Re: Abort Trap question

2017-11-15 Thread Ax0n
A quick thought... are you extracting src.tar.gz into /usr (like you to
with ports.tar.gz)? On a few occasions, I've done this (instead of making
sure I'm in /usr/src first as I should) and had system binaries get
clobbered. When I've accidentally done this in the past, I do get a bunch
of abort trap errors and a predictably un-bootable system.  Example: This
block of stuff from src.tar.gz, if extracted whilst in /usr, would
overwrite /usr/bin/cat with a directory full of the source code for cat(1)
and so on and so forth.

drwxrwxr-x  2 axon axon 0 Oct  9 22:41 bin
drwxrwxr-x  2 axon axon 0 Oct  9 22:41 bin/CVS
-rw-rw-r--  1 axon axon 5 Oct  9 22:38 bin/CVS/Root
-rw-rw-r--  1 axon axon 8 Oct  9 22:38 bin/CVS/Repository
-rw-rw-r--  1 axon axon   439 Oct  9 22:41 bin/CVS/Entries
-rw-rw-r--  1 axon axon18 Oct  9 22:41 bin/CVS/Tag
-rw-rw-r--  1 axon axon   241 Apr 25  2016 bin/Makefile
-rw-rw-r--  1 axon axon   145 Jul 11  2014 bin/Makefile.inc
drwxrwxr-x  2 axon axon 0 Oct  9 22:38 bin/cat
drwxrwxr-x  2 axon axon 0 Oct  9 22:41 bin/cat/CVS
-rw-rw-r--  1 axon axon 5 Oct  9 22:38 bin/cat/CVS/Root
-rw-rw-r--  1 axon axon12 Oct  9 22:38
bin/cat/CVS/Repository
-rw-rw-r--  1 axon axon   172 Oct  9 22:41 bin/cat/CVS/Entries
-rw-rw-r--  1 axon axon18 Oct  9 22:41 bin/cat/CVS/Tag
-rw-rw-r--  1 axon axon93 Feb 18  2017 bin/cat/Makefile
-rw-rw-r--  1 axon axon  4848 Jul  9  2016 bin/cat/cat.1
-rw-rw-r--  1 axon axon  5567 Oct 19  2016 bin/cat/cat.c



On Wed, Nov 15, 2017 at 5:24 PM, patrick keshishian 
wrote:

> On 11/15/17, Philip Guenther  wrote:
> > On Wed, Nov 15, 2017 at 11:08 AM, Mike Coddington 
> > wrote:
> >
> >> On Wed, Nov 15, 2017 at 10:01:09AM -0600, Daniel Boyd wrote:
> >> > I've installed OpenBSD/macppc twice on my G4 Cube now and it seems to
> >> > be working fine until I go to untar src.tar.gz at which point it
> throws
> >> > some abort trap errors and crashes.  If I reboot, I get a bunch of
> >> > abort traps during the boot process followed by several:
> >> >
> >> > init: can't exec getty '/usr/libexec/getty' for pot /dev/ttyC3: ...
> >> >
> >> > What do you guys think this is...?  Hard drive failure...?
> >>
> >> Out of curiosity, does the same thing happen if you extract the tar with
> >> the pax(1) program? That'll at least let you know if it's tar causing
> >> the problem or not.
> >>
> >
> > tar _is_ pax:
> > : corwin; ls -li /bin/tar /bin/pax
> > 52015 -r-xr-xr-x  3 root  bin  433472 Nov  1 11:15 /bin/pax
> > 52015 -r-xr-xr-x  3 root  bin  433472 Nov  1 11:15 /bin/tar
> > : corwin;
> >
> > Fundamentally, unless a userspace process is poking at devices or
> similar,
> > it should be unable to panic the kernel.  An abort trap in the kernel is
> > either a kernel bug or a hardware bug.  IIRC there's some pmap bug on
> > macppc that no one has managed to track down which causes crashes on some
> > machines, but not others.  I've never hit it on the Macbook I use for
> > builds, but the ports build boxes, whatever model they are, seem to hit
> it
> > periodically...
>
> I read it as the tar process is the one aborting. which, if true,
> sounds like user-land and kernel are out-of-sync.
>
> Unfortunately, specific info is missing from the problem report.
>
> --patrick
>
>


Re: Atheros AR9300

2017-11-15 Thread Stefan Sperling
On Wed, Nov 15, 2017 at 03:04:15PM -0500, mabi wrote:
> Hi,
> 
> I just got myself a new firewall device (Lanner FW-7526) to replace my dying 
> Soekris box. That new firewall shipped with an Atheros AR9300 wireless chip 
> and just realized from the dmesg output and athn man page (OpenBSD 6.2) that 
> this chip must not be supported (yet).
> 
> The dmesg output is the following:
> 
> "Atheros AR9300" rev 0x01 at pci4 dev 0 function 0 not configured
> 
> Is my conclusion here correct? or am I just missing a non-free firmware 
> (though I ran the fw_update command already).
> 
> Best regards,
> Mabi

Not yet supported.

And athn(4) PCI devices do not require any firmware, a firmware is
only needed for athn(4) USB devices.

I would suggest to try locating an athn(4) AR9280 or ral(4) RT2700/RT2800 
device instead.



Re: Atheros A5424 still not supported?

2017-11-15 Thread Stefan Sperling
On Wed, Nov 15, 2017 at 06:39:20PM +, Roderick wrote:
> 
> I get in dmesg:
> 
> ath0 at pci1 dev 0 function 0 "Atheros AR5424" rev 0x01: apic 1 int 16
> ath0: AR5424 14.2 phy 7.0 rf 10.2 eeprom 5.3, EU1W, address
> 00:24:2b:e3:03:40
> [...]
> ath0: unable to reset hardware; hal status 3523714312
> ath0: unable to reset hardware; hal status 1
> 
> I thank for any hint.
> 
> Rodrigo
> 

Nobody has done any work to fix AR5424. Sorry.



