Re: routing q

On 19/10/15(Mon) 13:37, Gregory Edigarov wrote: > On 10/19/2015 01:24 PM, Stuart Henderson wrote: > >On 2015-10-19, Gregory Edigarov wrote: > >>In order to conserve address space I am trying to confugure 'ip > >>unnumbred' in cisco terminology, that is have an interface borrow

Re: routing q

On 10/19/2015 02:14 PM, Martin Pieuchot wrote: On 19/10/15(Mon) 13:37, Gregory Edigarov wrote: On 10/19/2015 01:24 PM, Stuart Henderson wrote: On 2015-10-19, Gregory Edigarov wrote: In order to conserve address space I am trying to confugure 'ip unnumbred' in cisco

Re: Linux crypt(3)

Thank you for all the replies! On Sat, 17 Oct 2015, Devin Reade wrote: > As you're looking into solutions, make sure you're looking at the right > problem. Your text sounds like you're migrating system account passwords, I'm not. These are passwords for the news server. Users are authenticated

Re: Install on compact flash

On 2015-10-19, Paolo Aglialoro wrote: > On Mon, Oct 19, 2015 at 12:27 PM, Stuart Henderson > wrote: > >> Some devices get chown()ed during normal system operation, see fbtab(5). > > Does this mean that write access on files in /dev is limited just to >

iked & nat-t problem (no keep alive)

I am testing iked on OpenBSD phobos 5.7 GENERIC#738 i386, I think there is keep-alive problem when use with NAT-T, detailed configurations are: http://daemonforums.org/showthread.php?t=9446 I think, iked & nat-t need some kind of "keep alive", but I can't find it in iked.conf

Re: Install on compact flash

Does this mean that write access on files in /dev is limited just to permissions change and, therefore, just some bytes of change in the filesystem? This seems pretty much acceptable for me in terms of CF wear-off, if it does not happen with a high frequence. On Mon, Oct 19, 2015 at 12:27 PM,

Re: Remove removed utilities?

On 10/19/15 04:24, Raimo Niskanen wrote: > Hello misc@ > > I just noticed from the detailed changelog 5.7->5.8: > http://www.openbsd.org/plus58.html > that e.g tcopy, tip and lmccontrol were removed, but after upgrading from > 5.7 to 5.8 I still have /usr/bin/tip, /usr/bin/tcopy and

routing q

Hello, In order to conserve address space I am trying to confugure 'ip unnumbred' in cisco terminology, that is have an interface borrow the ip of a different interface, I am experimenting with vether0 and vlans the thing is to have one 'main' address on some 'real' interface and then just

Re: routing q

On 2015-10-19, Gregory Edigarov wrote: > In order to conserve address space I am trying to confugure 'ip > unnumbred' in cisco terminology, that is have an interface borrow the ip > of a different interface, I am experimenting with vether0 and vlans the > thing is to have

Re: Install on compact flash

On 2015-10-19, Josh Grosse wrote: > On Mon, Oct 19, 2015 at 04:34:31AM +0200, Einfach Jemand wrote: >> No. As far as I understand it: >> The type (char or block), the major and minor number of the device >> special file and its name are means to activate the corresponding

Re: routing q

On 10/19/2015 01:24 PM, Stuart Henderson wrote: On 2015-10-19, Gregory Edigarov wrote: In order to conserve address space I am trying to confugure 'ip unnumbred' in cisco terminology, that is have an interface borrow the ip of a different interface, I am experimenting with

Remove removed utilities?

Hello misc@ I just noticed from the detailed changelog 5.7->5.8: http://www.openbsd.org/plus58.html that e.g tcopy, tip and lmccontrol were removed, but after upgrading from 5.7 to 5.8 I still have /usr/bin/tip, /usr/bin/tcopy and /sbin/lmccontrol in the filesystem, with old dates. The

Two typos in faq10.html

Hi, I found two typos in faq10.html 10.10 - How do I create a ftp-only account? Should be: an ftp-only A more sophisticated dosas.conf(5) file Should be: doas.conf(5)

Re: Linux crypt(3)

Could you modify the existing linux system to also output a suitable bcrypt hash for their password the next time they log in. Leave that running for a while, and then migrate? This way most active users will have their password migrated for them. The remainder can probably afford to reset

Re: Remove removed utilities?

