--- Log opened Sun Oct 13 00:00:52 2024
00:03 -!- tozhu [~tozhu@222.210.190.90] has joined #openbsd
00:03 -!- ikarso [uid475540@id-475540.tinside.irccloud.com] has quit [Quit: Connection closed for inactivity]
00:12 -!- format_c [~format_c@2a02:b98:f181:4094:f550:7488:2d5:5ffa] has quit [Quit: format_c]
00:16 -!- msi [~msi@user/msi] has joined #openbsd
00:27 -!- msi [~msi@user/msi] has quit [Quit: leaving]
00:34 -!- x_x [~xx@user/xx] has quit [Quit: x_x]
00:34 -!- housemate [~housemate@146.70.66.228] has joined #openbsd
00:36 -!- housemate [~housemate@146.70.66.228] has quit [Remote host closed the connection]
00:36 -!- housemate [~housemate@146.70.66.228] has joined #openbsd
00:43 -!- todd [~todd@gateway/tor-sasl/toddf] has quit [Remote host closed the connection]
00:47 < jb1277976> question when using fdisk -e and able to change partitions nothing happens till i make a fs on them right ?
00:48 -!- todd [~todd@gateway/tor-sasl/toddf] has joined #openbsd
00:48 < ssm_> you're editing the partition tables
00:49 < ssm_> not many devices know how to boot of bsd labels directly, so openbsd nests a bsd label inside an mbr/gpt partition by default
00:50 < ssm_> s/o(f)/&\1/
00:56 < xse> Hey, you people experimented with the shiny sshd features coming along 7.6 ? I gave "Match Invalid-User" a go and i'm a bit puzzled
00:56 -!- seninha [~seninha@user/seninha] has quit [Quit: Leaving]
00:57 < xse> > add a "Match invalid-user" predicate to sshd_config Match options that matches when the target username is not valid on the server.
00:58 < xse> it's not clear what being valid means, man says "Invalid-User, which matches when the requested user-name does not match any known account", but then it's not clear what a known account is
00:59 < xse> I gave the following a go and ended up giving myself a penalty: https://clbin.com/wGFkM
00:59 -!- UDENIX [~UDENIX@user/udenix] has quit [Read error: Connection reset by peer]
01:00 < jb1277976> ssm_: there something i can read that explains that ?
01:07 -!- rak [~rak@debian/rak] has quit [Quit: Segmentation fault (core recycled)]
01:11 -!- rak [~rak@debian/rak] has joined #openbsd
01:12 -!- sdds [~sdds@user/sdds] has joined #openbsd
01:14 -!- UDENIX [~UDENIX@user/udenix] has joined #openbsd
01:14 -!- xzdx [~xzdx@user/XZDX] has joined #openbsd
01:19 -!- xzdx [~xzdx@user/XZDX] has quit [Ping timeout: 252 seconds]
01:20 -!- chaky [~chaky@93-140-157-22.adsl.net.t-com.hr] has quit [Ping timeout: 255 seconds]
01:20 < pardis> xse: https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/auth.c.diff?r1=1.161&r2=1.162&f=h suggests "known user" means "getpwnam(3) does not return NULL"
01:22 < pardis> and https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/servconf.c.diff?r1=1.416&r2=1.417&f=h suggests you can get more info about the matching by raising the log level
01:22 -!- chaky [~chaky@93-143-121-89.adsl.net.t-com.hr] has joined #openbsd
01:23 -!- rak [~rak@debian/rak] has quit [Quit: Segmentation fault (core recycled)]
01:24 -!- tozhu [~tozhu@222.210.190.90] has quit [Quit: tozhu]
01:24 -!- rak [~rak@debian/rak] has joined #openbsd
01:27 -!- sdds [~sdds@user/sdds] has quit [Quit: sdds]
01:29 -!- tozhu [~tozhu@222.210.190.90] has joined #openbsd
01:33 < xse> debug3: checking match for 'Invalid-User' user xse host 86.253.103.85 addr 86.253.103.85 laddr 46.23.92.76 lport 1337
01:33 < xse> debug3: match not found
01:34 < xse> must be the way i wrote that config file
01:45 -!- housemate [~housemate@146.70.66.228] has quit [Quit: "I saw it in a tiktok video and thought that it was the most smartest answer ever." ~ AnonOps Radio ::: I AM THE DERIVATIVE I AM GOING TANGENT TO THE CURVE!]
01:48 -!- izder456 [~user@85.sub-174-192-137.myvzw.com] has joined #openbsd
01:49 -!- izder456 [~user@85.sub-174-192-137.myvzw.com] has quit [Remote host closed the connection]
01:50 -!- housemate [~housemate@146.70.66.228] has joined #openbsd
01:53 -!- byteskeptical [~amnesia@user/byteskeptical] has quit [Ping timeout: 252 seconds]
01:54 < xse> well, i confirmed getpwnam("xse") started as 'sshd' is not null
01:58 -!- chaky [~chaky@93-143-121-89.adsl.net.t-com.hr] has quit [Ping timeout: 252 seconds]
02:00 -!- chaky [~chaky@93-143-194-29.adsl.net.t-com.hr] has joined #openbsd
02:05 -!- mover [~hischild@user/mover] has quit [Quit: leaving]
02:05 -!- byteskeptical [~amnesia@user/byteskeptical] has joined #openbsd
02:15 -!- housemate [~housemate@146.70.66.228] has quit [Quit: "I saw it in a tiktok video and thought that it was the most smartest answer ever." ~ AnonOps Radio ::: I AM THE DERIVATIVE I AM GOING TANGENT TO THE CURVE!]
02:19 -!- sfyatee [~sfyatee@47.150.242.75] has joined #openbsd
02:27 -!- chaky [~chaky@93-143-194-29.adsl.net.t-com.hr] has quit [Ping timeout: 252 seconds]
02:33 -!- chaky [~chaky@93-143-78-76.adsl.net.t-com.hr] has joined #openbsd
02:40 -!- izder456 [~user@85.sub-174-192-137.myvzw.com] has joined #openbsd
02:42 -!- izder456 [~user@85.sub-174-192-137.myvzw.com] has quit [Remote host closed the connection]
02:44 -!- UDENIX [~UDENIX@user/udenix] has quit [Read error: Connection reset by peer]
02:44 -!- chaky [~chaky@93-143-78-76.adsl.net.t-com.hr] has quit [Ping timeout: 252 seconds]
02:44 -!- drathir_tor [~drathir@wireguard/tunneler/drathir] has quit [Ping timeout: 260 seconds]
02:46 -!- drathir_tor [~drathir@wireguard/tunneler/drathir] has joined #openbsd
02:46 -!- chaky [~chaky@93-143-82-192.adsl.net.t-com.hr] has joined #openbsd
02:47 -!- sfyatee [~sfyatee@47.150.242.75] has quit [Remote host closed the connection]
02:47 -!- sfyatee [~sfyatee@47.150.242.75] has joined #openbsd
02:50 -!- chaky [~chaky@93-143-82-192.adsl.net.t-com.hr] has quit [Ping timeout: 246 seconds]
02:52 -!- bargaintreeflow [~bargaintr@user/bargaintreeflow] has quit [Remote host closed the connection]
02:52 -!- chaky [~chaky@93-140-147-169.adsl.net.t-com.hr] has joined #openbsd
02:53 -!- zip100 [~zip100@185.213.155.239] has quit [Ping timeout: 244 seconds]
02:54 -!- zip100 [~zip100@185.209.196.248] has joined #openbsd
02:55 -!- bargaintreeflow [~bargaintr@user/bargaintreeflow] has joined #openbsd
03:01 -!- UDENIX [~UDENIX@user/udenix] has joined #openbsd
03:10 -!- n6bsd [~n6bsd@user/n6bsd] has joined #openbsd
03:15 -!- memset [~memset@gateway/tor-sasl/memset] has quit [Ping timeout: 260 seconds]
03:16 -!- xzdx [~xzdx@user/XZDX] has joined #openbsd
03:17 -!- memset [~memset@gateway/tor-sasl/memset] has joined #openbsd
03:20 -!- housemate [~housemate@146.70.66.228] has joined #openbsd
03:21 -!- xzdx [~xzdx@user/XZDX] has quit [Ping timeout: 248 seconds]
03:21 -!- bargaintreeflow [~bargaintr@user/bargaintreeflow] has quit [Ping timeout: 252 seconds]
03:21 -!- bargaintreeflow_ [~bargaintr@user/bargaintreeflow] has joined #openbsd
03:22 -!- bargaintreeflow_ is now known as bargaintreeflow
03:26 -!- n6bsd [~n6bsd@user/n6bsd] has quit [Quit: leaving]
03:33 -!- izder456 [~user@85.sub-174-192-137.myvzw.com] has joined #openbsd
03:33 < izder456> o/
03:35 -!- housemate [~housemate@146.70.66.228] has quit [Ping timeout: 276 seconds]
03:38 -!- mlw [~mlw@41.73.193.26] has quit [Remote host closed the connection]
03:48 -!- mxz__ [~mxz@user/mxz] has joined #openbsd
03:48 -!- mxz_ [~mxz@user/mxz] has quit [Ping timeout: 245 seconds]
03:48 -!- mxz [~mxz@user/mxz] has quit [Ping timeout: 252 seconds]
03:49 -!- mxz__ is now known as mxz
03:49 -!- ChubaDuba [~ChubaDuba@5.167.115.218] has joined #openbsd
03:49 < jb1277976> \o
03:57 -!- chaky [~chaky@93-140-147-169.adsl.net.t-com.hr] has quit [Ping timeout: 246 seconds]
03:58 -!- Hossam [~Hossam@102.97.157.218] has joined #openbsd
03:59 -!- chaky [~chaky@93-143-179-133.adsl.net.t-com.hr] has joined #openbsd
04:02 -!- niftily [~niftily@user/niftily] has quit [Quit: leaving]
04:04 -!- zcheng3 [~zcheng3@d108-173-21-8.abhsia.telus.net] has quit [Ping timeout: 252 seconds]
04:05 -!- mischief [~mischief@2601:646:100:23:2efd:a1ff:feba:38aa] has quit [Quit: WeeChat 4.4.2]
04:05 -!- mischief [~mischief@2601:646:100:23::c0ca:c01a] has joined #openbsd
04:06 -!- Hossam [~Hossam@102.97.157.218] has quit [Remote host closed the connection]
04:07 -!- Hossam [~Hossam@102.97.157.218] has joined #openbsd
04:08 -!- tozhu [~tozhu@222.210.190.90] has quit [Quit: tozhu]
04:09 < mischief> figure out how to get chosen addresses from slaac pd. kinda neat :)
04:09 < mischief> figured*
04:10 -!- Hossam [~Hossam@102.97.157.218] has quit [Remote host closed the connection]
04:11 -!- deltahotel [~deltahote@user/deltahotel] has joined #openbsd
04:12 -!- deltahotel [~deltahote@user/deltahotel] has quit [Client Quit]
04:14 < jb1277976> i just had a fun time in /usr/games :P
04:14 -!- housemate [~housemate@146.70.66.228] has joined #openbsd
04:21 -!- Aedil [~adrian@146.52.104.238] has joined #openbsd
04:28 -!- zorz [~zorz@user/zorz] has quit [Quit: leaving]
04:28 -!- zorz [~zorz@user/zorz] has joined #openbsd
04:29 -!- mbuhl [~mbuhl@user/mbuhl] has quit [Remote host closed the connection]
04:30 -!- mbuhl [~mbuhl@user/mbuhl] has joined #openbsd
04:30 -!- mbuhl [~mbuhl@user/mbuhl] has quit [Remote host closed the connection]
04:30 -!- izder456` [~user@85.sub-174-192-137.myvzw.com] has joined #openbsd
04:33 -!- jedesa [~Thunderbi@user/jedesa] has quit [Remote host closed the connection]
04:35 -!- housemate [~housemate@146.70.66.228] has quit [Remote host closed the connection]
04:36 -!- kittybrained [~MAINT@85-67-67-115.pool.digikabel.hu] has joined #openbsd
04:36 -!- kittybrained [~MAINT@85-67-67-115.pool.digikabel.hu] has quit [Quit: kittybrained]
04:38 -!- housemate [~housemate@146.70.66.228] has joined #openbsd
04:39 -!- housemate [~housemate@146.70.66.228] has quit [Remote host closed the connection]
04:39 -!- housemate [~housemate@146.70.66.228] has joined #openbsd
04:39 -!- mbuhl [~mbuhl@user/mbuhl] has joined #openbsd
04:41 -!- tozhu [~tozhu@117.139.163.129] has joined #openbsd
04:43 -!- zwr [~zwr@191-45-63-105.user3p.vtal.net.br] has quit [Ping timeout: 245 seconds]
04:47 -!- deltahotel [~deltahote@user/deltahotel] has joined #openbsd
04:52 -!- zwr [~zwr@191-45-63-105.user3p.vtal.net.br] has joined #openbsd
04:53 -!- hwpplayer1 [~user@user/hwpplayer1] has joined #openbsd
04:58 -!- hwpplayer1 [~user@user/hwpplayer1] has quit [Read error: Connection reset by peer]
05:01 -!- deltahotel [~deltahote@user/deltahotel] has quit [Read error: Connection reset by peer]
05:12 -!- zimmer__ [~zimmer@user/zimmer] has joined #openbsd
05:16 -!- Poster [~poster@syn-024-210-086-224.res.spectrum.com] has quit [Ping timeout: 246 seconds]
05:18 -!- xzdx [~xzdx@user/XZDX] has joined #openbsd
05:23 -!- xzdx [~xzdx@user/XZDX] has quit [Ping timeout: 252 seconds]
05:29 -!- solarsparq [~quassel@108.174.50.37] has quit [Ping timeout: 260 seconds]
05:31 < housemate> PATRONS
05:31 < housemate> PATRONS
05:31 < housemate> high
05:32 < housemate> uh, PLEASE could some BODY please tell me, just how simple of a matter is it to boot bsd alongside my other *nix and like, y'know...