Re: Abort Trap question

2017-11-15 Thread patrick keshishian
On 11/15/17, Philip Guenther  wrote:
> On Wed, Nov 15, 2017 at 11:08 AM, Mike Coddington 
> wrote:
>
>> On Wed, Nov 15, 2017 at 10:01:09AM -0600, Daniel Boyd wrote:
>> > I've installed OpenBSD/macppc twice on my G4 Cube now and it seems to
>> > be working fine until I go to untar src.tar.gz at which point it throws
>> > some abort trap errors and crashes.  If I reboot, I get a bunch of
>> > abort traps during the boot process followed by several:
>> >
>> > init: can't exec getty '/usr/libexec/getty' for pot /dev/ttyC3: ...
>> >
>> > What do you guys think this is...?  Hard drive failure...?
>>
>> Out of curiosity, does the same thing happen if you extract the tar with
>> the pax(1) program? That'll at least let you know if it's tar causing
>> the problem or not.
>>
>
> tar _is_ pax:
> : corwin; ls -li /bin/tar /bin/pax
> 52015 -r-xr-xr-x  3 root  bin  433472 Nov  1 11:15 /bin/pax
> 52015 -r-xr-xr-x  3 root  bin  433472 Nov  1 11:15 /bin/tar
> : corwin;
>
> Fundamentally, unless a userspace process is poking at devices or similar,
> it should be unable to panic the kernel.  An abort trap in the kernel is
> either a kernel bug or a hardware bug.  IIRC there's some pmap bug on
> macppc that no one has managed to track down which causes crashes on some
> machines, but not others.  I've never hit it on the Macbook I use for
> builds, but the ports build boxes, whatever model they are, seem to hit it
> periodically...

I read it as the tar process is the one aborting. which, if true,
sounds like user-land and kernel are out-of-sync.

Unfortunately, specific info is missing from the problem report.

--patrick



Re: Abort Trap question

2017-11-15 Thread Daniel Boyd
On Wed, 2017-11-15 at 13:35 -0800, Philip Guenther wrote:
> 
> tar _is_ pax:
> : corwin; ls -li /bin/tar /bin/pax
> 52015 -r-xr-xr-x  3 root  bin  433472 Nov  1 11:15 /bin/pax
> 52015 -r-xr-xr-x  3 root  bin  433472 Nov  1 11:15 /bin/tar
> : corwin;
> 
> Fundamentally, unless a userspace process is poking at devices or
> similar,
> it should be unable to panic the kernel.  An abort trap in the kernel
> is
> either a kernel bug or a hardware bug.  IIRC there's some pmap bug on
> macppc that no one has managed to track down which causes crashes on
> some
> machines, but not others.  I've never hit it on the Macbook I use for
> builds, but the ports build boxes, whatever model they are, seem to
> hit it
> periodically...
> 
> 
> Philip Guenther
> 

I'm happy to help track down the issue if someone will tell me what to
do.  I will reload the OS on the machine when I get a chance.  How will
we be able to determine whether we're dealing with a kernel bug or a
hardware failure?



Re: Abort Trap question

2017-11-15 Thread Philip Guenther
On Wed, Nov 15, 2017 at 11:08 AM, Mike Coddington 
wrote:

> On Wed, Nov 15, 2017 at 10:01:09AM -0600, Daniel Boyd wrote:
> > I've installed OpenBSD/macppc twice on my G4 Cube now and it seems to
> > be working fine until I go to untar src.tar.gz at which point it throws
> > some abort trap errors and crashes.  If I reboot, I get a bunch of
> > abort traps during the boot process followed by several:
> >
> > init: can't exec getty '/usr/libexec/getty' for pot /dev/ttyC3: ...
> >
> > What do you guys think this is...?  Hard drive failure...?
>
> Out of curiosity, does the same thing happen if you extract the tar with
> the pax(1) program? That'll at least let you know if it's tar causing
> the problem or not.
>

tar _is_ pax:
: corwin; ls -li /bin/tar /bin/pax
52015 -r-xr-xr-x  3 root  bin  433472 Nov  1 11:15 /bin/pax
52015 -r-xr-xr-x  3 root  bin  433472 Nov  1 11:15 /bin/tar
: corwin;

Fundamentally, unless a userspace process is poking at devices or similar,
it should be unable to panic the kernel.  An abort trap in the kernel is
either a kernel bug or a hardware bug.  IIRC there's some pmap bug on
macppc that no one has managed to track down which causes crashes on some
machines, but not others.  I've never hit it on the Macbook I use for
builds, but the ports build boxes, whatever model they are, seem to hit it
periodically...


Philip Guenther


Re: password-free SSH was Re: [ot] Security of my bit coin wallet

2017-11-15 Thread Peter N. M. Hansteen
On 11/15/17 21:50, James wrote:
> On Wed, Nov 15, 2017 at 3:06 PM, Gareth Nelson  
> wrote:
>> Use key-based authentication?
>>
> 
> Okay, but that doesn't fit the requirement.
> I want something iteratively password free.
> AFAIK, somewhere along the line in key-based authentication you need
> to enter a password to unlock the key.

You can generate passphrase-less ssh keys.

It would probably be wise to set up some some sort of authentication for
the device that holds your private key(s), but you do log on to your
machine in order to start working, don't you?

I find the rest of the message a bit hard to follow, but I suspect you
may be unaware that features functionally very close to what you
describe actually exist, and are documented in the man pages for the
software you mention in this last message.

(And not top-posting would help follow the discussion a lot - a rant
about that and a couple of other things can be had at[1] for those in need).

[1] https://bsdly.blogspot.com/2011/02/problem-isnt-email-its-microsoft.html

-- 
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.



Re: password-free SSH was Re: [ot] Security of my bit coin wallet

2017-11-15 Thread Theo de Raadt
> On Wed, Nov 15, 2017 at 3:06 PM, Gareth Nelson  wr=
> ote:
> > Use key-based authentication?
> >
> 
> Okay, but that doesn't fit the requirement.
> I want something iteratively password free.
> AFAIK, somewhere along the line in key-based authentication you need
> to enter a password to unlock the key.
> The context of this email is a password-free SSH. (blank passwords do
> not count as password-free)
> 
> What I want to find is a crypto mechanism that allows the use of no
> passwords, but with the same guarantees of key-based authentication.
> 
> So my thoughts are that to start with something similar to Diffie
> Hellman operating at the network layer, you could generate keys when
> you wanted to communicate after an initial round of set up.
> 
> You wouldn't establish faith in the security of the connection until
> proof was given that you are talking to the right host, and you could
> get higher or lower levels of proof. Something functioning like the
> Sieve of Eratosthenes.
> 
> For example. you just use one known fact from the network layer. a
> beacon. ntp even. Each communication point in the network, remember
> this is a recursive solver, would have different ping time to the
> beacon over a large number of pings, or to be able to express the
> confidence that this host is who it says it is. Each node has a
> complete and different view. In this way you could "push"
> Diffie-Hellman to the network layer.
> 
> I think it's similar in flavour to a blockchain, but it would
> eliminate the need to use passwords when speaking the protocol and
> establish some sort of reality to host mapping. Remember we can never
> actually verify anything in the internet due to MITM. We can just
> increase our probability of success while decreasing the attack
> surface for dictionaries.
> 
> What do you think?

