Re: Bioctl rounds doesn't appear to affect the passphrase time?
Doh... Yeah, starting from scratch with -r works. I guess quickly finding how long rounds take is not quite as easy as bioctl -d and try again. I guess the rounds it chooses is equal to a seconds worth, but surprised that it would be exactly 256. Struck me as a maxed byte or something. Sorry for the noise. On 25 Jun 2017 6:17 pm, "Ted Unangst"wrote: > Kevin Chadwick wrote: > > On Fri, 23 Jun 2017 20:24:24 +0200 > > > > > > > > > > I started by trying very high values with a simple password and > > > > > > expected to have to wait a long time but it was always around 7 > > > > > > seconds? > > > > > very high as in -r 2000 ? > > > > > > > > Yeah, 2048? Is there a MAX? > > > Not really. > > > > > > Oh it's been only 9 month since bioctl(8) switched over to bcrypt > > > PBKDF. You might run a older version (dmesg would help) in which case > > > you want to go much higher... 16000? > > > > > > # bioctl -v -c C -l /dev/vnd0a softraid0 > > > > > > shows you what KDF you are using. > > > > Thanks > > > > -r 1 shows "bioctl: number of KDF rounds is too small: 1" > > > > -r 4 shows "Deriving key using bcrypt PBKDF with 256 rounds..." > > > > whatever I set -r to, seems to say 256 rounds and returns in a similar > > timeframe. > > > > e.g. bioctl -v -c C -r 32000 -l /dev/vnd0a softraid0 > > well, of course. if it used a different number of rounds, the key wouldn't > match the one generated when the volume was created. if you're trying to > create a new volume, start with blank metadata. > >
Re: Tor Relay
Tor opens a lot of network sockets. It is helpful to raise kern.maxfiles in /etc/sysctl.conf. I add kern.maxfiles=2 On Sun, Jun 25, 2017 at 11:43 AM, Ax0nwrote: > does pkg_add tor > does rcctl enable tor > does rcctl start tor > > Welcome to your new onion relay node. It will relay and it will also listen > on port 9050 as a socks proxy for local applications. > > On Jun 25, 2017 10:41, "nicehat" wrote: > > > I'm looking for some good links on setting up a OBSD based Tor relay. > > I had a few good ones but they have since gone into hiding. > > Anyone with some experience/tips would be helpful > > Regards > > Happy Camper > > > > Sent with [ProtonMail](https://protonmail.com) Secure Email. >
Re: Bioctl rounds doesn't appear to affect the passphrase time?
Kevin Chadwick wrote: > On Fri, 23 Jun 2017 20:24:24 +0200 > > > > > > > I started by trying very high values with a simple password and > > > > > expected to have to wait a long time but it was always around 7 > > > > > seconds? > > > > very high as in -r 2000 ? > > > > > > Yeah, 2048? Is there a MAX? > > Not really. > > > > Oh it's been only 9 month since bioctl(8) switched over to bcrypt > > PBKDF. You might run a older version (dmesg would help) in which case > > you want to go much higher... 16000? > > > > # bioctl -v -c C -l /dev/vnd0a softraid0 > > > > shows you what KDF you are using. > > Thanks > > -r 1 shows "bioctl: number of KDF rounds is too small: 1" > > -r 4 shows "Deriving key using bcrypt PBKDF with 256 rounds..." > > whatever I set -r to, seems to say 256 rounds and returns in a similar > timeframe. > > e.g. bioctl -v -c C -r 32000 -l /dev/vnd0a softraid0 well, of course. if it used a different number of rounds, the key wouldn't match the one generated when the volume was created. if you're trying to create a new volume, start with blank metadata.
Re: Tor Relay
does pkg_add tor does rcctl enable tor does rcctl start tor Welcome to your new onion relay node. It will relay and it will also listen on port 9050 as a socks proxy for local applications. On Jun 25, 2017 10:41, "nicehat"wrote: > I'm looking for some good links on setting up a OBSD based Tor relay. > I had a few good ones but they have since gone into hiding. > Anyone with some experience/tips would be helpful > Regards > Happy Camper > > Sent with [ProtonMail](https://protonmail.com) Secure Email.
