Re: keepassxc-2.7 + Hardware Key

2023-10-02 Thread Mike Coddington 



> On Oct 2, 2023, at 2:09 PM, m...@phosphorus.com.br wrote:
> 
> ping
> 
> On 9/30/23 07:39, m...@phosphorus.com.br wrote:
>> Hi, anyone using keepassxc-2.7.4p2 with a hardware dongle - preferably 
>> opensource or DIY type - succesfully in OpenBSD?
>> 
>> 


Perhaps the answer you've found is that it's only you doing this. "Ping"-ing us 
all because nobody responded is wasting everyone's time. And next time, don't 
top-post. It's rude.

Re: tracker-miner-fs-3

2023-02-16 Thread Mike Coddington 
On Thu, Feb 16, 2023 at 05:06:05PM +0100, Daniele Bonini wrote:
> 
> Hello,
> Sorry if I'm reluctant to this piece of software: 
> 
> NAME
>   tracker-miner-fs-3 - Used to crawl the file system to mine data.
> 
> It is continuously accessing and browsing my disk..
> Any clue?
> Is it possible to safely disable it?
> Appreciated, thanks.

I ran 'pkg_info tracker3' which gave some good information about this
software. I hadn't heard of it before and you're right, it does sound
ominous based on the description you posted. It looks like that's part
of the GNOME desktop environment. If you're running GNOME, I'd advise
keeping it installed since it seems to do some sort of file indexing for
searching. If not, delete it. Personally, I prefer just running a window
manager and not a full-blown desktop environment, but that's me. Your
mileage may vary.

-- 
Put your Nose to the Grindstone!
-- Amalgamated Plastic Surgeons and Toolmakers, Ltd.

Re: airport(7) and defunct airports

2022-06-09 Thread Mike Coddington 



> On Jun 9, 2022, at 7:09 AM, Moritz Röhrich  wrote:
> 
> Dear OpenBSD users and maintainers,
> 
> as you can probably tell, I've been reading
> the hackernews post about airport(7). However
> I noticed that the list includes Berlin Tegel
> "Otto Lilienthal" (TXL), which has been de-
> funct for a few months now. How are closed,
> defunct and decommissioned airports dealt with
> in this list?

According to IATA, TXL still corresponds to Berlin Tegel.
https://www.iata.org/en/publications/directories/code-search/?airport.search=txl
 


I would assume that if it's still a valid airport code, it remains in the list.

Re: Limit dir write by its storage size

2022-01-11 Thread Mike Coddington 
On Wed, Jan 12, 2022 at 02:06:39AM +0800, Yamada? wrote:
> For a BSD based system, how can I setup that, if a dir has total storage
> size reached to the max, it won???t be writable anymore?
> 

I know you can restrict storage usage at a filesystem level using quota(1),
but I'm not aware of a way to restrict it by directory. I use this for
the /home partition so that each user can only use up a certain chunk of
space for their own home directory and not hog the shared space for the
other users. You might be able to get by with doing something similar,
but I suppose it would depend on your use case.

-- 
Put your Nose to the Grindstone!
-- Amalgamated Plastic Surgeons and Toolmakers, Ltd.

Re: CIDR vs aliases with ifconfig/hostname.if

2020-12-02 Thread Mike Coddington 
On Wed, Dec 02, 2020 at 06:49:01PM -0600, Chris Bennett wrote:
> Hi,
> after seeing a post here using CIDR, I re-read some manual pages.
> I have been using aliases, but it looks like using CIDR is the preferred
> method.
> Could someone explain that a little better than the manual pages do?
> An example might help better to explain why aliases are used when
> changing network numbers. Is it a short term fix?
> Is there a downside to using aliases vs CIDR?
 
So, I'm not quite sure what you mean because in hostname.if the term
"alias" refers to giving the interface more than one IP address. For
example, here's my hostname.if file, /etc/hostname.vr0.

inet 192.168.3.25 255.255.255.0
inet6 autoconf
inet6 alias 2001:470:314f:3::25 64

The first line is my IPv4 address, not in CIDR format. I am not sure
that you are even able to specify the address in CIDR, although I could
be wrong. This has been my setup for many iterations of OpenBSD.

