Re: SWAP should always be inside crypto softRAID, right? (For OS crash dump data to be encrypted.)

Hi, Thanks for your comments. (Marcus, you meant only this 2015-05 thread right? https://marc.info/?t=14318149831 ) I think I like to keep dumps enabled also on a production machine. Even if it's incredibly rare, it is possible for a production machine to crash, and the dump could be

Re: iked and letsencrypt certs

I had an issue with CA intermediate Certificate Chains before, with stunnel about 8 years ago, believe it or not, my Ca Provider ( in fairness to them ) actually worked out how to get my ca certs working in Stunnel on OpenBSD What they suggested me to do which worked for me was to copy all the

Re: OpenBSD as an IKEv2 IPsec client with L/P authent

I am far from an expert; having issues myself at the moment, but maybe if we get all of the iked experimenters together, we can figure it out :) First, try "-dvv" ... an extra "v" might give more info. Next, from the existing trace it looks like your endpoint responds, which is good, but your

Re: Hard disk controller not recognized

Hi Xianwen, if you try with the USB Boot device... you can see if you can load it . then I suggest you get a compact low profiile USB key so that it doenst snag on your bag when putting the laptop back in the case Tom On 22 February 2018 at 02:11, Xianwen Chen wrote: >

Re: iked and letsencrypt certs

I have an issue using certs as well, though I am not 100% sure whether it has to do with a CA cert chain (why did you come to this conclusion?). Do you have a config and a debug trace to share? --- Igor V. Gubenko System Engineer On 2018-02-21 20:14, Stuart Henderson wrote: > Has anyone

Re: USB SIM-card dongle on OpenBSD

Dear Luis, That will be fantastic! Thank you! Yours sincerely, Xianwen On Thu, Feb 22, 2018 at 2:05 AM, Luis Coronado > wrote: I used Huawei and Dlink GSM usb based modems. I don’t recall the models but I will look around for the notes I had

Re: Hard disk controller not recognized

Dear Steve, I agree! Thank you for the advice! Yours sincerely, Xianwen On Mon, Feb 12, 2018 at 11:27 PM, STeve Andre' > wrote: On 02/12/18 12:07, Xianwen Chen wrote: Dear OpenBSD users, I am not able to run OpenBSD 6.2 amd64 on a Dell Latitude E6330.

Re: USB SIM-card dongle on OpenBSD

I used Huawei and Dlink GSM usb based modems. I don’t recall the models but I will look around for the notes I had about that and send it your way. -luis On Wed, Feb 21, 2018 at 7:59 PM Xianwen Chen wrote: > Dear Luis, > > Thank you. Do you use a USB dongle to drive the

Re: USB SIM-card dongle on OpenBSD

Dear Luis, Thank you. Do you use a USB dongle to drive the SIM card? If yes, which one do you use? Yours sincerely, Xianwen On Thu, Feb 22, 2018 at 1:45 AM, Luis Coronado > wrote: I used smstools from ports to deliver sms alerts from nagios.

Re: USB SIM-card dongle on OpenBSD

I used smstools from ports to deliver sms alerts from nagios. There are other alternatives as well. -luis On Wed, Feb 21, 2018 at 6:59 PM Xianwen Chen wrote: > Dear David, > > I actually do not know. I just have this idea that I would like to use my > OpenBSD laptop as a

iked and letsencrypt certs

Has anyone already figured out how to, or know whether it's possible to, get iked working with letsencrypt certs? (Or indeed any CA with chain certs?) Use case: "standard" clients (Windows/iOS/StrongSwan), EAP auth, not particularly technical users so trying to avoid the need for them to manually

Re: USB SIM-card dongle on OpenBSD

Dear David, I actually do not know. I just have this idea that I would like to use my OpenBSD laptop as a mobile phone as well. I think there are USB dongles that act as GSM network device. I am wondering if I could use such a dongle to operate a SIM card on OpenBSD, to receive/send SMS and to

Re: Gtk-WARNING and cannot open display attempting to forward X

On Mon, 19 Feb 2018 16:01:19 -0600 Ed Ahlsen-Girard wrote: > Since the snapshot of the 16th, I cannot run X apps from a W10 box > with PuTTY and mingw. No config changes to Windows, put X11Forwarding > yes back into sshd_config.dmesg and sshd_config below signature. >

Re: SHA256.sig not contained in install62.iso

On Wed, Feb 21, 2018 at 4:10 AM, Jean-Michel Pouré wrote: > I know this is a little bit farfetched, pardon my ignorence, but > OpenBSD seeems vulnerable on first installation. In case of DNS > poisoning, what can stop a virus from forwarding the installer to a > false SHA256.sig

Re: SHA256.sig not contained in install62.iso

>On Tue, 20 Feb 2018 18:45:01 +0100 >Stefan Sperling wrote: > >> > I download SHA256.sig abd file sets from mirror, how can I trust it? >> >> You run a trusted signify binary, which was not obtained from the >> mirror but is part of your existing install, to check the signature

