Re: new dell install completed, but...

. -- = Joel Sing | [EMAIL PROTECTED] | 0419 577 603 = Real stupidity beats artificial intelligence every time. - Terry Pratchett

Re: wireless access point woes (ral device)

). -- = Joel Sing | [EMAIL PROTECTED] | 0419 577 603 = Real stupidity beats artificial intelligence every time. - Terry Pratchett, Hogfather

Re: PoPToP Vulnerability Question

. -- = Joel Sing | [EMAIL PROTECTED] | 0419 577 603 = Real stupidity beats artificial intelligence every time. - Terry Pratchett, Hogfather

Re: What is our ultimate goal??

not exhibit these same performance problems. Have you done any benchmarks? -- = Joel Sing | [EMAIL PROTECTED] | 0419 577 603

Re: Ethernet on ASUS EEE PC?

...when checking out the CVS tree. If anyone can point out what information would be pertinent for including in a PR, I would gladly comply. Thanks. -- = Joel Sing | [EMAIL PROTECTED] | 0419 577 603

Re: SGI install -current: autoboot failed

'') to ``boot'' - it's still looking for the IRIX boot loader. This is easily done by typing ``setenv OSLoader boot at the ARCS console (enter Maintenance Mode and select ``Enter Command Monitor). -- = Joel Sing

Re: SGI install -current: autoboot failed

! -- = Joel Sing | [EMAIL PROTECTED] | 0419 577 603 = Real stupidity beats artificial intelligence every time. - Terry Pratchett, Hogfather

Re: web development on OpenBSD

- I highly recommend it: http://www.masonhq.com/ -- = Joel Sing | [EMAIL PROTECTED] | 0419 577 603 = Real stupidity

Re: Is it necessary to recompile just to apply a security patch?

. -- = Joel Sing | [EMAIL PROTECTED] | 0419 577 603 = Real stupidity beats artificial intelligence every time. - Terry Pratchett

Re: acer aspire one dmesg?

. -- = Joel Sing | [EMAIL PROTECTED] | 0419 577 603 = Real stupidity beats artificial intelligence every time. - Terry Pratchett, Hogfather

Re: softraid(4): how to reassemble a volume

On Wednesday 30 November 2011, Mattieu Baptiste wrote: Hi all, I'm trying to reassemble a softraid(4) volume, created with the 'force' flag. When I'm trying: # bioctl -C force -c C -l /dev/sd1a softraid0 softraid0: chunk sd1a already in use bioctl: ioctl: Invalid argument According to the

Re: Layered softraid

On Thursday 15 December 2011, Jonathan Perkin wrote: I read a long time ago that layered softraid wasn't supported, and when looking recently I didn't read anything which suggested that had changed, however on the off-chance I tried it out and it seems to work ok - at least in limited testing

Re: Softraid raid 5 throughput problem

On Monday 16 January 2012, keith wrote: I built a storage server to run the Bacula storage daemon on. My plan was to boot of a usb key then to use the four 2TB sata disks that are in the server as a softraid raid 5 volume. The server in question is a dell poweredge R310, i3 CPU 540 @ 3.07GHz

Re: Panic with degraded softraid RAID 5 array

On Monday 23 January 2012, Matt Behrens wrote: Been playing with 5.1-beta (Jan. 21 build) in the interests of seeing what I need to get together to set up my next system. I was hoping to do it with three drives, booting from a softraid RAID 5 volume. From bioctl(8): CAVEATS Use of the

Re: fstab ext2fs duid patch

On Thursday 02 June 2011, Luca Corti wrote: This is basically a rip off of ntfs_vfsops.c r1.25 and allows the use of DUIDs in fstab for ext2fs. Unfortunately, it is a little more complex than this due to the existing error handling code. Could you try the following diff? Index: ext2fs_vfsops.c

Re: DUID base root device for kernel

On Thursday 06 October 2011, Jiri B wrote: would be possible to tell kernel via `bsd -a' or with extended boot.conf configuration capabilities to use a root device defined with DUID? Short answer, no. My intend is to boot from an external usb stick and to have root device in the box

Re: no-df option for pf reassembly is backwards?

is: $ dig +dnssec +bufsize=4096 -t any org @a0.org.afilias-nst.info The documentation is correct, however the code was not. This has just been fixed in r1.120 of pf_norm.c. Thanks for the report. -- = Joel

Re: softraid not building on boot

On Wednesday 09 December 2009, nixlists nixlists wrote: Hi. My 'softraid' mirror is not being detected and assembled at the boot time. I must run 'bioctl' to assemble it after a reboot. This started happening after I removed another softraid mirror from the box (physically - the card and the

Re: RAID1 : offline - online (how to?)

