bad first impression [ ...] Fwd: [HUNSN RJ43: USB keyboard lost at boot time]

[Wolfgang Pfeiffer]

Attached Harald Dunkels original message from a few days ago, taken
from my offline @misc folder. It seems this is the message he
mentioned in this current thread - strangely enough I couldn't find it
anywhere in the marc.info archive.

HTH
Wolfgang


- Forwarded message from Harald Dunkel  -

Date: Sat, 20 Apr 2024 18:01:04 +0200
From: Harald Dunkel 
Subject: HUNSN RJ43: USB keyboard lost at boot time
To: misc@openbsd.org
User-Agent: Betterbird (Linux)

Hi folks,

This morning I've got a HUNSN RJ43 network appliance with N100 and
4 2.5Gbit network interfaces. Problem: The keyboard is lost at boot
time. It still worked at the boot> prompt, but in OpenBSD's installer
menu or at the login prompt it is ignored. I have to pull it out and
plug it into another socket to make OpenBSD 7.5 recognize it, but
even this workaround fails sometimes.

*If* it works, then usbdevs shows (before and after):

pablo# usbdevs -vv
Controller /dev/usb0:
addr 01: 8086: Intel, xHCI root hub
 super speed, self powered, config 1, rev 1.00
 driver: uhub0
 port 01: .02a0 power Rx.detect
 port 02: .02a0 power Rx.detect
 port 03: .0503 connect enabled recovery
 port 04: .02a0 power Rx.detect
 port 05: 0011.02a0 power Rx.detect
 port 06: .02a0 power Rx.detect
 port 07: .02a0 power Rx.detect
 port 08: .02a0 power Rx.detect
 port 09: .02a0 power Rx.detect
 port 10: .02a0 power Rx.detect
 port 11: .02a0 power Rx.detect
 port 12: .02a0 power Rx.detect
 port 13: .02a0 power Rx.detect
 port 14: .02a0 power Rx.detect
 port 15: .02a0 power Rx.detect
 port 16: .02a0 power Rx.detect
addr 02: 05e3:0748 Generic, USB Storage
 high speed, power 500 mA, config 1, rev 12.09, iSerial 1209
 driver: umass0

# plug it in

pablo# usbdevs -vv
Controller /dev/usb0:
addr 01: 8086: Intel, xHCI root hub
 super speed, self powered, config 1, rev 1.00
 driver: uhub0
 port 01: .02a0 power Rx.detect
 port 02: .02a0 power Rx.detect
 port 03: .0503 connect enabled recovery
 port 04: .02a0 power Rx.detect
 port 05: 0011.02a0 power Rx.detect
 port 06: .0103 connect enabled recovery
 port 07: .02a0 power Rx.detect
 port 08: .02a0 power Rx.detect
 port 09: .02a0 power Rx.detect
 port 10: .02a0 power Rx.detect
 port 11: .02a0 power Rx.detect
 port 12: .02a0 power Rx.detect
 port 13: .02a0 power Rx.detect
 port 14: .02a0 power Rx.detect
 port 15: .02a0 power Rx.detect
 port 16: .02a0 power Rx.detect
addr 02: 05e3:0748 Generic, USB Storage
 high speed, power 500 mA, config 1, rev 12.09, iSerial 1209
 driver: umass0
addr 03: 12c9:6001 SINO WEALTH, Newmen Bluetooth Keyboard
 full speed, power 500 mA, config 1, rev 30.04
 driver: uhidev0
 driver: uhidev1


(I know it says Bluetooth, but its connected via cable. No
BT dongle involved.)

dmesg shows on detecting the keyboard:

uhidev0 at uhub0 port 6 configuration 1 interface 0 "SINO WEALTH Newmen Bluetooth 
Keyboard" rev 1.10/30.04 addr 3
uhidev0: iclass 3/1
ukbd0 at uhidev0: 8 variable keys, 6 key codes
wskbd0 at ukbd0: console keyboard, using wsdisplay0
uhidev1 at uhub0 port 6 configuration 1 interface 1 "SINO WEALTH Newmen Bluetooth 
Keyboard" rev 1.10/30.04 addr 3
uhidev1: iclass 3/0, 13 report ids
uhid0 at uhidev1 reportid 1: input=1, output=0, feature=0
ucc0 at uhidev1 reportid 2: 573 usages, 20 keys, array
wskbd1 at ucc0 mux 1
wskbd1: connecting to wsdisplay0
uhid1 at uhidev1 reportid 5: input=0, output=0, feature=5
ukbd1 at uhidev1 reportid 6: 120 variable keys, 0 key codes
wskbd2 at ukbd1 mux 1
wskbd2: connecting to wsdisplay0
uhid2 at uhidev1 reportid 9: input=0, output=0, feature=255
uhid3 at uhidev1 reportid 10: input=0, output=0, feature=41
uhid4 at uhidev1 reportid 11: input=0, output=0, feature=255
uhid5 at uhidev1 reportid 12: input=0, output=0, feature=255
ums0 at uhidev1 reportid 13: 5 buttons, Z and W dir
wsmouse0 at ums0 mux 0


Another 15+ years old USB keyboard works out of the box, so maybe the
keyboard is to blame here. It worked fine on other hosts running
OpenBSD 7.4 or 7.5, though.

BIOS had been reset to the defaults. dmesg output is attached, of
course. Every helpful idea is highly appreciated. I would be glad
to help to track down this problem.