05:35 -!- deltahotel [~deltahote@user/deltahotel] has joined #openbsd
05:35 -!- deltahotel [~deltahote@user/deltahotel] has quit [Read error: Connection reset by peer]
05:35 < thrig> I dabbled with dual booting back in the 1990s. I was young?
05:38 < betabug> housemate: if you have 2 separate (physical) disks, it's pretty straight forward, otherwise be very careful
05:38 < pardis> I have no experience with "like, y'know", sorry
05:38 -!- housemate [~housemate@146.70.66.228] has quit [Ping timeout: 252 seconds]
05:41 -!- euphores [~SASL_euph@user/euphores] has quit [Quit: Leaving.]
05:41 -!- solarsparq [~quassel@108.174.50.37] has joined #openbsd
05:44 -!- shiranaihito_ [~shiranaih@ppp-124-122-56-206.revip2.asianet.co.th] has joined #openbsd
05:47 -!- euphores [~SASL_euph@user/euphores] has joined #openbsd
05:51 -!- deltahotel [~deltahote@user/deltahotel] has joined #openbsd
05:53 -!- zimmer [~zimmer@user/zimmer] has joined #openbsd
05:53 -!- zimmer__ [~zimmer@user/zimmer] has quit [Ping timeout: 248 seconds]
05:55 -!- mxz_ [~mxz@user/mxz] has joined #openbsd
05:55 -!- ikarso [uid475540@id-475540.tinside.irccloud.com] has joined #openbsd
05:56 < jb1277976> is install.fs an img ?
05:57 -!- deltahotel [~deltahote@user/deltahotel] has quit [Read error: Connection reset by peer]
05:57 < jb1277976> also how eould i use it ?
05:57 < jb1277976> would*
05:58 -!- sfyatee [~sfyatee@47.150.242.75] has quit [Remote host closed the connection]
06:01 -!- deltahotel [~deltahote@user/deltahotel] has joined #openbsd
06:01 -!- xzdx [~xzdx@user/XZDX] has joined #openbsd
06:02 < jb1277976> ncm fs got rensmed to img
06:03 < jb1277976> nvm*
06:04 -!- housemate [~housemate@9ykysft4w41xgbmlrmcp.ip6.superloop.au] has joined #openbsd
06:06 -!- xzdx [~xzdx@user/XZDX] has quit [Ping timeout: 255 seconds]
06:06 < mischief> housemate: it is easy but you are difficult
06:07 < housemate> hah'
06:08 -!- tozhu [~tozhu@117.139.163.129] has quit [Quit: tozhu]
06:10 < mischief> with uefi it is very easy, so long as you either setup boot entries correctly, or configure your chosen bootloader correctly
06:10 < mischief> or use the efi shell as your bootloader, and type your chosen os loader at the prompt
06:12 -!- ovalenti [~ovalenti@alille-458-1-26-106.w86-228.abo.wanadoo.fr] has joined #openbsd
06:14 -!- ovalenti [~ovalenti@alille-458-1-26-106.w86-228.abo.wanadoo.fr] has left #openbsd []
06:15 -!- tozhu [~tozhu@117.139.163.129] has joined #openbsd
06:15 -!- ovalenti [~ovalenti@alille-458-1-26-106.w86-228.abo.wanadoo.fr] has joined #openbsd
06:16 -!- ovalenti is now known as etno
06:16 -!- etno [~ovalenti@alille-458-1-26-106.w86-228.abo.wanadoo.fr] has left #openbsd []
06:16 -!- tozhu [~tozhu@117.139.163.129] has quit [Client Quit]
06:18 -!- housemate [~housemate@9ykysft4w41xgbmlrmcp.ip6.superloop.au] has quit [Quit: "I saw it in a tiktok video and thought that it was the most smartest answer ever." ~ AnonOps Radio ::: I AM THE DERIVATIVE I AM GOING TANGENT TO THE CURVE!]
06:19 -!- ChubaDuba [~ChubaDuba@5.167.115.218] has quit [Quit: WeeChat 4.4.2]
06:22 -!- tozhu [~tozhu@117.139.163.129] has joined #openbsd
06:23 < deimosBSD> anyone have issues with vncserver/vnc over ssh since upgrading to 7.6?
06:24 -!- tozhu [~tozhu@117.139.163.129] has quit [Client Quit]
06:24 < deimosBSD> with 7.5 it's fast and responsive, under 7.6, I get 30-90 second periods where the session seems to freeze
06:24 < deimosBSD> yet my ssh connection is live and responsive as always
06:25 -!- tozhu [~tozhu@117.139.163.129] has joined #openbsd
06:25 < deimosBSD> same config as pre-7.6
06:25 -!- AlaskanEmily [~AlaskanEm@user/alaskanemily] has quit [Remote host closed the connection]
06:26 -!- tozhu [~tozhu@117.139.163.129] has quit [Client Quit]
06:26 -!- Aedil [~adrian@146.52.104.238] has quit [Ping timeout: 252 seconds]
06:26 -!- housemate [~housemate@9ykysft4w41xgbmlrmcp.ip6.superloop.au] has joined #openbsd
06:28 -!- sfyatee [~sfyatee@47.150.242.75] has joined #openbsd
06:33 -!- sfyatee [~sfyatee@47.150.242.75] has quit [Client Quit]
06:33 -!- welcome [~Windshiel@120.20.71.194] has joined #openbsd
06:35 < welcome> HELO
06:36 < welcome> I downloaded earlier today the install76.img and installed it. Before booting the new system I checked the sha256 hash and....
06:36 < welcome> \it failed!!!!!
06:36 < welcome> so I thought, what to do
06:36 < welcome> What indeed
06:36 < welcome> Hum
06:37 -!- sandbag [~sandbag@user/sandbag] has joined #openbsd
06:37 < welcome> I have downloaded this img again and I will get the SHA256 again and test it (again)
06:38 < welcome> Was there really a problem today or am I just equipped with an USF?
06:41 -!- deltahotel [~deltahote@user/deltahotel] has quit [Read error: Connection reset by peer]
06:42 < welcome> usf = unknown stupid factor
06:42 -!- hwpplayer1 [~user@user/hwpplayer1] has joined #openbsd
06:43 -!- tozhu [~tozhu@117.139.163.129] has joined #openbsd
06:45 < welcome> I'm going to replace my USF with a plasma toroid
06:46 < jb1277976> https://www.openbsd.org/faq/faq4.html
06:47 < jb1277976> The install76.iso and install76.img images do not contain an SHA256.sig file, so the installer will complain that it can't check the signature of the included sets: 
06:47  * welcome does some cool techy stuff and chrome begins to install on the freebsd system currently standing in
06:47 < welcome> su
06:48 < welcome> eternal
06:48 < jb1277976> night
06:48 < welcome> argh
06:48 < welcome> now everybody knows my root password
06:49  * welcome looks down at my shoes
06:49 < welcome> Don't worry! WE don't want to hurt You!! We only want to have some fun!
06:51 < welcome> I did read the website about doing it
06:51 < lts> Well it was in rockyou.txt so we knew it already
06:51 < welcome> Perhaps I gotthe wrong SHA256
06:52 < lts> Also, you should use "su -" instead of "su" to get the proper environment
06:56 -!- tozhu [~tozhu@117.139.163.129] has quit [Quit: tozhu]
06:56 -!- tozhu [~tozhu@117.139.163.129] has joined #openbsd
07:01 -!- tozhu [~tozhu@117.139.163.129] has quit [Client Quit]
07:02 -!- tozhu [~tozhu@117.139.163.129] has joined #openbsd
07:04 -!- tozhu [~tozhu@117.139.163.129] has quit [Client Quit]
07:05 -!- tozhu [~tozhu@117.139.163.129] has joined #openbsd
07:06 -!- deltahotel [~deltahote@user/deltahotel] has joined #openbsd
07:06 -!- deltahotel [~deltahote@user/deltahotel] has quit [Read error: Connection reset by peer]
07:07 -!- tozhu [~tozhu@117.139.163.129] has quit [Client Quit]
07:11 -!- deltahotel [~deltahote@user/deltahotel] has joined #openbsd
07:12 -!- adig [~default@185.53.199.84] has joined #openbsd
07:12 < welcome> sucess
07:12 < welcome> this time it passed the test
07:12 -!- tozhu [~tozhu@117.139.163.129] has joined #openbsd
07:13 < welcome> I must have been unlucky becasue it was the same link I clicked as before for the image and the SHA256 file
07:14 -!- tozhu [~tozhu@117.139.163.129] has quit [Client Quit]
07:16 -!- tozhu [~tozhu@117.139.163.129] has joined #openbsd
07:16 -!- housemate [~housemate@9ykysft4w41xgbmlrmcp.ip6.superloop.au] has quit [Quit: "I saw it in a tiktok video and thought that it was the most smartest answer ever." ~ AnonOps Radio ::: I AM THE DERIVATIVE I AM GOING TANGENT TO THE CURVE!]
07:17 < welcome> I must leave
07:17 < welcome> Please try to find a wy to forgive me
07:18  * welcome prepares to install openbsd 76
07:18 -!- tozhu [~tozhu@117.139.163.129] has quit [Client Quit]
07:18 -!- welcome [~Windshiel@120.20.71.194] has quit [Read error: Connection reset by peer]
07:18 < ssm_> welcome: I would recommend a stronger password than 7 character all lowercase word
07:19 < ssm_> a good way to make a password is just to make a sentence that's easy for you to memorize
07:19 -!- tozhu [~tozhu@117.139.163.129] has joined #openbsd
07:19 < ssm_> like 'linux is cool but openbsd is better'
07:21 -!- tozhu [~tozhu@117.139.163.129] has quit [Client Quit]
07:22 -!- tozhu [~tozhu@117.139.163.129] has joined #openbsd
07:24 -!- tozhu [~tozhu@117.139.163.129] has quit [Client Quit]
07:25 -!- tozhu [~tozhu@117.139.163.129] has joined #openbsd
07:25 -!- housemate [~housemate@2401:d002:b902:e01:68a5:e8f4:5049:d145] has joined #openbsd
07:31 -!- tozhu [~tozhu@117.139.163.129] has quit [Quit: tozhu]
07:32 -!- tozhu [~tozhu@117.139.163.129] has joined #openbsd
07:33 -!- izder456` [~user@85.sub-174-192-137.myvzw.com] has quit [Remote host closed the connection]
07:33 -!- izder456 [~user@85.sub-174-192-137.myvzw.com] has quit [Remote host closed the connection]
07:34 -!- housemate [~housemate@2401:d002:b902:e01:68a5:e8f4:5049:d145] has quit [Quit: "I saw it in a tiktok video and thought that it was the most smartest answer ever." ~ AnonOps Radio ::: I AM THE DERIVATIVE I AM GOING TANGENT TO THE CURVE!]
