--- Log opened Fri Jan 09 00:00:32 2026 00:01 -!- furudera_ [~furudera@user/furudera] has joined #openbsd 00:04 -!- furudera [~furudera@user/furudera] has quit [Ping timeout: 246 seconds] 00:07 -!- jonf_ [~jonf@163.5.171.92] has quit [Read error: Connection reset by peer] 00:07 -!- jonf [~jjf@163.5.171.92] has quit [Read error: Connection reset by peer] 00:10 -!- jonf_ [~jonf@163.5.171.92] has joined #openbsd 00:10 -!- jonf [~jjf@163.5.171.92] has joined #openbsd 00:11 -!- rtj [~rtj@user/rtj] has joined #openbsd 00:16 -!- goldfishdev [~goldfish@user/goldfishdev] has joined #openbsd 00:18 -!- librecat [uid714233@id-714233.helmsley.irccloud.com] has quit [Quit: Connection closed for inactivity] 00:21 < goldfishdev> Hello! I want to move my website to OpenBSD. Previously, I was using Github Pages and Cloudflare, but I would like to use neither of those. How would you guys recommend doing DNS? 00:24 < jrmu> openbsd comes with nsd 00:24 < pardis> the simplest way is just to use the DNS provided by your registrar, many provide it for free with a registered domain 00:25 < pardis> if you are new to self-hosting I would suggest not also trying to learn nsd right away 00:25 < pardis> you can always migrate later if you have the time and inclination 00:25 -!- nature [~nature@64.137.144.64] has joined #openbsd 00:25 -!- zimmer [~zimmer@user/zimmer] has quit [Ping timeout: 246 seconds] 00:26 -!- jonf [~jjf@163.5.171.92] has quit [Read error: Connection reset by peer] 00:26 -!- jonf_ [~jonf@163.5.171.92] has quit [Read error: Connection reset by peer] 00:28 -!- jonf [~jjf@163.5.171.92] has joined #openbsd 00:28 -!- jonf_ [~jonf@163.5.171.92] has joined #openbsd 00:29 -!- EtherNet [~ethernet@user/ethernet] has quit [Ping timeout: 240 seconds] 00:37 -!- frkzoid [~frkazoid3@2603-900b-46f0-b390-4a1d-0f01-a761-0d94.inf6.spectrum.com] has joined #openbsd 00:38 -!- huy [~huy@5.48.202.12] has quit [Ping timeout: 265 seconds] 00:41 -!- yeahitsme [~bob@user/yeahitsme] has quit [Quit: Cya!] 00:41 -!- frkazoid333 [~frkazoid3@2603-900b-46f0-b390-75b8-623a-948f-3ec3.inf6.spectrum.com] has quit [Ping timeout: 256 seconds] 00:41 -!- angel [~angel@47.210.0.219] has joined #openbsd 00:46 -!- fflam [~mdt@2600:4040:10f9:2b00::1c19] has quit [Ping timeout: 246 seconds] 00:46 -!- angel [~angel@47.210.0.219] has quit [Quit: angel] 00:46 -!- figment [~figment@user/figment] has quit [Ping timeout: 260 seconds] 00:48 -!- szilard [~szilard@1F2EFBAD.nat.pool.telekom.hu] has quit [Read error: Connection reset by peer] 00:49 -!- szilard [~szilard@1F2EFBAD.nat.pool.telekom.hu] has joined #openbsd 00:49 -!- ublxi [~ublx@user/ublx] has quit [Quit: ublxi] 00:51 -!- EtherNet [~ethernet@user/ethernet] has joined #openbsd 01:09 -!- m0v [~m0v@user/m0v] has quit [Ping timeout: 250 seconds] 01:17 -!- m0v [~m0v@210.87.86.197] has joined #openbsd 01:17 -!- m0v [~m0v@210.87.86.197] has quit [Changing host] 01:17 -!- m0v [~m0v@user/m0v] has joined #openbsd 01:19 -!- fflam [~mdt@2600:4040:10f9:2b00::1c19] has joined #openbsd 01:21 -!- zimmer [~zimmer@user/zimmer] has joined #openbsd 01:21 -!- sjg [~sjg@user/sjg] has quit [Ping timeout: 246 seconds] 01:21 -!- tozhu [~tozhu@223.87.244.17] has joined #openbsd 01:22 -!- figment [~figment@user/figment] has joined #openbsd 01:23 -!- sjg [~sjg@user/sjg] has joined #openbsd 01:27 -!- slim [~slim@user/meow/slim] has quit [Quit: bWFkZSB5b3UgbG9vaw==] 01:28 -!- sweatiest [~znc@user/sweatiest] has quit [Quit: ZNC 1.9.1+deb2+b3 - https://znc.in] 01:34 -!- sweatiest [~znc@user/sweatiest] has joined #openbsd 01:34 -!- jitter [~jitter@user/jitter] has quit [Ping timeout: 252 seconds] 01:37 -!- jonf [~jjf@163.5.171.92] has quit [Read error: Connection reset by peer] 01:37 -!- jonf_ [~jonf@163.5.171.92] has quit [Read error: Connection reset by peer] 01:37 -!- tvtoon [~The_cUnix@user/tvtoon] has quit [Read error: Connection reset by peer] 01:38 < phy1729> There are communities that will host DNS for you like https://beta.servfail.network/ (I haven't used them so can't vouch for them) 01:39 -!- lolok [~lolok@user/lolok] has joined #openbsd 01:39 -!- jonf_ [~jonf@163.5.171.92] has joined #openbsd 01:39 -!- jonf [~jjf@163.5.171.92] has joined #openbsd 01:43 < mischief> i have used freedns for over 10 years 01:50 -!- jadi [~jadi@ip-208-181-103-138.adsl.radiant.net] has quit [Ping timeout: 240 seconds] 01:57 -!- byteskeptical [~amnesia@user/byteskeptical] has joined #openbsd 02:02 -!- jitter [~jitter@149.224.211.138.dynamic-pppoe.dt.ipv4.wtnet.de] has joined #openbsd 02:02 -!- jitter [~jitter@149.224.211.138.dynamic-pppoe.dt.ipv4.wtnet.de] has quit [Changing host] 02:02 -!- jitter [~jitter@user/jitter] has joined #openbsd 02:06 -!- uncleyear [~ian@178.66.156.126] has quit [Ping timeout: 264 seconds] 02:18 < unpx> I'm upgrading a very constrained system where I have a minimal install of OpenBSD. With OpenBSD 7.8 it failed upgrade of bsd+base78+xbase78 because it filled the /usr directory. Now I cannot relink the kernel as supposed. Any idea? 02:25 < ssm_> unpx: may be /usr/share/relink 02:25 -!- cmcsun [~sun@66.23.193.72] has quit [Changing host] 02:25 -!- cmcsun [~sun@user/cmcsun] has joined #openbsd 02:25 < unpx> Yeah most usage is in some lib and the other is in the relink 02:25 < ssm_> oh you know that's the problem. try nuking it and try again lol 02:25 < ssm_> this is actually supported now 02:26 < unpx> From bsd.rd or from normal booted ? 02:27 < ssm_> shouldn't matter, just before installing the sets 02:28 < unpx> So, I nuke it, run upgrade, and what is the minimal just to trigger this again? I don't want to redownload everything just to rebuild this 02:31 < unpx> Looks like I need both bsd and base78 to trigger that 02:32 -!- zimmer [~zimmer@user/zimmer] has quit [Read error: Connection reset by peer] 02:32 -!- jadi [~jadi@node-1w7jr9qxd4zuo8o00yqghfmg4.ipv6.telus.net] has joined #openbsd 02:32 -!- stuart [~stuart@195.52.165.209] has joined #openbsd 02:33 -!- jonf_ [~jonf@163.5.171.92] has quit [Read error: Connection reset by peer] 02:33 -!- jonf [~jjf@163.5.171.92] has quit [Write error: error:80000068:system library::Connection reset by peer] 02:33 -!