The second line allows me to pick up an IPv6 address via my router's
SLAAC setup. Your ISP may or may not provide this. The third line is an
alias, where I am manually specifying which IPv6 address I'd like to
apply in addition to the addresses that are autoconf-ed. I do this
because I run a mail server and I want to make sure that the server does
its communication over a static IP address.

> My other question is what to put for the address.
> I have 104.149.1.112/28. Should I just put this?
> 113 is the gateway. What is 112? It doesn't ping.
> 113 pings even if the rest is inaccessible.

When you are assigned a range of IP addresses from your ISP, you are
given the range in CIDR format like you specify. For example, I have a
static IP address for my mail server and my ISP gave me the CIDR range
of 206.55.191.72/30. .72 is the "network address" and is unusable. .73
is my gateway and .74 is the actual, single IP address that I have
assigned to my server. That's why you can't ping .112. You can probably
give your server 104.149.1.114 and be good to go.

There was a useful tool that someone posted on misc a while back called
netcalc. I think this is its website:
https://jamsek.dev/posts/2019/Sep/21/ipv4-and-ipv6-cidr-subnet-calculator/
Check it out if you want to get a better grasp on CIDR notation.

-Mike

-- 
Put your Nose to the Grindstone!
-- Amalgamated Plastic Surgeons and Toolmakers, Ltd.

Re: xbox 360 wireless controller on amd64 working?

2019-05-07 Thread Mike Coddington 
On Tue, May 07, 2019 at 03:34:03PM +, plainball wrote:
> Seems to work rather good, on Linux - configs might need an adjustment or 2:
> any chances currently for bluetooth  coming back to openbsd?

Last I knew, Bluetooth drivers lacked a maintainer, i.e. someone willing
to put up with the byzantine specifications of Bluetooth. Developers
preferred to work on other things.

-- 
Put your Nose to the Grindstone!
-- Amalgamated Plastic Surgeons and Toolmakers, Ltd.

Re: When will be created a great desktop experience for OpenBSD?

2019-05-07 Thread Mike Coddington 
On Tue, May 07, 2019 at 10:06:19AM -0400, Christopher Turkel wrote:
> When I use
> any other OS I am always amazed how complicated they are.

This statement encapsulates why I like OpenBSD the best. I'm 40 and I've
got a five-year-old at home. When I need to use the computer, I'm
looking to get stuff done fast and be done with it. OpenBSD doesn't
demand too much of my time and it doesn't surprise me. That's the sort
of thing I look for these days. (I use my old Mac Mini if I ever have to
do things with proprietary junk. That doesn't happen very often.) 

-- 
Put your Nose to the Grindstone!
-- Amalgamated Plastic Surgeons and Toolmakers, Ltd.

Re: [T-Shirt] Official or not ?

2019-04-04 Thread Mike Coddington 
On Thu, Apr 04, 2019 at 02:23:59PM +0200, Oliv wrote:
> Hello,
> 
> on internet i found these OpenBSD products : 
> 
> https://www.redbubble.com/people/rimek/works/25325956-openbsd-crypto?p=t-shirt=8aa640f6-9ca5-4a0e-a162-1cbd71d04780=extra_large=mhoodie
> 
> I did not find them on the tshirt page of OpenBSD :
> 
> https://www.openbsd.org/tshirts.html
> 
> 
> I think they are not official, however does OpenBSD foundation receives
> retribution for them ?


Looking at that web page, this rimek character has just taken a bunch of
popular open source software's logos and stuck them on sweatshirts. I
guarantee you OpenBSD gets no money from this. It's yet another dodgy
Internet t-shirt site.

-- 
Put your Nose to the Grindstone!
-- Amalgamated Plastic Surgeons and Toolmakers, Ltd.

Re: Best way to fix a directory's permissions?

2019-02-08 Thread Mike Coddington 
On Fri, Feb 08, 2019 at 01:45:59PM -0600, Edgar Pettijohn wrote:
> 
> mtree(8)
> 
> Never used it but I think it's what you want.

