Re: How to check Health Information of SMART on an NVME disk?

2024-02-15 Thread Martin Schröder
Am Do., 15. Feb. 2024 um 18:35 Uhr schrieb Mikolaj Kucharski : > > === START OF READ SMART DATA SECTION === > > Current Drive Temperature: 0 C > > Drive Trip Temperature:0 C > > > > Read defect list: asked for grown list but didn't get it > > Error Counter logging not supported > > > >

Re: /var/unbound/db/root.key not world-readable, unbound fails to start

2023-12-09 Thread Martin Schröder
Am So., 10. Dez. 2023 um 02:48 Uhr schrieb Todd C. Miller : > By default, /etc/login.conf has umask set to 022. Is it more > restrictive on your system? Ah, yes. Mine is set to 077. That would explain me being unable to start it via sudo. And when I rebooted after a failed restart the

/var/unbound/db/root.key not world-readable, unbound fails to start

2023-12-09 Thread Martin Schröder
Hi, after the last erratas I rebooted my 7.4 and unbound failed to start because unbound: [65439:0] error: unable to open /db/root.key for reading: Permission denied unbound: [65439:0] error: error reading auto-trust-anchor-file: /var/unbound/db/root.key unbound: [65439:0] error: validator: error

Re: mount softdep — does it improve the situation for unexpected shutdowns?

2023-11-05 Thread Martin Schröder
Am So., 5. Nov. 2023 um 19:33 Uhr schrieb Mike Fischer : > However the default /etc/fstab does not make use of it. >From the 7.4 release notes: -- Make the softdep mount(8) option a no-op. Softdep was a significant impediment to improving the vfs layer. -- Methinks

ftp.openbsd.org: tlsv1 alert protocol version

2023-10-25 Thread Martin Schröder
Hi, downloading the latest patches on 7.4 fails with > curl --verbose > https://ftp.openbsd.org/pub/OpenBSD/patches/7.4/common/001_xserver.patch.sig * Trying [2620:3d:c000:178::81]:443... * Connected to ftp.openbsd.org (2620:3d:c000:178::81) port 443 * ALPN: curl offers h2,http/1.1 * TLSv1.3

Re: AAAA entry for openbsd.org

2023-10-23 Thread Martin Schröder
Am Mo., 23. Okt. 2023 um 17:14 Uhr schrieb Theo de Raadt : > Martin Schröder wrote: > > > Am Mo., 23. Okt. 2023 um 16:54 Uhr schrieb Theo de Raadt > > : > > > So many, many words demanding that I configure my networks for ipv6. > > > > "is there an

Re: AAAA entry for openbsd.org

2023-10-23 Thread Martin Schröder
Am Mo., 23. Okt. 2023 um 16:54 Uhr schrieb Theo de Raadt : > So many, many words demanding that I configure my networks for ipv6. "is there any reason openbsd.org still has no entry at the end of 2023?" So the reason is "Theo doesn't want to configure his networks for v6"? Best Martin

Re: how to startx with kde?

2023-07-22 Thread Martin Schröder
Am Sa., 22. Juli 2023 um 23:15 Uhr schrieb Greg Thomas : > Have you read: > > https://www.openbsd.org/faq/faq11.html Where does that mention KDE? Best Martin P.S.: Please learn to quote

Re: ntpd and ppm

2023-07-04 Thread Martin Schröder
Am Di., 4. Juli 2023 um 23:20 Uhr schrieb J Doe : > I checked: man ntpd and: man 2 adjfreq, and while: man 2 adjfreq > mentions the same unit - "ppm" - it doesn't explain what that means. > > What does "ppm" stand for ? microseconds per second.

PC Engines APU platform EOL

2023-04-19 Thread Martin Schröder
https://www.pcengines.ch/eol.htm The end is near for APUs :-( Best Martin

Re: 7.3: speetest doesn't work

2023-04-16 Thread Martin Schröder
Am So., 16. Apr. 2023 um 15:49 Uhr schrieb Stuart Henderson : > At this point I think you might be better served by dumping the > package list, uninstalling them all, and reinstalling with 022 umask. > > Borrowing the old instructions from the 5.5 time_t flag day release > notes, this also keeps

Re: 7.3: speetest doesn't work

2023-04-16 Thread Martin Schröder
Am So., 16. Apr. 2023 um 15:38 Uhr schrieb Stuart Henderson : > So let's also add "newly created directories" to the list of things > where umask messes up pkg_add ;) In this case, it will be > /usr/local/lib/python3.10/encodings/ Probably more. In the end I did sudo chmod -R go+rX