- zimmer [~zimmer@user/zimmer] has joined #openbsd 02:35 -!- jonf [~jonf@163.5.171.92] has joined #openbsd 02:35 -!- jonf_ [~jjf@163.5.171.92] has joined #openbsd 02:36 -!- stuart [~stuart@195.52.165.209] has quit [Ping timeout: 240 seconds] 02:37 < unpx> Like, I don't understand... it's a 3G /usr folder... what shall I purge to get more space? 02:42 -!- jadi [~jadi@node-1w7jr9qxd4zuo8o00yqghfmg4.ipv6.telus.net] has quit [Ping timeout: 264 seconds] 02:43 < fro> dunno but my /usr is like 15G 02:43 < pardis> that depends heavily on what other partitions you have under /usr 02:43 < pardis> just knowing how big /usr is is meaningless 02:44 < unpx> So 02:44 < unpx> $ cat /usr/share/relink/kernel/GENERIC/relink.log 02:44 < unpx> (SHA256) /bsd: OK 02:44 < unpx> make: don't know how to make newbsd 02:44 < unpx> Stop in /usr/share/relink/kernel/GENERIC 02:44 < mischief> backup and reinstall ;) 02:44 < pardis> see topic regarding multiline pastes 02:44 < unpx> root is 1.1G, /usr 2.9G, /home 1G, pardis 02:45 < unpx> pardis: force of habit 02:45 < unpx> mischief: yeah... 02:46 < pardis> if you don't have a separate /usr/local and removing /usr/share/relink didn't get you past it, pkg_delete some things (if you have installed packages) 02:47 -!- dwayneiam [~dwayne@user/e54] has joined #openbsd 02:47 < ssm_> pkg_delete -X nukes everything if you're desperate 02:48 < ssm_> make a backup list with pkg_info -zm first to install later 02:48 < dwayneiam> Hello OpenBSD! 02:48 < unpx> Wait, can I purge /usr/share/relink/kernel and then running reorder_kernel will make it through? 02:48 < pardis> stop worrying about reorder_kernel, you don't need your current kernel anymore after the upgrade 02:49 < pardis> you only need to care if that works after you have upgraded 02:49 < unpx> Everything works fine except that it cannot reorder 02:50 < pardis> well, you've been given the solution by multiple people, it's up to you if you want to use it 02:51 < unpx> I guess I need to think better how to use 5GB 02:51 < unpx> pardis: you mean backup and reinstall? 02:51 < dwayneiam> using cwm and lovin it. I want to change cursor size and having no luck. Been searching for a while whith no luck. Using xenodm, cwm. Xresources has no effect? 02:51 < pardis> no, I mean rm -rf /usr/share/relink and run sysupgrade again 02:52 < pardis> and pkg_delete some stuff if necessary/applicable 02:53 -!- jitter [~jitter@user/jitter] has quit [Ping timeout: 244 seconds] 02:55 -!- jitter [~jitter@188.136.228.82.dynamic-pppoe.dt.ipv4.wtnet.de] has joined #openbsd 02:55 -!- jitter [~jitter@188.136.228.82.dynamic-pppoe.dt.ipv4.wtnet.de] has quit [Changing host] 02:55 -!- jitter [~jitter@user/jitter] has joined #openbsd 02:56 < unpx> Thank you for the advices, I will look into this after some sleep 02:57 -!- Bradipo [~Bradipo@50.77.44.19] has joined #openbsd 02:57 < dwayneiam> adding "Xcursor.size: 24" to ~/.Xresources has no effect 02:58 < dwayneiam> and yes i did "xrdb -merge .Xresources" 02:59 < unpx> dwayneiam: not sure, could root font size affect that? 03:00 < dwayneiam> Idk. What is root font size. 03:02 < dwayneiam> could not change cursor theme also. Was trying to use rose pine. no luck 03:02 < unpx> xroot*font... or something... 03:03 -!- djhankb9311835 [~djhankb@ip-208-113-164-68.nodes.dream.io] has quit [Remote host closed the connection] 03:03 -!- djhankb9311835 [~djhankb@ip-208-113-164-68.nodes.dream.io] has joined #openbsd 03:08 < Bradipo> Interesting, X has so many things... 03:08 < Bradipo> I never new you could set the cursor size. 03:10 < dwayneiam> Bradipo: Well i can't. Should be easy. But no 03:10 < byteskeptical> dwayneiam: two things, one did you log out all the way and then back in after your xrdb -merge command? Also if you expecting GTK applications to respect that then you will probably be disappointed. 03:10 < Bradipo> You shouldn't have to logout and login after running xrdb -merge. 03:11 < Bradipo> In fact, if you do, you'll lose the setting. 03:11 < Bradipo> I don't think .Xresources is read in OpenBSD is it? It's supposed to be .Xdefaults 03:11 < byteskeptical> you will also probably need to change your Xcursor.theme to use something other the fixed bitmap 03:11 < byteskeptical> Bradipo: I'm assuming he has that in his .xsession 03:12 < byteskeptical> otherwise yes it will all be temporary 03:12 < byteskeptical> it will read whatever file you point it too, yes .Xdefaults is the 'default' but he is not using that 03:14 < dwayneiam> byteskeptical: I can see .Xresources is being used. I have other settingd in there that take affect. 03:15 < Bradipo> Ok, good to know. 03:15 < Bradipo> I didn't realize that both were used. 03:15 < unpx> dwayneiam: or changing dpi? 03:16 < byteskeptical> dwayneiam: you'll probably be interested in .config/gtk-3.0/settings.ini 03:16 < dwayneiam> Bradipo: If you look at files in /etc/X11/xenodm you see 03:17 < Bradipo> Yep. 03:17 < Bradipo> In the Xsession file. 03:17 < Bradipo> I've always just relied upon ~/.Xdefaults, but nice to know that Xsession loads ~/.Xresources as well. 03:18 < unpx> pardis: UVM uid 0 killed out of swap and then reordering fails in user mode (after successful upgrade in bsd.rd) 03:19 < dwayneiam> byteskeptical: using cwm. gtk-3 dont apply 03:19 < byteskeptical> do you use a browser? 03:20 < dwayneiam> yes NetScape 03:20 < Bradipo> Is Netscape still a thing? 03:20 < dwayneiam> No jk 03:22 < Bradipo> Looks like AOL finally decided to discontinue Netscape: https://help.aol.com/articles/changes-to-netscape-isp 03:22 < byteskeptical> I thought you were being cheeky and calling firefox by its dead name 03:22 -!- djhankb9311835 [~djhankb@ip-208-113-164-68.nodes.dream.io] has quit [Quit: Ping timeout (120 seconds)] 03:23 < byteskeptical> Bradipo: and my old email address, sad 03:23 -!- djhankb9311835 [~djhankb@ip-208-113-164-68.nodes.dream.io] has joined #openbsd 03:23 < dwayneiam> byteskeptical: funny. If you use xprop and look at class it says netscape 03:23 < byteskeptical> I believe it. There's probably quite a bit of that still around 03:24 -!