07:34 -!- frkzoid [~frkazoid3@2603-9000-cff0-9b10-8493-e8e9-8e8b-cc77.inf6.spectrum.com] has joined #openbsd
07:35 -!- znedw08 [~znedw@home.znedw.com] has quit [Quit: Ping timeout (120 seconds)]
07:36 -!- znedw08 [~znedw@home.znedw.com] has joined #openbsd
07:36 -!- tozhu [~tozhu@117.139.163.129] has quit [Client Quit]
07:37 -!- frkazoid333 [~frkazoid3@2603-9000-cff0-9b10-8493-e8e9-8e8b-cc77.inf6.spectrum.com] has quit [Ping timeout: 245 seconds]
07:38 -!- tozhu [~tozhu@117.139.163.129] has joined #openbsd
07:44 -!- tozhu [~tozhu@117.139.163.129] has quit [Quit: tozhu]
07:46 -!- tozhu [~tozhu@117.139.163.129] has joined #openbsd
07:46 -!- theruran [uid11305@id-11305.hampstead.irccloud.com] has quit [Quit: Connection closed for inactivity]
07:48 -!- tozhu [~tozhu@117.139.163.129] has quit [Client Quit]
07:54 -!- lavaball [~Melissa@31.204.155.215] has joined #openbsd
07:58 -!- o0x1eef [~user@user/o0x1eef] has quit [Quit: Quit]
08:00 -!- UDENIX [~UDENIX@user/udenix] has quit [Read error: Connection reset by peer]
08:00 -!- geekthattweaks [uid433447@user/geekthattweaks] has quit [Quit: Connection closed for inactivity]
08:01 -!- tozhu [~tozhu@117.139.163.129] has joined #openbsd
08:03 -!- jedesa [~Thunderbi@user/jedesa] has joined #openbsd
08:03 -!- tozhu [~tozhu@117.139.163.129] has quit [Client Quit]
08:04 -!- lockywolf [~lockywolf@public.lockywolf.net] has quit [Quit: ZNC 1.8.2 - https://znc.in]
08:05 -!- tozhu [~tozhu@117.139.163.129] has joined #openbsd
08:06 -!- lockywolf [~lockywolf@2a03:6000:6f63:638::2] has joined #openbsd
08:07 -!- tozhu [~tozhu@117.139.163.129] has quit [Client Quit]
08:07 -!- ixc [~x@user/ixc] has joined #openbsd
08:09 -!- tozhu [~tozhu@117.139.163.129] has joined #openbsd
08:11 -!- tozhu [~tozhu@117.139.163.129] has quit [Client Quit]
08:13 -!- ChubaDuba [~ChubaDuba@176.212.40.154] has joined #openbsd
08:14 -!- tozhu [~tozhu@117.139.163.129] has joined #openbsd
08:17 -!- UDENIX [~UDENIX@user/udenix] has joined #openbsd
08:17 -!- ivdsangen [~ivo@86-95-161-96.fixed.kpn.net] has joined #openbsd
08:20 -!- makr [~textual@2001:8f8:1a2d:ad62:54dc:9133:c:e5b8] has quit [Read error: Connection reset by peer]
08:22 -!- Warr1024 [~Warr@user/warr1024] has quit [Killed (tantalum.libera.chat (Nickname regained by services))]
08:22 -!- Warr1024 [~Warr@user/warr1024] has joined #openbsd
08:24 -!- CrashOverride [~strcat@p57b4b67c.dip0.t-ipconnect.de] has joined #openbsd
08:30 -!- makr [~textual@2001:8f8:1a2d:ad62:9b3:585a:607f:2528] has joined #openbsd
08:32 -!- sandbag [~sandbag@user/sandbag] has quit [Ping timeout: 265 seconds]
08:33 -!- Guest5150 [~devon@tilde.town] has quit [Ping timeout: 245 seconds]
08:38 -!- hwpplayer1 [~user@user/hwpplayer1] has quit [Remote host closed the connection]
08:45 -!- Warr1024 [~Warr@user/warr1024] has quit [Quit: Warr1024]
08:46 -!- o0x1eef [~user@user/o0x1eef] has joined #openbsd
08:46 -!- Warr1024 [~Warr@user/warr1024] has joined #openbsd
08:47 -!- deltahotel [~deltahote@user/deltahotel] has quit [Quit: deltahotel]
09:02 -!- drathir_tor [~drathir@wireguard/tunneler/drathir] has quit [Ping timeout: 260 seconds]
09:03 -!- solaare [~solaarae@user/solaarae] has quit [Remote host closed the connection]
09:05 -!- solaare [~solaarae@user/solaarae] has joined #openbsd
09:19 -!- noone [~six@user/six] has quit [Quit: nyaa~]
09:22 -!- rusty2 is now known as qiy
09:23 < betabug> but then you forget which one was better and get confused all the time :-/
09:37 < sir-photch> ssm_: Now, if someone knew you and your preferences, they would have a higher chance of cracking that password
09:40 -!- zimmer [~zimmer@user/zimmer] has quit [Ping timeout: 252 seconds]
09:41 -!- MAINT [~MAINT@user/maint] has joined #openbsd
09:41 -!- drathir_tor [~drathir@wireguard/tunneler/drathir] has joined #openbsd
09:47 -!- UDENIX [~UDENIX@user/udenix] has quit [Read error: Connection reset by peer]
09:49 -!- billchenchina- [~billchenc@103.152.35.21] has joined #openbsd
09:49 -!- xzdx [~xzdx@user/XZDX] has joined #openbsd
09:50 -!- d-ra [~d-ra@user/d-ra] has joined #openbsd
09:52 < mischief> work used to have a strict password rotation policy so i used use a script that took a few words from /usr/share/dict/ plus a big number
09:52 < mischief> remebering them initially was a pain but it was better than coming up with passwords myself
09:53 < betabug> is it enough to increase the number on password rotation?
09:53 < betabug> my password is: "I went on irc and all I got was this passphrase"
09:54 -!- xzdx [~xzdx@user/XZDX] has quit [Ping timeout: 252 seconds]
09:54 < mischief> if you are just trying to dodge a password rotation policy sure
09:55 < betabug> most password rotation policies are bullsh*t, so yes
09:55 < mischief> my company eventually ended the policy, since 2fa everywhere + vpn for critical services made it mostly moot
09:56 < betabug> yeah, much better idea
09:56 < betabug> at least when 2fa is done properly
09:57 < betabug> I have one phone app where the 2nd f is an sms they send you ... "dude, at this point the attacker would be holding the phone in his hand, the sms is moot"
09:59 < mischief> sms may never die out in the mainstream
09:59 < mischief> probably too hard to teach the peanut gallery to do something else like totp
09:59 < betabug> if people stop using it, 2fa will keep it alive
09:59 < betabug> it's a miracle they don't use fax machines for 2fa
10:00 < mischief> i meant specifically as a second factor
10:00 < mischief> sms will not die for decades for its original purpose :)
10:00 < betabug> sure
10:00 < betabug> I think for a phone app finding a meaningful 2nd factor is difficult
10:01 -!- emmanuelux [~emmanuelu@user/emmanuelux] has joined #openbsd
10:01 < betabug> if "something you have" is the phone ... and the phone is the thing you are trying to secure
10:01 -!- finkfox [~finkfox@user/finkfox] has joined #openbsd
10:02 -!- UDENIX [~UDENIX@user/udenix] has joined #openbsd
10:02 < finkfox> hi. does anyone know how to get a thinkpad thunderbolt 3 gen 2 docking station to work with openbsd?
10:03 < finkfox> when connected, xrandr will detect the external monitor, but sub devices (keyboard, mouse) are not detected.
10:03 < mischief> betabug: it's a hard problem
10:03 < finkfox> *usb devices
10:05 < betabug> mischief: exactly
10:06 -!- ficonni [~ficonni@109-92-123-228.dynamic.isp.telekom.rs] has joined #openbsd
10:07 -!- MAINT [~MAINT@user/maint] has quit [Quit: MAINT]
10:09 < finkfox> in openbsd-misc someone wrote: "Last time I checked, OpenBSD doesn't support Thunderbolt."
10:12 -!- MAINT [~MAINT@user/maint] has joined #openbsd
10:13 -!- amnesiac [~amnesiac@212.32.208.173] has joined #openbsd
10:14 < amnesiac> Hello
10:15 < amnesiac> congratulations with the new release
10:18 -!- MAINT [~MAINT@user/maint] has quit [Quit: MAINT]
10:18 -!- MAINT [~MAINT@user/maint] has joined #openbsd
10:19 < MAINT> rdrlist
10:19 -!- MAINT [~MAINT@user/maint] has quit [Client Quit]
10:22 < betabug> finkfox: https://jcs.org/2021/01/27/x1nano this says that at least some thunderbold stuff works
10:22 -!- format_c [~format_c@2a02:b98:f181:4094:f550:7488:2d5:5ffa] has joined #openbsd
10:24 < byteskeptical> finkfox: I use that dock, it should work just fine
10:25 < byteskeptical> finkfox: you may have to update the firmware on the dock I had to update mine twice 
10:25 -!- tozhu [~tozhu@117.139.163.129] has quit [Quit: tozhu]
10:25 -!- tozhu [~tozhu@117.139.163.129] has joined #openbsd
10:26 -!- tozhu [~tozhu@117.139.163.129] has quit [Client Quit]
10:28 -!- outofcreativity [~outofcrea@46.23.94.100] has joined #openbsd
10:30 -!- lavaball [~Melissa@31.204.155.215] has quit [Remote host closed the connection]
10:30 < finkfox> byteskeptical: what laptop model are you using?
10:30 < finkfox> betabug: right, jcs writes that the dock should work, though I'm now sure which one he is using.
10:31 < finkfox> how did you update the dock firmware? I need a windows 10 machine it seems.
10:33 < byteskeptical> I've used an M1, framework 13 & 16(intel & amd), and an older x1 
10:35 < finkfox> byteskeptical: how did you achieve the firmware update?
10:36 < finkfox> byteskeptical: older x1, which one?
10:36 < finkfox> byteskeptical: running x1 6th here.
10:36 < byteskeptical> finkfox: yeah you do, I just created a windows usb and booted into that to do it. Unfortunately I don't think lenovo even provides linux a way to update the firmware
10:37 -!- megawatt [~megawatt@user/megawatt] has joined #openbsd
10:37 < finkfox> byteskeptical: is windows iso for usb free nowadays? which windows did you use?
10:38 < byteskeptical> I think mine x1 was a 6th gen
10:38 < byteskeptical> finkfox: honestly haven't checked in quite a while but it should be I used 11 at the time but I know windows has started to pull some free offerings as of late
10:39 < byteskeptical> as long as you can get a legit iso I don't think the version should matter
10:39 -!- cow321 [~deflated8@user/meow/deflated8837] has quit [Ping timeout: 276 seconds]
10:40 < byteskeptical> finkfox: is your dock gen1 or gen2?
10:41 < finkfox> byteskeptical: gen 2
10:41 < finkfox> byteskeptical: downloading win10 iso now.
10:41 < byteskeptical> okay good yeah mine too
10:42 < byteskeptical> cool let me know if you run into any issues
10:42 < finkfox> byteskeptical: i really hope this will work. thank you for your help.