7.3: outdated mandoc.db lacks mutt(1) entry, run makewhatis /usr/local/man

2023-04-16 Thread Martin Schröder
Hi, after upgrading to 7.3 man is somehow confused: > man mutt man: /usr/local/man/mandoc.db: Permission denied man: outdated mandoc.db lacks mutt(1) entry, run makewhatis /usr/local/m Neither makewhatis /usr/local/man nor sudo makewhatis /usr/local/man helps. :-( How to fix? Thanks in

Re: 7.3: speetest doesn't work

2023-04-16 Thread Martin Schröder
Am So., 16. Apr. 2023 um 14:56 Uhr schrieb lux : > > On Sun, 2023-04-16 at 14:41 +0200, Martin Schröder wrote: > > > > Fatal Python error: init_fs_encoding: failed to get the Python codec > > of the filesystem encoding > > Python runtime state: core initialized >

7.3: speetest doesn't work

2023-04-16 Thread Martin Schröder
Hi, after sysupgrade to 7.3 and pkg_add -u and reboot: > speedtest-cli --secure Could not find platform independent libraries Could not find platform dependent libraries Consider setting $PYTHONHOME to [:] Python path configuration: PYTHONHOME = (not set) PYTHONPATH = (not set) program

Re: All my Rust programs stop working on OpenBSD 7.3

2023-04-10 Thread Martin Schröder
Am Mo., 10. Apr. 2023 um 18:10 Uhr schrieb Sebastien Marie : > On Mon, Apr 10, 2023 at 11:49:50PM +0800, Siegfried Levin wrote: > > After I upgraded my OS from 7.2 to 7.3 with sysupgrade like 8 hours ago, > > all my programs written in Rust broke, including cargo installed with > > pkg_add on

Re: Creating a "multicast bridge"?

2023-04-06 Thread Martin Schröder
Am Do., 6. Apr. 2023 um 15:27 Uhr schrieb Why 42? The lists account. : > I'd like to create a "bridge" between two IP networks which will pass > only multicast info. / traffic. So it should only route FF00::/8? Best Martin

Re: OpenBSD as a transparent switch filter

2023-01-24 Thread Martin Schröder
Am Mi., 25. Jan. 2023 um 00:45 Uhr schrieb David Gwynne : > I think you can do this on OpenBSD with https://github.com/eait-itig/commarp > and just routing on em0. I don’t think any layer 2 things like bridge or veb > are needed, and probably won’t work anyway because as Claudio said, they >

Re: Unbound fails to resolve some domains

2023-01-11 Thread Martin Schröder
Am Mi., 11. Jan. 2023 um 21:06 Uhr schrieb Rodrigo Readi : > It stopped to resolve some domains, for example qwant.com All fine here. > Any Idea what is happening? Not without some logs. Best Martin

Re: [SPAM?] Is CRONTAB(5) random really random ?

2023-01-05 Thread Martin Schröder
Am Do., 5. Jan. 2023 um 18:16 Uhr schrieb Rachel Roch : > Especially given three of my crontab fields are supposed to be random > (minute, hour, day-of-month) I would expect to see at least one of the three > to be different ?!? AFAIK there is only one random value and it's created at startup

Re: 7.2: unbound(timeout) on startup

2022-11-10 Thread Martin Schröder
Am Do., 10. Nov. 2022 um 11:22 Uhr schrieb Stuart Henderson : > On 2022-11-09, Martin Schröder wrote: > > Am Do., 10. Nov. 2022 um 00:02 Uhr schrieb Martin Schröder > > : > >> This happens only on bootup of the machine... :-( > > > > I've tried hard to get a

Re: 7.2: unbound(timeout) on startup

2022-11-09 Thread Martin Schröder
Am Do., 10. Nov. 2022 um 00:25 Uhr schrieb Jan Stary : > With my current ISP, putting > > ifconfig pppoe0 down > > into rc.shutdown makes the subsequent boot faster with respect to pppoe. > I suspect it's waht you say: the session gets "terminated properly" > somehow; without it, it takes

Re: 7.2: unbound(timeout) on startup

2022-11-09 Thread Martin Schröder
Am Do., 10. Nov. 2022 um 00:02 Uhr schrieb Martin Schröder : > This happens only on bootup of the machine... :-( I've tried hard to get any log messages for this, but failed so far. Neither setting a log file for unbound nor "unbound_flags=-d -d" produced any output. Best Martin