- rak [~rak@debian/rak] has quit [Ping timeout: 264 seconds] 03:24 -!- szilard- [~szilard@1F2EFBAD.nat.pool.telekom.hu] has joined #openbsd 03:24 -!- gce108 [~gce@user/gce108] has quit [Read error: Connection reset by peer] 03:24 -!- szilard [~szilard@1F2EFBAD.nat.pool.telekom.hu] has quit [Ping timeout: 264 seconds] 03:24 -!- szilard- is now known as szilard 03:24 -!- zami3l4 [~zami3l@tokyo.netunix.net] has joined #openbsd 03:25 -!- gce108 [~gce@user/gce108] has joined #openbsd 03:25 -!- skippy8 [~skippy8@user/Skippy8] has quit [Quit: WeeChat 4.8.1] 03:25 < byteskeptical> unpx: Sacrifice some space from your home directory 03:25 -!- DragonMaus [~DragonMau@user/dragonmaus] has quit [Ping timeout: 264 seconds] 03:25 < dwayneiam> I'll be back. Need to figure this out. See you all in hour or so 03:26 -!- dqk [~dqk@lfbn-lyo-1-413-180.w2-7.abo.wanadoo.fr] has quit [Ping timeout: 264 seconds] 03:26 -!- constxqt [~constxd@user/constxd] has joined #openbsd 03:27 -!- fedaykin [~rusty@user/fedaykin] has quit [Ping timeout: 264 seconds] 03:27 -!- zami3l [~zami3l@tokyo.netunix.net] has quit [Ping timeout: 264 seconds] 03:27 -!- zami3l4 is now known as zami3l 03:27 < byteskeptical> unpx: if your still this early into the install/new installed process honestly what mischief said is going to be a lot less painful 03:27 -!- EtherNet [~ethernet@user/ethernet] has quit [Ping timeout: 264 seconds] 03:27 -!- RootCellar [~RootCella@user/RootCellar] has quit [Ping timeout: 264 seconds] 03:27 -!- constxd [~constxd@user/constxd] has quit [Ping timeout: 264 seconds] 03:28 -!- EtherNet [~ethernet@user/ethernet] has joined #openbsd 03:28 -!- dqk [~dqk@lfbn-lyo-1-413-180.w2-7.abo.wanadoo.fr] has joined #openbsd 03:28 < byteskeptical> unpx: you can also use a usb or some other external storage to give you back that space. 03:28 -!- fedaykin [~rusty@user/fedaykin] has joined #openbsd 03:29 -!- RootCellar [~RootCella@user/RootCellar] has joined #openbsd 03:29 -!- rak [~rak@debian/rak] has joined #openbsd 03:29 < unpx> byteskeptical: sadly is a 1CPU 512MB VPS 03:30 -!- hsw_ [~hsw@112-104-86-252.adsl.dynamic.seed.net.tw] has joined #openbsd 03:30 -!- rIMpossible [~rIMpossib@ams.skapf.de] has quit [Ping timeout: 264 seconds] 03:31 < byteskeptical> my ubiquity erl is pretty much that but not remote 03:31 < mischief> my recent vultr vps is pretty tiny, their preprovisioned vm is just one / and one /usr/local partition 03:32 -!- rIMpossible [~rIMpossib@ams.skapf.de] has joined #openbsd 03:33 -!- hsw [~hsw@112-104-86-252.adsl.dynamic.seed.net.tw] has quit [Ping timeout: 264 seconds] 03:33 -!- jadi [~jadi@node-1w7jr9qxd4zuo8o00yqghfmg4.ipv6.telus.net] has joined #openbsd 03:34 < byteskeptical> unpx: it's possible to do what you want but you have to give a bit somwhere or this will turn into a choir with every upgrade 03:34 < pardis> hopefully with some accompaniment 03:36 < byteskeptical> lol hopefully 03:39 < unpx> Stopping services just to let relink and it finally completed 03:39 < Bradipo> How long did relink take? 03:41 -!- jadi [~jadi@node-1w7jr9qxd4zuo8o00yqghfmg4.ipv6.telus.net] has quit [Ping timeout: 246 seconds] 03:44 -!- jadi [~jadi@d206-116-74-208.bchsia.telus.net] has joined #openbsd 03:46 -!- hsw_ is now known as hsw 03:49 -!- jadi [~jadi@d206-116-74-208.bchsia.telus.net] has quit [Ping timeout: 260 seconds] 03:52 -!- _zip100 [~zip100@193.32.248.177] has quit [Ping timeout: 240 seconds] 03:53 -!- zip100- [~zip100@185.209.196.212] has joined #openbsd 04:00 -!- librecat [uid714233@id-714233.helmsley.irccloud.com] has joined #openbsd 04:14 -!- loganaden [~logan@105.235.158.235] has joined #openbsd 04:15 -!- raj [uid72176@user/raj] has joined #openbsd 04:17 < goldfishdev> okay, I got my DNS working, now I just need to make the pages render right lol 04:17 < goldfishdev> (and https) 04:26 -!- loganaden [~logan@105.235.158.235] has quit [Ping timeout: 246 seconds] 04:27 -!- fflam [~mdt@2600:4040:10f9:2b00::1c19] has quit [Ping timeout: 265 seconds] 04:27 -!- loganaden [~logan@105.235.158.235] has joined #openbsd 04:30 -!- Qual [~sage@user/Qual] has joined #openbsd 04:31 -!- mexen [uid495612@user/mexen] has joined #openbsd 04:32 < raj> goldfishdev: what are you trying to do? rebuild a dns and a web browser ? 04:33 < goldfishdev> I'm just trying to host a website :') 04:37 -!- loganaden [~logan@105.235.158.235] has quit [Ping timeout: 256 seconds] 04:38 < raj> ok 04:40 -!- loganaden [~logan@105.235.158.235] has joined #openbsd 04:42 < mischief> acme-client + httpd / maybe relayd work good for a variety of purposes 04:42 < mischief> you can find my very uninteresting website hosted on such at https://www.offblast.org/ 04:45 < goldfishdev> mischief: nice website lol 04:46 < Bradipo> I really need to figure out relayd.conf better. 04:46 < goldfishdev> I'm working with httpd and acme-client rn, acme-client is having issues though 04:46 < mischief> i'm not very creative 04:48 < mischief> i've been working on a sort of network status page that's a bit more interesting, using lua http://offblast.org:9966/status 04:48 < goldfishdev> I'm getting a connection refused when trying to generate my acme-client stuff when it tries to get to my site's acme-challenge 04:48 < mischief> made a dhcp lease table parser and route table parser for it 04:49 < goldfishdev> mischief: neat status page 04:49 < mischief> goldfishdev: is your httpd listening on port 80? there's an example location block in acme-client(1) manual page for httpd.conf 04:53 < Bradipo> So, if I wanted to switch to using relayd, I wouldn't need httpd to listen on port 443 anymore, right? 04:53 < mischief> if it terminates tls, then yes, httpd would only be 80 04:53 < Bradipo> Yes, in this case, relayd would be handling TLS. 04:53 < Bradipo> But does that mean that httpd still has to serve up the .well-known stuff? 04:54 < mischief> it does 04:54 < Bradipo> I suppose that's on port 80 anyway, right? 