Re: Abort Trap question
A quick thought... are you extracting src.tar.gz into /usr (like you to with ports.tar.gz)? On a few occasions, I've done this (instead of making sure I'm in /usr/src first as I should) and had system binaries get clobbered. When I've accidentally done this in the past, I do get a bunch of abort trap errors and a predictably un-bootable system. Example: This block of stuff from src.tar.gz, if extracted whilst in /usr, would overwrite /usr/bin/cat with a directory full of the source code for cat(1) and so on and so forth. drwxrwxr-x 2 axon axon 0 Oct 9 22:41 bin drwxrwxr-x 2 axon axon 0 Oct 9 22:41 bin/CVS -rw-rw-r-- 1 axon axon 5 Oct 9 22:38 bin/CVS/Root -rw-rw-r-- 1 axon axon 8 Oct 9 22:38 bin/CVS/Repository -rw-rw-r-- 1 axon axon 439 Oct 9 22:41 bin/CVS/Entries -rw-rw-r-- 1 axon axon18 Oct 9 22:41 bin/CVS/Tag -rw-rw-r-- 1 axon axon 241 Apr 25 2016 bin/Makefile -rw-rw-r-- 1 axon axon 145 Jul 11 2014 bin/Makefile.inc drwxrwxr-x 2 axon axon 0 Oct 9 22:38 bin/cat drwxrwxr-x 2 axon axon 0 Oct 9 22:41 bin/cat/CVS -rw-rw-r-- 1 axon axon 5 Oct 9 22:38 bin/cat/CVS/Root -rw-rw-r-- 1 axon axon12 Oct 9 22:38 bin/cat/CVS/Repository -rw-rw-r-- 1 axon axon 172 Oct 9 22:41 bin/cat/CVS/Entries -rw-rw-r-- 1 axon axon18 Oct 9 22:41 bin/cat/CVS/Tag -rw-rw-r-- 1 axon axon93 Feb 18 2017 bin/cat/Makefile -rw-rw-r-- 1 axon axon 4848 Jul 9 2016 bin/cat/cat.1 -rw-rw-r-- 1 axon axon 5567 Oct 19 2016 bin/cat/cat.c On Wed, Nov 15, 2017 at 5:24 PM, patrick keshishianwrote: > On 11/15/17, Philip Guenther wrote: > > On Wed, Nov 15, 2017 at 11:08 AM, Mike Coddington > > wrote: > > > >> On Wed, Nov 15, 2017 at 10:01:09AM -0600, Daniel Boyd wrote: > >> > I've installed OpenBSD/macppc twice on my G4 Cube now and it seems to > >> > be working fine until I go to untar src.tar.gz at which point it > throws > >> > some abort trap errors and crashes. If I reboot, I get a bunch of > >> > abort traps during the boot process followed by several: > >> > > >> > init: can't exec getty '/usr/libexec/getty' for pot /dev/ttyC3: ... > >> > > >> > What do you guys think this is...? Hard drive failure...? > >> > >> Out of curiosity, does the same thing happen if you extract the tar with > >> the pax(1) program? That'll at least let you know if it's tar causing > >> the problem or not. > >> > > > > tar _is_ pax: > > : corwin; ls -li /bin/tar /bin/pax > > 52015 -r-xr-xr-x 3 root bin 433472 Nov 1 11:15 /bin/pax > > 52015 -r-xr-xr-x 3 root bin 433472 Nov 1 11:15 /bin/tar > > : corwin; > > > > Fundamentally, unless a userspace process is poking at devices or > similar, > > it should be unable to panic the kernel. An abort trap in the kernel is > > either a kernel bug or a hardware bug. IIRC there's some pmap bug on > > macppc that no one has managed to track down which causes crashes on some > > machines, but not others. I've never hit it on the Macbook I use for > > builds, but the ports build boxes, whatever model they are, seem to hit > it > > periodically... > > I read it as the tar process is the one aborting. which, if true, > sounds like user-land and kernel are out-of-sync. > > Unfortunately, specific info is missing from the problem report. > > --patrick > >
Re: Atheros AR9300
On Wed, Nov 15, 2017 at 03:04:15PM -0500, mabi wrote: > Hi, > > I just got myself a new firewall device (Lanner FW-7526) to replace my dying > Soekris box. That new firewall shipped with an Atheros AR9300 wireless chip > and just realized from the dmesg output and athn man page (OpenBSD 6.2) that > this chip must not be supported (yet). > > The dmesg output is the following: > > "Atheros AR9300" rev 0x01 at pci4 dev 0 function 0 not configured > > Is my conclusion here correct? or am I just missing a non-free firmware > (though I ran the fw_update command already). > > Best regards, > Mabi Not yet supported. And athn(4) PCI devices do not require any firmware, a firmware is only needed for athn(4) USB devices. I would suggest to try locating an athn(4) AR9280 or ral(4) RT2700/RT2800 device instead.
Re: Atheros A5424 still not supported?
On Wed, Nov 15, 2017 at 06:39:20PM +, Roderick wrote: > > I get in dmesg: > > ath0 at pci1 dev 0 function 0 "Atheros AR5424" rev 0x01: apic 1 int 16 > ath0: AR5424 14.2 phy 7.0 rf 10.2 eeprom 5.3, EU1W, address > 00:24:2b:e3:03:40 > [...] > ath0: unable to reset hardware; hal status 3523714312 > ath0: unable to reset hardware; hal status 1 > > I thank for any hint. > > Rodrigo > Nobody has done any work to fix AR5424. Sorry.
