Re: chrooted sftponly - how ?

:) - Lukasz Sztachanski [1] http://monkey.org/~dugsong/openbsd/stsh-1.1.tar.gz -- 0x01A3E654 // 7832 E59C B733 9E6F CB54 6327 DFC1 161E 01A3 E654 *new keys* http://entropy.pl http://entropy.pl/?blog

Re: Opinion of MySQL 5.xx on OpenBSD 3.9...

doing smth wrong: mysql Ver 12.22 Distrib 4.0.27, for unknown-openbsd3.8 (i386) Uptime: 94 days 17 hours 17 min 50 sec ~26 databases( mostly evil bulletin boards). - Lukasz Sztachanski -- 0x058B7133 // 16AB 4EBC 29DA D92D 8DBE BC01 FC91 9EF7

Re: Question regarding mailserver setup

some hints( it covers DCC setup). - Lukasz Sztachanski [1] http://flakshack.com/anti-spam/wiki/index.php -- 0x058B7133 // 16AB 4EBC 29DA D92D 8DBE BC01 FC91 9EF7 058B 7133 http://entropy.pl http://entropy.pl/?blog

Re: Alternative superuser aside from root

. Name doesn't matter too much, unlike uid. In case of, i.e. sshd you can use PermitRootLogin directive. - Lukasz Sztachanski -- 0x058B7133 // 16AB 4EBC 29DA D92D 8DBE BC01 FC91 9EF7 058B 7133 http://entropy.pl http://entropy.pl/?blog

Re: install pfstat

.tgz check out FAQ to avoid such questions. - Lukasz Sztachanski -- 0x058B7133 // 16AB 4EBC 29DA D92D 8DBE BC01 FC91 9EF7 058B 7133 http://entropy.pl

Re: OpenSSH Server

to log into my server remotely. openssh is in baseXX.tgz. - Lukasz Sztachanski -- 0x058B7133 // 16AB 4EBC 29DA D92D 8DBE BC01 FC91 9EF7 058B 7133 http://entropy.pl

Re: mount floppy drive

. - Lukasz Sztachanski -- 0x058B7133 // 16AB 4EBC 29DA D92D 8DBE BC01 FC91 9EF7 058B 7133 http://entropy.pl

Re: network/mask in AllowUsers (sshd_config)

, this can be done with hosts_access(5). Afair, user@ restricting needs identd on client side( well, that's quite obvious). - Lukasz Sztachanski -- 0x058B7133 // 16AB 4EBC 29DA D92D 8DBE BC01 FC91 9EF7 058B 7133 http://entropy.pl

Re: ulimit, maxproc/openfiles limits

. - Lukasz Sztachanski -- 0x058B7133 // 16AB 4EBC 29DA D92D 8DBE BC01 FC91 9EF7 058B 7133 http://entropy.pl

Re: Bluetooth in OpenBSD

special driver. Actually, you can't do much with it - e.g. my digital camera is recognized as ugen0, and i can use it only with `driver independent' libgphoto( which uses own protocols and drivers to access digicam trough generic usb driver). - Lukasz Sztachanski

Re: problem compiling PHP5

in ports/www/php5/core/Makefile. - Lukasz Sztachanski -- 0x058B7133 // 16AB 4EBC 29DA D92D 8DBE BC01 FC91 9EF7 058B 7133 http://szati.blogspot.com http://szati.entropy.pl

Re: Safety of a shutdown when no user could log in

the power off button)? no, if you've got partitions mounted in `rw' mode. - Lukasz Sztachanski -- 0x058B7133 // 16AB 4EBC 29DA D92D 8DBE BC01 FC91 9EF7 058B 7133 http://szati.blogspot.com http://szati.entropy.pl

Re: MS Security VP Mike Nash remarks on MS vs OpenBSD security.

on foundations of MS platform. Recently i've wrote simple application using random numbers; i was disappointed, when i've had to port it to windows and linux, and i saw the results. - Lukasz Sztachanski P.S. i know, that openbsd isn't perfect, but it's the only reasonable

Re: SSH, sftp-server subsystem not logging to utmp ?

sshd[pid]: subsystem request for sftp after( obviously) succesfull login, and lastcomm(1) gives some info too. - Lukasz Sztachanski -- 0x058B7133 // 16AB 4EBC 29DA D92D 8DBE BC01 FC91 9EF7 058B 7133 http://szati.blogspot.com http://szati.entropy.pl

Re: running snapshot (obsd 3.9-beta), not able to compile GENERIC kernel

/GENERIC (line 2595 of Makefile). i had same error yesterday; today, i've synced -current, and everything is all right. - Lukasz Sztachanski -- 0x058B7133 // 16AB 4EBC 29DA D92D 8DBE BC01 FC91 9EF7 058B 7133 http://szati.blogspot.com http://szati.entropy.pl

Re: CVSync servers not syncing?

