Re: inconsistency in the symlinks under /etc/systemd

2024-04-10 Thread Dan Purgert 
On Apr 10, 2024, Vincent Lefevre wrote:
> Hi,
> 
> On one machine, I have
> 
> lrwxrwxrwx 1 root root 35 2023-10-07 13:43:24 
> /etc/systemd/system/sockets.target.wants/dm-event.socket -> 
> /lib/systemd/system/dm-event.socket
> 
> and on another one, I have
> 
> lrwxrwxrwx 1 root root 39 2024-01-05 16:54:09 
> /etc/systemd/system/sockets.target.wants/dm-event.socket -> 
> /usr/lib/systemd/system/dm-event.socket
> 
> These symlinks were created at Debian installation time, and in
> both cases, the dmeventd version is 2:1.02.196-1+b1.
> 
> Shouldn't the system ensure that symlinks are consistent on different
> machines (even though the above symlinks are equivalent), for instance
> to ease the comparison of configurations between machines?

I'd hazard it's a consequence of usrmerge being the "default state" in
one installation and not the other.

-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: ata6.00: failed to IDENTIFY (I/O error, err_mask=0x100)

2024-01-12 Thread Dan Purgert 
On Jan 12, 2024, Vincent Lefevre wrote:
> In one of my new machines, I have a DVD+/-RW drive. There were
> no issues on January 8 and 9. But today, I'm getting
> 
>   ata6.00: failed to IDENTIFY (I/O error, err_mask=0x100)
> 
> errors at boot time.
> [...]
> 
> Any idea?

It's an I/O error between the SATA controller and whatever device when
the controller is asking it to identify its capabilities.

Could be as simple as a loose cable (or bad cable / port).



-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: 1 Currently unreadable (pending) sectors How worried should I be?

2024-01-02 Thread Dan Purgert 
On Jan 02, 2024, Charles Curley wrote:
> I have a brand new NVME device, details below, in a brand new computer.
> smartd just started returning pending sector errors.

Means you've got "N" bad sector(s) on the drive.  It happens, even on
new drives.

> 
> A recent extended (long) test run since the first reported pending
> sector returned no errors.
> 
> How worried should I be?

I wouldn't be "very" worried; but I'd keep an eye on it (especially with
regards to any warranties you may have on the machine)

> Device Model: NS256GSSD330
> Serial Number:W3ZK047027T
> Firmware Version: V0823A0
> User Capacity:256,060,514,304 bytes [256 GB]
> Sector Size:  512 bytes logical/physical
> Rotation Rate:Solid State Device
> Form Factor:  mSATA
> TRIM Command: Available
> Device is:Not in smartctl database 7.3/5533
> ATA Version is:   ACS-2 T13/2015-D revision 3
> SATA Version is:  SATA 3.2, 6.0 Gb/s (current: 6.0 Gb/s)
> Local Time is:Tue Jan  2 15:27:45 2024 MST
> SMART support is: Available - device has SMART capability.
> SMART support is: Enabled
> 
> === START OF READ SMART DATA SECTION ===
> SMART overall-health self-assessment test result: PASSED
> 
> …
> 
> SMART Self-test log structure revision number 1
> Num  Test_DescriptionStatus  Remaining  LifeTime(hours)  
> LBA_of_first_error
> # 1  Extended offlineCompleted without error   00%   764 -
> # 2  Short offline   Completed without error   00%   116 -


You kinda removed the important bits out of this report with regards to
the drive health.  That being said, this drive is not an NVMe -- did you
check the right one?


-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: Help: network abuse

2023-12-21 Thread Dan Purgert 
On Dec 21, 2023, Alain D D Williams wrote:
> My home PC is receiving, for hours at a time, 12-30 kB/s input
> traffic. This is unsolicited. I do not know what it is trying to
> achieve but suspect no good. It is also eating my broadband
> allowance.
> 
> Questions:
> 
> • What is going on ?

Looks like bots.

> 
> • What can I do about it ?
 

Dropping the entirety of Asia/Africa has helped my logs (though, my ISP
doesn't track usage; and I imagine if they did, it wouldn't actually
HELP anything there, since the traffic already made it to me).  If it's
a reputable hosting company, contacting their abuse department may
possibly help them kill the account(s) running the bots.

-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: Mouse single click handling?

2023-12-20 Thread Dan Purgert 
On Dec 19, 2023, Felix Miata wrote:
> Alexander V. Makartsev composed on 2023-12-19 11:37 (UTC-0500):
> 
> > local10 wrote:
> 
> >> I have several mice that went bad with the same defect: they
> >> sometimes generate two single clicks very quickly (say, within
> >> 10-20ms) instead of a single click.
> > This is a very common problem with micro-switches inside computer mice, 
> > mechanical keyboards, etc.
> > They wear out with use and has to be replaced, given that they are very 
> > inexpensive, standardized and relatively easy to replace.
> > Here is a link to PDF datasheet [1] for Omron D2F series switches 
> > specifications.
> > You need a switch with pin plunger and compatible terminals, those 
> > depend on mice model.
> > You can buy them at local electronics store, order them from China 
> > (AliExpress), or from any other reputable source.
> 
> > [1] https://omronfs.omron.com/en_US/ecb/products/pdf/en-d2f.pdf
> 
> Can you suggest any particular online source in North America that
> sells those switches? I had no success trying to refurb one in my
> invaluable Logitech Trackman Marble FX PS/2 trackball. It took 2 hours
> to get that tiny switch back together after disassembly and cleaning.
> :( A Kensington Orbit I had much better luck with cleaning, so didn't
> need a new switch.

Mouser () or Digikey () both
carry the D2F series. They're both wonderful to work with, although I
prefer Digikey's parametric search over Mouser.


-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: Mouse single click handling?

2023-12-19 Thread Dan Purgert 
On Dec 19, 2023, local10 wrote:
> I have several mice that went bad with the same defect: they sometimes
> generate two single clicks very quickly (say, within 10-20ms) instead
> of a single click.
> 
> With reference to the above, is there a way or setting to force
> several mouse clicks within a short period of time to be interpreted
> as a single mouse click?

As far as I'm aware, there are no "low-pass" options in the drivers /
software to accommodate the case when the mechanical parts in the mouse
start sending spurious clicks, thanks to the contacts / springs / etc.
wearing out.  

It'd probably be less effort to just replace the failing switch(es) in
the mouse than trying to add that to the software.


-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: Could not find interfaces configuration file /etc/network/interfaces in Debian Linux 11 (bullseye)

2023-12-07 Thread Dan Purgert 
On Dec 07, 2023, to...@tuxteam.de wrote:
> On Thu, Dec 07, 2023 at 03:52:20PM +, Turritopsis Dohrnii Teo En Ming 
> wrote:
> 
> [...]
> 
> > Problem
> > =
> > 
> > On 6 Dec 2023, our client discovered that their UDM Pro could not perform 
> > firmware updates automatically. Their UDM Pro was running UniFi OS version 
> > 3.0.20. Client wants to upgrade firmware to latest version 3.1.16 but 
> > couldn't.
> > 
> > UDM Pro runs Debian 11 (bullseye)
> > 
> 
> Now I don't understand: is it running UniFi OS or Debian bullseye?

"UniFi OS" (And EdgeOS on other lineups) is customized Debian Stable of
some flavor or other.

> 
> Or is Ubiquiti just cheapskating and sending their customers here
> to save on customer support?

I've never seen them direct customers anywhere other than their support
forums... 

-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: ntpsec as server questions

2023-12-04 Thread Dan Purgert 
On Dec 04, 2023, gene heskett wrote:
> [...]
> So here on coyote: date -u:
> Mon Dec  4 15:47:44 UTC 2023
> but on mkspi: date -u:
> Mon 04 Dec 2023 03:47:16 PM UTC
> [...]
> 
> WTH?  Where is that false 12 hour offset coming from?

Coyote seems to use the standard output of 'date' (in 24-hour clock
format).  

mkspi /appears/ to be using an approximation of "-R" ("--rfc-email",
as set in RFC5322), though it's missing the comma between "Mon" and "04
Dec", and is set in 12-hour mode.

It's been ages since I've dug into it, but I _BELIEVE_ the LC_TIME
environment variable has an effect here. (Or had, at some point in the
past).

-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: time question, as in ntp?

2023-12-01 Thread Dan Purgert 
On Dec 01, 2023, Greg Wooledge wrote:
> On Fri, Dec 01, 2023 at 08:20:57AM -0500, gene heskett wrote:
> > You claim I don't have to do anything to that printer machine, so I
> > installed the ICC server here. I have done zip to the dhcpd.conf which looks
> > as it it is fully disabled. Assuming I want a pool of 16 addresses, say from
> > 192.168.71.100 to 192.168.71.115, what do I uncomment and fill in, in
> > dhcpd.conf?
> > 
> > If I'm going to have to do this, I want it done the approved way.
> > 
> > I want the server to only respond to the MAC address of that printer, no
> > response to any other MAC that might come calling.
> 
> The pool is for "anyone who comes calling".
> 
> Your reserved addresses should be outside the pool.

At one time (or I'm just conflating isc-dhcp-server with some other
dhcp server option), it was required that a host's "fixed-address" was
within the defined range ("address pool").  Looking at a manpage dated
2021 (or well at least /usr/share/man/man8/dhcpd.8.gz is dated 2021), it
doesn't specify one way or the other.

It does, however, note that if you do set a host's fixed-address that
falls in the range, it just gets skipped when a client that doesn't
match the defined host-identifier (e.g. MAC Address) is requesting an
IP.

-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: time question, as in ntp?

2023-12-01 Thread Dan Purgert 
On Dec 01, 2023, gene heskett wrote:
> [lotsa snipping ... ]
> 
> You claim I don't have to do anything to that printer machine, so I
> installed the ICC server here. I have done zip to the dhcpd.conf which
> looks as it it is fully disabled. Assuming I want a pool of 16
> addresses, say from 192.168.71.100 to 192.168.71.115, what do I
> uncomment and fill in, in dhcpd.conf?

Sent you a mail off-list with greater detail (hopefully it'll get
through).  

Simple approach --> look for the stanza beginning "subnet".  It should
already be uncommented (as I recall), and probably setup for the "pretty
standard default RFC1919 range" of 192.168.1.0/24.



-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: time question, as in ntp?

2023-12-01 Thread Dan Purgert 
On Dec 01, 2023, gene heskett wrote:
> On 11/30/23 23:18, Max Nikulin wrote:
> > [...]
> > What I see in your messages are false claims, e.g. that DHCP addresses
> > are unstable. DHCP servers *may* be configured to assign fixed addresses
> > to particular clients.
> > 
> My ISP does that, so my exterior net address has been stable for over a
> decade, but I've tried it 2-3 times in the 2000's and got unstable
> addresses from  the distro versions of dhcp every time.

Your router just renews its lease within the renewal window. If you had
no power for a week, then your router would lose its lease, and the IP
address would change. That is -- no, your ISP does not reserve your IP
address at all.

Likewise, a Debian box running isc-dhcp-server (or any of the other
myriad of options) will hand out the same address to the same machine
forever, provided that machine asks to renew before the lease expires.

Note that if we're talking about devices that leave your network, this
somewhat goes out the window; because if they happened to join a remote
network that happens to share the same subnet, AND that network tells
them to use a different IP address (e.g. home was 192.168.1.100,
starbucks told your laptop '100' wasn't available), then the laptop MAY
request the IP address Starbucks gave when you get back home.

-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: time question, as in ntp?

2023-12-01 Thread Dan Purgert 
On Dec 01, 2023, gene heskett wrote:
> On 12/1/23 05:41, Dan Purgert wrote:
> > On Nov 30, 2023, gene heskett wrote:
> > > On 11/30/23 22:07, John Hasler wrote:
> > > > Gene writes:
> > > > > let me clarify: This buster machine acting like a 3d printer does NOT
> > > > > have dhcpcd installed. No trace of it in /etc Only dhcp.
> > > > 
> > > > I'm sure it's running dhclient.  do
> > > > 
> > > >   ls /etc/dhcp
> > > > 
> > > > and
> > > > 
> > > >   ps ax | grep dhc
> > > > 
> > > > You don't need to do anything on that machine.  Just install a dhcp
> > > > server somewhere on your network (on the router is conventional) and it
> > > > will give that machine an ip number.
> > > 
> > > At risk of repeating myself forever, I don't need an unstable address, I
> > > don't want whatever the heck is left in the pool. Hosts files do that, 
> > > dhcp
> > > doesn't. It just hands out the next number in the pool.  hosts files are
> > > static. A forveer lease.
> > 
> > DHCP will only hand out the "next" ('unstable') address to a host that
> > currently has no valid lease AND does not have a reservation set on the
> > DHCP server.  Reservations are based on host MAC address.
> > 
> > Any host that has a valid lease will renew that lease indefinitely, at
> > lease half-life (and if the DHCP server happens to be missing at
> > half-life, retry at 7/8ths ).
> 
> Assuming I install a dhcp SERVER on this machine, how do I edit the
> client.conf on that machine to query this one?, and how to I enable this
> "reservation" on this SERVER so it hands out a stable address ONLY if the
> reservation matches? Point me at the docs please and I'll go away.

You don't tell the client anything.  DHCP is initiated by a broadcast
from a client looking for an IP address.

Reservation syntax depends on which DHCP server you're using.  If it's
isc-dhcp-server (predecessor to kea; though I've not yet migrated to
kea), then, in the 'subnet' directive, you add a "host" directive.

The isc-dhcp-server example config file (and html manual) cover the
syntax in greater detail, but here's a short example:

  subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.100 192.168.1.199;
[... DNS, default gateway, etc ...]

host thePrinter {
  hardware ethernet 00:12:34:56:78:9A;
  fixed-address 192.168.1.120;
}
  }


-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: time question, as in ntp?

2023-12-01 Thread Dan Purgert 
On Nov 30, 2023, gene heskett wrote:
> On 11/30/23 22:07, John Hasler wrote:
> > Gene writes:
> > > let me clarify: This buster machine acting like a 3d printer does NOT
> > > have dhcpcd installed. No trace of it in /etc Only dhcp.
> > 
> > I'm sure it's running dhclient.  do
> > 
> >  ls /etc/dhcp
> > 
> > and
> > 
> >  ps ax | grep dhc
> > 
> > You don't need to do anything on that machine.  Just install a dhcp
> > server somewhere on your network (on the router is conventional) and it
> > will give that machine an ip number.
> 
> At risk of repeating myself forever, I don't need an unstable address, I
> don't want whatever the heck is left in the pool. Hosts files do that, dhcp
> doesn't. It just hands out the next number in the pool.  hosts files are
> static. A forveer lease.

