Re: How to exit cu?
On 2024-03-29 14:56:08, jslee wrote: > On Fri, 29 Mar 2024, at 14:18, Sadeep Madurange wrote: > > I opened a serial terminal using 'cu -l cuaU0 -s 115200', but can't > > exit > > Enter > ~ > . > > Try that > > (It also works for OpenSSH interactive sessions) I managed to get it working. I needed to press Enter, press ~ (and release), then press Ctrl and D keys at the same time. Thank you. -- Sadeep Madurange PGP: 103BF9E3E750BF7E
Re: How to exit cu?
On 2024-03-29 15:18:26, jslee wrote: > On Fri, 29 Mar 2024, at 15:09, Sadeep Madurange wrote: > > Same problem: 'Local file?' prompt. I typed it by pressing down on > > Enter, let go of Enter, while pressing down on Shift, pressed ` key > > (for ~) and the . key. > > What’s the context here? > > Are you running cu in > > * an xterm? > * an ssh session to the openbsd system where you are running cu? > * an openbsd console session? > > Wondering if you’re running it (cu) in something else that does things > with ~ sequences. Though that “local file” prompt isn’t familiar to > me. Try this maybe > > Enter > ~ > ~ > . > Didn't work :( > Generally people are better able to help you if you describe more of > the situation/problem Apologies. I'm using cu on xterm. So, I have openbsd 7.4 amd64 installed on a ThinkPad T490 laptop. The serial device is an esp32 microcontroller attached to a USB port on the laptop. To connect to it via serial, I open xterm, then enter the following command: cu -l cuaU0 -s 115200 which connects successfully and shows me the output of the mcu. I just can't exit the serial console without closing the xterm window. -- Sadeep Madurange PGP: 103BF9E3E750BF7E
Re: How to exit cu?
On Fri, 29 Mar 2024, at 15:09, Sadeep Madurange wrote: > Same problem: 'Local file?' prompt. I typed it by pressing down on > Enter, let go of Enter, while pressing down on Shift, pressed ` key (for > ~) and the . key. What’s the context here? Are you running cu in * an xterm? * an ssh session to the openbsd system where you are running cu? * an openbsd console session? Wondering if you’re running it (cu) in something else that does things with ~ sequences. Though that “local file” prompt isn’t familiar to me. Try this maybe Enter ~ ~ . Generally people are better able to help you if you describe more of the situation/problem John
Re: How to exit cu?
On 2024-03-29 14:56:08, jslee wrote: > On Fri, 29 Mar 2024, at 14:18, Sadeep Madurange wrote: > > I opened a serial terminal using 'cu -l cuaU0 -s 115200', but can't > > exit > > Enter > ~ > . > > Try that Same problem: 'Local file?' prompt. I typed it by pressing down on Enter, let go of Enter, while pressing down on Shift, pressed ` key (for ~) and the . key. -- Sadeep Madurange PGP: 103BF9E3E750BF7E
Re: How to exit cu?
On Fri, 29 Mar 2024, at 14:18, Sadeep Madurange wrote: > I opened a serial terminal using 'cu -l cuaU0 -s 115200', but can't exit Enter ~ . Try that (It also works for OpenSSH interactive sessions) John
How to exit cu?
