Re: USB ethernet ure0 not working
On Wed, Mar 06, 2024 at 12:43:28PM +0500, ofthecentury wrote: > I'm stumped. Pls help. > I plug a TPLink USB ethernet dongle in, it > is identified by OpenBSD, and I get a ure0 > interface. It says ure0 is up and running. I > give it the ip address, default route, but > nothing happens, I don't get connectivity. > I do everything the same for the USB dongle > as for the inbuilt ethernet (which works fine). > Dmesg says some additional interface rlphy0 > is added or something, but the only interface > I see in ifconfig is ure0. `route show` gives > nothing. ENOACTUALINFO The actual output of those commands (censored of any not-to-be-revealed information if need be) would be crucial in helping diagnose the problem. dmesg showing rlphy0 and possibly rgephy0 is to be expected, see man ure Hopefully the actual problem is a trivial one, easy to spot for a separate set of eyes. - P -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team https://bsdly.blogspot.com/ https://www.bsdly.net/ https://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
USB ethernet ure0 not working
I'm stumped. Pls help. I plug a TPLink USB ethernet dongle in, it is identified by OpenBSD, and I get a ure0 interface. It says ure0 is up and running. I give it the ip address, default route, but nothing happens, I don't get connectivity. I do everything the same for the USB dongle as for the inbuilt ethernet (which works fine). Dmesg says some additional interface rlphy0 is added or something, but the only interface I see in ifconfig is ure0. `route show` gives nothing.
Re: Disk encryption cipher
https://github.com/openbsd/src/blob/master/sys/dev/softraid.c Judging by the source code it's aes-512-xts now. Such hard. Very cipher. Hacking can't. NSA oh no. On Wed, Mar 6, 2024 at 12:02 PM Janne Johansson wrote: > > Den ons 6 mars 2024 kl 07:17 skrev ofthecentury : > > > > Hi. I cannot find what cipher is used for full > > disk encryption on OpenBSD. I saw a mention > > of salting too, but really no specifics on what > > the encryption algorithm is. Is there somewhere > > I can read about it? And really, what is the cipher > > used? > > The presentation from 2010: > > AsiaBSDCon 2010, Mar 11 - 14, 2010, Tokyo, Japan. > Marco Peereboom gave talks about softraid -- OpenBSD's virtual HBA, > with benefits (paper) > > says it was AES-256 XTS then at least. > > -- > May the most significant bit of your life be positive.
Re: Disk encryption cipher
Den ons 6 mars 2024 kl 07:17 skrev ofthecentury : > > Hi. I cannot find what cipher is used for full > disk encryption on OpenBSD. I saw a mention > of salting too, but really no specifics on what > the encryption algorithm is. Is there somewhere > I can read about it? And really, what is the cipher > used? The presentation from 2010: AsiaBSDCon 2010, Mar 11 - 14, 2010, Tokyo, Japan. Marco Peereboom gave talks about softraid -- OpenBSD's virtual HBA, with benefits (paper) says it was AES-256 XTS then at least. -- May the most significant bit of your life be positive.
Disk encryption cipher
Hi. I cannot find what cipher is used for full disk encryption on OpenBSD. I saw a mention of salting too, but really no specifics on what the encryption algorithm is. Is there somewhere I can read about it? And really, what is the cipher used?