I just gave it a shot and it works perfectly. Thanks, Edgar and William! 

-- 
Put your Nose to the Grindstone!
-- Amalgamated Plastic Surgeons and Toolmakers, Ltd.

Best way to fix a directory's permissions?

2019-02-08 Thread Mike Coddington 
Last night I screwed up my /tmp directory's permissions. I fixed it by
looking at another machine's permissions and editing the directory with
chmod(1). Is there a tool in OpenBSD which would work better than this?
I'm fortunate enough to have more than one machine running OpenBSD, but
if I didn't this could have been more of a problem for me.

Any good tricks the list would like to share? Is there a canonical
source for where permissions/ownership is listed? I tried searching MARC
but as you might imagine there are a lot of results that come back for
this sort of thing.

-- 
Put your Nose to the Grindstone!
-- Amalgamated Plastic Surgeons and Toolmakers, Ltd.

Re: is there anything like pdfnup or pdfjam?

2019-01-22 Thread Mike Coddington 
On Mon, Jan 21, 2019 at 11:45:55PM -, Stuart Henderson wrote:
> > as well as being a standalone port in OpenBSD's ports collection.
> 
> I don't see that?
> 

My mistake. I was browsing the cvsweb page for ports and noticed that
there was an entry. Seems like you may have removed pdfjam from ports
six years ago: https://cvsweb.openbsd.org/ports/print/pdfjam/

I need to bone up on my CVS, I think!

-- 
Put your Nose to the Grindstone!
-- Amalgamated Plastic Surgeons and Toolmakers, Ltd.

Re: is there anything like pdfnup or pdfjam?

2019-01-21 Thread Mike Coddington 
On Mon, Jan 21, 2019 at 04:50:08PM +, rsyk...@disroot.org wrote:
> Dear list,
> 
> I want to print a pdf, but with two pages put
> on one physical page.
> 
> On linux, pdfnup or pdfjam can do it.
> 
> I cannot find these for OpenBSD.
> What do you use then?

It looks like pdfjam is included in the texlive package these days, as
well as being a standalone port in OpenBSD's ports collection. I don't
use this package, but try installing texlive and see if that gives you a
usable pdfjam script.

-- 
Put your Nose to the Grindstone!
-- Amalgamated Plastic Surgeons and Toolmakers, Ltd.

Re: IPv6 router advertisement rdns not working?

2018-09-13 Thread Mike Coddington 
On Thu, Sep 13, 2018 at 06:15:28AM +0200, Sebastien Marie wrote:
> On Wed, Sep 12, 2018 at 10:26:40PM -0500, Mike Coddington wrote:
> > I've got IPv6 set up and things work great if I also use IPv4. DNS
> > lookups go over IPv4 according to what I have in /etc/resolv.conf and
> >  records are followed. However, if I decide to go with just IPv6 by
> > simplifying my /etc/hostname.if file and using "inet6 autoconf" by
> > itself, I cannot do any DNS lookups.
> > 
> > I'm thinking that somehow the rdns part of the router advertisement
> > isn't working. If it were working correctly, would the provided IPv6 DNS
> > server address show up in /etc/resolv.conf?
> 
> No.
> 
> rad(8) has support for sending rdns information, but currently nothing
> in base has support to get resolv.conf configured with such information.

Good to know. I'll stop spinning my wheels. That might be a nice project
for me to start tinkering with. Thank you!

-- 
Put your Nose to the Grindstone!
-- Amalgamated Plastic Surgeons and Toolmakers, Ltd.

IPv6 router advertisement rdns not working?

2018-09-12 Thread Mike Coddington 
I've got IPv6 set up and things work great if I also use IPv4. DNS
lookups go over IPv4 according to what I have in /etc/resolv.conf and
 records are followed. However, if I decide to go with just IPv6 by
simplifying my /etc/hostname.if file and using "inet6 autoconf" by
itself, I cannot do any DNS lookups.

