Re: OpenSSH /etc patch

2000-02-26 Thread Jordan K. Hubbard
+# Generate SSH host key, if it doesnt exist. Both sshd and ssh need it +# so we do it unconditionally on sshd_enable. Are you sure ssh requires a host key? I could have sworn this was entirely related to sshd and could thus be lumped into the same "if sshd_enable=YES" clause. - Jordan To

Re: OpenSSH /etc patch

2000-02-26 Thread Bjoern Groenvall
Kris Kennaway [EMAIL PROTECTED] writes: Does this patch fix the problems people are seeing? It also generates the hostkey if it doesnt exist. Oops, the NO_DESCRYPT line in the /etc/defaults/make.conf patch shouldn't be committed yet..I'm still testing that one. +# Generate SSH host key,

Re: OpenSSH /etc patch

2000-02-26 Thread Mark Murray
Does this patch fix the problems people are seeing? It also generates the hostkey if it doesnt exist. It works, but I'd prefer to see the launch of sshd in rc.network somewhere, not in rc. -- Mark Murray Join the anti-SPAM movement: http://www.cauce.org To Unsubscribe: send mail to [EMAIL

Re: OpenSSH /etc patch

2000-02-26 Thread Bjoern Groenvall
Mark Murray [EMAIL PROTECTED] writes: Does this patch fix the problems people are seeing? It also generates the hostkey if it doesnt exist. It works, but I'd prefer to see the launch of sshd in rc.network somewhere, not in rc. Since the start of sshd enables logins almost all stuff from

Re: OpenSSH /etc patch

2000-02-26 Thread Kris Kennaway
yOn Sat, 26 Feb 2000, Jordan K. Hubbard wrote: +# Generate SSH host key, if it doesnt exist. Both sshd and ssh need it +# so we do it unconditionally on sshd_enable. Are you sure ssh requires a host key? I could have sworn this was entirely related to sshd and could thus be lumped into

Re: OpenSSH /etc patch

2000-02-26 Thread sthaug
Are you sure ssh requires a host key? I could have sworn this was entirely related to sshd and could thus be lumped into the same "if sshd_enable=YES" clause. The code does not lie :-) From ssh.c: /* * If we successfully made the connection, load the host private

Re: OpenSSH /etc patch

2000-02-26 Thread Kris Kennaway
On Sat, 26 Feb 2000 [EMAIL PROTECTED] wrote: But this means that ssh must be setuid root. Some of us insist on *not* using rsa-rhosts authentication, and install ssh without any privileges. Looks to me like we need a couple of alternatives here. If you want to tinker with the file

Re: OpenSSH /etc patch

2000-02-26 Thread sthaug
If you want to tinker with the file permissions, can't you deal with the fact that the startup scripts will create a host key for you the first time you boot with it installed? As long as there is an easy way of running ssh without any special privs, I'm happy. Steinar Haug, Nethelp

Re: OpenSSH /etc patch

2000-02-26 Thread Bjoern Groenvall
Kris Kennaway [EMAIL PROTECTED] writes: yOn Sat, 26 Feb 2000, Jordan K. Hubbard wrote: +# Generate SSH host key, if it doesnt exist. Both sshd and ssh need it +# so we do it unconditionally on sshd_enable. Are you sure ssh requires a host key? I could have sworn this was

if_kue.c addition please commit...