Hello, I opened a serial terminal using 'cu -l cuaU0 -s 115200', but can't exit it. I don't understand the manual for this, how do I type the ~^D sequence on a US keyboard? I tried the following sequences but nothing happens. 1. Shift + ~ + 6 + d 2. Shift + ~ + d 3. Shift + ~ + Ctrl + d If I type 'Shift + ~ + .', I get 'Local file?' prompt, but regardless of what I type (e.g., Ctrl+C, Ctrl+D, Ctrl+]), it just goes back to serial terminal emulator. -- Sadeep Madurange PGP: 103BF9E3E750BF7E
Re: Security questions: Login spoofing, X11 keylogging, and sandboxed apps
Replying now to Luke (luke...@onemodel.org): Thank you, that's interesting! I appreciate that you're contributing a meaningful answer to my questions, and I also appreciate that you're nice to me. :) Also h.kampm...@web.de seems to be nice to me, unless I misinterpreted what they said (I'm not sure, sorry). ~ | ~ | ~ | ~ | ~ | ~ On Thursday, March 28, 2024, Jan Stary wrote: > On Mar 28 21:16:45, dan.peretz...@gmail.com wrote: > > You didn't "Reply All", so I didn't get your reply in my inbox. > > Apparently, you did. No, I did not. You're assuming I reply to your message in my inbox; that's a wrong (and fallacious) assumption. I checked marc.info for replies when not logged into my email (as this is more convenient than logging in repeatedly). When I saw your reply in marc.info, I logged into my email to reply to you but couldn't find your message in my inbox, and didn't know why. Fortunately, I am smart, so I created a new message with the same subject line (including the "Re:" part at the start) and CCed the mailing list so marc.info would detect it as if it's in the same thread, and apparently I succeeded. I also copied your sentences from marc.info and pasted them into my reply, along with prepending > signs. > > > (The person > > you're replying to should be in the To field, and the mailing list in the > > Cc field.) > > I replied to the list. > If you are not subscribed to the list, > you don't get the list replies. I did not know that. I really am not subscribed. I don't want to subscribe to the entire mailing list, I just think it's useful to get replies to my thread only; perhaps there's a way to accomplish that? > > > >Even on windows; this has nothing to do with intercepting ctrl-alt-del. > > False. Ctrl-Alt-Delete cannot be intercepted on Windows without first > > compromising the integrity of the operating system. The Windows kernel is > > hardcoded to forward Ctrl-Alt-Delete to Winlogon, and Winlogon runs in a > > separate Secure Desktop mode that takes over the entire screen and no > other > > programs can intercept keystrokes from or send keystrokes to. > > https://security.stackexchange.com/a/34975 > > https://learn.microsoft.com/windows/win32/winstation/desktops > > Repeat after me: I can display what looks like a login screen; > I don't to have anything to do with ctrl-alt-del to display that. I do not need to repeat mantras. I did not deny that programs can do that, quite the opposite: I explicitly acknowledged that programs can do that, and asked what mechanism OpenBSD provides to ensure, at the user's request, that the operating system temporarily takes over with a real login prompt that cannot be interfered with or snooped on. Windows can already do that with Ctrl-Alt-Delete, but I couldn't find anything on the web to suggest that OpenBSD can do that. > > And it has nothing to do with OpenBSD. Ditto. > > > >I don't believe that's true. > > >"Dear X11, what is $user typing into his firefox textarea"? > > I'm not an X11 expert, and I'm not sure if the example provided in the > > following link is because the program and the desktop it's running under > > have different UIDs (rather than locking the desktop, logging into a > > different user with a new desktop session using a SAK like > Ctrl-Alt-Delete, > > and running it there), but I found this old blog post, by whom I believe > is > > the founder of Qubes OS, being cited somewhere: > > https://theinvisiblethings.blogspot.com/2011/04/linux- > security-circus-on-gui-isolation.html > > It is common knowledge that X11 is insecure by design, not (only) by the > > ancient code, so even if the blog post isn't relevant anymore, it > wouldn't > > surprise me if such attacks could still be done. > > Ah, so that's what you have "learned": a 13y old blogpost. Which is supposed to be relevant. Age isn't directly related to relevancy, especially when talking about much older tech (X11, which is 39 years old