OpenBSD 6.1/httpd SNI and acme-client

Hi, Sorry for spam, but I just wanted to share a pointer on how I have setup httpd/SNI in OpenBSD 6.1 to work with HTTPS redirect and acme-client. I used the following httpd.conf which works well: Regards, Leighton # $OpenBSD: httpd.conf,v 1.14 2015/02/04 08:39:35 florian Exp $ server

Re: upgrading on vultr.com: make sure to select the bsd.mp set

On 2017-04-13, Peter N. M. Hansteen wrote: > Upgrading a couple of virtual machines hosted at vultr.com from 6.0 to > 6.1 just now, we were a bit suprprised that after the upgrade the system > booted the 6.0 bsd kernel, and of course during startup pfctl gave an > error message

Re: Free firmware for AR9285

On Wed, Apr 12, 2017 at 06:14:36PM -0400, thinkpad-e535-user wrote: > I'm wondering why does Atheros AR9285 need binary firmware on OpenBSD? > According to this wikipedia article [1] it works on Linux and FreeBSD > with some free firmware. Is that in theory possible for OpenBSD to use > it too? >

Re: OpenIKED and Windows 10 Client

As I stated befor I did all the cert installing for the local machine store I will try to create some more certs with diffrent "names" just to see if this makes a diffrence. I might be wrong what the real FQDN is or better what windows believe it should be :) regards Markus Am 12.04.2017 um

Re: Free firmware for AR9285

On Thu, Apr 13, 2017 at 11:08:56AM +0200, Stefan Sperling wrote: > On Wed, Apr 12, 2017 at 06:14:36PM -0400, thinkpad-e535-user wrote: > > I'm wondering why does Atheros AR9285 need binary firmware on OpenBSD? > > According to this wikipedia article [1] it works on Linux and FreeBSD > > with some

Re: OpenIKED and Windows 10 Client

just to be clear I don't need to install the client cert on the openbsd machine? And since this is eating up my time I might switch back to ikev1 and isakmpd. At least there I know I get it done regards markus Am 13.04.2017 um 10:13 schrieb Markus Rosjat: As I stated befor I did all the

6.1: dnsmasq unresponsive?

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi folks, is it just me, or is the new dnsmasq unresponsive? dig @127.0.0.1 heise.de A +short gets stuck. Moving back to the old dnsmasq provided for 6.0 there is no such problem. dnsmasq.conf: server=8.8.4.4 Every helpful

Re: Adding default IPv6 route fails on 6.1

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Hi Sterling, On 04/12/17 01:20, Sterling Archer wrote: > Hello everyone. > > After upgrading to 6.1 about an hour ago, I noticed that I didn't have an > IPv6 connection anymore. > > I use dhcpcd over a pppoe session, which worked fine in

Re: DHCP over bridge(4) was: OpenBSD as a non-routing access point

On Thu, April 13, 2017 9:00 am, Stuart Henderson wrote: > On 2017-04-12, trondd wrote: >> >> I have this problem as well. DHCP requests go out over the bridge to >> the >> main interface. The response comes back to the main interface but never >> goes to the bridge. >>

upgrading on vultr.com: make sure to select the bsd.mp set

Upgrading a couple of virtual machines hosted at vultr.com from 6.0 to 6.1 just now, we were a bit suprprised that after the upgrade the system booted the 6.0 bsd kernel, and of course during startup pfctl gave an error message that I correctly assumed came from kernel/userland mismatch. The fix

Re: xenodm and .kshrc

On Fri, Apr 14, 2017 at 11:45:05AM +0800, Adam Steen wrote: > Hi > > I used to start X using startx and when opening terminal my .kshrc > would get run, > > but now i have switched to xenodm, my .kshrc is not being executed. > > my .profile has "export ENV=$HOME/.kshrc" > > what i am i

xenodm and .kshrc

Hi I used to start X using startx and when opening terminal my .kshrc would get run, but now i have switched to xenodm, my .kshrc is not being executed. my .profile has "export ENV=$HOME/.kshrc" what i am i missing? Cheers Adam

Re: xenodm and .kshrc

Thanks Theo If you start X with xdm, then you need to either A) manually set ENV (or source your entire .profile) from your .xsession that xdm invokes from https://cvsweb.openbsd.org/cgi-bin/cvsweb/~checkout~/www/faq/faq8.html?rev=1.308=text/html#ksh did the trick On Fri, Apr 14, 2017 at 1:01

Re: OpenBSD as a non-routing access point

On 2017-04-12, trondd wrote: > > I have this problem as well. DHCP requests go out over the bridge to the > main interface. The response comes back to the main interface but never > goes to the bridge. > > I'm trying to use vmm VMs on a bridge. I've tried set skip on

Re: Free firmware for AR9285

>And in case this wasn't clear, note that athn firmware is needed for USB >devices only! The PCI devices supported by our athn(4) driver do not >require firmware. Ah, yes, athn(4) man page states it pretty clear. I'm sorry.

Re: OpenBSD as a non-routing access point

On 2017-04-12, Jordon wrote: > When one buys a linksys/netgear/whatever “Wireless Access Point”, it is > often intended to be a full Internet gateway (router, NAT, DHCP, etc) that > also does wifi. Those tend to get called "router" or "wireless gateway" or similar, AP

Re: DHCP over bridge(4) was: OpenBSD as a non-routing access point

Works for me. Bridge0 tap0 tap1 em0 vether0 Important: em0 (link to LAN) must not be configured with an IP Adresse. If you need an address for your host usw vether0

Re: upgrading on vultr.com: make sure to select the bsd.mp set

On Thu, Apr 13, 2017 at 04:32:25PM +0200, Peter N. M. Hansteen wrote: > Upgrading a couple of virtual machines hosted at vultr.com from 6.0 to > 6.1 just now, we were a bit suprprised that after the upgrade the system > booted the 6.0 bsd kernel, and of course during startup pfctl gave an > error

Re: OpenIKED and Windows 10 Client

Just the CA and server cert need to be installed on the OpenBSD side. On Thu, Apr 13, 2017 at 3:10 AM, Markus Rosjat wrote: > just to be clear I don't need to install the client cert on the openbsd > machine? > > And since this is eating up my time I might switch back to ikev1