On Mon, Oct 19, 2015 at 08:12:31AM -0400, Nick Holland wrote: > On 10/19/15 04:24, Raimo Niskanen wrote: > > Hello misc@ > > > > I just noticed from the detailed changelog 5.7->5.8: > > http://www.openbsd.org/plus58.html > > that e.g tcopy, tip and lmccontrol were removed, but after upgrading

Re: Linux crypt(3)

On Mon, 19 Oct 2015, Adam Van Ymeren wrote: > Could you modify the existing linux system to also output a suitable > bcrypt hash for their password the next time they log in. Yes, that's the great idea. It didn't cross my mind before. Thank you! -- "qui hic minxerit aut cacaverit, habeat deos

OpenIKED - send traffic selectors in own child sa

Hello Running -current I have currently got a minor issue with iked. Trying to connect a security gateway running OpenIKED to a Fortinet IPSEC fw. Connection is set up and seems to work (mostly) but following behaviour is a bit of an issue. IKED sends one CHILD_SA request containing all

Re: sensorsd, upd, and state changes

On Mon, Dec 8, 2014 at 3:45 PM, David Higgs wrote: > On Mon, Dec 8, 2014 at 3:37 PM, trondd wrote: >> On Mon, Dec 8, 2014 at 3:23 PM, trondd wrote: >>> On Mon, Dec 8, 2014 at 11:47 AM, David Higgs wrote:

Exposing the rc(8) constructed pf ruleset, some patches

Hello, Attached are 3 patches to -current for your consideration. Apply with: cd /usr/src patch -p1 ... The first, expose-default-pf-rules.patch, lets the sysadm use the rc(8) constructed default pf ruleset. This ability was, in a sense, compromised when 5.8 eliminated the pf_rules

Re: Upgrade from 5.7 to 5.8 : bsd.rd doesn't complete boot

Here it is : OpenBSD 5.7-stable (GENERIC.MP) #1: Fri Oct 16 18:59:45 EDT 2015 r...@puffy.soccer-beauport.qc.ca:/usr/src/sys/arch/amd64/compile/GENERIC. MP real mem = 6215434240 (5927MB) avail mem = 6046064640 (5765MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at

Question about core dumps and swap space.

Hello ! I readed the FAQ 4.8 about partioning my drive but have a little problem of understanding. The machine has 32 GB physical RAM, the disc is a 256 GB SSD (yes, I know, I should not use swap on a SSD) and, I installed the latest snapshot from yesterday. So far so good. Disklabel likes to

Re: Upgrade from 5.7 to 5.8 : bsd.rd doesn't complete boot

On 10/19/15 22:04, Jean-Philippe Provost wrote: Hi all, I've downloaded the bsd.rd from the folder 5.8 on ftp.OpenBSD.org and put it in /. I reboot and type boot bsd.rd. It loads, but at the "end", it sticks at *root on rd0a swap on rd0b dump on rd0b* ​I did the same thing yesterday with

Upgrade from 5.7 to 5.8 : bsd.rd doesn't complete boot

Hi all, I've downloaded the bsd.rd from the folder 5.8 on ftp.OpenBSD.org and put it in /. I reboot and type boot bsd.rd. It loads, but at the "end", it sticks at *root on rd0a swap on rd0b dump on rd0b* ​I did the same thing yesterday with my laptop and everything was fine. Any ideas? The

Re: Upgrade from 5.7 to 5.8 : bsd.rd doesn't complete boot

On Mon, Oct 19, 2015 at 3:50 PM, Jean-Philippe Provost < jphilippe.prov...@gmail.com> wrote: > Hi, > > I don't have any CD. I just downloaded the bsd.rd for 5.8 and it wont boot > and ask what I want to do. > > Since I have 5.7 installed on it, the dmesg I got is the one from 5.7 boot > and not

Re: Upgrade from 5.7 to 5.8 : bsd.rd doesn't complete boot

On 19 Oct 2015 4:55 p.m., "Jean-Philippe Provost" < jphilippe.prov...@gmail.com> wrote: > > Hi, > > I don't have any CD. I just downloaded the bsd.rd for 5.8 and it wont boot > and ask what I want to do. > > Since I have 5.7 installed on it, the dmesg I got is the one from 5.7 boot > and not

Re: Upgrade from 5.7 to 5.8 : bsd.rd doesn't complete boot

Hi, I don't have any CD. I just downloaded the bsd.rd for 5.8 and it wont boot and ask what I want to do. Since I have 5.7 installed on it, the dmesg I got is the one from 5.7 boot and not bsd.rd (5.8) boot. Am I clear? -- *Jean-Philippe Provost* 2015-10-19 16:16 GMT-04:00 Peter N. M.

Re: pledge(2) problems on 18/x/ octeon snapshot

On Mon, Oct 19, 2015 at 07:02:44PM +0200, Kim Zeitler wrote: > I just tried updating an EdgeRouterLite to the latest octeon snapshot > after replacing the kernel and unpacking base58.tgz > Literally all commands lead to > > : pledge: Function not implemented > Do you try to run a bsd kernel

Re: It was twenty years ago you see...