according to Wikipedia) that's still used today (2024, which is 0 years ago). Furthermore, I was linked to that article from madaidans-insecurities.github.io (a blog of one of the developers of Whonix). > Fine, show me how you read another user's keystrokes under X. Showing a proof of concept is not a necessity to convey or prove a point in an online discussion, and I don't follow orders from you. So I have no obligation whatsoever (including for the sake of argument, which is the most important here) to do that. > > > >>I saw that Chromium, Firefox, and Tor Browser on OpenBSD (at least when > > installed from the OpenBSD package manager/ports) are sandboxed with > > pledge(2) and unveil(2). > > >find /usr/ports/ -name pledge\* > > Already done: > > https://openports.pl/search?file=unveil > > This only lists third-party packages that have an OpenBSD > ports-originated > > addition of pledge/unveil configuration files; packages that use > > pledge/unveil without configuration files, or whose pledge/unveil > >
Re: Security questions: Login spoofing, X11 keylogging, and sandboxed apps
On 2024-03-28 17:28:56+0100, Jan Stary wrote: > > (2) I've learned that X11 allows locally running malware to sniff the > > keystrokes input to any other X11-using app running under any user. > > I don't believe that's true. > Where have you "learned" that, and how does that work? > "Dear X11, what is $user typing into his firefox textarea"? I'm no X expert, but I think what you are saying is technically correct across users, but I believe it is possible for one application to sniff the keystrokes input to another app running under the *same* user, at least, and under different users in the same X session depending on how they connect. Specifically: 1) Under `man xterm' in the "SECURITY" section it says some related things that sound like that is what they are saying. I can't elaborate on what it says there but that made me want to be cautious. 2) running xinput list ...shows some devices, where on my system the /dev/wskbd has "id=6". Then taking that number 6 and doing xinput test 6 ...and typing in a separate xterm window shows the keystrokes from the second window, in the first. I believe the same would be true for any X application running as the *same* user. 3) I did some experimenting in the past with "ssh -X user@..." and "ssh -Y user@...", and only when using -Y were keystrokes visible across users. Similar things can be done with less cpu overhead using xauth and magic cookies etc (I played with that, with help from people on this list, scripted it for myself using what they and man pages helped me learn, and haven't thought about it much since then, except to use the scripts--but it is very handy for me to have things running as different users within the same X session, because of these boundaries around keyboard sniffing and also filesystem etc restrictions across users). 4) I am under the impression that the clipboard sharing between X users is not restricted as the above things are. Ie, one can spy on another freely. Luke Call
Re: Security questions: Login spoofing, X11 keylogging, and sandboxed apps
On Thu, Mar 28, 2024 at 09:16:45PM +, Dan wrote: > You didn't "Reply All", so I didn't get your reply in my inbox. (The person > you're replying to should be in the To field, and the mailing list in the > Cc field.) OH PUH-LEEZE. No. You send to a mailing list, people are supposed to reply to the mailing list. A select few may have their mail clients configured so the author of the message will receive a courtesy copy (aka Cc:). If I seem unresponsive to any followups to this thread, a likely reason will be that I will not see messages with your From: without putting in some extra effort. - Peter -- Peter N. M. Hansteen, member of the first RFC 1149 implementation team https://bsdly.blogspot.com/ https://www.bsdly.net/ https://www.nuug.no/ "Remember to set the evil bit on all malicious network traffic" delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
Re: No coloring with colorls
Op 28-03-2024 om 07:51 schreef Stuart Henderson: For the console, use /etc/ttys. For an X terminal, use whatever mechanism is correct for that terminal (.Xdefaults XTerm*termName for xterm). The file /etc/ttys is 22.5kB in size and is full of all kinds of "tty** ...". I don't think this is the right file to use something like that. It seems to me that you are making the system disrupted/unstable by doing so. Those "ttys**..." won't vouch for it for nothing.