2000-02-26 Thread Ron Klinkien
Hello Bill Paul, After all the troubles I had trying to get several PCCards to workin my Compaq Laptop (who all work 100% with Linux). I went out and looked for the cheapest USB-Ethernet adapter I get my hands on. And what I hoped for, I works perfectly with 4.0-CURRENT! No messing with

Re: OpenSSH /etc patch

2000-02-26 Thread Mark Murray
Since the start of sshd enables logins almost all stuff from the rc files should have been run (mounting homedirs, raising securelevels etc.) before sshd is started. OK- fair enough! M -- Mark Murray Join the anti-SPAM movement: http://www.cauce.org To Unsubscribe: send mail to [EMAIL

Re: bad blocks

2000-02-26 Thread Poul-Henning Kamp
In message [EMAIL PROTECTED], kibbet writes: This message is in MIME format --_=XFMail.1.3.p0.FreeBSD:000227023903:2009=_ Content-Type: text/plain; charset=us-ascii Hi all, Quick question, how does the new ata driver handle bad blocks? I've been tracking -current since around Nov 99 but haven't

Re: openssh uses /etc (bad)

2000-02-26 Thread Bjoern Groenvall
Kris Kennaway [EMAIL PROTECTED] writes: On Fri, 25 Feb 2000, Ollivier Robert wrote: I just saw that openssh (thanks Mark!) is using /etc/ for its configuration file. As the author of the "--with-etcdir" option of SSH (back in '96) and for the sake of consistency, I'd like to create a

Re: bad blocks

2000-02-26 Thread Wilko Bulte
On Sun, Feb 27, 2000 at 02:39:03AM +1030, kibbet wrote: Hi all, Quick question, how does the new ata driver handle bad blocks? I've been tracking -current since around Nov 99 but haven't seen this come up. ad does not any longer support bad144 (IIRC). Soeren can tell you more. -- Wilko

USB NIC speed?

2000-02-26 Thread Mikko Työläjärvi
Seeing that -current now supports USB network devices, I got a Linksys 100TX "dongle". Question is: what kind of speed is reasonable to expect with this thing? Some unsophisticated tests show that I get around 3.7 Mbit/sec under FreeBSD, and about 5.5 Mbit/sec under Windogs98. This is on a

Re: bad blocks

2000-02-26 Thread Kelly Yancey
On Sun, 27 Feb 2000, kibbet wrote: Hi all, Quick question, how does the new ata driver handle bad blocks? I've been tracking -current since around Nov 99 but haven't seen this come up. As I recall, it doesn't. The reasoning is that modern IDE drives perform bad block reassignment so if

Build World dies....

2000-02-26 Thread William Woods
Running 4.0-2214-CURRENT doing a make world on a DEC Alpha 200 4/233 with a cvsup from last night, I get: -- === libpam/modules/pam_cleartext_pass_ok rm -f .depend mkdep -f .depend -a

Re: openssh uses /etc (bad)

2000-02-26 Thread John Polstra
In article [EMAIL PROTECTED], Bjoern Groenvall [EMAIL PROTECTED] wrote: While you are moving things around you might as well move /usr/sbin/sshd to /usr/libexec/sshd where it should have resided in the first place. No, that would be contrary to the conventions documented in hier(4).

Re: openssh uses /etc (bad)

2000-02-26 Thread Jordan K. Hubbard
No, that would be contrary to the conventions documented in hier(4). /usr/libexec is for things that are executed by other programs. Normal persistent daemons such as sshd belong in /usr/sbin. Take a look at the current contents of those two directories and you'll see the distinction.

Re: Build World dies....

2000-02-26 Thread Jordan K. Hubbard
Can we please stop cross-posting this? -current alone is a more than adequate mailing list. - Jordan To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-current" in the body of the message

Re: Build World dies....

2000-02-26 Thread Ben Smithurst
William Woods wrote: Grr..cant say I like that idea, I would like to have them both... Oh. You *have* cvsup'ed the cvs-crypto collection, right? I think that's the one you need. -- Ben Smithurst / [EMAIL PROTECTED] / PGP: 0x99392F7D To Unsubscribe: send mail to [EMAIL PROTECTED] with

Re: kdelibs port broken?