On Monday 22 February 2010, Rogier Krieger wrote: On Sun, Feb 21, 2010 at 19:47, Jean-Francois jfsimon1...@gmail.com wrote: Seems appropriate in the latest man, but did not appear in my man page. The -R is'nt available in version 4.4 ? any way to proceed ? As far as I know, softraid didn't

Re: RAID1 : offline - online (how to?)

On Monday 22 February 2010, Jean-Francois wrote: Making again the test on 4.6 Now I have bioctl: BIOCCREATERAID: Invalid argument however on a another machine. Am I wrong in any point ? Is there any need to compile raid into the kernel as I saw here ? http://www.argon18.com/raid_openbsd.html

Re: 4.6 reboots x336 ibm server(s)

On Friday 12 March 2010, FRLinux wrote: Hey guys, sent an acpi dump with dmesg info a couple of months ago to this list hoping the developers might be able to fix this. Just letting you know that 4.7 snapshot still reboots the box unless you disable ppb*. Any way i can help? The issue has

Re: OpenBSD 4.8: is diskmap(4) missing ?

On Saturday 06 November 2010, Remco wrote: An earlier post to misc@ made me look into diskmap(4), but the man page seems to be missing: This was a fresh install from CD: # uname -a OpenBSD srv000.home.lan 4.8 GENERIC.MP#335 amd64 # man diskmap man: no entry for diskmap in the manual. # ls

Re: 1gbit LAN/NIC performance, queue speed bug?

On Tuesday 16 November 2010, Robert Lewandowski wrote: Hello, PROBLEM: transfer speed is ONLY HALF if queue is defined in pf.conf although queue is 950Mbit (1000Mbit-5%) pf disabled: 768 Mbits/sec pf enabled, queue 950Mbit: 337 Mbits/sec ANALYSIS: - OpenBSD 4.8 default intallation. -

Re: softraid - best practice?

On Thursday 18 November 2010, Uwe Dippel wrote: Just had a problem with softraid on a 4.6 box. No, I don't ask to solve it, it needed urgent replacement, and so I did. What I would like to ask for, is advice on best practices for softraid under OpenBSD, to prevent similar things from happening

Re: softraid metadata change 4.7 - 4.8

On Friday 07 January 2011, Rodolfo Gouveia wrote: On 01/06/2011 05:43 PM, Nick Holland wrote: [snip] What new feature are you after? Does that feature apply to crypto softraid? There's the answer. :) None actually. :-) I was just being cautious not run in problems with an old softraid

Re: meaning of pflog / tcpdump output

On Sunday 23 January 2011, Johan Helsingius wrote: Matteo, all you need is at http://www.openbsd.org/cgi-bin/man.cgi?query=tcpdumpapropos=0sektion=0; manpath=OpenBSD+Currentarch=i386format=html Thanks, but as I wrote: I am getting a fair bit of log lines that are shown as rule

Re: DUID's and fstab

On Tuesday 12 April 2011, Alexander Polakov wrote: I am probably misunderstanding something, but are DUID's supposed to be used in place of device filenames in fstab? I suppose they are, so this looks strange to me: % sudo mount f777cc5bbeded528.a mount: can't find fstab entry for

Re: ctrl+alt+backspace bypasses xlock and allows terminal access

On Saturday 24 March 2012, Brett wrote: On Fri, 23 Mar 2012 22:30:40 -0400 Nick Holland n...@holland-consulting.net wrote: On 03/23/12 22:02, Brett wrote: On Sat, 24 Mar 2012 02:43:53 +0100 Henning Brauer lists-open...@bsws.de wrote: * Brett brett.ma...@gmx.com [2012-03-24 01:56]:

Re: disklabel error in softraid crypto volume after updating to 5.0/5.1

On Tuesday 22 May 2012, Rodolfo Gouveia wrote: Hi all, I was running 4.9 on this server and finally got it updated to 5.0 and right after to 5.1. But security(8) now gives me this: disklabel: partition a: partition extends past end of unit sd1 is a softraid crypto volume and running

Re: one keydisk to access multiple encrypted systems

On Sat, Aug 25, 2012 at 05:08:31PM +0200, Erling Westenvik wrote: On Sat, Aug 25, 2012 at 07:03:42AM -0600, Aaron wrote: It is possible if you use different partitions on the same drive, however, you would have to run -P twice ( once for each volume ). Sorry for not mentioning that

Re: nasm problem - Probably not.