Re: Security questions: Login spoofing, X11 keylogging, and sandboxed apps
Hello, when I read posts like @Dan's, I say to myself: Don't feed the troll. Pointless. Wish you all a nice weekend, Heinz Gesendet: Donnerstag, 28. März 2024 um 23:02 Uhr Von: "Jan Stary" An: misc@openbsd.org Betreff: Re: Security questions: Login spoofing, X11 keylogging, and sandboxed apps go away On Mar 28 21:16:45, dan.peretz...@gmail.com wrote: > You didn't "Reply All", so I didn't get your reply in my inbox. (The person > you're replying to should be in the To field, and the mailing list in the > Cc field.) > > >Even on windows; this has nothing to do with intercepting ctrl-alt-del. > False. Ctrl-Alt-Delete cannot be intercepted on Windows without first > compromising the integrity of the operating system. The Windows kernel is > hardcoded to forward Ctrl-Alt-Delete to Winlogon, and Winlogon runs in a > separate Secure Desktop mode that takes over the entire screen and no other > programs can intercept keystrokes from or send keystrokes to. > https://security.stackexchange.com/a/34975 > https://learn.microsoft.com/windows/win32/winstation/desktops[https://learn.microsoft.com/windows/win32/winstation/desktops] > > >I don't believe that's true. > >"Dear X11, what is $user typing into his firefox textarea"? > I'm not an X11 expert, and I'm not sure if the example provided in the > following link is because the program and the desktop it's running under > have different UIDs (rather than locking the desktop, logging into a > different user with a new desktop session using a SAK like Ctrl-Alt-Delete, > and running it there), but I found this old blog post, by whom I believe is > the founder of Qubes OS, being cited somewhere: > https://theinvisiblethings.blogspot.com/2011/04/linux-security-circus-on-gui-isolation.html[https://theinvisiblethings.blogspot.com/2011/04/linux-security-circus-on-gui-isolation.html] > It is common knowledge that X11 is insecure by design, not (only) by the > ancient code, so even if the blog post isn't relevant anymore, it wouldn't > surprise me if such attacks could still be done. > > >>I saw that Chromium, Firefox, and Tor Browser on OpenBSD (at least when > installed from the OpenBSD package manager/ports) are sandboxed with > pledge(2) and unveil(2). > >find /usr/ports/ -name pledge\* > Already done: > https://openports.pl/search?file=unveil[https://openports.pl/search?file=unveil] > This only lists third-party packages that have an OpenBSD ports-originated > addition of pledge/unveil configuration files; packages that use > pledge/unveil without configuration files, or whose pledge/unveil > configuration files originate from the upstream distribution, are not > listed. Chromium, Ungoogled Chromium, Firefox, Firefox ESR, and Tor Browser > are sandboxed, which is excellent because Web browsing is one of the most > popular desktop activity and browsers are meant to use networking and > execute untrusted JavaScript/WebAssembly code, and parse untrusted data > like media, CSS, etc. Contrary to servers, that if they're hacked then some > business might be ruined, personal computers are used to do banking and > shopping online, chat with distant friends/family > members/doctors/lawyers/coworkers/etc., and hold our personal thoughts and > memories, so I believe that they shouldn't get compromised just because the > user entered the wrong website on a bad day, or opened the wrong video, or > the wrong file, etc. OpenBSD already has the excellent system calls > pledge(2) and unveil(2), and already uses them extensively in the base > system and for the aforementioned browsers, but what about other programs?
Re: Security questions: Login spoofing, X11 keylogging, and sandboxed apps
go away On Mar 28 21:16:45, dan.peretz...@gmail.com wrote: > You didn't "Reply All", so I didn't get your reply in my inbox. (The person > you're replying to should be in the To field, and the mailing list in the > Cc field.) > > >Even on windows; this has nothing to do with intercepting ctrl-alt-del. > False. Ctrl-Alt-Delete cannot be intercepted on Windows without first > compromising the integrity of the operating system. The Windows kernel is > hardcoded to forward Ctrl-Alt-Delete to Winlogon, and Winlogon runs in a > separate Secure Desktop mode that takes over the entire screen and no other > programs can intercept keystrokes from or send keystrokes to. > https://security.stackexchange.com/a/34975 > https://learn.microsoft.com/windows/win32/winstation/desktops > > >I don't believe that's true. > >"Dear X11, what is $user typing into his firefox textarea"? > I'm not an X11 expert, and I'm not sure if the example provided in the > following link is because the program and the desktop it's running under > have different UIDs (rather than locking the desktop, logging into a > different user with a new desktop session using a SAK like Ctrl-Alt-Delete, > and running it there), but I found this old blog post, by whom I believe is > the founder of Qubes OS, being cited somewhere: > https://theinvisiblethings.blogspot.com/2011/04/linux-security-circus-on-gui-isolation.html > It