Re: Abort Trap question
On 11/15/17, Philip Guentherwrote: > On Wed, Nov 15, 2017 at 11:08 AM, Mike Coddington > wrote: > >> On Wed, Nov 15, 2017 at 10:01:09AM -0600, Daniel Boyd wrote: >> > I've installed OpenBSD/macppc twice on my G4 Cube now and it seems to >> > be working fine until I go to untar src.tar.gz at which point it throws >> > some abort trap errors and crashes. If I reboot, I get a bunch of >> > abort traps during the boot process followed by several: >> > >> > init: can't exec getty '/usr/libexec/getty' for pot /dev/ttyC3: ... >> > >> > What do you guys think this is...? Hard drive failure...? >> >> Out of curiosity, does the same thing happen if you extract the tar with >> the pax(1) program? That'll at least let you know if it's tar causing >> the problem or not. >> > > tar _is_ pax: > : corwin; ls -li /bin/tar /bin/pax > 52015 -r-xr-xr-x 3 root bin 433472 Nov 1 11:15 /bin/pax > 52015 -r-xr-xr-x 3 root bin 433472 Nov 1 11:15 /bin/tar > : corwin; > > Fundamentally, unless a userspace process is poking at devices or similar, > it should be unable to panic the kernel. An abort trap in the kernel is > either a kernel bug or a hardware bug. IIRC there's some pmap bug on > macppc that no one has managed to track down which causes crashes on some > machines, but not others. I've never hit it on the Macbook I use for > builds, but the ports build boxes, whatever model they are, seem to hit it > periodically... I read it as the tar process is the one aborting. which, if true, sounds like user-land and kernel are out-of-sync. Unfortunately, specific info is missing from the problem report. --patrick
Re: Abort Trap question
On Wed, 2017-11-15 at 13:35 -0800, Philip Guenther wrote: > > tar _is_ pax: > : corwin; ls -li /bin/tar /bin/pax > 52015 -r-xr-xr-x 3 root bin 433472 Nov 1 11:15 /bin/pax > 52015 -r-xr-xr-x 3 root bin 433472 Nov 1 11:15 /bin/tar > : corwin; > > Fundamentally, unless a userspace process is poking at devices or > similar, > it should be unable to panic the kernel. An abort trap in the kernel > is > either a kernel bug or a hardware bug. IIRC there's some pmap bug on > macppc that no one has managed to track down which causes crashes on > some > machines, but not others. I've never hit it on the Macbook I use for > builds, but the ports build boxes, whatever model they are, seem to > hit it > periodically... > > > Philip Guenther > I'm happy to help track down the issue if someone will tell me what to do. I will reload the OS on the machine when I get a chance. How will we be able to determine whether we're dealing with a kernel bug or a hardware failure?
Re: Abort Trap question
On Wed, Nov 15, 2017 at 11:08 AM, Mike Coddingtonwrote: > On Wed, Nov 15, 2017 at 10:01:09AM -0600, Daniel Boyd wrote: > > I've installed OpenBSD/macppc twice on my G4 Cube now and it seems to > > be working fine until I go to untar src.tar.gz at which point it throws > > some abort trap errors and crashes. If I reboot, I get a bunch of > > abort traps during the boot process followed by several: > > > > init: can't exec getty '/usr/libexec/getty' for pot /dev/ttyC3: ... > > > > What do you guys think this is...? Hard drive failure...? > > Out of curiosity, does the same thing happen if you extract the tar with > the pax(1) program? That'll at least let you know if it's tar causing > the problem or not. > tar _is_ pax: : corwin; ls -li /bin/tar /bin/pax 52015 -r-xr-xr-x 3 root bin 433472 Nov 1 11:15 /bin/pax 52015 -r-xr-xr-x 3 root bin 433472 Nov 1 11:15 /bin/tar : corwin; Fundamentally, unless a userspace process is poking at devices or similar, it should be unable to panic the kernel. An abort trap in the kernel is either a kernel bug or a hardware bug. IIRC there's some pmap bug on macppc that no one has managed to track down which causes crashes on some machines, but not others. I've never hit it on the Macbook I use for builds, but the ports build boxes, whatever model they are, seem to hit it periodically... Philip Guenther
Re: password-free SSH was Re: [ot] Security of my bit coin wallet
On 11/15/17 21:50, James wrote: > On Wed, Nov 15, 2017 at 3:06 PM, Gareth Nelson> wrote: >> Use key-based authentication? >> > > Okay, but that doesn't fit the requirement. > I want something iteratively password free. > AFAIK, somewhere along the line in key-based authentication you need > to enter a password to unlock the key. You can generate passphrase-less ssh keys. It would probably be wise to set up some some sort of authentication for the device that holds your private key(s), but you do log on to your machine in order to start working, don't you? I find the rest of the message a bit hard to follow, but I suspect you may be unaware that features functionally very close to what you describe actually exist, and are documented in the man pages for the software you mention in this last message. (And not top-posting would help follow the discussion a lot - a rant about that and a couple of other things can be had at[1] for those in need). [1] https://bsdly.blogspot.com/2011/02/problem-isnt-email-its-microsoft.html -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: password-free SSH was Re: [ot] Security of my bit coin wallet
> On Wed, Nov 15, 2017 at 3:06 PM, Gareth Nelsonwr= > ote: > > Use key-based authentication? > > > > Okay, but that doesn't fit the requirement. > I want something iteratively password free. > AFAIK, somewhere along the line in key-based authentication you need > to enter a password to unlock the key. > The context of this email is a password-free SSH. (blank passwords do > not count as password-free) > > What I want to find is a crypto mechanism that allows the use of no > passwords, but with the same guarantees of key-based authentication. > > So my thoughts are that to start with something similar to Diffie > Hellman operating at the network layer, you could generate keys when > you wanted to communicate after an initial round of set up. > > You wouldn't establish faith in the security of the connection until > proof was given that you are talking to the right host, and you could > get higher or lower levels of proof. Something functioning like the > Sieve of Eratosthenes. > > For example. you just use one known fact from the network layer. a > beacon. ntp even. Each communication point in the network, remember > this is a recursive solver, would have different ping time to the > beacon over a large number of pings, or to be able to express the > confidence that this host is who it says it is. Each node has a > complete and different view. In this way you could "push" > Diffie-Hellman to the network layer. > > I think it's similar in flavour to a blockchain, but it would > eliminate the need to use passwords when speaking the protocol and > establish some sort of reality to host mapping. Remember we can never > actually verify anything in the internet due to MITM. We can just > increase our probability of success while decreasing the attack > surface for dictionaries. > > What do you think? Sorry, I don't see a diff in your email. Oh are you just talking? If you were serious you would stop mixing terminology together and build it.