On Mon, 15 Oct 2012, Chris Bennett wrote: I went and tried files I had produced many months ago and I get same error! ./cat[1]: syntax error: `(' unexpected I don't think the problem is with nasm, but something else? For some reason the kernel does not think it is a valid executable - can

Re: http/https timeouts with OpenBSD based firewall

On Tue, 23 Oct 2012, Marcin wrote: Hi, I recently upgraded to 5.1, but I was able to reproduce the issue described below with 4.8, 5.0 and 5.2 snapshot. After the upgrade I discovered that workstations behind the OpenBSD firewall experience occasional timeouts while trying to access web

Re: crypto volume damaged after crash

On Thu, 8 Nov 2012, Erling Westenvik wrote: I'm running current on a ThinkPad T500 with a fully encrypted disk (sd0) and using a usb keydisk (sd1) to assemble the crypto volume on sd2. Last snapshot upgrade was around 11th of October. Yesterday the machine suddenly stopped responding to

Re: Watchdog timeout reset in 5.2 on intel nics

On Thu, 22 Nov 2012, Kapetanakis Giannis wrote: Doing Per-Olov's advice on http://marc.info/?l=openbsd-miscm=133771632704741w=2 and applying the following, fixes the problem. Should I stick with this or is there another reason it has not been included in current so far? Yes - it is a work

Re: vnd and softraid panic

On Mon, 31 Dec 2012, Eivind Evensen wrote: Hello. Trying to play around a bit with softraid using vnd reliably results in a panic when assembling the raid volume. I think the first time I tried this was around 4.9 so it's not something new. While the combination of vnd and softraid may not

Re: do we have a Perl interface to sysctl(3)?

On Tue, 15 Jan 2013, Jonathan Thornburg wrote: I wrote | FreeBSD has the BSD-Sysctl perl module available from CPAN, which would | be ideal for my purposes... except that it doesn't (yet) support OpenBSD. On Mon, 14 Jan 2013, Philip Guenther wrote: So, uh, what fails if you try to build

Re: openbsd 5.2 on soekris softraid boot error code 91

On Tue, 15 Jan 2013, Martin Kjær Jørgensen wrote: Hi I've just installed OpenBSD 5.2 on my Soekris 6501. Im using two WDC WD2500BPVT-22JJ5T0 disks in RAID1. Installation goes well and the system boots fine the first time. After reboot I'm greeted with the following error: Using drive 0,

Re: vnd and softraid panic

On Thu, 3 Jan 2013, Eivind Evensen wrote: On Mon, Dec 31, 2012 at 07:21:08PM +1100, Joel Sing wrote: On Mon, 31 Dec 2012, Eivind Evensen wrote: Hello. Trying to play around a bit with softraid using vnd reliably results in a panic when assembling the raid volume. I think the first

Re: vnd and softraid panic

On Wed, 30 Jan 2013, Eivind Evensen wrote: On Wed, Jan 23, 2013 at 02:33:16AM +1100, Joel Sing wrote: On Thu, 3 Jan 2013, Eivind Evensen wrote: On Mon, Dec 31, 2012 at 07:21:08PM +1100, Joel Sing wrote: On Mon, 31 Dec 2012, Eivind Evensen wrote: Hello. Trying to play

Re: Advice for handling softraid reporting i/o error

On Mon, 4 Feb 2013, Erling Westenvik wrote: On Sun, Feb 03, 2013 at 11:11:17AM +0530, Girish Venkatachalam wrote: I hate to say it but I am sure your hard disk is dying. Replace it ASAP No no, that's all right. Death is an inevitable part of life. I know the disk is dying and I'm going to

Re: softraid RAID1 + CRYPTO error writing metadata

On Fri, 8 Feb 2013, Scott McEachern wrote: I get a rather curious error when shutting down a machine with a RAID 1 setup that contains a crypto partition and a normal partition: syncing disks... done sd3 detached softraid0: I/O error 5 on dev 0x433 at block 16 softraid0: could not write