I'm thinking that somehow the rdns part of the router advertisement
isn't working. If it were working correctly, would the provided IPv6 DNS
server address show up in /etc/resolv.conf? I'm running -current but
it's from about a month ago. Before I update it to try and fix a problem
that I'm not sure is related to the snapshot I'm using, I figured I
would check with misc@ and see if anyone's got a working configuration.
If this is not supported yet, that'd be fine- I don't intend to forego
IPv4 right now across the board. Here's the output of "slaacctl show
interface":

wn0:
 index:   2 running: yes privacy: yes
lladdr: 74:e5:0b:e8:9a:b8
 inet6: fe80::d47:3d1d:50fb:1eb2%iwn0
Router Advertisement from fe80::7a8a:20ff:febb:53%iwn0
received: 2018-09-12 22:03:04; 65s ago
Cur Hop Limit:  64, M: 0, O: 0, Router Lifetime:  1800s
Default Router Preference: Medium
Reachable Time: 0ms, Retrans Timer: 0ms
prefix: 2001:470:314f:a::/64
On-link: 1, Autonomous address-configuration: 1
vltime:2592000, pltime: 604800
rdns: 2001:470:314f:a::beef, lifetime: 600
Address proposals
id:6, state:  CONFIGURED, privacy: y
vltime: 604800, pltime:  86264, timeout:
86184s
updated: 2018-09-12 22:03:04; 65s ago
2001:470:314f:a:ab4:1bcf:d142:f01a, 2001:470:314f:a::/64
id:5, state:  NEARLY_EXPIRED, privacy: y
vltime: 604800, pltime:  0, timeout:
603306s
updated: 2018-09-12 21:39:30; 1479s ago
2001:470:314f:a:6907:c112:fe0:e20f, 2001:470:314f:a::/64
id:4, state:  NEARLY_EXPIRED, privacy: y
vltime: 604800, pltime:  0, timeout:
602387s
updated: 2018-09-12 21:24:11; 2398s ago
2001:470:314f:a:1be5:1662:848b:e889,
2001:470:314f:a::/64
id:2, state:  NEARLY_EXPIRED, privacy: y
vltime: 604800, pltime:  0, timeout:
602105s
updated: 2018-09-12 21:19:29; 2680s ago
2001:470:314f:a:51b3:40a8:9776:96d1,
2001:470:314f:a::/64
id:3, state:  CONFIGURED, privacy: n
vltime:2592000, pltime: 604800, timeout:
604720s
updated: 2018-09-12 22:03:04; 65s ago
2001:470:314f:a:270d:54f6:76d5:2f8f,
2001:470:314f:a::/64
Default router proposals
id:1, state:  CONFIGURED
router: fe80::7a8a:20ff:febb:53%iwn0
router lifetime:   1800
Preference: Medium
updated: 2018-09-12 22:03:04; 65s ago, timeout:
1720s




My /etc/hostname.iwn0:
nwid "B.D. Wong" wpakey "greatpasswordhere"
dhcp
inet6 autoconf

My /etc/resolv.conf (although removing this altogether changes nothing):
# Generated by iwn0 dhclient
nameserver 192.168.10.1


I'm really just wondering if anyone on the list has had success with
these router advertisement rdns setups. Thanks!

-- 
Put your Nose to the Grindstone!
-- Amalgamated Plastic Surgeons and Toolmakers, Ltd.

Re: Wireless on ThinkPad T40 - Connects but no data

2018-07-12 Thread Mike Coddington 
On Thu, Jul 12, 2018 at 04:37:27PM +0100, Richard Laysell wrote:
> 
> Hello,
> 
> I'm having a problem getting the wireless network to work on a ThinkPad
> T40.  The wireless seems to connect OK, but I can't get any packets
> through it.
> 
> Is anyone else using a similar network card and are they having any
> problems?