Re: 7.2: unbound(timeout) on startup

2022-11-09 Thread Martin Schröder
Am Mi., 9. Nov. 2022 um 23:51 Uhr schrieb Stuart Henderson : > On 2022-11-09, Jonathan Thornburg wrote: > The only times I've seen ISPs take more than a few seconds to do pppoe > (unless they're broken) are if they have an old session hanging around > from a reboot or crash where the previous

Re: 7.2: unbound(timeout) on startup

2022-11-09 Thread Martin Schröder
Am Mi., 9. Nov. 2022 um 21:25 Uhr schrieb Jonathan Thornburg : > --- begin /etc/hostname.em0 --- > inet autoconf > --- end /etc/hostname.em0 --- Well, this is DTAG vDSL, so I have -- begin /etc/hostname.pppoe0 inet 0.0.0.0 255.255.255.255 NONE \ pppoedev vlan7 authproto pap \

7.2: unbound(timeout) on startup

2022-11-08 Thread Martin Schröder
Hi, since upgrading my router to 7.1 unbound doesn't start up automatically anymore, instead it times out: starting early daemons: syslogd pflogd unbound(timeout) ntpd. It can be started successfully manually later. This setup worked with 7.0. System is an apu acting as a firewall/router for my

Verbose messages from pppoe(4)?

2022-07-29 Thread Martin Schröder
Hi, I'm using pppoe to connect to my provider via DSL on 7.1. Since yesterday my connection has been very flaky. Is there a way to get more information about the connection state changes etc.? Currently I only see the occasional /bsd: pppoe0: LCP keepalive timeout in /var/log/messages I tried

Re: How to track system changes?

2022-04-04 Thread Martin Schröder
Am Mo., 4. Apr. 2022 um 17:50 Uhr schrieb Ian Darwin : > Yes, in fact, *everyone* else is. /etc/changelist lists files that are > monitored. > You will get an email if they change, e.g., if a program surprisingly becomes > setuid. > > I imagine that this is documented someplace. man security

Re: Release schedule/general product engineering

2021-04-22 Thread Martin Schröder
Am Do., 22. Apr. 2021 um 09:28 Uhr schrieb Andrew Grillet : > I wanted to know approximately when the next release would be available http://www.openbsd.org/faq/faq1.html#WhatIs "The OpenBSD team makes a new release approximately every six months, with the target release dates in May and

Re: Impact of 002_icmp6.patch

2020-10-30 Thread Martin Schröder
Am Fr., 30. Okt. 2020 um 13:36 Uhr schrieb Florian Obser : > On Fri, Oct 30, 2020 at 11:58:41AM +0100, Martin Schröder wrote: > > I'd much prefer that the project adopted a" v6 first, vintage ip > > second" approach. > > But I'm not a dev. > > ... you are

Re: Impact of 002_icmp6.patch

2020-10-30 Thread Martin Schröder
Am Fr., 30. Okt. 2020 um 11:54 Uhr schrieb Denis Fondras : > Please, fix your tweet. The default install answer for IPv6 is 'none'. This borders on "switch off v6 for security reasons", which would be just wrong. I'd much prefer that the project adopted a" v6 first, vintage ip second" approach.

Re: It's been awhile

2020-06-17 Thread Martin Schröder
Am Mi., 17. Juni 2020 um 17:06 Uhr schrieb Rasmus Liland : > Try to buy sticker_40_w for 7€ from here: > https://kd85.com/notforsale.html Note that the project will probably get no money from that site. If you want more context, search the list. Best Martin

Re: How do I set up a Wi-Fi access point (using APU2)?

2020-06-05 Thread Martin Schröder
Am Fr., 5. Juni 2020 um 19:14 Uhr schrieb infoomatic : > it seems you skipped the firewall part of the document you were > referring, you need NAT connections. Or you do IPv6 instead of vintage-IP. Best Martin

Re: Filling a 4TB Disk with Random Data

2020-06-05 Thread Martin Schröder
Am Fr., 5. Juni 2020 um 09:21 Uhr schrieb Roderick : > Is not there a SCSI command "sanitize" for that? Secure erase: https://en.wikipedia.org/wiki/Parallel_ATA#HDD_passwords_and_security Or you encrypt your device and throw away the key. Best Martin

/bsd: atascsi_passthru_done, timeout

2020-06-01 Thread Martin Schröder
Hi, my firewall (APU2 with 6.7) shows this in messages ca. every other day. smartctl shows the only disc is healthy, system is behaving fine. Should I be worried? dmesg is at https://paste.opensuse.org/11922555 Best Martin

Re: Convert ffs1 to ffs2?