Re: gcc-4.9.4 package build signal 11 [Segmentation fault] on Ubiquiti Unifi Security Gateway

Hey, at least some people think these systems are interesting. I gave up trying to build much of anything on the Ubiquiti USG. I really bought it to give me some play time with it over christmas to new year holiday. At work I have a USG Pro and it is capable of building GCC and LLVM, albeit

Re: gcc-4.9.4 package build signal 11 [Segmentation fault] on Ubiquiti Unifi Security Gateway

Hi Diana, Have you tried the Ubiquiti Edge Router Lite / Pro... They have a USB adapter inside on the PCB to allow for reasonably easy Loading of install.fs etc it may be worth trying as it uses a similar architecture as the UBiquiti USG... I hope this is some help to you ... I was using them a

Re: SHA256.sig not contained in install62.iso

On 2018-02-21, Jean-Michel Pouré wrote: > On Tue, 20 Feb 2018 18:45:01 +0100 > Stefan Sperling wrote: > >> > I download SHA256.sig abd file sets from mirror, how can I trust it? >> >> You run a trusted signify binary, which was not obtained from the >> mirror but

Re: SHA256.sig not contained in install62.iso

>If someone is able to provide a fake ISO, he will also provide fake >SHA256.sig and/or fake public key on the ISO. So there is no gain to >provide such material as people will think "it is safe" whereas it is >not. that is true. however, the real reason it isn't on the media is that internal

Re: SHA256.sig not contained in install62.iso

On Wed, 21 Feb 2018 10:10:30 +0100 > I know this is a little bit farfetched, pardon my ignorence, but > OpenBSD seeems vulnerable on first installation. In case of DNS > poisoning, what can stop a virus from forwarding the installer to a > false SHA256.sig and false repository? My guess would be

Re: SHA256.sig not contained in install62.iso

On Wed, Feb 21, 2018 at 10:10:30AM +0100, Jean-Michel Pouré wrote: > > I know this is a little bit farfetched, pardon my ignorence, but > OpenBSD seeems vulnerable on first installation. In case of DNS > poisoning, what can stop a virus from forwarding the installer to a > false SHA256.sig and

Re: SHA256.sig not contained in install62.iso

On Tue, 20 Feb 2018 18:45:01 +0100 Stefan Sperling wrote: > > I download SHA256.sig abd file sets from mirror, how can I trust it? > > You run a trusted signify binary, which was not obtained from the > mirror but is part of your existing install, to check the signature > on

Re: Upgrade 6.1->6.2 fails with "id 0 on/: file system full"

Let me guess, that /bsd link was another "security" idea from that mercury chloride .org?

Re: Upgrade 6.1->6.2 fails with "id 0 on/: file system full"

On 2018-02-21, Nicolas Schmidt wrote: > Thanks Tim, that was right on the money! Indeed my „/bsd“ was a symbolic > link, pointing to „/bsd.mp“. Because the target path of the symlink was > absolute, when it tried to write the new kernel to „./mnt/bsd“ it of

Re: Upgrade 6.1->6.2 fails with "id 0 on/: file system full"

2018-02-21 13:51 GMT+01:00 Nicolas Schmidt : > Thanks Tim, that was right on the money! Indeed my „/bsd“ was a symbolic > link, pointing to „/bsd.mp“. Because the target path of the symlink was > absolute, when it tried to write the new kernel to „./mnt/bsd“ it

make_keys produces segfault when building 6.2-stable

I just tried building the base in 6.2-stable (building the kernel worked fine), following the instructions in https://man.openbsd.org/release. Unfortunately, the build process fails when trying to build libcurses. The error I get is ./make_keys keys.list > init_keytry.h Segmentation

Re: USB SIM-card dongle on OpenBSD

Xianwen, Which application would use this SIM-card dongle? Just curious. Regards, dma > On Feb 21, 2018, at 6:35 AM, Xianwen Chen wrote: > > Dear OpenBSD users, > > I am thinking of adding a SIM-card dongle to my laptop so that I can receive > and send SMS, and receive

Re: Upgrade 6.1->6.2 fails with "id 0 on/: file system full"

Thanks Tim, that was right on the money! Indeed my „/bsd“ was a symbolic link, pointing to „/bsd.mp“. Because the target path of the symlink was absolute, when it tried to write the new kernel to „./mnt/bsd“ it of course pointed to the ramdisk. After removing that symlink, the upgrade process

Re: Using OpenBSD on a thinkpad?

-> 2018-02-19 Mon 10:00, crimeangot...@nigge.rs, : > > Hey everyone, I am pretty stupid when it comes to less user friendly > operating systems. I currently use slackware/windows and am thinking > of using OpenBSD on either my thinkpad e420 or my libreboot t400. Are >

USB SIM-card dongle on OpenBSD

Dear OpenBSD users, I am thinking of adding a SIM-card dongle to my laptop so that I can receive and send SMS, and receive and make phone calls. Do you have prior experience with that? Which USD dongle do you use? Yours faithfully, Xianwen