--- Log opened Wed Dec 04 00:00:32 2024 00:03 -!- gawen [~gawen@user/gawen] has quit [Quit: cya] 00:07 < sibiria> what yeelong model do you have by the way? 00:08 -!- tommyrot [~tommyrot@user/tommyrot] has quit [Ping timeout: 252 seconds] 00:09 -!- uncleyear [~ian@45.80.46.84] has quit [Ping timeout: 245 seconds] 00:11 -!- gawen [~gawen@user/gawen] has joined #openbsd 00:12 -!- DIDAVISION [~dino@user/DINOWILLIAM] has joined #openbsd 00:12 -!- adip [~adip@c145-14.icpnet.pl] has quit [Ping timeout: 260 seconds] 00:13 -!- DinoWilliam [~dino@user/DINOWILLIAM] has quit [Ping timeout: 260 seconds] 00:14 < yang3> yeeloong$ doas pkg_add portslist 00:14 < yang3> doas: doas is not enabled, /etc/doas.conf: No such file or directory 00:14 < yang3> do I copy /etc/example/doas.conf /etc/doas.conf 00:14 < yang3> sibiria Yeeloong 8101B 00:15 < yang3> I also have 8089 with Linux installed 00:17 < sibiria> they are pretty much the same, right? 00:17 < sibiria> same CPU/speed, same amount of RAM? 00:18 -!- rnkn [~rnkn@203.45.24.236] has joined #openbsd 00:18 -!- tommyrot [~tommyrot@user/tommyrot] has joined #openbsd 00:18 < yang3> yes, the same 00:18 < yang3> only screen is larger 00:19 -!- tobiasu [~tobiasu@user/tobiasu] has quit [Quit: updates] 00:19 < yang3> https://en.wikipedia.org/wiki/Lemote 00:25 -!- tobiasu [~tobiasu@user/tobiasu] has joined #openbsd 00:28 -!- megawatt [~megawatt@user/megawatt] has left #openbsd [] 00:28 < yang3> can't find portlist... https://paste.debian.net/1338106/ 00:29 -!- rnkn [~rnkn@203.45.24.236] has quit [Quit: Client closed] 00:32 < Lucas_> what are you trying to do? 00:32 -!- xx [~xx@user/xx] has quit [Ping timeout: 260 seconds] 00:32 < Lucas_> as we said, there are no ports for loongson, so you can't run portslist 00:33 < yang3> https://paste.debian.net/1338109/ 00:33 < yang3> I modified /etc/mk.conf and /etc/doas.conf 00:34 -!- memset [~memset@gateway/tor-sasl/memset] has quit [Ping timeout: 260 seconds] 00:34 < yang3> Lucas_ I am trying to build irssi as user 00:35 -!- redruM [~redrum@user/redrum] has joined #openbsd 00:40 -!- UDENIX [~UDENIX@user/udenix] has quit [Read error: Connection reset by peer] 00:44 < Lucas_> but why are you trying to install portslist in order to build irssi? 00:44 < Lucas_> nvm that 00:45 < Lucas_> for your error, cd /usr/ports; doas make fix-permissions 00:45 < Lucas_> assuming you have PORTS_PRIVSEP=Yes in /etc/mk.conf 00:45 -!- memset [~memset@gateway/tor-sasl/memset] has joined #openbsd 00:51 -!- MsInput [~l0v3ris@user/MsInput] has joined #openbsd 00:55 -!- sdds [~sdds@user/sdds] has joined #openbsd 01:04 -!- UDENIX [~UDENIX@user/udenix] has joined #openbsd 01:09 -!- Bradipo [~Bradipo@50.77.44.29] has quit [Quit: Lost terminal] 01:19 -!- hugohagogo [~cleber@user/hugohagogo] has quit [Ping timeout: 255 seconds] 01:19 -!- xet7 [~xet7@user/xet7] has quit [Remote host closed the connection] 01:24 -!- hugohagogo [~cleber@2804:1b4c::4] has joined #openbsd 01:25 -!- AlaskanEmily [~AlaskanEm@user/alaskanemily] has joined #openbsd 01:46 < yang3> it compiles 01:54 -!- ikarso [uid475540@id-475540.tinside.irccloud.com] has quit [Quit: Connection closed for inactivity] 02:07 -!- mikewilzn [609e48c489@user/mikewilzn] has left #openbsd [Error from remote client] 02:11 -!- zwr [~zwr@200-97-246-192.user3p.veloxzone.com.br] has joined #openbsd 02:15 < yang3> Is it possible to stop/break compiling (make) and reboot and continue at a later time? can it somehow be saved for later? because it takes a long time on this little laptop? 02:15 < yang3> It's trying to fetch all the deps 02:23 -!- seninha [~seninha@user/seninha] has quit [Quit: Leaving] 02:34 < remiliascarlet> kucha: "nvi" sounds kinda like "envy". 02:35 < remiliascarlet> vortexx: I'll give it a try after work. 02:41 -!- Everything [~Everythin@46-133-12-50.mobile.vf-ua.net] has quit [Quit: leaving] 02:51 -!- MrGoblins [~MrGoblins@2806:107e:13:f129:55e5:6eab:cd1b:7b9] has quit [Ping timeout: 252 seconds] 02:51 -!- MrGoblins [~MrGoblins@201.103.90.191] has joined #openbsd 02:54 -!- coppola_ [~coppola_@user/coppola] has joined #openbsd 03:05 -!- cmc_ [~methos@gateway/tor-sasl/cmc] has quit [Ping timeout: 260 seconds] 03:07 -!- cmc_ [~methos@gateway/tor-sasl/cmc] has joined #openbsd 03:13 -!- memset [~memset@gateway/tor-sasl/memset] has quit [Remote host closed the connection] 03:13 -!- memset [~memset@gateway/tor-sasl/memset] has joined #openbsd 03:21 -!- cqst [~cqst@user/cqst] has joined #openbsd 03:31 -!- Martouf [~82e30593@user/Martouf] has joined #openbsd 03:34 -!- rnkn [~rnkn@210.23.145.234] has joined #openbsd 03:38 < rnkn> anyone in here on a M1 Macbook as their daily? 03:39 < ssm_> yang3: interrupted builds always resume fine for me. Haven't seen any docs talking about it though 03:45 -!- s1b1 [~s1b1@user/s1b1] has joined #openbsd 03:45 < thrig> in theory make should do the right thing 03:46 < thrig> make is more likely to fail if the system clock gets yanked around (bad bios clock, virt timekeeping, etc) 03:53 -!- _zip100 [~zip100@193.32.248.143] has quit [Ping timeout: 252 seconds] 03:56 -!- zip100 [~zip100@185.209.196.180] has joined #openbsd 03:58 -!- KasKoos [~textual@2001:16a2:c01a:6562:c02:bff0:5332:f61e] has joined #openbsd 03:59 -!- koolazer [~koo@user/koolazer] has joined #openbsd 04:00 -!- KasKoos [~textual@2001:16a2:c01a:6562:c02:bff0:5332:f61e] has quit [Client Quit] 04:00 -!- khrbtxyz [~khrbtxyz@user/khrbt] has quit [Ping timeout: 252 seconds] 04:01 -!- dastain [~dastain@81.4.102.12] has quit [Ping timeout: 246 seconds] 04:01 -!- khrbtxyz [~khrbtxyz@user/khrbt] has joined #openbsd 04:01 -!- om3ga [~om3ga@93.177.187.134] has joined #openbsd 04:03 -!- dastain [~dastain@2a00:d880:6:262::45a3] has joined #openbsd 04:09 -!- coppola_ [~coppola_@user/coppola] has quit [Ping timeout: 260 seconds] 04:10 -!- tuftedocelot [~tuftedoce@2a03:6000:1019::57] has quit [Remote host closed the connection] 04:10 -!- coppola_ [~coppola_@user/coppola] has joined #openbsd 04:13 -!- TinyTimmyTokyo [~TinyTimmy@kuschku.de] has quit [Ping timeout: 260 seconds] 04:21 -!- rnkn [~rnkn@210.23.145.234] has quit [Quit: Client closed] 04:37 -!- coppola_ [~coppola_@user/coppola] has quit [Ping timeout: 252 seconds] 04:45 -!- xet7 [~xet7@user/xet7] has joined #openbsd 04:46 -!- Voyager_MP [~mp@168.119.5.224] has quit [Ping timeout: 248 seconds] 04:47 -!- mxz__ [~mxz@user/mxz] has joined #openbsd 04:47 -!- mxz [~mxz@user/mxz] has quit [Ping timeout: 265 seconds] 04:47 -!- Spydar007 [spydar007@user/spydar007] has quit [Ping timeout: 248 seconds] 04:47 -!- martian67 [~martian67@user/meow/martian67] has quit [Ping timeout: 260 seconds] 04:48 -!- martian67 [~martian67@user/meow/martian67] has joined #openbsd 04:48 -!- mxz__ is now known as mxz 04:48 -!- mxz_ [~mxz@user/mxz] has quit [Ping timeout: 252 seconds] 04:49 -!- billchenchina [~billchenc@2a0d:2580:ff0c:201:47cf:ca1:a674:8042] has joined #openbsd 04:50 -!- Mete- [~quassel@186.250.13.243] has quit [Ping timeout: 252 seconds] 04:52 -!- Mete- [~quassel@186.250.13.243] has joined #openbsd 04:59 -!- Spydar007 [spydar007@user/spydar007] has joined #openbsd 05:01 -!- macabro [~user@user/monkey/x-0691028] has joined #openbsd 05:05 -!- Spydar007 [spydar007@user/spydar007] has quit [Ping timeout: 248 seconds] 05:08 -!- new [~m3a@170.52.78.7] has quit [Quit: leaving] 05:11 -!- Spydar007 [spydar007@user/spydar007] has joined #openbsd 05:15 -!- format_c [~format_c@2a02:b98:f181:4094:f550:7488:2d5:5ffa] has joined #openbsd 05:16 -!- ipetruk [~user@user/ipetruk] has quit [Quit: ZNC 1.9.1 - https://znc.in] 05:18 -!- michel [~mp@168.119.5.224] has joined #openbsd 05:21 -!- khrbtxyz [~khrbtxyz@user/khrbt] has quit [Ping timeout: 260 seconds] 05:22 -!- qiy [~rusty2@user/scuttlecell] has quit [Quit: WeeChat 3.8] 05:23 -!- bket [~bket@user/bket] has quit [Quit: leaving] 05:25 -!- khrbtxyz [~khrbtxyz@user/khrbt] has joined #openbsd 05:28 -!- memset [~memset@gateway/tor-sasl/memset] has quit [Remote host closed the connection] 05:28 -!- memset [~memset@gateway/tor-sasl/memset] has joined #openbsd 05:29 -!- bket [~bket@user/bket] has joined #openbsd 05:30 -!- jonf [~jjf@c-174-166-163-232.hsd1.nj.comcast.net] has quit [Remote host closed the connection] 05:30 -!- jonf [~jjf@c-174-166-163-232.hsd1.nj.comcast.net] has joined #openbsd 05:36 -!- schalken [~schalken@117-118-178-69.gci.net] has quit [Quit: Leaving] 05:52 -!- uncleyear [~ian@45.80.46.84] has joined #openbsd 05:53 -!- ipetruk [~user@user/ipetruk] has joined #openbsd 06:02 -!- rnkn [~rnkn@210.23.145.234] has joined #openbsd 06:17 -!- rnkn [~rnkn@210.23.145.234] has quit [Quit: Client closed] 06:20 -!- qiy [~rusty2@user/scuttlecell] has joined #openbsd 06:23 -!- format_c [~format_c@2a02:b98:f181:4094:f550:7488:2d5:5ffa] has quit [Quit: format_c] 06:25 -!- zenmov [~zenmov@user/zenmov] has joined #openbsd 06:29 -!- cmc_ [~methos@gateway/tor-sasl/cmc] has quit [Remote host closed the connection] 06:29 -!- cmc_ [~methos@gateway/tor-sasl/cmc] has joined #openbsd 06:31 -!- redruM [~redrum@user/redrum] has quit [Quit: ...] 06:33 -!- horrad [~Thunderbi@2003:a:61f:c901:9907:f2af:6ea5:44bb] has joined #openbsd 06:35 < echelon> hi, someone mentioned a while how to install openbsd while booted into a live linux system? 06:39 < echelon> assuming i don't have access to the bios 06:41 < oldlaptop> "don't have access to the BIOS" meaning what, exactly? That's potentially an unrecoverable problem if something goes wrong. (Particularly if this is actually an EFI machine, not "BIOS".) 06:41 < oldlaptop> GRUB can be used to boot into bsd.rd (i.e. the OpenBSD installer), but I wouldn't expect most "live linux systems" to use GRUB in the first place. 06:43 < echelon> i don't mean live as in off of a cd, i mean a linux system that's booted 06:43 < echelon> someone mentioned a way to install openbsd with just dd 06:44 -!- SiFuh_ [~SiFuh@user/sifuh] has quit [Remote host closed the connection] 06:45 -!- SiFuh_ [~SiFuh@user/sifuh] has joined #openbsd 06:45 -!- UDENIX [~UDENIX@user/udenix] has quit [Ping timeout: 246 seconds] 06:45 < oldlaptop> You could overwrite the running system's boot drive with installXX.fs, or something to that effect, I suppose. That strikes me as a Bad Idea. 06:46 < oldlaptop> (as does trying to give further advice without a more complete description of the problem) 06:46 -!- SiFuh_ [~SiFuh@user/sifuh] has quit [Remote host closed the connection] 06:46 -!- SiFuh_ [~SiFuh@user/sifuh] has joined #openbsd 06:47 -!- SiFuh_ [~SiFuh@user/sifuh] has quit [Client Quit] 06:47 -!- hwpplayer1 [~user@user/hwpplayer1] has joined #openbsd 06:48 < echelon> oldlaptop: i'm basically in the same boat as this guy.. https://jcs.org/2014/09/12/remotely_installing_openbsd_qemu 06:48 < echelon> and it seems like a viable option 06:48 < echelon> basically using qemu to install directly to the storage 06:48 < echelon> device 06:49 < echelon> i only have the option of running linux from a limited selection 06:49 < echelon> and the ip kvmi is broken because of outdated certs and such 06:49 < echelon> and java 06:53 < oldlaptop> The qemu procedure strikes me as... relatively reasonable under the specific circumstances outlined there (which appears to be a "live Linux system" in something closer to the "I booted an ubuntu livecd" sense). 06:54 -!- ikarso [uid475540@id-475540.tinside.irccloud.com] has joined #openbsd 06:54 < oldlaptop> It doesn't seem like a good idea to try that while booted from the same disk you propose to install to, at least not without the ability to restore it out of band if something goes wrong. 06:55 -!