Sorry, I don't see a diff in your email.

Oh are you just talking?

If you were serious you would stop mixing terminology together and
build it.



Re: password-free SSH was Re: [ot] Security of my bit coin wallet

2017-11-15 Thread James
On Wed, Nov 15, 2017 at 3:06 PM, Gareth Nelson  wrote:
> Use key-based authentication?
>

Okay, but that doesn't fit the requirement.
I want something iteratively password free.
AFAIK, somewhere along the line in key-based authentication you need
to enter a password to unlock the key.
The context of this email is a password-free SSH. (blank passwords do
not count as password-free)

What I want to find is a crypto mechanism that allows the use of no
passwords, but with the same guarantees of key-based authentication.

So my thoughts are that to start with something similar to Diffie
Hellman operating at the network layer, you could generate keys when
you wanted to communicate after an initial round of set up.

You wouldn't establish faith in the security of the connection until
proof was given that you are talking to the right host, and you could
get higher or lower levels of proof. Something functioning like the
Sieve of Eratosthenes.

For example. you just use one known fact from the network layer. a
beacon. ntp even. Each communication point in the network, remember
this is a recursive solver, would have different ping time to the
beacon over a large number of pings, or to be able to express the
confidence that this host is who it says it is. Each node has a
complete and different view. In this way you could "push"
Diffie-Hellman to the network layer.

I think it's similar in flavour to a blockchain, but it would
eliminate the need to use passwords when speaking the protocol and
establish some sort of reality to host mapping. Remember we can never
actually verify anything in the internet due to MITM. We can just
increase our probability of success while decreasing the attack
surface for dictionaries.

What do you think?


Cheers,
James








> On Wed, Nov 15, 2017 at 2:38 PM, James  wrote:
>>
>> On Wed, Nov 15, 2017 at 10:42 AM, Raul Miller 
>> wrote:
>> > Assumption is invalid. Flaws are widely documented (e.g. fixed
>> > supply). Probably wrong list, also.
>> >
>>
>> Ok a little more on topic then. SSH.
>>
>> How would you secure SSH without a password, iteratively password - free?
>> a blank password does not count as password-free.
>>
>> My motivation is turn the internet upside down.
>>
>> Does any current crypto mechanism come to mind?
>>
>> A possible example is the use of Diffie-Hellman at the network layer
>> to identify hosts. I think that would be password-free.
>>
>>
>> > Thanks,
>> >
>> > --
>> > Raul
>> >
>>
>> Thanks,
>> James
>>
>>
>>
>> > On Wed, Nov 15, 2017 at 8:46 AM, James  wrote:
>> >> While a little off topic it is security related so I hope you don't
>> >> mind.
>> >>
>> >> This is the misc list, right?
>> >>
>> >> Assumption 1.
>> >> bitcoin is a secure protocol without flaws.
>> >>
>> >> quote from
>> >> https://github.com/bitcoinbook/bitcoinbook/blob/second_edition/ch01.asciidoc
>> >>
>> >> With these keys they can sign transactions to unlock the value and
>> >> spend it by transferring it to a new owner. Keys are often stored in a
>> >> digital wallet on each user’s computer or smartphone. Possession of
>> >> the key that can sign a transaction is the only prerequisite to
>> >> spending bitcoin, putting the control entirely in the hands of each
>> >> user.
>> >>
>> >>
>> >> Is the security of a bitcoin wallet ultimately determined by it's
>> >> password?
>> >> The way I see it If an attacker had access to my computer, the only
>> >> thing protecting access to the wallet would be a password or some
>> >> iteration of a password scheme, if not mine than a centralized server
>> >> of trust somewhere, but eventually someone has a password that is used
>> >> to, unlock a bitcoin. Is that correct reasoning or are there
>> >> alternatives?
>> >>
>> >> Thanks,
>> >> James
>> >>
>>
>



Re: Abort Trap question

2017-11-15 Thread Daniel Boyd
On Wed, 2017-11-15 at 13:08 -0600, Mike Coddington wrote:
> On Wed, Nov 15, 2017 at 10:01:09AM -0600, Daniel Boyd wrote:
> > I've installed OpenBSD/macppc twice on my G4 Cube now and it seems
> > to
> > be working fine until I go to untar src.tar.gz at which point it
> > throws
> > some abort trap errors and crashes.  If I reboot, I get a bunch of
> > abort traps during the boot process followed by several:
> > 
> > init: can't exec getty '/usr/libexec/getty' for pot /dev/ttyC3: ...
> > 
> > What do you guys think this is...?  Hard drive failure...?
> 
> Out of curiosity, does the same thing happen if you extract the tar
> with
> the pax(1) program? That'll at least let you know if it's tar causing
> the problem or not.
> 
> 

Heh ... give me a couple days.  Need to find time to re-install the
system since it wno't boot anymore.  Have to set up a NFS server b/c
the CD-ROM drive is busted.



Atheros AR9300

2017-11-15 Thread mabi
Hi,

I just got myself a new firewall device (Lanner FW-7526) to replace my dying 
Soekris box. That new firewall shipped with an Atheros AR9300 wireless chip and 
just realized from the dmesg output and athn man page (OpenBSD 6.2) that this 
chip must not be supported (yet).

The dmesg output is the following:

"Atheros AR9300" rev 0x01 at pci4 dev 0 function 0 not configured

Is my conclusion here correct? or am I just missing a non-free firmware (though 
I ran the fw_update command already).

Best regards,
Mabi

Unsure if I can help update the drivers?

2017-11-15 Thread Kevin Chadwick
http://www.congatec.com/en/products/smarc/conga-sa5.html

I would like to get a number of intel device IDs and/or drivers working
with OpenBSD including broxton graphics 0x5a85 and azalia sound 0x5a98.