Stopped at smu7_powergate_uvd+0x23 Question
1. The UEFI BIOS on this machine does not have an option to disable symmetric multi threading. 2. The machine has experienced intermittent hangs/freezes from the time it was built and commissioned about 2 years ago. 3. All installNN.img files listed below, were successfully installed (not upgraded) in the order shown. All hang before reaching the login prompt, each time they are booted. All NN digits are those of the GENERIC.MP snapshot. - install75.img # snapshot 47 - install75.img # snapshot 49 - install75.img # snapshot 52 - install75.img # snapshot 53 - install75.img # snapshot 56 The last displayed boot line on each boot was: root on sd0a (A16digitNUM.a) swap on sd0b dump on sd0b About 90 seconds later the machine's fans greatly increase speed and the console screen goes black and blank. 4. Using shell access from the install75.img USB flash drive to the installed file system provides no useful information e.g.: - there are no files in /var/run; - the only file in and below /var/log that has >0 bytes is install.resp.7490; - and (of course) /usr/src is empty; - sysctl kern.version displays ... 7.5 (RAMDISK_CD) #nn ... . Shell access was useful, to change /etc/ttys tty000 entry to enable the machine to be configured as a serial server on the next boot. 5. Suggestions as to how extra helpful information could be obtained are welcome. 6. Serial Console Info, and OpenBSD 7.4 dmesg.boot Output has been captured via a serial console from the problem machine from each of the installed snapshots on a subsequent cold boot. Each set of captured information has shown that the machine has stopped at: smu7_powergate_uvd+0x23:movb%dh,0xdb9(%rax) Other captured information from each of the snapshots is almost identical. The following set of captured information is from the last snapshot installed on the machine. It is followed by dmesg.boot from a previously installed working 7.4 snapshot. The captured information plus the 7.4 snapshot are deliberately not included in this post as this email would be > 83k bytes. My question is: should I send everything to b...@openbsd.org? -- aer
Re: can't find PID
On Tue, Mar 5, 2024 at 12:24 PM Markus Wernig wrote: > When I reload the pf ruleset with pfctl, the number in the pid field > changes. So my assumption is that it is the pid of the pfctl process > that inserted the rule. Is that correct? > I believe you are correct. while running tcpdump in another window, I tested this for myself by running: # pfctl -f /etc/pf.conf & [1] 27982 The pid shown in the tcpdump output immediately changed from its previous value to 27982. I assume that this feature is most useful when specific rules are updated via anchors, e.g. for ftp-proxy. -ken
Re: OT: Test new email conf
Darling, they know me as an ethical guy. So, my true blogs are usually offline cause the italo-american meritocracy and their "liberty".., I'm really sorry for the business... NB: I suggest you to adopt true western names to make your tricks, indeed, they are so cool -Dan Mar 5, 2024 20:20:36 Mizsei Zoltán : > Please consider to start a blog about your adventures. Thanks. > > Regards, > -ext
Re: can't find PID
On 2024-03-05, Raul Miller wrote: > If you want to track which executable was running which pid at a > specific time, you need to put that information in a log, so you can > associate pid and time with the executable path. see accton(8), lastcomm(1) -- Please keep replies on the mailing list.
Re: OT: Test new email conf
Please consider to start a blog about your adventures. Thanks. Regards, -ext Daniele B. írta 2024. márc.. 5, K-n 18:58 órakor: > The past days I was managing to try it > the admin interface of BookMyName (iliad) and > sorry for the wanted advertisement.. (it is affordable) > Suddenly I found myself in front of a > transliteral (from the French) saying very > closed to the following: > > "Please fill in a backup email address > (attention by suppling an email address different to > the registration email you are admitting > to currently use more than one email address!)". > > I personally felt faintened, almost doomed.. > > -Dan > > Mar 2, 2024 07:54:55 Nowarez Market : > >> Hello, >> >> You can take it like a *curtesy email* to disclose my new email address. >> Kindly thxs and take care of the pacman.. -- --Z--
Re: OT: Test new email conf
The past days I was managing to try it the admin interface of BookMyName (iliad) and sorry for the wanted advertisement.. (it is affordable) Suddenly I found myself in front of a transliteral (from the French) saying very closed to the following: "Please fill in a backup email address (attention by suppling an email address different to the registration email you are admitting to currently use more than one email address!)". I personally felt faintened, almost doomed.. -Dan Mar 2, 2024 07:54:55 Nowarez Market : > Hello, > > You can take it like a *curtesy email* to disclose my new email address. > Kindly thxs and take care of the pacman..
Re: can't find PID
I have asked myself the same question. When runninng tcpdump -n -i pflog0 with the -e -v flags (and only in that combination), it outputs tuples that looks like they should be a uid and pid: 16:40:47.110033 rule 2/(match) [uid 0, pid 92257] block in on trunk0: ... (it's 92257 on the machine this example is from, but is different on other machines) The pid that "pid" references does not show up in any invocation of ps (-A, -a, -H, -k). It's also not mentioned in tcpdump[8]. pflog[4] does mention a uid_t uid and pid_t pid field in the pfloghdr struct, but does not say where the values come from. When I reload the pf ruleset with pfctl, the number in the pid field changes. So my assumption is that it is the pid of the pfctl process that inserted the rule. Is that correct? thx /m On 3/5/24 15:45, Theo de Raadt wrote: What are you expecting here?? ofthecentury wrote: Yes, I'm tcdupming pflog and ALL my dropped packets reference some PID 6504 that is not found among the processes that are running.