2000-02-26 Thread Joel Ray Holveck
Not with the port. I was installing Qt to /usr/local/qt, and the port was putting the libs in a non-standard place where KDE couldn't find them. :-C I built Qt 1.45 by hand, installed it, set QTDIR, and everything compiled fine. I haven't done much testing on it yet (only ran kdehelp a

installword dies [Feb 26 12:52 EST]

2000-02-26 Thread Hasan Diwan
/usr/share/man/man3/pam_close_session.3.gz - /usr/share/man/man3/pam_open_session.3.gz ln: /usr/share/man/man3/pam_close_session.3.gz: No such file or directory *** Error code 1 -- Hasan Diwan [[EMAIL PROTECTED]] :) Rensselaer Polytechnic Institute Computer Science Department PGP

Re: Build World dies....

2000-02-26 Thread Vladimir Kushnir
Sorry for (perhaps) stupid question but how can I get them if I'm using CTM? On Sat, 26 Feb 2000, Ben Smithurst wrote: William Woods wrote: Grr..cant say I like that idea, I would like to have them both... Oh. You *have* cvsup'ed the cvs-crypto collection, right? I think that's the

Re: OpenSSH /etc patch

2000-02-26 Thread Kris Kennaway
On 26 Feb 2000, Bjoern Groenvall wrote: Right, the code does not lie (if ssh is setuid root). But, if the host key has not yet been created, then no host can have the public key and thus rsa-rhosts authentication won't work anyways. It is not required to run ssh-keygen to make ssh work, Sshd

Re: OpenSSH /etc patch

2000-02-26 Thread Kris Kennaway
On Sat, 26 Feb 2000 [EMAIL PROTECTED] wrote: If you want to tinker with the file permissions, can't you deal with the fact that the startup scripts will create a host key for you the first time you boot with it installed? As long as there is an easy way of running ssh without any

[PATCH] Fix login.conf, expiration, BSD compatibility in OpenSSH

2000-02-26 Thread Andrey A. Chernov
This patch revive almost all login.conf and password/account expiration features, makes OpenSSH more FreeBSD login compatible and fix non-critical memory leak. Please review and commit. --- sshd.c.old Fri Feb 25 08:23:45 2000 +++ sshd.c Sun Feb 27 02:53:33 2000 @@ -37,9 +37,8 @@ #endif

Re: Build World dies....

2000-02-26 Thread Kris Kennaway
On Sat, 26 Feb 2000, Ben Smithurst wrote: William Woods wrote: Grr..cant say I like that idea, I would like to have them both... Oh. You *have* cvsup'ed the cvs-crypto collection, right? I think that's the one you need. You need: src-crypto src-secure Are you still having the

NO_DESCRYPT patch

2000-02-26 Thread Kris Kennaway
This is something which has been requested a fair bit..it will disable the building of the DES CRYPT libraries even if you have the crypto sources installed, so you can e.g. get OpenSSL/OpenSSH without having to deal with the pitfalls of libdescrypt. It seems to work fine for me..if I hear any

Re: openssh uses /etc (bad)

2000-02-26 Thread Ollivier Robert
According to Bjoern Groenvall: While you are moving things around you might as well move /usr/sbin/sshd to /usr/libexec/sshd where it should have resided in the first place. I disagree. sshd is like named or moused, a daemon running standalone and not under inetd's control. Most of

Re: NO_DESCRYPT patch

2000-02-26 Thread Kris Kennaway
On Sat, 26 Feb 2000, Doug Barton wrote: Meanwhile, it seems that to get all the new bits we have to have cvs-crypto in the cvsup file, yes? And if we do that currently (before your patch) we will end up installing DES, right? Yes. The downside is that with the DES crypt library any

Re: HP servers and FreeBSD?