Can I help in any way such as by providing patches or is it simply a
case of waiting for a sync with Linux driver updates or can I help with
that?

Thanks



Re: Abort Trap question

2017-11-15 Thread Mike Coddington
On Wed, Nov 15, 2017 at 10:01:09AM -0600, Daniel Boyd wrote:
> I've installed OpenBSD/macppc twice on my G4 Cube now and it seems to
> be working fine until I go to untar src.tar.gz at which point it throws
> some abort trap errors and crashes.  If I reboot, I get a bunch of
> abort traps during the boot process followed by several:
> 
> init: can't exec getty '/usr/libexec/getty' for pot /dev/ttyC3: ...
> 
> What do you guys think this is...?  Hard drive failure...?

Out of curiosity, does the same thing happen if you extract the tar with
the pax(1) program? That'll at least let you know if it's tar causing
the problem or not.

-- 
Put your Nose to the Grindstone!
-- Amalgamated Plastic Surgeons and Toolmakers, Ltd.



Atheros A5424 still not supported?

2017-11-15 Thread Roderick


I get in dmesg:

ath0 at pci1 dev 0 function 0 "Atheros AR5424" rev 0x01: apic 1 int 16
ath0: AR5424 14.2 phy 7.0 rf 10.2 eeprom 5.3, EU1W, address 
00:24:2b:e3:03:40

[...]
ath0: unable to reset hardware; hal status 3523714312
ath0: unable to reset hardware; hal status 1

I thank for any hint.

Rodrigo



Re: error trying to load C/XS Perl module

2017-11-15 Thread Alceu Rodrigues de Freitas Junior

Em 15/11/2017 13:38, Silamael escreveu:


Hi,

You could try to set LD_DEBUG=yes before running the test.
With this you should see, what's really missing.

-- Matthias



Thanks Matthias!

I tried that with a perl compiled with debugging symbols (-DDEBUGGING):

dlopen: 
/home/vagrant/.cpan/build/PerlIO-eol-0.16-6/blib/arch/auto/PerlIO/eol/eol.so: 
done (success).
dlsym: boot_PerlIO__eol in 
/home/vagrant/.cpan/build/PerlIO-eol-0.16-6/blib/arch/auto/PerlIO/eol/eol.so: 
0x174e88dd9670

ok 1 - use PerlIO::eol;
ok 2
ok 3
ok 4
ok 5
ok 6 - open for read
Failed 17/23 subtests

Test Summary Report
---
t/1-basic.t (Wstat: 134 Tests: 6 Failed: 0)
  Non-zero wait status: 134
  Parse errors: Bad plan.  You planned 23 tests but ran 6.
Files=1, Tests=6,  0 wallclock secs ( 0.04 usr  0.03 sys +  0.07 cusr 
0.10 csys =  0.24 CPU)

Result: FAIL
doing dtors obj 0x8d5475cc800 @0x8d5ecb88340: 
[/home/vagrant/perl5/perlbrew/perls/5.26.1d/lib/5.26.1/OpenBSD.amd64-openbsd/auto/POSIX/POSIX.so]
doing dtors obj 0x8d5d4886400 @0x8d574e2f9f0: 
[/home/vagrant/perl5/perlbrew/perls/5.26.1d/lib/5.26.1/OpenBSD.amd64-openbsd/auto/Fcntl/Fcntl.so]
doing dtors obj 0x8d5701df000 @0x8d5cb1e5020: 
[/home/vagrant/perl5/perlbrew/perls/5.26.1d/lib/5.26.1/OpenBSD.amd64-openbsd/auto/IO/IO.so]
doing dtors obj 0x8d5701df800 @0x8d61d3e14b0: 
[/home/vagrant/perl5/perlbrew/perls/5.26.1d/lib/5.26.1/OpenBSD.amd64-openbsd/auto/File/Glob/Glob.so]
doing dtors obj 0x8d5a090cc00 @0x8d549b11b30: 
[/home/vagrant/perl5/perlbrew/perls/5.26.1d/lib/5.26.1/OpenBSD.amd64-openbsd/auto/Time/HiRes/HiRes.so]
doing dtors obj 0x8d5a090c800 @0x8d5593df660: 
[/home/vagrant/perl5/perlbrew/perls/5.26.1d/lib/5.26.1/OpenBSD.amd64-openbsd/auto/List/Util/Util.so]
doing dtors obj 0x8d5d4886000 @0x8d5c06651d0: 
[/home/vagrant/perl5/perlbrew/perls/5.26.1d/lib/5.26.1/OpenBSD.amd64-openbsd/auto/Cwd/Cwd.so]

doing dtors

The program dies right after the test number 6 and generates a core 
dump. Unfortunately, gdb doesn't give me anything useful (or I'm doing 
something wrong):


bash-4.4$ gdb -c perl.core
GNU gdb 6.3
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain 
conditions.

Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "amd64-unknown-openbsd6.1".
Core was generated by `perl'.
Program terminated with signal 6, Aborted.
#0  0x174ec0f6dfea in ?? ()
(gdb) bt full
#0  0x174ec0f6dfea in ?? ()
No symbol table info available.
#1  0x174ec0f6e0b9 in ?? ()
No symbol table info available.
#2  0x174e06f4a480 in ?? ()
No symbol table info available.
#3  0x000a in ?? ()
No symbol table info available.
#4  0xffdf000a in ?? ()
No symbol table info available.
#5  0x35cbadd363eaf932 in ?? ()
No symbol table info available.
#6  0x0003 in ?? ()
No symbol table info available.
#7  0x174ec0f8e718 in ?? ()
No symbol table info available.
#8  0x174e in ?? ()
No symbol table info available.
#9  0x174e36b0d020 in ?? ()
No symbol table info available.
#10 0x00ff0008 in ?? ()
No symbol table info available.
#11 0x35cbadd363eaf932 in ?? ()
No symbol table info available.
#12 0x174e55684880 in ?? ()
No symbol table info available.
#13 0x174e88dda0d6 in ?? ()
No symbol table info available.
#14 0x60bbe59c in ?? ()
No symbol table info available.
#15 0x174df018bc98 in ?? ()
No symbol table info available.
#16 0x0004 in ?? ()
No symbol table info available.
#17 0x174ed6c21980 in ?? ()
No symbol table info available.
#18 0x1000 in ?? ()
No symbol table info available.
#19 0x1000 in ?? ()
No symbol table info available.
#20 0x in ?? ()
No symbol table info available.
(gdb)



Re: password-free SSH was Re: [ot] Security of my bit coin wallet

2017-11-15 Thread Gareth Nelson
Use key-based authentication?