. as far as i see, main machine( anoncvs1.ca.openbsd.org) has locked up ;) - Lukasz Sztachanski -- 0x058B7133 // 16AB 4EBC 29DA D92D 8DBE BC01 FC91 9EF7 058B 7133 http://szati.blogspot.com http://szati.entropy.pl

Re: Number of PTYs

anything :) -bash-3.00# sysctl kern.tty.maxptys kern.tty.maxptys=992 -bash-3.00# If they're 992, how can they run out ? What can i do to increase ptys ? ./MAKEDEV ptyX; ttyflags -a ( X stands for a figure). - Lukasz Sztachanski

Re: VPN in OpenBSD 3.8, how to use new tools?

and examples of isakmpd configurtion; plus, it's very flexible and configurable. - Lukasz Sztachanski -- 0x058B7133 // 16AB 4EBC 29DA D92D 8DBE BC01 FC91 9EF7 058B 7133 http://szati.blogspot.com http://szati.entropy.pl

Re: VPN in OpenBSD 3.8, how to use new tools?

On Sun, Dec 18, 2005 at 08:04:25PM +0100, Hans-Joerg Hoexer wrote: On Sun, Dec 18, 2005 at 06:58:22PM +0100, Lukasz Sztachanski wrote: ipsecadm(8) isn't new ;) Probably ipsecctl isn't `mature' enough to handle such setup. Imho, you'll have to use isakmpd- actually web is full of tutorials

Re: root / wheel login incorrect ??

for changes( maybe /var/backups will help). P.S. remember to mount root partition in r/w( or even mount -a) while in single user mode. - Lukasz Sztachanski -- 0x058B7133 // 16AB 4EBC 29DA D92D 8DBE BC01 FC91 9EF7 058B 7133 http://szati.blogspot.com http

Re: browser security - restricted user

()`ing application is considerably safer for its usability? - Lukasz Sztachanski -- 0x058B7133 // 16AB 4EBC 29DA D92D 8DBE BC01 FC91 9EF7 058B 7133 http://szati.blogspot.com http://szati.entropy.pl

Re: Recommendations for another POP3/IMAP/SMTP mail reader client?

. - Lukasz Sztachanski [1] afair, http://mutt-ng.berlios.de -- 0x058B7133 // 16AB 4EBC 29DA D92D 8DBE BC01 FC91 9EF7 058B 7133 http://szati.blogspot.com http://szati.entropy.pl

Re: browser security

and changing `eq' to `match'; for example cleaning up fsread's on libs or font dirs and fs{read,write,rename} on cache/download dir, and so on... - Lukasz Sztachanski -- 0x058B7133 // 16AB 4EBC 29DA D92D 8DBE BC01 FC91 9EF7 058B 7133 http://szati.blogspot.com http

Re: Ethernet Trunking

, but doesn't break trunk(4)'s usability. failover can be fully functional without switch support, and `none' just disables traffic without destroying device. (un)fortunately, i'm not experienced in Cisco's hardware ;) - Lukasz Sztachanski -- 0x058B7133 // 16AB 4EBC 29DA

Re: Protecting directory of Apache hosted website with SSL?

http://domainname.tld/ssl_required.html /Directory -- Lukasz Sztachanski ...proud user of C8H10N4O2 :) http://szati.blogspot.com http://szati.entropy.pl

Re: pOf

always initiate connection from PocketPC while listening out traffic using p0f and add this fingerprint to pf.os -- Lukasz Sztachanski ...proud user of C8H10N4O2 :) http://szati.blogspot.com http://rudy.mif.pg.gda.pl

Re: Nmap -O... will it be fixed some day?

. -- Lukasz Sztachanski ...proud user of C8H10N4O2 :) http://szati.blogspot.com http://rudy.mif.pg.gda.pl/~szati/szati.asc

Re: pfctl: Cannot allocate memory.

.. 'pfctl: Cannot allocate memory.' google tells me, that this issue is quite well discused; after all you can try to split this file into smaller chunks. -- Lukasz Sztachanski ...proud user of C8H10N4O2 :) http://szati.blogspot.com

Re: 3.7 ,xdm and fluxbox

). startfluxbox(1) is much more flexible then just fluxbox(1). first one uses ~/.fluxbox/startup or theme config file, second one uses only theme config file. Anyway, check your $PATH and make sure that program, which is used for setting background, exists( and is it covered by $PATH). -- Lukasz

Re: syslogd-capabilities

On Fri, Jul 08, 2005 at 11:49:16AM +0200, M. Schatzl wrote: In this case, its a script scanning for invalid ssh-logins invoked by auth.info. It then appends the IP to a lockout-table via pfctl. there are other, better solutions, like stateful tracking and overloading( pf.conf(5)). -- Lukasz