I've got a Thinkpad X220 and have experienced a similar issue. My
machine uses the iwn(4) driver, but I have also seen the same behavior
with a cheapo USB wireless dongle that I plug in. This is mainly useless
information, but here is what I am wondering: does this problem occur
for you when you connect to other access points? My connectivity issue only
crops up at my office's access point. Things work great at home and on
the bus. You may want to try and connect to some other public wifi networks
and see if the problem is the same for you. I also noticed that I could
*CONNECT* to the access point fine, but only ARPs would make it to my
machine. Maybe do some tcpdump work and see if your problem is similar. 

I haven't really spent a whole heck of a lot of time troubleshooting my
own problem because I can connect via a wired connection. However,
hopefully my experience gets you headed in the right direction.  

-- 
Put your Nose to the Grindstone!
-- Amalgamated Plastic Surgeons and Toolmakers, Ltd.

Re: Programming for OpenBSD

2018-06-01 Thread Mike Coddington 
On Wed, May 30, 2018 at 11:41:00PM -0400, Kevin Burke wrote:
> 
> Also, where is the best place, in your opinion, to have my code critiqued
> online ? I am not just going to spam developer mailing list with 'newbie'
> code ? I do not have access to my old daemonforums account for a technical
> reason I dont want to mention (No, I did not get banned !) so that is
> probably the main reason why you are reading this message on the 'official'
> OpenBSD mailing list. I did not really want to send it here. Is reading
> code on the obsfucated C programming website necessary to get a feel for
> blatant bad style code ?

I'm sort of in the same boat as you are. I've been trying to get my programming
skills up to speed so that I can make valuable contributions to OpenBSD
since I get so much value out of the OS. It has been educational to read
the tech@ and ports@ mailing lists to see what other more experienced
contributors are doing.

Also, check out the coding style(9) guide in the manual. And download
the source code and read the source for programs that you use often.

-- 
Put your Nose to the Grindstone!
-- Amalgamated Plastic Surgeons and Toolmakers, Ltd.

Re: Bitmask for 224.0.0.0 in Martians PF table entry

2018-01-10 Thread Mike Coddington 
On Wed, Jan 10, 2018 at 07:55:53PM +0100, Aham Brahmasmi wrote:
> Hi,
> 
> What is the correct bitmask for the 224.0.0.0 Martian table entry in
> pf.conf?
> 
> There are two bitmasks in two links on this page -
> http://www.team-cymru.org/bogon-reference-http.html. /3 in the The Text
> Bogon List, Aggregated and /4 in IPv4 Fullbogons. /3 is also present in
> https://www.openbsd.org/faq/pf/example1.html.
> 
> I think it should be /3, but I am still learning pf.

224.0.0.0/3 would include the 240.0.0.0/4 block as well. For what it's
worth, I use 224.0.0.0/3 myself.

-- 
Put your Nose to the Grindstone!
-- Amalgamated Plastic Surgeons and Toolmakers, Ltd.

Re: Abort Trap question

2017-11-15 Thread Mike Coddington 
On Wed, Nov 15, 2017 at 10:01:09AM -0600, Daniel Boyd wrote:
> I've installed OpenBSD/macppc twice on my G4 Cube now and it seems to
> be working fine until I go to untar src.tar.gz at which point it throws
> some abort trap errors and crashes.  If I reboot, I get a bunch of
> abort traps during the boot process followed by several:
> 
> init: can't exec getty '/usr/libexec/getty' for pot /dev/ttyC3: ...
> 
> What do you guys think this is...?  Hard drive failure...?

Out of curiosity, does the same thing happen if you extract the tar with
the pax(1) program? That'll at least let you know if it's tar causing
the problem or not.

-- 
Put your Nose to the Grindstone!
-- Amalgamated Plastic Surgeons and Toolmakers, Ltd.