Re: softraid RAID1 + CRYPTO error writing metadata

On Sat, 9 Feb 2013, Jiri B wrote: On Sat, Feb 09, 2013 at 02:56:47AM +1100, Joel Sing wrote: While stacked softraid volumes generally work, they are not officially supported (for a variety of reasons). The problem that you mention above is due to the way that softraid volumes are shutdown

Re: softraid RAID1 + CRYPTO error writing metadata

On Sat, 9 Feb 2013, Stuart Henderson wrote: On 2013-02-08, Paul de Weerd we...@weirdnet.nl wrote: On Fri, Feb 08, 2013 at 01:54:27PM -0500, Scott McEachern wrote: | What kind of hardware do you have powering those machines? Besides, | I don't use the crypto partition too often and I really

Re: softraid RAID1 + CRYPTO error writing metadata

On Sat, 9 Feb 2013, Scott McEachern wrote: On 02/08/13 11:26, Joel Sing wrote: On Sat, 9 Feb 2013, Jiri B wrote: On Sat, Feb 09, 2013 at 02:56:47AM +1100, Joel Sing wrote: While stacked softraid volumes generally work, they are not officially supported (for a variety of reasons

Re: softraid RAID1 + CRYPTO error writing metadata

On Sat, 9 Feb 2013, Andy Bradford wrote: Thus said Joel Sing on Sat, 09 Feb 2013 16:44:11 +1100: umount via DUID does not work currently - this will be fixed shortly after the next release freeze has ended. Will that also include shutdown of softraid via DUID? e.g., bioctl -d DUID

Re: Softraid 3TB Problems

On Sun, 3 Mar 2013, Brandon Tanner wrote: Anyone else having trouble getting bioctl to see more than 2TB when creating softraid0? I've got 2 x 3TB drives, BIOS sees them fine. dmesg on bootup: sd1 at scsibus0 targ 3 lun 0: ATA, ST3000DM001-1CH1, CC24 SCSI3 0/direct fixed

Re: Softraid 3TB Problems

On Sun, 3 Mar 2013, Brandon Tanner wrote: By the way, does softraid on amd64 support 4096 bytes per sector? No. There is a large amount of work required to fix this since everything in softraid was originally designed around 512-byte blocks. It is somewhere on my TODO list, however I do not

Re: OBSD Router FW's and Centos TCP DUP ACK issues

On Tue, 23 Apr 2013, keith scott wrote: After changing the following line on our edge Firewalls PC.conf the Centos server that was unusable is now usable. I've done another tcp dump and there are still lot's of TCP ACT DUP's but not as many as there were before, match on $ExtIf scrub

Re: Failure to upgrade 5.2 to 5.3 with softraid

On Wed, 15 May 2013, tichodr...@free.fr wrote: Hello everyone. I failed to upgrade my server from 5.2 to 5.3, probably because of a bad answer to the 'Root filesystem?' question. Setup: - HP ProLiant MicroServer N40L server, amd64, GENERIC kernel - Two disks (sd0, sd1) in softraid (sd2) -

Re: Failure to upgrade 5.2 to 5.3 with softraid

On Thu, 16 May 2013, Joel Sing wrote: On Wed, 15 May 2013, tichodr...@free.fr wrote: Hello everyone. I failed to upgrade my server from 5.2 to 5.3, probably because of a bad answer to the 'Root filesystem?' question. Setup: - HP ProLiant MicroServer N40L server, amd64, GENERIC

Re: Softraid performance: CRYPTO on top of RAID 1?

On Tue, 2 Jul 2013, Erling Westenvik wrote: Hi folks, Anyone having any experience with putting an softraid CRYPTO partition on top of a softraid RAID 1? In terms of performance? I'd like to build a file server that favors redundancy, availability and privacy over performance. The latter

Re: Softraid performance: CRYPTO on top of RAID 1?