10:42 < byteskeptical> likewise and no problem 
10:49 -!- byteskeptical [~amnesia@user/byteskeptical] has quit [Ping timeout: 252 seconds]
10:56 -!- byteskeptical [~amnesia@user/byteskeptical] has joined #openbsd
11:12 -!- amnesiac [~amnesiac@212.32.208.173] has quit [Ping timeout: 246 seconds]
11:28 -!- Poster [~poster@syn-024-210-086-224.res.spectrum.com] has joined #openbsd
11:33 -!- finkfox [~finkfox@user/finkfox] has quit [Ping timeout: 252 seconds]
11:37 -!- bob_x1 [~bob_x@user/bob-x1/x-8934932] has quit [Quit: MirC]
11:37 -!- Aedil [~adrian@146.52.104.238] has joined #openbsd
11:40 -!- bob_x1 [~bob_x@user/bob-x1/x-8934932] has joined #openbsd
11:40 -!- finkfox [~finkfox@user/finkfox] has joined #openbsd
11:41 < sibiria> if you need to temporarily boot windows for some firmware updater thingy, there's something called WinPE
11:41 < sibiria> which is a "live USB" version of windows 8 and 10
11:41 < sibiria> it's quite a lot smaller and simpler to deal with compared to a normal windows installation on e.g. USB SSD/HDD
11:44 -!- shiranaihito_ [~shiranaih@ppp-124-122-56-206.revip2.asianet.co.th] has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
11:53 -!- lavaball [~Melissa@31.204.155.215] has joined #openbsd
11:54 < byteskeptical> sibiria: good to know I was aware of ME but not this PE kernel. Can't seem to find a download of the iso though just the ADK toolset which is suppose to include it
12:00 < betabug> apparently it's an add-on now
12:00 < betabug> "Prior to Windows 10, version 1809, WinPE was included in the ADK and wasn't an add-on"
12:01 < sibiria> it's been a while since i saw something else downloadable out there besides the toolset for building a PE installation
12:01 < sibiria> microsoft used to supply a windows 8.1 PE installer but that disappeared a good while ago
12:01 -!- xzdx [~xzdx@user/XZDX] has joined #openbsd
12:02 < betabug> how would you run a firmware updater with this though?
12:02 < sibiria> it boots up to windows 8/10, so that you can run the windows executable that does the firmware/bios update
12:02 < sibiria> (or any other windows software you may need to run)
12:02 < betabug> aha, ok
12:02 < sibiria> HP and Dell are notorious for providing firmware updates only as windows executables for some of their laptop models
12:03 -!- Luna_UK [bittin@triton.blinkenshell.org] has joined #openbsd
12:03 < sibiria> sometimes Lenovo do the same for their cheaper budget lines
12:03 < betabug> so those can be run, great
12:04 < sibiria> the win 10 PE i keep around is from an unknown source. i'm not entirely sure i trust it. so the few times i use it i actually disconnect the storage devices of the computer i boot it on :p
12:05 < sibiria> i'm sure it's clean, but rather safe than sorry
12:05 -!- xzdx [~xzdx@user/XZDX] has quit [Ping timeout: 245 seconds]
12:05 -!- shiranaihito_ [~shiranaih@2001:fb1:7e:78a9:2d73:6286:2822:84ff] has joined #openbsd
12:07 < sibiria> it's also a license-free product, just like downloading a copy of windows 10/11 is a license-free procedure
12:08 -!- tarxvfz [~tarxvfz@gateway/tor-sasl/tarxvfz] has joined #openbsd
12:08 < sibiria> it's a 700-something mb iso and i'd gladly share it if anyone needs it - with the caveat that the source is unknown and you should take whatever precautions you feel are necessary
12:09 < byteskeptical> yeah but if there is no non-shady way of getting access to it without already having a windows machine to use the ADK on I'm not sure how it can be leveraged by others
12:09 < sibiria> it's a bootable ISO
12:09 < sibiria> building your own PE with the toolset is what requires a pre-existing windows installation (because it builds it from the recovery partition data)
12:10 < sibiria> the ISO i have is a complete ready-to-go bootable win 10 PE
12:13 < byteskeptical> sibiria: right but your missing the point how does someone else get it?
12:13 < sibiria> uh i can upload it anywhere
12:15 < byteskeptical> I mean sure but if you don't even trust your version I don't know how many others will be willing to risk that
12:15 -!- hwpplayer1 [~user@user/hwpplayer1] has joined #openbsd
12:16 < sibiria> i trust it enough with storage disconnected. i'm not pushing it onto anyone, just saying i have a working win pe available if someone is interested in it for solving the problem of windows-only firmware updaters
12:16 < byteskeptical> especially with hardware that have sodered storage where your work-around isn't possible
12:16 < sibiria> if nothing else, just installing windows and building one's own PE works, too, and does not require a windows license key
12:17 < byteskeptical> fair enough
12:20 -!- albus [~albus@2a00:62c0:250f:4300:65c2:1973:98eb:2e0] has joined #openbsd
12:21 -!- hwpplayer1 [~user@user/hwpplayer1] has quit [Read error: Connection reset by peer]
12:35 -!- dooder2 [~dooder@75.164.76.41] has joined #openbsd
12:36 -!- dooder [~dooder@user/dooder] has quit [Ping timeout: 252 seconds]
12:45 -!- deltahotel [~deltahote@user/deltahotel] has joined #openbsd
12:46 -!- cow321 [~deflated8@user/meow/deflated8837] has joined #openbsd
12:52 -!- deltahotel [~deltahote@user/deltahotel] has quit [Read error: Connection reset by peer]
12:54 -!- albus [~albus@2a00:62c0:250f:4300:65c2:1973:98eb:2e0] has quit [Changing host]
12:54 -!- albus [~albus@user/albus] has joined #openbsd
12:54 < albus> Hi, everyone! I am trying to boot OpenBSD on MangoPi MQ-Pro. I has been able to create correct u-boot and flash it on SD-card and boot to u-boot. Then I connected USB stick to my board and successfully loaded installation process. I tried it two times:
12:54 < albus> First time I tried to keep old u-boot and boot from it. I installed it and has been greeted with falling into FEL mode, so boot section no more existing. I manually dd old u-boot again keeping newly created partitions of OpenBSD. After power on it loaded into u-boot and tried to boot to the OpenBSD, but failed with some error.
12:54 < albus> Second time I tried to give OpenBSD whole disk, so it created its own boot section. But got the same FEL mode. Boot of OpenBSD is not compatible with MangoPi.
12:54 < albus> So, I know someone succeeded with the task of running OpenBSD on MangoPi MQ-Pro, it even mentioned on this page:  What did I do wrong? Help me :)
12:57 < albus> Mentioned on this page: https://www.openbsd.org/riscv64.html
12:58 -!- Xenguy [~Xenguy@user/xenguy] has joined #openbsd
12:59 -!- mover [~Houston@user/mover] has joined #openbsd
13:02 -!- deltahotel [~deltahote@user/deltahotel] has joined #openbsd
13:10 -!- shiranaihito_ [~shiranaih@2001:fb1:7e:78a9:2d73:6286:2822:84ff] has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
13:12 -!- albus [~albus@user/albus] has quit [Quit: Client closed]
13:13 -!- deltahotel [~deltahote@user/deltahotel] has quit [Read error: Connection reset by peer]
13:16 -!- tozhu [~tozhu@222.210.190.90] has joined #openbsd
13:18 -!- vezhlys [~vezhlys@213.159.57.238] has quit [Remote host closed the connection]
13:23 -!- raspbeguy [~raspbeguy@wireguard/tunneler/raspbeguy] has quit [Ping timeout: 244 seconds]
13:26 -!- deltahotel [~deltahote@user/deltahotel] has joined #openbsd
13:31 -!- niftily [~niftily@user/niftily] has joined #openbsd
13:33 -!- shiranaihito_ [~shiranaih@ppp-124-122-56-206.revip2.asianet.co.th] has joined #openbsd
13:34 -!- XV8 [~XV8@user/XV8] has joined #openbsd
13:35 -!- tarxvfz [~tarxvfz@gateway/tor-sasl/tarxvfz] has quit [Ping timeout: 260 seconds]
13:42 -!- CosmicDJ [~cosmicdj@p200300e24f00620102e04cfffe01e7ab.dip0.t-ipconnect.de] has joined #openbsd
13:45 -!- sandbag [~sandbag@user/sandbag] has joined #openbsd
13:49 -!- mlw [~mlw@41.73.193.26] has joined #openbsd
13:57 -!- oneeyedalien [~oneeyedal@user/oneeyedalien] has joined #openbsd
14:01 -!- darkst4r [~darkst4r@user/darkst4r] has quit [Quit: Leaving]
14:02 -!- user71 [~user71@2001:1530:1012:ca82:8d06:f912:8bfb:aa71] has joined #openbsd
14:10 -!- x_x [~xx@user/xx] has joined #openbsd
14:10 -!- s3 [~bn@user/bn] has joined #openbsd
14:11 -!- deltahotel [~deltahote@user/deltahotel] has quit [Ping timeout: 246 seconds]
14:13 -!- zwr [~zwr@191-45-63-105.user3p.vtal.net.br] has quit [Read error: Connection reset by peer]
14:13 -!- SOLARIS_s [~SOLARIS_s@pool-99-235-11-104.cpe.net.cable.rogers.com] has joined #openbsd
14:14 -!- xzdx [~xzdx@user/XZDX] has joined #openbsd
14:15 -!- byteskeptical [~amnesia@user/byteskeptical] has quit [Ping timeout: 246 seconds]
14:19 -!- zwr [~zwr@191-45-63-105.user3p.vtal.net.br] has joined #openbsd
14:19 -!- xzdx [~xzdx@user/XZDX] has quit [Ping timeout: 244 seconds]
14:19 < finkfox> so i have obtained a win10 iso. does anyone know how to tranform it into a "bootable win10 from usb stick"? (just needed to install a firmware)
14:20 < finkfox> I'd rather not install WinPE from untrusted source.
14:29 < finkfox> could I install/run windows 10 to vmm/vmd instance?
14:33 -!- sandbag [~sandbag@user/sandbag] has quit [Ping timeout: 252 seconds]
14:34 -!- eightt_ [m-eytojc@ip109-204-226-51.osphost.fi] has joined #openbsd
14:36 -!- eightt [m-eytojc@ip109-204-226-51.osphost.fi] has quit [Ping timeout: 272 seconds]
14:39 -!- eightt_ is now known as eightt
14:43 -!- UDENIX [~UDENIX@user/udenix] has quit [Read error: Connection reset by peer]
14:46 -!- UDENIX [~UDENIX@user/udenix] has joined #openbsd
14:51 -!- finkfox [~finkfox@user/finkfox] has quit [Quit: finkfox]
14:53 -!- b50d [~b50d@2a02:3100:3db1:1e00:3465:bc5a:ddb7:ac58] has joined #openbsd
14:58 -!- byteskeptical [~amnesia@user/byteskeptical] has joined #openbsd
15:04 < eea> not with a serial console
15:04 < eea> no graphics in vmm yet afaik
15:06 -!- R4F4 [~rscastilh@user/R4F4] has joined #openbsd
15:07 -!- tarxvfz [~tarxvfz@gateway/tor-sasl/tarxvfz] has joined #openbsd
15:08 -!- format_c [~format_c@2a02:b98:f181:4094:f550:7488:2d5:5ffa] has quit [Quit: format_c]
15:15 -!- housemate [~housemate@144.130.154.129] has joined #openbsd
15:15 -!- bob_x1 [~bob_x@user/bob-x1/x-8934932] has left #openbsd [MirC ]
15:16 -!- Xenguy [~Xenguy@user/xenguy] has quit [Ping timeout: 252 seconds]
15:22 -!- vdamewood [~vdamewood@fedora/vdamewood] has joined #openbsd
15:27 -!- housemate [~housemate@144.130.154.129] has quit [Ping timeout: 252 seconds]
15:34 -!- break19 [~break19@user/break19] has quit [Quit: https://quassel-irc.org - Chat comfortably. Anywhere.]
15:36 -!- break19 [~break19@user/break19] has joined #openbsd
16:02 -!- s3 [~bn@user/bn] has quit [Remote host closed the connection]
16:05 -!- cmashinho [~artemshel@user/cmashinho] has joined #openbsd
16:05 -!- xzdx [~xzdx@user/XZDX] has joined #openbsd
16:10 -!- xzdx [~xzdx@user/XZDX] has quit [Ping timeout: 260 seconds]
16:15 -!- edem [~edem@178.219.173.103] has joined #openbsd
16:21 < Zerock> what is the proper way to create an rc.d script that runs a shell script? I threw a quick one together based on a stackoverflow post with a similar problem, but my service dies shortly thereafter and I'm not entirely sure why.