Harri

OpenBSD 7.5 (RAMDISK_CD) #76: Wed Mar 20 15:53:54 MDT 2024
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/RAMDISK_CD
real mem = 34069209088 (32490MB)
avail mem = 33032028160 (31501MB)
random: good seed from bootblocks
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 3.5 @ 0x73ba9000 (117 entries)
bios0: vendor American Megatrends International, 

bad impression [etc ..] Fwd: [HUNSN RJ43: USB keyboard lost at boot time]

[Wolfgang Pfeiffer]

Attached Harald Dunkels original message from a few days ago, taken
from my offline @misc folder. It seems this is the message Harald
mentioned in this current thread - strangely enough I couldn't find it
anywhere in the marc.info archive.

HTH
Wolfgang

- Forwarded message from Harald Dunkel  -

Date: Sat, 20 Apr 2024 18:01:04 +0200
From: Harald Dunkel 
Subject: HUNSN RJ43: USB keyboard lost at boot time
To: misc@openbsd.org
User-Agent: Betterbird (Linux)

Hi folks,

This morning I've got a HUNSN RJ43 network appliance with N100 and
4 2.5Gbit network interfaces. Problem: The keyboard is lost at boot
time. It still worked at the boot> prompt, but in OpenBSD's installer
menu or at the login prompt it is ignored. I have to pull it out and
plug it into another socket to make OpenBSD 7.5 recognize it, but
even this workaround fails sometimes.

*If* it works, then usbdevs shows (before and after):

pablo# usbdevs -vv
Controller /dev/usb0:
addr 01: 8086: Intel, xHCI root hub
 super speed, self powered, config 1, rev 1.00
 driver: uhub0
 port 01: .02a0 power Rx.detect
 port 02: .02a0 power Rx.detect
 port 03: .0503 connect enabled recovery
 port 04: .02a0 power Rx.detect
 port 05: 0011.02a0 power Rx.detect
 port 06: .02a0 power Rx.detect
 port 07: .02a0 power Rx.detect
 port 08: .02a0 power Rx.detect
 port 09: .02a0 power Rx.detect
 port 10: .02a0 power Rx.detect
 port 11: .02a0 power Rx.detect
 port 12: .02a0 power Rx.detect
 port 13: .02a0 power Rx.detect
 port 14: .02a0 power Rx.detect
 port 15: .02a0 power Rx.detect
 port 16: .02a0 power Rx.detect
addr 02: 05e3:0748 Generic, USB Storage
 high speed, power 500 mA, config 1, rev 12.09, iSerial 1209
 driver: umass0

# plug it in

pablo# usbdevs -vv
Controller /dev/usb0:
addr 01: 8086: Intel, xHCI root hub
 super speed, self powered, config 1, rev 1.00
 driver: uhub0
 port 01: .02a0 power Rx.detect
 port 02: .02a0 power Rx.detect
 port 03: .0503 connect enabled recovery
 port 04: .02a0 power Rx.detect
 port 05: 0011.02a0 power Rx.detect
 port 06: .0103 connect enabled recovery
 port 07: .02a0 power Rx.detect
 port 08: .02a0 power Rx.detect
 port 09: .02a0 power Rx.detect
 port 10: .02a0 power Rx.detect
 port 11: .02a0 power Rx.detect
 port 12: .02a0 power Rx.detect
 port 13: .02a0 power Rx.detect
 port 14: .02a0 power Rx.detect
 port 15: .02a0 power Rx.detect
 port 16: .02a0 power Rx.detect
addr 02: 05e3:0748 Generic, USB Storage
 high speed, power 500 mA, config 1, rev 12.09, iSerial 1209
 driver: umass0
addr 03: 12c9:6001 SINO WEALTH, Newmen Bluetooth Keyboard
 full speed, power 500 mA, config 1, rev 30.04
 driver: uhidev0
 driver: uhidev1


(I know it says Bluetooth, but its connected via cable. No
BT dongle involved.)

dmesg shows on detecting the keyboard:

uhidev0 at uhub0 port 6 configuration 1 interface 0 "SINO WEALTH Newmen Bluetooth 
Keyboard" rev 1.10/30.04 addr 3
uhidev0: iclass 3/1
ukbd0 at uhidev0: 8 variable keys, 6 key codes
wskbd0 at ukbd0: console keyboard, using wsdisplay0
uhidev1 at uhub0 port 6 configuration 1 interface 1 "SINO WEALTH Newmen Bluetooth 
Keyboard" rev 1.10/30.04 addr 3
uhidev1: iclass 3/0, 13 report ids
uhid0 at uhidev1 reportid 1: input=1, output=0, feature=0
ucc0 at uhidev1 reportid 2: 573 usages, 20 keys, array
wskbd1 at ucc0 mux 1
wskbd1: connecting to wsdisplay0
uhid1 at uhidev1 reportid 5: input=0, output=0, feature=5
ukbd1 at uhidev1 reportid 6: 120 variable keys, 0 key codes
wskbd2 at ukbd1 mux 1
wskbd2: connecting to wsdisplay0
uhid2 at uhidev1 reportid 9: input=0, output=0, feature=255
uhid3 at uhidev1 reportid 10: input=0, output=0, feature=41
uhid4 at uhidev1 reportid 11: input=0, output=0, feature=255
uhid5 at uhidev1 reportid 12: input=0, output=0, feature=255
ums0 at uhidev1 reportid 13: 5 buttons, Z and W dir
wsmouse0 at ums0 mux 0


Another 15+ years old USB keyboard works out of the box, so maybe the
keyboard is to blame here. It worked fine on other hosts running
OpenBSD 7.4 or 7.5, though.