Re: password-free SSH was Re: [ot] Security of my bit coin wallet
On Wed, Nov 15, 2017 at 3:06 PM, Gareth Nelsonwrote: > Use key-based authentication? > Okay, but that doesn't fit the requirement. I want something iteratively password free. AFAIK, somewhere along the line in key-based authentication you need to enter a password to unlock the key. The context of this email is a password-free SSH. (blank passwords do not count as password-free) What I want to find is a crypto mechanism that allows the use of no passwords, but with the same guarantees of key-based authentication. So my thoughts are that to start with something similar to Diffie Hellman operating at the network layer, you could generate keys when you wanted to communicate after an initial round of set up. You wouldn't establish faith in the security of the connection until proof was given that you are talking to the right host, and you could get higher or lower levels of proof. Something functioning like the Sieve of Eratosthenes. For example. you just use one known fact from the network layer. a beacon. ntp even. Each communication point in the network, remember this is a recursive solver, would have different ping time to the beacon over a large number of pings, or to be able to express the confidence that this host is who it says it is. Each node has a complete and different view. In this way you could "push" Diffie-Hellman to the network layer. I think it's similar in flavour to a blockchain, but it would eliminate the need to use passwords when speaking the protocol and establish some sort of reality to host mapping. Remember we can never actually verify anything in the internet due to MITM. We can just increase our probability of success while decreasing the attack surface for dictionaries. What do you think? Cheers, James > On Wed, Nov 15, 2017 at 2:38 PM, James wrote: >> >> On Wed, Nov 15, 2017 at 10:42 AM, Raul Miller >> wrote: >> > Assumption is invalid. Flaws are widely documented (e.g. fixed >> > supply). Probably wrong list, also. >> > >> >> Ok a little more on topic then. SSH. >> >> How would you secure SSH without a password, iteratively password - free? >> a blank password does not count as password-free. >> >> My motivation is turn the internet upside down. >> >> Does any current crypto mechanism come to mind? >> >> A possible example is the use of Diffie-Hellman at the network layer >> to identify hosts. I think that would be password-free. >> >> >> > Thanks, >> > >> > -- >> > Raul >> > >> >> Thanks, >> James >> >> >> >> > On Wed, Nov 15, 2017 at 8:46 AM, James wrote: >> >> While a little off topic it is security related so I hope you don't >> >> mind. >> >> >> >> This is the misc list, right? >> >> >> >> Assumption 1. >> >> bitcoin is a secure protocol without flaws. >> >> >> >> quote from >> >> https://github.com/bitcoinbook/bitcoinbook/blob/second_edition/ch01.asciidoc >> >> >> >> With these keys they can sign transactions to unlock the value and >> >> spend it by transferring it to a new owner. Keys are often stored in a >> >> digital wallet on each user’s computer or smartphone. Possession of >> >> the key that can sign a transaction is the only prerequisite to >> >> spending bitcoin, putting the control entirely in the hands of each >> >> user. >> >> >> >> >> >> Is the security of a bitcoin wallet ultimately determined by it's >> >> password? >> >> The way I see it If an attacker had access to my computer, the only >> >> thing protecting access to the wallet would be a password or some >> >> iteration of a password scheme, if not mine than a centralized server >> >> of trust somewhere, but eventually someone has a password that is used >> >> to, unlock a bitcoin. Is that correct reasoning or are there >> >> alternatives? >> >> >> >> Thanks, >> >> James >> >> >> >
Re: Abort Trap question
On Wed, 2017-11-15 at 13:08 -0600, Mike Coddington wrote: > On Wed, Nov 15, 2017 at 10:01:09AM -0600, Daniel Boyd wrote: > > I've installed OpenBSD/macppc twice on my G4 Cube now and it seems > > to > > be working fine until I go to untar src.tar.gz at which point it > > throws > > some abort trap errors and crashes. If I reboot, I get a bunch of > > abort traps during the boot process followed by several: > > > > init: can't exec getty '/usr/libexec/getty' for pot /dev/ttyC3: ... > > > > What do you guys think this is...? Hard drive failure...? > > Out of curiosity, does the same thing happen if you extract the tar > with > the pax(1) program? That'll at least let you know if it's tar causing > the problem or not. > > Heh ... give me a couple days. Need to find time to re-install the system since it wno't boot anymore. Have to set up a NFS server b/c the CD-ROM drive is busted.