04:55 < Bradipo> However... I suppose that would mean that the things that are now being served by httpd on port 443 would need to be prevented from being accessed on port 80 as well. 04:55 < mischief> in my setup my gateway runs httpd on 127.0.0.1:80 and does acme-challenge, relayd listens on 0.0.0.0:443 and 0.0.0.0:80, and does forwards both to localhost and several other hosts on the lan depending on Host header 04:55 < Bradipo> Ahh, nice. 04:56 < mischief> and notably you can tell relayd to explicitly forward the acme path to the local httpd 04:56 < mischief> pass request quick path "/.well-known/acme-challenge/**" forward to 04:57 < Bradipo> And that's in the "protocol" block? 04:57 -!- loganaden [~logan@105.235.158.235] has quit [Read error: Connection reset by peer] 04:58 < mischief> Bradipo: https://0x0.st/s/k3cPBr8YwekYFI6XiB_9jw/PHDI.conf 04:59 < Bradipo> Hehe, don't have your own paste site on offblast.org yet eh? :-) 04:59 < mischief> meh, maybe soon 05:00 < mischief> possibly a clone of 0x0, since its open source. depends on how bad the setup is 05:00 < mischief> i am pretty sure i've written like 3 paste sites myself in the past 05:00 < Bradipo> That's pretty complicated... what about just scp? 05:00 < Bradipo> Or a wrapper around scp that generates a random name for the file and scp's that. 05:01 < mischief> get out of here with your simple and boring 'solutions' 05:01 < Bradipo> Yeah, it's boring, I know. 05:01 < goldfishdev> ugh, the site works fine with http, but just refuses to sign with letsencrypt 05:01 < mischief> one thing that has always bothered me about relayd is the split between the forward/table addresses and the ports in the relay block 05:02 < mischief> goldfishdev: paste your http/relayd/pf conf 05:02 < Bradipo> I'm not sure I know what you mean at this point since I'm still a relayd neophyte. 05:03 < Bradipo> goldfishdev: What error are you getting when you try to use acme-client? 05:03 < Bradipo> I do sometimes find relayd.conf confusing, however, I have also found it quite functional if/when you figure something out. 05:03 < mischief> Bradipo: look at my relayd config above. the table for example table { 192.168.0.13 } sets the address for it, and below, its forwarded via pass request quick header "Host" value "home.offblast.org" forward to 05:03 -!- loganaden [~logan@197.225.55.177] has joined #openbsd 05:03 < mischief> but nowhere in either of those lines is the port to forward to 05:04 < Bradipo> Oh yeah, that's in the "relay" section? 05:04 < goldfishdev> acme-client: 46.23.93.153: Invalid response from http://goldfishdev.net/.well-known/acme-challenge/VrwicnN8Lwl0t-RSKUcHrfLR8K5OHoNLMf8Sff0n3MY: 404 05:04 < mischief> for whatever reason thats in the relay "https" block, forward to port 8123 05:04 < goldfishdev> acme-client: bad exit: netproc(51905): 1 05:04 < Bradipo> Yeah, I too noticed that... it's a bit odd. 05:04 < Bradipo> goldfishdev: So you're getting a 404. 05:04 < Bradipo> Are you running acme-client as root? 05:05 < averymt> hmm, is there a specific reason you're trying to use relayd for TLS? httpd can serve tls directly I believe 05:05 < mischief> who are you asking 05:06 < goldfishdev> Bradipo: yes, I am running as root 05:06 < goldfishdev> mischief: what's the best way to send my confs here? 05:06 < averymt> mischief: sorry, yeah, I'm asking Bradipo 05:06 < mischief> goldfishdev: you can past them to https://bpa.st/ or etc 05:09 -!- jadi [~jadi@node-1w7jr9qxd4zumubg7wunce9q0.ipv6.telus.net] has joined #openbsd 05:10 < goldfishdev> https://bpa.st/OJEA 05:10 -!- nsuperbus_ [~nsuperbus@host-46-251-26-104.kabelnet.hu] has quit [Quit: goodbye] 05:11 < mischief> you need the acme block in your httpd.conf described in acme-client(1) manual 05:11 < Bradipo> averymt: For the sake of doing it. 05:11 < mischief> goldfishdev: append this to httpd.conf 05:12 < mischief> location "/.well-known/acme-challenge/*" { 05:12 < mischief> root "/acme" 05:12 < mischief> request strip 2 05:12 < mischief> } 05:12 < goldfishdev> oops. I had that in an earlier conf I made, but forgot to add it when rewriting. I'll add it now 05:12 < mischief> inside your server block, that is 05:14 < mischief> you may want to set your acme-client authority to letsencrypt-staging while you test 05:14 < mischief> otherwise you may get ratelimited 05:14 -!- jadi [~jadi@node-1w7jr9qxd4zumubg7wunce9q0.ipv6.telus.net] has quit [Ping timeout: 244 seconds] 05:15 -!- OnASnoopPhone [~OnASnoopP@user/OnASnoopPhone] has joined #openbsd 05:17 < goldfishdev> worked! thanks. I tried some of those things earlier and it didn't work, but I think that I just forgot to restart httpd... 05:17 -!- nature [~nature@64.137.144.64] has quit [Ping timeout: 260 seconds] 05:17 -!- nsuperbus [~nsuperbus@host-46-251-26-104.kabelnet.hu] has joined #openbsd 05:18 < mischief> eggscellent 05:20 < Bradipo> mischief: What are the X-Forwarded-* headers used for? 05:21 < mischief> tells the upstream server the ip and protocol 05:21 < Bradipo> Does httpd do something with them? 05:22 < mischief> https://github.com/openbsd/src/blob/2bce6ca4aaa238cd52df1397db5286dce825422e/usr.sbin/httpd/server_http.c#L1980 05:22 < mischief> logging 05:23 < Bradipo> And without that httpd wouldn't have that information? 05:23 < mischief> nope, it would just see the internal ip of the gateway 05:23 < Bradipo> I suppose the proto might be useful to know. 05:23 < Bradipo> Ahh, right, because relayd isn't forwarding transparently... 05:23 < mischief> proto is needed in some cases like if your backend wants to enforce https-only auth 05:24 < mischief> i.e. don't send pw in plaintext 05:24 < Bradipo> Yeah, that one made sense. 05:24 < Bradipo> I guess I didn't think about the fact that relayd would open up a connection, rather than just forward the packets. 05:24 < mischief> it's terminating tls, so it has to do it 05:25 < Bradipo> And so a relayd redirection wouldn't require this, right? 05:25 < Bradipo> But then the backend would have to have TLS. 05:26 < mischief> if you aren't using relayd with http then it has no way to transmit the ip info 05:26 < mischief> since X-Forwarded headers are inside the l7 protocol 05:26 < Bradipo> Yep. 05:26 < Bradipo> But isn't a redirection L3? 