2000-02-26 Thread Joerg Micheel
Mike, On Fri, Feb 25, 2000 at 03:07:18PM -0500, Michael Lucas wrote: I've been offered a deal on a couple of HP servers. Does anyone have any experience with the HP Netserver LC3 7/550? I have just installed a 0222 current on a HP Kayak XU800. This is one of the latest models. I'm

Re: bad blocks

2000-02-26 Thread kibbet
Hi again, On 26-Feb-00 Kelly Yancey wrote: On Sun, 27 Feb 2000, kibbet wrote: Hi all, Quick question, how does the new ata driver handle bad blocks? I've been tracking -current since around Nov 99 but haven't seen this come up. As I recall, it doesn't. The reasoning is that modern

Linux-Netscape-communicator47-Port - problem

2000-02-26 Thread Johan Mårtensson
I tried installing the linux-netscape-47-communicator port, during the download it kept printing the download message and the % constantly. And then when the download was finished (from ftp.netscape.com) it started over again, deleting the file and downloading it anew from ftp.sunet.se (closer

installing 4.0 2/26 snapshot: edX/hardware probe problems

2000-02-26 Thread Robert Watson
I have a somewhat old 486 box I'm using as a dual-homed host. It has two SMC EtherEZ ISA cards in it, and works fine under 3.4-STABLE. The cards are on irregular ports/IRQs/et al. My problem is that in the kernel config, it is only possible to hard code ed0's settings, but that ed1 is probed

Re: bad blocks

2000-02-26 Thread kibbet
Oh ho, I'll blame the lack of sleep, lack of coffee, the heat, a flat tyre... something :) Someone has pointed out that bad144 was taken outta the source tree ages ago so I must have been using an old binary. No comments required, I have flamed myself privately :) Kent Ibbetson [EMAIL

Re: NO_DESCRYPT patch

2000-02-26 Thread Chris D. Faulhaber
On Sat, 26 Feb 2000, Kris Kennaway wrote: This is something which has been requested a fair bit..it will disable the building of the DES CRYPT libraries even if you have the crypto sources installed, so you can e.g. get OpenSSL/OpenSSH without having to deal with the pitfalls of libdescrypt.

Re: NO_DESCRYPT patch

2000-02-26 Thread lioux
On Sat, Feb 26, 2000 at 04:21:24PM -0800, Kris Kennaway wrote: This is something which has been requested a fair bit..it will disable the building of the DES CRYPT libraries even if you have the crypto sources installed, so you can e.g. get OpenSSL/OpenSSH without having to deal with the

Re: kdelibs port broken?

2000-02-26 Thread Alex Zepeda
On Fri, 25 Feb 2000, Will Andrews wrote: If you're gonna use a port, use ports for its dependencies too. You'd be stupid not to use the ports whenever you can. No one has ever provided me a convincing reason why this is not true. Well when you want to keep multiple versions of kde or qt

Re: Linux-Netscape-communicator47-Port - problem

2000-02-26 Thread Kris Kennaway
In general, ports questions should go to freebsd-ports and/or the port's maintainer. On Sun, 27 Feb 2000, Johan Mårtensson wrote: I tried installing the linux-netscape-47-communicator port, during the download it kept printing the download message and the % constantly. This is because the

Re: cpp change breaks ipfw

2000-02-26 Thread Andrew Reilly
On Sun, Feb 27, 2000 at 12:48:53AM -0500, Jim Bloom wrote: I have been using cpp on my firewall to expand my local firewall rules and fill in the local address and subnetmask. This makes things easier my ISP decides to change my IP address using DHCP. My firewall is running an approximately

UDF/DVD support

2000-02-26 Thread Julian Elischer
I have been hired to add UDF/DVD-R support to FreeBSD I will be spending the next few weeks basically doing research but would like to hear from anyone who is already working in these areas. This may impact un the following areas: SCSI subsystem ATA subsystem Filesystems Raw/Block(sic) device

Re: [PATCH] Fix login.conf, expiration, BSD compatibility in OpenSSH

2000-02-26 Thread Mark Murray
This patch revive almost all login.conf and password/account expiration features, makes OpenSSH more FreeBSD login compatible and fix non-critical memory leak. Cool! Thank you! Please review and commit. Will do... M -- Mark Murray Join the anti-SPAM movement: http://www.cauce.org To