BIOS had been reset to the defaults. dmesg output is attached, of
course. Every helpful idea is highly appreciated. I would be glad
to help to track down this problem.


Harri

OpenBSD 7.5 (RAMDISK_CD) #76: Wed Mar 20 15:53:54 MDT 2024
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/RAMDISK_CD
real mem = 34069209088 (32490MB)
avail mem = 33032028160 (31501MB)
random: good seed from bootblocks
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 3.5 @ 0x73ba9000 (117 entries)
bios0: vendor American Megatrends International, 

Re: OpenBSD Installation Doesn't Detect NVMe SSD, but Detects My USB Drives

[Wolfgang Pfeiffer]

On Mon, Apr 15, 2024 at 08:38:51PM +0200, Wolfgang Pfeiffer wrote:

On Mon, Apr 15, 2024 at 08:29:21AM +0200, aliyu...@tutanota.com wrote:

Hello,

I'm currently trying to install OpenBSD on my laptop, and I'm coming
across a problem. The installation only detects my installation drive
and my other USB flash drive that I use for data storage, but not my
NVMe SSD I want to do an installation on.



SATA settings in your BIOS might be worth a try: if sata mode is
set to RAID it might help to switch to ACPI [ .. ]


Wrong: Not ACPI, but AHCI.

Sorry.
--
Wolfgang

Re: OpenBSD Installation Doesn't Detect NVMe SSD, but Detects My USB Drives

[Wolfgang Pfeiffer]

On Mon, Apr 15, 2024 at 08:29:21AM +0200, aliyu...@tutanota.com wrote:

Hello,

I'm currently trying to install OpenBSD on my laptop, and I'm coming
across a problem. The installation only detects my installation drive
and my other USB flash drive that I use for data storage, but not my
NVMe SSD I want to do an installation on.



SATA settings in your BIOS might be worth a try: if sata mode is
set to RAID it might help to switch to ACPI - there was a thread
recently about that on this list:

https://marc.info/?t=17124438522=1=2

--
Wolfgang

Re: 7.5 NO hard drive?

[Wolfgang Pfeiffer]

On Sun, Apr 07, 2024 at 05:17:25PM +0200, Wolfgang Pfeiffer wrote:

On Sun, Apr 07, 2024 at 12:03:21AM -0700, lati...@vcn.bc.ca wrote:

Hello

i have 1 DELL Latitude E4300 that had OBSD 7.3 working correctly, but i
decided to do a clean installation of 7.5 deleting everything on it with a
live cd linux; then tested 7.5 and it says NO disk.

After that i tested Linux, NetBSD, FreeBSD all them where installed
without a problem; But, OBSD 7.3  7.4 7.5 said NO disk!

[ ... ]


Seems to be (not only) a DELL thing: Some time ago I tried an Openbsd
installer on an Alienware computer, ~10 years old, which was sold by
DELL: In UEFI, IIRC, I had to change sata mode from "raid" to "ahci"
to let openbsd detect hard disks on that computer.

Seems to an older issue:
https://daemonforums.org/showthread.php?t=10228
https://www.mail-archive.com/misc@openbsd.org/msg153583.html

IIRC, Debian, Fedora, Windows installed without problems on that machine:
at least in my case it might be a problem with a BIOS version too old for
an openbsd install - not being sure ..


Found an article on dell.com titled:
"Recommended BIOS Settings for your Linux System"
that says:

"Linux does not natively support SATA Operation in RAID On mode as of
May 2022."

Dell later in the article recommends to switch on AHCI for SATA mode:
https://www.dell.com/support/kbdoc/en-us/000123462/recommended-bios-settings-for-your-linux-system
--
Wolfgang

Re: 7.5 NO hard drive?

[Wolfgang Pfeiffer]

On Sun, Apr 07, 2024 at 05:17:25PM +0200, Wolfgang Pfeiffer wrote:

On Sun, Apr 07, 2024 at 12:03:21AM -0700, lati...@vcn.bc.ca wrote:



So OpenBSD has been correctly installed, thanks so much to maintain it nice!

The problem was with the BIOS, it needs IHCH or something like that to be
recognized!
But it is working now as a xfce Desktop!


Seems to be (not only) a DELL thing: Some time ago I tried an Openbsd
installer on an Alienware computer, ~10 years old, which was sold by
DELL: In UEFI, IIRC, I had to change sata mode from "raid" to "ahci"
to let openbsd detect hard disks on that computer.


Correction: IIRC, at least the USB-thumb with the installer on it was
detected with RAID mode enabled - but that was about it ... ;)
So: no hard disk, no SSD etc. that were detected ...

--
Wolfgang

Re: 7.5 NO hard drive?

[Wolfgang Pfeiffer]

On Sun, Apr 07, 2024 at 12:03:21AM -0700, lati...@vcn.bc.ca wrote:

Hello

i have 1 DELL Latitude E4300 that had OBSD 7.3 working correctly, but i
decided to do a clean installation of 7.5 deleting everything on it with a
live cd linux; then tested 7.5 and it says NO disk.

After that i tested Linux, NetBSD, FreeBSD all them where installed
without a problem; But, OBSD 7.3  7.4 7.5 said NO disk!

[ ... ]






So OpenBSD has been correctly installed, thanks so much to maintain it nice!

The problem was with the BIOS, it needs IHCH or something like that to be
recognized!
But it is working now as a xfce Desktop!


