Thu, 26 May 2016 04:37:04 +0200 arrowscr...@mail.com
> I don't really understand the crypto theory behind it all, but I
> didn't read any elaborated argument besides a big "NO" from openbsd
The topic of the debate is incorrect, mostly the result of ignorance.
signify - cryptographically sign and
On Wed, May 25, 2016 at 9:16 PM, Amit Kulkarni wrote:
> On Wed, May 25, 2016 at 10:31 PM, Ted Unangst wrote:
>
>> Jeff Ross wrote:
>> > jross@fw:/home/jross $ tail -10 /var/log/messages
>> > May 21 04:00:01 fw syslogd: restart
>> > May 25 15:53:58 fw
On Wed, May 25, 2016 at 10:31 PM, Ted Unangst wrote:
> Jeff Ross wrote:
> > jross@fw:/home/jross $ tail -10 /var/log/messages
> > May 21 04:00:01 fw syslogd: restart
> > May 25 15:53:58 fw syslogd: exiting on signal 15
> > May 25 15:53:58 fw syslogd: start
> > May 25
Jeff Ross wrote:
> jross@fw:/home/jross $ tail -10 /var/log/messages
> May 21 04:00:01 fw syslogd: restart
> May 25 15:53:58 fw syslogd: exiting on signal 15
> May 25 15:53:58 fw syslogd: start
> May 25 15:53:58 fw syslogd: recvfrom unix: Connection reset by peer
> May 25 15:56:00 fw syslogd:
>Anything else, that has PGP keys and such. Good luck!
It's curious you say this Theo, since OpenSSH already uses PGP to
sign the releases... no? Web of Trust wouldn't minimize the
probablity of corrupted packages? What makes you think that the
main server (openbsd.org) cannot not be pwned?
Hi.
Due to a infrastructure upgrade, power to the mirror and other systems
at University of Toronto, will be interrupted sometime Thursday, after
9:30pm Toronto time (EDT -- UTC-4), and should be restored Friday by
7:30am EDT.
This will impact:
* openbsd.cs.toronto.edu
* obsdacvs.cs.toronto.edu
On 25 May 2016 at 23:59, Rubén Llorente wrote:
> Many people is just uding the TOFU model with the keys.
>
Because I didn't get it at first and had to google it:
For the archives:
is -> are (grammar)
uding -> using (typo)
TOFU -> Trust On First Use
Eduard - Gabriel Munteanu:
> Well, you could certainly put the key and signify sources on the
> main website.
As Theo said they're at the corresponding pages [s/http/https/g]:
> You mean like here?
>
> http://www.openbsd.org/59.html
>
> and
>
> http://www.openbsd.org/58.html
>
> and
>
>
On Wed, 2016-05-25 at 17:22 -0600, Theo de Raadt wrote:
> > Well, you could certainly put the key and signify sources on the main
> > website. The CVS thing doesn't seem to be HTTPS-enabled.
>
> You mean like here?
[...]
Oops, I completely missed those. I was looking at the download page and
> By the same reasoning, you don't really need security fixes and
> countermeasures either. So much for the security-oriented OS.
I am glad we hit the point where you go run something else.
Anything else, that has PGP keys and such. Good luck!
> Well, you could certainly put the key and signify sources on the main
> website. The CVS thing doesn't seem to be HTTPS-enabled.
You mean like here?
http://www.openbsd.org/59.html
and
http://www.openbsd.org/58.html
and
http://www.openbsd.org/57.html
and
http://www.openbsd.org/56.html
On Wed, 2016-05-25 at 17:02 -0500, Chris Bennett wrote:
> Get the SHA256.sig from a different server than the install files, after
> all, using just one server could be a problem if it is compromised.
>
> And face the reality of things:
>
> 1. The small bad guys. They can put up compromised
On Wed, 2016-05-25 at 16:18 -0600, Theo de Raadt wrote:
> > It currently seems impossible to verify downloads from a computer
> > without OpenBSD, for a few reasons:
> >
> > 1. No securely-distributed public key
> > 2. Lack of signify packages in e.g. Linux distros, or
> > securely-distributed
Hi Tim,
I await with bated breath to see where the problem is--can't be because
the version of OpenBSD is too old.