- mxz_ [~mxz@user/mxz] has joined #openbsd 06:55 < echelon> yeah, i can reinstall it from the web control panel thing 06:57 -!- SiFuh_ [~SiFuh@user/sifuh] has joined #openbsd 06:58 < oldlaptop> If possible, I'd want a "live" system like that recovery environment, such that there's no possibility of incapacitating the system before reboot. 06:58 < echelon> i guess i could create a tmpfs large enough to hold the minirootfs 06:58 < echelon> there was, but i don't know how to get back into it :/ 06:59 < oldlaptop> If you can't have a "live" system, I would want to be chrooted into a tmpfs, with qemu installed inside that. 06:59 < oldlaptop> (well. what I would really want is to find a different hosting solution. but never mind that.) 06:59 < echelon> i guess i could get them to do it via support ticket 07:00 < echelon> yeah, but it's a dedicated server that's only $188/yr :/ 07:00 < oldlaptop> If you're paying for support of the "please install this OS on the thing for me" kind, that would seem like an obvious solution 07:03 < oldlaptop> if you're going to be trying the qemu trick, and you can't have a live recovery environment (that's running from RAM/read-only squashfs), I would debootstrap (substitute your favorite linux as desired) under a tmpfs, chroot into that, and run qemu from *that* system, so it's more likely to survive long enough to finish the installation and reboot. 07:04 < oldlaptop> but the whole thing seems like asking for trouble 07:04 -!- shiranaihito_ [~shiranaih@2001:fb1:7b:6dc8:b83b:3328:282d:de9b] has joined #openbsd 07:05 < echelon> thanks 07:07 -!- gipa [~gipa@user/gipa] has quit [Quit: leaving] 07:10 -!- AlaskanEmily [~AlaskanEm@user/alaskanemily] has quit [Remote host closed the connection] 07:14 < echelon> i'm not even sure what distro the live system runs, if it's uncommon i may have to find a statically linked version of qemu 07:14 < IcePic> I loved the old sun sparc days, where you could just vomit bsd.rd into the swap partition with dd, then at next boot, ask it to boot off the b partition instead of the a partition and then you were in the installer 07:14 < oldlaptop> if it's uncommon, I bet you can still debootstrap into a tmpfs or something 07:14 < IcePic> then again, the openprom stuff could boot off files in directories, on CDs and netboot and so on. Lots of choices there 07:14 < echelon> ah, true 07:15 < oldlaptop> IcePic: why can't we have good firmware? :( 07:15 < oldlaptop> all that effort to transition to... EFI?! 07:15 < oldlaptop> L( 07:15 < oldlaptop> er, :( 07:15 < IcePic> oldlaptop: I don't know. x86 has for the longest time been doing "floppy boot" which seems like a total disaster in retrospect 07:15 -!- feriman [~feriman@user/feriman] has quit [Quit: leaving] 07:16 < dlg> i have a diff for amd64 that lets you boot a kernel (like bsd.rd) from the efi system partition 07:16 < IcePic> "hey, we can boot from a floppy, yay". ok, can you boot from cd? "Yes, we read 1.44mb off the cd, pretend it is a floppy in ram and boot off that" ok, weird but could work. How about network boot? "Yes, we read 1.44mb with tftp and put it in ram and boot off that" 07:16 < oldlaptop> Why shouldn't a high-end server in the 21st century boot the same way as an early-80s fixed-disk-less micro? :| 07:17 < oldlaptop> dlg: *that* sounds interesting 07:17 < oldlaptop> rather like the linux "stub loader" thing? 07:18 -!- feriman [~feriman@user/feriman] has joined #openbsd 07:18 < dlg> linux things could be anything, so im hesitant to say yes 07:19 < dlg> https://mild.embarrassm.net/~dlg/diff/boot.esp.amd64 07:19 < oldlaptop> Aaaaaah, not at all like the linux "stub loader" 07:20 < oldlaptop> (which is more or less "linux is an EFI boot loader for itself") 07:20 < dlg> that will let you "boot esp0a:bsd.rd" if bsd.rd is in the same partition as bootx64.efi 07:21 < IcePic> seems small enough 07:22 < dlg> i originally did it for arm64, which is in tree 07:25 -!- |darc|- [darc@23-112-65-16.lightspeed.nworla.sbcglobal.net] has quit [Excess Flood] 07:25 -!- |darc|- [darc@23-112-65-16.lightspeed.nworla.sbcglobal.net] has joined #openbsd 07:25 -!- parai [~parai@2a02:2f04:119:b100::a] has quit [Quit: connection reset by purr] 07:26 -!- parai [~parai@2a02:2f04:119:b100::a] has joined #openbsd 07:28 -!- om3ga [~om3ga@93.177.187.134] has quit [Read error: Connection reset by peer] 07:28 < oldlaptop> can definitely picture cases where that'd be mighty handy 07:29 < dlg> i wish boot partitions were bigger as a matter of course 07:29 < IcePic> the esp_stat() function confuses me. It tries to read a file, if it works, it sets the Filesize and returns 0. If buffer is too small, it allocs a new "filen", does the same GetInfo on it again, and if that works, it sets the Filesize but returns rv, which is set to -1 early on. 07:29 < IcePic> "read a file" <- get info on the file, not literally read it 07:30 -!- om3ga [~om3ga@93.177.187.134] has joined #openbsd 07:31 < dlg> i wrote it more than two weeks ago, so there's no chance i remember any detail about it 07:31 < dlg> it's very possible there's bugs 07:35 -!- shiranaihito_ [~shiranaih@2001:fb1:7b:6dc8:b83b:3328:282d:de9b] has quit [Quit: My Mac has gone to sleep. ZZZzzz…] 07:38 -!- memset [~memset@gateway/tor-sasl/memset] has quit [Remote host closed the connection] 07:39 -!- memset [~memset@gateway/tor-sasl/memset] has joined #openbsd 07:41 -!- Foxy_ [~fox@user/Foxy/x-8224177] has quit [Ping timeout: 252 seconds] 07:44 -!- easeout [easeout@tilde.team] has quit [Quit: WeeChat 4.4.3] 07:45 -!- easeout [easeout@tilde.team] has joined #openbsd 07:48 < IcePic> of course, I'm not sure if first can fail and second works in order to notice that 07:51 -!- adig [~default@109.166.137.184] has joined #openbsd 07:52 < echelon> they responded to the ticket rather quickly.. i've just had to plead with them 5 times now to please boot into the gparted live system, this time i attached a screenshot of the gparted live desktop, let's see if that works. 07:54 < IcePic> echelon: for what its worth, I've done the "dd installXX.img" into the bootdisk on remote-arm64 VMs and it worked there. As others have said, if you have some kind of "reset this box to default OS something" button, its probably ok to test around a lot and see what works, since you can always get back to something that works again 07:55 < echelon> cool 07:55 -!- struchu [~struchu@62.87.192.114] has joined #openbsd 07:55 < echelon> no wonder the rental on these supermicro systems are so cheap, their ip kvmi is near useless 07:56 < echelon> the newer versions are supposed to have html5, but not this guy 07:56 < Manis> ipmitool sol activate? 07:58 -!- adip [~adip@c145-14.icpnet.pl] has joined #openbsd 07:58 -!- Foxy_ [~fox@user/Foxy/x-8224177] has joined #openbsd 08:01 < echelon> Manis: i'm not familiar with it 08:01 -!- schalken [~schalken@117-118-178-69.gci.net] has joined #openbsd 08:01 < IcePic> html5 came like 10 years ago or so to SM ipmi 08:01 < Manis> Back in the days when I had to use Supermicros I always just used the serial console. 08:02 < Manis> It was less trouble I found and I could copy&paste the root password from my password manager :-) 08:03 -!- deimosBSD [~deimos@user/realdeimos] has quit [Ping timeout: 252 seconds] 08:04 -!- deimosBSD [~deimos@user/realdeimos] has joined #openbsd 08:05 < IcePic> the java crap one had to use before html5 was horrible 08:08 -!- feriman [~feriman@user/feriman] has quit [Read error: Connection reset by peer] 08:09 -!- rawgreaze [~rawgreaze@user/rawgreaze] has quit [Ping timeout: 264 seconds] 08:09 -!- rawgreaze_ [~rawgreaze@user/rawgreaze] has joined #openbsd 08:10 -!- rawgreaze_ is now known as rawgreaze 08:10 -!- critter_ [~critter@200.90.104.39] has quit [Ping timeout: 264 seconds] 08:19 < Manis> :D 08:20 -!- SiFuh [~SiFuh@user/sifuh] has quit [Remote host closed the connection] 08:20 -!- SiFuh [~SiFuh@user/sifuh] has joined #openbsd 08:26 < echelon> alright! i was able to get networking up and grabbed miniroot76.img with ftp 08:26 -!- gipa [~gipa@user/gipa] has joined #openbsd 08:26 < echelon> there's no deboostrap though 08:26 < echelon> and apt is borked 08:29 -!- lagash [lagash@2605:6400:c684:c669:c468:c204:61fe:48dc] has quit [Ping timeout: 260 seconds] 08:29 < echelon> IcePic: so you just dd installXX.img to the whole block device or a specific partition? 08:30 -!- aaro [aaro@user/aaro] has quit [Ping timeout: 265 seconds] 08:30 -!- cell [cell@cell.freeirc.org] has quit [Ping timeout: 260 seconds] 08:30 -!- luna [~luna@fedora/bittin] has quit [Remote host closed the connection] 08:30 < oldlaptop> debootstrap is the kind of thing that you should have a pretty easy time getting a static binary of, more or less by design 08:31 < oldlaptop> (or not a binary, depending on the implementation - do you have... IIRC, perl?) 08:31 < oldlaptop> the voidlinux equivalent is a tarball full of static binaries 08:31 < echelon> perl 5.24 apparently 08:34 < oldlaptop> (I recall incorrectly - POSIX shell, looks like) 08:39 < echelon> alright, it's getting late and i can't even type ':' from the html5 console -_- 08:39 < echelon> will reattempt tomorrow, thanks! 08:41 -!- agentcasey [~agentcase@99-106-182-62.lightspeed.elpstx.sbcglobal.net] has joined #openbsd 08:44 -!- zoraj [~ubuntu@41.136.95.215] has quit [Ping timeout: 260 seconds] 08:44 -!- memset [~memset@gateway/tor-sasl/memset] has quit [Remote host closed the connection] 08:45 -!- memset [~memset@gateway/tor-sasl/memset] has joined #openbsd 08:45 -!- zoraj [~ubuntu@41.136.71.143] has joined #openbsd 08:48 -!- stefanobsdcafe [~m-2ld27b@user/stefanobsdcafe] has quit [Ping timeout: 252 seconds] 08:48 -!- stefanobsdcafe [~m-2ld27b@user/stefanobsdcafe] has joined #openbsd 08:50 -!- pikapika_lunar [~pikapika_@pika.powered.by.lunarbnc.net] has quit [Quit: Free ZNC ~ Powered by LunarBNC: https://LunarBNC.net] 08:50 -!- pikapika_lunar [~pikapika_@pika.powered.by.lunarbnc.net] has joined #openbsd 08:51 -!- jonf [~jjf@c-174-166-163-232.hsd1.nj.comcast.net] has quit [Ping timeout: 255 seconds] 08:58 -!- billchenchina- [~billchenc@103.118.42.229] has joined #openbsd 09:00 -!- billchenchina [~billchenc@2a0d:2580:ff0c:201:47cf:ca1:a674:8042] has quit [Ping timeout: 245 seconds] 09:03 -!- DIDAVISION [~dino@user/DINOWILLIAM] has quit [Ping timeout: 260 seconds] 09:04 -!- DinoWilliam [~dino@user/DINOWILLIAM] has joined #openbsd 09:04 -!- b50d [~b50d@62.96.54.30] has joined #openbsd 09:05 -!- Oclair [~Oclair@nq3.aventia.pw] has quit [Ping timeout: 245 seconds] 09:17 -!- Oclair [~Oclair@nq3.aventia.pw] has joined #openbsd 09:23 -!- MrGoblins [~MrGoblins@201.103.90.191] has quit [Ping timeout: 260 seconds] 09:24 -!- billchenchina- [~billchenc@103.118.42.229] has quit [Ping timeout: 255 seconds] 09:27 -!- frdem [~frdem@178.157.33.2] has joined #openbsd 09:28 < echelon> chroot binary is borked 09:29 < echelon> input/output error.. i think they pulled out the cd before everything could be loaded into ram 09:30 < echelon> i'll have to try the method IcePic mentioned 09:34 < IcePic> echelon: sorry, yes that is what I meant 09:34 < IcePic> zoned out to do some work in between. 09:34 < IcePic> I seemingly made a comment on undeadly about this very procedure: https://undeadly.org/cgi?action=article;sid=20230921073556 09:35 < IcePic> dd installXX.img to sda (ie, the 'whole' disk device node) and reboot into this, and make sure you have a console for when bsd.rd starts up 09:46 < echelon> perfect, thanks :) 09:47 < echelon> so the img file itself contains a partition table? 09:49 < IcePic> no, it contains code-to-run-at-boot-that-loads-bsd.rd and then from that ramdisk image, it can wipe stuff from under its own feet 09:55 -!