is common knowledge that X11 is insecure by design, not (only) by the > ancient code, so even if the blog post isn't relevant anymore, it wouldn't > surprise me if such attacks could still be done. > > >>I saw that Chromium, Firefox, and Tor Browser on OpenBSD (at least when > installed from the OpenBSD package manager/ports) are sandboxed with > pledge(2) and unveil(2). > >find /usr/ports/ -name pledge\* > Already done: > https://openports.pl/search?file=unveil > This only lists third-party packages that have an OpenBSD ports-originated > addition of pledge/unveil configuration files; packages that use > pledge/unveil without configuration files, or whose pledge/unveil > configuration files originate from the upstream distribution, are not > listed. Chromium, Ungoogled Chromium, Firefox, Firefox ESR, and Tor Browser > are sandboxed, which is excellent because Web browsing is one of the most > popular desktop activity and browsers are meant to use networking and > execute untrusted JavaScript/WebAssembly code, and parse untrusted data > like media, CSS, etc. Contrary to servers, that if they're hacked then some > business might be ruined, personal computers are used to do banking and > shopping online, chat with distant friends/family > members/doctors/lawyers/coworkers/etc., and hold our personal thoughts and > memories, so I believe that they shouldn't get compromised just because the > user entered the wrong website on a bad day, or opened the wrong video, or > the wrong file, etc. OpenBSD already has the excellent system calls > pledge(2) and unveil(2), and already uses them extensively in the base > system and for the aforementioned browsers, but what about other programs?
Re: Security questions: Login spoofing, X11 keylogging, and sandboxed apps
not in the mailing list world I've been using for close to 30 years if you post to the mailing list I reply to the mailing list On March 28, 2024 3:16:45 PM MDT, Dan wrote: >You didn't "Reply All", so I didn't get your reply in my inbox. (The person >you're replying to should be in the To field, and the mailing list in the >Cc field.) >
Re: Security questions: Login spoofing, X11 keylogging, and sandboxed apps
You didn't "Reply All", so I didn't get your reply in my inbox. (The person you're replying to should be in the To field, and the mailing list in the Cc field.) >Even on windows; this has nothing to do with intercepting ctrl-alt-del. False. Ctrl-Alt-Delete cannot be intercepted on Windows without first compromising the integrity of the operating system. The Windows kernel is hardcoded to forward Ctrl-Alt-Delete to Winlogon, and Winlogon runs in a separate Secure Desktop mode that takes over the entire screen and no other programs can intercept keystrokes from or send keystrokes to. https://security.stackexchange.com/a/34975 https://learn.microsoft.com/windows/win32/winstation/desktops >I don't believe that's true. >"Dear X11, what is $user typing into his firefox textarea"? I'm not an X11 expert, and I'm not sure if the example provided in the following link is because the program and the desktop it's running under have different UIDs (rather than locking the desktop, logging into a different user with a new desktop session using a SAK like Ctrl-Alt-Delete, and running it there), but I found this old blog post, by whom I believe is the founder of Qubes OS, being cited somewhere: https://theinvisiblethings.blogspot.com/2011/04/linux-security-circus-on-gui-isolation.html It is common knowledge that X11 is insecure by design, not (only) by the ancient code, so even if the blog post isn't relevant anymore, it wouldn't surprise me if such attacks could still be done. >>I saw that Chromium, Firefox, and Tor Browser on OpenBSD (at least when installed from the OpenBSD package manager/ports) are sandboxed with pledge(2) and unveil(2). >find /usr/ports/ -name pledge\* Already done: https://openports.pl/search?file=unveil This only lists third-party packages that have an OpenBSD ports-originated addition of pledge/unveil configuration files; packages that use pledge/unveil without configuration files, or whose pledge/unveil configuration files originate from the upstream distribution, are not listed. Chromium, Ungoogled Chromium, Firefox, Firefox ESR, and Tor Browser are sandboxed, which is excellent because Web browsing is one of the most popular desktop activity and browsers are meant to use networking and execute untrusted JavaScript/WebAssembly code, and parse untrusted data like media, CSS, etc. Contrary to servers, that if they're hacked then some business might be ruined, personal computers are used to do banking and shopping online, chat with distant friends/family members/doctors/lawyers/coworkers/etc., and hold our personal thoughts and memories, so I believe that they shouldn't get compromised just because the user entered the wrong website on a bad day, or opened the wrong video, or the wrong file, etc. OpenBSD already has the excellent system calls pledge(2) and unveil(2), and already uses them extensively in the base system and for the aforementioned browsers, but what about other programs?