On Thu, 4 Jul 2013, Jiri B wrote: On Thu, Jul 04, 2013 at 02:33:51AM +1000, Joel Sing wrote: [...snip...] FWIW one of my servers (handles mail, etc) is a Sun Fire V210 (sparc64) machine with 2x1GHz CPU, 2GB RAM and a pair of SCSI drives - it runs perfectly well in a similar CRYPTO on RAID 1

Re: Automatically direct to serial console BEFORE passphrase prompt on FDE (i386)

On Sat, 20 Jul 2013, Erling Westenvik wrote: On Fri, Jul 19, 2013 at 01:16:44PM -0400, Kenneth R Westerback wrote: On Fri, Jul 19, 2013 at 06:15:49PM +0200, Erling Westenvik wrote: Maybe a stupid question, but is it possible to have a i386 machine configured with FDE to automatically

Re: ntfs with big files

On Thu, 10 Oct 2013, Manuel Giraud wrote: Hi, I have a ntfs partition with rather large (about 3GB) files on it. When I copy these files on a ffs partition they are corrupted. When I try to checksum them directly from the ntfs partition the checksum is not correct (compared to the same file

Re: Softraid crypto questions

On Tue, 5 Nov 2013, Jeff Clarke wrote: I've read that softraid crypto uses AES256-XTS for encryption. Can the algorithm be changed? Not currently. Also, how long can the passphrase be? I've red the faq and the manpages and didn't see anything. A key is derived from the passphrase using

Re: Softraid crypto questions

On Tue, 5 Nov 2013, Joel Sing wrote: On Tue, 5 Nov 2013, Jeff Clarke wrote: I've read that softraid crypto uses AES256-XTS for encryption. Can the algorithm be changed? Not currently. Also, how long can the passphrase be? I've red the faq and the manpages and didn't see anything

Re: Does softraid RAID1 evenly distribute the read load?

On Thu, 7 Nov 2013, Federico Giannici wrote: For a decision I have to do, I have to know if the RAID1 implementation in softraid evenly distributes the read load through all the disks. Yes, reads are interleaved across all online chunks. So, for example: with a two identical disks RAID1

Re: ntfs with big files

On Sat, 19 Oct 2013, David Vasek wrote: On Thu, 17 Oct 2013, David Vasek wrote: On Fri, 11 Oct 2013, Joel Sing wrote: On Thu, 10 Oct 2013, Manuel Giraud wrote: Hi, I have a ntfs partition with rather large (about 3GB) files on it. When I copy these files on a ffs partition

Re: Oddity with httpd/mod_ssl: missing HTTPS environment variable on non _default_ vhosts

On Tue, 18 Feb 2014, Olivier Mehani wrote: Hi all, I have been battling with this issue for far too long, and I am at wits end. I have an OpenBSD 5.4 machine, with httpd serving pages successfully over both HTTP and HTTPS (with a CaCert-issued certificate). I want to serve multiple sites

Re: softeaid rebuild very slow

On Sun, 13 Apr 2014, John Cox wrote: Hi I'm running OpenBSD 5.4 (dmesg below) with softraid in mirror mode. One of the drives failed so I replaced it - the first time that RAID has actually saved my data as opposed to simply making my life harder! Thank you softraid. They are 3T drives and

Re: Why doesn't GCM HTTPS work with nginx?

On Thu, 3 Jul 2014, Ez Egy wrote: Since these two are using GCM: www.ssllabs.com: ECDHE-RSA-AES256-GCM-SHA384 www.google.com: ECDHE-RSA-AES128-GCM-SHA256 We wanted to make our webserver HTTPS connection more secure (don't look at the self-signed certificate, that doesn't count right now..)

Re: LibreSSL: in-place replacement on FreeBSD?

On Sat, 12 Jul 2014, Jens K. Loewe wrote: Not sure where to leave this one (is there a separate LibreSSL mailing iist available somewhere?), but I have just read the announcement that LibreSSL 2.0 is available for FreeBSD too. Can I use it as an in-place replacement for my existing OpenSSL

Re: softraid not bootable in 5.4 after visiting 5.5

On Tue, 5 Aug 2014, Raimo Niskanen wrote: On Thu, Jul 31, 2014 at 06:12:49PM +0200, Raimo Niskanen wrote: Hello misc@ I once created an USB stick (uSDHC card with reader, actually) using OpenBSD 5.4 (might have been an earlier that I later binary upgraded) that contains a softraid

Re: softraid not bootable in 5.4 after visiting 5.5

On Wed, 6 Aug 2014, Raimo Niskanen wrote: On Wed, Aug 06, 2014 at 01:04:23AM +1000, Joel Sing wrote: On Tue, 5 Aug 2014, Raimo Niskanen wrote: On Thu, Jul 31, 2014 at 06:12:49PM +0200, Raimo Niskanen wrote: Hello misc@ I once created an USB stick (uSDHC card with reader, actually

