bioctl and S.M.A.R.T support for physical disks

Hi Misc, I am using # bioctl sd4 Volume Status Size Device softraid0 0 Online 2000396018176 sd4 RAID1 0 Online 2000396018176 0:0.0 noencl 1 Online 2000396018176 0:1.0 noencl for my desktop # uname -a OpenBSD oko.bagdala2.net

Re: RPI3 fails to relink kernel

thanks for that [] 's 2017-10-17 22:22 GMT-02:00 Jonathan Gray : > On Tue, Oct 17, 2017 at 04:48:19PM -0700, Carlos Cardenas wrote: > > Howdy. > > > > I found a working USB (Sandisk Cruzer Fit 8GB) to install 6.2 on a RPI3. > > > > Install went fine and so was first boot, then

Re: RPI3 fails to relink kernel

On 10/17/17 17:22, Jonathan Gray wrote: On Tue, Oct 17, 2017 at 04:48:19PM -0700, Carlos Cardenas wrote: Howdy. I found a working USB (Sandisk Cruzer Fit 8GB) to install 6.2 on a RPI3. Install went fine and so was first boot, then I noticed that relinking the kernel failed. Below is my dmesg

Re: RPI3 fails to relink kernel

On Tue, Oct 17, 2017 at 04:48:19PM -0700, Carlos Cardenas wrote: > Howdy. > > I found a working USB (Sandisk Cruzer Fit 8GB) to install 6.2 on a RPI3. > > Install went fine and so was first boot, then I noticed that relinking > the kernel failed. > > Below is my dmesg and error log. > > I

RPI3 fails to relink kernel

Howdy. I found a working USB (Sandisk Cruzer Fit 8GB) to install 6.2 on a RPI3. Install went fine and so was first boot, then I noticed that relinking the kernel failed. Below is my dmesg and error log. I thought it might have been due to the clock being way skewed by I sync'ed it manually

macppc netboot

I'm attempting to install onto a G4 Cube with a busted CD-ROM drive. I've never done network booting before, so I'm sure I'm just missing something. I set up NFS and TFTP on a linux box, copied ofwboot to the TFTP share and bsd.rd plus all the tgz files to the NFS share. In Open Firmware, I'm

Re: Postfix tlsmgr(8) entropy source on OpenBSD

Hi, On Oct 17, 2017, at 5:28 PM, Theo de Raadt wrote: > In OpenBSD it doesn't matter which one you use. > > /dev/urandom, /dev/arandom and /dev/random all work the same > > They are identical > > - gaurantee excellent strong random data > - never block > > As I said, it

Re: Postfix tlsmgr(8) entropy source on OpenBSD

> In light of the message regarding /dev/arandom and /dev/urandom would it now > be correct to use *ONLY* /dev/urandom on current versions of OpenBSD ? In OpenBSD it doesn't matter which one you use. /dev/urandom, /dev/arandom and /dev/random all work the same They are identical - gaurantee

Re: spontaneous reboot during upgrade using bsd.rd on VIA C3.

I recently installed a 6.2-beta snapshot from mid-September on a VIA Epia M, and then upgraded to 6.2-RELEASE without any issue during the installation. There is a dmesg of this system included in [1]; it looks like you may have the same motherboard, or at least the BIOS identifies itself the

Postfix tlsmgr(8) entropy source on OpenBSD

Hi, A couple of days ago there was a thread about /dev/arandom [1] and the consensus was to prefer /dev/urandom on OpenBSD. Today I was working through the TLS configuration pages for the smtp(8) client for Postfix 3.x [2]. Under “TLS manager specific settings”, in reference to tlsmgr(8),

Re: Install process: couple of comments

On 2017-10-16, Limaunion wrote: > Hi! Last friday I upgraded my ALIX system from 6.0 to 6.2 using the PXE > boot method. In previous years I used an internal FTP server to perform > the upgrade, but for some reason this is not supported any more since a > couple of

Re: chronium ports

On 2017-10-16, Tuyosi T wrote: > i build my openbsd snapshots machine from source > (kernel , userland and xenodm ) > > the PC complied from source works more correctly > as if ready made suite is not my just size , > tailered one is very fit , so i think . Unless you

Re: About WPA2 compromised protocol

On 2017-10-17, Nicolas Schmidt wrote: > Can this issue even be fixed on the AP side? For the APs that have received fixes, other than the problem with 11r, t seems they've mostly been on the client side (e.g. where an AP is also a client of another AP). It

Re: About WPA2 compromised protocol

Can this issue even be fixed on the AP side? You could change the AP‘s behaviour to never ever resend Message 3, but that seems very drastic. As far as I understood the article by Vanhoef and Piessens, the vulnerability lies within the behavior of the client (that conforms to the 802.11i

Re: About WPA2 compromised protocol

nice :) > Just for the fun: > http://www.commitstrip.com/en/2017/10/16/wpa2-vulnerability-just-a-small-update/ >

Re: spontaneous reboot during upgrade using bsd.rd on VIA C3.