Jeff
On 5/25/16 4:54 PM, trondd wrote:
On Wed, May 25, 2016 6:39 pm, Jeff Ross wrote:
Hello again,
syslogd doesn't actually work for me on 6.0-beta either.
OpenBSD 6.0-beta
On Wed, May 25, 2016 6:39 pm, Jeff Ross wrote:
> Hello again,
>
> syslogd doesn't actually work for me on 6.0-beta either.
>
> OpenBSD 6.0-beta (GENERIC.MP) #1768: Wed May 18 12:01:43 MDT 2016
> dera...@i386.openbsd.org:/usr/src/sys/arch/i386/compile/GENERIC.MP
I had been running a May 16th
Hello again,
syslogd doesn't actually work for me on 6.0-beta either.
jross@fw:/home/jross $ uname -a
OpenBSD fw.openvistas.net 6.0 GENERIC.MP#1768 i386
jross@fw:/home/jross $ cat /etc/syslog.conf
# $OpenBSD: syslog.conf,v 1.19 2015/11/26 15:25:14 deraadt Exp $
#
Eduard - Gabriel Munteanu wrote:
> Hi,
>
> It currently seems impossible to verify downloads from a computer
> without OpenBSD, for a few reasons:
>
> 1. No securely-distributed public key
> 2. Lack of signify packages in e.g. Linux distros, or
> securely-distributed sources
On Wed, May 25, 2016 at 11:08:44PM +0300, Eduard - Gabriel Munteanu wrote:
> Hi,
>
> It currently seems impossible to verify downloads from a computer
> without OpenBSD, for a few reasons:
>
> 1. No securely-distributed public key
> 2. Lack of signify packages in e.g. Linux distros, or
>
> It currently seems impossible to verify downloads from a computer
> without OpenBSD, for a few reasons:
>
> 1. No securely-distributed public key
> 2. Lack of signify packages in e.g. Linux distros, or
> securely-distributed sources
>
> To keep things simple, I propose mirrorring SHA256SUM
Hi,
It currently seems impossible to verify downloads from a computer
without OpenBSD, for a few reasons:
1. No securely-distributed public key
2. Lack of signify packages in e.g. Linux distros, or
securely-distributed sources
To keep things simple, I propose mirrorring SHA256SUM files onto the
When you're this far behind, it might make more sense to grab a back up of
all of your relevant config files, a list of third party packages you need,
and such, and do a fresh install of the new version, then install missing
packages and bring in your backed up config files for comparison and
On Wed, May 25, 2016, at 03:47 PM, Jeff Ross wrote:
> Thank you, Theo.
>
> I know this is true. I was tempted to jump right to 5.9 but decided to
> heed the directions on
>
> http://www.openbsd.org/faq/upgrade56.html
>
> "
>
> *Note: Upgrades are only supported from one release to the release
ftp5 is hosted here at RIT and they are doing work on the substation that
supplies our electricity tonight (May 25th) and tomorrow night (May 26th).
The power goes out at 5pm EDT so I'm shutting everything down starting at
4pm. Power comes back at 7am EDT tomorrow and Friday so it will be back up
Thank you, Theo.
I know this is true. I was tempted to jump right to 5.9 but decided to
heed the directions on
http://www.openbsd.org/faq/upgrade56.html
"
*Note: Upgrades are only supported from one release to the release
immediately following it. Do not skip releases. If you got lucky
Hi!
I'm using isc-dhcp-server-4.3.4 (not /usr/sbin/dhcp) on
OpenBSD-current, and I see that error in /var/log/daemon. But I think
the warning is wrong.