2020-05-20 Thread Martin Schröder
Am Mi., 20. Mai 2020 um 11:41 Uhr schrieb Михаил Попов : > What is the best method to harden OpenBSD in a diskless mode? Manually converting the fs to FFS2 using ed. That's what you are interested in, right?

Re: More than 16 partitions

2020-04-23 Thread Martin Schröder
Am Do., 23. Apr. 2020 um 21:31 Uhr schrieb : > No problem. Would it be too crude a suggestion that we go back to the > content now...? You didn't provide any patch.

Re: Wine for OpenBSD?

2020-04-11 Thread Martin Schröder
Am Sa., 11. Apr. 2020 um 13:19 Uhr schrieb Nikita Stepanov : > Wine for OpenBSD? Your patch?

Re: FreeBSD daemon(8)-like command for OpenBSD

2020-01-30 Thread Martin Schröder
Am Do., 30. Jan. 2020 um 21:06 Uhr schrieb Patrick Kristiansen : > The process I need to run is written in Clojure and thus runs on the > Java Virtual Machine. Do you have any suggestions on how to best go > about making it "daemon-like"? I am not sure that I can call unveil(2), There is

Re: Suggestion: Replace Perl with Lua in the OpenBSD Base System

2019-12-30 Thread Martin Schröder
Am Di., 31. Dez. 2019 um 01:08 Uhr schrieb : > Would it be desirable for the OpenBSD project to replace Perl with Lua > in the base system? A smaller base afforded to by Lua will reduce the IMNSHO no. You are welcome to fork your OpenLuaBSD project, though. Looking forward to your first

Re: Tape drive

2019-11-17 Thread Martin Schröder
Am So., 17. Nov. 2019 um 23:56 Uhr schrieb Pietro Paolini : > OpenBSD .my.domain 6.3 GENERIC.MP#9 amd64 Not supported anymore; upgrade to at least 6.5 Best Martin

Re: Tools for writers

2019-11-06 Thread Martin Schröder
Am Sa., 2. Nov. 2019 um 16:06 Uhr schrieb Oliver Leaver-Smith : > What tools do people find useful for writing on OpenBSD? By writing I mean > long form such as novels and technical books, including plot and character > development, outlining, and formatting for publishing (not all the same >

Re: Tools for writers

2019-11-05 Thread Martin Schröder
Am Mo., 4. Nov. 2019 um 09:39 Uhr schrieb Roderick : > TeX produces dvi, a well documented and simple page description language. > Then it is transformed to postscript or pdf. Nope. pdfTeX was developed 25 years ago, LuaTeX 12 years ago. Both write PDF directly. Best Martin

Re: IPv4 & IPv6 CIDR subnet calculator

2019-09-25 Thread Martin Schröder
Am Mi., 25. Sept. 2019 um 13:16 Uhr schrieb Mark Jamsek : > Or use the -6 switch for IPv6 addresses: Please make v6 the default and Vintage-IP available via -4. It's 2019 after all. Best Martin

Re: Prometheus node_exporter on OpenBSD - anyone managed ?

2019-09-20 Thread Martin Schröder
Am Fr., 20. Sept. 2019 um 10:36 Uhr schrieb Rachel Roch : > pkg_add node_exporter ? It's in current so 6.6 will have it. Best Martin

want.html reachable from homepage?

2018-08-28 Thread Martin Schröder
Hi, is there a clickpath from www.openbsd.org to want.html? I had to use Google to find the page. Best Martin

Re: ISDN Card /PRI Card support on OpenBSD

2018-07-11 Thread Martin Schröder
2018-07-11 21:30 GMT+02:00 Paul de Weerd : > Eicon was the brand, DIVA the model of one particular example I've > actually had the "pleasure" of working with. You can still find > references on the web. The web 1.0, that is. > > Now if you could get those to work using ppp, I have no clue. But

Re: ISDN Card /PRI Card support on OpenBSD

2018-07-11 Thread Martin Schröder
2018-07-11 18:48 GMT+02:00 Christian Weisgerber : > (Once upon a time there was something called isdn4bsd, but I don't > think it was ever officially integrated into OpenBSD, and that's > from, oh, twenty years ago.) IIRC it was one of the reasons for the start of MirBSD (which did ISDN). Best

Re: Date of yesterday

2018-04-09 Thread Martin Schröder
2018-04-09 20:58 GMT+02:00 Stephane HUC "PengouinBSD" : > get the current timestamp, subtracting 86400 seconds is not reliable to > get yesterday's date to the nearest second? Did they teach leap seconds in your school yet? Best Martin