DHCP will only hand out the "next" ('unstable') address to a host that
currently has no valid lease AND does not have a reservation set on the
DHCP server.  Reservations are based on host MAC address.

Any host that has a valid lease will renew that lease indefinitely, at
lease half-life (and if the DHCP server happens to be missing at
half-life, retry at 7/8ths ).


-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: time question, as in ntp?

2023-11-30 Thread Dan Purgert 
On Nov 29, 2023, gene heskett wrote:
> On 11/29/23 21:40, Charles Curley wrote:
> > On Wed, 29 Nov 2023 20:53:19 -0500
> > gene heskett  wrote:
> > 
> > > > A changing network is exactly what dhcp is for.  With it you will
> > > > not need to do anything when you add a machine.
> > > 
> > > Does it always lock the address to that MAC? ISTR a time long ago
> > > when it didn't.
> > 
> > Normally DHCP does not lock a given IP address to a given MAC address.
> > However, you can do so on a per machine basis with the fixed-address
> > option. E.g:
> > 
> > host hawk   # new (2016) desktop
> > {
> > option host-name "hawk";
> > hardware ethernet 30:5a:3a:81:83:79;
> > fixed-address 192.168.100.6;
> > option domain-name-servers 192.168.100.30, 127.0.0.1; # chaffee, 
> > localhost
> > ddns-hostname hawk;
> > }
> In what file do I place similar info to this for eth0?

You don't set it on a client, but the DHCP Server itself.

Specific network host (if Debian or a derivative) would be
/etc/network/interfaces. 

-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: time question, as in ntp?

2023-11-30 Thread Dan Purgert 
On Nov 29, 2023, gene heskett wrote:
> On 11/29/23 20:20, John Hasler wrote:
> > Gene writes:
> > > I've been told that /etc/network/interfaces is not the "today way" to
> > > do it.
> > 
> > It works fine.
> > 
> > > Then [dhcp is] something else I'll have to maintain as my network
> > > grows,
> > 
> > A changing network is exactly what dhcp is for.  With it you will not
> > need to do anything when you add a machine.
> Does it always lock the address to that MAC? ISTR a time long ago when it
> didn't.

Not by default.  It certainly /can/ though.  I can't say it's been
available "forever", but reservations for specific MAC addresses have
been available for the last 20 years.

Noting, of course, that just because a network has a DHCP pool, you
don't _have_ to use it for all hosts.  For example here, I have all
"servers" and network hardware set up with static addresses outside the
DHCP Pool, then a pool for mobile devices (phones / tablets / etc.) and
obviously anything "new" that gets added.

-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: time question, as in ntp?

2023-11-30 Thread Dan Purgert 
On Nov 30, 2023, Max Nikulin wrote:
> On 30/11/2023 05:53, Dan Purgert wrote:
> > Avahi BS?  APIPA ("A"utomatic "P"rivate "IP" "A"ddressing) is not
> > avahi/mDNS (aka Bonjour / Zeroconf).
> > 
> > Your DHCP client giving you an APIPA address is indicative of broken
> > DHCP, and the fix is either:
> 
> avahi-daemon (multicast name resolution and service discovery) and
> avahi-autoipd (link-local IP addresses) debian packages are built from the
> same "avahi" upstream project despite their purpose is different (and
> related).
> 
> There are alternatives that may play the same roles (assigning 169.254.x.y
> IPv4LL addresses and sending/responding to mDNS queries): udhcp,
> systemd-networkd. I am unsure however if all CUPS features are available
> without avahi.

APIPA (or I guess more appropriately now -- IPv4LL) addresses are a
timeout failure mode of the DHCP client (IIRC the default Debian client
is / was isc-dhcp-client).  At least that's what's running here (box
pulled forward from a netinst of Jessie or Sarge), and _without_
avahi-autoipd I can get those if DHCP falls over (least ISTR getting it,
maybe I never did :/ )

> 
> With proper network configuration (static IP addresses as first step) avahi
> may be ignored in this case. Currently avahi-autoipd (or another tool)
> successfully manged to make it possible to connect at least local network.
> Since static IPs are used in the local network, manual configuration is
> required to make global connections available.
> 

-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: time question, as in ntp?

2023-11-30 Thread Dan Purgert 
On Nov 29, 2023, gene heskett wrote:
> On 11/29/23 17:52, Dan Purgert wrote:
> > On Nov 29, 2023, gene heskett wrote:
> > > On 11/29/23 14:03, Greg Wooledge wrote:
> > > > On Wed, Nov 29, 2023 at 01:17:18PM -0500, Dan Purgert wrote:
> > > > > 'ntpd' I think (or is it systemd-timed or something like that 
> > > > > nowadays?)
> > > > 
> > > > Gene's system is running some derivative of buster (Debian 10).
> > > No I am not, Greg, been running bookworm for almost a year on this 
> > > machine.
> > > It is the 3d printer, a QIDI X-MAX 3,  which is running armbian buster 
> > > that
> > > I am trying to fix. At least enough to set its clock, which is about a 
> > > year
> > > out of date ATM.
> > > 
> > > Just now did a powerdown which restarts it at:Sun 01 Jan 2023 06:02:14 AM
> > > PST
> > > 
> > > I have added some of my hosts file into its hosts file, and I can ping 
> > > back
> > > and forth, and a valid ipv4 nameserver to resolv.conf and ping is working
> > > locally. But I can't find where its setting its default ipv4 address to 
> > > the
> > > avahi bs, even with grep -r.
> > 
> > Avahi BS?  APIPA ("A"utomatic "P"rivate "IP" "A"ddressing) is not
> > avahi/mDNS (aka Bonjour / Zeroconf).
> > 
> > Your DHCP client giving you an APIPA address is indicative of broken
> > DHCP, and the fix is either:
> > 
> >A. Fix your broken DHCP
> >B. Set the machine up with a static IP address
> > 
> > I'm kind of surprised that an Armbian box doesn't have a hwclock that
> > you can set the proper time on, to survive reboots (but anyway, I
> > imagine once you get the machine running with a valid IP address for
> > your network, it'll be able to use whatever time-sync service armbian
> > ships with (quick ddg search implies it ships with chrony installed /
> > setup as default).
> 
> I'll have to check that, but installing chrony here on this bookworm box
> will remove the systemd thing, which is present on the armbian buster

Leave the bookworm PC alone - the problem is specifically on your
armbian box or network in general. 

> installed on it.  ISTR I had the rpi4 setup on buster raspios plus my rt
> kernel, and that static entry IIRC was in /etc/network/interfaces, which I
> haven't tried yet.  Was that buster or did they have a better place.

/etc/network/interfaces is the standard place for configuring network
interfaces in Debian and derivatives (although Network Mangler may be
offered as a frontend)

> Tickled my memory, /etc/dhcpcd.conf would appear to be the place. But I'll
> have to compose 100% of the option "static".

"Static" IP addressing is not handled in dhcp client configs.

-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: time question, as in ntp?

2023-11-29 Thread Dan Purgert 
On Nov 29, 2023, gene heskett wrote:
> On 11/29/23 14:03, Greg Wooledge wrote:
> > On Wed, Nov 29, 2023 at 01:17:18PM -0500, Dan Purgert wrote:
> > > 'ntpd' I think (or is it systemd-timed or something like that nowadays?)
> > 
> > Gene's system is running some derivative of buster (Debian 10).
> No I am not, Greg, been running bookworm for almost a year on this machine.
> It is the 3d printer, a QIDI X-MAX 3,  which is running armbian buster that
> I am trying to fix. At least enough to set its clock, which is about a year
> out of date ATM.
> 
> Just now did a powerdown which restarts it at:Sun 01 Jan 2023 06:02:14 AM
> PST
> 
> I have added some of my hosts file into its hosts file, and I can ping back
> and forth, and a valid ipv4 nameserver to resolv.conf and ping is working
> locally. But I can't find where its setting its default ipv4 address to the
> avahi bs, even with grep -r.

Avahi BS?  APIPA ("A"utomatic "P"rivate "IP" "A"ddressing) is not
avahi/mDNS (aka Bonjour / Zeroconf).  

Your DHCP client giving you an APIPA address is indicative of broken
DHCP, and the fix is either:

  A. Fix your broken DHCP
  B. Set the machine up with a static IP address

I'm kind of surprised that an Armbian box doesn't have a hwclock that
you can set the proper time on, to survive reboots (but anyway, I
imagine once you get the machine running with a valid IP address for
your network, it'll be able to use whatever time-sync service armbian
ships with (quick ddg search implies it ships with chrony installed /
setup as default).

HTH :)

-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: time question, as in ntp?

2023-11-29 Thread Dan Purgert 
On Nov 29, 2023, Greg Wooledge wrote:
> On Wed, Nov 29, 2023 at 01:17:18PM -0500, Dan Purgert wrote:
> > 'ntpd' I think (or is it systemd-timed or something like that nowadays?)
> 
> Gene's system is running some derivative of buster (Debian 10).
> If I remember correctly, buster did not enable systemd-timed by
> default.  The "ntp" package should be available [...]

Right, I recall it being ntp (vaguely, at least up through Debian9 /
Stretch), but the actual defaults of 9/10/11 are a bit fuzzier.
Downside of not actually following the release info as closely as I used
to, I guess. :)


-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: time question, as in ntp?

2023-11-29 Thread Dan Purgert 
On Nov 29, 2023, gene heskett wrote:
> Greetings all;
> 
> I have a 3d printer, an arm64 controller running ambian buster
> it has an address of 169.254.xx.xx/16
> it can ping this machine but something is killing full net access, so it
> can't set its time.

The address range 169.254.0.0/16 is APIPA reserved space, for use
primarily when DHCP fails (this is a "Bad Thing").  If you have a
machine with this IP address, it's probably best to figure out why DHCP
is failing.

> 
> It can talk to this machine by address.  Running bookworm here.

"what" can talk to "what machine" by "what address" ?

> 
> There was at onetime, the ability to make this machine serve as a lower
> level time server so it should be possible to have this printers time
> requests satisfied by this machine which s/b within a millisecond or 2 of
> the master clock in Boulder CO.
> 
> Is there a ready made package for that? Or, can this be enabled in systemd
> stuff?

'ntpd' I think (or is it systemd-timed or something like that nowadays?)

-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: unexpected behavior

2023-11-28 Thread Dan Purgert 
On Nov 27, 2023, Daniel Rodriguez wrote:
>
> Context: I have Debian 11 in a HDD and Windows 11 in a SSD. Initially, the
> first running disk was my SSD.
> Event: when I switched to HDD and Debian booted, this applied an
> update and restarted as usual. Later it entered the BIOS setting on
> its own[...]

I've never seen a linux update trigger a machine entering BIOS / UEFI
(although I do not use SecureBoot, so perhaps an update triggered some
update necessary to the keys).

Sounds like the BIOS detected the drives in a different order this time
through (which I have definitely seen).


-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: dedicated IP

2023-11-28 Thread Dan Purgert 
On Nov 28, 2023, Andy Smith wrote:
> Hello,
> 
> On Mon, Nov 27, 2023 at 06:42:53PM -0500, Dan Purgert wrote:
> > On Nov 27, 2023, Maureen L Thomas wrote:
> > > NORPVPN is software that installs a VPN.  Not really trying to solve a
> > > problem just securing my machine against intruders.  My understanding of a
> > > dedicated IP means I will always have the same IP.
> > 
> > Well, a VPN doesn't "secure your machine against intruders", so seems
> > their service (with "dedicated IP" or not) is pointless for you.
> 
> Pointless for almost everyone who isn't e.g. trying to access their
> home country's Netflix while they're overseas or whatever. But

Well, yeah that too :).  But let's focus on what Maureen said, in that
they believe a VPN is "going to secure their machine against
intruders(tm)".



-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: dedicated IP

2023-11-27 Thread Dan Purgert 
On Nov 27, 2023, Maureen L Thomas wrote:
> NORPVPN is software that installs a VPN.  Not really trying to solve a
> problem just securing my machine against intruders.  My understanding of a
> dedicated IP means I will always have the same IP.

Well, a VPN doesn't "secure your machine against intruders", so seems
their service (with "dedicated IP" or not) is pointless for you.

-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: Performance of my computer

2023-10-30 Thread Dan Purgert 
On Oct 30, 2023, Van Snyder wrote:
> On Mon, 2023-10-30 at 19:40 +, piorunz wrote:
> > On 30/10/2023 18:56, Van Snyder wrote:
> > > Firefox, in every version I've used so far, appears to have
> > > memoryleaks. If I kill it, not by clicking its little "X" or Alt-
> > > F4, but with"kill -9", so that it reopens everything when I restart
> > > it, my memoryusage immediately drops by 75%. Then it creeps back
> > > up.
> > 
> > Firefox doesn't have any memory leaks. It actively uses buffers,
> > cache,filling available memory. I have Firefox running for days,
> > sometimesweeks. On slow laptop, and fast workstation PC. Same result,
> > no crashes,no memory leaks.
> 
> Then why does it use 1/3 as much memory to display the same pages and
> tabs when I kill it and restart it? That's a symptom of memory leakage.

Or is it a plugin that leaks (or crap scripts on the sites)?

-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: Domain name to use on home networks; was: Bookworm:NetworkManager

2023-10-25 Thread Dan Purgert 
On Oct 26, 2023, jeremy ardley wrote:
> 
> On 26/10/23 07:24, David Wright wrote:
> > > Or if you already have a domain, you can use a subdomain. eg. I have
> > > rail.eu.org, and at home it is depot.rail.eu.org
> > I'm not sure how that would work when my home network
> > is on a different continent from my domain's hosting.
> 
> 
> This is no problem asides from DNS.
> 
> You will have DNS records set up for your hosted service  with public IP
> addresses. It's quite straight forward to add a subdomain and assign non
> routable IP addresses to it.
> 
> Downside is it will look odd to an observer, and will leak some info about
> your internal network.
> 
> As an alternative you can still use the same naming convention but not put
> it in the public domain. This will require you to set up your own internal
> DNS service or hosts files and have DNS queries resolved locally without
> going to the external DNS server.

Indeed, split-horizon DNS is quite good for this "problem".