- nathanpc [~nathanpc@user/nathanpc] has quit [Ping timeout: 276 seconds] 09:59 -!- finkfox [~finkfox@user/finkfox] has joined #openbsd 10:03 -!- xx [~xx@user/xx] has joined #openbsd 10:03 < echelon> awesome 10:09 -!- critter [~critter@200.90.104.39] has joined #openbsd 10:12 -!- finkfox [~finkfox@user/finkfox] has quit [Ping timeout: 265 seconds] 10:12 -!- critter [~critter@200.90.104.39] has quit [Remote host closed the connection] 10:12 -!- BillyZane [~BillyZane@user/BillyZane] has joined #openbsd 10:12 -!- critter [~critter@200.90.104.39] has joined #openbsd 10:20 -!- echelon [~echelon@gateway/tor-sasl/steerpike] has quit [Ping timeout: 260 seconds] 10:22 -!- drathir_tor [~drathir@wireguard/tunneler/drathir] has quit [Ping timeout: 260 seconds] 10:23 -!- finkfox [~finkfox@user/finkfox] has joined #openbsd 10:24 -!- drathir_tor [~drathir@wireguard/tunneler/drathir] has joined #openbsd 10:25 -!- echelon [~echelon@gateway/tor-sasl/steerpike] has joined #openbsd 10:27 -!- critter [~critter@200.90.104.39] has quit [Changing host] 10:27 -!- critter [~critter@user/critter] has joined #openbsd 10:27 -!- hwpplayer1 [~user@user/hwpplayer1] has quit [Remote host closed the connection] 10:30 -!- bket [~bket@user/bket] has quit [Read error: Connection reset by peer] 10:31 -!- bket [~bket@user/bket] has joined #openbsd 10:36 -!- byteskeptical [~amnesia@user/byteskeptical] has quit [Quit: Lost terminal] 10:43 -!- feriman [~feriman@user/feriman] has joined #openbsd 10:43 -!- talos [~talos@2600:6c5d:0:4b06:3ee4:aa6b:754a:a609] has quit [Quit: Ping timeout (120 seconds)] 10:44 -!- talos [~talos@2600:6c5d:0:4b06:f48a:7369:7f49:4069] has joined #openbsd 10:47 -!- Mete- [~quassel@186.250.13.243] has quit [Quit: https://quassel-irc.org - Chat comfortably. Anywhere.] 10:48 -!- Mete- [~quassel@186.250.13.243] has joined #openbsd 10:57 -!- noone [~six@user/six] has quit [Quit: nyaa~] 10:58 -!- jonf [~jjf@c-174-166-163-232.hsd1.nj.comcast.net] has joined #openbsd 10:58 -!- Aedil [~adrian@146.52.105.208] has joined #openbsd 11:03 -!- seninha [~seninha@user/seninha] has joined #openbsd 11:13 -!- om3ga [~om3ga@93.177.187.134] has quit [Quit: Bye] 11:15 -!- om3ga [~om3ga@93.177.187.134] has joined #openbsd 11:23 -!- seninha [~seninha@user/seninha] has quit [Quit: Leaving] 11:24 -!- Netsplit *.net <-> *.split quits: chiselfuse, drathir_tor, xx, echelon, srfsh, cmc_, memset, martian67, sdds, aswjrisp, (+2 more, use /NETSPLIT to show all of them) 11:27 -!- ublx [~ublx@user/ublx] has joined #openbsd 11:34 -!- Martouf [~82e30593@user/Martouf] has quit [Ping timeout: 276 seconds] 11:35 -!- finkfox [~finkfox@user/finkfox] has quit [Ping timeout: 265 seconds] 11:38 -!- l33t-H4x0r [~assasas@2001:448a:1090:600d:55d1:6abb:24fd:d5ce] has joined #openbsd 11:41 -!- khrbtxyz [~khrbtxyz@user/khrbt] has quit [Ping timeout: 260 seconds] 11:43 -!- danilogondolfo [~danilogon@2a02:8084:4f62:1280:3f8b:7219:ac03:f73b] has joined #openbsd 11:48 < yang3> see, how to continue with the interrupted build? Simply "CD /ust/ports/net/irssi" and again "make" ? 11:49 -!- lavaball [~Melissa@31.204.155.215] has joined #openbsd 11:49 < sibiria> that usually works, yes 11:49 < sibiria> in some cases you may need to "make clean" first 11:57 < yang3> OK 12:09 -!- donofrio_ [~donofrio@68.60.130.180] has joined #openbsd 12:13 -!- tertullian [~sonne@82.199.134.169] has joined #openbsd 12:18 -!- ficonni [~ficonni@213.196.101.110] has joined #openbsd 12:18 -!- khrbtxyz [~khrbtxyz@user/khrbt] has joined #openbsd 12:22 -!- gwennelsonuk [gwennelson@iceland.sdf.org] has joined #openbsd 12:25 < IcePic> most of the steps make .dotfiles to indicate patching was done, unpacking is done, configure is done and so forth 12:26 < IcePic> if you edit the patches (add/remove) then you would probably need to clean out the unpacked stuff and unpack it again, to reapply the patches and then move on 12:27 < IcePic> but if one only changes some external thing like bumping "MAKE_JOBS" or cleaning out a filled pobj/ dir, then restarts should be fairly safe 12:28 -!- gwennelsonuk is now known as GwenNelson 12:29 < GwenNelson> hey all, guess nobody saw my messages here just now 12:30 < IcePic> GwenNelson: nopes, but the net just unsplit recently 12:30 < GwenNelson> anyway, i need to implement a FUSE filesystem that can stand up to high load 12:30 < GwenNelson> anyone got any idea where to find sample code? 12:31 < GwenNelson> need to be async and multithreaded i'd assume 12:32 < GwenNelson> anyone? 12:33 < sibiria> maybe any of the fuse ports? it's a wide question 12:34 < GwenNelson> there's a lot, i just need the simplest possible 12:34 < GwenNelson> i've only implemented FUSE singlethreaded on Linux 12:34 < IcePic> this seems somewhat backwards, fuse seems to be a solution to some problem (like using non-fs's like if they are fs's), but why is FUSE important here if you want a stable fs under high load? 12:35 < GwenNelson> i mean, i could do it in a kernel patch instead, seems more complicated though 12:35 -!- finkfox [~finkfox@user/finkfox] has joined #openbsd 12:35 -!- ublx [~ublx@user/ublx] has quit [Ping timeout: 255 seconds] 12:36 < IcePic> probably more complicated, but fuse stuff generally isn't known for stability, more like a bandaid to let userspace processes be mounted. 12:37 < GwenNelson> i can at least prototype in FUSE i guess 12:37 < sibiria> incidentally fuse isn't known for high performance either 12:37 < GwenNelson> i also need to get this working quickly, and i've not dabbled in the filesystem code in the kernel 12:38 < IcePic> not saying people should not do all kinds of experiments in fuse, by all means do, but you seem to have started from the other end, requiring high perf. 12:38 < GwenNelson> sibiria: isn't that because it's not async and usually single threaded? 12:38 < RobbieAB> At least in Linux, it also doesn't play nicely with the kernel caching. 12:38 < sibiria> GwenNelson: probably a combination of that and the various translation layers between 12:38 < GwenNelson> though i guess there's context switching overhead 12:39 < GwenNelson> i think i'll prototype in FUSE and then try a kernel patch 12:39 < RobbieAB> I suspect, with no real evidence or experience, that making a high-performance file system will be one problem, making it in fuse will simply add a second problem. 12:39 < GwenNelson> though i'm not too keen to mess with the kernel code 12:40 < sibiria> are you developing your own file system, or aiming at improving openbsd's general disk i/o and/or FFS codebase? 12:40 < GwenNelson> it's actually a weird kind of bind mount with wildcard support 12:40 < GwenNelson> for various purposes 12:42 < GwenNelson> so i can mount /some/path/*/something and have a mounted filesystem full of */something 12:43 < GwenNelson> like for example /home/*/public_html mounted under /var/www/htdocs/users 12:43 < GwenNelson> that's one usagw 12:43 < GwenNelson> usage* 12:44 < sibiria> seems like a typical case for FUSE 12:44 < GwenNelson> right, but i want to take advantage of SMP 12:44 < GwenNelson> getting a lovely ryzen box donated 12:45 < GwenNelson> so, thoughts? 12:46 < sibiria> probably more thoughts on the mailing lists where most of the developers hang out 12:46 < GwenNelson> -tech or -misc? 12:46 < GwenNelson> i had some mild drama with a recent -misc post 12:46 < sibiria> i think tech is more suited for the topic 12:47 < GwenNelson> regarding editing puffy 12:47 < sibiria> the mailing lists giveth and the mailing lists taketh away 12:47 < sibiria> godspeed, gwendolyn 12:47 < GwenNelson> heh, true 12:47 < GwenNelson> my name is just Gwen, thanks 12:47 < RobbieAB> I'm thinking it sounds like auto mount bind mount trickery might avoid the need for fuse altogether. 12:47 < IcePic> GwenNelson: bah, don't mind that one crap reply 12:48 < IcePic> RobbieAB: amd(8) is nfsv2 only I think, though I can't remember for what reason 12:48 < GwenNelson> thanks IcePic 12:48 < RobbieAB> IcePic: Ah, that would be an issue. 12:49 < GwenNelson> RobbieAB: isn't bind no longer supported? 12:49 < IcePic> RobbieAB: at least it might be slightly suboptimal 12:49 < IcePic> GwenNelson: obsd never had bind mounts 12:49 < GwenNelson> right 12:49 < GwenNelson> i heard it did before 6.0 12:49 < GwenNelson> though back in 3.7 it wasn't there either 12:50 -!- sjg [~sjg@user/sjg] has joined #openbsd 12:50 < GwenNelson> i started with 3.7 12:50 < GwenNelson> i've thought about a stupid NFS hack too 12:50 < RobbieAB> The other thought I had was symlinks, but... They are going to be problematic with the wildcard part. 12:51 < IcePic> RobbieAB: symlinks wont take you out of a chroot 12:51 < GwenNelson> symlinks inside chroot won't work 12:51 < RobbieAB> That is true. :) 12:51 < GwenNelson> IcePic: snap 12:52 < GwenNelson> i want to keep daemons inside chroot as much as possible 12:52 < GwenNelson> also, is it true that unveil doesn't survive exec? 12:52 < GwenNelson> cos that seems like an obvious hole 12:52 < IcePic> GwenNelson: yes, unveil and pledge are per-process 12:53 < RobbieAB> That said, for me, I would expect my attempt to implement a fuse module to be more likely to go badly wrong than than running my httpd without chroot :) 12:53 < GwenNelson> malicious code just needs to exec to bypass unveil? 12:54 < IcePic> GwenNelson: yes, but there are reasons for it 12:54 < GwenNelson> what are the reasons? 12:54 < GwenNelson> i'm tempted to patch this 12:55 < GwenNelson> it'd make for a container type system 12:55 < IcePic> one is that if you always inherit limits, anything that exec()s needs to allow both its own set of "limits" and all possible child process limits, which means "anything" 12:55 < IcePic> this means that any program that does anything remotely alike system() or exec() is going to have zero limits always 12:55 < GwenNelson> child process should not be able to add more permissions 12:55 < IcePic> else it breaks the child processes 12:56 < GwenNelson> again, containers? 12:56 < IcePic> secondly, if you either disallow exec() in your parent limits, or run in a chroot where there isn't anything malicious to exec, then this "hole" goes away. 12:56 < GwenNelson> like how docker et al work on Linux 12:57 < GwenNelson> my malicious code writes out a binary to disk, chmod +x and exec 12:57 < IcePic> just make /var/empty is "noexec" 12:57 < GwenNelson> but also, if children inherited, could implement containers 12:58 < GwenNelson> i want containers 12:58 < GwenNelson> not vmm, lighter weight 12:58 < IcePic> I think ldd is the only current program that uses inherited limits 12:58 < mischief> i too want a pony 12:58 < IcePic> because it "half-runs" binaries when you ask it what libraries it would link when started 12:58 < GwenNelson> though, vmm with RAM ballooning would be awesome 12:59 < IcePic> ponies and balloons it is! 12:59 < GwenNelson> lol 13:00 < GwenNelson> any reason not to have ballooning other than nobody did it yet? 13:01 < GwenNelson> hmm? 13:02 < IcePic> I think it's somewhat easy to make the vmm end of ballooning, the guest pmap part might be lots trickier 13:02 < GwenNelson> does it work in Xen? 13:02 < GwenNelson> obsd DomU 13:03 < IcePic> I don't think obsd guests did ballooning on Xen as domU either 13:04 < GwenNelson> dammit 13:05 < GwenNelson> my dream is something like QubesOS with obsd 13:05 < GwenNelson> that would rock 13:06 -!- makr [~textual@2001:8f8:1a2d:df:806b:429b:6d5a:961a] has joined #openbsd 13:09 -!- hugohagogo [~cleber@2804:1b4c::4] has quit [Changing host] 13:09 -!