Atheros AR9300
Hi, I just got myself a new firewall device (Lanner FW-7526) to replace my dying Soekris box. That new firewall shipped with an Atheros AR9300 wireless chip and just realized from the dmesg output and athn man page (OpenBSD 6.2) that this chip must not be supported (yet). The dmesg output is the following: "Atheros AR9300" rev 0x01 at pci4 dev 0 function 0 not configured Is my conclusion here correct? or am I just missing a non-free firmware (though I ran the fw_update command already). Best regards, Mabi
Unsure if I can help update the drivers?
http://www.congatec.com/en/products/smarc/conga-sa5.html I would like to get a number of intel device IDs and/or drivers working with OpenBSD including broxton graphics 0x5a85 and azalia sound 0x5a98. Can I help in any way such as by providing patches or is it simply a case of waiting for a sync with Linux driver updates or can I help with that? Thanks
Re: Abort Trap question
On Wed, Nov 15, 2017 at 10:01:09AM -0600, Daniel Boyd wrote: > I've installed OpenBSD/macppc twice on my G4 Cube now and it seems to > be working fine until I go to untar src.tar.gz at which point it throws > some abort trap errors and crashes. If I reboot, I get a bunch of > abort traps during the boot process followed by several: > > init: can't exec getty '/usr/libexec/getty' for pot /dev/ttyC3: ... > > What do you guys think this is...? Hard drive failure...? Out of curiosity, does the same thing happen if you extract the tar with the pax(1) program? That'll at least let you know if it's tar causing the problem or not. -- Put your Nose to the Grindstone! -- Amalgamated Plastic Surgeons and Toolmakers, Ltd.
Atheros A5424 still not supported?
I get in dmesg: ath0 at pci1 dev 0 function 0 "Atheros AR5424" rev 0x01: apic 1 int 16 ath0: AR5424 14.2 phy 7.0 rf 10.2 eeprom 5.3, EU1W, address 00:24:2b:e3:03:40 [...] ath0: unable to reset hardware; hal status 3523714312 ath0: unable to reset hardware; hal status 1 I thank for any hint. Rodrigo
Re: error trying to load C/XS Perl module
Em 15/11/2017 13:38, Silamael escreveu: Hi, You could try to set LD_DEBUG=yes before running the test. With this you should see, what's really missing. -- Matthias Thanks Matthias! I tried that with a perl compiled with debugging symbols (-DDEBUGGING): dlopen: /home/vagrant/.cpan/build/PerlIO-eol-0.16-6/blib/arch/auto/PerlIO/eol/eol.so: done (success). dlsym: boot_PerlIO__eol in /home/vagrant/.cpan/build/PerlIO-eol-0.16-6/blib/arch/auto/PerlIO/eol/eol.so: 0x174e88dd9670 ok 1 - use PerlIO::eol; ok 2 ok 3 ok 4 ok 5 ok 6 - open for read Failed 17/23 subtests Test Summary Report --- t/1-basic.t (Wstat: 134 Tests: 6 Failed: 0) Non-zero wait status: 134 Parse errors: Bad plan. You planned 23 tests but ran 6. Files=1, Tests=6, 0 wallclock secs ( 0.04 usr 0.03 sys + 0.07 cusr 0.10 csys = 0.24 CPU) Result: FAIL doing dtors obj 0x8d5475cc800 @0x8d5ecb88340: [/home/vagrant/perl5/perlbrew/perls/5.26.1d/lib/5.26.1/OpenBSD.amd64-openbsd/auto/POSIX/POSIX.so] doing dtors obj 0x8d5d4886400 @0x8d574e2f9f0: [/home/vagrant/perl5/perlbrew/perls/5.26.1d/lib/5.26.1/OpenBSD.amd64-openbsd/auto/Fcntl/Fcntl.so] doing dtors obj 0x8d5701df000 @0x8d5cb1e5020: [/home/vagrant/perl5/perlbrew/perls/5.26.1d/lib/5.26.1/OpenBSD.amd64-openbsd/auto/IO/IO.so] doing dtors obj 0x8d5701df800 @0x8d61d3e14b0: [/home/vagrant/perl5/perlbrew/perls/5.26.1d/lib/5.26.1/OpenBSD.amd64-openbsd/auto/File/Glob/Glob.so] doing dtors obj 0x8d5a090cc00 @0x8d549b11b30: [/home/vagrant/perl5/perlbrew/perls/5.26.1d/lib/5.26.1/OpenBSD.amd64-openbsd/auto/Time/HiRes/HiRes.so] doing dtors obj 0x8d5a090c800 @0x8d5593df660: [/home/vagrant/perl5/perlbrew/perls/5.26.1d/lib/5.26.1/OpenBSD.amd64-openbsd/auto/List/Util/Util.so] doing dtors obj 0x8d5d4886000 @0x8d5c06651d0: [/home/vagrant/perl5/perlbrew/perls/5.26.1d/lib/5.26.1/OpenBSD.amd64-openbsd/auto/Cwd/Cwd.so] doing dtors The program dies right after the test number 6 and generates a core dump. Unfortunately, gdb doesn't give me anything useful (or I'm doing something wrong): bash-4.4$ gdb -c perl.core GNU gdb 6.3 Copyright 2004 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "amd64-unknown-openbsd6.1". Core was generated by `perl'. Program terminated with signal 6, Aborted. #0 0x174ec0f6dfea in ?? () (gdb) bt full #0 0x174ec0f6dfea in ?? () No symbol table info available. #1 0x174ec0f6e0b9 in ?? () No symbol table info available. #2 0x174e06f4a480 in ?? () No symbol table info available. #3 0x000a in ?? () No symbol table info available. #4 0xffdf000a in ?? () No symbol table info available. #5 0x35cbadd363eaf932 in ?? () No symbol table info available. #6 0x0003 in ?? () No symbol table info available. #7 0x174ec0f8e718 in ?? () No symbol table info available. #8 0x174e in ?? () No symbol table info available. #9 0x174e36b0d020 in ?? () No symbol table info available. #10 0x00ff0008 in ?? () No symbol table info available. #11 0x35cbadd363eaf932 in ?? () No symbol table info available. #12 0x174e55684880 in ?? () No symbol table info available. #13 0x174e88dda0d6 in ?? () No symbol table info available. #14 0x60bbe59c in ?? () No symbol table info available. #15 0x174df018bc98 in ?? () No symbol table info available. #16 0x0004 in ?? () No symbol table info available. #17 0x174ed6c21980 in ?? () No symbol table info available. #18 0x1000 in ?? () No symbol table info available. #19 0x1000 in ?? () No symbol table info available. #20 0x in ?? () No symbol table info available. (gdb)