On Wed, Nov 15, 2017 at 2:38 PM, James  wrote:

> On Wed, Nov 15, 2017 at 10:42 AM, Raul Miller 
> wrote:
> > Assumption is invalid. Flaws are widely documented (e.g. fixed
> > supply). Probably wrong list, also.
> >
>
> Ok a little more on topic then. SSH.
>
> How would you secure SSH without a password, iteratively password - free?
> a blank password does not count as password-free.
>
> My motivation is turn the internet upside down.
>
> Does any current crypto mechanism come to mind?
>
> A possible example is the use of Diffie-Hellman at the network layer
> to identify hosts. I think that would be password-free.
>
>
> > Thanks,
> >
> > --
> > Raul
> >
>
> Thanks,
> James
>
>
>
> > On Wed, Nov 15, 2017 at 8:46 AM, James  wrote:
> >> While a little off topic it is security related so I hope you don't
> mind.
> >>
> >> This is the misc list, right?
> >>
> >> Assumption 1.
> >> bitcoin is a secure protocol without flaws.
> >>
> >> quote from https://github.com/bitcoinbook/bitcoinbook/blob/
> second_edition/ch01.asciidoc
> >>
> >> With these keys they can sign transactions to unlock the value and
> >> spend it by transferring it to a new owner. Keys are often stored in a
> >> digital wallet on each user’s computer or smartphone. Possession of
> >> the key that can sign a transaction is the only prerequisite to
> >> spending bitcoin, putting the control entirely in the hands of each
> >> user.
> >>
> >>
> >> Is the security of a bitcoin wallet ultimately determined by it's
> password?
> >> The way I see it If an attacker had access to my computer, the only
> >> thing protecting access to the wallet would be a password or some
> >> iteration of a password scheme, if not mine than a centralized server
> >> of trust somewhere, but eventually someone has a password that is used
> >> to, unlock a bitcoin. Is that correct reasoning or are there
> >> alternatives?
> >>
> >> Thanks,
> >> James
> >>
>
>


Re: error trying to load C/XS Perl module

2017-11-15 Thread Alceu Rodrigues de Freitas Junior

Em 15/11/2017 15:06, Stuart Henderson escreveu:

On 2017-11-15, Stuart Henderson  wrote:


If I make a port using the normal ports framework and try it on -current,
I get this, which is a bit further but not all the way :

1..23
ok 1 - use PerlIO::eol;
ok 2
ok 3
ok 4
ok 5
ok 6 - open for read
Failed 17/23 subtests

Test Summary Report
---
t/1-basic.t (Wstat: 134 Tests: 6 Failed: 0)
   Non-zero wait status: 134
   Parse errors: Bad plan.  You planned 23 tests but ran 6.
Files=1, Tests=6,  0 wallclock secs ( 0.01 usr  0.04 sys +  0.03 cusr  0.03 
csys =  0.11 CPU)
Result: FAIL





Ha. I didn't notice before I wrote a local port, but there's already
a port in the tree. So actually you should just be able to use
"pkg_add p5-PerlIO-eol".

In general: use the OS packages, don't try and mix with cpan.
In most cases it's easier to write a port than deal with the mess
that you'll end up in by using two different/conflicting package
systems (i.e. OpenBSD's usual one and CPAN).



Thanks Stuart!

Actually, using CPAN is the main objective here because I'm testing 
OpenBSD 6.1 as a CPAN Smoker 
(https://github.com/glasswalk3r/cpan-openbsd-smoker).


So, basically it really didn't occurred to me to search for a ports, but 
I see that it is updated to the latest version of this module.


I'm not acquainted with creating ports, but I guess I should start from 
https://www.openbsd.org/faq/ports/ and then checkout 
http://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/ports/devel/p5-PerlIO-eol/Makefile?rev=1.17=text/plain.


So far, I wasn't able to figure out anything outstanding with the 
building process that is common to Perl modules, but I didn't find 
anything regarding executing tests as well. To me, the Makefile over 
there has a bit of magic to make it work, so I would appreciate any 
inputs on that.




Re: session security on OpenBSD vs popular options

2017-11-15 Thread Peter N. M. Hansteen
On 11/15/17 18:28, Charlie Eddy wrote:
> Hello,
> 
> Please let me know how to find information on OpenBSD security as it
> relates to web browser sessions.
> 
> For instance, I am aware that some attack vectors depend on browser
> connections with OS components. What security flaws exist that OpenBSD
> specifically is able to address?

I think a fairly good place to start is to follow the presentation links
from https://www.openbsd.org/events.html - there are quite a few talks
that would be quite relevant and help you narrow down the question to
something it would be possible to answer in a mailing list message.

- Peter
-- 
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
http://bsdly.blogspot.com/ http://www.bsdly.net/ http://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.



Re: error trying to load C/XS Perl module

2017-11-15 Thread Silamael

On 11/15/2017 02:50 PM, Alceu Rodrigues de Freitas Junior wrote:

Hello folks,

I'm struggling to get installed the module PerlIO::eol by downloding it 
from CPAN and installing it.


I tried with both the standard perl in OpenBSD 6.1 and also one that I 
compiled with perlbrew, but the results are the same (after the classic 
"perl Makefile.PL; make"):


bash-4.4$ prove -l -m -v t/1-basic.t
t/1-basic.t ..
1..23
not ok 1 - use PerlIO::eol;
#   Failed test 'use PerlIO::eol;'
#   at t/1-basic.t line 4.
# Tried to use 'PerlIO::eol'.
# Error:  Can't locate loadable object for module PerlIO::eol in 
@INC (@INC contains: /home/vagrant/.cpan/build/PerlIO-eol-0.16-1/lib 
/home/vagrant/perl5/perlbrew/perls/perl-5.26.1/lib/site_perl/5.26.1/OpenBSD.amd64-openbsd 
/home/vagrant/perl5/perlbrew/perls/perl-5.26.1/lib/site_perl/5.26.1 
/home/vagrant/perl5/perlbrew/perls/perl-5.26.1/lib/5.26.1/OpenBSD.amd64-openbsd 
/home/vagrant/perl5/perlbrew/perls/perl-5.26.1/lib/5.26.1) at 
t/1-basic.t line 4.