-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: Which Network Controller Card handling Wi-Fi, Bluetooth, etc., connectivities, is GNU/Linux Approved/certified, and would be (1) compatible with my HP laptop's motherboard, and (2) could replace t

2023-10-24 Thread Dan Purgert 
On Oct 24, 2023, Susmita/Rajib wrote:
> [...]
> -Product-
> Name  : HP Notebook (Hewlett-Packard, www.hp.com)
> Family: 103C_5335KV G=N L=CON B=HP (Hewlett-Packard, 
> www.hp.com)
> Vendor: Hewlett-Packard (Hewlett-Packard, www.hp.com)
> 

HP are generally very anti-consumer, and include device whitelists in
their BIOS/UEFI loaders that will prevent your PC from booting if there
isn't HP-approved wifi (etc.) in there -- at least on the PCI bus.

Additionally, your machine (or at least the model) appears to be about
10 years old (so chances of HP still selling parts is a bit slim); so
you're probably "limited" to grabbing one of the generic USB dongles
that're on the market, based on various Realtek chipsets (such as the
8811xU 802.11a/b/g/n/ac ones).



-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: cli_ how to find_ firefox versions available in all suites

2023-10-21 Thread Dan Purgert 
On Oct 21, 2023, జిందం వాఐి wrote:
> * i want to check package versions
> available in various suites [ stable, testing,
> experimental, etc.. ] using cli
> * for example_ firefox

As far as I'm aware, the only real option here would be a web-browser
(e.g. lynx or elinks) to check https://packages.debian.org .


-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: Need help with PGP signature verification

2023-10-08 Thread Dan Purgert 
On Oct 08, 2023, Tom Browder wrote:
> On Sun, Oct 8, 2023 at 3:29 AM DdB
>  wrote:
> > Am 08.10.2023 um 01:16 schrieb Tom Browder:
> > > I'm willing to trust published PGP key fingerprints for signers of
> > > Rakudo downloadable files.
> > > Question:  How can I get the fingerprint from the downloads?
> > There is more than just one way to archieve this, first result from
> 
> I should have been more specific. I have the following:
> 
> -BEGIN PGP SIGNATURE-
> 
> iHUEABYKAB0WIQTdpb2j9c3OmfntVsEsxulzgY84awUCZQ1GBgAKCRAsxulzgY84
> a+jhAQCZ0lLh1EnB1AwrgW0zPBp801OOeJ2QUiDBOGXBbrl/7QD/ZQe738sF2tCR
> 43SAvJOfT3b4YpGdfSUj9F7XNDoovQM=
> =mNqK
> -END PGP SIGNATURE-
> 
> I need the fingerprint from that to compare with the fingerprints I
> know from Github to see if it's from the same key.

No, you just need the key(s) from the developer(s).  Assuming you've not
accidentally tampered with the files, you'll be able to verify this
signature with a command like "gpg --verify shasum.txt.gpg shasum.txt".

You'll get a message to the effect of 

  Signature made [some-date-here]
  using RSA Key [fingerprint-here]
  Good signature from "Some Person's GPG Key Name"

NOTE -- you MAY also receive some lines to the effect of 

  WARNING: This key is not trusted, the authenticity of the signature
  cannot be verified.

As with checking a Debian ISO (or other Linux distro that uses this
style of verification), this is nothing to be worried about, it's just
GPG informing you that it doesn't have any information as to whether you
actually "trust" the key (either through you explicitly signing /
trusting the key, or trust being derived through the GPG Web of Trust).
It's roughly the GPG equivalent of a web browser going "WARNING - Self
Signed Certificate".


Anyway, once you're done with this; then you know the sha256 checksum
file is the one the developers intended you to get; and you can use it
to check the *iso file.  Probably something like "sha256sum
--ignore-missing -c sha256sum.txt"

HTH :)

-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: Debian on Ubiquiti Edgerouter Lite?

2023-09-12 Thread Dan Purgert 
On Sep 12, 2023, Christian Groessler wrote:
> Hello Group,
> 
> is there a Debian version which could be installed on mentioned
> Edgerouter?

Yes, sort of -- their firmware is (was) a custom Debian (iirc, stretch).
Quick check of their site https://ui.com/download/software/erlite3 shows
that they most recently released firmware on 31 July 2023.
Unfortunately there are no release notes. 

As I recall, if you move away from their firmware, you're going to lose
out on the modules necessary to get the Cavium chipset to work.


-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: bug report question

2023-09-07 Thread Dan Purgert 
On Sep 07, 2023, duh_gently...@simplelogin.com wrote:
> Thank you for your advice!

No problem.

> 
> lspci says:
> 00:01.3 PCI bridge: Advanced Micro Devices, Inc. [AMD] Family 17h (Models
> 00h-0fh) PCIe GPP Bridge

Okay so it's the root PCI bridge on the motherboard.  Are there any
BIOS/UEFI updates available?

> 
> The only 2 PCIe devices I have are my video card and my m.2 drive. I have
> had different kernel versions as I have had this problem for at least 6
> months (debian testing)... so I can't really say when it all started.

What kernel are you running right now?


-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: bug report question

2023-09-07 Thread Dan Purgert 
On Sep 07, 2023, duh_gently...@simplelogin.com wrote:
> Hello,
> 
> I'd like to submit a bug, but I'm not quite sure which package it
> should be.
> I could not find anything similar in the bugtracker.
> 
> The problem occurs every 10-20 times. After the system has been suspended
> and then resumed, the following message is written to kern.log and syslog:
> 
> 2023-09-07T09:43:21.264297+02:00 host kernel: [527584.040221] pcieport
> :00:01.3: PME: Spurious native interrupt!
> [...]
> 
> I accept that the message may indicate a valid problem, but having so many
> log messages is not OK either. Currently, when this happens, I am
> forced to manually delete the log file and reboot.

At first glance, it seems to be hardware related. What device is plugged
into that PCIe slot (or is it the PCIe Root)?


In no particular order:

  - Check for a BIOS/UEFI update
  - Check with an older kernel
  - Check for an updated kernel module / driver
  - Reboot and revert to the previously working kernel revision / patch



-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: file server

2023-07-12 Thread Dan Purgert 
On Jul 12, 2023, gene heskett wrote:
> On 7/12/23 06:01, Stanislav Vlasov wrote:
> > ср, 12 июл. 2023 г. в 14:45, lina :
> > [...]
> > 2 (see https://en.wikipedia.org/wiki/RAIDhttps://en.wikipedia.org/wiki/RAID)
> Unfortunately, I'm getting wikipedia's fancy 403 at that link?

Seems it was doubled-up.  The correct link is simply 

  

-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: Fwd: Problem verifying iso file

2023-06-23 Thread Dan Purgert 
On Jun 23, 2023, Thomas George wrote:
> I thought I had posted this to the debianlist but somehow it seems to have
> been posted to myself [...]
> 
> What am i doing wrong?
> [...]
> I tried md5sum SHA512SUMS.txt SHA512SUMS.sign.txt

If you're trying to verify the signature on the checksum file, you need
to use gpg:

  gpg --verify SHA512SUMS.sign.txt SHA512SUMS.txt

Then, to verify the iso itself, you need to use sha512sum:

  sha512sum --ignore-missing -c SHA512SUMS.txt

Note that all three files -- the *iso, the SHA512 checksums, and the GPG
signature -- need to be in the same directory for this to work.


HTH :)

-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: Replacing a Motherboard and CPU

2023-06-06 Thread Dan Purgert 
On Jun 06, 2023, Mick Ab wrote:
> If I replace a motherboard in a desktop PC with a motherboard of the same
> model and manufacturer, do I need to do anything apart from reconnecting
> everything and possibly updating the BIOS ?

Might need to update / reinstall GRUB, thanks to secureboot / MOK keys.

> 
> If, at the same time as replacing the motherboard,  i also replace the CPU
> with a CPU of the same model and manufacturer, do I need to do anything
> apart from reconnecting everything and possibly updating the BIOS ?

CPU won't need anything special.

-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: netmask question

2023-05-23 Thread Dan Purgert 
On May 23, 2023, debian-u...@howorth.org.uk wrote:
> Dan Purgert  wrote:
> > On May 22, 2023, gene heskett wrote:
> > > I don't see it, 255 is all 8 bits set, 256 is all 8 bits cleared
> > > and carry set.  
> > 
> > In "natural counting", 2^8 is 256.  (1, 2, 3, 4, ... , 256).
> 
> In any counting, 2^8 is 256. "2^8 is 256" is just a way of saying in
> English the same as the assertion "2^8 == 256" in a programming
> language. They are exactly the same statement. And they are true.
> That's all Tomas was saying.

I explicitly mentioned natural counting, since we don't order objects
from zero (e.g. objects on a table are counted as  "1,2,3,4,5", not
"0,1,2,3,4").  You still get 256 total values in binary counting, it's
just that the set of values is offset by a count of one from the
position where they fall in the set.  

That is, the value of "zero" is at the "first position" (likewise, the
value 255 is at the 256th position).
 
> And yes you need 9 bits in binary to say it.

You only need 9 bits if you want to display some (decimal) value that
would fit in the 257th - 512th position of a computer's zero-based
counting system (i.e. 256-511).

-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: netmask question

2023-05-22 Thread Dan Purgert 
On May 22, 2023, gene heskett wrote:
> On 5/22/23 15:04, to...@tuxteam.de wrote:
> > On Mon, May 22, 2023 at 12:16:09PM -0400, gene heskett wrote:
> > > On 5/22/23 03:32, Tim Woodall wrote:
> > > > On Mon, 22 May 2023, to...@tuxteam.de wrote:
> > > > 
> > > >    number; for (human) display it is subdivided into four 8 bit chunks
> > > > > (called "octets" for obvious reasons), and those octets only can
> > > > > go from 0 to 255 (since 2^8 == 255).
> > > > > 
> > > > Nit, but 2^8 is 256.
> > > > 
> > > > .
> > > The octets count from base 0 Tim.
> > 
> > That's right, but then they go 0 .. 2^8 - 1. 2^8 is still 256, Tim does
> > have a point there :-)
> > 
> I don't see it, 255 is all 8 bits set, 256 is all 8 bits cleared and carry
> set.

In "natural counting", 2^8 is 256.  (1, 2, 3, 4, ... , 256).

However, you're correct in that the 256 possible values for an 8-bit
number in computing are 0-255. (i.e. 0 to (2^8)-1)

-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: User is not in the sudoers file

2023-05-08 Thread Dan Purgert 
On May 08, 2023, Igor Korot wrote:
> Hi, ALL,
> Is there a reason for the default install
> I immediately get the error in the subj?

You likely created a root account during the initial setup.  Doing that
skips over adding the first user (created during install) to sudoers
(i.e. "the operator created root, the operator will 'su root' when they
want to be root").

As I recall, the installer asks if you want to create root, or use sudo.


-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: Verison IPv6 -- I want to stick with IPv4 (was Re: ipv6: static ipv6 address with dynamic network address possible?)

2022-08-11 Thread Dan Purgert 
On Aug 10, 2022, rhkra...@gmail.com wrote:
> On Wednesday, August 10, 2022 04:12:11 AM Curt wrote:
> > I never realized that local addresses were fundamentally identical in all
> > local networks because there weren't enough addresses in the first
> > place, and that NAT was essentially designed to palliate this shortage.
> 
> Yes, aiui, NAT was designed because of the address shortage, but ...
> 
> > I thought the latter was some sort of security measure.
> 
> at least in early versions of NAT (more below) it also provided some level of 
> security as it was designed to only forward incoming connections (to 
> computers 
> in a LAN) from "known" external computers.
> 
> I.e., if a computer on the LAN contacted a computer outside the LAN, NAT 
> would 
> allow incoming data from that external computer, but not allow incoming data 
> from other external computers.

That isn't (nor ever was) a "feature" of NAT, rather the firewall.

If there's a matching DNAT rule, the packet is destined for a PC using
an RFC1918 address; update the IP Address and check the resulting packet
against the FORWARD chain.

If there's not a matching DNAT rule, the packet is destined for the
machine acting as gateway; check the packet against the INPUT chain.


-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: Need working repo for Deb7 - wheezy

2022-08-05 Thread Dan Purgert 
On Aug 05, 2022, Karthik Jeyabalan wrote:
> Team Debian,
> 
> We have few machines running EOL Debian 7- Wheezy and tried to connect
> deb repo by using below in sources.list, but they are not working. Can
> you please help to provide the working repo.

As far as I am aware, the repos are pulled down when the release
lifecycle ends (this was 2018 for Wheezy).


-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: SSH resources, specifically on certificates (certificate authentication)

2022-07-13 Thread Dan Purgert 
On Jul 13, 2022, David Wright wrote:
> On Wed 13 Jul 2022 at 18:40:18 (-0400), Dan Purgert wrote:
> > On Jul 13, 2022, rhkra...@gmail.com wrote:
> > > I seem to have gone down a rabbit hole.
> > > 
> > > I want(ed?) to set up ssh on my LAN using certificate authentication, and 
> > > am 
> > > having a lot of trouble finding the information I need / would like to 
> > > have.
> > 
> > Which is what, exactly?  Other than the "active mailing list" you
> > mentioned in a snipped segment.
> > 
> > SSH with cert-auth is pretty trivial to implement on most distros:
> > 
> > 1. install openssh-server (if not already installed) on SERVER (the
> > machine you will connect to)
> > 2. on the CLIENT (machine you will connect from), run ssh-keygen to
> > generate a new ssh keypair.  For example --  ssh-keygen -t ed25519 -f
> > keyfile -- will generate a new ED25519-based keypair ("keyfile" and
> > "keyfile.pub").
> > 3. copy the content of keyfile.pub to $HOME/.ssh/authorized_keys on the
> > SERVER machine
> > 4. try logging into SERVER with your key (e.g. ssh -i keyfile
> > user@SERVER) 
> > 
> > For "best security" repeat steps 2-4 on all CLIENT machines to create
> > individual client keys -- just make sure to APPEND to authorized_keys.
> 
> That's what I do, but that's /key/ authentication, not cert.
> (Search for "certificate" in   man ssh-keygen   to see what's
> involved with certificates.) I'm afraid I'm not up to speed
> on that topic.

*sigh* indeed, I crossed my thinking. :(

Should be basically the same -- at least the manpages for ssh and
ssh-keygen cover it pretty well...

 ssh-keygen -s /path/to/ca -I keyid /peth/to/user_public

sshd apparently needs a "cert-authority" parameter set at start-time, so
that it knows the signing CA for the certs, and then you (apparently)
configure authorized_keys in the same manner.  