Re: can't find PID
And often we would live off a desktop environment as we aware of. this is poetry I think.. Mar 5, 2024 16:44:50 deich...@placebonol.com: > not wanting to speak for someone else, but I'm pretty sure it was sarcasm. > > On March 5, 2024 8:21:40 AM MST, ofthecentury wrote: >> Well, that's not very noice. Where is security?
Re: can't find PID
Thanks. I'm new, so did not realize PIDs are randomly numbered, which is fantastic. Just for a fleeting moment I thought I wasn't going to be lonely, with Theo's shell lurking in the background. On Tue, Mar 5, 2024 at 8:30 PM Raul Miller wrote: > > If you want to track which executable was running which pid at a > specific time, you need to put that information in a log, so you can > associate pid and time with the executable path. > > -- > Raul > > On Tue, Mar 5, 2024 at 10:26 AM ofthecentury wrote: > > > > Well, that's not very noice. Where is security? > > > > On Tue, Mar 5, 2024 at 7:45 PM Theo de Raadt wrote: > > > > > PID 6504 was my shell. I've logged off now. > > > > > > What are you expecting here?? > > > > > > > > > ofthecentury wrote: > > > > > > > Yes, I'm tcdupming pflog and ALL my dropped packets > > > > reference some PID 6504 that is not found among > > > > the processes that are running. I was actually not fishing > > > > for PIDs, I just saw the PID referenced in the standard > > > > tcpdump output. For forensics I just want to find the link > > > > between PID referenced in tcpdump to the process, > > > > and I cannot, and I believe I should be able to for security. > > > > > > > > > > > > > > > > On Tue, Mar 5, 2024 at 7:12 PM Janne Johansson > > > wrote: > > > > > > > > > Den tis 5 mars 2024 kl 14:35 skrev ofthecentury < > > > ofthecent...@gmail.com>: > > > > > > > > > > > > Hi, I'm on a fresh install of OpenBSD 7.4. > > > > > > I am watching output of tcpdump and > > > > > > seeing some drops that all reference > > > > > > UID 0, pid 6504. I cannot find that PID > > > > > > among running processes. Does anyone > > > > > > know what is that process and why it's > > > > > > not running but tcpdump references it? > > > > > > > > > > OpenBSD has random pids, so unless you ask about pid 0 or 1, noone can > > > > > divine what process had pid 6504 on your system at that time. > > > > > > > > > > As for this report, it looks like you are tcpdumping pflog in order to > > > > > see "drops" with pids, but since you didn't mention what you ran, it's > > > > > hard to tell. Nor did you state how you looked for pids, perhaps not > > > > > using all the possible options? > > > > > > > > > > > > > > > -- > > > > > May the most significant bit of your life be positive. > > > > > > > >
Re: can't find PID
not wanting to speak for someone else, but I'm pretty sure it was sarcasm. On March 5, 2024 8:21:40 AM MST, ofthecentury wrote: >Well, that's not very noice. Where is security? > >On Tue, Mar 5, 2024 at 7:45 PM Theo de Raadt wrote: > >> PID 6504 was my shell. I've logged off now. >> >> What are you expecting here?? >> >> >> ofthecentury wrote: >> >> > Yes, I'm tcdupming pflog and ALL my dropped packets >> > reference some PID 6504 that is not found among >> > the processes that are running. I was actually not fishing >> > for PIDs, I just saw the PID referenced in the standard >> > tcpdump output. For forensics I just want to find the link >> > between PID referenced in tcpdump to the process, >> > and I cannot, and I believe I should be able to for security. >> > >> > >> > >> > On Tue, Mar 5, 2024 at 7:12 PM Janne Johansson >> wrote: >> > >> > > Den tis 5 mars 2024 kl 14:35 skrev ofthecentury < >> ofthecent...@gmail.com>: >> > > > >> > > > Hi, I'm on a fresh install of OpenBSD 7.4. >> > > > I am watching output of tcpdump and >> > > > seeing some drops that all reference >> > > > UID 0, pid 6504. I cannot find that PID >> > > > among running processes. Does anyone >> > > > know what is that process and why it's >> > > > not running but tcpdump references it? >> > > >> > > OpenBSD has random pids, so unless you ask about pid 0 or 1, noone can >> > > divine what process had pid 6504 on your system at that time. >> > > >> > > As for this report, it looks like you are tcpdumping pflog in order to >> > > see "drops" with pids, but since you didn't mention what you ran, it's >> > > hard to tell. Nor did you state how you looked for pids, perhaps not >> > > using all the possible options? >> > > >> > > >> > > -- >> > > May the most significant bit of your life be positive. >> > > >>