16:23 < thrig> or use a cron job, @reboot /your/script/here
16:24 -!- b50d [~b50d@2a02:3100:3db1:1e00:3465:bc5a:ddb7:ac58] has quit [Remote host closed the connection]
16:24 < Zerock> I did think of doing that. Definitely a quick and dirty solution.
16:25 < thrig> or add some lines to /etc/rc.local
16:25 -!- b50d [~b50d@2a02:3100:3db1:1e00:3161:d93a:e36:b3c1] has joined #openbsd
16:27 -!- oneeyedalien [~oneeyedal@user/oneeyedalien] has quit [Ping timeout: 252 seconds]
16:28 -!- edem [~edem@178.219.173.103] has quit [Quit: leaving]
16:35 -!- sodapop [~s0dap0p@user/sodapop] has quit [Remote host closed the connection]
16:38 -!- b50d [~b50d@2a02:3100:3db1:1e00:3161:d93a:e36:b3c1] has quit [Remote host closed the connection]
16:38 -!- setient [~setient@li92-193.members.linode.com] has quit [Ping timeout: 252 seconds]
16:39 -!- chasmo77 [~chas77@c-76-105-254-179.hsd1.or.comcast.net] has quit [Quit: It's just that easy]
16:39 < sibiria> the tricky part is if you want it to keep running in the background and still be able to stop it later
16:40 -!- setient [~setient@li92-193.members.linode.com] has joined #openbsd
16:40 < sibiria> if you want it to fork and do its thing in the background, and eventually exit, you just have to ( wrap your script like this ) &
16:42 < sibiria> if it's something you want to run only once at boot, it's tidier to do that from rc.local like thrig suggested
16:47 -!- cmashinho [~artemshel@user/cmashinho] has quit [Quit: Lost terminal]
16:48 -!- AlaskanEmily [~AlaskanEm@user/alaskanemily] has joined #openbsd
16:57 -!- highplai1sdruid [~highplain@user/highplainsdruid] has quit [Remote host closed the connection]
16:59 -!- finkfox [~finkfox@user/finkfox] has joined #openbsd
16:59 -!- Xenguy [~Xenguy@user/xenguy] has joined #openbsd
17:01 -!- sodapop [~s0dap0p@user/sodapop] has joined #openbsd
17:04 -!- Zerock [~0ck@copyfree/pedant/zerock] has quit [Ping timeout: 265 seconds]
17:05 -!- d-ra [~d-ra@user/d-ra] has quit [Remote host closed the connection]
17:05 -!- format_c [~format_c@2a02:b98:f181:4094:f550:7488:2d5:5ffa] has joined #openbsd
17:08 -!- drathir_tor [~drathir@wireguard/tunneler/drathir] has quit [Ping timeout: 260 seconds]
17:14 -!- drathir_tor [~drathir@wireguard/tunneler/drathir] has joined #openbsd
17:14 -!- niftily [~niftily@user/niftily] has quit [Quit: leaving]
17:15 -!- ikarso [uid475540@id-475540.tinside.irccloud.com] has quit [Quit: Connection closed for inactivity]
17:19 -!- format_c [~format_c@2a02:b98:f181:4094:f550:7488:2d5:5ffa] has quit [Quit: format_c]
17:23 -!- niftily [~niftily@user/niftily] has joined #openbsd
17:23 -!- Zerock [~0ck@copyfree/pedant/zerock] has joined #openbsd
17:23 -!- mijndert [~mijndert@user/mijndert] has joined #openbsd
17:24 -!- Xenguy [~Xenguy@user/xenguy] has quit [Ping timeout: 252 seconds]
17:25 < Zerock> okay so I attempted to put my new openbsd router into service and I'm having two issues which are probably related. The router's DHCP request to the ISP is failing, and my pf rules fail to load. The pf rules fail to load because there are some rules with "from egress" etc which cannot resolve because there is not yet an address associated with "egress". I have also noticed (and reported earlier)
17:25 < Zerock> that pf is interfering with DHCP requests, even though it isn't supposed to. How can I get past this impasse?
17:27 < byteskeptical> Zerock: helps if we have your dhcpleased config, ifconfig output, and pf.conf contents
17:28 < Zerock> alright stand by. that's going to take a minute since it's no longer on the network
17:32 < sibiria> using the egress group is handy in some cases. a hassle in others. i pretty much always specify interfaces explicitly
17:32 < thrig> or load different rules once dns and whatnot is up
17:35 -!- ChubaDuba [~ChubaDuba@176.212.40.154] has quit [Quit: WeeChat 4.4.2]
17:35 < phy1729> pf is likely not actually interfering with DHCP though it may claim to be blocking the packets
17:35 < Zerock> phy1729: I know that it is from previous testing because it would start working after I removed a certain rule and stop working when I added it back
17:35 < Zerock> anyway stand by for dump
17:35 < phy1729> Odd, which rule?
17:36 -!- kattsand [~kattsand@m83-191-119-152.cust.tele2.se] has joined #openbsd
17:37 < finkfox> hi. has anyone succesfully run windows 10 in a virtual machine on openbsd? I've been struggeling getting it to work with vmm / qemu.
17:37 < sibiria> qemu can boot it. vmm cannot
17:38 < Zerock> byteskeptical: https://0x0.st/X6wf.txt
17:38 < Zerock> phy1729: block in quick from urpf-failed
17:38 < finkfox> sibiria: is there a special config I need? qemu fails with: qemu-system-x86_64: cannot set up guest memory 'pc.ram': Cannot allocate memory
17:38 < Zerock> phy1729: antispoof will also break it
17:39 < Zerock> the rule in my dump "pass quick inet proto {tcp udp} from 0.0.0.0 port bootpc to 255.255.255.255 port bootps" is brand new from my attempt to fix it
17:39 < Zerock> I thought it had something to do with the fact that I am bridging the LAN interfaces, but the fact that it's blocking on the external if is distressing
17:40 < Zerock> by the way, to anyone reading, any hostnames mentioned in pf.conf are defined in /etc/hosts
17:40 -!- cow321 [~deflated8@user/meow/deflated8837] has quit [Ping timeout: 255 seconds]
17:42 < IcePic> bridging could make in and out / to and from become weird
17:43 < byteskeptical> Zerock: first issue I see are some of your rules will over-write or undo others based on their position. The openbsd defaults section is not needed as you have a block all above it already. I don't see any rules for dhcp though for v4 or v6
17:44 < IcePic> "pass quick proto udp from any to any port {67,68}" or something to that effect
17:44 < Zerock> byteskeptical: yes that is generally intentional, but maybe you see something I don't. I have an explicit rule to try and let DHCP through. Search for "bootp".
17:45 < Zerock> bootps is 67, bootpc is 68
17:46 < Zerock> oh I guess that rule as written may not pass the responses
17:46 < Zerock> I think the deeper question is why is pf interfering with dhcp at all?
17:46 < sibiria> finkfox: probably something specific needed for BIOS/EFI and CPU, since you need to emulate the entire guest machine. besides that it should suffice with giving it a -cpu/-m/-drive
17:46 < Zerock> everything I can find says it shouldn't
17:46 < IcePic> Zerock: probably because of the bridge
17:46 < IcePic> Zerock: "everything" assumes less trickery
17:47 < Zerock> before I tried putting it into service, I had the "martians" rules disabled because I was testing it within my existing LAN. I suspect that adding that rule back has broken outbound DHCP because it uses 0.0.0.0
17:48 < sibiria> you can quick-pass your dhcp stuff before doing that and antispoof etc., which can get in the way of your dhcp requests getting out
17:48 < Zerock> yeah
17:48 -!- kattsand [~kattsand@m83-191-119-152.cust.tele2.se] has left #openbsd [Leaving]
17:48 < Zerock> which is what I tried to do
17:48 < Zerock> I guess I need to open that rule to all addresses
17:48 < byteskeptical> Zerock: https://0x0.st/X6wt.txt
17:48 < sibiria> pass out on quick on egress proto udp from (egress) port 68 to any port 67, or somesuch
17:48 < sibiria> pass out quick on*
17:49 < byteskeptical> Zerock: some examples rules for some of the missing things I saw
17:49 < byteskeptical> Zerock: if you don't have pass {in|out} quick in the rule then make sure the order is correct as the last maching rule wins
17:50 < Zerock> alright, supposing I solve this... what to do about pf failing to load "egress" rules?
17:50 < IcePic> sibiria: if you dont have dhcp working, you dont have egress interfaces
17:50 < Zerock> or do we think that a quick enough DHCP negotiation will fix that?
17:50 < sibiria> stop using egress
17:50 < sibiria> use fixed interface names
17:50 < IcePic> Zerock: you should know which interface is the external one
17:50 < lts> Hold on, DHCP bypasses PF
17:50 < Zerock> sibiria: I don't see how that will fix anything. igc1 will still not have an address until dhcp finishes
17:50 < byteskeptical> just use the interface until you can get a address then switch if you'd like
17:50 < sibiria> lts: in one direction it does
17:51 < sibiria> Zerock: it doesn't have to
17:51 < sibiria> when you enclose interface names in parens, pf will accommodate for the interface's lack of address etc. and update it in real-time when it changes
17:51 < Zerock> ooooh
17:52 < sibiria> which is why you often see interfaces on the to/from portion being enclosed
17:52 < sibiria> e.g pass in quick on $ext_if from any to ($ext_if) ...
17:53 < byteskeptical> Zerock: you can change {interface} in my rules to your variable of choice
18:02 < Zerock> alright I have updated my rules. see you on the other side, maybe
18:05 < byteskeptical> gl
18:06 -!- Zerock [~0ck@copyfree/pedant/zerock] has quit [Ping timeout: 252 seconds]
18:08 -!- f6k [f6k@otaku.sdf.org] has joined #openbsd
18:08 -!- zorz [~zorz@user/zorz] has left #openbsd []
18:09 < finkfox> sibiria: no I had to increase "ulimit -d"
18:10 < finkfox> next step, either give w10 internet access or share a local folder. the goal is to create a bootable win 10 usb stick.
18:10 < sibiria> it's a very long process
18:11 < finkfox> do you know of a better way?
18:11 < sibiria> there's only one way to create a PE install
18:11 < sibiria> and that's with the ADK toolset and the PE stuff etc.
18:12 < finkfox> I see. uff.
18:12 < sibiria> faster to install windows for real on a USB SSD/HDD and then boot that
18:12 < finkfox> right. good point.
18:12 < finkfox> will try
18:13 < thrig> I used freedos for the last round of dell bios updates
18:13 < finkfox> well then, could I install via the win 10 installer that I can now start with qemu at least? saves the hustle to create win10 installer usb stick.
18:14 < sibiria> no, the emulated guest won't have low-level access to get to the BIOS
18:14 < sibiria> no when you run qemu on openbsd
18:14 < sibiria> in fact i don't think it's even possible to do it that way running qemu under linux, but i may be wrong
18:14 < sibiria> it's quite the "pass-through" scenario
18:15 < finkfox> ok then, how do I create a win10 installer usb stick from openbsd? just dd the iso to the stick?
18:15 -!- siomn [~siomn@50.47.106.89] has joined #openbsd
18:16 < sibiria> that should work if it's one of those modern "hybrid" ISOs
18:16 < finkfox> (what a madness just to update firmware on a thinkpad docking station)
18:16 < finkfox> sibiria: ok will try.
18:17 < lts> The Windows 10 iso is evil and dd will fail. You'll need Linux/Windows/Mac and something like Rufus or "woeusb --target-filesystem NTFS --workaround-bios-boot-flag /path/to/win10.iso /dev/sda"
18:18 -!- lavaball [~Melissa@31.204.155.215] has quit [Remote host closed the connection]
18:19 < lts> Well, technically dd will succeed but the result will fail to work
18:19 -!- Zerock [~0ck@copyfree/pedant/zerock] has joined #openbsd
18:20 < Zerock> alright well that fixed my issue with pf failing to load the rules, but DHCP still isn't working
18:21 < sibiria> see what happens if you run dhclient verbosely on the commandline
18:21 < sibiria> dhclient -dv
18:21 < Zerock> I opened up my rule to "pass quick proto {tcp udp} from any to any port {bootpc bootps}".