I've never seen this implemented in any place I've worked in
the last 2 decades (granted, I "only" have said 2 decades of
"professional" experience); rather they've always used either (a) keys,
or (b) password + RSA Token (or other 2FA / TOTP mechanism)

-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: SSH resources, specifically on certificates (certificate authentication)

2022-07-13 Thread Dan Purgert 
On Jul 13, 2022, rhkra...@gmail.com wrote:
> I seem to have gone down a rabbit hole.
> 
> I want(ed?) to set up ssh on my LAN using certificate authentication, and am 
> having a lot of trouble finding the information I need / would like to have.

Which is what, exactly?  Other than the "active mailing list" you
mentioned in a snipped segment.

SSH with cert-auth is pretty trivial to implement on most distros:

1. install openssh-server (if not already installed) on SERVER (the
machine you will connect to)
2. on the CLIENT (machine you will connect from), run ssh-keygen to
generate a new ssh keypair.  For example --  ssh-keygen -t ed25519 -f
keyfile -- will generate a new ED25519-based keypair ("keyfile" and
"keyfile.pub").
3. copy the content of keyfile.pub to $HOME/.ssh/authorized_keys on the
SERVER machine
4. try logging into SERVER with your key (e.g. ssh -i keyfile
user@SERVER) 

For "best security" repeat steps 2-4 on all CLIENT machines to create
individual client keys -- just make sure to APPEND to authorized_keys.


-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: Dependency bug demonstrated???? - was [Re: Problems with custom install of MATE]

2022-03-08 Thread Dan Purgert 
On Mar 08, 2022, Stefan Monnier wrote:
> > Before I retired I spent decades in customer and engineering support.
> > Became familiar clashing desires and corner cases.
> > I wasn't looking at X needing a DM, but rather that if the DE {MATE in my
> > case} was going to be useful it had to start [preferably automatically].
> 
> But you don't need a DM to start a session running MATE.
> [ You don't even need an X server installed, actually, since you could
>   be running the whole DE remotely, tho I don't know how well this
>   works nowadays.  ]

Not very well, unfortunately.  Used to use remote X servers all the
time.

It's passable for smaller applications, but there's a noticeable lag on
inputs.

-- 
|_|O|_|
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860


signature.asc
Description: PGP signature

Re: [OT] Remote SSH (dynamic IP) without third-party server

2020-08-01 Thread Dan Purgert 
On Aug 01, 2020, deloptes wrote:
> David Christensen wrote:
> 
> > I have residential VDSL service from AT  Fortunately, AT does not
> > block port 22, AT assigned an IPv4 address for my WAN connection, and
> > the address has never changed.
> 
> The OP is asking about dynamic IP, no?

Technically AT does use DHCP for their customers.  They just don't
force changes often.  In my case, I've had the IP change all of "once",
and that was after a several day long power cut (severe weather).

Most people will "probably" experience the same with their ISP (although
every ISP does operate differently).  In the past, when I had an ISP
that changed more frequently; I just used a dynamic DNS service to deal
with the changes.

-- 
|_|O|_| Github: https://github.com/dpurgert
|_|_|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860
|O|O|O| Former PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: Remote terminal: xterm -e ssh vs. ssh xterm

2020-04-28 Thread Dan Purgert 
On Apr 28, 2020, Steve Keller wrote:
> What are best practices to create a remote terminal?  I see to ways:
> Create a local terminal emulator and run ssh to the remote host in
> that or call ssh to run the terminal emulator on the remote host,
> i.e.
> 
> xterm -e ssh -X   or  ssh -X  xterm -ls
> 
> What are pros and cons?  I see one: The latter will produce more
> overhead as it runs the X11 protocol through the ssh tunnel.

I must be missing something key - what's wrong with "ssh user@host" ?

-- 
|_|O|_| Github: https://github.com/dpurgert
|_|_|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860
|O|O|O| Former PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: Jitsi (was Re: Please help me find a good Debian compatible video card).

2020-04-27 Thread Dan Purgert 
On Apr 27, 2020, Dan Ritter wrote:
> [...]
> If I recall correctly, all that's needed is a SIP account with a
> PSTN bridge company, so you might find that voip.ms or 8x8 or
> any number of other companies might fill that need for a
> reasonable price.

That might be exactly what I was looking for -- all my (admittedly very
few) DDG searches picked up *business* style providers -- so $40 or $50
to get started, then $49.95 / month for 5 lines and blahblah (if paid
for a year in advance) that probably make a ton of sense for an office;
but not so much for a guy goofing around for 3-6 months tops.

Thanks for the suggestions!

-- 
|_|O|_| Github: https://github.com/dpurgert
|_|_|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860
|O|O|O| Former PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: Jitsi (was Re: Please help me find a good Debian compatible video card).

2020-04-27 Thread Dan Purgert 
On Apr 27, 2020, Nicolas George wrote:
> Dan Purgert (12020-04-27):
> > I tried it locally (with a LOCAL instance running) and it worked quite
> > nicely for half a dozen PCs / laptops around the house.
> 
> Oh, interesting.
> 
> Have you found a good set of instructions to set it up on a Debian?
> People I know have been looking for and did not find.

Just followed the quickstart guide on their github page.  Basically it
was these handful of steps:

1. added the repo -- deb https://download.jitsi.org stable/
2. added the jitsi signing key -- EF8B479E2DC1389C
3. apt-get update && apt-get install jitsi-meet 
4. whacked the config file because the STUN service didn't behave
properly for jitsi-videobridge or one of the other components.
5. followed the security things (dole out username & password for
meeting creation -- anyone can technically spin one up, but they're
stuck in a waiting room til I open it).

NOTE -- I'm running it on Buster.

-- 
|_|O|_| Github: https://github.com/dpurgert
|_|_|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860
|O|O|O| Former PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: Jitsi (was Re: Please help me find a good Debian compatible video card).

2020-04-27 Thread Dan Purgert 
On Apr 25, 2020, Kenneth Parker wrote:
> I couldn't help noticing your .sig reference to Jitsi.  There were threads
> about it, as a good replacement for Zoom.  Also, there is a strong need in
> another online community that I belong to.
> 
> How is your experience with a "room" with, say about 10 people in it with
> some using Video, but others preferring Audio only?

I tried it locally (with a LOCAL instance running) and it worked quite
nicely for half a dozen PCs / laptops around the house.  The only thing
I happen to be missing is the PSTN bridge ... but I haven't found one
that's stupid expensive (for an individual) to get started.

But wifey and family settled on Zoom before all the issues started
cropping up, and getting the "not techy" people to move would be far too
painful (read: wife doesn't even want to ask if they wanna try).


-- 
|_|O|_| Github: https://github.com/dpurgert
|_|_|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860
|O|O|O| Former PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: Kind reminder: please don't reply to and/or quote spam, ever

2020-04-21 Thread Dan Purgert 
On Apr 20, 2020, Russell L. Harris wrote:
> [...] 
> Neo-mutt documentation led me to believe that there is a "b" command
> (or something of the sort) for BOUNCE; but I did not find it, perhaps
> because I use the "Classic Dvorak" keymap.  I then discovered that
> commands not tied to a key can be executed with ":exec ".

Dvorak shouldn't make a difference here.  I tend to oops the 'bounce'
when reading messages; as I'm used to slrn's use of 'b' acting as 'page
up' in the reading pane.

It may also be available in the mailbox / message listing.

-- 
|_|O|_| Github: https://github.com/dpurgert
|_|_|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860
|O|O|O| Former PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: Debian is testing Discourse

2020-04-14 Thread Dan Purgert 
On Apr 14, 2020, Brad Rogers wrote:
> On Tue, 14 Apr 2020 08:21:14 -0400
> Dan Purgert  wrote:
> 
> Hello Dan,
> 
> >Mine actually says "tested only in Lynx, if it doesn't look right in
> >your preferred CLI browser, let me know" :)
> 
> Which is fine.  It differs from "Works best in" because you state
> you're prepared to do things to improve your site for the general good.
> The "works best in..." brigade are saying "We won't change anything,
> even if it is broken".

Yep, I can understand the difference of thinking there.  I used to be
part of the "works best in" brigade; but I was also still in university
(albeit, I always had "works best in FF").  I've since learned a thing
or two (whether or not it was the CORRECT thing or two has yet to be
seen :) ).


-- 
|_|O|_| Github: https://github.com/dpurgert
|_|_|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860
|O|O|O| Former PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: Debian is testing Discourse

2020-04-14 Thread Dan Purgert 
On Apr 14, 2020, Brad Rogers wrote:
> On Tue, 14 Apr 2020 05:52:48 -0400
> Dan Purgert  wrote:
> 
> Hello Dan,
> 
> >"Works best with Internet Explorer" :D
> 
> That sort of statement on a web site is coming back.   :-(

Mine actually says "tested only in Lynx, if it doesn't look right in
your preferred CLI browser, let me know" :)

But then again, I'm writing static html ... so it should work entirely
cleanly.

-- 
|_|O|_| Github: https://github.com/dpurgert
|_|_|O| PGP: DDAB 23FB 19FA 7D85 1CC1  E067 6D65 70E5 4CE7 2860
|O|O|O| Former PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: Debian is testing Discourse

2020-04-14 Thread Dan Purgert 
On Apr 14, 2020, Andrei POPESCU wrote:
> On Ma, 14 apr 20, 08:19:50, Curt wrote:
> > On 2020-04-14, Andrei POPESCU  wrote:
> > >
> > > It doesn't matter much as nobody is proposing to replace debian-user
> > > with Discourse.
> > 
> > Nobody but Neil McGovern himself.
> > 
> > https://lists.debian.org/debian-project/2020/04/msg00074.html
> >  
> >  What about the mailing lists?
> >This may or may not be a replacement for any particular list.
> >  
> >  Be specific!
> >Ok... I think debian-user, debian-vote and possibly debian-project
> >would be better off in Discourse.
> > 
> > Obviously, as usual, confusion reigns supreme.
> 
> To me "may or may not be a replacemnt" and "would be better of" are very 
> far away from "I propose to replace X with Y".

It's language that gives the other party room to think that it was their
idea to replace X with Y the whole time.  Have to use it every day at
work with the suits.


-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: Debian is testing Discourse

2020-04-14 Thread Dan Purgert 
On Apr 13, 2020, John Hasler wrote:
> Kenneth Parker writes:
> > On a Laptop of mine, I have an old version of Firefox, with the
> > "NoScript" add-on.  I wonder how it would work there.
> 
> Works ok for a casual test.  I have no acount so I have no idea how it
> would work for posting, though.
> 
> "Works best with Javascript" could turn into "Requires Javascript"
> from one release to the next, though.

"Works best with Internet Explorer" :D

-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: Debian is testing Discourse

2020-04-13 Thread Dan Purgert 
On Apr 13, 2020, Sven Hartge wrote:
> Dan Purgert  wrote:
>> [...]
> > TS was basically *required* while in a big engagement though.  If you
> > weren't on TS, you weren't in the raid / fleet / whatever the game at
> > hand called it. 
> 
> I think the TS/Mumble vs. Forum comparison is flawed here, it was unwise
> of me to bring this to the table, because both serve completely
> different use-cases in most cases.

Honestly, you're not that far off the mark though -- for those groups
that didn't force TS/Mumble, those of us who would go between both as
necessary would see the divergence of the group into "the forum people"
and "the speech people".


-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: Debian is testing Discourse

2020-04-13 Thread Dan Purgert 
On Apr 13, 2020, Sven Hartge wrote:
> Dan Purgert  wrote:
> > On Apr 13, 2020, Sven Hartge wrote:
> 
> >> And I've also witnissed this in other contexts, be it in an
> >> Enterprise setup (where one group flocks to Confluence and the other
> >> stay in the mailinglist) or a MMO guild, where one group prefers to
> >> converse in Teamspeak and the other uses the forum.
> 
> > forum-only people are filthy casuals and should be shown the door :)
> 
> Well, no. In my experience it always depends on what medium was first.
> This one will have the most experienced users. Everything coming later
> will most likely having a harder time getting (fully) integrated.

I was specifically taking the reference of your guild / mmo context.  In
my case, we would always spin up both a forum and TS (or the experienced
were always on both). In fact, I think a forum account was more often
than not required in order to even get on TS in the first place.

TS was basically *required* while in a big engagement though.  If you
weren't on TS, you weren't in the raid / fleet / whatever the game at
hand called it. 

> 
> Again, in my experience, YMMV.
> 
> >> In all cases it lead to rifts and problems down the line.
> >> 
> >> As hard as it is, one should commit to *one* communications channel
> >> and only one, as to not create parallel "societies".
> 
> > In the groups I've been in, it was always that a formal discussion
> > (e.g.  a quarterly state-of-the group / planning session), if held on
> > teamspeak,  was recapped on the most permanent thing -- that is, the
> > forums/mailinglist/etc.
> 
> Different subject here. Sure, you want to have the meeting minutes and
> the decisions from the meeting somewhere to be referred to, be it a
> website, a forum, a mailinglist (which feeds into an archive, which is
> most times a website again).
> 
> But that comes *after* the fact, after the discussion and the decision
> has been made.
> 
> In your example, everyone not participating in the meeting in TS is cut
> off and only gets to read it in the minutes.

Well, TS or ingame chat or whatever "realtime medium" was used.  To be
fair though; it's been like 10 years since I've been heavily involved in
MMOs, and I'm probably forgetting a bit.  I seem to recall that the
discussions were more just a realtime review of a longer-standing (say a
week?) forum thread to hammer out the issues people raised over that
time; and a bit of "what're we gonna do to make the game fun again for
our people". 

> 
> There was no live TS-to-IRC/forum transcriber active at the meeting and
> nobody that read the IRC channel/forum back to the TS to get the other
> people involved directyly.
> 
> What I am saying here is that by having multiple channels of
> communication you naturally get different groups of people in them which
> tend to drift apart sooner or later, because each group isn't
> represented in the other media. And then you get the "forum casuals"
> against the "mailinglist greybeards" against the "IRC noobs" in the end.

I don't think anyone is disagreeing with that idea :)


-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: Debian is testing Discourse

2020-04-13 Thread Dan Purgert 
On Apr 13, 2020, Michael Howard wrote:
> On 13/04/2020 19:18, Sven Hartge wrote:
> > Michael Howard  wrote:
> > > On 13/04/2020 17:49, John Hasler wrote:
> > > > Michael Howard writes:
> > > > > In your opinion. Total rubbish in my opinion. Far better to have
> > > > > more channels open than just one where possible.
> > > > Not when the channels connect to different pools.
> > > Sorry, which different pools are you refering to?
> > Different pools of people.
> 
> Ah, Us & Them, of course.

Not necessarily.  More like that communication tends to fall apart when
there are multiple methods of communication.