Re: UNIX Stackexchange - Community Promotion Ads - 2018

2018-02-25 Thread Martin Schröder
2018-02-25 18:29 GMT+01:00 Ingo Schwarze : > And no, i'm not going to create an account on some > random site just for such a petty thing. Stackoverflow is "some random website". :-) Thanks. YMMD. Best Martin

Re: NAT for dual-WAN with public and private LAN

2018-02-19 Thread Martin Schröder
2018-02-17 15:08 GMT+01:00 miraculli . : > I just got an second ADSL-uplink installed and now I try to reconfigure my > pf.conf to load-balance NAT over both connections. Just a reminder: NAT is not security and IPv6 should be the default. https://youtu.be/v26BAlfWBm8 Best

Re: For a FFS on an SSD, which of "-o" nil, "sync" &/ "softdep" is more data-safe and fast?

2018-02-10 Thread Martin Schröder
2018-02-10 7:28 GMT+01:00 Rupert Gallagher : > The only problem I've encountered is rsync unable to preserve the original > time of files: copied files have the time of the copy. man rsync -t, --times preserve modification times You want -a, --archive

Re: [OT] how secure is 2 factor auth with a smartphone?

2017-12-14 Thread Martin Schröder
2017-12-14 3:16 GMT+01:00 Alceu Rodrigues de Freitas Junior : > What do you guys think about? Do you agree with the article author opinion? It's probably more secure than your typical RSA token, which had numerous security issues (including opening up the seeds!) in the

Re: Chip cheaper than chips

2017-12-04 Thread Martin Schröder
2017-12-04 11:05 GMT+01:00 Kevin Chadwick : > dealing with Intel ME or AMD Ryzens bloat. Should I wait for everything > to be ported to RISC and hope it is as stable and secure or wait for an > ARM CISC chip, which probably won't happen? I'll bite: Patches for a RISC-V port

Re: Any advice on a dedicated remote access server

2017-11-23 Thread Martin Schröder
2017-11-23 5:26 GMT+01:00 : > https://www.soyoustart.com/us/essential-servers/ IPv4 only.

Re: OpenBSD 6.1 Release Notes

2017-04-19 Thread Martin Schröder
2017-04-19 21:00 GMT+02:00 : > I'd like to help write them! What's your process/format for doing so? > > - Sent from Outlook for Android Hint: It uses OpenBSD

Re: Why isn't OpenBSD in Google Summer of Code 2017?...

2017-04-05 Thread Martin Schröder
2017-04-05 22:55 GMT+02:00 Flipchan : > Ping Theo, couldnt someone create a needs improvments list n put it on like > OpenBSD.org? No. You've got an itch to scratch, fix that. Best Martin

Re: Is randomizing UID/GUID would make sense?

2017-01-23 Thread Martin Schröder
2017-01-23 15:37 GMT+01:00 andrew fabbro <and...@fabbro.org>: > On Fri, Jan 20, 2017 at 3:44 AM, Martin Schröder <mar...@oneiros.de> wrote: >> 2017-01-20 8:43 GMT+01:00 minek van <minek...@mail.com>: >> > Or something would be broken with random UIDs/GUIDs,

Re: Is randomizing UID/GUID would make sense?

2017-01-20 Thread Martin Schröder
2017-01-20 8:43 GMT+01:00 minek van : > Could it bring more security if the UIDs/GUIDs would be random? Why? What's the attack you want to defend against? > Or something would be broken with random UIDs/GUIDs, ex.: NFS? Would it only > do pain? Yes.

Re: OpenJDK and support for JCE Unlimited Strength Jurisdiction Policy

2016-12-14 Thread Martin Schröder
2016-12-14 14:09 GMT+01:00 Rubén Llorente : > I used to think that OpenJDK already included the Unlimited Strength Policies, > so this is a bit confusing. http://stackoverflow.com/q/1179672/821436 :-) Best Martin

Re: Dell R930 server

2016-11-09 Thread Martin Schröder
2016-11-09 9:06 GMT+01:00 ludovic coues : > I would say big data. > > Stackexchange have a pair of SQL Server, with 384Go of memory for > stackoverflow and 768 for everything else, a Redis server with 256, a > server for elasticsearch with 192 and same quantity for an HAProxy >

Re: OT: shell / terminal / console / tty / cua / getty

2016-10-21 Thread Martin Schröder
2016-10-21 12:04 GMT+02:00 Mihai Popescu : > terminal: physical stuff, keyboard + screen + serial port for > mainframe connection Relevant: https://www.jwz.org/blog/2016/10/export-termaaa-60/ > enough. Also a link or a book indication for all this stuff will be > fine. We have

Re: 4th nic for pcengines apu2

2016-10-19 Thread Martin Schröder
2016-10-19 14:24 GMT+02:00 Marko Cupać : > Any other words of wisdom regarding my idea? Safe yourself the trouble and get a similar machine with more NICs, e.g. from Lanner. Best Martin

Re: ARM64:s finally on the market, and flooding it. OpenBSD support?