Re: password-free SSH was Re: [ot] Security of my bit coin wallet
Use key-based authentication? On Wed, Nov 15, 2017 at 2:38 PM, Jameswrote: > On Wed, Nov 15, 2017 at 10:42 AM, Raul Miller > wrote: > > Assumption is invalid. Flaws are widely documented (e.g. fixed > > supply). Probably wrong list, also. > > > > Ok a little more on topic then. SSH. > > How would you secure SSH without a password, iteratively password - free? > a blank password does not count as password-free. > > My motivation is turn the internet upside down. > > Does any current crypto mechanism come to mind? > > A possible example is the use of Diffie-Hellman at the network layer > to identify hosts. I think that would be password-free. > > > > Thanks, > > > > -- > > Raul > > > > Thanks, > James > > > > > On Wed, Nov 15, 2017 at 8:46 AM, James wrote: > >> While a little off topic it is security related so I hope you don't > mind. > >> > >> This is the misc list, right? > >> > >> Assumption 1. > >> bitcoin is a secure protocol without flaws. > >> > >> quote from https://github.com/bitcoinbook/bitcoinbook/blob/ > second_edition/ch01.asciidoc > >> > >> With these keys they can sign transactions to unlock the value and > >> spend it by transferring it to a new owner. Keys are often stored in a > >> digital wallet on each user’s computer or smartphone. Possession of > >> the key that can sign a transaction is the only prerequisite to > >> spending bitcoin, putting the control entirely in the hands of each > >> user. > >> > >> > >> Is the security of a bitcoin wallet ultimately determined by it's > password? > >> The way I see it If an attacker had access to my computer, the only > >> thing protecting access to the wallet would be a password or some > >> iteration of a password scheme, if not mine than a centralized server > >> of trust somewhere, but eventually someone has a password that is used > >> to, unlock a bitcoin. Is that correct reasoning or are there > >> alternatives? > >> > >> Thanks, > >> James > >> > >
Re: error trying to load C/XS Perl module
Em 15/11/2017 15:06, Stuart Henderson escreveu: On 2017-11-15, Stuart Hendersonwrote: If I make a port using the normal ports framework and try it on -current, I get this, which is a bit further but not all the way : 1..23 ok 1 - use PerlIO::eol; ok 2 ok 3 ok 4 ok 5 ok 6 - open for read Failed 17/23 subtests Test Summary Report --- t/1-basic.t (Wstat: 134 Tests: 6 Failed: 0) Non-zero wait status: 134 Parse errors: Bad plan. You planned 23 tests but ran 6. Files=1, Tests=6, 0 wallclock secs ( 0.01 usr 0.04 sys + 0.03 cusr 0.03 csys = 0.11 CPU) Result: FAIL Ha. I didn't notice before I wrote a local port, but there's already a port in the tree. So actually you should just be able to use "pkg_add p5-PerlIO-eol". In general: use the OS packages, don't try and mix with cpan. In most cases it's easier to write a port than deal with the mess that you'll end up in by using two different/conflicting package systems (i.e. OpenBSD's usual one and CPAN). Thanks Stuart! Actually, using CPAN is the main objective here because I'm testing OpenBSD 6.1 as a CPAN Smoker (https://github.com/glasswalk3r/cpan-openbsd-smoker). So, basically it really didn't occurred to me to search for a ports, but I see that it is updated to the latest version of this module. I'm not acquainted with creating ports, but I guess I should start from https://www.openbsd.org/faq/ports/ and then checkout http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/devel/p5-PerlIO-eol/Makefile?rev=1.17=text/plain. So far, I wasn't able to figure out anything outstanding with the building process that is common to Perl modules, but I didn't find anything regarding executing tests as well. To me, the Makefile over there has a bit of magic to make it work, so I would appreciate any inputs on that.
Re: session security on OpenBSD vs popular options
On 11/15/17 18:28, Charlie Eddy wrote: > Hello, > > Please let me know how to find information on OpenBSD security as it > relates to web browser sessions. > > For instance, I am aware that some attack vectors depend on browser > connections with OS components. What security flaws exist that OpenBSD > specifically is able to address? I think a fairly good place to start is to follow the presentation links from https://www.openbsd.org/events.html - there are quite a few talks that would be quite relevant and help you narrow down the question to something it would be possible to answer in a mailing list message. - Peter -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: error trying to load C/XS Perl module