Take this entirely anecdotal situation that happened to us this year:

 - most of the family is on facebook / email, so sent them an electronic
   invitation to a Christmas party

 - one aunt doesnt, so we mailed out a card.

Got told after Thanksgiving that aunt felt left out as people were
talking about it over that holiday (our party is early / mid-december;
well before "office parties" and the like). Called her up, and it turned
out she never got the invitation.


-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: Debian is testing Discourse

2020-04-13 Thread Dan Purgert 
On Apr 13, 2020, Curt wrote:
> On 2020-04-13, Sven Hartge  wrote:
> >> Sorry, which different pools are you refering to?
> >
> > Different pools of people.
> 
> There could be a channel to connect the pools. Then people could row
> from one to the other.

Unfortunately, that rarely seems to happen.  People get comfortable in
their little sub-section of the internet, and they don't tend to venture
away from it; often forgetting that there is another group discussing
exactly the same thing(s) in a different venue

-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: Debian is testing Discourse

2020-04-13 Thread Dan Purgert 
On Apr 13, 2020, Sven Hartge wrote:
> Nate Bargmann  wrote:
> 
> [...]
> And I've also witnissed this in other contexts, be it in an Enterprise
> setup (where one group flocks to Confluence and the other stay in the
> mailinglist) or a MMO guild, where one group prefers to converse in
> Teamspeak and the other uses the forum.

forum-only people are filthy casuals and should be shown the door :)

> 
> In all cases it lead to rifts and problems down the line.
> 
> As hard as it is, one should commit to *one* communications channel and
> only one, as to not create parallel "societies".

In the groups I've been in, it was always that a formal discussion (e.g.
a quarterly state-of-the group / planning session), if held on
teamspeak,  was recapped on the most permanent thing -- that is, the
forums/mailinglist/etc.

-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: Moderation (not!) [was: Debian is testing Discourse]

2020-04-13 Thread Dan Purgert 
On Apr 13, 2020, John Hasler wrote:
> Brad writes:
> > Most web forums don't have email capability though.  Only discourse
> > and groups.io that I know of have it.
> 
> Though described as a mailing list manager Sympa has a full Web
> interface that might satisfy email-phobic millennials.

Thank Cthulhu I'm not email-phobic :)

I imagine few others who "really want to help out" are either; just that
they have to be guided.

-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: Moderation (not!) [was: Debian is testing Discourse]

2020-04-13 Thread Dan Purgert 
On Apr 13, 2020, to...@tuxteam.de wrote:
> On Mon, Apr 13, 2020 at 08:23:40AM -, Curt wrote:
> > On 2020-04-13,   wrote:
> > >
> > > It is as easy to moderate a mailing list as it is a platform la
> > > discourse. So this isn't a criterion to decide between both.
> > 
> > It is, on the contrary, the *primary* criterion for the proposed change
> > as given by the primary proponent of the change:
> > 
> >  Why are you doing this?
> >  I have two motivations. First, is moderation. Discourse has built in
> >  tools to allow community moderation on a much better scale than our
> >  email lists.
> 
> This one is surprising to me. Why should community moderation be
> easier for discourse?

Probably because it follows the "benevolent dictator" style moderation
similar to web fora / IRC as opposed to the "you're (generally)
responsible for your own moderation" style that is prevalent in Usenet
and mailing lists.

> 
> But I'm just a dumb C programmer :-)

I prefer C over C-post-increment myself :)  (not that I'm any good at
it).



-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: Debian is testing Discourse

2020-04-13 Thread Dan Purgert 
On Apr 13, 2020, Keith Bainbridge wrote:
>  [...]
> If the interface is as good as google mail in browser, I won't last long;
> maybe 2 minutes.

It makes gmail look good.

-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: Anti-malware for my personal Debian workstation?

2020-04-12 Thread Dan Purgert 
On Apr 12, 2020, to...@tuxteam.de wrote:
> [...]
> No, I think the only (small) edge free operating systems have over
> the rest of the pack is that, on average, their users tend to be
> more curious (and, as a result, educated).

Don't forget "distrustful of the 'this is way better for you than
$unmodern way!!!" shtick that many (all) of those web-based tools try
using to get users locked in.


-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: Debian is testing Discourse

2020-04-12 Thread Dan Purgert 
On Apr 12, 2020, Eike Lantzsch wrote:
> On Sunday, 12 April 2020 09:21:42 -04 Andrei POPESCU wrote:
> > On Du, 12 apr 20, 11:10:22, to...@tuxteam.de wrote:
> > > I know I will be out here.
> >
> > I seriously doubt this (or any) mailing list will be shut down as long
> > as there is significant activity (spam and off-topic doesn't count).
> >
> > Kind regards,
> > Andrei
> debian-user is still available on usenet, although kiddies nowadays
> seem to not know about it. So there might  be hope still.

It is (was) hosted through a usenet / list portal (IIRC, gmane?).  I
used it for years so I could get everything through slrn; but I started
having problems, so went "back" to just email.


-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: Small Open Source Digital Classroom

2020-04-05 Thread Dan Purgert 
On Apr 05, 2020, Celejar wrote:
> On Sun, 5 Apr 2020 07:18:04 -0400
> Dan Purgert  wrote:
>> On Apr 05, 2020, Celejar wrote:
>>> Well, you don't name your ISPs, but I'm pretty sure the big ones
>>> generally forbid running servers (for anything beyond "personal" use) on
>>> residential connections. E.g.:
>> 
>> Oops, must have pulled them out on accident.
>> 
>> Old-old -> cox
> 
> Cox's current AUP explicitly forbids servers (at least without "express
> authorization"):

Yeah, it was 10ish years ago that I had them.  I recall having to call
and ask for ports 80 and 25 to be opened.  Similar conversation I had
with AT 
  
  CS -> "You acknowledge you're responsible, and if you're spamming,
you're in for a world of hurt?"
  Me -> "Yep!"
  CS -> "Okay, just give me a minute here ... (hold music) ... 
you're all set!"

>> Old -> Time Warner (now Spectrum; good thing I got off before their AUP
>> went insane)
>> Current -> AT (although i did have to call their tech support to open
>> port 25, and authorize "if I run an open relay, I'm the one at fault"
> 
> Yes, ISTR running into this on the homelab reddit, that AT is one of
> the few major ISPs to allow servers on residential connections. In
> their AUP, they prettly clearly only forbid them on dial-up accounts:
> 
> https://www.att.com/legal/terms.aup.html

Yeah, with AT, it's basically "you'll only get a static IP with a biz
account ... ".  Their service is good, but the corporate methodology is
stupid.

L1 techs can't do anything, and if it's outside their area of expertise,
it basically goes to a service call (which may run you a fee ...
although the only time I've had to really call out for a tech was a dead
ONT -- so free, because it's their kit).

-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: Small Open Source Digital Classroom

2020-04-05 Thread Dan Purgert 
On Apr 05, 2020, Celejar wrote:
> On Fri, 3 Apr 2020 21:11:33 -0400
> Dan Purgert  wrote:
> 
> > On Apr 03, 2020, Celejar wrote:
> > > On Fri, 3 Apr 2020 12:46:00 -0400
> > > Dan Purgert  wrote:
> > > 
> > > > On Apr 03, 2020, Celejar wrote:
> > > > >  [...]
> > > > > Fair enough - but has anyone looked into, say, Jitsi Meet's default
> > > > > settings? Do they block non-hosts from screen sharing?
> > > > 
> > > > IIRC, jit.si (their web-client) defaults to needing a passphrase to even
> > > > get in.  But I only ever took a cursory glance before "everyone(tm)"
> > > > decided to use Zoom (i.e. good luck to me ever getting teh missus, etc.
> > > > off that platform).
> > > 
> > > I did a quick test run at their hosted instance, at meet.jit.si I
> > > created a meeting (using one of their generated semi-random phrases for
> > > the URL / ID) on one computer, and then logged on to the same url from
> > > another computer. No passphrase was required, which is apparently the
> > > same as what Zoom was doing.
> > 
> > Oh, right - You have to click the "Add Password" button in the big popup
> > that shows the dial-in information.  It's pretty prominent on the
> > screen, and you kind of have to make an effort to get rid of it (or at
> > least I did - there wasn't much contrast between the 'x' and the rest of
> > that popup).
> > 
> > > 
> > > > On the other hand, I think some of what Jitsi has going for it is that
> > > > it's somewhat decentralized -- if "my" server's settings are daft, it's
> > > > *my* problem, not Jitsi's (same for any other service I run myself).
> > > 
> > > Exactly - your hardware, your network. Under your control, but you need
> > > to bring the bandwidth and horsepower. I'm a little skeptical as to how
> > > well it would perform over my home internet connection (besides for the
> > > fact that it would certainly violate the TOS of pretty much any
> > > residential ISP service).
> > 
> > It actually doesn't violate any ToS here (least not my ISP, and the
> > previous two that I've had).  Granted the previous ones (DSL and low-end
> > cable) wouldn't have been able to host it.  
> > 
> > Current ISP is FTTH, so I've got bandwidth to spare.
> 
> Well, you don't name your ISPs, but I'm pretty sure the big ones
> generally forbid running servers (for anything beyond "personal" use) on
> residential connections. E.g.:

Oops, must have pulled them out on accident.

Old-old -> cox
Old -> Time Warner (now Spectrum; good thing I got off before their AUP
went insane)
Current -> AT (although i did have to call their tech support to open
port 25, and authorize "if I run an open relay, I'm the one at fault"


-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: Small Open Source Digital Classroom

2020-04-03 Thread Dan Purgert 
On Apr 03, 2020, Celejar wrote:
> On Fri, 3 Apr 2020 12:46:00 -0400
> Dan Purgert  wrote:
> 
> > On Apr 03, 2020, Celejar wrote:
> > >  [...]
> > > Fair enough - but has anyone looked into, say, Jitsi Meet's default
> > > settings? Do they block non-hosts from screen sharing?
> > 
> > IIRC, jit.si (their web-client) defaults to needing a passphrase to even
> > get in.  But I only ever took a cursory glance before "everyone(tm)"
> > decided to use Zoom (i.e. good luck to me ever getting teh missus, etc.
> > off that platform).
> 
> I did a quick test run at their hosted instance, at meet.jit.si I
> created a meeting (using one of their generated semi-random phrases for
> the URL / ID) on one computer, and then logged on to the same url from
> another computer. No passphrase was required, which is apparently the
> same as what Zoom was doing.

Oh, right - You have to click the "Add Password" button in the big popup
that shows the dial-in information.  It's pretty prominent on the
screen, and you kind of have to make an effort to get rid of it (or at
least I did - there wasn't much contrast between the 'x' and the rest of
that popup).

> 
> > On the other hand, I think some of what Jitsi has going for it is that
> > it's somewhat decentralized -- if "my" server's settings are daft, it's
> > *my* problem, not Jitsi's (same for any other service I run myself).
> 
> Exactly - your hardware, your network. Under your control, but you need
> to bring the bandwidth and horsepower. I'm a little skeptical as to how
> well it would perform over my home internet connection (besides for the
> fact that it would certainly violate the TOS of pretty much any
> residential ISP service).

It actually doesn't violate any ToS here (least not my ISP, and the
previous two that I've had).  Granted the previous ones (DSL and low-end
cable) wouldn't have been able to host it.  

Current ISP is FTTH, so I've got bandwidth to spare.


-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: Small Open Source Digital Classroom

2020-04-03 Thread Dan Purgert 
On Apr 03, 2020, Celejar wrote:
>  [...]
> Fair enough - but has anyone looked into, say, Jitsi Meet's default
> settings? Do they block non-hosts from screen sharing?

IIRC, jit.si (their web-client) defaults to needing a passphrase to even
get in.  But I only ever took a cursory glance before "everyone(tm)"
decided to use Zoom (i.e. good luck to me ever getting teh missus, etc.
off that platform).

On the other hand, I think some of what Jitsi has going for it is that
it's somewhat decentralized -- if "my" server's settings are daft, it's
*my* problem, not Jitsi's (same for any other service I run myself).


-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: I Miss ckermit in Buster.

2020-04-03 Thread Dan Purgert 
On Apr 03, 2020, Martin McCormick wrote:
> John Hasler  writes:
>  > look at screen.
> 
>   I use screen all the time and maybe I am missing
> something but what you get with screen is a new shell in each
> window, very useful but nothing to do with RS-232 ports.

Maybe something like Minicom then? Well, if you can't find ckermit.

-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: HTML mail + PDF attachments

2020-03-27 Thread Dan Purgert 
On Mar 27, 2020, Dan Purgert wrote:
> On Mar 27, 2020, Andrei POPESCU wrote:
> > On Jo, 26 mar 20, 18:41:10, Reco wrote:
> > > On Thu, Mar 26, 2020 at 08:53:35AM +, Russell L. Harris wrote:
> > > > 
> > > > I understand.  But some of the stuff I receive does not work as
> > > > expected.  What do I do with the following PDF:
> > > > 
> > > >=?utf-8?B?QkhfODU0MDk2MjMwLnBkZg==?=
> > > 
> > > Read muttrc(5), insert "rfc2047_parameters=true" in your .muttrc.
> > 
> > Nice one, added. Wondering why it's not the default though...
> 
> Hmm, I must have an old version of Mutt (not surprising ...); I needed
> to use "rfc2047_parameters=yes". 

Scratch that, I tacked on 'set' to the beginning, which requires the
'yes/no' syntax.



-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: HTML mail + PDF attachments

2020-03-27 Thread Dan Purgert 
On Mar 27, 2020, Andrei POPESCU wrote:
> On Jo, 26 mar 20, 18:41:10, Reco wrote:
> > On Thu, Mar 26, 2020 at 08:53:35AM +, Russell L. Harris wrote:
> > > 
> > > I understand.  But some of the stuff I receive does not work as
> > > expected.  What do I do with the following PDF:
> > > 
> > >=?utf-8?B?QkhfODU0MDk2MjMwLnBkZg==?=
> > 
> > Read muttrc(5), insert "rfc2047_parameters=true" in your .muttrc.
> 
> Nice one, added. Wondering why it's not the default though...

Hmm, I must have an old version of Mutt (not surprising ...); I needed
to use "rfc2047_parameters=yes". 