2016-09-22 Thread Martin Schröder
2016-09-22 13:51 GMT+02:00 Tinker : > What about running OpenBSD on these, do you have any idea when this should > be possible? https://www.openbsd.org/armv7.html "A mailing list for ARM-based ports is available at a...@openbsd.org." The devs are looking forward to getting

Re: DigitalOcean and OpenBSD

2016-08-24 Thread Martin Schröder
2016-08-24 21:50 GMT+02:00 <li...@wrant.com>: > Wed, 24 Aug 2016 20:37:22 +0200 Martin Schröder <mar...@oneiros.de> >> You're not helping. >> > Neither are you, of course, needless to say. Because you just won't get Did you actually read his first mail? Do again a

Re: DigitalOcean and OpenBSD

2016-08-24 Thread Martin Schröder
2016-08-24 16:48 GMT+02:00 : > You did not provide any sensible detail, so consider this guess work. You're not helping.

Re: LibreSSL on old OpenBSD

2016-08-13 Thread Martin Schröder
2016-08-12 23:28 GMT+02:00 Philip Guenther : > Yes, the previous situation with and > was confusing (code was including the wrong header and not getting the Thanks. Finally an answer after days of shouting. Best Martin

Re: Question about NTP server

2016-06-30 Thread Martin Schröder
2016-06-30 21:24 GMT+02:00 Leonardo Santagostini : > 1) Is there some calculus for making those ntp boxes efficient in terms of > not overstate (sorry, but english is not my mothers tongue) or right size > the hardware. A Rasberry Pi would suffice (but it's not supported

Re: TLS now supported on openbsd.org?

2016-05-09 Thread Martin Schröder
2016-05-09 18:57 GMT+02:00 : > - I don't know in modern browsers, but Links 2.12 say that the > certificate is not valid. It's just old browsers, or firefox also > have this same problem? All's good. See

Re: openbsd.org, openssh.com server(s) down

2016-03-15 Thread Martin Schröder
2016-03-15 14:31 GMT+01:00 Rudolf Sykora : > is it only I who cannot connect to either > of openbsd.org and openssh.com, or Nope. http://www.downforeveryoneorjustme.com/openbsd.org Best Martin

Re: Small FW boxes for CORP use (was: T40E APU?)

2016-03-11 Thread Martin Schröder
2016-03-11 22:42 GMT+01:00 Alan McKay : > Ideally I'd like to get a redundant pair of FWs in 1U. > But I need 4 NICs on each as a bare min. Lanner FW-7525 Best Martin

Re: What hardware spec would I need to push 20 gigabit of network traffic on an OpenBSD server?

2015-10-27 Thread Martin Schröder
2015-10-27 20:24 GMT+01:00 Adam Thompson : > You talk about storing the data - *writing* data to disk at 10Gbps > (sustained) is currently in the realm of high-energy physics, with > multi-million-dollar budgets for the storage arrays. A 7200rpm disk can And then there are

Re: Recommended Industrial PCs?

2015-08-27 Thread Martin Schröder
2015-08-27 12:26 GMT+02:00 Martin Haufschild martin.haufsch...@uni-rostock.de: I forgot to say that we are looking for a fanless IPC. You forgot to say a lot of things... E.g. how fast will your communication line be? 1kb or 100gb? Best Martin

Re: Firewall question: is using a NIC with multiple jacks considered insecure?

2015-07-27 Thread Martin Schröder
2015-07-27 11:46 GMT+02:00 Quartz qua...@sneakertech.com: turning out rather difficult to find a case that's small enough to fit. I'd really like to use an itx system with multiple onboard ethernet jacks and cram it into something like a MiniBox M350 or Antec ISK110, but I'm not sure A Lanner

Re: Blob-free OpenBSD kernel needed

2015-06-09 Thread Martin Schröder
2015-06-09 18:48 GMT+02:00 Elias Diem li...@webconect.ch: I just wonder: Is there really such microcode available that is open source? No.

Re: Robustness in ports fetch program?