- hugohagogo [~cleber@user/hugohagogo] has joined #openbsd 13:11 < IcePic> on the topic of "I would just create a binary and chmod it and run it", it gets quite interesting when you notice linux has memfd so you can take a piece of memory and make it a file descriptor, then you can exec it via fexecve() from that fdesc and you dont need to be able to write to disk at all 13:12 < IcePic> its really like they want to make it easy to circumvent things like chroots and file system strict permissions 13:12 < GwenNelson> i once wrote a game engine for Linux that loads dynamic libs from RAM 13:13 < GwenNelson> the game logic was native code and zipped up with asseta provided via PhysFS 13:13 < GwenNelson> assets* 13:14 < GwenNelson> on other platforms, had to extract the .so or .dylib and use dlopen 13:16 -!- finkfox [~finkfox@user/finkfox] has quit [Ping timeout: 265 seconds] 13:16 < GwenNelson> anyway, bbl 13:17 < GwenNelson> gonna hack together this FUSE thing 13:17 -!- GwenNelson [gwennelson@iceland.sdf.org] has quit [Quit: they called it BSD, and open because it's always free....] 13:19 -!- sjg [~sjg@user/sjg] has quit [Ping timeout: 260 seconds] 13:33 -!- d-ra [~d-ra@user/d-ra] has joined #openbsd 13:36 -!- mikewilzn [609e48c489@user/mikewilzn] has joined #openbsd 13:42 -!- memset [~memset@gateway/tor-sasl/memset] has joined #openbsd 13:42 -!- eniac [~eniac@user/eniac] has joined #openbsd 13:42 -!- xx [~xx@user/xx] has joined #openbsd 13:44 -!- srfsh [~srfsh@user/srfsh] has joined #openbsd 13:46 -!- chiselfuse [~chiselfus@user/chiselfuse] has joined #openbsd 13:46 -!- xxx [~u@user/xx] has joined #openbsd 13:46 -!- xxx [~u@user/xx] has quit [Client Quit] 13:47 -!- aswjrisp [~aswjrisp@user/aswjrisp] has joined #openbsd 13:47 -!- finkfox [~finkfox@user/finkfox] has joined #openbsd 13:50 -!- drathir_tor [~drathir@wireguard/tunneler/drathir] has joined #openbsd 13:50 -!- cmc_ [~methos@gateway/tor-sasl/cmc] has joined #openbsd 13:52 -!- aswjrisp_ [~aswjrisp@user/aswjrisp] has joined #openbsd 13:53 -!- vulpine [xfnw@user/meow/xfnw] has left #openbsd [nyaa~] 13:53 -!- vulpine [xfnw@user/meow/xfnw] has joined #openbsd 13:53 -!- aswjrisp [~aswjrisp@user/aswjrisp] has quit [Ping timeout: 264 seconds] 13:55 -!- l33t-H4x0r [~assasas@2001:448a:1090:600d:55d1:6abb:24fd:d5ce] has quit [K-Lined] 14:01 -!- psydroid [~psydroid@user/psydroid] has joined #openbsd 14:03 -!- finkfox [~finkfox@user/finkfox] has quit [Ping timeout: 246 seconds] 14:10 -!- echelon [~echelon@gateway/tor-sasl/steerpike] has joined #openbsd 14:14 -!- evilham11 [~evilham@2a0f:de00:fe00:6300:ab:45ff:fe54:9878] has quit [Ping timeout: 264 seconds] 14:18 < yang3> I compiled the first package on loongson - curl 14:19 < sibiria> good effort! 14:19 -!- Xenguy [~Xenguy@user/xenguy] has quit [Quit: "To play for a draw [...] is to some degree a crime against chess." -- Mikhail Tal] 14:20 < sibiria> on the yeeloong or in an emulated machine? 14:21 < yang3> yeeloong$ cat razno1 | curl -F 'clbin=<-' https://clbin.com 14:21 < yang3> https://clbin.com/dza2O 14:21 < yang3> on the yeeloong 14:22 < mischief> how looooong did it take 14:22 < sibiria> :p 14:22 < yang3> i started yesterday it was about 1.5 hour and about 45 min todaya 14:22 < sibiria> yee don't wanna know 14:22 < sibiria> etc. 14:22 < sibiria> curl is an unusually "fat" project for what it does, too, so not entirely surprising 14:23 < sibiria> handful of deps as well 14:23 < yang3> I need to type in the "doas" password repeateadly, when it asks for each dep 14:23 < mischief> jeez. on my desktop make -j32 for curl took 3.5 seconds 14:23 < yang3> mischief hehe 14:24 < sibiria> yang3: if you want you can "su" to the user you want to build as. and in most cases, it's fine to build as root, too 14:24 < Lucas_> I disagree with that comment 14:25 < sibiria> "every port potentially has malware in the build scripts, and everyone is out to get me" 14:26 < pardis> if you build ports as root, it will drop to a user with minimal privileges for the actual build 14:26 < pardis> so it is actually better to build as root, in this particular case 14:27 < Lucas_> I think that only dpb takes care of that 14:27 < sibiria> as an option, which works most of the time, you can also "su -l root; su _pbuild" (or whatever the most common build user is) 14:27 < Lucas_> the usual case, using make, it's prefered to do as a normal user that can doas into _pbuild and _pfetch iirc 14:28 -!- evilham11 [~evilham@2a0f:de00:fe00:6300:ab:45ff:fe54:9878] has joined #openbsd 14:29 -!- khrbtxyz [~khrbtxyz@user/khrbt] has quit [Ping timeout: 252 seconds] 14:30 -!- qiy [~rusty2@user/scuttlecell] has quit [Remote host closed the connection] 14:32 -!- qiy [~rusty2@user/scuttlecell] has joined #openbsd 14:32 -!- khrbtxyz [~khrbtxyz@user/khrbt] has joined #openbsd 14:34 -!- FWbat [~fuzzy@c-73-35-154-239.hsd1.wa.comcast.net] has joined #openbsd 14:35 -!- pikapika_lunar [~pikapika_@pika.powered.by.lunarbnc.net] has quit [Quit: Free ZNC ~ Powered by LunarBNC: https://LunarBNC.net] 14:35 -!- pikapika_lunar [~pikapika_@pika.powered.by.lunarbnc.net] has joined #openbsd 14:36 < Lucas_> pardis: actually, for privilege dropping, you do need to set PORTS_PRIVSEP=Yes 14:37 < pardis> oh, I stand corrected 14:40 -!- evilham11 [~evilham@2a0f:de00:fe00:6300:ab:45ff:fe54:9878] has quit [Ping timeout: 252 seconds] 14:42 < yang3> getting some failure when building irssi https://clbin.com/mcL4N 14:44 -!- FWbat [~fuzzy@c-73-35-154-239.hsd1.wa.comcast.net] has quit [Remote host closed the connection] 14:47 < sibiria> python as a build dependency is an unfortunate atrocity. gets in the way every now and for other projects 14:50 < kucha> yang3: congrats on curl! going to try smartmontools soon? 14:50 < renaud> some python ports are even impossible due to deps with == 14:50 < yang3> kucha, thanks, I will try 14:51 -!- FWbat [~fuzzy@c-73-35-154-239.hsd1.wa.comcast.net] has joined #openbsd 14:52 < IcePic> if yang3 makes a large amount of ports, there is an unofficial space where we could put it up for other mips64le users 14:52 < IcePic> https://ftp.eu.openbsd.org/pub/Unofficial/OpenBSD/7.6/packages/ 14:53 < yang3> IcePic, I dunno, if I am really qualified...what kind of files would be in there? 14:53 < sibiria> curl is an excellent case for something common a lot of users want 14:54 < IcePic> yang3: I made whatever m88k-packages I could make work, since a lot of things will not build with gcc3, the list of possible packages became a lot shorter 14:54 < sibiria> irssi, neo/mutt, git, nano, sqlite3 etc. 14:54 < IcePic> took a long while to even get gmake built 14:55 < IcePic> rsync, various archivers like zstd,xz,(un)zip,bzip2 14:57 -!- struchu [~struchu@62.87.192.114] has quit [Quit: WeeChat 4.4.3] 14:57 < IcePic> the archivers unlock a lot of ports, so you would end up building them early anyhow 14:59 -!- dev1ls [dev1ls@user/Dev1ls] has joined #openbsd 15:00 -!- evilham11 [~evilham@2a0f:de00:fe00:6300:ab:45ff:fe54:9878] has joined #openbsd 15:01 -!- ivdsangen [~ivo@86-95-161-96.fixed.kpn.net] has joined #openbsd 15:01 < yang3> IcePic I can try to build the packages, you suggested, those are usefull 15:01 < yang3> noted 15:02 < yang3> I see the luna-88k packages in unofficial 15:06 -!- gman999 [~GMan999@user/gman999] has quit [Quit: WeeChat 4.4.2] 15:08 -!- makr [~textual@2001:8f8:1a2d:df:806b:429b:6d5a:961a] has quit [Quit: My Unrecognized Mac has gone to sleep. ZZZzzz…] 15:10 < yang3> so there are I guess packages, which I compiled https://paste.debian.net/hidden/e2fa9412/ 15:10 -!- _zip100 [~zip100@185.209.196.160] has joined #openbsd 15:11 -!- zip100 [~zip100@185.209.196.180] has quit [Ping timeout: 265 seconds] 15:13 -!- critter [~critter@user/critter] has quit [Remote host closed the connection] 15:14 -!- critter [~critter@200.90.104.39] has joined #openbsd 15:14 -!- gh34 [~textual@syn-184-058-181-106.res.spectrum.com] has joined #openbsd 15:15 < yang3> IcePic, where are the .tgz package files placed? 15:18 < IcePic> they end up under /usr/ports/packages//all 15:18 < IcePic> they end up under /usr/ports/packages//ftp <- better, in case of licensing issues 15:18 -!- makr [~textual@2001:8f8:1a2d:df:1d87:40ec:8acb:426e] has joined #openbsd 15:21 < yang3> oh nice ! 15:22 < yang3> my arch is mips64el 15:22 < IcePic> I know, they also lack prebuilt packages, like m88k 15:23 < yang3> right 15:23 -!- strategictravele [~strategic@user/strategictravele] has joined #openbsd 15:25 < IcePic> I'm using "they" as if there was a lot of mips64le users losing sleep over not having prebuilt packages. ;) 15:25 < pardis> one day I will boot my Yeeloong again 15:26 < pardis> I think it still has OpenBSD 5.something installed 15:26 * IcePic laughs in mips64be.. 15:27 -!- oraculo [~mirc-rc@177.100.68.254] has joined #openbsd 15:27 < IcePic> relevant: http://c66.it.su.se:8080/obsd/big-endians.jpg 15:28 < yang3> IcePic are oyu building on the luna or in qemu ? 15:28 < pardis> I much prefer plan9's name for its little-endian MIPS port (spim) 15:28 -!- seninha [~seninha@user/seninha] has joined #openbsd 15:28 < IcePic> yang3: on the "nono" m88k emulator. But I think I should try gxemul again, if mp works better on it, since it helps pkg building I guess 15:29 < yang3> Luna88k is extremely rare machine 15:29 < yang3> hard-to-find 15:30 < sibiria> yeelongs too kinda, probably haven't been made for 10 years and i don't think they ever sold many to begin with 15:30 < IcePic> I also agree with obsds policy of not using emulators for official package/install-set building, since any supported platform should really be able to built its own software, but I wanted to see how much effort there would be to make a dpb cluster for m88k. 15:31 < IcePic> now, I didn't manage to make amd64-box-runs-dpb-for-lunam88kbuilders so that list is sort-of manually selected by me, depending on what could be built. 15:31 -!- MrGoblins [~MrGoblins@2806:107e:13:f129:bd3b:66f4:ea73:f3aa] has joined #openbsd 15:31 < anexit> Is there a way to have mutt download emails from... imap? 15:32 < IcePic> anexit: sure is 15:32 < IcePic> set spoolfile=imap://hostname.of.imap.host:143 15:32 -!- khrbtxyz [~khrbtxyz@user/khrbt] has quit [Ping timeout: 252 seconds] 15:32 < anexit> I want to store the emails locally to train spamassassin 15:33 < IcePic> set spoolfile=imap://hostname.of.imap.host:143/INBOX even 15:33 < yang3> anexit yes 15:33 < IcePic> imaps:// ... :993 also works of course for TLS'd imap 15:33 < yang3> mutt is another package I'll try to compile 15:33 -!- khrbtxyz [~khrbtxyz@user/khrbt] has joined #openbsd 15:35 < IcePic> I read some of my personal emails on one of my octeon boxes with mutt 15:35 < anexit> Thanks! 15:36 < IcePic> for some reason I also have "set folder imap://....:143" in my muttrc 15:36 < anexit> we ended up getting hammered with spam and since we wont pay for 365 email filter we have a openbsd box with sa/amavisd-new setup.. trying to make a auto-learn with spam@domain.com and notspam@domain.com 15:36 < sibiria> 143 is STARTTLS (evil) for imap 15:36 < sibiria> 993 implicit TLS 15:37 < yang3> IcePic, how do you upload packages to "unofficial" mirror ? 15:37 < anexit> Maybe easier to setup dovecot and just have people email those users there. 15:37 < IcePic> yang3: easy, its my machine. ;) 15:37 < yang3> ahhh :) 15:37 -!- user71 [~user71@2001:1530:1012:3964:faf:3d95:a36e:187e] has joined #openbsd 15:39 -!- makr [~textual@2001:8f8:1a2d:df:1d87:40ec:8acb:426e] has quit [Quit: My Unrecognized Mac has gone to sleep. ZZZzzz…] 15:40 -!