On Thu, 2024-03-28 at 14:12 -0400, Lee wrote:
>
> Yes, it does. I was hoping for something simple but it's becoming
> clear to me that there's no simple "make Debian secure for dummies"
> checklist to follow.
Making "Debian secure for dummies" and having a multi-user system at
the same time
On Fri, 2024-03-15 at 09:12 +, Michael Grant wrote:
> I use tmux on my server. tmux creates multiple pttys. When I run
> finger, I see an error like this:
>
> $ finger
> finger: /dev//pts/6: No such file or directory
>
> and in the log, I see:
>
> /var/log/syslog:Mar 15 05:06:18 strange
On Sat, 2024-03-09 at 13:54 +0100, hw wrote:
>
> NFS can be hard on network card drivers
> IPv6 may be faster than IPv4
> the network cable might suck
> the switch might suck or block stuff
As iperf and other network protocols were confirmed to be fast by the
OP it is very unlikely that it is a
On Thu, 2024-03-07 at 10:13 +0100, Stefan K wrote:
> Hello guys,
>
> I hope someone can help me with my problem.
> Our NFS performance ist very bad, like ~20MB/s, mountoption looks
> like that:
Are both sides agreeing on MTU (using Jumbo frames or not)?
Have you tested the network with iperf
On Thu, 2024-03-07 at 09:52 +, Thomas Pircher wrote:
> On 2024-03-07 09:37, Jonathan Dowland wrote:
> > $ grep -i ^9009df /usr/share/nmap/nmap-mac-prefixes
> > 9009DF Intel Corporate
>
> Alternatively, the ieee-data package also contains the OUI database:
>
> $ grep -i ^9009df
Hi!
Several packages in Debian can somehow (either by embedding it or
querying it from some common database) display the MAC Vendor
information of network adapters (derived from hardware addresses).
One example is nmap, that displays the device vendor when scanning.
Is there some commandline
On Fri, 2024-02-23 at 20:10 +, Andy Smith wrote:
> One more time: a successor to the Ethernet bonding driver already
> exists and has for more than 10 years.
That is the other thing I wanted to ask here, I have configured a
LACP link aggregating interface more or less similar to what is
On Fri, 2024-02-23 at 18:13 +0100, Mariusz Gronczewski wrote:
> "Do what I say, discussion is not allowed because I don't want to
> make a sensible arguments!"
This certainly is not my position. I have no problem arguing this
question, and I've got an opinion on it. I just think this mailing
On Fri, 2024-02-23 at 11:07 +0100, Marco Moock wrote:
>
> Debian is mostly a collection of many packages that are packed in the
> repo.Such changes are normally done upstream.
I found e.g. this on upstream work on that topic:
Hello!
I know this is a loaded topic. I really don't want to discuss the
political aspects of the "why", but just want to know the facts, i.e.
how far this has been progressed in Debian.
Is there anything planned to get "master/slave" terminology out of
network bonding/LACP in Debian (or Linux
On Thu, 2024-02-15 at 20:33 -0500, Neal Heinecke wrote:
> I need to identify the package responsible for creating the software
> sources window. There is a minor bug/typo where the first tab reads
> "Ubuntu Software"
This could be synaptic?
https://help.ubuntu.com/community/SynapticHowto
Does
Hello fellow Debianites!
I want do do a custom CLI for a project, and I am quite happy with the
Python cmd module. Aside from having a practically un-googleable name
it is very nice, and does a lot with very little code. So far, so good.
But:
If I write a Python script with this module, and
On Thu, 2024-02-08 at 15:36 +, Andy Smith wrote:
> USB storage is for phones and cameras etc, not for serious
> computing. Many people will disagree with that statement and say
> they use it all the time and it is fine.
I am clearly in the latter camp. This mail is delivered via a Raspberry
On Tue, 2024-02-06 at 21:31 +0700, Max Nikulin wrote:
> is active in terminal, it is possible to hold [Shift] to get mouse
> events handled by terminal instead of Vim or another application
> running in terminal.
I think pressing shift does not work here in e.g. gnome-terminal,
because there
On Mon, 2024-02-05 at 15:14 -0800, David Christensen wrote:
> I am unable to determine if the problem is Firefox, Vim, or something
> else.
>
> Comments or suggestions?
As others have written, vim has changed copy+paste defaults some time
ago. Some even call this changing defaults "they broke
On Mon, 2024-02-05 at 21:06 +0100, hw wrote:
> And what the hell is 'Strg' supposed to mean?
"Strg" is short for "Steuerung", just the literal translation of
"control".
/ralph
On Mon, 2024-02-05 at 17:40 +0700, Dmitry wrote:
>
> But secure boot is usually turned off. It is a standard advice during
> Linux
> installation.
>
Will probably be increasingly common though, I've got a Microsoft
Surface Laptop that works fine with Debian, but if you switch off
secure boot,
On Fri, 2024-02-02 at 20:25 -0500, Lee wrote:
> I figure there's a high percentage of keyboard jockeys here so ..
> which keyboard do you like and why?
I like the flat style similar to what is in many notebooks. Current
favourites are the Apple keyboards (expensive though, for what they
are), the
On Fri, 2024-02-02 at 15:31 +0100, Marco Moock wrote:
> It should be if you enter "save" in the nmcli.
Thanks, I did not realize this was possible. I probably
will use nmcli more often in the future.
Ralph
On Fri, 2024-02-02 at 14:28 +0100, Marco Moock wrote:
> In the past the default was to use EUI-64 and have the MAC address in
> the address. If that is suitable for you (privacy!), use that.