Re: OT: Upload and Download to/from an OpenBSD host

2017-10-30 Thread Mike Coddington 
On Mon, Oct 30, 2017 at 09:23:51PM +0200, Mihai Popescu wrote:
> Hi,
> 
> I am trying to setup a solution on an OpenBSD computer, where i want
> to upload and then download large volume of data. I was using ftpd
> daemon to do this, but I wonder if there is another way to do this,
> regarding speed of transfer.
> 

Back in a former life, I often had to transfer terabytes of information
between hosts in my network. The goal was to reduce the overhead of the
transfer so that more of the data would get transferred. I had been
using netcat/nc and pushing data through the connection as fast as I
could. This worked great, provided I could verify that things were being
transferred without errors. Any connection problems and I'd be screwed.
Eventually, I found this web page which details another guy's research
into the same problem:

http://intermediatesql.com/linux/scrap-the-scp-how-to-copy-data-fast-using-pigz-and-nc/

Essentially, he's compressing files and then sending them over to fit
more data down the pipe. I also learned of this other program called
bbcp which was developed specifically for our purposes. It's mentioned
in the above article, and that author wasn't big on it. I like it
though; it's what I ended up using because to me it is a more elegant
solution and worked well for my needs.

http://www.slac.stanford.edu/~abh/bbcp/

Check those out, and I'm very curious if anyone else on the list has
more OpenBSD-centric techniques!


-- 
Put your Nose to the Grindstone!
-- Amalgamated Plastic Surgeons and Toolmakers, Ltd.

Re: rsa 4096 or ed25519 for ssh keys ?

2017-10-16 Thread Mike Coddington 
On Mon, Oct 16, 2017 at 05:29:34PM +0200, Joel Carnat wrote:
> Hi,
> 
> If both server and client are ed25519 compatible.
> When generating (user) SSH keys, is it recommended to use ed25519 rather
> than rsa 4096bits?
> 

AFAIK, either would be fine. I believe ED25519 is more CPU-intensive, so
if that's a factor then stick with RSA. I like ED25519 personally
because the keys are small and my CPUs can all handle the workload.

-- 
Put your Nose to the Grindstone!
-- Amalgamated Plastic Surgeons and Toolmakers, Ltd.

Re: Amazon AWS, OpenBSD and IPv6

2017-09-05 Thread Mike Coddington 
On Tue, Sep 05, 2017 at 11:12:13AM +0200, Zbyszek ??kiewski wrote:
> > 
> > Wiadomo napisana przez Peter Hessler  w dniu 
> > 05.09.2017, o godz. 11:05:
> > 
> > OpenBSD's dhclient is IPv4 only.  We do not have an IPv6 DHCP client in
> > base.
> 
> how does it works then on vultr for example where in same setup IPv6 is 
> leased from DHCP? I do not see any other daemons running there...

On Vultr, IPv6 addresses are assigned via SLAAC, not via DHCP6. Back
when I had a need to use DHCPv6, I had good luck with the "wide-dhcpv6"
package. Try installing that and see if you're able to pick up an
address from the AWS servers.

-- 
To find a friend one must close one eye; to keep him -- two.
-- Norman Douglas

Re: maybe misc can help even it's not openbsd related

2017-08-24 Thread Mike Coddington 
On Thu, Aug 24, 2017 at 11:49:19AM +0200, Markus Rosjat wrote:
> so here is my problem, I konfigured postfix and dkimproxy to work together.
> So far so good because it works for outgoing mail. The problem i face is
> with local mails. Postfix somehow rewrites the reciepent from the mail
> adress to u...@domain.tld and then the lookup im my ldap directory fails.
> 
> So the real question is, can I configure postfix to ignore the forwarding to
> dkimproxy for local delivery ?

Without seeing your configuration files, it's hard to tell. However, my
guess is that you've got dkimproxy set to process all of your mail
rather than having it only attached to the smtpd part of it. Check your
master.cf and make sure that you're only referring to dkimproxy there,
as opposed to calling it in main.cf somewhere.

For example, I have SpamAssassin in my pipeline but only for external
mail. I set it up that way by doing this with master.cf (among other
things):

smtpd pass  -   -   y   -   -   smtpd
-o smtpd_client_restrictions=$client_restrictions
-o content_filter=spamassassin

By including the content_filter there, I'm able to have it only affect
mail that originates from external hosts. I assume dkimproxy is called
in a similar fashion. DKIM's too much of a pain in the butt for me
though so I don't have first-hand experience with it.