2015-05-17 Thread Martin Schröder
2015-05-17 14:18 GMT+02:00 Alan Corey alan01...@gmail.com: I don't think it did this back in 5.0 days or maybe earlier. I started with OpenBSD 2.7, I just usually attributed problems to being my fault. And I've always used the ports tree, not packages. Distfiles are often useful across

Re: my experience with openbsdstore.com

2015-04-12 Thread Martin Schröder
2015-04-12 20:12 GMT+02:00 Jason Adams adams...@gmail.com: On 04/11/2015 06:01 AM, IMAP List Administration wrote: The trouble began immediately. I chose electronic wire transfer as the payment method, Its not 1929 any more. I'm utterly suprised the store still offers wire transfer. Not

Re: my experience with openbsdstore.com

2015-04-11 Thread Martin Schröder
2015-04-11 17:08 GMT+02:00 Bernd Schoeller ber...@fams.de: As a little defence to the OpenBSD store guys: the banking system in the UK is by far the crappiest I have seen in whole of Europe. The banks are all Small wonder since Airstrip One seems to believe it's not in Europe. Maybe the

Re: Exploiting PCI-based DMA in OpenBSD

2015-04-04 Thread Martin Schröder
2015-04-04 13:08 GMT+02:00 Артур Истомин art.is...@yandex.ru: https://github.com/carmaa/inception/blob/master/README.md Is OpenBSD susceptible to this attack? I mean not tool themself, I mean vector of attack. There is no Firewrire support in OpenBSD, so no. Btw: This is old news.

Re: Executable signing - a proposal

2015-03-31 Thread Martin Schröder
2015-03-31 9:52 GMT+02:00 Gareth Nelson gar...@garethnelson.com: 2 - All executables on the system must be signed with that public key 3 - Any executable not signed is essentially chmod -x How does this help with interpreted code (e.g. shell, perl, python, java)? Best Martin

Re: Very-small fully-functional systems?

2015-03-09 Thread Martin Schröder
2015-03-09 9:35 GMT+01:00 Alexandre Ratchov a...@caoua.org: The RasberyPi is said (search linux audio lists) to be unusable because of the poor quality hardware. There's additional hardware that is said to work quite well: https://www.hifiberry.com/ Best Martin

Re: CPU criteria for OpenBSD firewall

2015-02-19 Thread Martin Schröder
2015-02-19 10:58 GMT+01:00 Alexander Salmin alexan...@salmin.biz: Good luck, when you have time I also recommend that you read this. https://calomel.org/network_performance.html The consensus here seems to be to warn against any tweaks etc. by calomel.

Re: CPU criteria for OpenBSD firewall

2015-02-19 Thread Martin Schröder
2015-02-19 16:33 GMT+01:00 Dmitrij D. Czarkoff czark...@gmail.com: It would be nice if someone with expertise could write a detailed explanation of the issues with that article... Thou art not supposed to twiddle with your config.

Re: FAQ: My mission is to make it up into /src/lib/libssl/...

2015-01-11 Thread Martin Schröder
2015-01-11 22:39 GMT+01:00 David Christensen dpchr...@holgerdanske.com: Is this a statement by the OpenBSD project, or has the page been defaced? It's intentional: http://cvsweb.openbsd.org/cgi-bin/cvsweb/www/faq/index.html.diff?r1=1.374r2=1.375 Best Martin

Re: OpenBSD projects

2014-12-26 Thread Martin Schröder
2014-12-26 18:42 GMT+01:00, jungle Boogie jungleboog...@gmail.com: Here's a list of projects that I'm aware of that openBSD created. Is that correct? (p) is for portable. What else am I missing? opencvs Best Martin

Re: OpenBSD Trademark Policy

2014-12-07 Thread Martin Schröder
2014-12-06 9:45 GMT+01:00 Riley Baird bm-2cvqnduybau5do2dfjtrn7zbaj246s4...@bitmessage.ch: I have a few questions about OpenBSD's trademark policy. (I tried looking, but I couldn't find a document.) Is OpenBSD actually a registered trademark? The USPTO doesn't list it. FreeBSD is, though. Best

Re: OpenBSD embedded? (was: OpenBSD 5.6-current on ASUS Chromebox)

2014-12-03 Thread Martin Schröder
2014-12-03 18:49 GMT+01:00 Alan McKay alan.mc...@gmail.com: Does anyone know of a similar device with 2 NICs that might be suitable as a home firewall? Yes. There are archives of this list.

Re: 64-bit amd64 : actual memory limitations?