# Compilation failed in require at t/1-basic.t line 4.
# BEGIN failed--compilation aborted at t/1-basic.t line 4.
Bareword "CR" not allowed while "strict subs" in use at t/1-basic.t line 6.
Bareword "LF" not allowed while "strict subs" in use at t/1-basic.t line 6.
Bareword "CRLF" not allowed while "strict subs" in use at t/1-basic.t 
line 6.

Execution of t/1-basic.t aborted due to compilation errors.
# Looks like your test exited with 255 just after 1.
Dubious, test returned 255 (wstat 65280, 0xff00)
Failed 23/23 subtests


Hi,

You could try to set LD_DEBUG=yes before running the test.
With this you should see, what's really missing.

-- Matthias



session security on OpenBSD vs popular options

2017-11-15 Thread Charlie Eddy
Hello,

Please let me know how to find information on OpenBSD security as it
relates to web browser sessions.

For instance, I am aware that some attack vectors depend on browser
connections with OS components. What security flaws exist that OpenBSD
specifically is able to address?

Thanks,
Charlie Eddy


Re: error trying to load C/XS Perl module

2017-11-15 Thread Stuart Henderson
On 2017-11-15, Stuart Henderson  wrote:
> On 2017-11-15, Alceu Rodrigues de Freitas Junior  
> wrote:
>> Hello folks,
>>
>> I'm struggling to get installed the module PerlIO::eol by downloding it 
>> from CPAN and installing it.
>>
>> I tried with both the standard perl in OpenBSD 6.1 and also one that I 
>> compiled with perlbrew, but the results are the same (after the classic 
>> "perl Makefile.PL; make"):
>>
>> bash-4.4$ prove -l -m -v t/1-basic.t
>> t/1-basic.t ..
>> 1..23
>> not ok 1 - use PerlIO::eol;
>> #   Failed test 'use PerlIO::eol;'
>> #   at t/1-basic.t line 4.
>> # Tried to use 'PerlIO::eol'.
>> # Error:  Can't locate loadable object for module PerlIO::eol in 
>> @INC (@INC contains: /home/vagrant/.cpan/build/PerlIO-eol-0.16-1/lib 
>> /home/vagrant/perl5/perlbrew/perls/perl-5.26.1/lib/site_perl/5.26.1/OpenBSD.amd64-openbsd
>>  
>> /home/vagrant/perl5/perlbrew/perls/perl-5.26.1/lib/site_perl/5.26.1 
>> /home/vagrant/perl5/perlbrew/perls/perl-5.26.1/lib/5.26.1/OpenBSD.amd64-openbsd
>>  
>> /home/vagrant/perl5/perlbrew/perls/perl-5.26.1/lib/5.26.1) at 
>> t/1-basic.t line 4.
>> # Compilation failed in require at t/1-basic.t line 4.
>> # BEGIN failed--compilation aborted at t/1-basic.t line 4.
>> Bareword "CR" not allowed while "strict subs" in use at t/1-basic.t line 6.
>> Bareword "LF" not allowed while "strict subs" in use at t/1-basic.t line 6.
>> Bareword "CRLF" not allowed while "strict subs" in use at t/1-basic.t 
>> line 6.
>> Execution of t/1-basic.t aborted due to compilation errors.
>> # Looks like your test exited with 255 just after 1.
>> Dubious, test returned 255 (wstat 65280, 0xff00)
>> Failed 23/23 subtests
>>
>> Test Summary Report
>> ---
>> t/1-basic.t (Wstat: 65280 Tests: 1 Failed: 1)
>>Failed test:  1
>>Non-zero exit status: 255
>>Parse errors: Bad plan.  You planned 23 tests but ran 1.
>> Files=1, Tests=1,  0 wallclock secs ( 0.02 usr  0.04 sys +  0.04 cusr 
>> 0.06 csys =  0.16 CPU)
>> Result: FAIL
>> bash-4.4$
>>
>> I even tried to export LD_LIBRARY_PATH to the current directory, didn't 
>> work either.
>>
>> In the past, I had problems with libs dependencies because installing 
>> them through pkg_add were putting them over /usr/local/lib, and libpth 
>> variable in Perl was not searching over there:
>>
>> -bash-4.4$ perl -v | head -2
>>
>> This is perl 5, version 24, subversion 1 (v5.24.1) built for amd64-openbsd
>> -bash-4.4$ perl -V | grep libpth
>>  libpth=/usr/lib /usr/lib
>>
>> But I don't think that's the case here since the object I'm trying to 
>> load is on my current directory:
>>
>> bash-4.4$ ls
>> Changes   LICENSE~  META.json MYMETA.ymlREADME 
>> dist.ini  eol.c eol.xslib   t
>> Changes~  MANIFEST  META.yml  Makefile  README~ 
>> dist.ini~ eol.h eol.xs~   perl.core write.h
>> LICENSE   MANIFEST.SKIP MYMETA.json   Makefile.PL   blib 
>> eol.bseol.o fill.hpm_to_blibxt
>>
>> The core file over there didn't gave any hints when using "gdb -c" with it.
>>
>> Thanks!
>> Alceu
>>
>>
>
> If I make a port using the normal ports framework and try it on -current,
> I get this, which is a bit further but not all the way :
>
> 1..23
> ok 1 - use PerlIO::eol;
> ok 2
> ok 3
> ok 4
> ok 5
> ok 6 - open for read
> Failed 17/23 subtests 
>
> Test Summary Report
> ---
> t/1-basic.t (Wstat: 134 Tests: 6 Failed: 0)
>   Non-zero wait status: 134
>   Parse errors: Bad plan.  You planned 23 tests but ran 6.
> Files=1, Tests=6,  0 wallclock secs ( 0.01 usr  0.04 sys +  0.03 cusr  0.03 
> csys =  0.11 CPU)
> Result: FAIL
>
>
>

Ha. I didn't notice before I wrote a local port, but there's already
a port in the tree. So actually you should just be able to use
"pkg_add p5-PerlIO-eol".