Re: Tor Relay
Sorry, link here https://unix.stackexchange.com/questions/327804/how-to-create-a-darknet-tor-web-site-in-linux/327805 On 25 June 2017 at 17:33, Rui Ribeirowrote: > While not answering your question, this related post and links should be > useful, I hope. > > Regards > > On 25 June 2017 at 16:39, nicehat wrote: > >> I'm looking for some good links on setting up a OBSD based Tor relay. >> I had a few good ones but they have since gone into hiding. >> Anyone with some experience/tips would be helpful >> Regards >> Happy Camper >> >> Sent with [ProtonMail](https://protonmail.com) Secure Email. > > > > > -- > Regards, > > -- > Rui Ribeiro > Senior Linux Architect and Network Administrator > ISCTE-IUL > https://www.linkedin.com/pub/rui-ribeiro/16/ab8/434 > -- Regards, -- Rui Ribeiro Senior Linux Architect and Network Administrator ISCTE-IUL https://www.linkedin.com/pub/rui-ribeiro/16/ab8/434
Re: Tor Relay
While not answering your question, this related post and links should be useful, I hope. Regards On 25 June 2017 at 16:39, nicehatwrote: > I'm looking for some good links on setting up a OBSD based Tor relay. > I had a few good ones but they have since gone into hiding. > Anyone with some experience/tips would be helpful > Regards > Happy Camper > > Sent with [ProtonMail](https://protonmail.com) Secure Email. -- Regards, -- Rui Ribeiro Senior Linux Architect and Network Administrator ISCTE-IUL https://www.linkedin.com/pub/rui-ribeiro/16/ab8/434
Re: Tor Relay
On Sun, Jun 25, 2017 at 5:39 PM, nicehatwrote: > I'm looking for some good links on setting up a OBSD based Tor relay. > I had a few good ones but they have since gone into hiding. > Anyone with some experience/tips would be helpful > Regards > Happy Camper https://torbsd.github.io/ and, in particular: https://torbsd.github.io/obsd-relays.html Ciao! David
Tor Relay
I'm looking for some good links on setting up a OBSD based Tor relay. I had a few good ones but they have since gone into hiding. Anyone with some experience/tips would be helpful Regards Happy Camper Sent with [ProtonMail](https://protonmail.com) Secure Email.
zzz issue
I am running current (though not up-to-date) on the machine described by the dmesg below. If I suspend the system with 'zzz' having started X, when I try to revive it there is no video. The system is alive otherwise and I can ssh in and reboot it. Just nothing on the screen. Otherwise, the system runs absolutely fine on this machine. Don Allen OpenBSD 6.1-current (GENERIC.MP) #69: Fri May 19 09:08:02 MDT 2017 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 8458735616 (8066MB) avail mem = 8196587520 (7816MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 3.0 @ 0xbd1b7000 (89 entries) bios0: vendor LENOVO version "FWKT63A" date 12/08/2016 bios0: LENOVO 10HYCTO1WW acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP APIC FPDT FIDT TCPA MCFG HPET SSDT LPIT SSDT SSDT SSDT DBGP DBG2 SSDT MSDM SSDT UEFI SSDT LUFT ASF! BGRT acpi0: wakeup devices PEGP(S4) PEG0(S4) PEGP(S4) PEG1(S4) PEGP(S4) PEG2(S4) SIO1(S3) PXSX(S4) RP09(S4) PXSX(S4) RP10(S4) PXSX(S4) RP11(S4) PXSX(S4) RP12(S4) PXSX(S4) [...] acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Pentium(R) CPU G4400T @ 2.90GHz, 2904.00 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,SGX,ERMS,INVPCID,RDSEED,SMAP,CLFLUSHOPT,PT,SENSOR,ARAT cpu0: 256KB 64b/line 8-way L2 cache cpu0: TSC frequency 290400 Hz cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges cpu0: apic clock running at 23MHz cpu0: mwait min=64, max=64, C-substates=0.2.1.2.4.1, IBE cpu1 at mainbus0: apid 2 (application processor) cpu1: Intel(R) Pentium(R) CPU G4400T @ 2.90GHz, 2904.00 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,SGX,ERMS,INVPCID,RDSEED,SMAP,CLFLUSHOPT,PT,SENSOR,ARAT cpu1: 256KB 64b/line 8-way L2 cache cpu1: smt 0, core 1, package 0 ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 