-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: HTML mail + PDF attachments

2020-03-26 Thread Dan Purgert 
On Mar 26, 2020, Tixy wrote:
> On Thu, 2020-03-26 at 07:38 -0400, Dan Purgert wrote:
> > As you said, the correct approach would be utilizing IMAP -- however,
> > whether or not there is IMAP access is entirely dependent on the
> > server's configuration.  Offhand I don't know of any that _only_
> > support
> > POP3 these days; but there's always the chance of that.
> 
> I just check my old ISP who I still pay for using the old email address
> I had with them, and their FAQ says, POP only, no IMAP.

Guess I'm lucky then - have never tied myself to an ISP's email address
for anything beyond what they required me to (e.g. logging into their
service to pay the bill).

-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: HTML mail + PDF attachments

2020-03-26 Thread Dan Purgert 
On Mar 26, 2020, Dan Purgert wrote:
> On Mar 26, 2020, Russell L. Harris wrote:
> > On Thu, Mar 26, 2020 at 10:24:38AM +0200, Andrei POPESCU wrote:
> > > Opening pdfs in a reader is trivial with mutt. Just press 'v' and then
> > > 'Return' on the pdf attachment. It should be opened in your default pdf
> > > viewer. This should work also for 'html' parts to be opened in your
> > > default browser.
> > 
> > I understand.  But some of the stuff I receive does not work as
> > expected.  What do I do with the following PDF:
> > 
> >=?utf-8?B?QkhfODU0MDk2MjMwLnBkZg==?=
> 
> delete it.

I misinterpreted that as the actual filename received (a la "your
package is ready!" type spam), and not encoding of the filename crammed
somewhere into the body of the message.


-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: HTML mail + PDF attachments

2020-03-26 Thread Dan Purgert 
On Mar 26, 2020, Russell L. Harris wrote:
> On Thu, Mar 26, 2020 at 10:24:38AM +0200, Andrei POPESCU wrote:
> > Opening pdfs in a reader is trivial with mutt. Just press 'v' and then
> > 'Return' on the pdf attachment. It should be opened in your default pdf
> > viewer. This should work also for 'html' parts to be opened in your
> > default browser.
> 
> I understand.  But some of the stuff I receive does not work as
> expected.  What do I do with the following PDF:
> 
>=?utf-8?B?QkhfODU0MDk2MjMwLnBkZg==?=

delete it.


-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: HTML mail + PDF attachments

2020-03-26 Thread Dan Purgert 
On Mar 26, 2020, Andrei POPESCU wrote:
> [...]
> URLs: install urlview and press Ctrl-b to select the url you want (will 
> be passed to your default browser)

Nice to know! Something new for the toolbox!



-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: HTML mail + PDF attachments

2020-03-26 Thread Dan Purgert 
On Mar 25, 2020, David Christensen wrote:
> On 2020-03-25 20:03, Russell L. Harris wrote:
> > At the moment I am running neo-mutt on Debian 9.  Once or twice a day
> > I receive a HTML message, typically with a PDF file as an attachment.
> > Picking out and viewing the links and attachments always is a hassle,
> > and sometimes is rather difficult.
> > 
> > Rather than hassle with mutt, I hoped to install an auxiliary mail
> > client with GUI (such as Thunderbird) with which I could open such
> > messages, view the links, and print the attachments.
> > 
> > But Thunderbird is demanding the URLs of POP and SMPT servers, and I
> > do not wish to allow Thunderbird to mess around with my mail, other
> > than viewing specific messages.
> > 
> > One approach would be to get a mail account strictly for this purpose,
> > and set up a complete Thunderbird mail system using that account.
> > 
> > But is there a better solution?
> > 
> > RLH
> 
> If you configure all your e-mail clients to leave the messages on the
> server, you should be able to access the same e-mail server account from
> multiple clients.  Current clients using IMAP seem to work this way
> (Thunderbird, Apple Mail).
> 
> 
> When I used POP (POP3?) clients in the past (Outlook Express, Outlook,
> Thunderbird), the clients defaulted to downloading and removing messages
> from the server.  I don't know if that was part of POP or a setting in the
> client.  If the latter, you might be able to tune your POP clients to
> leave the messages on the server.  This would enable access from
> multiple clients.

It is a property of POP itself. It's exactly like a post office (well,
more specifically, a PO box) -- once you've removed your letters from
the post office, they don't have a copy anymore.  And, as I understand
it, kind of the reason for it being named "Post Office Protocol".

As you said, the correct approach would be utilizing IMAP -- however,
whether or not there is IMAP access is entirely dependent on the
server's configuration.  Offhand I don't know of any that _only_ support
POP3 these days; but there's always the chance of that.


-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: how to keep 2 PCs partially in sync

2020-03-25 Thread Dan Purgert 
On Mar 25, 2020, Joe wrote:
> On Tue, 24 Mar 2020 23:50:00 +0100
> deloptes  wrote:
> 
> > Patrick Scribus wrote:
> > 
> > > What do you guys
> > > use for similar tasks?  
> > 
> > I guess from share to a cloud.
> > 
> > I spent a lot of time in phone sync via bluetooth (calendar,
> > contacts, todos and notes).
> > 
> > The PC does not have any data on it - there is a share. From outside
> > - VPN to the share.
> > 
> > Keep your data at a central place. If you must edit documents from
> > different devices - perhaps a kind of cloud solution is preferable.
> > 
> > 
> 
> Until your phone line goes down for a week, as mine did a few years
> ago. I had a mobile dongle for simple things, but it was unreliable and
> slow, and completely unusable for any kind of backup of more than a MB
> or so, or for actually working through.

I don't think he meant to imply using external-to-you "cloud" providers
(gdrive, dropbox), but rather creating his own personal "cloud". 

Be it something pretty -- Nextcloud, for example -- or something
utilitarian (a central NFS or SSHFS server holding all the data).
> 
> Or you find yourself occasionally working (as I do now) in a 'managed'
> office, which provides a (slow again) access to a 192.168.x.0/24 with
> a single outside world connection shared with the rest of the building.
> My client there does not push enough through the net to be worth paying
> for his own separate connection. And no, I don't have these problems
> often enough for it to be worth me paying for a fast mobile connection.

I've used Nextcloud in these situations, it's actually pretty good with
slower connections.  Since everything is a (machine-)local copy, in
addition to being stored centrally; something I work on "here(tm)" gets
updated "everywhere" shortly after I've saved the document.

I've only really ever run into problems with it when there was a
godawful slow connection with a machine that'd been offline for 2 weeks
while I was on vacation (and I forgot to spin it up at home before
heading out)

-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: question related to #953223

2020-03-07 Thread Dan Purgert 
On Mar 07, 2020, Curt wrote:
> [...]
> Maybe the bug reporter had both fuse and fuse3 installed simultaneously,
> at which point he purged one or the other. Both packages provide an
> /etc/fuse.conf file.

Ah, two packages sharing the same config file is the bit that escaped
me.  Thanks for pointing that out.

-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: question related to #953223

2020-03-07 Thread Dan Purgert 
On Mar 07, 2020, to...@tuxteam.de wrote:
> On Sat, Mar 07, 2020 at 11:09:26AM +0100, Patrice Duroux wrote:
>> Hi,
>> 
>> I am facing the same situation as reported in the issue here:
>> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=953223
> 
> I must admit I don't quite understand the bug report itself: isn't
> "purge" supposed to remove the conffiles?
> 
> I was under the (perhaps wrong?) impression that "remove" leaves the
> conffiles alone and "purge" removes them.

Your understanding is correct, at least according to the manual:

   remove
   remove is identical to install except that packages are
   removed instead of installed. Note that removing a package
   leaves its configuration files on the system. 

   purge
   purge is identical to remove except that packages are removed
   and purged (any configuration files are deleted too).


-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: This is weird: I can ssh into a box, but I can't access it directly

2020-02-27 Thread Dan Purgert 
On Feb 27, 2020, Greg Wooledge wrote:
> On Thu, Feb 27, 2020 at 01:47:10PM -0500, Dan Purgert wrote:
> > Interesting that "root from SSH" would behave differently than "local
> > root".  That's news to me.
> 
> Well, they run different programs, and read different config files.
> A console login uses getty + login, and reads /etc/pam.d/login.  An
> ssh login uses sshd, and reads /etc/pam.d/sshd.

Thanks for the clarity.  I suppose I have to bump up console vs. ssh
logins higher on the list of "everything I need to learn about Linux"

-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: This is weird: I can ssh into a box, but I can't access it directly

2020-02-27 Thread Dan Purgert 
On Feb 27, 2020, James H. H. Lampert wrote:
> On 2/26/20 8:52 AM, Dan Purgert wrote:
> > Are you ssh'ing in as root?  If not, is your user's $HOME on the
> > machine's failing disk, or another (remote?) drive?
> 
> and I replied (off-List, and *not* intentionally so):
> > Yes. As root.

Interesting that "root from SSH" would behave differently than "local
root".  That's news to me.

> [...]
> It's clearly toast. So I did a hard shutdown (and disconnected the power,
> for good measure.

Sounds like it won't be giving you any trouble for a few days (until if
you're like me, you see it unplugged and wonder why that is and ...)

-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: scp overwriting precaution?

2020-02-27 Thread Dan Purgert 
On Feb 26, 2020, Greg Marks wrote:
> When using scp to copy files from my server to my laptop (both running
> Debian 10 and both with the same directory tree), I like to back up
> the files in case I discover that I've overwritten a newer version of
> a file with an older version.  (I seem to make this mistake about once
> or twice a year.)  To this end, on my laptop I've defined the following
> "get from server" function:

Unfortunately, I don't know of a way to "intercept" a scp request in the
manner you've described (uploading to a remote host).  But it kind of
sounds like you're trying to use the wrong tool.

Perhaps you may find rsync to be more accommodating of your situation;
although admittedly I don't know if it can entirely protect you from
this either.

Only other thing off the top of my head would be git or svn or similar.

-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: This is weird: I can ssh into a box, but I can't access it directly

2020-02-26 Thread Dan Purgert 
On Feb 26, 2020, James H. H. Lampert wrote:
> One of our Linux boxes is behaving oddly. If I ssh into it, I can connect
> easily, and I get:
> [...]
> 
> But if I go into the server cage, and punch it up on the KVM switch,
> and try to sign on as root, I get:

Are you ssh'ing in as root?  If not, is your user's $HOME on the
machine's failing disk, or another (remote?) drive?

-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: Looking for an inventory software which is free software and not IT-centric

2020-02-19 Thread Dan Purgert 
On Feb 19, 2020, elvis wrote:
> 
> On 19/2/20 12:31 pm, Dan Purgert wrote:
>> On Feb 19, 2020, Linux-Fan wrote:
>>> Hello fellow list members,
>>> 
>>> I am looking for a software of which I am sure it exists, but I fail
>>> to find online, thus asking if anybody might know such a thing? Of
>>> course, it is best if it is included on Debian, even better if in
>>> stable :) . If not, it should at least compile+run on it. I am looking
>>> for free software (as per DFSG) that does not depend on registration
>>> or proprietary servers.
>> I'm not entirely sure it'll tick all the boxes you need (in terms of
>> functionality); but what about "partkeepr"?  Details can be found at
>> their site https://partkeepr.org & the (GPL'd) source is at github
>> (https://github.com/partkeepr/PartKeepr).
> 
> Partkeeper looks awesome, almost makes me wish I had some inventory to
> manage.

Come on down the rabbit hole of "Arduino" -- you'll quickly have
"inventory" to manage. :)

I was in Linux-fan's shoes about 6 months back; the tool made things so
much easier to keep track of (now if only I would remember to use it
before going on a shopping spree at Mouser / Digikey!)

-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: Looking for an inventory software which is free software and not IT-centric

2020-02-18 Thread Dan Purgert 
On Feb 19, 2020, Linux-Fan wrote:
> Hello fellow list members,
> 
> I am looking for a software of which I am sure it exists, but I fail
> to find online, thus asking if anybody might know such a thing? Of
> course, it is best if it is included on Debian, even better if in
> stable :) . If not, it should at least compile+run on it. I am looking
> for free software (as per DFSG) that does not depend on registration
> or proprietary servers.

I'm not entirely sure it'll tick all the boxes you need (in terms of
functionality); but what about "partkeepr"?  Details can be found at
their site https://partkeepr.org & the (GPL'd) source is at github
(https://github.com/partkeepr/PartKeepr).

It's a "standard(tm)" LAMP-server web-application.  PHP runs the
frontend, talks to mysql/mariadb on the backend.  As I recall, the one I
have here is still running on oldstable's PHP 7.0.x / mysql server.

HTH :)

-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: *nix

2020-02-17 Thread Dan Purgert 
On Feb 17, 2020, Curt wrote:
> On 2020-02-17, Doug McGarrett  wrote:
>>
>>
>>> 
>> [...] I hope I never have to do so again. (I fell off the stoop
>> after tripping over my dog's tether in the dark on the 4th of July, 
>> 1915, and spent most of the summer in various stages of recovery.)
>> Maybe some day I'll figure out how to dial a number on the phone.
> 
> I'm sure you must've recovered by now and greatly admire (and remain
> somewhat astounded by) your longevity.

Not to mention the fact he had a working mobile phone some 60 years
before they were invented! 

-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: Revised description of a FOSS friendly PDA

2020-02-15 Thread Dan Purgert 
On Feb 13, 2020, Richard Owlett wrote:
> On 02/11/2020 10:09 AM, Richard Owlett wrote:
>> I wish to enter/store data while away from home. The data will then be
>> transferred to my laptop via a USB cable. [Think the capability of one
>> of the old Palm Pilots in a smartphone(sic) form factor]
>> 
> 
> 
> "Palm Pilot" was the not best visualization.
> A better image would be the pocket protector full of 3x5 cards a fellow
> engineering student used in the early 60's. He had it organized for quick
> retrieval of notes on a specific topic.
> [...]
> 
> What I could envision using would be Debian with a minimal MATE
> Desktop and a single custom Tcl/Tk app. The bottom of the screen would
> have a 4x15 character array emulating a QWERTY keyboard for input of
> arbitrary alphanumeric data. Display of "retrieved data" or "data
> being entered" would be handled by the Tcl/Tk app.

I am probably way off the mark (and I apologize if I missed a "no"
answer to this) - but what about something like the "SDA" project[1]?

It's not Debian (or Linux at all), but it seems to tick the boxes you
were looking for between the original post and this clarification.  It's
also apparently a hobby project -- but then again, wasn't Linux a hobby
project in the early 1990s?


[1]https://hackaday.io/project/35165-sda-the-best-new-pda

-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: Do one thing. Do it right.

2020-02-14 Thread Dan Purgert 
On Feb 14, 2020, Richard Owlett wrote:
> Youngsters have two foibles:
>   More is always better.