Just another thanks for the top quality work, making software not seem like an embarrassment to humanity. Honesty and the golden rule go a really long way, IMO. OpenBSD seems to play by those rules, to a degree that surprises people. Thanks.

Re: cannot input _ (keyboard layout is jp)

> chose 'keyboad layout' jp(japanese), > then i cannot input _(under bar) . Are you using a PS/2 or USB keyboard? The underscore should be obtained with shift-backslash (using the key left of the right shift key).

Re: Two typos in faq10.html

Hi Reinhold, Reinhold Straub wrote on Mon, Oct 19, 2015 at 02:56:49PM +0200: > Hi, I found two typos in faq10.html > > 10.10 - How do I create a ftp-only account? > Should be: an ftp-only > > A more sophisticated dosas.conf(5) file > Should be: doas.conf(5) Committed, thanks. Ingo

Re: Exposing the rc(8) constructed pf ruleset, some patches

> > The supplied patch allows the rc.conf(8) pf > > variable to be set to MINIMAL (in addition to > > the current YES and NO). A setting of MINIMAL > > loads the rc(8) default pf ruleset and enables > > pf. MINIMAL means that rc(8) does not load > > /etc/pf.conf. Any loading of /etc/pf.conf > >

Re: Install on compact flash

I ran native on compact flash as an experiment for 5+ years without ever changing the CF card. I only migrated away from it because my old soekris couldn't keep up with my internet speeds once I upgraded. It still boots and works fine. Personally I found the hassle of maintaining a ramdisk

Re: sensorsd, upd, and state changes

On Mon, Oct 19, 2015 at 11:11 AM, Maxim Khitrov wrote: > On Mon, Dec 8, 2014 at 3:45 PM, David Higgs wrote: > > On Mon, Dec 8, 2014 at 3:37 PM, trondd wrote: > >> On Mon, Dec 8, 2014 at 3:23 PM, trondd wrote: > >>> On

Re: It was twenty years ago you see...

On Sun, 18 Oct 2015, Theo de Raadt wrote: OpenBSD's source tree just turned 20 years old. I recall the import taking about 3 hours on an EISA-bus 486 with two ESDI drives. There was an import attempt a few days earlier, but it failed due to insufficient space. It took some time to

Re: sensorsd, upd, and state changes

On Mon, Oct 19, 2015 at 2:31 PM, David Higgs wrote: > On Mon, Oct 19, 2015 at 11:11 AM, Maxim Khitrov wrote: >> >> On Mon, Dec 8, 2014 at 3:45 PM, David Higgs wrote: >> > On Mon, Dec 8, 2014 at 3:37 PM, trondd wrote: >> >>

Re: make release error on 5.8

Joe S wrote: > I 've just upgraded from 5.7 to 5.8 on amd64 and applied all of the errata > found at . > > I downloaded src.tar.gz and sys.tar.gz from > ftp5.usa.openbsd.org/pub/OpenBSD/5.8 and then applied all of the errata > (2015-10-18) from http://www.openbsd.org/errata58.html. > > I want

Re: sensorsd, upd, and state changes

On 19 October 2015 at 11:31, David Higgs wrote: > On Mon, Oct 19, 2015 at 11:11 AM, Maxim Khitrov wrote: >> Also, upd always sets sensor status to "OK," so sensorsd never >> triggers commands for status changes; we have to use low/high limits >> until this is

Typo in Upgrade FAQ

In http://www.openbsd.org/faq/upgrade58.html#upgrade in the section "Upgrade using the install Kernel (RECOMMENDED)" there is an extra dot in the last line: "your configuration. info."

Re: Question about core dumps and swap space.

On Mon, October 19, 2015 8:01 pm, Joel Rees wrote: > > I have lots of core dumps sitting around. I have not seen any the size > of physical memory. Nothing close. Even firefox doesn't leave that > much of a dump when it bombs. > > Hmm. Xombrero, from when I was playing with that, left a coredump

make release error on 5.8

I've just upgraded from 5.7 to 5.8 on amd64 and applied all of the errata found at . I downloaded src.tar.gz and sys.tar.gz from ftp5.usa.openbsd.org/pub/OpenBSD/5.8 and then applied all of the errata (2015-10-18) from http://www.openbsd.org/errata58.html. I want to make a release, to deploy on

Re: Exposing the rc(8) constructed pf ruleset, some patches

On Mon, 19 Oct 2015 12:47:46 -0600 Theo de Raadt wrote: > > > The supplied patch allows the rc.conf(8) pf > > > variable to be set to MINIMAL (in addition to > > > the current YES and NO). A setting of MINIMAL > > > loads the rc(8) default pf ruleset and enables > > >

Re: Upgrade from 5.7 to 5.8 : bsd.rd doesn't complete boot

On Mon, Oct 19, 2015 at 09:50:22PM BST, Jean-Philippe Provost wrote: > Hi, Hi, > I don't have any CD. I just downloaded the bsd.rd for 5.8 and it wont > boot and ask what I want to do. What do you mean by that? Does it give you the options to install, upgrade, etc.? Does it look anything

Re: Question about core dumps and swap space.