Re: can't find PID
If you want to track which executable was running which pid at a specific time, you need to put that information in a log, so you can associate pid and time with the executable path. -- Raul On Tue, Mar 5, 2024 at 10:26 AM ofthecentury wrote: > > Well, that's not very noice. Where is security? > > On Tue, Mar 5, 2024 at 7:45 PM Theo de Raadt wrote: > > > PID 6504 was my shell. I've logged off now. > > > > What are you expecting here?? > > > > > > ofthecentury wrote: > > > > > Yes, I'm tcdupming pflog and ALL my dropped packets > > > reference some PID 6504 that is not found among > > > the processes that are running. I was actually not fishing > > > for PIDs, I just saw the PID referenced in the standard > > > tcpdump output. For forensics I just want to find the link > > > between PID referenced in tcpdump to the process, > > > and I cannot, and I believe I should be able to for security. > > > > > > > > > > > > On Tue, Mar 5, 2024 at 7:12 PM Janne Johansson > > wrote: > > > > > > > Den tis 5 mars 2024 kl 14:35 skrev ofthecentury < > > ofthecent...@gmail.com>: > > > > > > > > > > Hi, I'm on a fresh install of OpenBSD 7.4. > > > > > I am watching output of tcpdump and > > > > > seeing some drops that all reference > > > > > UID 0, pid 6504. I cannot find that PID > > > > > among running processes. Does anyone > > > > > know what is that process and why it's > > > > > not running but tcpdump references it? > > > > > > > > OpenBSD has random pids, so unless you ask about pid 0 or 1, noone can > > > > divine what process had pid 6504 on your system at that time. > > > > > > > > As for this report, it looks like you are tcpdumping pflog in order to > > > > see "drops" with pids, but since you didn't mention what you ran, it's > > > > hard to tell. Nor did you state how you looked for pids, perhaps not > > > > using all the possible options? > > > > > > > > > > > > -- > > > > May the most significant bit of your life be positive. > > > > > >
Re: can't find PID
Well, that's not very noice. Where is security? On Tue, Mar 5, 2024 at 7:45 PM Theo de Raadt wrote: > PID 6504 was my shell. I've logged off now. > > What are you expecting here?? > > > ofthecentury wrote: > > > Yes, I'm tcdupming pflog and ALL my dropped packets > > reference some PID 6504 that is not found among > > the processes that are running. I was actually not fishing > > for PIDs, I just saw the PID referenced in the standard > > tcpdump output. For forensics I just want to find the link > > between PID referenced in tcpdump to the process, > > and I cannot, and I believe I should be able to for security. > > > > > > > > On Tue, Mar 5, 2024 at 7:12 PM Janne Johansson > wrote: > > > > > Den tis 5 mars 2024 kl 14:35 skrev ofthecentury < > ofthecent...@gmail.com>: > > > > > > > > Hi, I'm on a fresh install of OpenBSD 7.4. > > > > I am watching output of tcpdump and > > > > seeing some drops that all reference > > > > UID 0, pid 6504. I cannot find that PID > > > > among running processes. Does anyone > > > > know what is that process and why it's > > > > not running but tcpdump references it? > > > > > > OpenBSD has random pids, so unless you ask about pid 0 or 1, noone can > > > divine what process had pid 6504 on your system at that time. > > > > > > As for this report, it looks like you are tcpdumping pflog in order to > > > see "drops" with pids, but since you didn't mention what you ran, it's > > > hard to tell. Nor did you state how you looked for pids, perhaps not > > > using all the possible options? > > > > > > > > > -- > > > May the most significant bit of your life be positive. > > > >
Re: can't find PID