Seems to be (not only) a DELL thing: Some time ago I tried an Openbsd
installer on an Alienware computer, ~10 years old, which was sold by
DELL: In UEFI, IIRC, I had to change sata mode from "raid" to "ahci"
to let openbsd detect hard disks on that computer.

Seems to an older issue:
https://daemonforums.org/showthread.php?t=10228
https://www.mail-archive.com/misc@openbsd.org/msg153583.html

IIRC, Debian, Fedora, Windows installed without problems on that machine:
at least in my case it might be a problem with a BIOS version too old for
an openbsd install - not being sure ..
--
Wolfgang

Re: Feedback on redesigned OpenBSD.org

[Wolfgang Pfeiffer]

On Fri, Aug 11, 2023 at 10:38:46PM -0400, Amelia A Lewis wrote:

On Fri, 11 Aug 2023 20:11:02 -0600, Theo de Raadt wrote:

When did it become an assumption that we would adopt any of these
changes?


I don't think that it did become an assumption, but as a number of
people have responded to the initial design, to the point that the
designer offered a revision, I thought I might add to the discussion. I
apologize if it was out place to do so.


The debate - since three days now - strongly suggests, that at least
some of those contributing to the debate were assuming that a change
of the looks of openbsd.org might be accepted. Otherwise: what sense
would it make to debate it here?

The point tho seems: there were at least two threads over the last 11
years on that topic:

2012:
"OpenBSD's webpage desing"
https://marc.info/?l=openbsd-misc=2=4=desing+webpage=b

2016:
"Suggestion: new webpage for openbsd.org"
https://marc.info/?t=14634695033=2=2

Result:
Just compare the archived version of the site from 2011 to the
present one:
https://web.archive.org/web/20111223000626/http://www.openbsd.org/

So to make sure my effort is making sense: what I most certainly would
have done before working on a redesign of the current page would have
been to ask its maintainers, whether they wanted the change. And if
yes: what sort of change. Because obviously it's, well: their page.
Not mine. Plus: they probably have specific needs that I don't know
about for the coding of it, to make it compatible with the frequent
changes of it: updates, announcement of patches etc. - Meaning: Before
doing any attempt to rewrite the code, I would have asked the
current maintainers about the constraints for a change.

Theo de Raadt about a rewrite of openbsd.org in 2016:

--
https://marc.info/?l=openbsd-misc=146378604413389=2

"We rarely do whole-scale replacements of anything in OpenBSD, unless
there is compelling reason the old should be discarded.  I have
probably received 500+ proposals for website rewrites, a handful with
the effort already expended.  This is another offer which will be
rejected.  It is kind of sad.

I think the site is fine. [ ... ]  I agree there would be value in
small tweaks to improve the view for narrow displays.

This is a project that does rapid incremental changes.  This entire
concept of throw-it-away, you-want-the-new-warts; I don't get where
it comes from."

--

Nice weekend, everyone!

Re: Mail Etiquette: Reply above or below

[Wolfgang Pfeiffer]

On Tue, Mar 07, 2023 at 11:58:14AM +0100, Christer Solskogen wrote:


Someone way smarter than me said this:

Because it messes up the order in which people normally read text.
Why is top-posting such a bad thing?
Top-posting.
What is the most annoying thing in e-mail?


You sure? ...
Quoting Nick Holland:

"
Bottom posting was invented for those who can't write in complete
thoughts with context.  You know, like most of the computer world. :-/
"

https://marc.info/?l=openbsd-misc=157503288130311=mbox

Re: Softraid crypto metadata backup

[Wolfgang Pfeiffer]

On Sat, Jan 07, 2023 at 02:33:31PM +, Nathan Carruth wrote:

The way I see it, this depends on one's use case. 
There certainly are cases where it is important to be able
to irrevocably destroy all data in an instant. But there are
also use cases where one is only interested in making sure
that the average person couldn’t access one’s data if one lost
one’s laptop/external drive.

I still think that anyone with the second use case could benefit
from more documentation as I suggested, but I get the feeling
this opinion is in the distinct minority here.


If you're part of that supposed minority: count me in. If it's true
that the headers of encrypted disks on Openbsd are set up in a similar
way as on e.g. Linux, then it's actually a good idea to be able to
have precise knowledge about how to backup that header on OBSD.

I followed this thread. But kept silent so far - simply because I
basically don't know much about how disk headers are organized on
Openbsd.



So — thanks to everyone for the answers, I’m signing off
this question now.

Take care and stay secure,
Nathan


Nathan Carruth writes:

permanently and irrevocably destroy all data on your entire disk”.


This is a feature.


Can be a feature in some situations, yes. But that's just one part of
the story, if I understand correctly.


More so, it's the very point in an encrypted filesystem. If you
haven't planned for this failure scenario


The OP was trying to prepare exactly for this very scenario. That was
obviously the whole purpose of starting the thread.

From what I learned the preparation for that failure includes first a
copy of the data on that encrypted disk to a second or - even better -
a third encrypted one.

But copying back a whole disk because on the original broken one it's
just the header that went south might be an effort that is a least
avoidable. And this when part two of disaster preparation might be
helpful: the so-called header backup.

I don't know how often, and if, such header corruptions on encrypted
disks happen on OBSD, but on LUKS/cryptsetup encrypted disks on
Linux this does not seem to be that unusual - from the LUKS FAQ:

"By far the most questions on the cryptsetup mailing list are from
 people that managed to damage the start of their LUKS partitions,
 i.e. the LUKS header. In most cases, there is nothing that can be done
 to help these poor souls recover their data. Make sure you understand
 the problem and limitations imposed by the LUKS security model BEFORE
 you face such a disaster! In particular, make sure you have a current
 header backup before doing any potentially dangerous operations."

https://gitlab.com/cryptsetup/cryptsetup/-/blob/main/FAQ.md

And so, that no one is getting me wrong: I don't expect anyone to
create the documentation for me. Definitively not. But if disk header
corruption can be a problem on Openbsd, too, then this very
possibility helps at least to understand the point the OP was trying
to make when starting this thread.