Re: Dell PERC H745
On 2024-03-28, Hrvoje Popovski wrote: > On 28.3.2024. 11:01, Kapetanakis Giannis wrote: >> I'm looking for a new server to replace our firewall/routing. >> >> Would like to ask if PERC H745 is supported. >> >> mfi(4) lists >> - Dell PERC 5/e, PERC 5/i, PERC 6/e, PERC 6/i, PERC H310, PERC >> H700, PERC H800 >> >> Is this ok? >> >> Trying bsd.rd on a newer server with H755, it was NOT detected. >> On Linux it is shown as >> 65:00.0 RAID bus controller: Broadcom / LSI MegaRAID 12GSAS/PCIe Secure >> SAS39xx >> DeviceName: SL3 RAID >> Subsystem: Dell PERC H755 Front >> >> That is on 7.4, didn't try current. >> >> However the BOSS-S1 adapter with 2 x M.2 sticks was detected >> >> How about HBA330 Mini and/or PERC H730P Mini ? >> >> About CPUs, I'm between Intel Xeon Gold 5315Y @ 3.20GHz vs AMD EPYC 72F3 >> Both are 8 cores, I will put 2 x cpus. Haven't tried EPYC at all but looks >> more performant. >> >> G >> > > Hi, > > don't go with BOSS adapter or HBA330. I have both adapters in lab and > they just don't work. > I have working OpenBSD on PERC H740p, PERC H740P Mini, PERC H330 mini, > PERC H310 Mini. I can't remember but I think that H730p should work. also working: PERC H710 Mini, PERC H755 Front (both mfii)
Re: Dell PERC H745
On 28.3.2024. 17:40, Hrvoje Popovski wrote: > On 28.3.2024. 11:01, Kapetanakis Giannis wrote: >> I'm looking for a new server to replace our firewall/routing. >> >> Would like to ask if PERC H745 is supported. >> >> mfi(4) lists >> - Dell PERC 5/e, PERC 5/i, PERC 6/e, PERC 6/i, PERC H310, PERC >> H700, PERC H800 >> >> Is this ok? >> >> Trying bsd.rd on a newer server with H755, it was NOT detected. >> On Linux it is shown as >> 65:00.0 RAID bus controller: Broadcom / LSI MegaRAID 12GSAS/PCIe Secure >> SAS39xx >> DeviceName: SL3 RAID >> Subsystem: Dell PERC H755 Front >> >> That is on 7.4, didn't try current. >> >> However the BOSS-S1 adapter with 2 x M.2 sticks was detected >> >> How about HBA330 Mini and/or PERC H730P Mini ? >> >> About CPUs, I'm between Intel Xeon Gold 5315Y @ 3.20GHz vs AMD EPYC 72F3 >> Both are 8 cores, I will put 2 x cpus. Haven't tried EPYC at all but looks >> more performant. >> >> G >> > > Hi, > > don't go with BOSS adapter or HBA330. I have both adapters in lab and > they just don't work. > I have working OpenBSD on PERC H740p, PERC H740P Mini, PERC H330 mini, > PERC H310 Mini. I can't remember but I think that H730p should work. Found it Dell R7515 with PERC H730P Mini AMD EPYC 7702P 64-Core Processor mfii0 at pci1 dev 0 function 0 "Symbios Logic MegaRAID SAS3108" rev 0x02: msi mfii0: "PERC H730P Mini", firmware 25.5.9.0001, 2048MB cache scsibus1 at mfii0: 64 targets sd0 at scsibus1 targ 0 lun 0: naa.64cd98f0cbb4aa002673b23f20452446 sd0: 457344MB, 512 bytes/sector, 936640512 sectors scsibus2 at mfii0: 256 targets
Re: Dell PERC H745