On 11/15/2017 02:50 PM, Alceu Rodrigues de Freitas Junior wrote: Hello folks, I'm struggling to get installed the module PerlIO::eol by downloding it from CPAN and installing it. I tried with both the standard perl in OpenBSD 6.1 and also one that I compiled with perlbrew, but the results are the same (after the classic "perl Makefile.PL; make"): bash-4.4$ prove -l -m -v t/1-basic.t t/1-basic.t .. 1..23 not ok 1 - use PerlIO::eol; # Failed test 'use PerlIO::eol;' # at t/1-basic.t line 4. # Tried to use 'PerlIO::eol'. # Error: Can't locate loadable object for module PerlIO::eol in @INC (@INC contains: /home/vagrant/.cpan/build/PerlIO-eol-0.16-1/lib /home/vagrant/perl5/perlbrew/perls/perl-5.26.1/lib/site_perl/5.26.1/OpenBSD.amd64-openbsd /home/vagrant/perl5/perlbrew/perls/perl-5.26.1/lib/site_perl/5.26.1 /home/vagrant/perl5/perlbrew/perls/perl-5.26.1/lib/5.26.1/OpenBSD.amd64-openbsd /home/vagrant/perl5/perlbrew/perls/perl-5.26.1/lib/5.26.1) at t/1-basic.t line 4. # Compilation failed in require at t/1-basic.t line 4. # BEGIN failed--compilation aborted at t/1-basic.t line 4. Bareword "CR" not allowed while "strict subs" in use at t/1-basic.t line 6. Bareword "LF" not allowed while "strict subs" in use at t/1-basic.t line 6. Bareword "CRLF" not allowed while "strict subs" in use at t/1-basic.t line 6. Execution of t/1-basic.t aborted due to compilation errors. # Looks like your test exited with 255 just after 1. Dubious, test returned 255 (wstat 65280, 0xff00) Failed 23/23 subtests Hi, You could try to set LD_DEBUG=yes before running the test. With this you should see, what's really missing. -- Matthias
session security on OpenBSD vs popular options
Hello, Please let me know how to find information on OpenBSD security as it relates to web browser sessions. For instance, I am aware that some attack vectors depend on browser connections with OS components. What security flaws exist that OpenBSD specifically is able to address? Thanks, Charlie Eddy
Re: error trying to load C/XS Perl module
On 2017-11-15, Stuart Hendersonwrote: > On 2017-11-15, Alceu Rodrigues de Freitas Junior > wrote: >> Hello folks, >> >> I'm struggling to get installed the module PerlIO::eol by downloding it >> from CPAN and installing it. >> >> I tried with both the standard perl in OpenBSD 6.1 and also one that I >> compiled with perlbrew, but the results are the same (after the classic >> "perl Makefile.PL; make"): >> >> bash-4.4$ prove -l -m -v t/1-basic.t >> t/1-basic.t .. >> 1..23 >> not ok 1 - use PerlIO::eol; >> # Failed test 'use PerlIO::eol;' >> # at t/1-basic.t line 4. >> # Tried to use 'PerlIO::eol'. >> # Error: Can't locate loadable object for module PerlIO::eol in >> @INC (@INC contains: /home/vagrant/.cpan/build/PerlIO-eol-0.16-1/lib >> /home/vagrant/perl5/perlbrew/perls/perl-5.26.1/lib/site_perl/5.26.1/OpenBSD.amd64-openbsd >> >> /home/vagrant/perl5/perlbrew/perls/perl-5.26.1/lib/site_perl/5.26.1 >> /home/vagrant/perl5/perlbrew/perls/perl-5.26.1/lib/5.26.1/OpenBSD.amd64-openbsd >> >> /home/vagrant/perl5/perlbrew/perls/perl-5.26.1/lib/5.26.1) at >> t/1-basic.t line 4. >> # Compilation failed in require at t/1-basic.t line 4. >> # BEGIN failed--compilation aborted at t/1-basic.t line 4. >> Bareword "CR" not allowed while "strict subs" in use at t/1-basic.t line 6. >> Bareword "LF" not allowed while "strict subs" in use at t/1-basic.t line 6. >> Bareword "CRLF" not allowed while "strict subs" in use at t/1-basic.t >> line 6. >> Execution of t/1-basic.t aborted due to compilation errors. >> # Looks like your test exited with 255 just after 1. >> Dubious, test returned 255 (wstat 65280, 0xff00) >> Failed 23/23 subtests >> >> Test Summary Report >> --- >> t/1-basic.t (Wstat: 65280 Tests: 1 Failed: 1) >>Failed test: 1 >>Non-zero exit status: 255 >>Parse errors: Bad plan. You planned 23 tests but ran 1. >> Files=1, Tests=1, 0 wallclock secs ( 0.02 usr 0.04 sys + 0.04 cusr >> 0.06 csys = 0.16 CPU) >> Result: FAIL >> bash-4.4$ >> >> I even tried to export LD_LIBRARY_PATH to the current directory, didn't >> work either. >> >> In the past, I had problems with libs dependencies because installing >> them through pkg_add were putting them over /usr/local/lib, and libpth >> variable in Perl was not searching over there: >> >> -bash-4.4$ perl -v | head -2 >> >> This is perl 5, version 24, subversion 1 (v5.24.1) built for amd64-openbsd >> -bash-4.4$ perl -V | grep libpth >> libpth=/usr/lib /usr/lib >> >> But I don't think that's the case here since the object I'm trying to >> load is on my current directory: >> >> bash-4.4$ ls >> Changes LICENSE~ META.json MYMETA.ymlREADME >> dist.ini eol.c eol.xslib t >> Changes~ MANIFEST META.yml Makefile README~ >> dist.ini~ eol.h eol.xs~ perl.core write.h >> LICENSE MANIFEST.SKIP MYMETA.json Makefile.PL blib >> eol.bseol.o fill.hpm_to_blibxt >> >> The core file over there didn't gave any hints when using "gdb -c" with it. >> >> Thanks! >> Alceu >> >> > > If I make a port using the normal ports framework and try it on -current, > I get this, which is a bit further but not all the way : > > 1..23 > ok 1 - use PerlIO::eol; > ok 2 > ok 3 > ok 4 > ok 5 > ok 6 - open for read > Failed 17/23 subtests > > Test Summary Report > --- > t/1-basic.t (Wstat: 134 Tests: 6 Failed: 0) > Non-zero wait status: 134 > Parse errors: Bad plan. You planned 23 tests but ran 6. > Files=1, Tests=6, 0 wallclock secs ( 0.01 usr 0.04 sys + 0.03 cusr 0.03 > csys = 0.11 CPU) > Result: FAIL > > > Ha. I didn't notice before I wrote a local port, but there's already a port in the tree. So actually you should just be able to use "pkg_add p5-PerlIO-eol". In general: use the OS packages, don't try and mix with cpan. In most cases it's easier to write a port than deal with the mess that you'll end up in by using two different/conflicting package systems (i.e. OpenBSD's usual one and CPAN).