18:21 -!- ivdsangen [~ivo@86-95-161-96.fixed.kpn.net] has quit [Quit: https://github.com/ivdsangen]
18:21 < byteskeptical> what does it say when you rcctl -d retart dhcpleased?
18:22 < byteskeptical> Zerock: that's probably not the issue
18:22 < byteskeptical> Zerock: you can confirm by opening a tcpdump session (tcpdump -i pflog0 -ttt -n -e -vv)
18:22 < Zerock> okay I've noted those commands. Any other things to try? I have to go offline again to test so there is high latency to these
18:23 < byteskeptical> lts: must be something new I've definitely made windows 10 usb's in the past
18:23 < byteskeptical> Zerock: that should at least give you more to look into 
18:24 < byteskeptical> finkfox: if you can pass their security checks you can get windows 10 iso from: https://www.microsoft.com/en-us/software-download/windows10ISO
18:24 < finkfox> byteskeptical: I already downloaded the iso
18:24 -!- feriman [~feriman@user/feriman] has joined #openbsd
18:25 < Zerock> biab...
18:25 < finkfox> byteskeptical: it's now about getting to install/boot win10 from external hd
18:25 < niftily> sometimes debian installs firmware
18:25 < niftily> it did for me on thinkpads, several times
18:26 < niftily> don't know about docking stations
18:27 -!- mover [~Houston@user/mover] has quit [Quit: leaving]
18:29 -!- Zerock [~0ck@copyfree/pedant/zerock] has quit [Ping timeout: 252 seconds]
18:29 < byteskeptical> finkfox: you should be able to create a primary bootable fat32 partition or exfat if file size is greate than 4gb and just copy the contents of the iso
18:31 -!- Zerock [~0ck@copyfree/pedant/zerock] has joined #openbsd
18:32 < Zerock> https://0x0.st/X6xK.txt
18:33 < Zerock> I don't know what this means other than it's failing to establish a connection
18:35 < Zerock> what's especially weird to me is that it was working just fine when it was requesting a DHCP lease from my existing router inside the LAN
18:35 < Zerock> so it's like there's something different on my ISP side
18:36 < byteskeptical> Zerock: yeah that's what I was going to ask next is this for your internal network or dhcping from your ISP?
18:36 < Zerock> it's for the ISP now. this is meant to be a router/gateway
18:36 < thrig> running tcpdump is also traditional
18:37 < byteskeptical> what is in your hostname.igc1?
18:37 < Zerock> byteskeptical: inet autoconf and inet6 autoconf
18:39 < Zerock> thrig: sure but what am I looking for? just to see if the request is even going out?
18:39 < thrig> ... yes?
18:39 < byteskeptical> Zerock: is there an up?
18:39 < thrig> then disable the firewall, compare, etc. basic stuff.
18:39 < Zerock> I mean I can look, but as stated it was getting a lease just fine from my existing router, so I know that its current configuration will do DHCP over that interface
18:40 < Zerock> unless the martians rule is sniping it, but that shouldn't be the case since I am short circuiting it before it gets there
18:40 < byteskeptical> Zerock: that's not the point though. Who is your isp sometimes they have specific static allocations or similar limitations
18:41 < Zerock> alright two things
18:41 < Zerock> first, no there is no "up" in hostname.igc1, but ifconfig igc1 shows it as "UP" and I think the manual says that autoconf implies up. second, my existing router is set as a DHCP client on the WAN interface and it works.
18:41 < thrig> maybe the router sets some option (which tcpdump could record....)
18:41 < byteskeptical> Zerock: also what is your updated pf.conf look like?
18:44 < Zerock> https://0x0.st/X6xB.txt
18:46 < byteskeptical> Zerock: your still missing parens around your ext_if
18:46 < byteskeptical> $ext_if -> ($ext_if) in any rule that uses it
18:47 < Zerock> where specifically?
18:47 < Zerock> I'm pretty sure "on $if" should not have parens
18:47 < Zerock> it's just an interface
18:47 < byteskeptical> Zerock: still no dhcp rules?
18:47 < Zerock> I understand why it's needed on "to/from $if"
18:48 < byteskeptical> ok then clearly that's working for you
18:48 < Zerock> byteskeptical: "pass quick log inet proto {tcp udp} from any to any port {bootpc bootps}"
18:48 < Zerock> is that not a dhcp rule?
18:48 -!- adip [~adip@public-gprs386866.centertel.pl] has joined #openbsd
18:48 < byteskeptical> nope
18:48 < byteskeptical> also only ipv4
18:48 < Zerock> I only care about ipv4 right now
18:48 < Zerock> what dhcp rule are you looking for?
18:48 < byteskeptical> which makes sense since dhcpleased is timing out
18:49 -!- SiFuh [~SiFuh@user/sifuh] has quit [Remote host closed the connection]
18:49 -!- Filystyn [~piotr@user/filystyn] has joined #openbsd
18:49 < byteskeptical> I gave you rule examples for this you can use
18:49 -!- SiFuh [~SiFuh@user/sifuh] has joined #openbsd
18:49 < byteskeptical> but check tcpdump and confirm
18:49 -!- siomn [~siomn@50.47.106.89] has left #openbsd []
18:49 < Zerock> I see your rules and I believe the rule I have is even more permissive than the way you did it
18:51 < byteskeptical> Zerock: also in your rule the syntax {tcp udp} is missing a comma
18:51 < Zerock> what?
18:51 < byteskeptical> man pf.conf
18:51 < byteskeptical> {tcp, udp}
18:51 < Zerock> ...
18:51 < Zerock> if I do "pfctl -s rules" it shows as I expect
18:52 < Zerock> and it would say syntax error, would it not?
18:52 -!- absc [~absc@2a04:ee41:8:6055:c6cf:2613:58b:c563] has joined #openbsd
18:52 < byteskeptical> up to you I'm not going to argue if you don't want to read or listen
18:53 < Zerock> I see that your rules have commas, but I don't think they are required. Even the OpenBSD FAQ doesn't use them
18:53 < Zerock> I'm willing to read and listen, but I don't want to waste my time making config changes that don't have an effect, especially when it takes several minutes just to test them
18:54 < byteskeptical> ¯\_(⊙︿⊙)_/¯
18:54 -!- Pixi [~Pixi@user/pixi] has quit [Quit: Leaving]
18:54 < byteskeptical> ok then
18:56 -!- lavaball [~Melissa@31.204.155.215] has joined #openbsd
18:56 < ssm_> _/¯(︿⊙︿)¯\_ la creatura
18:56 < byteskeptical> just copy the FAQ example then and then slowly add your rules
18:57 < Zerock> my config is based on this: https://openbsdrouterguide.net/
18:57 < Zerock> and I did spend many hours adding rules slowly to get it working inside my existing LAN
18:58 < sibiria> i presume your primary external interface's hostname.if is "inet autoconf"?
18:58 < Zerock> yes
18:59 < byteskeptical> ok? I would trust man pages, FAQ in that order. Listen the time sink thing rings hollow at least to me. If you want to get something done and look at it like a waste of time how is someone that is trying to help suppose to look at the endevour?
18:59 -!- cmashinho [~artemshel@user/cmashinho] has joined #openbsd
18:59 < sibiria> and you make sure igc1 really is the interface that has a dhcpd on the other end?
19:00 -!- jfsimon1981 [~jfsimon19@lfbn-lyo-1-1454-239.w86-207.abo.wanadoo.fr] has quit [Remote host closed the connection]
19:00 < Zerock> sibiria: Yes. I have tested this all behind my old router as a sandbox. The only thing different between then and now is that I enabled the martians rule (and now have added an explicit rule to allow traffic on the dhcp ports).
19:00 -!- jfsimon1981 [~jfsimon19@lfbn-lyo-1-1454-239.w86-207.abo.wanadoo.fr] has joined #openbsd
19:02 -!- jfsimon1981 [~jfsimon19@lfbn-lyo-1-1454-239.w86-207.abo.wanadoo.fr] has quit [Remote host closed the connection]
19:02 < Zerock> byteskeptical: I am willing to spend time if that's what it takes, and I don't want to argue. All I'm saying is that the particular suggestion of the commas doesn't make sense given the behavior of the system and the fact that I can confirm it in the rules list after loading my config.
19:02 -!- jfsimon1981 [~jfsimon19@lfbn-lyo-1-1454-239.w86-207.abo.wanadoo.fr] has joined #openbsd
19:03 < sibiria> did you try remove the outbound block towards martians?
19:03 < Zerock> sibiria: no, I was considering that, but I was waiting for other suggestions before I go offline again
19:03 < sibiria> because it's pretty common for ISPs' to manifest a private network on your "WAN" port
19:03 < sibiria> and if you block that, you won't be able to send any dhcp requests there
19:04 < Zerock> well riddle me this
19:04 < Zerock> I have this, ABOVE, the martians rule: pass quick log inet proto {tcp udp} from any to any port {bootpc bootps}
19:04 < Zerock> should that not pass it?
19:04 < byteskeptical> just tcpdump and see for yourself why are you guessing
19:05 < Zerock> because I don't really know what I'm looking for. The addresses during DHCP are all bogus, and it is mixed in with the traffic from my neighbors. I don't understand how the DHCP protocol is supposed to progress to see what's failing.
19:05 -!- Pixi [~Pixi@user/pixi] has joined #openbsd
19:06 < Zerock> unless you mean the pflog, which yes I can do
19:06 < Zerock> well even the pflog may show results mixed with my neighbors since the rule is wide open
19:07 < byteskeptical> Zerock: that command that was given to you earlier will only show blocked packets if you see any dhcp requests (ports 67, 68) then something is blocking 
19:09 < byteskeptical> even tells you the offending rule
19:10 -!- feriman [~feriman@user/feriman] has quit [Quit: leaving]
19:10 < Zerock> is there a way to log all by default rather than having to add "log" to each rule?
19:10 -!- feriman [~feriman@user/feriman] has joined #openbsd
19:11 -!- jb1277976 [~joe@user/jb1277976] has left #openbsd []
19:11 -!- jb1277976 [~joe@user/jb1277976] has joined #openbsd
19:12 < byteskeptical> Zerock: you should just need it on your block all -> block log all
19:12 -!- mlw [~mlw@41.73.193.26] has quit [Ping timeout: 252 seconds]
19:12 < jb1277976> oldlaptop: did you ever get openbsd on those chromebooks ? I've tried everyting 6.4 all the way to 7.6 current with no luck
19:13 < Zerock> I will try that but based on my reading of the manual I think that will cause every incoming packet to be logged (and the "offending rule" will be the block all rule) because I think it logs any match, not just those that are blocked by the end
19:13 < Zerock> anyway I'll try. back in a few minutes
19:14 < byteskeptical> well luckily you only have one dhcp rule
19:18 -!- mlw [~mlw@41.73.193.26] has joined #openbsd
19:20 -!- Aedil [~adrian@146.52.104.238] has quit [Ping timeout: 255 seconds]
19:21 -!- Zerock [~0ck@copyfree/pedant/zerock] has quit [Ping timeout: 276 seconds]
19:30 -!- Zerock [~0ck@copyfree/pedant/zerock] has joined #openbsd
19:31 < Zerock> alright
19:32 < Zerock> so I saw in pflog that the martians rule seemed to be stopping something and disabled it, and now when running dhcpleased I am seeing the same behavior in its log. The only thing in the pflog is the general "block in on $ext_if" which is getting some random igmp queries.
19:33 < Zerock> dhcpleased log still looks like before: https://0x0.st/X6xK.txt
19:36 < Zerock> hmm, I have an idea
19:37 < Zerock> okay yes, so if I plug the new router's WAN port back into my LAN and run dhcpleased, it just works, no problem
19:37 < sibiria> the order of your rules are a bit tangly
19:37 -!- user71 [~user71@2001:1530:1012:ca82:8d06:f912:8bfb:aa71] has quit [Quit: Leaving]
19:37 < Zerock> well the order is tangly because of weird behavior
19:37 < Zerock> we can get into that later
19:37 < sibiria> what if you sort things out a bit and be a bit more permissive, like this: https://dpaste.org/G4HZd/raw
19:38 < sibiria> that's just a quick tidying-up of your rules. it should work, barring some typo
19:39 < sibiria> kill any lease files dhclient/dhcpleased may have created, then run it again on the command line with -dv and see if it actually talks
19:40 < Zerock> well okay let's talk about these rules
19:40 < sibiria> how about you test them first?