Re: Changing naming order of HDD SD drives on boot by kernel

On Fri, 15 Aug 2014, Denis Lapshin wrote: My fstab has identity for main boot HDD: 548ac03903a985e9.a / ffs rw 1 1 548ac03903a985e9.g /home ffs rw,nodev,nosuid 1 2 548ac03903a985e9.d /tmp ffs rw,nodev,nosuid 1 2 548ac03903a985e9.f /usr ffs rw,nodev 1 2 548ac03903a985e9.e /var ffs

Re: openssl in startx/xinit: trying again

On Fri, 29 Aug 2014, Nicholas Fleisher wrote: I found another place where the path to the openssl binary needs to be updated. Here is a pair of diffs: one for configure and one for configure.ac Thanks. According to matthieu@, the hardcoded paths to /usr/sbin/openssl should not be used if

Re: Update path to openssl in startx

On Fri, 29 Aug 2014, Nicholas Fleisher wrote: Hi all, Just upgraded to Aug 26 snapshot (amd64) and followed the current.html instructions, including deleting the old /usr/sbin/openssl. Upon trying to start X using startx, I got an error saying that the cookie couldn't be set because

Re: bioctl weirdness

On Wed, 24 Sep 2014, Dan Becker wrote: two identical drives... shutdown system remove one turn the system back on bioctl shows the partitions as 536871980544 which is 137. something times bigger than the drive oddly enough it is 512 times the size of the partition 536871980544/1048578087

Re: bioctl weirdness

On Wed, 24 Sep 2014, Dan Becker wrote: forgot to add this relevant part # bioctl -R /dev/wd0a sd1 softraid0: wd0a partition too small, at least 536871980544 bytes required # Again, note the bytes vs blocks. That has most likely been fixed already, however without a dmesg I have no idea what

Re: multiple calls to OpenSSL_add_all_algorithms

On Thu, 23 Oct 2014, Martijn van Duren wrote: Hello misc@, I'm currently trying to write a library that heavily relies on libcrypto. Because I don't want applications linking to it, to have to call OpenSSL_add_all_algorithms, for convenience, I added those calls to the appropriate places in

Re: crypto softraid and keydisk on same harddrive

On Tue, 28 Oct 2014, Patrik Lundin wrote: Thank you Stefan for taking a look, see comments inline: On Mon, Oct 27, 2014 at 12:32:30PM +0100, Stefan Sperling wrote: On Sun, Oct 26, 2014 at 09:19:25PM +0100, Patrik Lundin wrote: # disklabel -E wd0 Create the following partitions (in this

Re: crypto softraid and keydisk on same harddrive

On Wed, 29 Oct 2014, Joel Sing wrote: On Tue, 28 Oct 2014, Patrik Lundin wrote: [snip] Since I am not able to boot on the device i have to run installboot as the last step in the installer. For this i need to add -r /mnt (of course the following is also copied by hand

Re: crypto softraid and keydisk on same harddrive

On Wed, 29 Oct 2014, Patrik Lundin wrote: On Wed, Oct 29, 2014 at 01:24:30AM +1100, Joel Sing wrote: You could try this (only compile tested) diff: I tried this diff on 5.5-stable and it appeared to solve my problem! The system now boots from sr0a without asking for a passphrase. Overwriting

Re: softraid crypto root with serial console?

On Thu, 6 Nov 2014, TJ wrote: On Wed, Nov 05, 2014 at 11:33:21PM -0500, Ted Unangst wrote: On Wed, Nov 05, 2014 at 23:04, John Merriam wrote: Hello. I am trying to create a 'headless' setup using a softraid crypto root with serial console on OpenBSD 5.6-release amd64. I have

Re: ssl handshake errors with python

On Thu, 6 Nov 2014, Rusty wrote: On 11/05/14 20:04, Joel Sing wrote: On Thu, 6 Nov 2014, Ted Unangst wrote: I see errors trying to download some https URLs using python, but the base ftp client isn't affected. 5.6 release and current. One example is https://www.duosecurity.com/feed

Re: freeradius problem - ephemeral RSA key generation

On Wednesday 31 December 2014, Kapetanakis Giannis wrote: Hi, After upgrading to latest snapshot I have problems with freeradius 2.2.5 package not starting. Especially the problem occurs in loading of module eap-tls rlm_eap_tls: Couldn't set ephemeral RSA key rlm_eap: Failed to initialize