05:27 < Bradipo> Man page says redirections use rdr-to rules, so the backend would be communicating with the actual IP of the client, right? 05:27 < mischief> tbh i dont know anything about using relayd with other protocols 05:27 < Bradipo> Ahh, ok. 05:27 < mischief> this conf is the extent of my experience with it 05:27 < Bradipo> Yeah, makes sense. You got it working, done. 05:28 < mischief> after some patches and various footguns, yet 05:28 < mischief> yes 05:28 < Bradipo> Is that "path" for webtunnel supposed to be authentication? :-) 05:29 < averymt> one other way to do protocol enforcement is to just forward to the same port. I have (identical now) httpd running on localhost:80 *and* localhost:443, where relayd forwards tls requests from $external:443 to localhost:443 and same for :80 05:29 < averymt> you can also use this to serve something like vaultwarden on port 443 and an error page on port 80, as an example 05:31 < mischief> Bradipo: no, i just followed the webtunnel docs :shrug: 05:31 < Bradipo> It's just a somewhat random looking path, that's all. 05:32 < mischief> it is in fact a random path 05:32 -!- Xenguy_ [~Xenguy@user/xenguy] has joined #openbsd 05:32 < mischief> i just translated https://community.torproject.org/relay/setup/webtunnel/ from linuxspeak to openbsdspeak 05:33 -!- pabs3 [~pabs3@user/pabs3] has quit [Ping timeout: 240 seconds] 05:34 < Bradipo> Cool. 05:35 < mischief> i think it's just to stop random prying, but i really have no idea. i only set up the tor webtunnel bridge like 2 weeks ago.. it hasn't seen a lot of traffic yet fwict 05:35 -!- DragonMaus [~DragonMau@user/dragonmaus] has joined #openbsd 05:35 -!- Xenguy [~Xenguy@user/xenguy] has quit [Ping timeout: 244 seconds] 05:35 < mischief> OTOH the snowflake proxy i setup has seen tens of gigs 05:36 -!- Xenguy_ is now known as Xenguy 05:41 < Bradipo> Do you have the WebTunnel process (or whatever it is) jailed? 05:42 < martian67> openbsd doesn’t have jails 05:43 < mischief> it runs as the tor user, and it's written in go so i'm reasonably confident it won't explode, but beyond that, no 05:43 < Bradipo> martian67: Yeah, I know... I guess I should have said "jail". 05:44 < Bradipo> It has chroot, unveil, and pledge. 05:44 < goldfishdev> got my website mostly working now, with both http and https 05:48 -!- loganaden [~logan@197.225.55.177] has quit [Ping timeout: 240 seconds] 05:55 < mischief> somewhat annoys me that static dhcp leases aren't recorded in the lease file 05:55 -!- luna_ [~luna@fedora/bittin] has joined #openbsd 05:56 -!- loganaden [~logan@197.225.55.177] has joined #openbsd 05:57 -!- km [~km@c978F5BC1.dhcp.as2116.net] has joined #openbsd 05:57 < mischief> wrote this whole stupid parser for dhcp lease files https://0x0.st/s/QBy8iZNJxCQRkNbJSncmUg/PHkP.lua for http://offblast.org:9966/dhcp just to find i can't track the static leases :( 05:58 < Bradipo> Wow, lua is a foreign language, lol. 05:58 < mischief> that one is just weird because of the PEG DSL 05:59 < Bradipo> Ok. 06:04 -!- tuftedocelot [~tuftedoce@2a03:6000:1019::57] has quit [Remote host closed the connection] 06:07 -!- pabs3 [~pabs3@user/pabs3] has joined #openbsd 06:09 -!- luna_ [~luna@fedora/bittin] has left #openbsd [] 06:12 -!- tuftedocelot [~tuftedoce@2a03:6000:1019::57] has joined #openbsd 06:16 -!- shiranaihito_ [~shiranaih@ppp-58-11-158-108.revip2.asianet.co.th] has joined #openbsd 06:16 < goldfishdev> my website is live now! with some OpenBSD pride! https://goldfishdev.net/ 06:16 < goldfishdev> still some work to be done, but it's getting late :P 06:18 < cgnarne> nice 06:19 -!- loganaden [~logan@197.225.55.177] has quit [Ping timeout: 246 seconds] 06:22 -!- huy [~huy@5.48.202.12] has joined #openbsd 06:26 -!- Bradipo [~Bradipo@50.77.44.19] has quit [Quit: Lost terminal] 06:39 -!- loganaden [~logan@197.225.55.177] has joined #openbsd 06:48 -!- loganaden [~logan@197.225.55.177] has quit [Ping timeout: 264 seconds] 06:53 -!- stuart [~stuart@195.52.164.129] has joined #openbsd 06:58 -!- stuart [~stuart@195.52.164.129] has quit [Ping timeout: 264 seconds] 07:05 -!- lotsen [~lotsen@user/Lotsen] has joined #openbsd 07:06 -!- goldfishdev [~goldfish@user/goldfishdev] has quit [Quit: Konversation terminated!] 07:09 -!- loganaden [~logan@197.225.55.177] has joined #openbsd 07:28 -!- jonf_ [~jjf@163.5.171.92] has quit [Read error: Connection reset by peer] 07:28 -!- jonf [~jonf@163.5.171.92] has quit [Read error: Connection reset by peer] 07:28 -!- loganaden [~logan@197.225.55.177] has quit [Ping timeout: 264 seconds] 07:31 -!- jonf [~jjf@163.5.171.92] has joined #openbsd 07:33 -!- huy [~huy@5.48.202.12] has quit [Read error: Connection reset by peer] 07:35 -!- huy [~huy@5.48.202.12] has joined #openbsd 07:37 -!- huy [~huy@5.48.202.12] has quit [Read error: Connection reset by peer] 07:38 -!- jf [~jf@user/jonfle] has quit [Quit: jf] 07:38 -!- jadi [~jadi@node-1w7jr9qxd4zumubg7wunce9q0.ipv6.telus.net] has joined #openbsd 07:40 -!- huy [~huy@5.48.202.12] has joined #openbsd 07:42 -!- jonf_ [~jonf@163.5.171.92] has joined #openbsd 07:42 -!- sonya [~nightwolf@gateway/tor-sasl/sonya] has joined #openbsd 07:44 -!- jadi [~jadi@node-1w7jr9qxd4zumubg7wunce9q0.ipv6.telus.net] has quit [Ping timeout: 264 seconds] 07:46 -!- loganaden [~logan@197.225.55.177] has joined #openbsd 07:47 -!- hsw [~hsw@112-104-86-252.adsl.dynamic.seed.net.tw] has quit [Quit: Leaving] 07:48 -!- paulf [~paulf@146.122.203.34] has joined #openbsd 07:52 -!- jf [~jf@user/jonfle] has joined #openbsd 07:52 -!- loganaden [~logan@197.225.55.177] has quit [Ping timeout: 240 seconds] 07:55 -!- loganaden [~logan@197.225.55.177] has joined #openbsd 07:59 -!- housemate [~housemate@202.7.247.224] has quit [Quit: https://ineedsomeacidtocalmmedown.space/] 08:01 -!- loganaden [~logan@197.225.55.177] has quit [Ping timeout: 246 seconds] 08:01 -!- cmcsun [~sun@user/cmcsun] has quit [Ping timeout: 246 seconds] 08:02 -!- ixc [~ixc@user/ixc] has joined #openbsd 08:04 -!- sonya [~nightwolf@gateway/tor-sasl/sonya] has quit [Ping timeout: 252 seconds] 08:07 -!