Regards,
Wolfgang


then what are you doing using a device which *by design* can
irrevocably trash its contents in an instant?

Re: Installing OpenBSD on new Chromebook

[Wolfgang Pfeiffer]

As it seems to be an x86_64 machine why not try a fresh OpenBSD
Live system via USB or DVD and and see what happens?
https://fuguita.org/

Wolfgang

On Sat, Oct 29, 2022 at 08:11:15AM -0600, Jeff Ross wrote:



On 10/29/22 1:29 AM, Stuart Henderson wrote:

On 2022-10-28, Gabriel Busch de Brito  wrote:



All of places I'm finding with directions on how to do this are from circa
2015 and do not work now.

Anybody have a pointer to a more updated set of directions I can try?

I suggest that you follow the installation guide at the FAQ section of
the website.


Chromebooks aren't standard computers and usually come with a
locked-down bootloader that will need disabling to install another OS.

Also if it's arm rather than x86 there will be additional challenges
beyond this.

So there's not enough information in the original post to give any kind
of pointer.



Thanks Stuart.

It's an HP Chromebook 14a-na1083d with an Intel Celeron N4500 with 4G
ram and 128 eMMC drive.

Booting up in developer mode it tells me that it is Model LANTIS-MEXL
if that helps.

I can get a linux dmesg from the linux VM if that helps at all.  Not
sure how much the VM would represent the actual hardware though.

Jeff


--
"Altars are burnin' with flames far and wide
 The foe has crossed over from the other side
 They tip their caps from the top of the hill
 You can feel them come, more brave blood to spill"

Bob Dylan: "'Cross The Green Mountain"

Re: Web documentation available offline by default?

[Wolfgang Pfeiffer]

On Sat, Feb 29, 2020 at 03:36:02PM +, Ottavio Caruso wrote:


It's also a pity the the faq are not available in a single html or pdf
format. This would be handy for those who, like me, are studying for
the BSD Specialist certification. Having a single document makes it
easier to search for a specific command.


Seems to work on Linux at least: to "wget" the pages one needs, and
then "wkhtmltopdf" them to a pdf file.

Takes time to get it done nicely with the correct flags for
wkhtmltopdf - and the wget procedure might not get all pages needed,
so intervening manually might be an option to get those, too ...

On OBSD ports there's  textproc/wkhtmltopdf. Didn't test the latter
tho'.

Good luck!
Wolfgang

Re: OpenBSD FAQ - Using S/Key - hash algorithm selection

[Wolfgang Pfeiffer]

Both links may be really helpful to gauge the hashes used for an skey
system, theoretically. So thank you for providing them.

But sadly, if I didn't miss anything, they do not describe the real
life circumstances needed for some successful attack on the skey
hashes. For example how much time is needed by which hardware to break
them? And what sort of access is needed for some successful attack: do
the attackers need to sit in front of the machine to succeed?  May
network access to the targeted machine be an option to crack skey?
And how much hardware power is needed for a break-in via network
access - how much time does that approach take to succeed?
Etc. etc. ...

A real life scenario in a public library, where a user is logging in
to his computer: If he uses his permanent password to do that, with at
least as many phones/cameras around him as there are people in this
room, chances his machine might get compromised seem to me a lot
higher than using an s/key password to log in - no matter what hash
was used to initialize the skey system. Correct?

Much better example: I can prove that a human arm is a very useless
body part because it's so easily vulnerable by a crash with a train
coming with 100 mph. Theoretically I'm fully correct. But it's bs
anyways ...

So I'd like to see more of a real life scenario where using certain
hashes for skey to login mean more risk than using e.g. a standard
permanent password. So far I didn't find one.

What did I miss?

Regards,
Wolfgang

On Sat, Jan 11, 2020 at 10:15:48PM -0500, Daniel Dickman wrote:




On Jan 11, 2020, at 3:24 PM, Anders Andersson  wrote:

While perusing the OpenBSD FAQ I came across the S/Key login system
and noticed that there are three possible hashing algorithms to choose
from: MD5, SHA1, and RIPEMD-160.

Instinctively I wouldn't want to use any of these. RIPEMD-160 seems
like the only one that hasn't been broken, but that's probably because
no one really cares as much as they do with MD5 and SHA1.


Collision attacks are not the same as preimage attacks. The latter are much 
harder.  See: https://en.m.wikipedia.org/wiki/S/KEY#Security

Here’s an article that also may be of interest:

https://electriccoin.co/blog/lessons-from-the-history-of-attacks-on-secure-hash-functions/



But of course, it depends on how they are used. Is this a case of when
it's fine to use them, or is it simply that nobody uses S/Key anymore
so there's no real incentive to change them?

Just being curious, I didn't even know S/Key existed until a few minutes ago.

Re: umass device disklabel not detected properly in macppc

[Wolfgang Pfeiffer]

Short version:
Looks like something's wrong either with your hardware or
software: I have the same computer, with OBSD 6.5 installed, and no
problems mounting thumbs - maybe try another thumb, or recreate the
ext2 partition, or use a stable OBSD, instead of current ...