19:40 -!- mlw [~mlw@41.73.193.26] has quit [Ping timeout: 245 seconds]
19:40 < sibiria> netstart the ext_if after rules are up and dhcpleased is running
19:41 < sibiria> (just to make sure dhcpleased gets going)
19:41 -!- highplainsdruid [~highplain@user/highplainsdruid] has joined #openbsd
19:43 < Zerock> the reason I am hesitant to just test these is because it will disrupt other interface configs. igc{0,2,3} don't have any IP address assigned because they are bridged. I have vether{0,1} which have addresses for the bridges.
19:43 -!- Xenguy [~Xenguy@user/xenguy] has joined #openbsd
19:44 < sir-photch> Hey there, I'm receiving emails about security(8) saying "Checking the /etc/master.passwd file: Login someuser is off but still has a valid shell and alternate access files in home directory are still readable."
19:44 < sir-photch> Any idea why that is an issue? It is an user that is supposed to be able to login via ssh to execute rsync, for automatic deployments. Should I disable the login shell as well?
19:44 < sibiria> yeah i omitted that on purpose. things can get a bit hairy with bridges
19:45 < Zerock> sure, I'm willing to redo this without using bridges, but I still need the behavior of the bridge: particularly that igc{2,3} need to be joined somehow. I don't want to create 3 LANs, only 2.
19:45 < Zerock> technically igc0 doesn't need to be bridged. The only reason I did it that way was to test that things would work on a bridge before I did the guest LAN config.
19:46 < Zerock> but did you see before where if I plug igc1 into my LAN that the DHCP negotiation works?
19:46 < Zerock> I am starting to think pf isn't the problem
19:47 < Zerock> sir-photch: usermod -p '*************' someuser
19:48 -!- cow321 [~deflated8@user/meow/deflated8837] has joined #openbsd
19:48 < sir-photch> I don't want to have password login on that user
19:49 < Zerock> sir-photch: it isn't. 13 asterisks is code for "no password, but they can still log in"
19:49 < sir-photch> Really?
19:49 < Zerock> yes really
19:49 < sir-photch> What 😂
19:49 < sir-photch> Any manpage about that?
19:50 < Zerock> * is an illegal password character. Users that shouldn't log in will have '*' as the password in the master password db. However, if you still want them to be able to log in, you can use 13 asterisks
19:50 < Zerock> yes it's in the manual but I forget which page
19:51 < sibiria> it's in master.passwd
19:51 < Zerock> by "illegal password character" I mean that encrypt(1) will never produce it in its output, so no password will ever match
19:51 < sibiria> it's to allow users to have for example only a pubkey, or other non-password login
19:51 < Zerock> yep that's it
19:51 < sibiria> without daily complaining about the user every day
19:52 < sir-photch> Odd
19:52 < sir-photch> But okay
19:52 < sir-photch> Thanks!
19:52 < Zerock> :)
19:52 < finkfox> how can I write a "window 10 iso" file to usb stick and make it bootable? 
19:53 -!- noone [~six@user/six] has joined #openbsd
19:53 < finkfox> I tried "vnconfig" and "mount_udf" but that fails.
19:53 -!- memset [~memset@gateway/tor-sasl/memset] has quit [Remote host closed the connection]
19:53 < sibiria> rufus will do it. but rufus runs only on windows!
19:53 < Zerock> can you not do it with dd?
19:53 -!- memset [~memset@gateway/tor-sasl/memset] has joined #openbsd
19:53 < ssm_> What is the intended way to start ssh-agent(1) with an X session (xenodm)?
19:54 < niftily> finkfox: don't you want to try debian to flash your firmware?
19:55 < ssm_> the ssh-agent(1) manpage says "There are two main ways to get an agent set up.  The first is at the start of an X session ..." but it doesn't actually describe where you should do this. ~/.xsession?
19:56 < finkfox> niftily: i'm trying to flash a "thinkpad docking station thunderbolt 3 gen 2". lenovo only provides update in form of win10/11 exe.
19:56 < finkfox> niftily: not sure how debian would help here?
19:56 < finkfox> Zerock: I will try dd, but some people here said it wouldn't work.
19:57 < niftily> debian flashes thinkpad firmwares, without need for windows
19:58 < finkfox> niftily: including thinkpad docking stations? where can I read more about that?!
19:58 < thrig> grep -r ssh-agent /etc/X11
20:00 < finkfox> I would prefer to use the official "firmware update software".
20:02 -!- memset [~memset@gateway/tor-sasl/memset] has quit [Remote host closed the connection]
20:02 < byteskeptical> finkfox: yeah dd won't work but here are some useful instructions for getting a working usb: https://superuser.com/questions/1527197/debian-creating-windows-10-bootable-install-usb-drive-using-terminal-dd
20:02 -!- memset [~memset@gateway/tor-sasl/memset] has joined #openbsd
20:04 -!- jfsimon1981 [~jfsimon19@lfbn-lyo-1-1454-239.w86-207.abo.wanadoo.fr] has quit [Remote host closed the connection]
20:05 -!- jfsimon1981 [~jfsimon19@lfbn-lyo-1-1454-239.w86-207.abo.wanadoo.fr] has joined #openbsd
20:05 -!- typicat [~kj@user/typicat] has quit [Quit: leaving]
20:06 < ssm_> thrig: thanks
20:08 < ssm_> though looking at this code, it only works with one key...
20:08 < ssm_> finds id_rsa id_ecdsa id_ecdsa_sk id_ed25519 id_ed25519_sk id_dsa, adds to agent, and breaks out of loop
20:09 -!- jfsimon1981 [~jfsimon19@lfbn-lyo-1-1454-239.w86-207.abo.wanadoo.fr] has quit [Max SendQ exceeded]
20:09 -!- jfsimon1981_b [~jfsimon19@lfbn-lyo-1-1454-239.w86-207.abo.wanadoo.fr] has joined #openbsd
20:09 -!- xzdx [~xzdx@user/XZDX] has joined #openbsd
20:10 -!- eau [~chat@user/eau] has quit [Quit: bleh!]
20:10 -!- XV8 [~XV8@user/XV8] has quit [Quit: Textual IRC Client: www.textualapp.com]
20:10 -!- Zerock [~0ck@copyfree/pedant/zerock] has quit [Ping timeout: 248 seconds]
20:12 -!- crnicavic [~root@45.77.142.178] has quit [Quit: leaving]
20:13 -!- typicat [~karl@user/typicat] has joined #openbsd
20:13 < vortexx> finkfox: fwupdmgr is the command you need on debian
20:13 -!- xzdx [~xzdx@user/XZDX] has quit [Ping timeout: 246 seconds]
20:13 < vortexx> otherwise use Rufus on Windows (in qemu if you must) to make a live system on a usb stick or whatever
20:14 -!- o0x1eef [~user@user/o0x1eef] has quit [Quit: Quit]
20:15 -!- Zerock [~0ck@copyfree/pedant/zerock] has joined #openbsd
20:16 < niftily> finkfox: https://fwupd.org/
20:16 < Zerock> byteskeptical: sibiria: okay I read up on DHCP and did a tcpdump of igc1. When connected to the ISP, all that I see are the DHCPDISCOVER packets going out, never a reply. So something is very wrong, but I don't know what.
20:17 < niftily> https://www.reddit.com/r/thinkpad/comments/e4c3gl/linux_support_for_thinkpad_docks/?rdt=58626
20:17 < niftily> search for the string 'only thing'
20:17 < Zerock> I would expect even blocked packets to show up in that tcpdump, right?
20:20 -!- ixc [~x@user/ixc] has quit [Ping timeout: 252 seconds]
20:22 -!- cow321 [~deflated8@user/meow/deflated8837] has quit [Ping timeout: 252 seconds]
20:23 -!- CrashOverride [~strcat@p57b4b67c.dip0.t-ipconnect.de] has quit [Ping timeout: 252 seconds]
20:23 < niftily> finkfox: did u read the two urls I posted?
20:23 < niftily> many vendors have good linux support
20:23 < niftily> lenovo is one of them
20:23 < finkfox> niftily: still reading thank you!
20:26 < niftily> finkfox: in practice you just install debian and a notification will come, inviting you to click... then the machine restarts in a special environment names Linux Firmware Updater and it flashes automagically then reboots
20:27 < niftily> even easier than windows :)
20:28 < finkfox> niftily: ok looks indeed promising. now I just need a "live debian usb stick with fwupdmgr"
20:30 < niftily> can't you just install debian on hard disk?
20:30 < niftily> it shouldn't take more than 1 hour...
20:30 < niftily> then you reinstall the OS of your choice
20:31 < niftily> https://cdimage.debian.org/debian-cd/current/amd64/iso-cd/debian-12.7.0-amd64-netinst.iso
20:32 < niftily> that image can be written with dd to a usb disk
20:32 < finkfox> niftily: what about my current running openbsd? i don't want to overwrite that with debian
20:33 < finkfox> hence wondering if fwupdmgr works from "debian live"
20:33 < niftily> do backups and you'll reinstall it after
20:33 < finkfox> ok I have to think about that.
20:33 < niftily> I've never used debian live
20:34 -!- f6k [f6k@otaku.sdf.org] has quit [Ping timeout: 252 seconds]
20:35 < niftily> https://cdimage.debian.org/debian-cd/current-live/amd64/iso-hybrid/debian-live-12.7.0-amd64-gnome.iso
20:35 < niftily> that one is live
20:35 -!- f6k [f6k@otaku.sdf.org] has joined #openbsd
20:36 < pardis> you should be able to apt-get install whatever you need from a live system
20:36 < pardis> it won't persist across reboots, obviously, but you probably don't care about that
20:37 -!- o0x1eef [~user@user/o0x1eef] has joined #openbsd
20:39 < finkfox> ok thank you very much. will try this.
20:41 -!- feriman [~feriman@user/feriman] has quit [Ping timeout: 276 seconds]
20:50 -!- typicat [~karl@user/typicat] has quit [Ping timeout: 245 seconds]
20:51 < sibiria> Zerock: yes. tcpdump sniffs directly on the interface, outside pf. if traffic comes in you will see it, if traffic is not going out past pf, you won't see it
20:51 -!- cmashinho [~artemshel@user/cmashinho] has quit [Read error: Connection reset by peer]
20:52 -!- gatlinggoat [~Thunderbi@128.6.147.110] has joined #openbsd
20:57 -!- gatlingg1at [~njd@128.6.147.110] has joined #openbsd
20:58 -!- R4F4 [~rscastilh@user/R4F4] has quit []
21:00 -!- mijndert [~mijndert@user/mijndert] has quit [Quit: kbye]
21:07 -!- jfsimon1981_b [~jfsimon19@lfbn-lyo-1-1454-239.w86-207.abo.wanadoo.fr] has quit [Ping timeout: 245 seconds]
21:09 -!- jab [~user@user/jab] has joined #openbsd
21:10 -!- jfsimon1981 [~jfsimon19@lfbn-lyo-1-1454-239.w86-207.abo.wanadoo.fr] has joined #openbsd
21:12 -!- n6bsd [~n6bsd@user/n6bsd] has joined #openbsd
21:14 -!- dastain [~dastain@81.4.102.12] has quit [Ping timeout: 252 seconds]
21:15 < Zerock> sibiria: I get the terrible feeling I may need to call my ISP to get to the bottom of this
21:15 -!- dastain [~dastain@2a00:d880:6:262::45a3] has joined #openbsd
21:15 -!- devune [~devune@121.127.33.125] has quit [Ping timeout: 252 seconds]
21:17 < jb1277976> Anyone here runnign openbsd from a usb flash drive or usb ? i can't install it to my chromebook mmc so im running off a sd_card
21:17 < jb1277976> kinda fast
21:17 -!- devune [~devune@121.127.33.125] has joined #openbsd
21:18 -!- gatlinggoat [~Thunderbi@128.6.147.110] has quit [Quit: gatlinggoat]
21:25 -!- finkfox [~finkfox@user/finkfox] has quit [Quit: finkfox]
21:26 -!- zoraj [~ubuntu@102.113.103.201] has quit [Ping timeout: 252 seconds]
21:26 -!- edem [~edem@178.219.173.103] has joined #openbsd
21:27 < sibiria> Zerock: you could try disconnecting the piece of equipment closest to your ISP for a while, just to see if it "unfucks" something
21:27 -!- absc [~absc@2a04:ee41:8:6055:c6cf:2613:58b:c563] has quit [Quit: Got to go. irctk 1.1.0-beta]
21:28 < sibiria> my previous ISP would block my dhcp requests for a while if asked for many leases too fast and i'd have to either wait a while or disconnect stuff for a couple of minutes to inactivate the link
21:28 -!- zoraj [~ubuntu@102.113.68.98] has joined #openbsd
21:28 -!- edem [~edem@178.219.173.103] has quit [Client Quit]
21:28 -!- seninha [~seninha@user/seninha] has joined #openbsd
21:28 < Zerock> sibiria: that's interesting, but when I reconnect my old router, it comes right up...