Re: freeradius problem - ephemeral RSA key generation

On Wednesday 31 December 2014, Kapetanakis Giannis wrote: On 31/12/14 04:37, Joel Sing wrote: On Wednesday 31 December 2014, Kapetanakis Giannis wrote: Hi, After upgrading to latest snapshot I have problems with freeradius 2.2.5 package not starting. Especially the problem occurs

Re: freeradius problem - ephemeral RSA key generation

On Wednesday 31 December 2014, Kapetanakis Giannis wrote: On 31/12/14 11:29, Joel Sing wrote: Well I've already made it working last night by adding a check for SSL_CTX_need_tmp_RSA before calling SSL_CTX_set_tmp_rsa Excellent. You might want to see if you can get that upstream. Yes

Re: Too much SUID/SGID files!

On Tuesday 06 January 2015, whoami toask wrote: Hello, isn't there too much SUID/SGID files on a default OpenBSD install? Can this number be reduced? Of course it can! $ find / -perm -4000 -o -perm -2000 -exec chmod 0 {} \; Example: why does wall, write, modstat need an SGID? # uname -a

Re: postgresql-server exiting abnormally after upgrade to -snapshot

On Saturday 14 February 2015, Hugo Osvaldo Barrera wrote: On 2015-02-14 02:28, Abel Abraham Camarillo Ojeda wrote: On Sat, Feb 14, 2015 at 2:12 AM, Hugo Osvaldo Barrera h...@barrera.io wrote: On 2015-02-13 13:20, Stuart Henderson wrote: On 2015-02-12, Hugo Osvaldo Barrera

Re: smtpd outbound SSL3_GET_KEY_EXCHANGE:bad dh p length

On Tuesday 31 March 2015, Marcus MERIGHI wrote: Hello, frankenstein warning: stable.mtier.org, all patches applied the mail server in question doesn't deliver to a certain destination (Network error on destination MXs). Other destinations work. When I connect manually I can send messages

Re: questions to the security of softraid_crypto

On Monday 02 March 2015, Peter J. Philipp wrote: On 03/01/15 23:17, Ted Unangst wrote: Peter J. Philipp wrote: Hi, I am not the best C reader and programmer out there so I try to make myself tools that may seem useless in order to better understand. I see this in

Re: OpenBSD 5.7 httpd tls intermediate/chain certificate problem

On Thursday 14 May 2015, Michal Lesniewski wrote: Hello, I'm trying to configure OpenBSD 5.7 httpd with tls with intermediate/chain certificate without no success. my httpd.conf: server default { listen on 10.11.0.200 tls port 443 tls { certificate

Re: OpenBSD 5.7 httpd tls intermediate/chain certificate problem

On Thursday 14 May 2015, Michal Lesniewski wrote: On 14.05.2015 15:02, Joel Sing wrote: On Thursday 14 May 2015, Michal Lesniewski wrote: Hello, I'm trying to configure OpenBSD 5.7 httpd with tls with intermediate/chain certificate without no success. my httpd.conf: server

Re: Softraid 1 takes forever to declare disk space free after delete

On Saturday 13 June 2015, Joel Sing wrote: On Friday 12 June 2015, Noth wrote: Hi misc@ I've got a couple of softraid 1 volumes on a server and the /home one was filling up a bit too much so I had to delete a bunch of isos and other non necessary items. I did this yesterday

Re: Softraid 1 takes forever to declare disk space free after delete

On Friday 12 June 2015, Noth wrote: Hi misc@ I've got a couple of softraid 1 volumes on a server and the /home one was filling up a bit too much so I had to delete a bunch of isos and other non necessary items. I did this yesterday and it still hasn't cleared the disk space completely

Re: Unbound(8) error: could not set SSL_OP_NO_SSLv2

On Monday 26 October 2015 10:42:01 Gerald Hanuer wrote: > Hello misc@, > > Unbound(8) in current errors out, not starting. > > This is not a bug report. > If this is known to devs@ please disregard. > > > /usr/bin/unbound -v > > Version 1.5.4 > linked libs: libevent 1.4.15-stable (it

Re: Killing Rebound(8) in current hard locks system.

On Wednesday 28 October 2015 21:26:16 Ted Unangst wrote: > Gerald Hanuer wrote: > > Hello misc@, > > > > Killing Rebound(8) in current hard locks system. > > Thanks. We've found the cause of the bug. Now we're trying to find the bug. > :) This is fixed with r1.66 of sys/kern/kern_event.c.