Here on macppc:
hw.product=PowerBook5,8

with a regular 6.5 it seems:
-
kern.version=OpenBSD 6.5 (GENERIC) #496: Sat Apr 13 11:54:02 MDT 2019
   dera...@macppc.openbsd.org:/usr/src/sys/arch/macppc/compile/GENERIC


and I can easily move sticks/data on it around between a Fedora amd64
machine and the macppc Powerbook

For the sake of a demo here:

 + + + + On Linux + + +

Zero-ing a whole usb thumb on Fedora Linux
("dcfldd if=/dev/zero of=/dev ... etc.)

Via "gnome-disks" formatted the thumb ("compatible with all systems
and devices (MBR / DOS"), created a partition choosing "No
filesystem", because ext2 wasn't offered as an option, IIRC ...
then from the command line someth. like:
mkfs.ext2 /dev/sdf1

 + + + + On OBSD macppc + + +

then plugged the drive into the Powerbook:

after
doas disklabel sd0 I get this:

# /dev/rsd0c:
type: SCSI
disk: SCSI disk
label: Transcend 32GB
duid: 
flags:
bytes/sector: 512
sectors/track: 63
tracks/cylinder: 255
sectors/cylinder: 16065
cylinders: 3805
total sectors: 61132800
boundstart: 0
boundend: 61132800
drivedata: 0

16 partitions:
#size   offset  fstype [fsize bsize   cpg]
 c: 611328000  unused
 i: 61130752 2048  ext2fs

---

then someth. like:
mount_ext2fs /dev/sd0i /mnt/ntfs

Then on macppc copied parts of this email text over to the thumb on
/mnt/ntfs, unmounted it and took the thumb back to

  Fedora Linux 

and mounted the thumb on the Linux machine, copying parts of it into
this email, that I write and send from this Fedora system 

Because of the very first paragraphs on this page:
https://www.openbsd.org/faq/current.html
try stable 6.5, maybe?

Wolfgang


On Wed, Dec 18, 2019 at 10:40:36PM +, rgci...@disroot.org wrote:

dear all,

to transfer files between an amd64 Linux, amd64 OpenBSD-current, and macppc
OpenBSD-current i have a USB drive. last night was the first time i tried to
use the drive on the macpcc.

Dec 19 06:09:06 apbg4 /bsd: umass0 at uhub0 port 2 configuration 1 interface 0 
"BUFFALO SSD-PEU3" rev 2.10/1.10 addr 2
Dec 19 06:09:06 apbg4 /bsd: umass0: using SCSI over Bulk-Only
Dec 19 06:09:06 apbg4 /bsd: scsibus4 at umass0: 2 targets, initiator 0
Dec 19 06:09:06 apbg4 /bsd: sd0 at scsibus4 targ 1 lun 0:  serial.04110210357B1BD7B099
Dec 19 06:09:06 apbg4 /bsd: sd0: 241216MB, 512 bytes/sector, 494010368 sectors

the disklabel was not detected properly. this is the disklabel on macppc
OpenBSD-current (#638: Mon Dec 16):

# /dev/rsd0c:
type: SCSI
disk: SCSI disk
label: SSD-PEU3
duid: 
flags:
bytes/sector: 512
sectors/track: 63
tracks/cylinder: 255
sectors/cylinder: 16065
cylinders: 30750
total sectors: 494010368
boundstart: 0
boundend: 494010368
drivedata: 0

16 partitions:
#size   offset  fstype [fsize bsize   cpg]
 c:4940103680  unused

i tried both USB ports of the Powerbook5,8. same results.

this is the **correct** disklabel on amd64 OpenBSD-current (#637: Sun Dec 15):

# /dev/rsd1c:
type: SCSI
disk: SCSI disk
label: SSD-PEU3
duid: 
flags:
bytes/sector: 512
sectors/track: 63
tracks/cylinder: 255
sectors/cylinder: 16065
cylinders: 30750
total sectors: 494010368
boundstart: 0
boundend: 494010368
drivedata: 0

16 partitions:
#size   offset  fstype [fsize bsize   cpg]
 c:4940103680  unused
 i:494006272 2048  ext2fs


partition can be mounted properly on amd64 Linux and OpenBSD.


IIRC the drive was initialized / created on Linux.


i have other USB drives (whole disk, msdos format) that work properly across all
3 machines.


what am i missing here? looking forward to some pointers.


yorosiku ~


--
"Altars are burnin' with flames far and wide
The foe has crossed over from the other side
They tip their caps from the top of the hill
You can feel them come, more brave blood to spill"

Bob Dylan: "'Cross The Green Mountain"

Re: When will be created a great desktop experience for OpenBSD?

[Wolfgang Pfeiffer]

On Thu, May 09, 2019 at 12:52:18PM +0300, Mihai Popescu wrote:


Still wondering what "great desktop experience" means ...


Bullshit, that's what it means.

In nearly 20 years on mailing lists and on the internet, I don't
remember to have ever seen anyone asking such a stupid question like
the one in the subject line. Ever.

The OP doesn't seem to have the slightest grip on the fact that it's
everyone's own job to configure and set up their "Desktops", just the
way they want to have it. Or, alternatively, he expects the OBSD
developers to fulfill his lazy wishes so he just can sit and wait see
his "great desktop experience" roll onto his computer, freshly made -
and at no cost, for sure - by the OBSD coders.  Mindbogglingly stupid,
an impudent, this idea ..