-- 
To find a friend one must close one eye; to keep him -- two.
-- Norman Douglas

Re: IPv6 autoconf

2017-07-28 Thread Mike Coddington 
On Thu, Jul 27, 2017 at 05:41:48PM -0700, Thomas Smith wrote:
> Hi,
> 
> My ISP (Cox) supports IPv6 and I have this working on a MikroTik
> router--it pulls an address and prefix, creates a default route,
> creates an address pool for internal clients, etc.
> 
> I've been working to configure a similar setup in OpenBSD 6.1 but I've
> been unable to even get the outside interface to pull an IPv6 address
> from Cox (IPv4 is working properly).
> 
> I???ve tried both `inet6 autoconf` and `rtsol` in
> /etc/hostname.em0--both have worked in other IPv6 environments I???ve
> run OpenBSD in, but neither are working in this context.
> 
> Can anyone advise on this please?

Make sure that you're allowing the correct ICMP packets through pf. I've
banged my head on that part of IPv6 too many times. Here's what I've
found I have had to add in /etc/pf.conf:

icmp6_types = "{ echoreq, routersol, routeradv, neighbrsol, \
neighbradv, redir }"


# allow multicast ICMP so IPv6 works right
pass in quick on egress inet6 proto ipv6-icmp from any to \
   { ( egress ), ff02::1/16 } icmp6-type $icmp6_types



There's a bunch of neighbor-finding chatter that occurs on IPv6, so my
typical iron-fisted traffic blocking was causing IPv6 to not work at
all. Also, I know that when I used to have Comcast I had to specifically
request a /60  and tell Comcast that I wanted to be a router instead of
a client. I believe DHCPD accomplished this, although someone with a
less foggy memory should double-check that.

-- 
To find a friend one must close one eye; to keep him -- two.
-- Norman Douglas

Re: gpu for desktop

2017-06-23 Thread Mike Coddington 
On Fri, Jun 23, 2017 at 02:14:26PM +0200, Krzysztof Strzeszewski wrote:
> Hello,
> 
> how to bay good GPU card pcie for desktop OpenBSD with hardware
> acceleration?
> 
> Krzych

In addition to the useful advice that Elke gave, I'll recommend this:
Radeon HD 6450

I just bought one of these this week to finish building an OpenBSD
desktop. It's ~$40, fanless, and works great on OpenBSD. My goal was to
keep the entire computer under $100, so your mileage may vary. I will
say that this specific card works great.



-- 
To find a friend one must close one eye; to keep him -- two.
-- Norman Douglas

Re: Stack clash and OpenBSD

2017-06-20 Thread Mike Coddington 
On Tue, Jun 20, 2017 at 11:49:52AM -0400, Mike wrote:
> 
> Does 008: SECURITY FIX: May 19, 2017 fix the Stack Clash bug?
> 
> Or is a fix forthcoming?

Yes, it does. Here's the CVE, and the patch is linked from there.
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-1000372


Thanks to the OpenBSD developers for creating syspatch, or I'd be stuck
waiting for 6.2!

Time to donate to the OpenBSD foundation... be right back :)

-- 
To find a friend one must close one eye; to keep him -- two.
-- Norman Douglas

Re: Topics for revised PF and networking tutorial

2017-04-05 Thread Mike Coddington 
On Sat, Apr 01, 2017 at 10:52:20AM +0200, Peter N. M. Hansteen wrote:
> Hi,
> 
> I thought I'd like to give you a heads up that there will be a "PF and
> networking" tutorial at BSDCan 2017 in Ottawa this June.
> 
> The session will however not be the Nth rerun of the old one, we're
> starting from scratch this time, and were looking for input on what to
> include.
> 
> Do you have questions on PF and related matters, or are there specific
> topics you would like to see covered?

I've been setting up a home firewall using pf and I'd love to see some
more information on IPv6. Most of my problems have been due to me not
knowing all that much about IPv6, rather than pf problems, but I'm sure
there are a good number of people in the same predicament I'm in.

-- 
To find a friend one must close one eye; to keep him -- two.
-- Norman Douglas