120 pins acpimcfg0 at acpi0 addr 0xe000, bus 0-255 acpihpet0 at acpi0: 2399 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus -1 (PEG0) acpiprt2 at acpi0: bus -1 (PEG1) acpiprt3 at acpi0: bus -1 (PEG2) acpiprt4 at acpi0: bus -1 (RP09) acpiprt5 at acpi0: bus -1 (RP10) acpiprt6 at acpi0: bus -1 (RP11) acpiprt7 at acpi0: bus -1 (RP12) acpiprt8 at acpi0: bus -1 (RP13) acpiprt9 at acpi0: bus -1 (RP01) acpiprt10 at acpi0: bus -1 (RP02) acpiprt11 at acpi0: bus -1 (RP03) acpiprt12 at acpi0: bus -1 (RP04) acpiprt13 at acpi0: bus -1 (RP05) acpiprt14 at acpi0: bus -1 (RP06) acpiprt15 at acpi0: bus -1 (RP07) acpiprt16 at acpi0: bus -1 (RP08) acpiprt17 at acpi0: bus -1 (RP17) acpiprt18 at acpi0: bus -1 (RP18) acpiprt19 at acpi0: bus -1 (RP19) acpiprt20 at acpi0: bus -1 (RP20) acpiprt21 at acpi0: bus -1 (RP14) acpiprt22 at acpi0: bus -1 (RP15) acpiprt23 at acpi0: bus -1 (RP16) acpiec0 at acpi0: not present acpicpu0 at acpi0: C3(200@256 mwait.1@0x40), C2(200@151 mwait.1@0x33), C1(1000@1 mwait.1), PSS acpicpu1 at acpi0: C3(200@256 mwait.1@0x40), C2(200@151 mwait.1@0x33), C1(1000@1 mwait.1), PSS acpipwrres0 at acpi0: PG00, resource for PEG0 acpipwrres1 at acpi0: PG01, resource for PEG1 acpipwrres2 at acpi0: PG02, resource for PEG2 acpipwrres3 at acpi0: WRST acpipwrres4 at acpi0: WRST acpipwrres5 at acpi0: WRST acpipwrres6 at acpi0: WRST acpipwrres7 at acpi0: WRST acpipwrres8 at acpi0: WRST acpipwrres9 at acpi0: WRST acpipwrres10 at acpi0: WRST acpipwrres11 at acpi0: WRST acpipwrres12 at acpi0: WRST acpipwrres13 at acpi0: WRST acpipwrres14 at acpi0: WRST acpipwrres15 at acpi0: WRST acpipwrres16 at acpi0: WRST acpipwrres17 at acpi0: WRST acpipwrres18 at acpi0: WRST acpipwrres19 at acpi0: WRST acpipwrres20 at acpi0: WRST acpipwrres21 at acpi0: WRST acpipwrres22 at acpi0: WRST acpipwrres23 at acpi0: FN00, resource for FAN0 acpipwrres24 at acpi0: FN01, resource for FAN1 acpipwrres25 at acpi0: FN02, resource for FAN2 acpipwrres26 at acpi0: FN03, resource for FAN3 acpipwrres27 at acpi0: FN04, resource for FAN4 acpitz0 at acpi0: critical temperature is 119 degC acpitz1 at acpi0: critical temperature is 119 degC "INT3F0D" at acpi0 not configured acpibtn0 at acpi0: SLPB "PNP0C14" at acpi0 not configured "INT33A1" at acpi0 not configured acpibtn1 at acpi0: PWRB tpm0 at acpi0: TPM_ addr 0xfed4/0x5000: WEC WPCT200 rev 0x2 "INT340E" at acpi0 not configured "PNP0C0B" at acpi0 not configured "PNP0C0B" at acpi0 not configured
Re: Bioctl rounds doesn't appear to affect the passphrase time?
On Fri, 23 Jun 2017 20:24:24 +0200 > > > > I started by trying very high values with a simple password and > > > > expected to have to wait a long time but it was always around 7 > > > > seconds? > > > very high as in -r 2000 ? > > > > Yeah, 2048? Is there a MAX? > Not really. > > Oh it's been only 9 month since bioctl(8) switched over to bcrypt > PBKDF. You might run a older version (dmesg would help) in which case > you want to go much higher... 16000? > > # bioctl -v -c C -l /dev/vnd0a softraid0 > > shows you what KDF you are using. Thanks -r 1 shows "bioctl: number of KDF rounds is too small: 1" -r 4 shows "Deriving key using bcrypt PBKDF with 256 rounds..." whatever I set -r to, seems to say 256 rounds and returns in a similar timeframe. e.g. bioctl -v -c C -r 32000 -l /dev/vnd0a softraid0 kernel is 6.1 Jun 12 2017 bioctl sha256 starts with 1404c5e13f5f (i386 6.1) This is adding the vnd as sd1 as softraid0 already has an enc sd0 the vnd0 is attached to a 256MB file I would use the blowfish crypto of vnconfig instead but would rather use the bcrypt password hashing if possible. I assume vnconfig still uses PKCS #5, as the man page says? p.s. sorry for the delay, somehow I managed to hose my boot code, perhaps with bioctl -d sd0 whilst running from sd0 rather than bioctl -d sd1. installboot saved the day anyway. Teaches me to mess around with disks as root after a beer!