Wolfgang

--
OpenBSD: "software we primarily develop for ourselves -- in the
hope that other people are like us and need similar things."
 -- Theo de Raadt

Re: xbox 360 wireless controller on amd64 working?

[Wolfgang Pfeiffer]

On Tue, May 07, 2019 at 12:55:24AM +, tfrohw...@fastmail.com wrote:

On May 6, 2019 8:55:41 PM UTC, Wolfgang Pfeiffer  wrote:

Hi all

 Has anyone actually tried to use that controller on a fresh or older
OpenBSD? If yes: successful?


[ .. ]



Sorry, wireless won't work without a Bluetooth implementation.


Ahh, now that I read it, I think I remember something like that. Bad
luck, I'd say ..

 Here on linux I use that wireless controller as some sort of remote
control: I navigate with it mpv, the movie player, to watch movies,
youtube etc.: basically selected keys of one's choice are mapped to
this controller - the buttons, bumpers, sticks etc. on it thus
becoming technically something like keys on a keyboard, with, AFAICS,
effectively the same functionality to the corresponding keys on a
keyboard.

 That is, with controller buttons mapped like this, one can
e.g. switch on/off subtitles for a video, turn the view upside down,
or on one of its sides. Switch, choose available languages. Fast or
slow backward the movie etc. etc.. and all this from a comfortable
place on a sofa, chair: I think once someone felt the convenience of
using that device like this, they'll never again go back navigating a
movie with their keyboard ... :)

 Hoping I was able to wet someone's mouth with this short description
.. :)

 I didn't write the driver: I simply took some configs and adapted
them to my needs.

More on it here:
https://github.com/wlfgp/xboxdrv-mouse

Thanks, at any rate!

Regards,
Wolfgang

xbox 360 wireless controller on amd64 working?

[Wolfgang Pfeiffer]

Hi all

 Has anyone actually tried to use that controller on a fresh or older
OpenBSD? If yes: successful?

 I found hints in the 6.5 ports tree relating to that controller (and
the sdl2 package seems to be part of the regular packages tree, too)

../ports/devel/premake4/files/scripts.c
../ports/devel/sdl2/patches/patch-src_joystick_SDL_gamecontroller_c

Strongest hints at:
.. ports/devel/sdl2/pkg/README:

==

$OpenBSD: README,v 1.2 2018/09/04 12:46:11 espie Exp $

+---
| Customizing ${PKGSTEM} gamecontroller layout on OpenBSD
+---

The mapping for SDL2's gamecontroller API is currently based on a workaround.
It defaults to:

"none,X360 Wireless Controller,a:b0,b:b1,back:b6,dpdown:b14,dpleft:b11,\
dpright:b12,dpup:b13,guide:b8,leftshoulder:b4,leftstick:b9,lefttrigger:a2,\
leftx:a0,lefty:a1,rightshoulder:b5,rightstick:b10,righttrigger:a5,rightx:a3,\
righty:a4,start:b7,x:b2,y:b3,"

A custom mapping can be used via the SDL_GAMECONTROLLERCONFIG env var. Note
that the first value (for guid) should be 'none' and the second one can be any
name under which SDL2 will list the gamecontroller device.

Example mapping (for Logitech Dual Action gamepad):

$ export SDL_GAMECONTROLLERCONFIG="none,X360WirelessController,a:b1,b:b2,\
back:b8,dpdown:h0.4,dpleft:h0.8,dpright:h0.2,dpup:h0.1,leftshoulder:b4,\
leftstick:b10,lefttrigger:b6,leftx:a0,lefty:a1,rightshoulder:b5,rightstick:b11,\
righttrigger:b7,rightx:a2,righty:a3,start:b9,x:b0,y:b3,"

=

Thanks in anticipation,
 Wolfgang

Re: Upgrade procedure (6.4 -> 6.5)

[Wolfgang Pfeiffer]

Ingo, and Everyone,

On Sun, May 05, 2019 at 02:58:18PM +0200, Ingo Schwarze wrote:

Hi Wolfgang,

Wolfgang Pfeiffer wrote on Sat, May 04, 2019 at 06:34:04PM +0200:

On Sat, May 04, 2019 at 01:07:34AM -0400, Nick Holland wrote:



Spend a little time learning OpenBSD,



Yes: time needed, I think: Took me a while until I got that ... :)


[ .. ]

Bottom line, chances are that the time you need for learning is vastly
outweighted by the time you save because the system is so much simpler
to use.  So likely, you will save time starting on day one.


First: Thanks a lot for taking the time for your answer.

 But I disagree. Bigly.

 While my experience with OBSD certainly isn't extended enough, yet,
to tell how much time I will save by using the system, my guess would
be that you are right: I don't think I ever experienced an install
that quick and smooth like the OBSD one I did on two Macintosh
computers some time ago. With hickups, IIRK, yes, but nevertheless
great.

 The point where I differ is where you seem to indicate that first it
is some sort of a loss when we have to study the system, and that this
effort is outweighed later on by the time we save. Half-true it is ... :)

 Because: if we seriously work through the big holes of missing
knowledge in whatever territory, it will nearly always end up a win
situation. Provided one doesn't give up. Because while we study we
become more knowledgeable. That's the first win, coming nearly always
with minimal intelligence and enough effort. The second one will come
the moment we start to master the territory we studied. So:
Double-win, hopefully ... :)

Extended version:

 We need to be interested in the territory of our studies: if
grandma' just needs a computer to send emails to her friends, or
video-calling her grand-kids it's okay to just install her some Linux
or Windows. Provided - at least in the latter case - she doesn't
intend to do her internet banking with such an OS. But if she really
wanted to understand the tool she's using, she will need to learn
before asking lazy questions on a computer mailing list. Because the
people on this list - probably any mailing list - are not here to do
the work she needs to do herself.