- khrbtxyz [~khrbtxyz@user/khrbt] has quit [Ping timeout: 248 seconds] 15:40 < kucha> anexit: if you want to download mails via imap into a local maildir, something like isync/mbsync maybe come in handy 15:42 -!- psydroid [~psydroid@user/psydroid] has quit [Quit: KVIrc 5.2.6 Quasar http://www.kvirc.net/] 15:43 -!- psydroid [~psydroid@user/psydroid] has joined #openbsd 15:43 -!- darkBLACK [~darkBLACK@syn-067-053-148-069.biz.spectrum.com] has quit [Ping timeout: 246 seconds] 15:43 < IcePic> yeah, anything like the old fetchmail program would do it 15:43 -!- mover [~hischild@user/mover] has joined #openbsd 15:44 -!- khrbtxyz [~khrbtxyz@user/khrbt] has joined #openbsd 15:45 < anexit> riddle me this... 15:46 < anexit> I sent an email to spam@domain.com and it delivered somewhere 15:46 < anexit> postfix virtual spam@domain.com spam 15:46 < anexit> there is a spam user on this openbsd system 15:46 < anexit> lol 15:47 < anexit> ah 15:47 -!- MrGoblins [~MrGoblins@2806:107e:13:f129:bd3b:66f4:ea73:f3aa] has quit [Read error: Connection reset by peer] 15:47 < anexit> its in /var/mail/user 15:47 -!- KasKoos [~textual@2001:16a2:c01a:6562:c02:bff0:5332:f61e] has joined #openbsd 15:47 -!- MrGoblins [~MrGoblins@2806:107e:13:f129:bd3b:66f4:ea73:f3aa] has joined #openbsd 15:49 < lts> The same mind that chose spam@domain.com as an example address to test something has chosen it earlier as an example address to test something 15:49 < anexit> :D 15:49 -!- f451 [~f451@user/f451] has quit [Ping timeout: 252 seconds] 15:49 < anexit> well no point in wasting money with microsoft when it already exists 15:55 -!- gman999 [~GMan999@user/gman999] has joined #openbsd 15:59 -!- coppola_ [~coppola_@user/coppola] has joined #openbsd 16:00 -!- seninha [~seninha@user/seninha] has quit [Remote host closed the connection] 16:01 < echelon> IcePic: success! :) 16:01 < echelon> thanks for the suggestion 16:01 -!- seninha [~seninha@user/seninha] has joined #openbsd 16:02 -!- pikapika_lunar [~pikapika_@pika.powered.by.lunarbnc.net] has quit [Quit: Free ZNC ~ Powered by LunarBNC: https://LunarBNC.net] 16:03 -!- pikapika_lunar [~pikapika_@pika.powered.by.lunarbnc.net] has joined #openbsd 16:03 -!- gman999 [~GMan999@user/gman999] has quit [Quit: WeeChat 4.4.2] 16:04 -!- memset [~memset@gateway/tor-sasl/memset] has quit [Remote host closed the connection] 16:04 -!- memset [~memset@gateway/tor-sasl/memset] has joined #openbsd 16:05 -!- horrad [~Thunderbi@2003:a:61f:c901:9907:f2af:6ea5:44bb] has quit [Ping timeout: 252 seconds] 16:06 < IcePic> echelon: \o/ 16:07 -!- njn [~njn@user/njn] has quit [Remote host closed the connection] 16:08 < oldlaptop> echelon: ah - I thought you didn't have a console(?) 16:09 -!- makr [~textual@bba-86-96-19-17.alshamil.net.ae] has joined #openbsd 16:09 < echelon> oldlaptop: a very flakey html5 one, i was shit out of luck on the supermicro java kvm 16:09 < echelon> the html5 kvm thing didn't have a way to mount an iso though 16:10 < oldlaptop> aaaaaah 16:10 -!- Aedil [~adrian@146.52.105.208] has quit [Ping timeout: 252 seconds] 16:10 < oldlaptop> yeah, the whole qemu nonsense only makes sense if you don't have a workable console :P 16:10 < echelon> gotcha :) 16:11 < oldlaptop> though worth knowing about the curses output mode either way, if you hadn't seen that 16:11 < oldlaptop> darn handy sometimes 16:11 < echelon> this way i didn't have to remap the virtual disk devices or network interface, which qemu would have likely caused an issue for 16:11 < lts> The HTML5 console can mount an ISO if you buy a $27 license 16:11 < echelon> yeah 16:12 < echelon> i don't recall any such offer 16:12 < sibiria> does it also come with an additional $1.99 "handling fee" each time you want to mount (or eject) an ISO? 16:12 < oldlaptop> DUIDs should be stable if the disk moves from qemu-fake controller to a real one, but you'd definitely have to be careful about network interface names 16:13 < oldlaptop> sibiria: Those highly-trained CD-burning-and-swapping monkeys don't work free 16:13 < sibiria> mounting/ejecting an ISO incurs wear'n'tear on the function library, and replacing the .so library file with a fresh one comes at a cost 16:13 -!- KasKoos [~textual@2001:16a2:c01a:6562:c02:bff0:5332:f61e] has quit [Quit: My Mac has gone to sleep. ZZZzzz…] 16:14 -!- gman999 [~GMan999@user/gman999] has joined #openbsd 16:14 < lts> https://store.supermicro.com/us_en/out-of-band-sft-oob-lic.html no handling fees per mount but don't give them ideas 16:15 < oldlaptop> oh, don't get me started - the way firefox is these days I go through four or five gettimeofdays() a month 16:15 < oldlaptop> lts: :| 16:15 < sibiria> lts: i'm sure the idea has already been discussed among the product team 16:15 < sibiria> they're like lawyers. inherently evil 16:16 < lts> This is true 16:17 -!- MyNetAz [~MyNetAz@user/MyNetAz] has quit [Remote host closed the connection] 16:18 < lts> I already paid you $998 for the motherboard, why couldn't you just charge a dollar more from everyone and offer the full functionality for everyone for more money 16:30 -!- MyNetAz [~MyNetAz@user/MyNetAz] has joined #openbsd 16:30 < oldlaptop> perhaps they have reason to think most customers don't want it 16:31 -!- Bradipo [~Bradipo@50.77.44.29] has joined #openbsd 16:32 -!- glu_ [~glu@user/glu] has joined #openbsd 16:32 < oldlaptop> (or perhaps someone is a bit foolish and/or evil (I hope foolish) and thinks splitting the price everyone is going to end up paying up across multiple "items" will fool enough of the buyers enough of the time) 16:32 -!- ficonni [~ficonni@213.196.101.110] has quit [Remote host closed the connection] 16:32 -!- glu [~glu@user/glu] has quit [Ping timeout: 248 seconds] 16:32 -!- glu_ is now known as glu 16:32 < IcePic> lts: we have some SM boxes, and those are like "html5 doesnt get to mount jack-shit, but you can point to a samba-mount for ISO" and then "java console" has ISO mount over some udp protocol 16:33 < oldlaptop> What could possibly go wrong? 16:33 < IcePic> the difference being the java mount is from my machine, whereas having a samba box on the ipmi networks feels kind of icky 16:39 -!- vdamewood [~vdamewood@fedora/vdamewood] has quit [Quit: Life beckons] 16:42 -!- f451 [~f451@user/f451] has joined #openbsd 16:43 -!- michel is now known as Voyager_MP 16:46 -!- cell [cell@freeirc.org] has joined #openbsd 16:55 -!- makr [~textual@bba-86-96-19-17.alshamil.net.ae] has quit [Quit: My Unrecognized Mac has gone to sleep. ZZZzzz…] 17:03 -!- b50d [~b50d@62.96.54.30] has quit [Remote host closed the connection] 17:08 < yang3> Is there an OLPC / OpenBSD port ? 17:11 -!- finkfox [~finkfox@user/finkfox] has joined #openbsd 17:12 -!- Everything [~Everythin@94.153.24.195] has joined #openbsd 17:15 -!- tvtoon [~The_cUnix@user/tvtoon] has joined #openbsd 17:18 < lts> One Laptop Per Child? 17:19 < thrig> or maybe Ontario Livestock and Poultry Council 17:22 -!- glu [~glu@user/glu] has quit [Ping timeout: 252 seconds] 17:22 -!- glu [~glu@user/glu] has joined #openbsd 17:26 -!- donofrio_ [~donofrio@68.60.130.180] has quit [Ping timeout: 246 seconds] 17:28 -!- donofrio_ [~donofrio@68.60.130.180] has joined #openbsd 17:28 -!- znedw0868 [~znedw@2400:a846:4040::f61] has quit [Read error: Connection reset by peer] 17:30 -!- memset [~memset@gateway/tor-sasl/memset] has quit [Remote host closed the connection] 17:30 -!- znedw0868 [~znedw@2400:a846:4040::f61] has joined #openbsd 17:31 < IcePic> wasn't the olpc laptops quite ordinary x86s? 17:31 -!- KasKoos [~textual@2001:16a2:c01a:6562:c02:bff0:5332:f61e] has joined #openbsd 17:31 < IcePic> apart from that you could spin a lever to power them and that they had docs and code for most all parts 17:34 -!- nathanpc [~nathanpc@user/nathanpc] has joined #openbsd 17:36 -!- memset [~memset@gateway/tor-sasl/memset] has joined #openbsd 17:43 -!- MrGoblins [~MrGoblins@2806:107e:13:f129:bd3b:66f4:ea73:f3aa] has quit [Ping timeout: 272 seconds] 17:44 -!- megawatt [~megawatt@user/megawatt] has joined #openbsd 17:48 -!- KasKoos [~textual@2001:16a2:c01a:6562:c02:bff0:5332:f61e] has quit [Quit: My Mac has gone to sleep. ZZZzzz…] 17:48 -!- Everything [~Everythin@94.153.24.195] has quit [Quit: leaving] 17:49 -!- MrGoblins [~MrGoblins@201.103.80.153] has joined #openbsd 17:51 -!- MrGoblins [~MrGoblins@201.103.80.153] has quit [Read error: Connection reset by peer] 17:52 -!- ublx [~ublx@user/ublx] has joined #openbsd 17:53 -!- cmc_ is now known as cmc 17:53 -!- donofrio_ [~donofrio@68.60.130.180] has quit [Ping timeout: 260 seconds] 17:55 -!- donofrio_ [~donofrio@68.60.130.180] has joined #openbsd 17:59 -!- KasKoos [~textual@2001:16a2:c01a:6562:c02:bff0:5332:f61e] has joined #openbsd 17:59 -!- Guest83 [~Guest83@2400:c600:343b:3f5e:2460:7137:c72d:2fc8] has joined #openbsd 18:00 -!- uwharrie [~uwharrie@user/uwharrie] has left #openbsd [] 18:01 -!- KasKoos [~textual@2001:16a2:c01a:6562:c02:bff0:5332:f61e] has quit [Client Quit] 18:02 -!- megawatt [~megawatt@user/megawatt] has left #openbsd [] 18:02 -!- Guest83 [~Guest83@2400:c600:343b:3f5e:2460:7137:c72d:2fc8] has quit [K-Lined] 18:04 -!- feriman [~feriman@user/feriman] has quit [Ping timeout: 246 seconds] 18:05 -!- xet7 [~xet7@user/xet7] has quit [Remote host closed the connection] 18:05 < oldlaptop> "port" could refer to their special software, I guess? 18:06 -!- KasKoos [~textual@2001:16a2:c01a:6562:c02:bff0:5332:f61e] has joined #openbsd 18:06 -!- xet7 [~xet7@user/xet7] has joined #openbsd 18:06 -!- Aedil [~adrian@ip923469d0.dynamic.kabel-deutschland.de] has joined #openbsd 18:07 < oldlaptop> (which I don't see ports for) 18:07 < Manis> IcePic: yes it's x86 but it uses Open Firmware. 18:07 < oldlaptop> ?! 18:07 < oldlaptop> *that* is interesting 18:07 -!- makr [~textual@bba-86-96-19-17.alshamil.net.ae] has joined #openbsd 18:08 -!- makr [~textual@bba-86-96-19-17.alshamil.net.ae] has quit [Client Quit] 18:09 -!- danilogondolfo [~danilogon@2a02:8084:4f62:1280:3f8b:7219:ac03:f73b] has quit [Quit: Leaving] 18:10 -!- KasKoos [~textual@2001:16a2:c01a:6562:c02:bff0:5332:f61e] has quit [Client Quit] 18:10 < IcePic> we like.. 18:11 -!- d-ra [~d-ra@user/d-ra] has quit [Remote host closed the connection] 18:14 -!- uwharrie [~uwharrie@user/uwharrie] has joined #openbsd 18:22 -!- vdamewood [~vdamewood@fedora/vdamewood] has joined #openbsd 18:27 -!- KasKoos [~textual@2001:16a2:c01a:6562:c02:bff0:5332:f61e] has joined #openbsd 18:30 -!- KasKoos [~textual@2001:16a2:c01a:6562:c02:bff0:5332:f61e] has quit [Client Quit] 18:30 -!- strategictravele [~strategic@user/strategictravele] has quit [Quit: strategictravele] 18:33 -!- yclept [~yclept@user/yclept] has joined #openbsd 18:34 -!- FWbat [~fuzzy@c-73-35-154-239.hsd1.wa.comcast.net] has quit [Quit: BitchX-1.2.1 -- just do it.] 18:36 -!- frdem [~frdem@178.157.33.2] has quit [Remote host closed the connection] 18:37 -!- frdem [~frdem@178.157.33.2] has joined #openbsd 18:40 -!- KasKoos [~textual@2001:16a2:c01a:6562:c02:bff0:5332:f61e] has joined #openbsd 18:42 -!- seninha [~seninha@user/seninha] has quit [Ping timeout: 248 seconds] 18:42 -!- KasKoos [~textual@2001:16a2:c01a:6562:c02:bff0:5332:f61e] has quit [Client Quit] 18:43 -!- darkBLACK [~darkBLACK@syn-067-053-148-069.biz.spectrum.com] has joined #openbsd 18:44 -!- KasKoos [~textual@2001:16a2:c01a:6562:c02:bff0:5332:f61e] has joined #openbsd 18:44 -!- gumnos [~gumnos@2600:382:2b22:c3f0:ba70:f4ff:fe1e:1ef2] has quit [Ping timeout: 260 seconds] 18:46 -!- KasKoos [~textual@2001:16a2:c01a:6562:c02:bff0:5332:f61e] has quit [Client Quit] 18:47 -!