Abort Trap question
I've installed OpenBSD/macppc twice on my G4 Cube now and it seems to be working fine until I go to untar src.tar.gz at which point it throws some abort trap errors and crashes. If I reboot, I get a bunch of abort traps during the boot process followed by several: init: can't exec getty '/usr/libexec/getty' for pot /dev/ttyC3: ... What do you guys think this is...? Hard drive failure...?
Re: error trying to load C/XS Perl module
On 2017-11-15, Alceu Rodrigues de Freitas Juniorwrote: > Hello folks, > > I'm struggling to get installed the module PerlIO::eol by downloding it > from CPAN and installing it. > > I tried with both the standard perl in OpenBSD 6.1 and also one that I > compiled with perlbrew, but the results are the same (after the classic > "perl Makefile.PL; make"): > > bash-4.4$ prove -l -m -v t/1-basic.t > t/1-basic.t .. > 1..23 > not ok 1 - use PerlIO::eol; > # Failed test 'use PerlIO::eol;' > # at t/1-basic.t line 4. > # Tried to use 'PerlIO::eol'. > # Error: Can't locate loadable object for module PerlIO::eol in > @INC (@INC contains: /home/vagrant/.cpan/build/PerlIO-eol-0.16-1/lib > /home/vagrant/perl5/perlbrew/perls/perl-5.26.1/lib/site_perl/5.26.1/OpenBSD.amd64-openbsd > > /home/vagrant/perl5/perlbrew/perls/perl-5.26.1/lib/site_perl/5.26.1 > /home/vagrant/perl5/perlbrew/perls/perl-5.26.1/lib/5.26.1/OpenBSD.amd64-openbsd > > /home/vagrant/perl5/perlbrew/perls/perl-5.26.1/lib/5.26.1) at > t/1-basic.t line 4. > # Compilation failed in require at t/1-basic.t line 4. > # BEGIN failed--compilation aborted at t/1-basic.t line 4. > Bareword "CR" not allowed while "strict subs" in use at t/1-basic.t line 6. > Bareword "LF" not allowed while "strict subs" in use at t/1-basic.t line 6. > Bareword "CRLF" not allowed while "strict subs" in use at t/1-basic.t > line 6. > Execution of t/1-basic.t aborted due to compilation errors. > # Looks like your test exited with 255 just after 1. > Dubious, test returned 255 (wstat 65280, 0xff00) > Failed 23/23 subtests > > Test Summary Report > --- > t/1-basic.t (Wstat: 65280 Tests: 1 Failed: 1) >Failed test: 1 >Non-zero exit status: 255 >Parse errors: Bad plan. You planned 23 tests but ran 1. > Files=1, Tests=1, 0 wallclock secs ( 0.02 usr 0.04 sys + 0.04 cusr > 0.06 csys = 0.16 CPU) > Result: FAIL > bash-4.4$ > > I even tried to export LD_LIBRARY_PATH to the current directory, didn't > work either. > > In the past, I had problems with libs dependencies because installing > them through pkg_add were putting them over /usr/local/lib, and libpth > variable in Perl was not searching over there: > > -bash-4.4$ perl -v | head -2 > > This is perl 5, version 24, subversion 1 (v5.24.1) built for amd64-openbsd > -bash-4.4$ perl -V | grep libpth > libpth=/usr/lib /usr/lib > > But I don't think that's the case here since the object I'm trying to > load is on my current directory: > > bash-4.4$ ls > Changes LICENSE~ META.json MYMETA.ymlREADME > dist.ini eol.c eol.xslib t > Changes~ MANIFEST META.yml Makefile README~ > dist.ini~ eol.h eol.xs~ perl.core write.h > LICENSE MANIFEST.SKIP MYMETA.json Makefile.PL blib > eol.bseol.o fill.hpm_to_blibxt > > The core file over there didn't gave any hints when using "gdb -c" with it. > > Thanks! > Alceu > > If I make a port using the normal ports framework and try it on -current, I get this, which is a bit further but not all the way : 1..23 ok 1 - use PerlIO::eol; ok 2 ok 3 ok 4 ok 5 ok 6 - open for read Failed 17/23 subtests Test Summary Report --- t/1-basic.t (Wstat: 134 Tests: 6 Failed: 0) Non-zero wait status: 134 Parse errors: Bad plan. You planned 23 tests but ran 6. Files=1, Tests=6, 0 wallclock secs ( 0.01 usr 0.04 sys + 0.03 cusr 0.03 csys = 0.11 CPU) Result: FAIL
password-free SSH was Re: [ot] Security of my bit coin wallet
On Wed, Nov 15, 2017 at 10:42 AM, Raul Millerwrote: > Assumption is invalid. Flaws are widely documented (e.g. fixed > supply). Probably wrong list, also. > Ok a little more on topic then. SSH. How would you secure SSH without a password, iteratively password - free? a blank password does not count as password-free. My motivation is turn the internet upside down. Does any current crypto mechanism come to mind? A possible example is the use of Diffie-Hellman at the network layer to identify hosts. I think that would be password-free. > Thanks, > > -- > Raul > Thanks, James > On Wed, Nov 15, 2017 at 8:46 AM, James wrote: >> While a little off topic it is security related so I hope you don't mind. >> >> This is the misc list, right? >> >> Assumption 1. >> bitcoin is a secure protocol without flaws. >> >> quote from >> https://github.com/bitcoinbook/bitcoinbook/blob/second_edition/ch01.asciidoc >> >> With these keys they can sign transactions to unlock the value and >> spend it by transferring it to a new owner. Keys are often stored in a >> digital wallet on each user’s computer or smartphone. Possession of >> the key that can sign a transaction is the only prerequisite to >> spending bitcoin, putting the control entirely in the hands of each >> user. >> >> >> Is the security of a bitcoin wallet ultimately determined by it's password? >> The way I see it If an attacker had access to my computer, the only >> thing protecting access to the wallet would be a password or some >> iteration of a password scheme, if not mine than a centralized server >> of trust somewhere, but eventually someone has a password that is used >> to, unlock a bitcoin. Is that correct reasoning or are there >> alternatives? >> >> Thanks, >> James >>