2015/10/20 6:29 "Christoph R. Murauer" : > > Hello ! > > I readed the FAQ 4.8 about partioning my drive but have a little problem > of understanding. > > The machine has 32 GB physical RAM, Wow. Way cool. > the disc is a 256 GB SSD That's not shabby, either. > (yes, I know, > I

Re: Exposing the rc(8) constructed pf ruleset, some patches

On 10/19/2015 8:26 PM, Karl O. Pinc wrote: But if you write DNS names into your pf.conf file then step 2 can be eliminated. All that's required is to reload the rules. How often do you re-query DNS to update and reload the rules? What do you do in the case of multiple A records, or a CDN?

Re: Question about core dumps and swap space.

On 10/19/15 17:18, Christoph R. Murauer wrote: > Hello ! ... > If I follow the FAQ, then core dumps should not work. I could resize swap > and /var to have the same (or bigger size) as the physical RAM which is > also no problem. My question - or better the things I don't understand (I > found no

PC Engine APU.1D4 installation stopper.

Hi, I am trying to load OpenBSD on this box and no matter what I try I end up not being able too. I did search and saw plenty that were successful and all. May be it's the newer model. APU.1D4? Or is there any special truck? I tried from usb flash drive, and even from a Sata drive inside a

Re: PC Engine APU.1D4 installation stopper.

For i386/amd64 you have to tell boot you want serial output either at the boot prompt or via boot.conf. stty com0 115200 set tty com0 On Mon, Oct 19, 2015 at 10:34:15PM -0400, Daniel Ouellet wrote: > Hi, > > I am trying to load OpenBSD on this box and no matter what I try I end > up not being

Re: Remove removed utilities?

Nick Holland wrote: > Things that are out-right replaced (i.e., sudo) should be actively > deleted. Even if it still works after upgrade, some day it is going to > break, and you should be pushed to use the new application (or the > package of the old application). Things like tip? what's the

pledge(2) problems on 18/x/ octeon snapshot

I just tried updating an EdgeRouterLite to the latest octeon snapshot after replacing the kernel and unpacking base58.tgz Literally all commands lead to : pledge: Function not implemented I would offer a ktrace/kdump but sadly my kdump also returns with said error. Cheers, Kim

Re: Install on compact flash

On Mon, Oct 19, 2015 at 5:02 AM, Stuart Henderson wrote: > On 2015-10-19, Paolo Aglialoro wrote: >> On Mon, Oct 19, 2015 at 12:27 PM, Stuart Henderson >> wrote: >> >>> Some devices get chown()ed during normal system operation, see

cannot input _ (keyboard layout is jp)

hi all . i start openbsd-snapshots by ***kvm*** . and chose 'keyboad layout' jp(japanese), then i cannot input _(under bar) . so i am obliged to use 'keyboad layout' us . this is a little incovinient . how to cope with this ? --- regards

Re: PC Engine APU.1D4 installation stopper.

On 10/19/15 11:52 PM, Jonathan Gray wrote: > For i386/amd64 you have to tell boot you want serial output > either at the boot prompt or via boot.conf. > > stty com0 115200 > set tty com0 Well, I knew it was something stupid I overlook! I need an other beer. Just was to excited when I got the

Re: iked "failed to get dh secret"

On Mon, Oct 19, 2015 at 12:09 PM, Adam Van Ymeren wrote: > I've been trying to setup a VPN for my android device using strongSwan and > iked. > > When I try to initiate the connection from my device the SA never gets > established. I see this in the log: > Here's the logs

Re: Exposing the rc(8) constructed pf ruleset, some patches

Well, since there's no attachments, I am including the patches inline. On Mon, 19 Oct 2015 10:27:16 -0500 "Karl O. Pinc" wrote: > Attached are 3 patches to -current for your > consideration. Apply with: > > cd /usr/src > patch -p1 ... > > The first,

iked "failed to get dh secret"

I've been trying to setup a VPN for my android device using strongSwan and iked. When I try to initiate the connection from my device the SA never gets established. I see this in the log: Here's the logs from iked -dvv ikev2_recv: IKE_SA_INIT request from initiator :54158 to 65.19.130.43:500