In general: use the OS packages, don't try and mix with cpan.
In most cases it's easier to write a port than deal with the mess
that you'll end up in by using two different/conflicting package
systems (i.e. OpenBSD's usual one and CPAN).




Abort Trap question

2017-11-15 Thread Daniel Boyd
I've installed OpenBSD/macppc twice on my G4 Cube now and it seems to
be working fine until I go to untar src.tar.gz at which point it throws
some abort trap errors and crashes.  If I reboot, I get a bunch of
abort traps during the boot process followed by several:

init: can't exec getty '/usr/libexec/getty' for pot /dev/ttyC3: ...

What do you guys think this is...?  Hard drive failure...?



Re: error trying to load C/XS Perl module

2017-11-15 Thread Stuart Henderson
On 2017-11-15, Alceu Rodrigues de Freitas Junior  
wrote:
> Hello folks,
>
> I'm struggling to get installed the module PerlIO::eol by downloding it 
> from CPAN and installing it.
>
> I tried with both the standard perl in OpenBSD 6.1 and also one that I 
> compiled with perlbrew, but the results are the same (after the classic 
> "perl Makefile.PL; make"):
>
> bash-4.4$ prove -l -m -v t/1-basic.t
> t/1-basic.t ..
> 1..23
> not ok 1 - use PerlIO::eol;
> #   Failed test 'use PerlIO::eol;'
> #   at t/1-basic.t line 4.
> # Tried to use 'PerlIO::eol'.
> # Error:  Can't locate loadable object for module PerlIO::eol in 
> @INC (@INC contains: /home/vagrant/.cpan/build/PerlIO-eol-0.16-1/lib 
> /home/vagrant/perl5/perlbrew/perls/perl-5.26.1/lib/site_perl/5.26.1/OpenBSD.amd64-openbsd
>  
> /home/vagrant/perl5/perlbrew/perls/perl-5.26.1/lib/site_perl/5.26.1 
> /home/vagrant/perl5/perlbrew/perls/perl-5.26.1/lib/5.26.1/OpenBSD.amd64-openbsd
>  
> /home/vagrant/perl5/perlbrew/perls/perl-5.26.1/lib/5.26.1) at 
> t/1-basic.t line 4.
> # Compilation failed in require at t/1-basic.t line 4.
> # BEGIN failed--compilation aborted at t/1-basic.t line 4.
> Bareword "CR" not allowed while "strict subs" in use at t/1-basic.t line 6.
> Bareword "LF" not allowed while "strict subs" in use at t/1-basic.t line 6.
> Bareword "CRLF" not allowed while "strict subs" in use at t/1-basic.t 
> line 6.
> Execution of t/1-basic.t aborted due to compilation errors.
> # Looks like your test exited with 255 just after 1.
> Dubious, test returned 255 (wstat 65280, 0xff00)
> Failed 23/23 subtests
>
> Test Summary Report
> ---
> t/1-basic.t (Wstat: 65280 Tests: 1 Failed: 1)
>Failed test:  1
>Non-zero exit status: 255
>Parse errors: Bad plan.  You planned 23 tests but ran 1.
> Files=1, Tests=1,  0 wallclock secs ( 0.02 usr  0.04 sys +  0.04 cusr 
> 0.06 csys =  0.16 CPU)
> Result: FAIL
> bash-4.4$
>
> I even tried to export LD_LIBRARY_PATH to the current directory, didn't 
> work either.
>
> In the past, I had problems with libs dependencies because installing 
> them through pkg_add were putting them over /usr/local/lib, and libpth 
> variable in Perl was not searching over there:
>
> -bash-4.4$ perl -v | head -2
>
> This is perl 5, version 24, subversion 1 (v5.24.1) built for amd64-openbsd
> -bash-4.4$ perl -V | grep libpth
>  libpth=/usr/lib /usr/lib
>
> But I don't think that's the case here since the object I'm trying to 
> load is on my current directory:
>
> bash-4.4$ ls
> Changes   LICENSE~  META.json MYMETA.ymlREADME 
> dist.ini  eol.c eol.xslib   t
> Changes~  MANIFEST  META.yml  Makefile  README~ 
> dist.ini~ eol.h eol.xs~   perl.core write.h
> LICENSE   MANIFEST.SKIP MYMETA.json   Makefile.PL   blib 
> eol.bseol.o fill.hpm_to_blibxt
>
> The core file over there didn't gave any hints when using "gdb -c" with it.
>
> Thanks!
> Alceu
>
>

If I make a port using the normal ports framework and try it on -current,
I get this, which is a bit further but not all the way :

1..23
ok 1 - use PerlIO::eol;
ok 2
ok 3
ok 4
ok 5
ok 6 - open for read
Failed 17/23 subtests 

Test Summary Report
---
t/1-basic.t (Wstat: 134 Tests: 6 Failed: 0)
  Non-zero wait status: 134
  Parse errors: Bad plan.  You planned 23 tests but ran 6.
Files=1, Tests=6,  0 wallclock secs ( 0.01 usr  0.04 sys +  0.03 cusr  0.03 
csys =  0.11 CPU)
Result: FAIL




password-free SSH was Re: [ot] Security of my bit coin wallet

2017-11-15 Thread James
On Wed, Nov 15, 2017 at 10:42 AM, Raul Miller  wrote:
> Assumption is invalid. Flaws are widely documented (e.g. fixed
> supply). Probably wrong list, also.
>

Ok a little more on topic then. SSH.

How would you secure SSH without a password, iteratively password - free?
a blank password does not count as password-free.

My motivation is turn the internet upside down.

Does any current crypto mechanism come to mind?

A possible example is the use of Diffie-Hellman at the network layer
to identify hosts. I think that would be password-free.