Re: HPLIP HP Laserjet Pro MFP M130fn PPD Plugin installation fails
On Sat, Jun 24, 2017 at 11:49:40AM -0500, rehcla wrote: > Hi Antoine, > > I can confirm that the Plugin installation works now for me: > > cd plugin_tmp/ > /local/bin/python2.7 plugin_install.py > > > Do you accept the license terms for the plug-in (y=yes*, n=no, q=quit) ? y > sh: lsb_release: not found > > Done. > > > But I still cant get the printer to work! > The good news it that scanning works now, but if I try to print I get an > error about the missing plugin. > > So here is what I did: > > - Installing hplip / hplip-gui and gtk+2-cups / gtk+3-cups > - doing the plugin installation shown above > > When I try to print a testpage hplip-systray says: required plugin not found! > > I did copy HP_LaserJet_MFP_M129-M134.ppd from /etc/cups/ppd/ to > /usr/local/share/foomatic/db/source/PPD/HP/ > (cause the gui setup is looking there), but no effect! > > What am I missing? Honestly, I don't know. Without direct access to the hardware, it's kind of hard for me to help any further. That specific printer maight not even be able to work on OpenBSD... The workaround and associated doc I made in the pkg-readme are theoretical because I don't have a printer that requires a plugin to be able to function properly. I've been told in the past that it worked (on some printers at least) but maybe not all? Sorry but I am afraid you are on you own on this one. If you find a way to make it work, please do share it and I'll add the required steps in the the pkg-readme. Thanks... > 15.06.2017, 09:41, "Antoine Jacoutot": > > On Sun, Jun 04, 2017 at 07:09:19PM +0200, Reheis Claus wrote: > >> Hi all, > >> > >> Recently I acquired an HP Laserjet Pro MFP M130fn and I would like to > >> use it with my OpenBSD Deskop... > >> As it is supported since hplip 3.17 I have to use OpenBSD Current. > >> I managed to get until the plugin installation, but now I am stuck at > >> the point: > >> > >> /usr/local/bin/python2.7 plugin_install.py > >> > >> License blablabla > >> > >> Do you accept the license terms for the plug-in (y=yes*, n=no, q=quit) ? y > >> sh: lsb_release: not found > >> Plugin installation failed > >> error: Plugin installation failed > >> > >> Any advice? thx > > > > Hi. > > > > Thanks for the report. > > FWIW I just fixed it in current. > > > > -- > > Antoine > -- Antoine
Re: A question of lock usage in OpenBSD kernel code
I really have no idea what I'm talking about, but ... On Sat, Jun 24, 2017 at 10:02 AM, Jia-Ju Baiwrote: > On 2017/6/23 23:59, Ted Unangst wrote: > >> Jia-Ju Bai wrote: >>> >>> Hi, >>> >>> I am a freshman in developing OpenBSD drivers, and I have a question in >>> lock usage in OpenBSD kernel code. >>> >>> I only find two kinds of locks which are often used in OpenBSD drivers, >>> namely "mutex lock" and "rw lock". I want to know which lock can be held >>> when the current thread can sleep. >>> >>> From my knowledge of OpenBSD document, I only find that "mutex lock" >>> can not be used in this situation. So I have two questions" >>> (1) What about "rw lock"? >>> (2) What about other kinds of locks? >> >> you're on the right track. the rw_init and mtx_init man pages go into this >> in >> more detail and explain the various other options as well. > > > Thanks for reply. > > I have read the man pages of "rw_init": > http://man.openbsd.org/OpenBSD-5.8/rwlock.9 > > But I can not ensure whether the thread can sleep when it holds a "rw lock" > > Could you please give me an explicit answer? Thanks in advance :) In the man page, I see the sentence, The rw_init() function is used to initiate the lock pointed to by rwl. The name argument specifies the name of the lock, which is used as the wait message if the thread needs to sleep. which seems to indicate to my naive reading that it might be possible. I note that my understanding of "busy lock" would lead me to think that would the non-sleep option. -- Joel Rees One of these days I'll get someone to pay me to design a language that combines the best of Forth and C. Then I'll be able to leap wide instruction sets with a single #ifdef, run faster than a speeding infinite loop with a #define, and stop all integer size bugs with my bare cast. http://defining-computers.blogspot.com/2017/06/reinventing-computers.html More of my delusions: http://reiisi.blogspot.com/2017/05/do-not-pay-modern-danegeld-ransomware.html http://reiisi.blogspot.jp/p/novels-i-am-writing.html