- grim [~grim@user/grim] has quit [Read error: Connection reset by peer] 08:10 -!- uncleyear [~ian@178.66.156.126] has joined #openbsd 08:14 -!- loganaden [~logan@197.225.55.177] has joined #openbsd 08:18 -!- housemate [~housemate@202.7.247.224] has joined #openbsd 08:25 < rnkn> and they're gone 08:33 -!- loganaden [~logan@197.225.55.177] has quit [Ping timeout: 240 seconds] 08:35 -!- MsInput [~l0v3ris@user/MsInput] has joined #openbsd 08:37 -!- akinji [~akinji@user/akinji] has joined #openbsd 08:37 < rnkn> my own OpenBSD powered site https://blip.town/faq/shell_access 08:38 < rnkn> feat. Puffy 08:40 < zelest> Server: Mojolicious (Perl) 08:40 < zelest> Interesting choice ;D 08:41 -!- tozhu [~tozhu@223.87.244.17] has quit [Quit: tozhu] 08:41 -!- sonya [~nightwolf@gateway/tor-sasl/sonya] has joined #openbsd 08:42 -!- memset [~memset@gateway/tor-sasl/memset] has quit [Remote host closed the connection] 08:42 -!- memset [~memset@gateway/tor-sasl/memset] has joined #openbsd 08:46 -!- emmanuelux [~emmanuelu@user/emmanuelux] has quit [Remote host closed the connection] 08:48 -!- paulf [~paulf@146.122.203.34] has quit [Ping timeout: 272 seconds] 08:48 < rnkn> I love it! very happy with my choice 08:48 < zelest> That's what matters :) 08:49 -!- shiranaihito_ [~shiranaih@ppp-58-11-158-108.revip2.asianet.co.th] has quit [Quit: My Mac has gone to sleep. ZZZzzz…] 08:52 -!- cmcsun [~sun@user/cmcsun] has joined #openbsd 08:52 < rnkn> a contributing factor was Perl being in the base system 08:54 < zelest> yeah, it's always a nice feeling to use as few packages as possible and still manage to do everything you want to 08:54 -!- b50d [~b50d@62.96.54.30] has joined #openbsd 08:54 -!- paulf [~paulf@146.122.203.34] has joined #openbsd 08:56 < rnkn> totally :) 08:57 < rnkn> output of pkg_info -m on a cronjob https://blip.town/software 08:58 -!- mtoy [~mtoy@user/mtoy] has quit [Ping timeout: 264 seconds] 08:58 -!- fixou [~fixou@212.114.19.0] has quit [Ping timeout: 246 seconds] 08:58 -!- mtoy [~mtoy@user/mtoy] has joined #openbsd 09:01 -!- mtoy [~mtoy@user/mtoy] has quit [Max SendQ exceeded] 09:05 -!- mtoy [~mtoy@user/mtoy] has joined #openbsd 09:07 -!- loganaden [~logan@197.225.55.177] has joined #openbsd 09:11 -!- housemate [~housemate@202.7.247.224] has quit [Quit: https://ineedsomeacidtocalmmedown.space/] 09:37 -!- loganaden [~logan@197.225.55.177] has quit [Ping timeout: 264 seconds] 09:44 -!- housemate [~housemate@202.7.247.224] has joined #openbsd 09:52 -!- qiy [~rusty2@user/scuttlecell] has quit [Ping timeout: 246 seconds] 09:55 -!- jonf_ [~jonf@163.5.171.92] has quit [Read error: Connection reset by peer] 09:55 -!- jonf [~jjf@163.5.171.92] has quit [Read error: Connection reset by peer] 09:55 -!- loganaden [~logan@197.225.55.177] has joined #openbsd 09:57 -!- jonf [~jonf@163.5.171.92] has joined #openbsd 09:58 -!- jonf_ [~jjf@163.5.171.92] has joined #openbsd 09:59 -!- reset [~reset@user/reset] has quit [Ping timeout: 265 seconds] 10:00 -!- paulf [~paulf@146.122.203.34] has quit [Ping timeout: 272 seconds] 10:00 -!- bigato__ [~bigato@170.81.150.196] has joined #openbsd 10:04 -!- raj [uid72176@user/raj] has quit [Quit: Connection closed for inactivity] 10:06 -!- housemate [~housemate@202.7.247.224] has quit [Quit: https://ineedsomeacidtocalmmedown.space/] 10:07 -!- shiranaihito_ [~shiranaih@ppp-58-11-189-130.revip2.asianet.co.th] has joined #openbsd 10:14 -!- housemate [~housemate@202.7.247.224] has joined #openbsd 10:16 -!- megawatt [~megawatt@user/megawatt] has joined #openbsd 10:18 -!- drkhsh [~drkhsh@user/drkhsh] has quit [Ping timeout: 264 seconds] 10:19 -!- drkhsh [~drkhsh@user/drkhsh] has joined #openbsd 10:21 -!- shiranaihito_ [~shiranaih@ppp-58-11-189-130.revip2.asianet.co.th] has quit [Read error: Connection reset by peer] 10:22 -!- shiranaihito_ [~shiranaih@ppp-124-122-128-80.revip2.asianet.co.th] has joined #openbsd 10:23 -!- reset [~reset@user/reset] has joined #openbsd 10:25 -!- paulf [~paulf@146.122.203.34] has joined #openbsd 10:27 -!- panic__ [~panic@191.177.182.227] has quit [Remote host closed the connection] 10:29 -!- memset [~memset@gateway/tor-sasl/memset] has quit [Remote host closed the connection] 10:30 -!- memset [~memset@gateway/tor-sasl/memset] has joined #openbsd 10:30 -!- leisefuxX [~leisefuxX@user/leisefuxX] has joined #openbsd 10:33 -!- byteskeptical [~amnesia@user/byteskeptical] has quit [Quit: Lost terminal] 10:33 -!- loganaden [~logan@197.225.55.177] has quit [Ping timeout: 240 seconds] 10:35 -!- jadi [~jadi@node-1w7jr9qxd4zumubg7wunce9q0.ipv6.telus.net] has joined #openbsd 10:39 -!- skippy8 [~skippy8@user/Skippy8] has joined #openbsd 10:40 -!- jadi [~jadi@node-1w7jr9qxd4zumubg7wunce9q0.ipv6.telus.net] has quit [Ping timeout: 256 seconds] 10:48 -!- loganaden [~logan@197.225.55.177] has joined #openbsd 10:49 -!- shiranaihito_ [~shiranaih@ppp-124-122-128-80.revip2.asianet.co.th] has quit [Quit: My Mac has gone to sleep. ZZZzzz…] 10:59 -!- housemate [~housemate@202.7.247.224] has quit [Quit: https://ineedsomeacidtocalmmedown.space/] 10:59 -!- loganaden [~logan@197.225.55.177] has quit [Ping timeout: 264 seconds] 11:01 -!- panicking [~panic@191.177.182.227] has joined #openbsd 11:01 -!- loganaden [~logan@197.225.55.177] has joined #openbsd 11:02 -!- zippy [~quassel@188.27.44.161] has quit [Quit: https://quassel-irc.org - Chat comfortably. Anywhere.] 11:02 -!- zippy [~quassel@188.27.44.161] has joined #openbsd 11:02 -!- zippy [~quassel@188.27.44.161] has quit [Client Quit] 11:02 -!- zippy [~quassel@188.27.44.161] has joined #openbsd 11:04 -!- rsadowski [~rsadowski@mx.sizeofvoid.org] has quit [Quit: WeeChat 4.7.1] 11:04 -!- fasecx [~fasecx@79.117.202.144] has joined #openbsd 11:05 -!- grim [~grim@user/grim] has joined #openbsd 11:06 -!- panicking [~panic@191.177.182.227] has quit [Ping timeout: 246 seconds] 11:11 -!- MsInput [~l0v3ris@user/MsInput] has quit [Quit: WeeChat 4.7.2] 11:13 -!- shiranaihito_ [~shiranaih@171.6.136.104] has joined #openbsd 11:20 -!- rc [~rc@user/rc] has quit [Quit: nyaa~] 11:25 -!- CrimeWave [~Ebox-MTL@user/CrimeWave] has quit [Quit: Electronic Box Montréal - Textual IRC 7.2.6 OSX] 11:26 -!