Re: Is there an option switch to lower minimum DH strength in SSH client?

2017-11-03 5:06 GMT+01:00 Jacob Leifman : > I was finally able to bring our OpenBSD based Network Management System up > to the current OS release (it was a couple of years out of date) but this > process broke access to a large number of older HP switches on

Re: Is there an option switch to lower minimum DH strength in SSH client?

On 03.11.17 14:37, Janne Johansson wrote: 2017-11-03 5:06 GMT+01:00 Jacob Leifman : I was finally able to bring our OpenBSD based Network Management System up to the current OS release (it was a couple of years out of date) but this process broke access to a

Re: Apollo Lake

Às 17:29 de 02/10/2017, Chris Cappuccio escreveu: The Asrock J3710 is supported with inteldrm and ethernet etc... Predrag Punosevac [punoseva...@gmail.com] wrote: Hi Misc, The motherboard on my desktop machine just died. I would like to go fanless embedded. Something like ASRock J3455-ITX.

Is there an option switch to lower minimum DH strength in SSH client?

I was finally able to bring our OpenBSD based Network Management System up to the current OS release (it was a couple of years out of date) but this process broke access to a large number of older HP switches on our network. Thorough analysis of the problem and study of the source code lead me to

Re: Fail2ban alternative for OpenBSD

On 02.11.17 20:19, Stuart Henderson wrote: On 2017-10-30, Gregory Edigarov wrote: On 29.10.17 03:20, x9p wrote: Coming from the Linux world, I wonder if there is a better alternative to fail2ban, already being used in OpenBSD servers by the majority. I suggest you NEVER

Re: Is there an option switch to lower minimum DH strength in SSH client?

On 11/03/17 08:27, Jacob Leifman wrote: Not quite, I have the converse problem -- using the modern ssh client and being unable to connect to an older embedded ssh server. But your solution indicates that in the ssh server implementation the explicit compatibility mode actually works.

Re: Is there an option switch to lower minimum DH strength in SSH client?

2017-11-03 13:53 GMT+01:00 Gregory Edigarov : > You should be asking HP how come they can't keep the free sshd code >> updated, >> if security is your prime concern, not ask openbsd to lower everyone elses >> security. >> >> I think for most vendors, it is a rather

Re: Is there an option switch to lower minimum DH strength in SSH client?

On Fri, Nov 03, 2017 at 02:53:53PM +0200, Gregory Edigarov wrote: > I think for most vendors, it is a rather administrative, than technical > question. > Yes, their technical people can update code, yes they can do it quick, but > their management is slow... Often, the same management is telling

Re: Is there an option switch to lower minimum DH strength in SSH client?

Je 2017-11-03 05:06, Jacob Leifman skribis: I was finally able to bring our OpenBSD based Network Management System up to the current OS release (it was a couple of years out of date) but this process broke access to a large number of older HP switches on our network. Thorough analysis of the

FOSDEM 2018 - Distributions Devroom Call for Participation

Online at: https://lists.fosdem.org/pipermail/fosdem/2017-October/002648.html The Distributions devroom will take place Sunday 4 February 2018 at FOSDEM, in Brussels, Belgium at the Université Libre de Bruxelles. For this year's distributions devroom, we want to focus on the ways that

Re: Is there an option switch to lower minimum DH strength in SSH client?

Chris Turner writes: > Encryption options can be selected by the client so long as they are available Which is the issue. The change to usr.bin/ssh/dh.h was: -#define DH_GRP_MIN 1024 +#define DH_GRP_MIN 2048 So the new DH_GRP_MIN value of 2048 is compiled

Re: Is there an option switch to lower minimum DH strength in SSH client?

On 03/11/17 15:27, Jacob Leifman wrote: >> KexAlgorithms +diffie-hellman-group1-sha1 >> Ciphers +aes128-cbc >> >> Regards >> > > Hi, > > Not quite, I have the converse problem -- using the modern ssh client and > being unable to connect to an older embedded ssh server. But your solution >

Re: Is there an option switch to lower minimum DH strength in SSH client?

On Fri, Nov 03, 2017 at 12:06:22AM -0400, Jacob Leifman wrote: > I was finally able to bring our OpenBSD based Network Management System up > to the current OS release (it was a couple of years out of date) but this > process broke access to a large number of older HP switches on our network. >

Re: FAQ14: Growing disk partitions: fdisk

On November 3, 2017 8:41:20 AM GMT+01:00, Otto Moerbeek wrote: >On Fri, Nov 03, 2017 at 08:07:37AM +0100, Stephane HUC "PengouinBSD" >wrote: > >> >> Le 11/03/17 à 07:27, Otto Moerbeek a écrit : >> (...) >> > >> > My guess is that if you use duids in fstab then you should call

Re: FAQ14: Growing disk partitions: fdisk

On Fri, Nov 03, 2017 at 05:12:54PM +0100, Alexander Hall wrote: > > > On November 3, 2017 8:41:20 AM GMT+01:00, Otto Moerbeek > wrote: > >On Fri, Nov 03, 2017 at 08:07:37AM +0100, Stephane HUC "PengouinBSD" > >wrote: > > > >> > >> Le 11/03/17 à 07:27, Otto Moerbeek a écrit :

Re: Bad network performance on apu2c4

openbsd "current"... is it 6.1 or 6.2? if 6.2, was it better with 6.1? From a later message of yours, you mention ISP upload, but the OP did not mention it. Are you testing on LAN, WAN or internet? Out of curiosity, I just tested an apu2c4 server with obsd 6.1, against a windows 10 client on

Re: Is there an option switch to lower minimum DH strength in SSH client?