- KasKoos [~textual@2001:16a2:c01a:6562:c02:bff0:5332:f61e] has joined #openbsd 18:51 < finkfox> i'm using an sshd instance on my local machine A as a proxy server. when connecting to external sshd instance B, in my ssh config B has "ProxyJump A". the connection works fine, on the first connetion it prompts me for passphrase of private key for B. However, after disconneting, and on subsequent connections, it no longer asks for the passphrase, simply allows the connection to B. Is the private key cached? how and where, and how can I disable that? 18:52 -!- megawatt [~megawatt@user/megawatt] has joined #openbsd 18:52 < sibiria> is it perhaps the ssh-agent? 18:52 < finkfox> and no, i'm not using ssh-agent, it's disabled. 18:52 < finkfox> even restarting local sshd A won't reset the "cached" connection 18:53 < finkfox> this feels rather unsafe and I'm pretty puzzled how to resolve 18:55 -!- KasKoos [~textual@2001:16a2:c01a:6562:c02:bff0:5332:f61e] has quit [Quit: My Mac has gone to sleep. ZZZzzz…] 18:56 < finkfox> in ps aux I do see two instances of "ssh-session". even killing those doesn't help. 19:00 -!- henrix [~henrix@user/henrix] has quit [Quit: leaving] 19:00 < Lucas_> finkfox: by any chance, do you ControlMaster or ControlPath set in your ssh config? 19:01 -!- henrix [~henrix@user/henrix] has joined #openbsd 19:01 -!- xet7 [~xet7@user/xet7] has quit [Quit: Leaving] 19:02 -!- DinoWilliam [~dino@user/DINOWILLIAM] has quit [Remote host closed the connection] 19:07 < finkfox> Lucas_: nope its disabled. 19:08 < finkfox> maybe its tmux related? 19:10 -!- parai [~parai@2a02:2f04:119:b100::a] has quit [Quit: connection reset by purr] 19:10 -!- hwpplayer1 [~user@user/hwpplayer1] has joined #openbsd 19:11 -!- parai [~parai@2a02:2f04:119:b100::a] has joined #openbsd 19:19 < Lucas_> are you running under a DE? Gnome or KDE? 19:19 -!- umgeher [~umgeher@user/umgeher] has joined #openbsd 19:19 < Lucas_> actually 19:20 < Lucas_> can you share an `ssh -v B` and `env` (from the local)? 19:21 -!- SirJitsu [~SirJitsu@162-231-111-175.lightspeed.livnmi.sbcglobal.net] has quit [Quit: Konversation terminated!] 19:23 < finkfox> Lucas_: no DE 19:23 < finkfox> will assemble the requested info. 19:25 -!- evilham11 [~evilham@2a0f:de00:fe00:6300:ab:45ff:fe54:9878] has quit [Ping timeout: 264 seconds] 19:25 -!- mover [~hischild@user/mover] has quit [Quit: leaving] 19:26 -!- ivdsangen [~ivo@86-95-161-96.fixed.kpn.net] has quit [Quit: https://github.com/ivdsangen] 19:29 -!- nedko [~nedko@gateway/tor-sasl/nedko] has joined #openbsd 19:29 -!- seninha [~seninha@user/seninha] has joined #openbsd 19:30 -!- MrGoblins [~MrGoblins@2806:107e:13:f129:bd3b:66f4:ea73:f3aa] has joined #openbsd 19:30 -!- SirJitsu [~SirJitsu@162-231-111-175.lightspeed.livnmi.sbcglobal.net] has joined #openbsd 19:33 -!- Bradipo [~Bradipo@50.77.44.29] has quit [Quit: Lost terminal] 19:34 -!- Pixi__ [~Pixi@user/pixi] has quit [Quit: Leaving] 19:35 -!- Pixi [~Pixi@user/pixi] has joined #openbsd 19:35 -!- evilham11 [~evilham@2a0f:de00:fe00:6300:ab:45ff:fe54:9878] has joined #openbsd 19:36 -!- format_c [~format_c@2a02:b98:f181:4094:f550:7488:2d5:5ffa] has joined #openbsd 19:39 < finkfox> Lucas_: output of `ssh -v B` anonymized: https://clbin.com/Er1O4 19:40 -!- MentalExcuse [~MentalExc@inetz.connected.by.freedominter.net] has quit [Ping timeout: 265 seconds] 19:41 -!- MentalExcuse [~MentalExc@inetz.connected.by.freedominter.net] has joined #openbsd 19:43 < finkfox> Lucas_: output of `env` anonymized: https://clbin.com/6pnsC 19:44 -!- Bradipo [~Bradipo@50.77.44.29] has joined #openbsd 19:45 -!- meml0rz [~meml0rz@user/memL0rz] has joined #openbsd 19:46 -!- zwr [~zwr@200-97-246-192.user3p.veloxzone.com.br] has quit [Read error: Connection reset by peer] 19:48 -!- DoppelGanger [~Angelus@syn-067-240-045-108.res.spectrum.com] has joined #openbsd 19:49 -!- feriman [~feriman@user/feriman] has joined #openbsd 19:51 -!- zwr [~zwr@200-97-246-192.user3p.veloxzone.com.br] has joined #openbsd 19:54 -!- donofrio_ [~donofrio@68.60.130.180] has quit [Ping timeout: 245 seconds] 19:55 -!- meml0rz [~meml0rz@user/memL0rz] has quit [Quit: WeeChat 4.4.4] 20:01 < finkfox> I believe even rebooting the machine will keep the connection cached at times. 20:01 -!- memset_ [~memset@gateway/tor-sasl/memset] has joined #openbsd 20:02 < finkfox> `ssh B` outside brings no solution. 20:02 < finkfox> (outside tmux) 20:02 < finkfox> it would be interesting to hear if other's can reproduce the behaviour. 20:04 -!- seninha [~seninha@user/seninha] has quit [Ping timeout: 248 seconds] 20:05 -!- memset [~memset@gateway/tor-sasl/memset] has quit [Ping timeout: 264 seconds] 20:06 < Lucas_> what's the "killed by signal 1" at the bottom? 20:07 < finkfox> I believe I quit the session 20:07 < finkfox> ? 20:08 < Lucas_> no, that doesn't make sense 20:08 < Lucas_> a clean exit is different 20:10 < thrig> flawless victory. status-0 wins! 20:11 < finkfox> Lucas_: let me check 20:11 < finkfox> Lucas_: here also the ssh config https://clbin.com/vuTpL 20:13 < finkfox> Lucas_: I don't know where the "signal 1" stems from, but it does log this indeed. 20:13 < finkfox> Lucas_: I'm quitting the session with "exit" command. 20:15 -!- MrGoblins [~MrGoblins@2806:107e:13:f129:bd3b:66f4:ea73:f3aa] has quit [Ping timeout: 265 seconds] 20:15 < finkfox> Lucas_: here the end of the log with "ssh -vv B" https://clbin.com/3fVYw 20:15 < Lucas_> oh, nvm. That's the exit you get while using ProxyJump. 20:16 -!- MrGoblins [~MrGoblins@201.103.90.191] has joined #openbsd 20:17 < finkfox> so just wondering, are my concerns justified? or am I thinking/doing something obvious wrongly here? 20:17 -!- danLe [~danLe@user/danLe] has joined #openbsd 20:18 < Lucas_> the behaviour you describe doesn't make sense 20:18 -!- gh34 [~textual@syn-184-058-181-106.res.spectrum.com] has quit [Quit: Textual IRC Client: www.textualapp.com] 20:18 < Lucas_> as in, it shouldn't be happening 20:18 < Bradipo> What are you trying to do? I missed part of the conversation... 20:19 -!- donofrio_ [~donofrio@68.60.130.180] has joined #openbsd 20:20 < finkfox> ssh connecting to remote B via local sshd proxy A. first connection asks for passphrase, subsequent connections seem to be cached. without ssh-agent or multiplexing ssh settings. 20:20 < finkfox> Bradipo: I would like my private key / sessions not to be cached. 20:21 < Bradipo> And the ssh key isn't installed on B? 20:21 < finkfox> private public key setup is setup correctly with B and works. 20:22 < Bradipo> So what's the actual problem? 20:22 < Bradipo> Are you saying that you don't want the passphrase cached for your SSH key? 20:22 < finkfox> read 4 lines above 20:22 < Bradipo> Yeah, those 4 lines above aren't properly descriptive of the problem. 20:22 < Bradipo> SSH doesn't "cache connections" as far as I'm aware. 20:23 < finkfox> ok which part do you not understand? no I do not want my private key (or session) to be cached. 20:23 < finkfox> Bradipo: ok whatever the mechanism, I am not asked for the passphrase on subsequent connections. 20:23 < finkfox> that feels insecure. 20:23 < Bradipo> So you're saying that if you SSH from X to B using proxy A, logout, then do the same, you are not prompted for a passphrase? 20:24 < Lucas_> exactly 20:24 < Bradipo> And this is on OpenBSD? 20:24 < finkfox> right, where X is my local machine, and A is sshd proxy on my localmachine. 20:24 < finkfox> 7.6 20:24 < Bradipo> X or console? 20:24 < finkfox> X 20:24 -!- gustik [~gusto@178-143-43-44.static.orange.sk] has joined #openbsd 20:24 < Bradipo> So you login to X. You have a passphrase on your system. Do you hit cancel when you are prompted to enter the passphrase? 20:24 < finkfox> I can try the same thing outside of X if that helps anything. 20:25 < Bradipo> On OpenBSD, if you have SSH keys in standard locations, it will ask you for the passphrase when you first login. 20:25 < Bradipo> Are you skipping that or do you enter the passphrase? 20:25 < finkfox> Bradipo: you are misunderstanding. 20:25 < Bradipo> Sorry, I should have chosen something other than X. 20:25 < Bradipo> I mean xenodm. 20:25 < finkfox> i'm not asked for passphrased when starting X. I disabled that part. 20:25 < Bradipo> When you login to xenodm, you are prompted for a passphrase. 20:25 < Bradipo> How did you disable it? 20:26 < finkfox> passphrase is asked when I initiate ssh connection like "ssh B" 20:26 < Bradipo> How did you disable the passphrase prompt that happens when you login to xenodm? 20:26 -!- gustik [~gusto@178-143-43-44.static.orange.sk] has quit [Client Quit] 20:26 -!- gustik [~gusto@178-143-43-44.static.orange.sk] has joined #openbsd 20:26 -!- gustik [~gusto@178-143-43-44.static.orange.sk] has quit [Client Quit] 20:26 -!- gustik [~gusto@178-143-43-44.static.orange.sk] has joined #openbsd 20:27 < uwharrie> why are you using localhost as a ProxyJump? are there any other configs attached to that directive? 20:28 < Bradipo> That's also a possibility, but I want to resolve the most obvious possibility which is that it is actually caching. 20:29 < Bradipo> finkfox: How did you disable the passphrase prompt when you login to xenodm? 20:29 < finkfox> Bradipo: sorry, I did not disable the passphrase prompt in X, I believe the part in /etc/X11/xenodm/Xsession ... but I'm not asked passphrase when starting my X 20:29 < finkfox> Bradipo: also, I don't have ssh-agent running. 20:29 < Bradipo> Well, ssh-agent will run automatically when you login. 20:29 < Bradipo> What did you do to prevent ssh-agent from running? 20:29 < Bradipo> Unless your key is named differently than the standard names. 20:30 < Lucas_> it is 20:30 < Bradipo> Ahh, the SSH key is not one of the standard names? 20:30 < Lucas_> at least according to the _redacted_ configs 20:30 < Lucas_> and outputs 20:30 < Lucas_> finkfox: can you share the `ssh -v B` when you *are not* requested for a passphrase? 20:30 < Lucas_> bbl 20:30 < finkfox> Bradipo: none of my key is called "id_rsa id_ecdsa id_ecdsa_sk id_ed25519 id_ed25519_sk id_dsa" 20:31 < Bradipo> finkfox: What WM or DE are you running? 20:31 < Bradipo> Does it have it's own SSH agent? 20:31 < Bradipo> So you may not be using the default ssh-agent that OpenBSD starts if you have well-known keys, but we haven't ruled out other agents. 20:31 < finkfox> Lucas_: that one that I shared above is the "not requested passphrase" version 20:31 < finkfox> Bradipo: dwm 20:32 -!- aqsd [~aqsd@user/aqsd] has quit [Ping timeout: 272 seconds] 20:32 < Bradipo> ssh -v B as mentioned above would be helpful. 20:33 < finkfox> ok then I need to reboot machine and hope that passphrase is no longer "remembered". But I think it actually will be. 20:34 < finkfox> will be back shortly. eager to solve this mystery. thank you for your help and patience. 20:35 < Bradipo> Do you get prompted for a password when using proxy A? 20:36 < Bradipo> Because I just tried: ssh -J proxy -i ~/.ssh/id_test B 20:36 < Bradipo> And I was first prompted for the password to proxy, and then I was prompted for the passphrase for id_test. 20:36 -!- gustik [~gusto@178-143-43-44.static.orange.sk] has quit [Quit: leaving] 20:37 -!- gustik [~gusto@178-143-43-44.static.orange.sk] has joined #openbsd 20:37 < Bradipo> I logged out and repeated, and it worked again as expected. I had to enter a password and then the passphrase. No caching. 20:37 < finkfox> my local proxy A uses private key with empty passphrase. 20:37 < finkfox> could that be the problem? 20:38 -!- khrbtxyz [~khrbtxyz@user/khrbt] has quit [Ping timeout: 272 seconds] 20:38 < Bradipo> Yes. 20:38 < finkfox> Bradipo: if you could try that? 20:38 < Bradipo> But it won't allow you to login to B without the passphrase to your key. 20:38 < Bradipo> Are you sure you didn't accidentally install the private key with no passphrase on B? 20:39 < finkfox> Well, like I said, only the first time it asks me for B passphrase. When I exit and reconnect to B connection succeeds without passphrase prompt. 