On Tue, Oct 17, 2017 at 06:24:42PM +0200, Remco wrote: > I am not able to upgrade using bsd.rd on my VIA C3 system. > > Booting the i386 6.2 bsd.rd progresses to the "npx0 ..." line. > After a short moment the system reboots and that's the end of the story. > > I did check the bsd.rd using

Re: About WPA2 compromised protocol

Stefan Sperling r0x :D Cheers 2017-10-17 15:19 GMT-02:00 Christoph R. Murauer : > The patch is there since 6.1 027 on the errata page. > > Saw the comic yesterday at Libertree. > > > On Tue, 17 Oct 2017 19:09:29 +0200 > > "Stephane HUC \"PengouinBSD\""

Console resolution change since upgrade to 6.2

i noticed the new values in the dmesg, but i am not sure what they mean. could be max or current resolution. see http://openbsd-archive.7691.n7.nabble.com/inteldrm-add-a-handler-for-the-WSDISPLAYIO-GINFO-ioctl-td320907.html My X11 works normal on 1280x800 $ xrandr Screen 0: minimum 320 x 200,

[ANN] portable cwm 6.2

Hello, today I'm proud to release the fourth public version of portable cwm 6.2. Portable cwm is a minor modification of the cwm version in OpenBSD CVS with a portable Makefile and a few compatibility features. It has been built successfully on OpenBSD, NetBSD, FreeBSD, OS X 10.9 and Linux.

Re: About WPA2 compromised protocol

The patch is there since 6.1 027 on the errata page. Saw the comic yesterday at Libertree. > On Tue, 17 Oct 2017 19:09:29 +0200 > "Stephane HUC \"PengouinBSD\"" wrote: > >> Just for the fun: >>

Re: About WPA2 compromised protocol

On Tue, 17 Oct 2017 19:09:29 +0200 "Stephane HUC \"PengouinBSD\"" wrote: > Just for the fun: > http://www.commitstrip.com/en/2017/10/16/wpa2-vulnerability-just-a-small-update/ I saw somebody share that on Mastodon this morning. :) On a more serious note; am I correct in

Re: About WPA2 compromised protocol

Just for the fun: http://www.commitstrip.com/en/2017/10/16/wpa2-vulnerability-just-a-small-update/ Le 10/16/17 à 15:53, Lampshade a écrit : > Stefan Sperling: >> Also this was *NOT* a protocol bug. >> arstechnica claimed such nonesense without any basis in fact and >> now everybody keeps

Re: Console resolution change since upgrade to 6.2

On Tue, 17 Oct 2017 18:49:14 +0200 Jan Lambertz wrote: > that were my first ideas. never had a wsconcsctl.conf, so nothing so > post. I already created one yesterday trying to solve the problem. > > $ cat /etc/wsconsctl.conf > display.height=800 > display.width=1200 >

Re: Console resolution change since upgrade to 6.2

On Tue, 17 Oct 2017 17:53:22 +0200 Jan Lambertz wrote: > Hi, > after upgrading one of my notebooks to 6.2 release my console > resolution is only # wsconsctl > display.type=inteldrm > display.width=848 > display.height=480 > display.depth=32 Have you had a look at your

Console resolution change since upgrade to 6.2

that were my first ideas. never had a wsconcsctl.conf, so nothing so post. I already created one yesterday trying to solve the problem. $ cat /etc/wsconsctl.conf display.height=800 display.width=1200 System says "Value is read only".

Re: Console resolution change since upgrade to 6.2

On Tue, 17 Oct 2017 17:53:22 +0200 Jan Lambertz wrote: > Only the left upper of the display is active. > Screen is capable of 1280x800. That was the mode it worked in 6.1 i > think. At least it was fullscreen. > I didn't found a way to change the resolution. ideas to

spontaneous reboot during upgrade using bsd.rd on VIA C3.