Re: How to create "paranoid" cipher list in httpd.conf

On Tuesday 01 September 2015 15:14:17 Andreas Thulin wrote: > Hi misc readers! > > This is my first attempt to ask for help using misc@openbsd.org, so please > bear with me if I'm making mistakes. Also, apologies if I'm asking about > something recently discussed. > > I want to limit the number

Re: SR RAID5 rebuild/stability issue.

On Tuesday 22 September 2015 09:58:57 Karel Gardas wrote: > On Tue, Sep 22, 2015 at 3:20 AM, Chris Cappuccio wrote: > > Karel Gardas [gard...@gmail.com] wrote: > >> Let me ask, should SR RAID5 survive such testing or is for example > >> rebuilding with off-lined drive considered

Re: SR RAID5 rebuild/stability issue.

On Monday 21 September 2015 23:02:39 Karel Gardas wrote: > Hello, > > due to work on SR RAID1 check summing support where I've touched SR > RAID internals (workunit scheduling) I'd like to test SR RAID5/6 > functionality on snapshot and on my tree to see that I've not broken > the stuff while

Re: encrypted disk image

On Friday 20 May 2016 18:38:08 Ted Unangst wrote: > Peter Wens wrote: > > On a encrypted (sd1) OpenBSD 5.9 install (amd64, (qemu, virtio)): > > > > I created a diskimage (dd if=/dev/urandom of=disk.img bs=1m count=100 > > vnconfig vnd0 disk.img > > fdisk -iy vnd0 > > disklabel -E vnd0 ( a a RAID)

Re: bringing degraded softraid online

On Saturday 06 February 2016 16:09:53 Johan Huldtgren wrote: > > Not sure. Perhaps these drives don't have good meta data due to the > > crash? > > Can you set sr_debug = SR_D_STATE | SR_D_META and see if that prints > > anything informative? > > well we now get lots more: > > softraid0 at root

Re: error building -stable 6.0/amd64 from source on qemu

On Tuesday 20 September 2016 09:54:31 soko.tica wrote: > Hello, > > In trying to build -stable from source, I get an error. I have downloaded > and unterred sys.tar.gz and src.tar.gz according to > http://www.openbsd.org/faq/faq5.html#Release and updated the sources > through cvs, according to

Re: error building -stable 6.0/amd64 from source on qemu

On Tuesday 20 September 2016 18:26:42 Joel Sing wrote: > On Tuesday 20 September 2016 09:54:31 soko.tica wrote: > > Hello, > > > > In trying to build -stable from source, I get an error. I have downloaded > > and unterred sys.tar.gz and src.tar.gz according to > >

Re: What are the security features in OpenBSD 6.0 that are by default disabled?

On Friday 14 October 2016 18:19:21 Bryan Linton wrote: > On 2016-10-14 09:21:24, Peter Janos wrote: > > Hello, > > > > [snip] > > > > ps.: it would be nice to have a feature in the default installer to > > install > > with full disc encryption :) we still have to escape to

Re: Tor no longer works on -current ?

On Saturday 07 January 2017 21:14:29 Olivier Antoine wrote: > Hi all, > > Is it only me or Tor no longer works on -current ? I believe this should already be rectified in -current (via a partial reversion of src/lib/libcrypto/x509/x509_vfy.c r1.54). Thanks for the report. > Every port or

Re: Unable to boot encrypted drive

On Friday 06 January 2017 15:23:32 Timo Myyrä wrote: > Here's the output of installboot on running system: > $ doas installboot -v sd1 > Using / as root > installing bootstrap on /dev/rsd1c > using first-stage /usr/mdec/biosboot, second-stage /usr/mdec/boot > sd1: softraid volume with 1 disk(s) >

Re: Unable to boot encrypted drive

On Friday 06 January 2017 12:24:02 Timo Myyrä wrote: > And found it. Seems the efi partitions boot loader isn't updated. It should be - `installboot -r /mnt ${disk}` is run at the end of the upgrade. > Manually copying the efi bootloader fixed the boot: >

Re: Encryption

On Wednesday 22 March 2017 18:17:12 Jan Betlach wrote: > Solene, Ken, > > thanks a lot for quick responses. Primarily I need to protect the laptop > against losing/stealing it. Therefore FDE would be ideal, however I've red > somewhere that FDE is not officially supported on OpenBSD. This is

  1   2   >