20:39 < finkfox> Bradipo: absolutely. 20:39 < finkfox> but I will check again to make sure. 20:40 -!- absc [~absc@2a04:ee41:8:6055:af37:868b:f1e2:e68] has joined #openbsd 20:40 < Bradipo> I can try the key on my proxy as you described. 20:40 -!- aqsd [~aqsd@user/aqsd] has joined #openbsd 20:40 < uwharrie> `ssh-add -l` output would be useful, but of note is that the client machine and A are one in the same in this scenario 20:40 < Bradipo> Is the private key with no passphrase a standard named key? 20:40 < Bradipo> Or is it also a different name? 20:41 < Bradipo> Right, client and A are the same. Not sure why that would matter unless there is some strange config as you suggest. 20:41 < finkfox> Bradipo: not a standard named key 20:41 -!- khrbtxyz [~khrbtxyz@user/khrbt] has joined #openbsd 20:41 < finkfox> I check the key on B, and its the one with a passphrase. 20:43 < finkfox> Bradipo: can you reproduce the issue? 20:43 < Bradipo> Not yet. 20:43 < Bradipo> I put a standard key id_ed25519.pub on my proxy A (a remote system not localhost), and when I login to B, I am not prompted for A any longer, but I always get prompted for the passphrase for the key on B. 20:44 < Bradipo> So, if it's not a standard name, what permits SSH to know about the private key that you're using for the proxy A? 20:44 < Bradipo> SSH will not use keys that it doesn't know about. 20:45 < Bradipo> Are you sure that the private key with no passphrase is what's installed on A? 20:45 < finkfox> yes certainly. 20:45 < yang3> I have a problem at "Lemote systems final steps:" setting up auto-boot inside PMON. https://ftp.openbsd.org/pub/OpenBSD/7.6/loongson/INSTALL.loongson and https://paste.debian.net/hidden/62dcf33c/ 20:45 < finkfox> please let me reboot now to check if passphrase gets forgotten. 20:45 < finkfox> brb 20:46 -!- finkfox [~finkfox@user/finkfox] has quit [Quit: finkfox] 20:47 < Bradipo> I suppose I'm not on 7.6 and it's possible that 7.6 has some strange bug or new feature. 20:49 -!- finkfox [~finkfox@user/finkfox] has joined #openbsd 20:49 * finkfox re 20:49 < finkfox> so after rebooting, i'm still not asked for passphrase. 20:49 < Bradipo> On the first attempt, or the second? 20:49 < finkfox> first 20:50 < Bradipo> How are you telling ssh which key to use? 20:50 < finkfox> I could setup another user with its own key, and see if I can reproduce. 20:50 < Bradipo> Well, I think we should seek to understand what you're doing now. 20:50 < finkfox> it's in ~/.ssh/config (shared above) 20:50 -!- hwpplayer1 [~user@user/hwpplayer1] has quit [Quit: bye see you tomorrow] 20:50 < Bradipo> Oh, I didn't see the config, let me look. 20:51 < Bradipo> Interesting. 20:52 < Bradipo> I didn't know ssh_config had HostName directive. 20:52 < finkfox> so to be certain, I believe I should try to reproduce the problem with another user. 20:52 < finkfox> does that make sense? 20:52 < Bradipo> Well, you could try another user I suppose. 20:52 < finkfox> ok, let's see what happens. 20:52 < finkfox> gonna take a minute 20:53 -!- f6k [~f6k@atl.huld.re] has quit [Ping timeout: 248 seconds] 20:54 -!- Aedil [~adrian@ip923469d0.dynamic.kabel-deutschland.de] has quit [Ping timeout: 245 seconds] 20:55 < Bradipo> Does ssh_config support configurations that are not part of the Host declaration? 20:55 -!- yclept [~yclept@user/yclept] has quit [Quit: nyaa~] 20:55 < Bradipo> You have TCPKeepAlive and HashKnownHosts at the top of the config but not part of any Host or other section. 20:57 < brynet> yang3: If you're not dual-booting Linux, there's instructions further down in that section to avoid the boot menu. 20:57 -!- danLe [~danLe@user/danLe] has quit [Remote host closed the connection] 20:58 -!- danLe [~danLe@user/danLe] has joined #openbsd 20:58 < finkfox> Bradipo: you mean I should put it undert "Host *"? 20:58 < Bradipo> finkfox: Also, what's the HostName parameter? I don't see it documented in the man page for ssh_config 20:58 -!- f6k [~f6k@atl.huld.re] has joined #openbsd 20:59 < uwharrie> could disabling TCPKeepAlive allow the tunnel to persist across invocations? what happens if your config is nothing but `Host` `HostName` `IdentifyFile` and `User` directives? 20:59 < Bradipo> Well, based upon my understanding (which could be wrong), ssh_config configuration is separated into various Host sections. 20:59 < Bradipo> Does ssh_config allow parameters outside of a Host specification? 20:59 < finkfox> I'm not sure 21:00 < Bradipo> Well, it's not documented that way as far as I can tell. 21:00 < Bradipo> Also, the order of your things may be wrong. 21:00 < Bradipo> See https://man.openbsd.org/ssh_config 21:00 < Bradipo> Look at the paragraph beginning "Since the first obtained" 21:01 < uwharrie> https://man.openbsd.org/ssh_config#Hostname 21:03 < finkfox> Bradipo: I'm happy to restructure my ssh_config 21:04 < finkfox> I moved the global options under "Host *" and moved "Host *" to the bottom. 21:04 < finkfox> not that it solved the problem 21:04 < Bradipo> I shouldn't think that disabling TCPKeepAlive would cause this. 21:06 < Bradipo> I configured my ~/.ssh/config to be identical to yours and I cannot reproduce it. 21:06 -!- feriman [~feriman@user/feriman] has quit [Quit: leaving] 21:06 -!- f6k [~f6k@atl.huld.re] has quit [Ping timeout: 252 seconds] 21:07 < uwharrie> what settings are in _proxyuser's .ssh/config? what settings are in localhost and B's ssh_ & sshd_config? 21:07 < Bradipo> Do we have output from `ssh -v B` yet? 21:08 -!- feriman [~feriman@user/feriman] has joined #openbsd 21:09 < Bradipo> Actually, I take it back, my system that I was testing on is 7.6. 21:09 < Bradipo> So I'm confused about this HostName parameter... is it undocumented? 21:09 < uwharrie> https://man.openbsd.org/ssh_config#Hostname 21:10 < Bradipo> Ahh, it's "Hostname" not "HostName". 21:11 < finkfox> Bradipo: _proxyuser doesn't have ~/.ssh/config 21:12 -!- f6k [~f6k@atl.huld.re] has joined #openbsd 21:13 -!- Martouf [~82e30593@user/Martouf] has joined #openbsd 21:13 < Bradipo> What about `ssh -v B` output? 21:13 < Bradipo> And also `ssh-add -l` ? 21:14 < Bradipo> And also `ps auxw | grep [a]gent` ? 21:14 < thrig> pgrep agent 21:15 < Bradipo> Yeah, but that only gives me the PID. :-) 21:18 -!- f6k [~f6k@atl.huld.re] has quit [Ping timeout: 272 seconds] 21:19 < finkfox> Bradipo: `ssh -v B` was shared earlier, though only the version where passphrase was remembered. I simply can't get my machine to forget the passphrase. 21:19 < finkfox> `pgrep agent` returns nothing 21:20 < Bradipo> The only ssh -v output that I see is the "tail end" of it. 21:20 < Bradipo> I'm still not convinced that the passphrase is being "remembered". 21:20 -!- format_c [~format_c@2a02:b98:f181:4094:f550:7488:2d5:5ffa] has quit [Quit: format_c] 21:21 < finkfox> ahh. is there away to look into the history? I don't have history here and already removed the file (it was stored in tmp and lost upon reboot :( 21:21 -!- format_c [~format_c@2a02:b98:f181:4094:f550:7488:2d5:5ffa] has joined #openbsd 21:21 < finkfox> i'm still working on setting up another user. 21:21 < Bradipo> Can't you just do `ssh -v B` now and put up more output on clbin.com? 21:22 < Bradipo> I don't know if there is any log of this channel. There probably is somewhere. 21:23 < finkfox> Bradipo: I could. but that involves anonymizing the log, which is a bit of work. 21:23 < yang3> brynet i want the boot menu in PMON to be visible, I have this config now (removed the tabbed-space) https://paste.debian.net/1338260/ I did what the manual says, except I did not do PMON> set bsd /bsd 21:23 < finkfox> Lucas_: are you still around, could you maybe please get the link with the ssh log from earlier for us? 21:24 < finkfox> Bradipo: please let me setup other user first. 21:26 < Bradipo> Why do you have "PubkeyAuthentication host-bound" in your config? 21:27 -!- umgeher [~umgeher@user/umgeher] has quit [Quit: WeeChat 4.4.2] 21:29 -!- noone [~six@user/six] has joined #openbsd 21:30 -!- fedaykin [~rusty@user/fedaykin] has quit [Quit: leaving] 21:30 -!- unpx_ [~unpx@83.136.104.244] has joined #openbsd 21:30 < finkfox> I believe I was playing with the settings trying to make security more tight. 21:30 -!- unpx [~unpx@83.136.104.244] has quit [Read error: Connection reset by peer] 21:30 < finkfox> ok with the other user, the passphrase does not seem to be cached! 21:30 < Bradipo> Yeah, I assumed this would be the case. 21:31 < yang3> IcePic smartmontools package made https://paste.debian.net/plainh/37b2d906 21:31 < finkfox> so it's most likely something with my normal user environment. but what? 21:31 < Bradipo> Well, if there is no ssh-agent running that's pretty surprising. 21:32 -!- fedaykin [~rusty@user/fedaykin] has joined #openbsd 21:32 < Bradipo> Is there perhaps an ssh-agent running on the proxy (not that this should matter). 21:32 < finkfox> on the proxy? that is the local machine. ps aux | grep agent ... nothing 21:33 < Bradipo> Oh right. 21:33 -!- qiy [~rusty2@user/scuttlecell] has quit [Remote host closed the connection] 21:33 < finkfox> could compare the two different "ssh -v B" logs now. 21:34 < Bradipo> Yeah, that might be helpful. 21:35 -!- oraculo [~mirc-rc@177.100.68.254] has quit [Quit: Use #POP!_OS] 21:35 -!- qiy [~rusty2@user/scuttlecell] has joined #openbsd 21:37 -!- user71 [~user71@2001:1530:1012:3964:faf:3d95:a36e:187e] has quit [Quit: Leaving] 21:43 -!- accelerat0r [~user@user/accelerat0r] has joined #openbsd 21:43 -!- feriman [~feriman@user/feriman] has quit [Ping timeout: 248 seconds] 21:43 -!- f6k [~f6k@atl.huld.re] has joined #openbsd 21:44 < finkfox> Bradipo: it may sound strange but the ssh logs look identical, i.e. 'ssh -v B' 21:44 < finkfox> should I set up a new keypair for my normal user? 21:44 < yang3> This is the smartctl output, I guess the dirve is in a good shape? (if someone knows how to read those flags) https://paste.debian.net/hidden/3875a782/ 21:45 < Bradipo> finkfox: If you start making changes, test them one at a time. 21:45 < Bradipo> Start by generating a new SSH key to be used with B. 21:46 < Bradipo> Make sure it has a *different* passphrase than everything else. 21:46 -!- m0v [~m0v@user/m0v] has quit [Ping timeout: 248 seconds] 21:47 < finkfox> Bradipo: or what would you do in such a case? 21:47 < finkfox> I'm so confused. 21:47 < Bradipo> Well, we're kind of communicating about the problem vicariously. 21:48 < Bradipo> What I would do is start looking at `ssh -vv B` and if that doesn't reveal enough information, `ssh -vvv B` 21:48 < Bradipo> Also, look to see if you have other SSH connections before and after you login and logout. 21:48 < Bradipo> e.g. ps auxw | grep [s]sh 21:49 -!- f6k [~f6k@atl.huld.re] has quit [Ping timeout: 260 seconds] 21:49 < finkfox> I removed my "normal user" from B's authorized keys. Now I'm getting permission denied. so at least that works. 21:49 < Bradipo> Now, put in a new key in it's place that has a passphrase that is *different* from any other password/passphrase. 21:52 -!- m0v [~m0v@103.208.204.243] has joined #openbsd 21:52 -!- m0v [~m0v@103.208.204.243] has quit [Changing host] 21:52 -!- m0v [~m0v@user/m0v] has joined #openbsd 21:54 < IcePic> yang3: you only need to "make package", otherwise each package will eat space unpacked for being installed under /usr/local also 21:59 < finkfox> Bradipo: so now with a new key "the normal user" is reliably prompted for passphrase. 