21:29 < sibiria> locked to its MAC? you could mimic it to find out
21:29 < sibiria> or maybe it's asking something specific in the request
21:29 < sibiria> search domain or similar
21:30 -!- billchenchina- [~billchenc@103.152.35.21] has quit [Remote host closed the connection]
21:30 -!- niftily [~niftily@user/niftily] has quit [Quit: leaving]
21:30 < Zerock> I was starting to suspect it may be MAC-related
21:30 < Zerock> that's a good idea. I'll try that later
21:30 < Zerock> I'm taking a break for now
21:30 < Zerock> switching between them involves a little dance to reroute the cable which I don't enjoy doing
21:32 < Zerock> that said... in past times when I have changed routers, I did not have this sort of trouble, so I don't really think that's it
21:40 -!- niftily [~niftily@user/niftily] has joined #openbsd
21:43 -!- Filystyn [~piotr@user/filystyn] has quit [Quit: Lost terminal]
21:44 -!- shiranaihito_ [~shiranaih@ppp-124-122-56-206.revip2.asianet.co.th] has quit [Quit: My Mac has gone to sleep. ZZZzzz…]
21:46 -!- Shirkdog [~M.Shirk@user/shirkdog] has quit [Ping timeout: 255 seconds]
21:48 -!- Shirkdog [~M.Shirk@user/shirkdog] has joined #openbsd
21:49 -!- gvg_ [~dcd@user/gvg] has joined #openbsd
21:51 -!- gvg [~dcd@user/gvg] has quit [Ping timeout: 252 seconds]
21:55 -!- xet7 [~xet7@user/xet7] has quit [Quit: Leaving]
21:58 < jb1277976> can somebdoy get the fwm version not on my laptop
21:59 -!- adip [~adip@public-gprs386866.centertel.pl] has quit [Ping timeout: 252 seconds]
21:59 < jb1277976> i need an updated versiojln for it to work
22:00 < oldlaptop> jb1277976: In case it's not clear: I don't have (and don't have any intention to get) any chromebooks, and would strongly suggest such a policy
22:02 -!- xet7 [~xet7@user/xet7] has joined #openbsd
22:02 < jb1277976> Thanks oldlaptop thought ibread something thr other day
22:02 < jb1277976> i read*
22:05 < oldlaptop> For the most part you'll have less trouble (as a generalized matter) with a normal commodity laptop, ideally one of the ones meant for corporate fleet use (which, oddly enough given how short corporate "refresh cycles" tend to be, are built to be less disposable. I guess they're not quite short enough for consumer-laptop levels of quality, especially when the (l)users aren't paying for the things)
22:06 < oldlaptop> laptops, as a class, are already weird, and chromebooks (as a class) are even weirder
22:07 < oldlaptop> it's already insane to solder an MMC device to the mainboard and use that for secondary storage - some of them solder MMC-connected wifi radios and other such random peripherals to the mainboard too.
22:12 -!- toxic063 [~toxic0@82.66.203.96] has quit [Ping timeout: 246 seconds]
22:14 -!- dbohdan [~dbohdan@user/dbohdan] has quit [Quit: ZNC 1.8.2+deb3.1 - https://znc.in]
22:14 -!- dbohdan [~dbohdan@user/dbohdan] has joined #openbsd
22:15 -!- toxic063 [~toxic0@82.66.203.96] has joined #openbsd
22:16 -!- lavaball [~Melissa@31.204.155.215] has quit [Remote host closed the connection]
22:19 -!- znedw08 [~znedw@home.znedw.com] has quit [Ping timeout: 255 seconds]
22:21 -!- znedw08 [~znedw@home.znedw.com] has joined #openbsd
22:23 -!- znedw081 [~znedw@home.znedw.com] has joined #openbsd
22:25 -!- znedw08 [~znedw@home.znedw.com] has quit [Ping timeout: 248 seconds]
22:25 -!- znedw081 is now known as znedw08
22:27 -!- xzdx [~xzdx@user/XZDX] has joined #openbsd
22:30 -!- cow321 [~deflated8@user/meow/deflated8837] has joined #openbsd
22:32 -!- xzdx [~xzdx@user/XZDX] has quit [Ping timeout: 246 seconds]
22:47 -!- viq|w [~viq@user/viq] has quit [Quit: WeeChat 4.4.2]
22:47 -!- a1fa [~a1fa@user/a1fa] has joined #openbsd
22:47 < a1fa> 1st syspatch
22:49 -!- Pixi` [~Pixi@user/pixi] has joined #openbsd
22:52 -!- Pixi [~Pixi@user/pixi] has quit [Ping timeout: 252 seconds]
22:54 -!- viq|w [~viq@user/viq] has joined #openbsd
22:55 -!- seninha [~seninha@user/seninha] has quit [Quit: Leaving]
22:57 -!- ipetruk- [~user@user/ipetruk] has joined #openbsd
22:57 -!- ipetruk [~user@user/ipetruk] has quit [Ping timeout: 260 seconds]
22:58 -!- finkfox [~finkfox@user/finkfox] has joined #openbsd
22:58 -!- breavyn [~breavyn@user/breavyn] has quit [Ping timeout: 272 seconds]
22:59 < niftily> wb finkfox 
22:59 < niftily> did you manage to update your firmwares?
22:59 < finkfox> well. fwupdmgr would not detect a firmware update for the docking station. :/
23:00 < finkfox> however, I enabled Thunderbolt 3 Assist mode in BIOS, now keyoard and mouse attached to dock are detected.
23:00 < finkfox> the problem is now: sys on CPU0 has ~87%
23:01 < finkfox> any idea?
23:01 < niftily> did you type 'sudo fwupdtool update'
23:01 -!- breavyn [~breavyn@user/breavyn] has joined #openbsd
23:01 < finkfox> niftily: I called "fwupdmgr refresh; fwupdmgr get-updates"
23:01 < finkfox> did I do it wrongly? can try again.
23:02 < niftily> i had to disable thunderbolt too...
23:02 < finkfox> I now see "/usr/bin/perl -T /usr/libexec/security" peaking at 90% CPU usage
23:02 < oldlaptop> $ pkg_locate fwupdmgr 
23:02 < oldlaptop> kinfocenter-6.1.4:x11/kde-plasma/kinfocenter:/usr/local/share/kinfocenter/firmware_security/fwupdmgr.sh
23:02 < oldlaptop> $
23:02 < oldlaptop> This is on OpenBSD somehow?
23:03 < finkfox> niftily: so it should work with thunderbolt deaktviated in BIOS?
23:03 < finkfox> *deactivated.
23:04 < niftily> i never used a docking station, i can't tell
23:04 < finkfox> byteskeptical: what was your BIOS settings for Thinkpad Dock to work?
23:04 -!- cow321 [~deflated8@user/meow/deflated8837] has quit [Ping timeout: 246 seconds]
23:04 < finkfox> niftily: what did you mean with "I had to disable thunderbolt too..."?
23:06 < finkfox> ok I need to restart my machine. getting too hot.
23:06 -!- finkfox [~finkfox@user/finkfox] has quit [Quit: finkfox]
23:06 < niftily> your high cpu usage is related to thunderbolt
23:07 -!- Pixi` [~Pixi@user/pixi] has quit [Quit: Leaving]
23:12 -!- finkfox [~finkfox@user/finkfox] has joined #openbsd
23:12 -!- megawatt [~megawatt@user/megawatt] has left #openbsd []
23:12  * finkfox re
23:13 < niftily> finkfox: did u disable thunderbolt now?
23:13 -!- cow321 [~deflated8@user/meow/deflated8837] has joined #openbsd
23:13 < finkfox> yes
23:14 < niftily> openbsd doesn't support it anyway...
23:14 < finkfox> in BIOS, that is "thunderbolt assist mode"
23:14 < finkfox> right.
23:14 < niftily> looks like you won't be able to use this docking station
23:14 < finkfox> nevertheless, I find it interesting that with it enabled, usb devices connected via dock are detected.
23:14 < finkfox> otherwise not.
23:15 < finkfox> niftily: why so?
23:15 < finkfox> byteskeptical was using the dock successfully it seems.
23:16 < finkfox> i still have the option to update dock firmware via windows 
23:17 < niftily> what makes you think an updated firmware will make the docking station work under openbsd?
23:19 < finkfox> the comments by byteskeptical earlier in the chat.
23:20 < niftily> oh ok
23:22 -!- adig [~default@185.53.199.84] has quit [Read error: Connection reset by peer]
23:22 < finkfox> here teh author writes that it should work with "Thunderbolt Assist Mode". "Kinda" ... though on a slightly different docking model: https://jcs.org/2019/08/14/x1c7
23:23 -!- rtj [~rtj@user/rtj] has quit [Ping timeout: 245 seconds]
23:24 -!- Xenguy [~Xenguy@user/xenguy] has quit [Ping timeout: 260 seconds]
23:24 -!- rtj [~rtj@user/rtj] has joined #openbsd
23:27 < niftily> did you update other firmwares by the way, just curious?
23:31 < finkfox> i did manage to update BIOS firmware using official lenovo iso file. though for dock there is no iso, just ".exe".
23:31 < thrig> .exe might be runnable from freedos
23:32 < finkfox> fwupdmgr nicely listed the details of the BIOS firmware 
23:32 < niftily> so it was already up to date?
23:32 < finkfox> thrig: i'm not sure I want to temper with "maybes" when running a firmware update (and potentitally bricking the device)
23:32 < finkfox> niftily: the laptop BIOS firmware, yes.
23:33 < finkfox> as for the dock it said: no firmware update available.
23:33 < niftily> i doubt updating the firmware of your docking station will make it work on openbsd
23:34 < niftily> and for a windows live usb... i haven't used microsoft products in the last 22 years
23:34 -!- fstd [~fstd@xdsl-87-79-185-124.nc.de] has quit [Ping timeout: 252 seconds]
23:34 < niftily> so i can't help you
23:35 -!- zimmer [~zimmer@user/zimmer] has joined #openbsd
23:35 -!- b50d [~b50d@2a0a-a547-9782-0-76ea-1c92-ee18-637.ipv6dyn.netcologne.de] has joined #openbsd
23:36 -!- fstd [~fstd@xdsl-87-79-185-91.nc.de] has joined #openbsd
23:36 -!- zimmer [~zimmer@user/zimmer] has quit [Remote host closed the connection]
23:36 < thrig> the bricking risk is rather the same, regardless of how the .exe gets launched
23:38 -!- ipetruk- [~user@user/ipetruk] has quit [Quit: ZNC 1.9.1 - https://znc.in]
23:39 -!- zimmer [~zimmer@user/zimmer] has joined #openbsd
23:45 -!- znedw08 [~znedw@home.znedw.com] has quit [Read error: Connection reset by peer]
23:52 -!- niftily [~niftily@user/niftily] has quit [Quit: leaving]
--- Log closed Mon Oct 14 00:00:54 2024