On 28.3.2024. 11:01, Kapetanakis Giannis wrote: > I'm looking for a new server to replace our firewall/routing. > > Would like to ask if PERC H745 is supported. > > mfi(4) lists > - Dell PERC 5/e, PERC 5/i, PERC 6/e, PERC 6/i, PERC H310, PERC > H700, PERC H800 > > Is this ok? > > Trying bsd.rd on a newer server with H755, it was NOT detected. > On Linux it is shown as > 65:00.0 RAID bus controller: Broadcom / LSI MegaRAID 12GSAS/PCIe Secure > SAS39xx > DeviceName: SL3 RAID > Subsystem: Dell PERC H755 Front > > That is on 7.4, didn't try current. > > However the BOSS-S1 adapter with 2 x M.2 sticks was detected > > How about HBA330 Mini and/or PERC H730P Mini ? > > About CPUs, I'm between Intel Xeon Gold 5315Y @ 3.20GHz vs AMD EPYC 72F3 > Both are 8 cores, I will put 2 x cpus. Haven't tried EPYC at all but looks > more performant. > > G > Hi, don't go with BOSS adapter or HBA330. I have both adapters in lab and they just don't work. I have working OpenBSD on PERC H740p, PERC H740P Mini, PERC H330 mini, PERC H310 Mini. I can't remember but I think that H730p should work. PowerEdge R740xd with H740P Intel(R) Xeon(R) Gold 6130 CPU @ 2.10GHz sd0 at scsibus3 targ 0 lun 0: naa.6d09466073e86a002d956fda091d67f4 sd0: 915200MB, 512 bytes/sector, 1874329600 sectors rs1# bioctl sd0 Volume Status Size Device mfii0 0 Online 959656755200 sd0 RAID1 WB 0 Online 960197124096 1:0.0 noencl 1 Online 960197124096 1:1.0 noencl PowerEdge R630 with PERC H330 Mini Intel(R) Xeon(R) CPU E5-2637 v3 @ 3.50GHz sd0 at scsibus1 targ 0 lun 0: naa.614187704a1f37001ddf7ffc11e3e762 sd0: 285568MB, 512 bytes/sector, 584843264 sectors alt-fw1# bioctl sd0 Volume Status Size Device mfii0 0 Online 299439751168 sd0 RAID1 WT 0 Online 3000 1:0.0 noencl 1 Online 3000 1:1.0 noencl PowerEdge R6515 with HBA330 AMD EPYC 7313P 16-Core Processor HBA300 doesn't work but if you have NVMe extender then U2 NVMe disk can be attached to that extender through HBA330 connectors mpii0: Dell HBA330 Mini, firmware 16.0.11.0, MPI 2.5 <- not working nvme0 at pci13 dev 0 function 0 vendor "SK hynix", unknown product 0x2839 rev 0x21: msix, NVMe 1.3 nvme0: Dell DC NVMe PE8010 RI U.2 960GB, firmware 1.3.0, serial SJC2N4257I34R2Q19 U2 NVMe disk is connected though HBA330 connectors to NVMe extender PowerEdge R6515 with PERC H740P Mini AMD EPYC 7313P 16-Core Processor sd0 at scsibus1 targ 0 lun 0: naa.6f4ee08004838b002a3466dba8a488b1 sd0: 457344MB, 512 bytes/sector, 936640512 sectors alt-fw2# bioctl sd0 Volume Status Size Device mfii0 0 Online 479559942144 sd0 RAID1 WB 0 Online 480103981056 1:0.0 noencl 1 Online 480103981056 1:1.0 noencl For me this server is beast because cpu clock can go up to 3.7GHz It seems that on OpenBSD AMD cpus can have higher clock than Intel cpus AMD EPYC 7313P 16-Core Processor Base Clock - 3.0GHz Max. Boost Clock - 3.7GHz hw.cpuspeed=3000 hw.sensors.cpu0.frequency0=37.00 Hz AMD EPYC 7413 24-Core Processor Base Clock - 2.65GHz Max. Boost Clock - 3.6GHz hw.cpuspeed=2650 hw.sensors.cpu1.frequency0=34.00 Hz Intel(R) Xeon(R) Gold 6130 CPU @ 2.10GHz Base Clock - 2.10 GHz Max. Boost Clock - 3.70 GHz hw.cpuspeed=2793 hw.sensors.cpu0.frequency0=28.00 Hz Intel(R) Xeon(R) Gold 6134 CPU @ 3.20GHz Base Clock - 3.20 GHz Max. Boost Clock - 3.70 GHz hw.cpuspeed=3201 hw.sensors.cpu0.frequency0=37.00 Hz but this is fujitsu server :) Intel(R) Xeon(R) CPU E5-2643 v2 @ 3.50GHz Base Clock - 3.50 GHz Max. Boost Clock - 3.80 GHz hw.cpuspeed=3600 hw.sensors.cpu0.frequency0=36.00 Hz Other thing that is interesting, is AES-NI on AMD cpus fast as on Intel cpus?