And once upon the time 'offtheshell' was around.. :D Theo de Raadt : > PID 6504 was my shell. I've logged off now. > > What are you expecting here?? > > > ofthecentury wrote: > >> Yes, I'm tcdupming pflog and ALL my dropped packets >> reference some PID 6504 that is not found among >> the processes that are running. I was actually not fishing >> for PIDs,
Re: can't find PID
PID 6504 was my shell. I've logged off now. What are you expecting here?? ofthecentury wrote: > Yes, I'm tcdupming pflog and ALL my dropped packets > reference some PID 6504 that is not found among > the processes that are running. I was actually not fishing > for PIDs, I just saw the PID referenced in the standard > tcpdump output. For forensics I just want to find the link > between PID referenced in tcpdump to the process, > and I cannot, and I believe I should be able to for security. > > > > On Tue, Mar 5, 2024 at 7:12 PM Janne Johansson wrote: > > > Den tis 5 mars 2024 kl 14:35 skrev ofthecentury : > > > > > > Hi, I'm on a fresh install of OpenBSD 7.4. > > > I am watching output of tcpdump and > > > seeing some drops that all reference > > > UID 0, pid 6504. I cannot find that PID > > > among running processes. Does anyone > > > know what is that process and why it's > > > not running but tcpdump references it? > > > > OpenBSD has random pids, so unless you ask about pid 0 or 1, noone can > > divine what process had pid 6504 on your system at that time. > > > > As for this report, it looks like you are tcpdumping pflog in order to > > see "drops" with pids, but since you didn't mention what you ran, it's > > hard to tell. Nor did you state how you looked for pids, perhaps not > > using all the possible options? > > > > > > -- > > May the most significant bit of your life be positive. > >
Re: can't find PID
Yes, I'm tcdupming pflog and ALL my dropped packets reference some PID 6504 that is not found among the processes that are running. I was actually not fishing for PIDs, I just saw the PID referenced in the standard tcpdump output. For forensics I just want to find the link between PID referenced in tcpdump to the process, and I cannot, and I believe I should be able to for security. On Tue, Mar 5, 2024 at 7:12 PM Janne Johansson wrote: > Den tis 5 mars 2024 kl 14:35 skrev ofthecentury : > > > > Hi, I'm on a fresh install of OpenBSD 7.4. > > I am watching output of tcpdump and > > seeing some drops that all reference > > UID 0, pid 6504. I cannot find that PID > > among running processes. Does anyone > > know what is that process and why it's > > not running but tcpdump references it? > > OpenBSD has random pids, so unless you ask about pid 0 or 1, noone can > divine what process had pid 6504 on your system at that time. > > As for this report, it looks like you are tcpdumping pflog in order to > see "drops" with pids, but since you didn't mention what you ran, it's > hard to tell. Nor did you state how you looked for pids, perhaps not > using all the possible options? > > > -- > May the most significant bit of your life be positive. >
Re: can't find PID
Den tis 5 mars 2024 kl 14:35 skrev ofthecentury : > > Hi, I'm on a fresh install of OpenBSD 7.4. > I am watching output of tcpdump and > seeing some drops that all reference > UID 0, pid 6504. I cannot find that PID > among running processes. Does anyone > know what is that process and why it's > not running but tcpdump references it? OpenBSD has random pids, so unless you ask about pid 0 or 1, noone can divine what process had pid 6504 on your system at that time. As for this report, it looks like you are tcpdumping pflog in order to see "drops" with pids, but since you didn't mention what you ran, it's hard to tell. Nor did you state how you looked for pids, perhaps not using all the possible options? -- May the most significant bit of your life be positive.
can't find PID
Hi, I'm on a fresh install of OpenBSD 7.4. I am watching output of tcpdump and seeing some drops that all reference UID 0, pid 6504. I cannot find that PID among running processes. Does anyone know what is that process and why it's not running but tcpdump references it? Thanks!