- paulf [~paulf@146.122.203.34] has quit [Quit: Client closed] 11:31 -!- nologin [~nightwolf@gateway/tor-sasl/sonya] has joined #openbsd 11:33 -!- nsuperbus [~nsuperbus@host-46-251-26-104.kabelnet.hu] has quit [Ping timeout: 264 seconds] 11:33 -!- nsuperbus_ [~nsuperbus@host-46-251-26-104.kabelnet.hu] has joined #openbsd 11:34 -!- sonya [~nightwolf@gateway/tor-sasl/sonya] has quit [Remote host closed the connection] 11:35 -!- housemate [~housemate@202.7.247.224] has joined #openbsd 11:39 -!- tertullian [~sonne@ip-095-222-113-247.um34.pools.vodafone-ip.de] has quit [Quit: Lost terminal] 11:41 -!- loganaden [~logan@197.225.55.177] has quit [Ping timeout: 264 seconds] 11:51 -!- loganaden [~logan@197.225.55.177] has joined #openbsd 11:54 -!- Norkle [~norkle@admin.nasa-g0v.com] has quit [Ping timeout: 252 seconds] 11:54 -!- fasecx [~fasecx@79.117.202.144] has quit [Ping timeout: 240 seconds] 11:55 -!- vados [~vados@46-133-31-1.mobile.vf-ua.net] has joined #openbsd 11:57 -!- akinji [~akinji@user/akinji] has quit [Ping timeout: 246 seconds] 11:59 -!- loganaden [~logan@197.225.55.177] has quit [Ping timeout: 264 seconds] 11:59 -!- akinji [~akinji@user/akinji] has joined #openbsd 12:12 -!- Roscon [~Laguen@gateway/tor-sasl/laguen] has quit [Ping timeout: 252 seconds] 12:18 -!- akinji [~akinji@user/akinji] has quit [Quit: Leaving.] 12:19 -!- akinji [~akinji@user/akinji] has joined #openbsd 12:19 -!- akinji [~akinji@user/akinji] has quit [Client Quit] 12:24 -!- djhankb9311835 [~djhankb@ip-208-113-164-68.nodes.dream.io] has quit [Remote host closed the connection] 12:24 -!- djhankb9311835 [~djhankb@ip-208-113-164-68.nodes.dream.io] has joined #openbsd 12:25 -!- ty3r0x [~ty3r0x@user/ty3r0x] has quit [Ping timeout: 265 seconds] 12:25 -!- ty3r0x [~ty3r0x@user/ty3r0x] has joined #openbsd 12:30 -!- ty3r0x [~ty3r0x@user/ty3r0x] has quit [Ping timeout: 252 seconds] 12:31 -!- ty3r0x [~ty3r0x@user/ty3r0x] has joined #openbsd 12:40 -!- loganaden [~logan@197.225.55.177] has joined #openbsd 12:48 -!- loganaden [~logan@197.225.55.177] has quit [Ping timeout: 260 seconds] 12:48 -!- vados [~vados@46-133-31-1.mobile.vf-ua.net] has quit [Ping timeout: 265 seconds] 12:59 -!- jadi [~jadi@d206-116-74-208.bchsia.telus.net] has joined #openbsd 13:00 -!- hsw [~hsw@106.104.102.45] has joined #openbsd 13:01 -!- loganaden [~logan@197.225.55.177] has joined #openbsd 13:04 -!- jadi [~jadi@d206-116-74-208.bchsia.telus.net] has quit [Ping timeout: 246 seconds] 13:04 -!- tozhu [~tozhu@222.210.190.120] has joined #openbsd 13:07 -!- shiranaihito_ [~shiranaih@171.6.136.104] has quit [Quit: My Mac has gone to sleep. ZZZzzz…] 13:11 -!- sdds [~sdds@user/sdds] has joined #openbsd 13:14 -!- SiFuh_ is now known as SiFuh 13:14 -!- SiFuh_ [~SiFuh@user/sifuh] has joined #openbsd 13:23 -!- zcram [~zcram@user/zcram] has joined #openbsd 13:25 -!- jonf_ [~jjf@163.5.171.92] has quit [Read error: Connection reset by peer] 13:25 -!- jonf [~jonf@163.5.171.92] has quit [Read error: Connection reset by peer] 13:27 -!- jonf [~jonf@163.5.171.92] has joined #openbsd 13:27 -!- jonf_ [~jjf@163.5.171.92] has joined #openbsd 13:31 -!- loganaden [~logan@197.225.55.177] has quit [Ping timeout: 264 seconds] 13:31 -!- nature [~nature@64.137.144.64] has joined #openbsd 13:35 -!- sdds [~sdds@user/sdds] has quit [Remote host closed the connection] 13:38 -!- loganaden [~logan@197.225.55.177] has joined #openbsd 13:39 < sibiria> cool to see someone building on Mojolicious. incredibly powerful MVC web framework 13:40 < sibiria> i used mojo::lite a lot in the past. probably the most convenient framework i ever laid hands on 13:41 -!- GrumpyCrash [~strcat@user/grumpycrash] has quit [Quit: WeeChat 4.8.1] 13:42 -!- m0v [~m0v@user/m0v] has quit [Read error: Connection reset by peer] 13:43 -!- shiranaihito_ [~shiranaih@ppp-58-11-158-108.revip2.asianet.co.th] has joined #openbsd 13:45 -!- m0v [~m0v@210.87.86.197] has joined #openbsd 13:45 -!- m0v [~m0v@210.87.86.197] has quit [Changing host] 13:45 -!- m0v [~m0v@user/m0v] has joined #openbsd 13:46 -!- tozhu [~tozhu@222.210.190.120] has quit [Quit: tozhu] 13:46 -!- tozhu [~tozhu@222.210.190.120] has joined #openbsd 13:52 -!- reset [~reset@user/reset] has quit [Quit: reset] 13:52 -!- loganaden [~logan@197.225.55.177] has quit [Read error: Connection reset by peer] 13:52 -!- loganaden [~logan@197.225.55.177] has joined #openbsd 13:54 -!- niftily [~niftily@user/niftily] has joined #openbsd 13:55 -!- ublx [~ublx@user/ublx] has joined #openbsd 14:00 -!- loganaden [~logan@197.225.55.177] has quit [Ping timeout: 240 seconds] 14:01 -!- bigato [~bigato@user/bigato] has joined #openbsd 14:03 -!- bigato__ [~bigato@170.81.150.196] has quit [Ping timeout: 264 seconds] 14:06 -!- m0v [~m0v@user/m0v] has quit [Read error: Connection reset by peer] 14:07 -!- m0v [~m0v@210.87.86.197] has joined #openbsd 14:07 -!- m0v [~m0v@210.87.86.197] has quit [Changing host] 14:07 -!- m0v [~m0v@user/m0v] has joined #openbsd 14:11 -!- RobbieAB [~robert@user/RobbieAB] has quit [Ping timeout: 240 seconds] 14:12 -!- jonf [~jonf@163.5.171.92] has quit [Read error: Connection reset by peer] 14:12 -!- jonf_ [~jjf@163.5.171.92] has quit [Read error: Connection reset by peer] 14:14 -!- jonf [~jjf@163.5.171.92] has joined #openbsd 14:15 -!- jonf_ [~jonf@163.5.171.92] has joined #openbsd 14:15 -!- jab [~user@user/jab] has joined #openbsd 14:20 -!- fflam [~mdt@2600:4040:10f9:2b00::1c19] has joined #openbsd 14:20 -!- tozhu [~tozhu@222.210.190.120] has quit [Quit: tozhu] 14:23 -!- tozhu [~tozhu@222.210.190.120] has joined #openbsd 14:23 -!- jadi [~jadi@node-1w7jr9qxd4zumubg7wunce9q0.ipv6.telus.net] has joined #openbsd 14:28 -!- jadi [~jadi@node-1w7jr9qxd4zumubg7wunce9q0.ipv6.telus.net] has quit [Ping timeout: 264 seconds] 14:31 -!- paulf [~paulf@146.122.203.34] has joined #openbsd 14:37 -!- duckworld [~duckworld@user/duckworld] has quit [Ping timeout: 240 seconds] 14:39 -!- loganaden [~logan@197.225.55.177] has joined #openbsd 14:42 -!- grumpycrash [~strcat@user/grumpycrash] has joined #openbsd 14:52 -!- jmcunx [jmccue@user/zjmc] has left #openbsd [] 14:53 -!