Re: Security questions: Login spoofing, X11 keylogging, and sandboxed apps
> (1) Does OpenBSD have a mechanism like Ctrl-Alt-Delete on Windows (Secure > Attention Key, or SAK) to prevent malware (or a website in fullscreen, for > example) from faking a logout process and/or faking a login prompt? On > Windows the kernel ensures that the operating system captures this key > combination and takes over with a real login prompt that malware can't fake > without first defeating the OS security. Any X11 program can display a screen that looks like the login screen. Even on windows; this has nothing to do with intercepting ctrl-alt-del. > (2) I've learned that X11 allows locally running malware to sniff the > keystrokes input to any other X11-using app running under any user. I don't believe that's true. Where have you "learned" that, and how does that work? "Dear X11, what is $user typing into his firefox textarea"? > (3) I saw that Chromium, Firefox, and Tor Browser on OpenBSD (at least when > installed from the OpenBSD package manager/ports) are sandboxed with > pledge(2) and unveil(2). Are there any other major apps, especially that > commonly accept untrusted input, that are also sandboxed like that on > OpenBSD? Especially email clients, media players, word processors, apps to > send/receive/sync files, etc. find /usr/ports/ -name pledge\*
Dell PERC H745
I'm looking for a new server to replace our firewall/routing. Would like to ask if PERC H745 is supported. mfi(4) lists - Dell PERC 5/e, PERC 5/i, PERC 6/e, PERC 6/i, PERC H310, PERC H700, PERC H800 Is this ok? Trying bsd.rd on a newer server with H755, it was NOT detected. On Linux it is shown as 65:00.0 RAID bus controller: Broadcom / LSI MegaRAID 12GSAS/PCIe Secure SAS39xx DeviceName: SL3 RAID Subsystem: Dell PERC H755 Front That is on 7.4, didn't try current. However the BOSS-S1 adapter with 2 x M.2 sticks was detected How about HBA330 Mini and/or PERC H730P Mini ? About CPUs, I'm between Intel Xeon Gold 5315Y @ 3.20GHz vs AMD EPYC 72F3 Both are 8 cores, I will put 2 x cpus. Haven't tried EPYC at all but looks more performant. G
Re: No coloring with colorls
On 2024-03-27, Karel Lucas wrote: > What is the correct setting, taking into account the coloring of the > directory listing? For the console, use /etc/ttys. For an X terminal, use whatever mechanism is correct for that terminal (.Xdefaults XTerm*termName for xterm). sheesh. > Op 27-03-2024 om 14:02 schreef Stuart Henderson: >> On 2024-03-27, Karel Lucas wrote: >>> It works correctly! My /etc/profile now looks like this: >>> export TERM=xterm-256color >> That is not working correctly, because you forcibly override the correct >> TERM which is set for things like screen/tmux. >> >> For the console, use /etc/ttys. >> >> For an X terminal, use whatever mechanism is correct for that terminal >> (.Xdefaults XTerm*termName for xterm). >> >> > > -- Please keep replies on the mailing list.