sparc packages are
trying to get a ppp tunnel over ssh working
server/gateway
---
ip.inet.net.forwarding=1
/etc/ppp/ppp.conf
vpn:
allow mode direct
set ifaddr 10.1.1.1 10.1.1.2 255.255.255.255
/etc/sudoers:
pppuser ALL = NOPASSWD: /usr/sbin/ppp
~pppuser/.ssh/authorized_keys
command=sudo
Hello Martin,
I am on the learning curve of Unix type of os's 101.
I went over the man pages again and saw that I was mixing userland 8 pppoe
with kernel 4 pppoe.
I reinstalled the latest Alpha snapshot this afternoon and tried the kernel
4 pppoe setup and still panics.
Using userland 8
Hi,
One of my friends sent me this new OpenBSD website design he created.
Please have a look at it :-D
http://mayuresh.freeshell.org/openbsd/
Thankyou so much
Kind Regards
Siju
Siju George wrote:
Hi,
One of my friends sent me this new OpenBSD website design he created.
Please have a look at it :-D
http://mayuresh.freeshell.org/openbsd/
Fresh and neat. I like it.
-Bruno
On Wed, 2005-09-07 at 21:29:34 -0700, Bruno S. Delbono proclaimed...
Fresh and neat. I like it.
Kinda reminds me of the website back in 1997...
http://web.archive.org/web/19970327004719/http://www.openbsd.org/
On Wed, Sep 07, 2005 at 08:13:26PM +0200, Sebastiaan Indesteege wrote:
On Fri, Jun 17, 2005 at 11:03:57PM +, David Cathcart wrote:
On my IBM x40 when I connect a usb2 (hi-speed) device (umass(4)) after a
clean boot it attaches to ehci(4) and operates at usb2 hi-speed's. But
after the
71 matches
Mail list logo