I am not able to upgrade using bsd.rd on my VIA C3 system. Booting the i386 6.2 bsd.rd progresses to the "npx0 ..." line. After a short moment the system reboots and that's the end of the story. I did check the bsd.rd using signify and it checked out all right: $ signify -C -p

Console resolution change since upgrade to 6.2

Hi, after upgrading one of my notebooks to 6.2 release my console resolution is only # wsconsctl display.type=inteldrm display.width=848 display.height=480 display.depth=32 Only the left upper of the display is active. Screen is capable of 1280x800. That was the mode it worked in 6.1 i think. At

Re: Security question / idea

I think the most dangerous thing is the direct memory access , cuz u only need some magic code and a computer with a psu or FireWire port On October 17, 2017 1:46:43 PM GMT+02:00, Bryan Harris wrote: >Re: physical access, it seems not a technical problem. I.e. keep

Re: "switching console to com0"

On 10/17/17 08:02, Nick Holland wrote: ... > man boot has this: > > boot.conf processing can be skipped, and the automatic boot > cancelled, by holding down either Control key as boot starts. > ... > (I can rarely remember which key it is, so I often just hold > down CTRL, ALT and SHIFT

Re: "switching console to com0"

On Tue, Oct 17, 2017 at 2:02 PM, Nick Holland wrote: > On 10/17/17 00:03, Justin Mayes wrote: >> Greetings all - what does one do when during the install you set the >> default console to com0 and now your serial cable is not working? Buy a new serial cable? --

Re: "switching console to com0"

On 10/17/17 00:03, Justin Mayes wrote: > Greetings all - what does one do when during the install you set the > default console to com0 and now your serial cable is not working? I > cannot login to set the default console back to use the keyboard and > monitor. Instead of the boot prompt where I

Re: Security question / idea

Re: physical access, it seems not a technical problem. I.e. keep laptop with you, hire a guard, etc. I'm not very technical, but could the hash be stored in usb stick or online? Maybe construct yourself a "computer safe" to make it harder for people to get access while you're away? I.e.

Re: WPA2 and KRACK

On 17/10/17 13:27, Christoph R. Murauer wrote: > See https://marc.info/?l=openbsd-misc=150814941311682=2 > > Use the search box for the mailing list - saves you time. thanks, didn't follow that. G

Re: WPA2 and KRACK

See https://marc.info/?l=openbsd-misc=150814941311682=2 Use the search box for the mailing list - saves you time. > As it seems, WPA2 should be considered broken > > [1] https://www.krackattacks.com/ > [2] > https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt > >

Re: Security question / idea

Hey I also run libreboot :) I have read research about signing all the components and then verifying all that while you both , anyhow I think this would be very problematic with the new karl implementation that has taken place in openbsd 6.2 On October 14, 2017 4:26:21 PM GMT+02:00, "Bryan C.

Re: WPA2 and KRACK

This is an implementation bug, it was discussed yesterday On October 17, 2017 12:01:33 PM GMT+02:00, Kapetanakis Giannis wrote: >As it seems, WPA2 should be considered broken > >[1] https://www.krackattacks.com/ >[2]

WPA2 and KRACK

As it seems, WPA2 should be considered broken [1] https://www.krackattacks.com/ [2] https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt according to [1] OpenBSD has silently released a patch G

Re: rsa 4096 or ed25519 for ssh keys ?

Le 16/10/2017 19:46, Mike Coddington a écrit : On Mon, Oct 16, 2017 at 05:29:34PM +0200, Joel Carnat wrote: Hi, If both server and client are ed25519 compatible. When generating (user) SSH keys, is it recommended to use ed25519 rather than rsa 4096bits? AFAIK, either would be fine. I

praxis for duplicating an existing function?

Is it acceptable style to copy a whole function over to one other file? I'm looking at the files in src/usr.bin/ssh/ and would like to re-use fmt_connection() in serverloop.c. It is used only in packet.c so far. Duplicating it in serverloop.c would mean that it then exists in two files.

Re: Security question / idea

I have a similar problem with remote systems on cloud farms. You cannot touch the firmware. You can logon to admin panel via internet browser, boot your instance from there, interact with its console, enter the fde password. All this is visible to the cloud farmers. Ideally, openbsd's boot