"less is more"

>   Glitz for its own sake.
> 
> For perspective:
>   1. although only in mid-70's, my parents would be in their 12th
>  decade.
>   2. my father took a M.E. degree rather than E.E. as it gave him
>  more of what today would be considered a minimal BSEE degree.
>   3. my first computers ran on 1 MHz 6502's. 2nd even had 8k ram

Well, guess I'm a "youngster" then.  :(
I don't want to be lumped in with that group though. They sound
terrible.

-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: Looking for FOSS supported PCIe x4 SATA 6 Gb/s HBA with 4 or 8 ports

2020-02-11 Thread Dan Purgert 
On Feb 10, 2020, David Christensen wrote:
> On 2020-02-10 13:55, Dan Purgert wrote:
>> On Feb 10, 2020, David Christensen wrote:
>>> [...]
>>> It has the following expansion slots:
>>> 
>>> - One PCI Express 2.0 x16 add-in card connector
>>> - One PCI Express 2.0 x4 add-in card connector
>>> - One PCI Express 2.0 x1 add-in card connector
>>> 
>>>  a.  While migrating backup data, I recently saw a Syba PCIe x1 two
>>>  port SATA II 3 Gb/s HBA model SD-SA2PEX-2IR throttling under
>>>  sustained load -- it ran at 80-100 MB/s for 4-5 minutes, then at
>>>  ~7 MB/s for two hours. Unacceptable.
>> 
>> That controller makes no sense -- I think someone made a typo somewhere
>> on the specs (says it's a 2.5 Gb/sec PCIe x1 interface -- maybe they
>> meant it's PCIe 1.0 compliant, at 2.5 "gigatransfers" per second).
> 
> I assume you are referring to the Syba product page:
> 
> http://www.sybausa.com/index.php?route=product/product_id=172=SD-SA2PEX-2IR

That, and the SIL PCIe controller chip's datasheet.
> 
> 
> Looking at Wikipedia, PCI Express link performance table:
> 
> https://en.wikipedia.org/wiki/PCI_Express#History_and_revisions
> 
> 
> I believe 2.5 GT/s produces 2.5 Gb/s under PCIe version 1.0.  So, the Syba
> specification is correct in this case.

They apparently conflated "GT/sec" and "Gb/sec" (uhh, "conflated" might
be the wrong word).  2.5 GT / sec with an 8/10 encoding scheme, while
"yes" 2.5 gbit worth of data is being transmitted, results in only 2000
mbit (2.0 gbit) of usable data.  The other 500 mbit being eaten by the
overhead.

> 
> 
>> As I recall, PCIe 1.0 was in the neighborhood of 200MB/sec sustained for
>> a x1 slot;
> 
> Wikipedia indicates 250 MB/s throughput.

I was close :)

> 
> 
>> couple that with a slowish (or damaged) drive, or a
>> RAM-starved system, and a 7MB/sec transfer isn't exactly outside the
>> realm of possibilities.  Granted, age of the card could also be a
>> factor.
> 
> When I connected the drive to a motherboard SATA port, the transfer
> maintained 80-100 MB/s for the entire duration.  That eliminates the
> drive, the cable, and the RAM.  I concluded the HBA was to blame.  In
> hindsight, it may have been a loose connection.  It's not my computer,
> so I will have to wait for an opportunity for further
> troubleshooting.

Yep, certainly does point to either a loose connection, or a failing
SATA controller then.

But yeah, I guess this isn't anything more than sidebar to your initial
question :|.  I'll have to dig up what cards I've used in the past (been
a long time since I've had a desktop ... last two PCs have been
laptops).

-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: Looking for FOSS supported PCIe x4 SATA 6 Gb/s HBA with 4 or 8 ports

2020-02-10 Thread Dan Purgert 
On Feb 10, 2020, David Christensen wrote:
> [...]
> It has the following expansion slots:
> 
> - One PCI Express 2.0 x16 add-in card connector
> - One PCI Express 2.0 x4 add-in card connector
> - One PCI Express 2.0 x1 add-in card connector
> 
> a.  While migrating backup data, I recently saw a Syba PCIe x1 two
> port SATA II 3 Gb/s HBA model SD-SA2PEX-2IR throttling under
> sustained load -- it ran at 80-100 MB/s for 4-5 minutes, then at
> ~7 MB/s for two hours. Unacceptable.

That controller makes no sense -- I think someone made a typo somewhere
on the specs (says it's a 2.5 Gb/sec PCIe x1 interface -- maybe they
meant it's PCIe 1.0 compliant, at 2.5 "gigatransfers" per second).

As I recall, PCIe 1.0 was in the neighborhood of 200MB/sec sustained for
a x1 slot; couple that with a slowish (or damaged) drive, or a
RAM-starved system, and a 7MB/sec transfer isn't exactly outside the
realm of possibilities.  Granted, age of the card could also be a
factor.


-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: local network capability scanner?

2020-02-07 Thread Dan Purgert 
On Feb 07, 2020, Gene Heskett wrote:
> On Friday 07 February 2020 05:53:05 Dan Purgert wrote:
>> [...]
>> a "gigahertz" switch?  neat :) (I think you meant gigabit again).
> 
> Guilty.  Blame it on oldtimers.

Hehe, and I was busy scouring Amazon too... 

> [...]
> Anyway, I found an answer, iperf says the net is fine. That leaves the 
> write speeds of the SSD's on the other end.  And I can't fix that.

Ouch, bummer.

-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: local network capability scanner?

2020-02-07 Thread Dan Purgert 
On Feb 07, 2020, Gene Heskett wrote:
> Greetings all;
> 
> My local network has 2 8 port switches, one here in this room that claims 
> to be a gigabit and managed. 
> 
> One of its ports is connected to the upstream port of another dumber 
> unmanaged 8 port switch that feeds the machines in the garage, and which 
> also claims to be a gigahertz capable switch.

a "gigahertz" switch?  neat :) (I think you meant gigabit again).

What're the make/models (and most importantly, AGE!) of said switches?

> 
> But file moves to/from the machines in the garage seems to indicate 
> theres a slow connection of around 10Mb/s someplace in that path.

What're the two endpoint machines? 
Do they both show link state at 1 gbit?
What about the switches? Do their ports all show a gbit link state?  On
a gbit switch, this is usually green (with amber then indicating
10/100).

> 
> Do we have a utitity that for troubleshooting purposes, can take the 
> address of one of those machines, and somewhat like traceroute, but 
> report the bandwidth capability of every box in that path including this 
> machine and target addresses abilities?

iperf3


-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281


signature.asc
Description: PGP signature

Re: freecad

2020-01-21 Thread Dan Purgert 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Levente wrote:
> Hi all,
>
>
> I recently experienced that I can't launch FreeCad.
>
> lev@mercury:~$ freecad
> freecad: error while loading shared libraries: libhdf5_serial.so.100:

Sounds like your general user account doesn't have permissions to access
this library.  

Perhaps an update mucked it up (or, if it was me, mucking around as root
and forgetting to set global read permissions).


-BEGIN PGP SIGNATURE-

iQEzBAEBCAAdFiEEBcqaUD8uEzVNxUrujhHd8xJ5ooEFAl4m6AsACgkQjhHd8xJ5
ooHecAf6A4uOAfGQEiKnRsd8a+WKKjvHrc7QJzC7h70TIN3pDwRnTThItFB64XVJ
I7S9RIdGXATWXJBwqVtWoTjOv0YGNPFfNYvoqUp35cmn4uYk/UQiBChYpUODnmpC
eTNNyFkwrDqnOhBNuat+9TzHu7WA6EzCVJsM0qKNQQSD1aw3kJFd21sAVlwDuTQ+
9Wku9vOAUYnAH8MQLFFSUOFgCI30Jx76MQZp/D1hmeRx46s9mF3Fi3nGamCmnQA1
m59GlyzwzentmnaMzgulq1bPPV32esW4MaX0I+tZTCw6lWMuuEwIp+5hELguyncn
Psi0dXoi4Hsp1Js4Xx7oFxPyc1VvOg==
=S3xl
-END PGP SIGNATURE-

-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281

Re: Protecting no longer supported Windows7

2020-01-15 Thread Dan Purgert 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

john doe wrote:
> Hi,
>
> I have a Debian server serving/doing DHCP/DNS/firewall/..., as of today,
> Microsoft stops supporting Windows7.
>
> Is there anything that I could do to protect those Windows7 hosts that
> are behind this server?

Since updating to W10 is out, the only real options are:

Physically remove them from all networks (LAN, WiFi, and sneakernet).
Format and install a Linux distro of your choice.

Just blocking connectivity "to the internet" isn't enough, as there are
other avenues that could cause the systems to be compromised.


-BEGIN PGP SIGNATURE-

iQEzBAEBCAAdFiEEBcqaUD8uEzVNxUrujhHd8xJ5ooEFAl4fHPsACgkQjhHd8xJ5
ooGsDggArvJaZ/e4DBEvbGYgPY7p+UK7u3C31zNMBoZNgqbVNqCfCCSf6DlGItqe
q0EkTyvbT4AwTatV7EOZblrorylmvCx9hVngFkfbjxw/mC0MuzI7Jb4lrUTLklFA
hlKtbH43QKxujXQz8r8tFOVVOQ8wkJzunF6o2GJXd7+i5k11NFflfzvXTn2R4Yub
h49COhLp82dkJiGYIF+via9OQcybhxx9uK+7GC+Ust5syYTS7PhVA2lR/QzQ/Uk6
upHn1Y94USjTHy0xupPUjdmCUO+Dx3iRnsj6Zj/nuf3aouh8SUegQIPcYrqVi0xJ
4tlyKMqH8f1Iw4QEUuzk1zDBlzfDog==
=ctGQ
-END PGP SIGNATURE-

-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281

Re: web server for development

2020-01-10 Thread Dan Purgert 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Greg Wooledge wrote:
> On Fri, Jan 10, 2020 at 02:29:51PM -0000, Dan Purgert wrote:
>> SFTP (SSH) has basically zero to do with RFC959 FTP; and provided that a
>> target host already allows SSH logins, SFTP is quite likely already
>> there.  I'm actually surprised a hosting party would recommend RFC-959
>> FTP at all (SSL or no); as it requires extra work to set up (FTP servers
>> usually aren't part of "base" install images, they're
>> insecure-by-default and take a bit of effort to secure, and so on).
>
> I'm holding out hope that it wasn't really the hosting provider's
> recommendation, but rather a lack of information on the part of the user,
> that caused them to think FTP was the way to go.

I read Nate's response as "the provider told me to use 'secure ftp'" --
as in a small (yet easily made) terminology mistake, along the lines
that SSH is "secure shell" or scp is "secure copy" - so obviously 'sftp'
is "secure ftp".  And then when Nate went and checked it out, he found
"Secure FTP" is ... well ... FTP over SSL.

There's a great commentary on FTP at
http://mywiki.wooledge.org/FtpMustDie [1]

Helped me out a fair bit when I was still getting my feet wet with "file
transfers" for servers I finally was in control of (previously having
only been a user of someone else's services). 


[1] I'm 98% sure this was already mentioned / linked, but it can't be
said enough.

-BEGIN PGP SIGNATURE-

iQEzBAEBCAAdFiEEBcqaUD8uEzVNxUrujhHd8xJ5ooEFAl4YkYIACgkQjhHd8xJ5
ooEMmwgAifKnzPBHE0MT7Pc6wAGWQZhntrFmO3szsbnJiXB1XA6P6Z2zKEanwCLE
kOOquBNTp3FULBMQ2NhFRfms4Oe0KTv7KHSEjUVYSgHBk/JQlw4qi89a9d7V3LL6
J6EiYHKl/iOhh9wctoDjiVog6JUs24IXedUmTeLiThqrO36Q854Z1PoydVE5OCm8
UMPBhyKnilu8MVG448fqUnahGEi/A5KT81N4uOgAn80YkhQLRGGgOdeYNGM9hC8p
G0eA/Tn0CRdVOpcu4ak7lyVRfQAakFjPEXHQoGHAknoKr/buQasixG37dXUB59LQ
rjdJ+ov8KRdh5TsaNyMOpJOYKegaxg==
=iOpR
-END PGP SIGNATURE-

-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281

Re: web server for development

2020-01-10 Thread Dan Purgert 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

- -BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Nate Bargmann wrote:
> [...]
> I would ask if their Web host supports Secure FTP, which is FTP using
> SSL, AIUI.  I use it for my Web Host updates, in fact it was recommended
> by the host owner/operator.

Hope this doesn't just muddy the waters ... :)

There's a bit of a mess when it comes to file transfer protocols, and
their naming, but you've got it right:

"Secure FTP" is usually understood to be RFC-959 FTP over a TLS-encrypted
(formerly SSL-encrypted) connection; and is usually written as "FTPS".
This is not altogether different in concept to say "plain HTTP" and
"secure HTTP" (i.e. "HTTPS").

"SFTP" on the other hand, typically refers to "SSH File Transfer
Protocol" based on the RFC4254 "SSH Connection Protocol" (although it
might rarely also refer to RFC-913 "Simple File Transfer Protocol" --
but that might've gone the way of the dodo in anything other than
educational / historical contexts -- similar to say Token Ring networks,
or a PDP-11, etc).  

SFTP (SSH) has basically zero to do with RFC959 FTP; and provided that a
target host already allows SSH logins, SFTP is quite likely already
there.  I'm actually surprised a hosting party would recommend RFC-959
FTP at all (SSL or no); as it requires extra work to set up (FTP servers
usually aren't part of "base" install images, they're
insecure-by-default and take a bit of effort to secure, and so on).