2017-11-03 14:17 GMT+01:00 Jacob Leifman : > On Fri, Nov 3, 2017 at 8:37 AM, Janne Johansson > wrote: > >> 2017-11-03 5:06 GMT+01:00 Jacob Leifman > .org>: >> >>> >>> If your vendor, even with a <1y firmware

Re: Is there an option switch to lower minimum DH strength in SSH client?

On Fri, Nov 3, 2017 at 9:17 AM, Solène Rapenne wrote: > Je 2017-11-03 05:06, Jacob Leifman skribis: > > I was finally able to bring our OpenBSD based Network Management System up >> to the current OS release (it was a couple of years out of date) but this >> process broke access

Re: Is there an option switch to lower minimum DH strength in SSH client?

On Fri, Nov 3, 2017 at 8:37 AM, Janne Johansson wrote: > 2017-11-03 5:06 GMT+01:00 Jacob Leifman >: > >> I was finally able to bring our OpenBSD based Network Management System up >> to the current OS release (it was a couple of years out

Re: FOSDEM 2018 - Distributions Devroom Call for Participation

Hi leo_tck, leo_...@volny.cz wrote on Fri, Nov 03, 2017 at 08:57:52PM +0100: > [I don't normally respond to spam, This is not spam. It is an on-topic posting. Please refrain from insulting people, in particular those posting rarely who may not be very familiar with OpenBSD and might be

Re: FOSDEM 2018 - Distributions Devroom Call for Participation

On Fri, Nov 03, 2017 at 08:57:52PM +0100, leo_...@volny.cz wrote: > "Brian Exelbierd" wrote: > > Online at: > > https://lists.fosdem.org/pipermail/fosdem/2017-October/002648.html > > > > The Distributions devroom will take place Sunday 4 February 2018 at > > FOSDEM, in Brussels,

Re: FAQ14: Growing disk partitions: fdisk

On Fri, Nov 03, 2017 at 05:08:53AM +0100, Stephane HUC "PengouinBSD" wrote: > Hi... > > there seems to be a problem with fsck command on OpenBSD 6.2 amd64 -stable. > > Into the FAQ14, "Growing disk partitions" section, it's written: > > "Before the partition can be mounted again, its integrity

Re: Bad network performance on apu2c4

Rupert Gallagher [r...@protonmail.com] wrote: > Out of curiosity, I just tested an apu2c4 server with obsd 6.1, against a > windows 10 client on LAN with a 1Gbit CISCO switch in between and 9K MTU on > both sides, using iperf3 -P10. The result is a spectacular 950Mbits/sec. > This is not a

Re: Cheap 2x NIC OpenBSD device

Sean Murphy [s.pat.mu...@gmail.com] wrote: > You can install OpenBSD on it. As noted in the thread by techay Ted > Unangst has a good write up on the unit on his blog. > A side note, OpenBSD 6.2-current will take better advantage of the multiple cores using the cnmac interface (or will soon)

RE: FOSDEM 2018 - Distributions Devroom Call for Participation

Hi, [I don't normally respond to spam, but I need to blow off some frustration =)] "Brian Exelbierd" wrote: > Online at: > https://lists.fosdem.org/pipermail/fosdem/2017-October/002648.html > > The Distributions devroom will take place Sunday 4 February 2018 at > FOSDEM, in

Re: Is there an option switch to lower minimum DH strength in SSH client?

>I was finally able to bring our OpenBSD based Network Management System up >to the current OS release (it was a couple of years out of date) but this >process broke access to a large number of older HP switches on our network. >Thorough analysis of the problem and study of the source code lead me

Re: Apollo Lake kernel panic

Pedro Ramos wrote: > Please find attached the dmesg from ASRock J4205-ITX. > > > Best regards, > Pedro Ramos > > > ["asrock.j4205-itx.dmesg.gz" (application/x-gzip)] Unfortunatelly I got one of those few weeks ago and it is nothing but the trouble. The first one died but NewEgg sent me the

Re: Apollo Lake kernel panic

I was able to boot machine which crashed with bsd.sp kernel. Please see message below. That kernel is non-patched kernel as I was running normally bsd.mp kernel. Also I forgot to say in my previous message that I didn't mess with C states (BIOS option). I was also using legacy (not pure UEFI boot)

Re: FAQ14: Growing disk partitions: fdisk

Le 11/03/17 à 07:27, Otto Moerbeek a écrit : (...) > > My guess is that if you use duids in fstab then you should call it by > that name withc fsck (which uses fstab). Alternatively, specify the > mount point. > > -Otto > > Interesting point of view, but: 1/ I've not change the

Re: Bad network performance on apu2c4

On Fri, Nov 3, 2017 at 2:15 AM, Stuart Henderson wrote: > On 2017/11/03 00:10, Christer Solskogen wrote: > > On Thu, Nov 2, 2017 at 7:24 PM, Stuart Henderson > > wrote: > > > > Forwarding is kernel-only and should be faster than userland > >

Re: FAQ14: Growing disk partitions: fdisk

> => But then why is it written in the FAQ this below, since it doesn't > seem to work? (at least with stable amd64 OpenBSD) i tested it before giving my ok, but apparently i overlooked this detail. fixed, thanks

Re: FAQ14: Growing disk partitions: fdisk

On Fri, Nov 03, 2017 at 08:07:37AM +0100, Stephane HUC "PengouinBSD" wrote: > > Le 11/03/17 à 07:27, Otto Moerbeek a écrit : > (...) > > > > My guess is that if you use duids in fstab then you should call it by > > that name withc fsck (which uses fstab). Alternatively, specify the > > mount