I basically don't care about the privacy aspect for now (it is more of
a lab setup, and my IPv4 address is
Hi fellow Debian users!
In my quest to advance the IPv6 preparedness of my home LAN I want to
find a solution to use IP tokens on all my clients. IP tokens (keeping
the host part of the IPv6 address static while getting the subnet part
by SLAAC) seem very elegant to me, because it avoids DHCPv6
On Fri, 2024-01-26 at 16:11 +0100, hw wrote:
> I've never had issues with any UPS due to self tests. The batteries
> need to be replaced when they are worn out. How often that is
> required depends on the UPS and the conditions it is working in,
> usually every 3--5 years.
It was with some
On Thu, 2024-01-18 at 13:09 +, Michael Kjörling wrote:
>
> Definitely agree that a solid backup regimen (including regular
> automated backups; at least one off-site copy _at least_ of critical,
> hot data; and planning for the contingency that you need to restore
> that backup onto a brand
On Thu, 2024-01-18 at 12:51 +, Tixy wrote:
>
> I have the same options in the forward chain except that I haven't
> qualified them with an interface name. Didn't occur to me that I
> would
> need to do that as there are only two networks my LAN and 'the
> internet'.
You probably don't need
Hello fellow Debian users,
On Thu, 2024-01-18 at 12:18 +0100, hw wrote:
> Always use an UPS.
Here I have a somewhat contrarian view, I hope not to offend too much:
For countries with stable electricity supplies (like Austria where I
live) having a small UPS might actually lead to more
Hello everybody, related question to what I asked a few days ago:
Since I touched my /etc/nftables.conf rules a few days ago to enable
IPv6 I've got IPv6 working completely (thanks again for your help with
suggesting logging packets), but I seemingly broke mss clamping for
IPv4 in doing so (or
On Fri, Jan 12, 2024 at 07:35:14PM +0100, Michel Verdier wrote:
> meta l4proto udp log level info prefix "udp" accept
Thanks for that, and thanks to Michael Kjörling, your replies really
helped.
I found log lines similar to:
2024-01-12T19:51:32.999346+01:00 pi kernel: [3401524.305759]
On Fri, Jan 12, 2024 at 05:26:57PM +, Michael Kjörling wrote:
> My suggestion would be to insert a "udp log" rule. (Pretty sure you
> only need "udp", not "meta l4proto udp".)
Thanks, I will try that. Yes "meta l4proto udp" might be cargo
cult configuration ;)
> That will give you a
On Fri, Jan 12, 2024 at 03:52:46PM +, Tom Furie wrote:
> other input/output rules that are interfering, but since you've abridged
> your ruleset we have no way of knowing.
Sorry, wanted to include the full rulest an forgot. I've still have left
off the "table ip nat" and "table ip filter"
On Fri, Jan 12, 2024 at 03:52:46PM +, Tom Furie wrote:
> Where is the DNS server the dmz host is resolving against? In your dmz,
> your internal network, on the firewall machine, outside? You may have
> other input/output rules that are interfering, but since you've abridged
> your ruleset we
Hello!
I am currently fighting with the following problem: I've got a system
that has 3 relevant interfaces: ppp0, en0 and en2, for external,
internal and dmz respectively.
The dmz is IPv6 only, a homelab testbed more or less.
I've got the follwing rules in /etc/nftables.conf for ipv6 (i am
?
Liebe Grüße,
Ralph Aichinger
Hi, everybody, as a bullseye user I am seeing messages like
| Unable to negotiate with 10.0.17.52 port 22: no matching
| key exchange method found. Their offer: diffie-hellman-group1-sha1
with increasing frequency, especially when trying to ssh into
proprietary, obsolete stuff. Above comes
On Thu, Oct 24, 2019 at 02:01:25PM -0400, Dan Ritter wrote:
> StrongSwan used to be the best supported, but LibreSwan is now.
> Things change.
Thanks!
This is the kind of information I was hoping for.
> If you need solid VPN support and control all the endpoints,
> Wireguard may be an even
On Thu, Oct 24, 2019 at 05:32:51PM +0200, deb...@jherrero.org wrote:
> El jue, 24-10-2019 a las 16:27 +0200, Ralph Aichinger escribió:
> > Or am I completely wrong and should I use some other implementation?
>
> from
>
> https://www.debian.org/releases/stable/a
Hi!
I am not a completely unexperienced user of Debian, but sometimes
certain subsystems and choices still puzzle me. Right now this
is IPSec.
There used to be several implementations, but am I right that
the only sensible one right now is Strongswan?
https://wiki.debian.org/IPsec
goes on
(Sorry if this is a duplicate message, I tried to post this
an hour or so ago, but saw nothing on the list.)
I want to install bareos, the bacula derived backup software
with a PostgreSQL/dbconfig setup on a sid/amd64 system. I am
stuck at the following error:
An error occurred while installing
I just tried to install gfax (in sid), and it crashed on me just as described
in bug 651160.
This has been reported in 2011, is tagged help, and seems to go
nowhere.
What is the right way to suggest that this package is not ready
for release (I do think if I am not the only one experiencing
the
Hello!
I had the problem today that I wanted to get some information out
of my wtmp file about system usage, and I needed logins
categorized by year. In Debian, last gives output like
ralphpts/1monk Mon Nov 15 14:32 still logged
in
ralphpts/0monk
39 matches
Mail list logo