- -BEGIN PGP SIGNATURE-

iQEzBAEBCAAdFiEEBcqaUD8uEzVNxUrujhHd8xJ5ooEFAl4Yik8ACgkQjhHd8xJ5
ooHv7Qf+PfqILFiaB5JuvYg1uLdnvAfZc45eAMN21cR6gF3AtI2kJP5/8c78xhrr
mXZmz0PPu5Tr7nQxamZoSvtLGEgszr3S0FBftwyyt4dAPJo6a4RAWAFw0/qwp+h8
tjsP04b2vpLEzBUC1QoormDzfH3h3IhuPi/X27rr/jO+UrnfXkegJ9swT+KqNZKi
90x83IYQTS2fBN4uJANwpCBUVJWA0uSKGNvH8+8VtIdVWUXPqVL4Ji7Po1GJGKBu
Kp5YoAztaz6OVB8NUeKrTxLY7ox/3aQcvvbSK2vIRGjxR/St45Ys28pw+qHPb1QU
8nPtjQQHp91igCM2yc/BPorSmY3XYw==
=Xxvm
- -END PGP SIGNATURE-

-BEGIN PGP SIGNATURE-

iQEzBAEBCAAdFiEEBcqaUD8uEzVNxUrujhHd8xJ5ooEFAl4YiloACgkQjhHd8xJ5
ooEQCAf9Gtjg1fx2WPaxB1rv71lRxP2P6rPs03GjZfFbDzhSDBbJpbTEw0C5oLBm
yvAE2XMSj2St2twQ34741s4FP8e2BDW75Zjz8y22IYPWmDsmBlhH7BpWIJTg6E7R
SoCsdzVuZkPIkmvU+n+T5YfhIv5C7haI/gykOKROKOmkHwtCtzK2w1MuY1FiV5bD
3U0FxlOMFbU0FZiA58KvnhYiI8H0tYZIDaydf5hJAkdc2NnH925KXpojQiM4UpzY
Vl6OGXylkP6aDrBUw96jdc2/LLUqXZuuw2w4TvX8czTAIN6k4iZlD8isz2xzM7LO
3SRoObYaMqSkil6KYJmhDGh8xtjoXA==
=qYsC
-END PGP SIGNATURE-

-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281

Re: MUA CLI IMAP and SMTP without ncurses interface

2020-01-06 Thread Dan Purgert 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Charles Curley wrote:
> On Mon, 6 Jan 2020 07:54:44 +0100
> john doe  wrote:
>
>> Yes there is, I connect to a VM using SSH and my Windows screenreader
>> does not like curses interface and maybe .other interface(s) as well
>
> Since there are plenty of programs out there that use curses or
> ncurses, perhaps a more elegant solution would be to find an SSH client
> and screenreader that support ncurses. I haven't used Windows
> extensively since 1999, but I hear tell PUTTY does a good job.

I still have to use PuTTY in the dayjob.  It's plenty fine with
(n)curses.  As is cygwin.

That being said, it's possible that by "screenreader", john doe means a
text-to-speech accessibility tool for visually-impaired people.  In that
case, it might be advisable to use mail(1).

-BEGIN PGP SIGNATURE-

iQEzBAEBCAAdFiEEBcqaUD8uEzVNxUrujhHd8xJ5ooEFAl4TdaMACgkQjhHd8xJ5
ooEXEAgAgyjv+y/r8Jkw+TS5VuNudRS7DbGyMzGMfjuZR6qGXIhL/YdXb+4tPLwm
ZvqEXWYMCcKFNo/FlzasnOyCJFLZg1ZKSI9k2MajVUjbZ5K7zMZWAqYNgtaTjEuC
nlYlYqweQ4UuIwWFtP7fyV1Lpd4JEASNM01gZfFmT50qnGgYrrfhsXzEEPVboWbV
vhg8Fc6vKtxYm4tpN0jpvVd7HDxxLcGoYRI6Qu9vEV0Q4O+TMocpRKSfU5KbRxpO
zCYtzDKeTOA7Y04yUjQ/X3COsIU/9UEJpIOcBOoZMudT/tvVibJtvY6k9u4M5AQJ
Z53oVWLi1gw1b/NbSMfkOeNVkMoj7A==
=UFhn
-END PGP SIGNATURE-

-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281

Re: apparent change in hostnames on LAN without admin intervention

2019-12-17 Thread Dan Purgert 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Greg Wooledge wrote:
> On Tue, Dec 17, 2019 at 09:25:04AM -0500, Dan Purgert wrote:
>> Not sure this'll reach you, [...]
>
> It did, but my reply to you bounced.  The From: address you're putting
> on your outgoing mail is nonfunctional.

cursed box, why're you sticking your name on there... 

-BEGIN PGP SIGNATURE-

iQEzBAEBCAAdFiEEBcqaUD8uEzVNxUrujhHd8xJ5ooEFAl347JMACgkQjhHd8xJ5
ooG3PQgAqPB5B77oE5C9minWrLKe8Tbc3IRXIkZ6GSmDNCZ3p/5GPugH1QJ8Pb3d
F0rfVRfcFdHotuVbymMZU0sDZuc3Il8QMb1APcp9nspgGwqSNMT96yUzDPBGo5tN
qQGH9adeLy4/8U+fb+1q11Tk7nwVHLb8KTVaFC3XxiMBdHdRzpNRlo4IEu6LsgNP
nICr0Z0m/0nw3m4/wiWSy1aCqRYlTWBvrllmbqvq8pCnZrxXbkoVQueCthq5JdDT
y+whq9o4+2TpQ5LpZbx8nOBQXTzNM40BjH5M/bm98FDUxWd6OIwCkrAiashdqFmI
NPGhlV0tkiMVi9KMBOpZJvKpWOaV3Q==
=Yb0c
-END PGP SIGNATURE-

-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281

Re: Difference between ipp, ipps, http, https CUPS protocols?

2019-11-15 Thread Dan Purgert 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

mick crane wrote:
> On 2019-11-14 23:52, Dan Purgert wrote:
>
>>> What is more interesting is why a user thinks that the LPD protocol
>>> gives them something that IPP doesn't.
>> 
>> Who said that LPR/LPD gave people "something" that IPP doesn't?
>
> I'm not really sure about what happens.
> Is it that a CUPS server translates what it receives from client to
> sequence of instructions printer understands ?
> Certain on client
>
> " mytext | lpr "
>
> worked, which could be handy.

Yeah, CUPS does provide hooks for some commands (similarly to how say
postfix or exim provide 'sendmail(tm)').

This entire discourse between Brian and myself started with a question
to the effect of "what will 'we' (presumably 'Dan' and 'Brian') do
if/when CUPS removes PPD support for our old printers?" ( MID
 ).  I responded with a crack about LPRng
being the "solution" to continue supporting the old stuff (and, in the
case of 'new stuff' that still supports the old LPR/LPD protocols; why
bother mucking around with changes I don't "need" to make).

I've so far never been a proponent of X over Y (excepting plaintext IPP
over trying to set up SSL/TLS on your printer for IPPS).

-BEGIN PGP SIGNATURE-

iQEzBAEBCAAdFiEEBcqaUD8uEzVNxUrujhHd8xJ5ooEFAl3OnZ8ACgkQjhHd8xJ5
ooEXVgf+L0/WzkH4PelYIeCH1MzJ8eXQFnp3A02nN77ZPcsdjUQs6mBUNm/LTIYM
Ze/fpE5ZUG9kKHhsC1J3oPv0n0MW1oJc/k6egc0g8ZJPkPS16OYX8myP0A2UYPVr
1SyuxOd8UoXb4JKCiISmhwcehbx43qxP8hQZtTOzSMU3gpWXbHFKue2Jb8DXSg0L
WqN7x28c3gusx/tlLVZTTALwHaHnzbZNRxUvQoSFppp/wz3Ww1qZTw13iJfoRZFL
3WGoFfU//MWwg+PqjaqvBRpeYMj0Vaeu3bMLH3ov1IEhkszZxhmUVzOIk6cqdJM8
7IpP+LxpXPwYp9thATVSpNABCvL1Qg==
=SrzW
-END PGP SIGNATURE-

-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281

Re: Difference between ipp, ipps, http, https CUPS protocols?

2019-11-14 Thread Dan Purgert 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Brian wrote:
> On Thu 14 Nov 2019 at 11:12:38 -0000, Dan Purgert wrote:
>> Sorting by "newest" on their (laser / color led) models listing results
>> in the "HL-L3270CDW" being listed as "newest" -- digging around, it
>> seems that it's a 2018 model.  Still has LPR/LPD listed under the
>> "Protocols" sections (both IPv4 and v6, actually).
>> 
>> I would expect that pretty much everything of theirs (well, at least in
>> terms of "business lineup") would then still support it. Their site
>> seems a bit broken right now (or perhaps it's on my end), so I can't get
>> at the 'home' stuff to check.
>
> One would think that a business machine supporting the LPD protocol
> would cost a vendor pennies. After all, the vendor doesn't have to
> do much when they already have the code to put in their firmware.

Yup, if that.  

>
> What is more interesting is why a user thinks that the LPD protocol
> gives them something that IPP doesn't.

Who said that LPR/LPD gave people "something" that IPP doesn't?



-BEGIN PGP SIGNATURE-

iQEzBAEBCAAdFiEEBcqaUD8uEzVNxUrujhHd8xJ5ooEFAl3N6NYACgkQjhHd8xJ5
ooGr7ggAlTy7whKBgKxJORrjavO2+GmJWPp9Zsaei64Vwrm0SEJ2Wor5pa0FbleO
kZXVVVfzXiy9ZWbqhEkR7SZ5zK1Qb8kweluhtYh44sPtkCCwcJi762pJvVqh5wmw
RozqqgFcRNKrnfANJohBU2IdA7qH+QjgRkPS92OhquwqXSZydMD84Zr3+dpHW8L7
KrSpYdnfMQxkQlnEtECRX1NCKMpUZRpkaTOMW0fxOBkgmbvt2Up62Aobay+THmAG
cTKJjMnxN88e15HfAUebXyVBHyj87sQK/q1BUROKQnJaC+pgT1eEubdLI7cnvpQ4
L4O7/yS7IONX0xZr5p2+oAFcdT8gBg==
=HHT2
-END PGP SIGNATURE-

-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281

Re: Difference between ipp, ipps, http, https CUPS protocols?

2019-11-14 Thread Dan Purgert 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Brian wrote:
> On Wed 13 Nov 2019 at 13:55:57 -0000, Dan Purgert wrote:
>> You asked about the "classic" printers we both (apparently) own.  Mine
>> here still support being addressed via LPR/LPD, not to mention PCL,
>> postscript, etc.
>
> I wish I hadn't been so disparaging about about LPRng. People should be
> able to use what they want to use, and, if LPRng fits, why not? OTOH,
> it is unable to do what a modern CUPS system can do and does not offer
> what many users want, particularly when it comes to easy setup.

Sure, CUPS does make it comparatively easy for "Joe Average" ... I've
found things to be about on-par when you're talking about small offices
though; where the print-jobs are pretty boring/standard (all text, all
b, all 2-sided, etc.). 

LPR/LPD needs a little extra setup at first, but then "just runs".

CUPS doesn't take as long to setup, but does require an hour or two
every few months to keep behaving ... but then again, those two sites
are also the busiest in terms of printing; so maybe that plays into it.

> [...]
> I wonder how many modern printers support the lpd protocol?

How do we define "modern"?  Just looked at a few Brother MFPs, and they
still support it (although I don't know how old the actual models are).

Sorting by "newest" on their (laser / color led) models listing results
in the "HL-L3270CDW" being listed as "newest" -- digging around, it
seems that it's a 2018 model.  Still has LPR/LPD listed under the
"Protocols" sections (both IPv4 and v6, actually).

I would expect that pretty much everything of theirs (well, at least in
terms of "business lineup") would then still support it. Their site
seems a bit broken right now (or perhaps it's on my end), so I can't get
at the 'home' stuff to check.


-BEGIN PGP SIGNATURE-

iQEzBAEBCAAdFiEEBcqaUD8uEzVNxUrujhHd8xJ5ooEFAl3NNqQACgkQjhHd8xJ5
ooFV/wgApp1tfpxTB72w7No1dB5MingRVBUEd9plnNK8C4CoatqB+6c5KrEpmNvP
8cTORVpQnuge0iAVaKM5fe0ektIzmBHW23jkQDJ4pKCnia2m7sXBrhcYa8LUCXxR
M0E11be7gh1QjCqMPTO6vUJdZttRhqZo/ADFUopvkxe1D6sLSN5KM7QkUu/QLjcv
zQL2ioBMpt6cein4Tize0uPB/9foT5a5PHjdA9t20ydqmjwfXVH6zvX4EFCZtKuE
+qBDmCvJRupp5i30WiX5PegF+jw6dWL8n/Wa6NpW/rV1QVkWQtmeWpQplfCg69Gu
O/Ps7YDvbeoQkfoa+5mzQIn28BGQ7g==
=FLXF
-END PGP SIGNATURE-

-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281

Re: Difference between ipp, ipps, http, https CUPS protocols?

2019-11-13 Thread Dan Purgert 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Brian wrote:
> On Tue 12 Nov 2019 at 20:27:00 -0000, Dan Purgert wrote:
>
>> Brian wrote:
>> >> 
>> >> Not really, tbh.  I haven't had to look that deeply into the state of
>> >> printing in ... well, much longer than I thought it'd been this morning.
>> >> 
>> >> Time flies :| 
>> >
>> > So, when CUPS ceases to support PPDs (probably in a couple of years),
>> > your and mine classic printers will cease to work. Is there a magic
>> > wand someone can wave?
>> 
>> LPRng? :)
>
> A clapped-out, unsupported and ancient printing system. That's
> going to go down well with users in 2019.

You asked about the "classic" printers we both (apparently) own.  Mine
here still support being addressed via LPR/LPD, not to mention PCL,
postscript, etc.

Can't speak for your users, but mine don't know their print jobs are
(still) backed by LPD/LPR.  But then again, they don't notice much
beyond "does facebook work today".  Good people, just not the most
technical.


-BEGIN PGP SIGNATURE-

iQEzBAEBCAAdFiEEBcqaUD8uEzVNxUrujhHd8xJ5ooEFAl3MC20ACgkQjhHd8xJ5
ooHzZAf7BpExETn7eRvrofmm7Ibr4+IZLwedZ1YnIBNfaLnAuh8uGDbnFM9uGpAq
vHrwydaDxD5BoiRWwzuOtC+YezHpgznuHVyJK0mE53VAE4QqXRRe25vmHMfN5co4
dUJ1TcKdR5NJGNFJp8yqbZUrJvvQnIv1+nmchkp4KTscWOnX9Re6lke8IM7WLaYK
saBvYKE1Mpp4dPX+4QH7oeqEhWJSwI2nbyFx1RbCZ9MwAw/rPlLy2IyThbZDGYUr
l0WeF1liP4ougEK2ay8xlhru7LrHcUOp/KKdwSV/jqHmMazauQ++WjrVq0gePShy
cr3Ob//iLagRVP2TNhUSkZhNCcXJuw==
=rqgY
-END PGP SIGNATURE-

-- 
|_|O|_| 
|_|_|O| Github: https://github.com/dpurgert
|O|O|O| PGP: 05CA 9A50 3F2E 1335 4DC5  4AEE 8E11 DDF3 1279 A281

  1   2   3   4   5   6   >