$ ls -l /var/db/dhcpd.leases
-rw-r--r-- 1 _isc-dhcp _isc-dhcp 177444 May 25 21:38 /var/db/dhcpd.leases
$ ps auxw | grep dhcp
_isc-dhc 43337
We only "support" the last release, and we only make errata available
for the last two releases. We don't maintain old code because none of
us run it.
5.6 is end-of-life, so you are on your own.
> So far I haven't been able to get syslog to log anything other than it's
> startup message.
>
>
So far I haven't been able to get syslog to log anything other than it's
startup message.
I'm using the stock syslog.conf file.
logger test message does nothing so I ktraced it.
The interesting part is:
22461 logger RET sigprocmask ~0x10100
22461 logger CALL
Hello,
I'm new to OpenBSD. I've recently installed 5.9 -release on a
MacBook 5,1. The default configuration of Xorg doesn't work for me:
when I call startx, my screen goes black and the computer seems entirely
unresponsive to keyboard input; I'm obliged to restart the computer by
holding down
On Wed, May 25, 2016 at 2:12 PM, Theo Buehler wrote:
> From http://man.openbsd.org/bioctl.4:
I think you meant http://man.openbsd.org/bioctl.8
Thanks,
--
Raul
Hi Stefan,
On Wed 25/05/2016 18:24, Stefan Wollny wrote:
> Hi there!
>
> Running the latest available amd64-snapshot I noticed that when trying
> to print from a web-page to a local file (PDF) firefox (and xombrero)
> reliably crash.
>
> This is the source:
>
On Wed, May 25, 2016 at 07:35:04PM +0200, Robert Campbell wrote:
> https://www.openbsd.org/faq/faq14.html#softraid
>
> In the FAQ > Disk Setup > Full Disk Encryption section there are these
> lines after the encrypted drive has been set up:
>
> > As in the previous example, we'll overwrite the
https://www.openbsd.org/faq/faq14.html#softraid
In the FAQ > Disk Setup > Full Disk Encryption section there are these
lines after the encrypted drive has been set up:
> As in the previous example, we'll overwrite the first megabyte of our
new pseudo-device.
>
> # dd if=/dev/zero
I was installing HylaFax for a local charity. They are still required to use
faxes to communicate with a government agency.
/usr/local/sbin/faxsetup and /usr/local/sbin/faxaddmodem do not have execute
permission
and none of the files under /usr/local/libdata/hylafax/bin have execute
Hi there!
Running the latest available amd64-snapshot I noticed that when trying
to print from a web-page to a local file (PDF) firefox (and xombrero)
reliably crash.
This is the source:
On 25.05.2016 15:01, Jeff Ross wrote:
> Hi all,
>
> I am incrementally bringing my server up to date. I was on 5.5-current so
> following the instructions I upgraded to 5.6 stable.
>
> I re-wrote my pf.conf to remove the oldqueue rules and to simplify the
> rule set.
>
> Checks okay for
On Wed, May 25, 2016 9:01 am, Jeff Ross wrote:
> Hi all,
>
> I am incrementally bringing my server up to date. I was on 5.5-current so
> following the instructions I upgraded to 5.6 stable.
>
> I re-wrote my pf.conf to remove the oldqueue rules and to simplify the
> rule set.
>
> Checks okay for
On 2016-05-24 16:02, Steve Shockley wrote:
RUN AT LEAST 'trace' AND 'ps' AND INCLUDE OUTPUT WHEN REPORTING THIS
PANIC!
IF RUNNING SMP, USE 'mach ddbcpu <#>' AND 'trace' ON OTHER PROCESSORS,
TOO.
DO NOT EVEN BOTHER REPORTING THIS WITHOUT INCLUDING THAT INFORMATION!
Sorry, I need more practice
Hi all,
I am incrementally bringing my server up to date. I was on 5.5-current so
following the instructions I upgraded to 5.6 stable.
I re-wrote my pf.conf to remove the oldqueue rules and to simplify the
rule set.
Checks okay for syntax but it doesn't seem to be redirecting mail to
spamd.
38 matches
Mail list logo