Re: [ot] Security of my bit coin wallet
Assumption is invalid. Flaws are widely documented (e.g. fixed supply). Probably wrong list, also. Thanks, -- Raul On Wed, Nov 15, 2017 at 8:46 AM, Jameswrote: > While a little off topic it is security related so I hope you don't mind. > > This is the misc list, right? > > Assumption 1. > bitcoin is a secure protocol without flaws. > > quote from > https://github.com/bitcoinbook/bitcoinbook/blob/second_edition/ch01.asciidoc > > With these keys they can sign transactions to unlock the value and > spend it by transferring it to a new owner. Keys are often stored in a > digital wallet on each user’s computer or smartphone. Possession of > the key that can sign a transaction is the only prerequisite to > spending bitcoin, putting the control entirely in the hands of each > user. > > > Is the security of a bitcoin wallet ultimately determined by it's password? > The way I see it If an attacker had access to my computer, the only > thing protecting access to the wallet would be a password or some > iteration of a password scheme, if not mine than a centralized server > of trust somewhere, but eventually someone has a password that is used > to, unlock a bitcoin. Is that correct reasoning or are there > alternatives? > > Thanks, > James >
error trying to load C/XS Perl module
Hello folks, I'm struggling to get installed the module PerlIO::eol by downloding it from CPAN and installing it. I tried with both the standard perl in OpenBSD 6.1 and also one that I compiled with perlbrew, but the results are the same (after the classic "perl Makefile.PL; make"): bash-4.4$ prove -l -m -v t/1-basic.t t/1-basic.t .. 1..23 not ok 1 - use PerlIO::eol; # Failed test 'use PerlIO::eol;' # at t/1-basic.t line 4. # Tried to use 'PerlIO::eol'. # Error: Can't locate loadable object for module PerlIO::eol in @INC (@INC contains: /home/vagrant/.cpan/build/PerlIO-eol-0.16-1/lib /home/vagrant/perl5/perlbrew/perls/perl-5.26.1/lib/site_perl/5.26.1/OpenBSD.amd64-openbsd /home/vagrant/perl5/perlbrew/perls/perl-5.26.1/lib/site_perl/5.26.1 /home/vagrant/perl5/perlbrew/perls/perl-5.26.1/lib/5.26.1/OpenBSD.amd64-openbsd /home/vagrant/perl5/perlbrew/perls/perl-5.26.1/lib/5.26.1) at t/1-basic.t line 4. # Compilation failed in require at t/1-basic.t line 4. # BEGIN failed--compilation aborted at t/1-basic.t line 4. Bareword "CR" not allowed while "strict subs" in use at t/1-basic.t line 6. Bareword "LF" not allowed while "strict subs" in use at t/1-basic.t line 6. Bareword "CRLF" not allowed while "strict subs" in use at t/1-basic.t line 6. Execution of t/1-basic.t aborted due to compilation errors. # Looks like your test exited with 255 just after 1. Dubious, test returned 255 (wstat 65280, 0xff00) Failed 23/23 subtests Test Summary Report --- t/1-basic.t (Wstat: 65280 Tests: 1 Failed: 1) Failed test: 1 Non-zero exit status: 255 Parse errors: Bad plan. You planned 23 tests but ran 1. Files=1, Tests=1, 0 wallclock secs ( 0.02 usr 0.04 sys + 0.04 cusr 0.06 csys = 0.16 CPU) Result: FAIL bash-4.4$ I even tried to export LD_LIBRARY_PATH to the current directory, didn't work either. In the past, I had problems with libs dependencies because installing them through pkg_add were putting them over /usr/local/lib, and libpth variable in Perl was not searching over there: -bash-4.4$ perl -v | head -2 This is perl 5, version 24, subversion 1 (v5.24.1) built for amd64-openbsd -bash-4.4$ perl -V | grep libpth libpth=/usr/lib /usr/lib But I don't think that's the case here since the object I'm trying to load is on my current directory: bash-4.4$ ls Changes LICENSE~ META.json MYMETA.ymlREADME dist.ini eol.c eol.xslib t Changes~ MANIFEST META.yml Makefile README~ dist.ini~ eol.h eol.xs~ perl.core write.h LICENSE MANIFEST.SKIP MYMETA.json Makefile.PL blib eol.bseol.o fill.hpm_to_blibxt The core file over there didn't gave any hints when using "gdb -c" with it. Thanks! Alceu
[ot] Security of my bit coin wallet
While a little off topic it is security related so I hope you don't mind. This is the misc list, right? Assumption 1. bitcoin is a secure protocol without flaws. quote from https://github.com/bitcoinbook/bitcoinbook/blob/second_edition/ch01.asciidoc With these keys they can sign transactions to unlock the value and spend it by transferring it to a new owner. Keys are often stored in a digital wallet on each user’s computer or smartphone. Possession of the key that can sign a transaction is the only prerequisite to spending bitcoin, putting the control entirely in the hands of each user. Is the security of a bitcoin wallet ultimately determined by it's password? The way I see it If an attacker had access to my computer, the only thing protecting access to the wallet would be a password or some iteration of a password scheme, if not mine than a centralized server of trust somewhere, but eventually someone has a password that is used to, unlock a bitcoin. Is that correct reasoning or are there alternatives? Thanks, James