2014-10-26 Thread Martin Schröder
2014-10-26 20:02 GMT+01:00 Mayuresh Kathe mayur...@devio.us: 64-bit supposedly supports upto 16 exabytes of memory ('ram'). Current hardware supports only 2^48... https://en.wikipedia.org/wiki/X86-64#Physical_address_space_details Best Martin

Re: Wireless PCIe (Host AP mode) recommendations

2014-10-26 Thread Martin Schröder
2014-10-26 22:31 GMT+01:00 Gordon Turner tur...@ftn.net: Rosewill RNX-G300LX (http://www.newegg.ca/Product/Product.aspx?Item=N82E16833166021) - Up to 54Mbps - Chipset RaLink RT2561/RT61 - Supported by ral http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/ral.4?query=ralsec=4

Re: 64-bit amd64 : actual memory limitations?

2014-10-26 Thread Martin Schröder
2014-10-27 1:56 GMT+01:00 Mayuresh Kathe mayur...@devio.us: if the intended application actually requires larger memory to be accessible, would it be better to go for a non-x86-64 64-bit hardware? 256TB (2^48) should be good enough till 2020.

Re: 64-bit amd64 : actual memory limitations?

2014-10-26 Thread Martin Schröder
2014-10-27 3:37 GMT+01:00 Mayuresh Kathe mayur...@devio.us: From owner-misc+m143...@openbsd.org Sun Oct 26 22:22:57 2014 Fix your mail client, please. 256TB (2^48) should be good enough till 2020. it is for a lot of records (data-sets) to held in memory instead of

Re: libressl

2014-10-22 Thread Martin Schröder
2014-10-22 16:33 GMT+02:00 Gregory Edigarov ediga...@qarea.com: openssl(1) is? For example ressl(1) would be the new high level interface with very few selected frequently used functions, and openssl(1) with low level interface as it is now

Re: Shadow TCP stacks

2014-10-17 Thread Martin Schröder
2014-10-17 10:24 GMT+02:00 Bret Lambert bret.lamb...@gmail.com: On Thu, Oct 16, 2014 at 02:48:22PM +0200, Martin Schr??der wrote: The impossibility to scan for services - which the NSA/GHCQ/... do. It's a good thing that traffic analysis isn't a thing, then. Otherwise they'd be able to check

Re: Shadow TCP stacks

2014-10-17 Thread Martin Schröder
2014-10-17 20:49 GMT+02:00 Bret Lambert bret.lamb...@gmail.com: Well, if, as Herr Schroeder seems to be implying, this is used to avoid port scans, I'd look for traffic to/from address:port which don't show up on scans. That's certainly possible but more expensive than find all ssh servers.

Re: Shadow TCP stacks

2014-10-16 Thread Martin Schröder
2014-10-16 13:16 GMT+02:00 Kevin Chadwick ma1l1i...@yahoo.co.uk: I still don't see the benefit though but do see added complexity or more code to audit. Reducing DDOS against a visible SSH service maybe? Reduce password attempts on your logs allowing them to go after targets that might

Re: [Bulk] Re: Shadow TCP stacks

2014-10-15 Thread Martin Schröder
2014-10-16 2:22 GMT+02:00 Ian Grant ian.a.n.gr...@googlemail.com: Perhaps I have missed something but if you have a ssh tunnel or something then just put that in front of the service without increasing Moved to misc. Yes, you missed something: the point :-) The idea is that the existence

Re: openbsdstore: enable javascript and buy something or gtfo

2014-10-03 Thread Martin Schröder
2014-10-03 16:09 GMT+02:00 david...@ling.ohio-state.edu: Strangely enough, this doesn't incline me to enable javascript. Why? Don't you trust the store?

Re: How to follow -stable and verify it with signify?

2014-10-01 Thread Martin Schröder
2014-10-01 3:02 GMT+02:00 Giancarlo Razzolini grazzol...@gmail.com: OpenBSD do not have any secure way to get things. Buy a CD. If you don't trust the shop, have it somehow signed by a dev. Best Martin

Re: OpenBSD 5.5: question regarding pf syntax

2014-09-28 Thread Martin Schröder
2014-09-28 22:49 GMT+02:00 Jack Woehr jwo...@softwoehr.com: BTW 3rd edition about to be released. The ebook _has_ been released. :-) Best Martin

Re: rsync -a doesnt keep owner and permissions

2014-08-21 Thread Martin Schröder
2014-08-21 8:47 GMT+02:00 Markus Rosjat ros...@ghweb.de: Just a short heads up how I did it now and you guys might want to share your opinion on the security with this scenario. maschine A (from were I want to pull files): - root cant login over ssh - sync user can only connect with auth key

  1   2   3   4   5   6   >