21:59 < finkfox> I also compared "ssh -vvv B" output for "prompted" and "not prompted" case. they look symetric. 21:59 -!- donofrio_ [~donofrio@68.60.130.180] has quit [Read error: Connection reset by peer] 21:59 < finkfox> I'm puzzled. 22:00 -!- donofrio [~donofrio@68.60.130.180] has joined #openbsd 22:00 < finkfox> so the problem might be fixed, but the cause is not understood. doesn't feel satisfying yet. 22:00 -!- f6k [~f6k@atl.huld.re] has joined #openbsd 22:01 < finkfox> is this called a "ghost bug"? 22:02 < mischief> yang3: Raw_Read_Error_Rate and Seek_Error_Rate and Hardware_ECC_Recovered being nonzero is probably not good 22:02 < mischief> if you haven't already, you should trigger the short self test 22:03 < yang3> i have some spare drives...this one was shaked a lot during the transport...if it fails I'll replace it 22:03 < uwharrie> I'd also drop all the random knobs you twisted in the name of security tightening in the event that they don't do what you think they do 22:03 < yang3> mischief https://paste.debian.net/1338267/ 22:06 -!- gustik [~gusto@178-143-43-44.static.orange.sk] has quit [Quit: leaving] 22:07 -!- f6k [~f6k@atl.huld.re] has quit [Ping timeout: 265 seconds] 22:07 -!- morpho [~user@87.114.27.21] has joined #openbsd 22:09 < finkfox> ok I checked. it turns out the old ssh key did not have a passphrase. though, I never ever unset the passphrase. how can this be? 22:09 < mischief> yang3: well, it will presumably work until it doesn't :-) make some backups. 22:10 < yang3> mischief, sure, , but so far it's only a test/demo machine 22:10 < finkfox> Bradipo, Lucas_ et al: thank you for your assistance 22:10 -!- ficonni [~ficonni@178-223-139-140.dynamic.isp.telekom.rs] has joined #openbsd 22:13 -!- f6k [~f6k@atl.huld.re] has joined #openbsd 22:16 -!- khrbtxyz [~khrbtxyz@user/khrbt] has quit [Ping timeout: 272 seconds] 22:17 -!- khrbtxyz [~khrbtxyz@user/khrbt] has joined #openbsd 22:17 -!- f6k [~f6k@atl.huld.re] has quit [Ping timeout: 246 seconds] 22:18 < morpho> is there a good book recomendation for C programming? 22:19 -!- accelerat0r [~user@user/accelerat0r] has quit [Ping timeout: 260 seconds] 22:19 < morpho> im up to the point where I am trying to implement like generic containers and stuff and just want to learn more 22:20 -!- DoppelGanger [~Angelus@syn-067-240-045-108.res.spectrum.com] has quit [Quit: leaving] 22:21 -!- qiy [~rusty2@user/scuttlecell] has quit [Remote host closed the connection] 22:21 < Bradipo> finkfox: In other words it wasn't caching anything. So what passphrase was it prompting for? 22:22 < Bradipo> If the key had none, were you just getting a password prompt for proxy A? 22:22 -!- uncleyear [~ian@45.80.46.84] has quit [Ping timeout: 248 seconds] 22:23 -!- qiy [~rusty2@user/scuttlecell] has joined #openbsd 22:25 -!- tvtoon [~The_cUnix@user/tvtoon] has quit [Quit: "Wendy, you are my darling..."] 22:27 < finkfox> Bradipo: it is super strange. I'm very confused myself. But all I can say for certain at this point is that the key did not have a passphrase like it used to. 22:27 < Bradipo> Did it ever have one? :-) 22:27 < Bradipo> What's the timestamp on the private key? 22:28 -!- gumnos [~gumnos@107.115.151.103] has joined #openbsd 22:28 < finkfox> Feb 11 2024. that is the same for all my other "old" keys. 22:29 < finkfox> that still have a passphrase. 22:29 < finkfox> does removing a passphrase from a key change the date? 22:29 < Bradipo> Yes. 22:29 < Bradipo> What's the first line of your key? 22:30 < finkfox> so it's awkward. then the change must have happend before that date. I think I switched to another laptop on that date. 22:30 < finkfox> Bradipo: -----BEGIN OPENSSH PRIVATE KEY----- 22:30 < Bradipo> Ok, so it's using the new key format. 22:31 < Bradipo> But now everything that you said above still is not explained. 22:32 < Bradipo> This explains why you were able to login without a passphrase. It does not explain why it prompted you for a passphrase. 22:32 < Bradipo> Unless you were just mistaken about it. 22:33 < finkfox> I wouldn't outrule that. Though the whole case is still strange. Why would I remove a passphrase from my private key? 22:33 < Bradipo> I find it unlikely that you removed a passphrase. 22:33 < finkfox> I wouldn't even know how (i'd have to look it up in the man page) 22:33 -!- f6k [~f6k@atl.huld.re] has joined #openbsd 22:33 < Bradipo> It's more likely that it never had one to begin with. 22:34 < finkfox> I doubt that. I keep my passphrases in a password store. And that one certainly had one. 22:34 < finkfox> well well. human error is of very likely. 22:34 < Bradipo> Well, you did mention that you changed laptops... 22:34 < finkfox> here is maybe what happened: 22:35 < Bradipo> Perhaps when you changed it, you were in a hurry and forgot to generate a key with a passphrase and thought your use of that key was "temporary". 22:35 < Bradipo> Then time passed, and you completely forgot to replace it with one that did have a passphrase. 22:36 < finkfox> i created passphrase in password store. then copied it to create ssh key. though my password store has time limit and I was to slow and ended up with an empty passphrase? wicked. 22:36 -!- gman999 [~GMan999@user/gman999] has quit [Quit: WeeChat 4.4.2] 22:36 < finkfox> (password store erased clipboard after x seconds) 22:37 < Bradipo> And you didn't pay attention to the prompts. 22:37 < finkfox> I need to find a more reliable way for creating safe ssh keys with passphrases. 22:37 -!- donofrio [~donofrio@68.60.130.180] has quit [Ping timeout: 255 seconds] 22:39 < uwharrie> hardware key? 22:39 < Bradipo> finkfox: First thing, don't copy/paste a passphrase from somewhere else. Type it in. 22:39 < Bradipo> Then you're certain that it exists. 22:40 < Bradipo> But it should have warned you that you had an empty passphrase. 22:40 < finkfox> Bradipo: on the other hand, IÃÃÃ'm very confidethat I had cases where I wanted to ssh and was prompted for passphrase. 22:41 < finkfox> Bradipo: right. and i certainly would have not overread that warning message. but who knows. 22:41 -!- format_c [~format_c@2a02:b98:f181:4094:f550:7488:2d5:5ffa] has quit [Quit: format_c] 22:41 -!- psydroid [~psydroid@user/psydroid] has quit [Quit: KVIrc 5.2.6 Quasar http://www.kvirc.net/] 22:41 -!- absc [~absc@2a04:ee41:8:6055:af37:868b:f1e2:e68] has quit [Quit: Got to go. irctk 1.1.0-beta] 22:41 -!- format_c [~format_c@2a02:b98:f181:4094:f550:7488:2d5:5ffa] has joined #openbsd 22:41 < Bradipo> 'Tis a pity that there doesn't exist an SSH config option that says "PermitEmptyPassphrase" for use when generating a key. 22:41 < finkfox> if it was an attack (very hypothetical), the attacker could intercept the passphrase and use it to remove the passphrase? 22:42 -!- absc [~absc@2a04:ee41:8:6055:af37:868b:f1e2:e68] has joined #openbsd 22:42 < Bradipo> No, I'm talking about avoiding human error like this. 22:42 < Bradipo> Not avoiding attackers. 22:42 < finkfox> Agreed. 22:42 < uwharrie> copious note and session recording are common practice to prevent this "do things at random, get confused when they break" type scenario 22:43 < Bradipo> In this case the SSH key was generated months ago. But what I'm confused about is... why did it take so long to notice? 22:43 < Bradipo> Why did it take months to notice that everytime you use that SSH key it did *not* prompt you for a passphrase? 22:43 < finkfox> maybe more like years. it was copied from the old machine. 22:43 < finkfox> I need to renew all my keys. 22:43 < finkfox> and check them 22:44 < uwharrie> you shouldn't share keys between machines 22:44 < Bradipo> And by "share keys" he means "private keys". 22:44 < Bradipo> It's usually best, when you get a new system, to generate new keys specific for that system. 22:45 -!- mikewilzn [609e48c489@user/mikewilzn] has left #openbsd [Error from remote client] 22:45 < finkfox> good point. 22:46 < finkfox> I guess it was also the feat of loosing access to my servers. 22:46 < Bradipo> It's certainly more convenient to use the old keys because they all work. 22:46 < finkfox> (fear) 22:47 < finkfox> I need to rethink my key management. 22:47 < finkfox> how often do you all renew your keys (if ever?) 22:47 < Bradipo> I "renew" them when I replace my system. 22:47 < Lucas_> Bradipo: for the record, you can have global directives, under no Host 22:47 < Lucas_> in ssh_config 22:47 < Bradipo> Lucas_: I'm trying to see where in the man page it says as much. 22:48 < Bradipo> I did look through it and the first major paragraph says "configuration files contain sections separated by Host specifications" 22:49 < Bradipo> It doesn't say anything about a global section or allowing parameters outside of Host sections. But clearly it does work. 22:49 -!- mikewilzn [609e48c489@user/mikewilzn] has joined #openbsd 22:50 < uwharrie> you have to piece 2 other statements together "The file contains keyword-argument pairs, one per line." "Host Restricts the following declarations (up to the next Host or Match keyword) to be only for those hosts that match one of the patterns given after the keyword." 22:50 -!- ipetruk [~user@user/ipetruk] has quit [Quit: ZNC 1.9.1 - https://znc.in] 22:50 < Bradipo> Yeah. 22:50 < Bradipo> I think I was just coming to that same realization. 22:51 < Bradipo> It does mention using * as a Host pattern to "provide global defaults". 22:51 -!- theruran [uid11305@id-11305.hampstead.irccloud.com] has quit [Quit: Connection closed for inactivity] 22:51 < Bradipo> But obviously if there is no Host section at all, then those declarations are also "global". 22:54 -!- critter [~critter@200.90.104.39] has quit [Remote host closed the connection] 22:54 -!- critter [~critter@200.90.104.39] has joined #openbsd 22:57 -!- memset [~memset@gateway/tor-sasl/memset] has joined #openbsd 22:57 -!- morpho [~user@87.114.27.21] has quit [Ping timeout: 246 seconds] 22:58 -!- unpx_ [~unpx@83.136.104.244] has quit [Read error: Connection reset by peer] 23:00 -!- memset_ [~memset@gateway/tor-sasl/memset] has quit [Ping timeout: 264 seconds] 23:00 -!- unpx [~unpx@83.136.104.244] has joined #openbsd 23:04 -!- chilledfrogs [~chilledfr@176-133-210-176.abo.bbox.fr] has quit [Quit: connection reset by purr] 23:05 -!- jupiter126 [~jupiter12@87.240.216.169] has joined #openbsd 23:06 -!- jupiter126 [~jupiter12@87.240.216.169] has quit [Remote host closed the connection] 23:06 -!- lavaball [~Melissa@31.204.155.215] has quit [Remote host closed the connection] 23:15 -!- mikewilzn [609e48c489@user/mikewilzn] has left #openbsd [Error from remote client] 23:16 -!- theruran [uid11305@id-11305.hampstead.irccloud.com] has joined #openbsd 23:16 -!- jupiter126 [~jupiter12@87.240.216.169] has joined #openbsd 23:18 -!- megawatt [~megawatt@user/megawatt] has left #openbsd [] 23:18 -!- gman999 [~GMan999@user/gman999] has joined #openbsd 23:18 -!- chilledfrogs [~chilledfr@rsa59-h05-176-133-210-176.dsl.sta.abo.bbox.fr] has joined #openbsd 23:23 -!- Xenguy [~Xenguy@user/xenguy] has joined #openbsd 23:23 -!- absc [~absc@2a04:ee41:8:6055:af37:868b:f1e2:e68] has quit [Quit: Got to go. irctk 1.1.0-beta] 23:49 -!- finkfox [~finkfox@user/finkfox] has quit [Ping timeout: 265 seconds] 23:52 -!- waves [~waves@user/waves] has quit [Ping timeout: 276 seconds] 23:54 -!- okidoki [~okidoki@135.148.120.125] has quit [Ping timeout: 245 seconds] 23:54 -!- okidoki [~okidoki@135.148.120.125] has joined #openbsd 23:58 -!- ficonni [~ficonni@178-223-139-140.dynamic.isp.telekom.rs] has quit [Remote host closed the connection] --- Log closed Thu Dec 05 00:00:34 2024