> Thanks,
>
> --
> Raul
>

Thanks,
James



> On Wed, Nov 15, 2017 at 8:46 AM, James  wrote:
>> While a little off topic it is security related so I hope you don't mind.
>>
>> This is the misc list, right?
>>
>> Assumption 1.
>> bitcoin is a secure protocol without flaws.
>>
>> quote from 
>> https://github.com/bitcoinbook/bitcoinbook/blob/second_edition/ch01.asciidoc
>>
>> With these keys they can sign transactions to unlock the value and
>> spend it by transferring it to a new owner. Keys are often stored in a
>> digital wallet on each user’s computer or smartphone. Possession of
>> the key that can sign a transaction is the only prerequisite to
>> spending bitcoin, putting the control entirely in the hands of each
>> user.
>>
>>
>> Is the security of a bitcoin wallet ultimately determined by it's password?
>> The way I see it If an attacker had access to my computer, the only
>> thing protecting access to the wallet would be a password or some
>> iteration of a password scheme, if not mine than a centralized server
>> of trust somewhere, but eventually someone has a password that is used
>> to, unlock a bitcoin. Is that correct reasoning or are there
>> alternatives?
>>
>> Thanks,
>> James
>>



Re: [ot] Security of my bit coin wallet

2017-11-15 Thread Raul Miller
Assumption is invalid. Flaws are widely documented (e.g. fixed
supply). Probably wrong list, also.

Thanks,

-- 
Raul

On Wed, Nov 15, 2017 at 8:46 AM, James  wrote:
> While a little off topic it is security related so I hope you don't mind.
>
> This is the misc list, right?
>
> Assumption 1.
> bitcoin is a secure protocol without flaws.
>
> quote from 
> https://github.com/bitcoinbook/bitcoinbook/blob/second_edition/ch01.asciidoc
>
> With these keys they can sign transactions to unlock the value and
> spend it by transferring it to a new owner. Keys are often stored in a
> digital wallet on each user’s computer or smartphone. Possession of
> the key that can sign a transaction is the only prerequisite to
> spending bitcoin, putting the control entirely in the hands of each
> user.
>
>
> Is the security of a bitcoin wallet ultimately determined by it's password?
> The way I see it If an attacker had access to my computer, the only
> thing protecting access to the wallet would be a password or some
> iteration of a password scheme, if not mine than a centralized server
> of trust somewhere, but eventually someone has a password that is used
> to, unlock a bitcoin. Is that correct reasoning or are there
> alternatives?
>
> Thanks,
> James
>



error trying to load C/XS Perl module

2017-11-15 Thread Alceu Rodrigues de Freitas Junior

Hello folks,

I'm struggling to get installed the module PerlIO::eol by downloding it 
from CPAN and installing it.


I tried with both the standard perl in OpenBSD 6.1 and also one that I 
compiled with perlbrew, but the results are the same (after the classic 
"perl Makefile.PL; make"):


bash-4.4$ prove -l -m -v t/1-basic.t
t/1-basic.t ..
1..23
not ok 1 - use PerlIO::eol;
#   Failed test 'use PerlIO::eol;'
#   at t/1-basic.t line 4.
# Tried to use 'PerlIO::eol'.
# Error:  Can't locate loadable object for module PerlIO::eol in 
@INC (@INC contains: /home/vagrant/.cpan/build/PerlIO-eol-0.16-1/lib 
/home/vagrant/perl5/perlbrew/perls/perl-5.26.1/lib/site_perl/5.26.1/OpenBSD.amd64-openbsd 
/home/vagrant/perl5/perlbrew/perls/perl-5.26.1/lib/site_perl/5.26.1 
/home/vagrant/perl5/perlbrew/perls/perl-5.26.1/lib/5.26.1/OpenBSD.amd64-openbsd 
/home/vagrant/perl5/perlbrew/perls/perl-5.26.1/lib/5.26.1) at 
t/1-basic.t line 4.

# Compilation failed in require at t/1-basic.t line 4.
# BEGIN failed--compilation aborted at t/1-basic.t line 4.
Bareword "CR" not allowed while "strict subs" in use at t/1-basic.t line 6.
Bareword "LF" not allowed while "strict subs" in use at t/1-basic.t line 6.
Bareword "CRLF" not allowed while "strict subs" in use at t/1-basic.t 
line 6.

Execution of t/1-basic.t aborted due to compilation errors.
# Looks like your test exited with 255 just after 1.
Dubious, test returned 255 (wstat 65280, 0xff00)
Failed 23/23 subtests

Test Summary Report
---
t/1-basic.t (Wstat: 65280 Tests: 1 Failed: 1)
  Failed test:  1
  Non-zero exit status: 255
  Parse errors: Bad plan.  You planned 23 tests but ran 1.
Files=1, Tests=1,  0 wallclock secs ( 0.02 usr  0.04 sys +  0.04 cusr 
0.06 csys =  0.16 CPU)

Result: FAIL
bash-4.4$

I even tried to export LD_LIBRARY_PATH to the current directory, didn't 
work either.


In the past, I had problems with libs dependencies because installing 
them through pkg_add were putting them over /usr/local/lib, and libpth 
variable in Perl was not searching over there:


-bash-4.4$ perl -v | head -2

This is perl 5, version 24, subversion 1 (v5.24.1) built for amd64-openbsd
-bash-4.4$ perl -V | grep libpth
libpth=/usr/lib /usr/lib

But I don't think that's the case here since the object I'm trying to 
load is on my current directory:


bash-4.4$ ls
Changes   LICENSE~  META.json MYMETA.ymlREADME 
dist.ini  eol.c eol.xslib   t
Changes~  MANIFEST  META.yml  Makefile  README~ 
dist.ini~ eol.h eol.xs~   perl.core write.h
LICENSE   MANIFEST.SKIP MYMETA.json   Makefile.PL   blib 
eol.bseol.o fill.hpm_to_blibxt


The core file over there didn't gave any hints when using "gdb -c" with it.

Thanks!
Alceu



[ot] Security of my bit coin wallet

2017-11-15 Thread James
While a little off topic it is security related so I hope you don't mind.

This is the misc list, right?

Assumption 1.
bitcoin is a secure protocol without flaws.

quote from 
https://github.com/bitcoinbook/bitcoinbook/blob/second_edition/ch01.asciidoc

With these keys they can sign transactions to unlock the value and
spend it by transferring it to a new owner. Keys are often stored in a
digital wallet on each user’s computer or smartphone. Possession of
the key that can sign a transaction is the only prerequisite to
spending bitcoin, putting the control entirely in the hands of each
user.


Is the security of a bitcoin wallet ultimately determined by it's password?
The way I see it If an attacker had access to my computer, the only
thing protecting access to the wallet would be a password or some
iteration of a password scheme, if not mine than a centralized server
of trust somewhere, but eventually someone has a password that is used
to, unlock a bitcoin. Is that correct reasoning or are there
alternatives?

Thanks,
James