Theo de Raadt recently wrote that OBSD is

"software we primarily develop for ourselves -- in the hope that other
people are like us and need similar things." [1]

I think this is an important approach to any work: if we're not
interested in what we do, if we strive to help others, if we sacrifice
our life to others, if we pretend that others are more important than
us, and all of this out of some concept of moral duty, we will in the
end have cannibalized ourselves. Which is another form of suicide (Ayn
Rand has more on that: "altruism").  And OBSD might die an ugly death
- I obviously don't want that. And instead try to do my homework.

HTH,

Kind Regards, and Thanks again, Ingo,
 Wolfgang

[1] https://marc.info/?l=openbsd-misc=155634461814603=2



Yours,
 Ingo

Re: Upgrade procedure (6.4 -> 6.5)

[Wolfgang Pfeiffer]

On Sat, May 04, 2019 at 01:07:34AM -0400, Nick Holland wrote:

On 5/3/19 2:32 PM, Strahil Nikolov wrote:

On May 3, 2019 10:49:55 PM GMT+03:00, Nick Holland
 wrote:

On 5/2/19 1:52 AM, Consus wrote:


   [ ... ]


I tried to update a VM (stock setup) with a 10 GB disk from 6.4 to
6.5  and thus it seemed that booting from the 6.5 DVD will do the
trick. Sadly the installer never checked the avalable space , but
just started to do it's stuff until reporting that not enough space
is available.


 A default Fedora installation here is using 39GB from a whole disk
(no VM), after two or three years of using it, with a a few upgrades
in between. Now admittedly there a few big files in that sum. But even
if I count those big ones off I'd assume that a default install or
upgrade of any OS (Windows, Linux, whatever ...) on a disk with just
10(!) GB might be just a little, little bit too small: and it takes no
installer to tell me that ... ;)

[ ... ]



And ... considering the number of times I've seen and heard about Linux
systems hose themselves with upgrades, I question your implication.
Major Linux upgrade?  Most people I know just say "Screw it.  Rebuild,
reload".


 Even on that Fedora Linux from where I'm writing this, it takes a
bit of preparation for a major upgrade: like close down X, the DM,
move to a console, start (as an example) some tmux, and from there
start very specific steps to upgrade. To just believe one can press an
upgrade button in Fedora and hope this will work is akin to asking for
trouble right on my knees ... ;)

 But I admit, Fedora users might be to lured into this
"just-press-the-upgrade-button" easily - not being sure why this is
so ...

[ .. ]


Why did the installer allow installation despite the available space
is low ( even windows checks available space :) )???


see above ... ;)

Here comes my favorite part:


OpenBSD has what I call a "Learning Curb".  You gotta lift your feet.
Not a lot, it's not hard, but you can't just shuffle along mindlessly
and expect to be carried to the next level without your engaging your brain



 Well: it is hard. It takes time to learn. Tho' no university grades
being needed to succeed in that, I think.


If you used Linux for a little bit and figured that OpenBSD is "just
like Linux, but different", yeah, no, you are going to be disappointed.
Different beast.



From a management perspective, I'd say Linux and Windows are much
more alike than Linux and OpenBSD.


+1


Linux is written for and by those frustrated with Windows
("Reinventing Windows, poorly").  OpenBSD is Unix.  It's probably the
simplest Unix out there to use and manage, but it's not Windows (or
Linux).

Or...  Think of Linux (and windows) as the big cushy luxury car.
Easy to drive, assuming you work within the anticipated parameters,
but you really have no idea what's going on under the hood.  "you
aren't supposed to".  That's the design goal, and it works pretty
well...until it doesn't.


again: +1


OpenBSD is more like a semi-primative small car with tight
suspension and a stick-shift trans.  It's got antilock brakes, but for
the most part, it assumes you know what you are doing when you get
behind the wheel.  When it gets a little wonky, you pop the hood, look
around, see what's not right.  Grab a couple tools from the trunk
(included!) fix it, and be back on the road before the guy in the Luxury
car has figured out how to call for a tow truck.

Spend a little time learning OpenBSD,


Yes: time needed, I think: Took me a while until I got that ... :)


and you will find you can make it do amazing things.

Nick.


Thanks, and Regards,
 Wolfgang

Re: Code of Conduct location

[Wolfgang Pfeiffer]

On Sun, Apr 28, 2019 at 03:33:50PM +0200, Rachel Roch wrote:

Apr 28, 2019, 9:16 AM by cho...@jtan.com :


[ .. ]


I believe OpenBSD's code of conduct can be summed up as "if you are the
type of person who needs a code of conduct to teach to you how to human
then you are not welcome here".

At least I hope so.

Matthew



I always thought it could be summed up as "Don't piss off Theo".  ;-)


... :)

He's setting a standard. So I don't have to worry about talking freely
about what I think here. And that's just one reason why I try to
migrate my machines to OpenBSD ...

And one of the first things I do when looking at software, and whether
it's useful for my needs or not: Are those who write it adults or are
they whinies with problems regarding understandable speech? I'm
trying to keep the latter mostly at safe distances from me, and I
tend to avoid their code getting installed onto my machines ...

So that's another reason I'm glad Theo de Raadt is setting a certain
standard here ...

So yes, for sure: "Don't piss off Theo". And no smiley.

Regards .. :) ..
Wolfgang