- duckworld [~duckworld@user/duckworld] has joined #openbsd 14:56 -!- niftily [~niftily@user/niftily] has quit [Quit: leaving] 14:57 -!- tozhu [~tozhu@222.210.190.120] has quit [Quit: tozhu] 14:59 -!- zbcm [~zbcm@user/zbcm] has quit [Ping timeout: 264 seconds] 15:02 -!- dwayneiam [~dwayne@user/e54] has quit [Ping timeout: 240 seconds] 15:06 -!- MsInput [~l0v3ris@user/MsInput] has joined #openbsd 15:10 -!- loganaden [~logan@197.225.55.177] has quit [Ping timeout: 240 seconds] 15:16 -!- zippy [~quassel@188.27.44.161] has quit [Ping timeout: 264 seconds] 15:17 -!- zippy [~quassel@188.27.44.161] has joined #openbsd 15:17 -!- psydroid2 [~psydroid@user/psydroid] has joined #openbsd 15:22 -!- wickedshell [~wickedshe@c-98-60-138-166.hsd1.nm.comcast.net] has quit [Ping timeout: 245 seconds] 15:25 -!- b50d [~b50d@62.96.54.30] has quit [Read error: Connection reset by peer] 15:27 -!- uncleyear [~ian@178.66.156.126] has quit [Remote host closed the connection] 15:29 -!- uncleyear [~ian@178.66.156.126] has joined #openbsd 15:31 -!- ZLima12_ [~zlima12@user/meow/ZLima12] has joined #openbsd 15:32 -!- ZLima12 [~zlima12@user/meow/ZLima12] has quit [Ping timeout: 260 seconds] 15:34 -!- jadi [~jadi@node-1w7jr9qxd4zumubg7wunce9q0.ipv6.telus.net] has joined #openbsd 15:34 < avemestr> No Perl track at the upcoming FOSDEM conference, but the Perl & Raku Foundation do get a stand... 15:36 < avemestr> For OpenBSD stuff: https://fosdem.org/2026/search/?q=openbsd 15:37 -!- grumpycrash [~strcat@user/grumpycrash] has quit [Ping timeout: 265 seconds] 15:38 -!- jadi [~jadi@node-1w7jr9qxd4zumubg7wunce9q0.ipv6.telus.net] has quit [Ping timeout: 246 seconds] 15:38 -!- grumpycrash [~strcat@user/grumpycrash] has joined #openbsd 15:45 -!- housemate_ [~housemate@202.7.247.224] has joined #openbsd 15:46 -!- RobbieAB [~robert@user/RobbieAB] has joined #openbsd 15:47 -!- housemate [~housemate@202.7.247.224] has quit [Ping timeout: 264 seconds] 15:57 -!- frankyfrank__ [~housemate@202.7.247.224] has joined #openbsd 15:57 -!- frankyfrank__ [~housemate@202.7.247.224] has quit [Remote host closed the connection] 15:58 -!- tozhu [~tozhu@222.210.190.120] has joined #openbsd 15:59 -!- housemate_ [~housemate@202.7.247.224] has quit [Ping timeout: 246 seconds] 16:01 -!- chasmo77 [~chas77@c-76-105-254-179.hsd1.or.comcast.net] has quit [Ping timeout: 245 seconds] 16:01 -!- ivdsangen [~ivo@94-209-18-79.cable.dynamic.v4.ziggo.nl] has joined #openbsd 16:02 -!- drkhsh [~drkhsh@user/drkhsh] has quit [Ping timeout: 264 seconds] 16:02 -!- housemate [~housemate@202.7.247.224] has joined #openbsd 16:04 -!- drkhsh [~drkhsh@user/drkhsh] has joined #openbsd 16:14 -!- loganaden [~logan@197.225.55.177] has joined #openbsd 16:15 -!- housemate [~housemate@202.7.247.224] has quit [Quit: https://ineedsomeacidtocalmmedown.space/] 16:18 < paulf> you'll find at least one more talk with https://fosdem.org/2026/search/?q=%22open%20bsd%22 ;-) 16:20 -!- housemate [~housemate@202.7.247.224] has joined #openbsd 16:24 -!- yclept [~yclept@user/yclept] has joined #openbsd 16:31 -!- memset [~memset@gateway/tor-sasl/memset] has quit [Remote host closed the connection] 16:31 -!- housemate [~housemate@202.7.247.224] has quit [Quit: https://ineedsomeacidtocalmmedown.space/] 16:31 -!- memset [~memset@gateway/tor-sasl/memset] has joined #openbsd 16:32 -!- loganaden [~logan@197.225.55.177] has quit [Ping timeout: 244 seconds] 16:36 -!- dudz [~dudz@mail.dudz.org] has quit [Ping timeout: 256 seconds] 16:36 -!- dudz [~dudz@mail.dudz.org] has joined #openbsd 16:41 < jab> has anyone else been having trouble running current and chromium not remembering your passwords lately ? 16:46 < IcePic> nopes, my chrome knows all your passwords. ;) 16:46 -!- gotohello [~gotohello@user/gotohello] has quit [Quit: Client closed] 16:46 -!- slim [~slim@user/meow/slim] has joined #openbsd 16:46 -!- zippy_ [~quassel@188.27.44.161] has joined #openbsd 16:46 -!- zippy [~quassel@188.27.44.161] has quit [Ping timeout: 264 seconds] 16:49 -!- nerflad [~nerflad@user/nerflad] has joined #openbsd 16:49 -!- Nahual [~Nahual@centos/community/Nahual] has quit [Quit: Leaving.] 16:52 < jab> IcePic: do you use a password manager external to chrome ? I'm guessing not... 16:53 -!- chasmo77 [~chas77@c-76-105-254-179.hsd1.or.comcast.net] has joined #openbsd 16:54 -!- ivdsangen [~ivo@94-209-18-79.cable.dynamic.v4.ziggo.nl] has quit [Quit: Lost terminal] 16:55 -!- dooder [~dooder@user/dooder] has quit [Quit: ZNC 1.9.1 - https://znc.in] 16:57 -!- ivdsangen [~ivo@94-209-18-79.cable.dynamic.v4.ziggo.nl] has joined #openbsd 16:59 -!- rain0r [~rainer@p200300e2ef29df00c8d7a1fffe483d6c.dip0.t-ipconnect.de] has quit [Ping timeout: 255 seconds] 16:59 -!- chasmo77 [~chas77@c-76-105-254-179.hsd1.or.comcast.net] has quit [Read error: Connection reset by peer] 17:00 -!- rain0r [~rainer@p200300e2ef29df00c8d7a1fffe483d6c.dip0.t-ipconnect.de] has joined #openbsd 17:00 -!- housemate [~housemate@203.56.146.214] has joined #openbsd 17:02 -!- chasmo77 [~chas77@c-76-105-254-179.hsd1.or.comcast.net] has joined #openbsd 17:06 -!- jadi [~jadi@ip-208-181-103-138.adsl.radiant.net] has joined #openbsd 17:07 -!- zbcm [~zbcm@user/zbcm] has joined #openbsd 17:10 -!- brass [~brass@user/dac] has joined #openbsd 17:11 -!- CryptLab [~NSA@2a0d:5600:6:108::2e] has quit [Ping timeout: 252 seconds] 17:12 -!- CryptLab [~NSA@2a0d:5600:6:108::2e] has joined #openbsd 17:14 -!- bigato [~bigato@user/bigato] has quit [Ping timeout: 264 seconds] 17:19 -!- stuart [~stuart@195.52.164.129] has joined #openbsd 17:20 -!- zippy_ [~quassel@188.27.44.161] has quit [Quit: https://quassel-irc.org - Chat comfortably. Anywhere.] 17:21 -!- paulf [~paulf@146.122.203.34] has quit [Quit: Client closed] 17:22 -!- zippy [~quassel@188.27.44.161] has joined #openbsd 17:23 -!- stuart [~stuart@195.52.164.129] has quit [Ping timeout: 246 seconds] 17:24 -!- matteocavestri [~matteocav@host-95-248-181-34.retail.telecomitalia.it] has joined #openbsd 17:27 -!- nerflad [~nerflad@user/nerflad] has quit [Remote host closed the connection] 17:28 -!- wickedshell [~wickedshe@c-98-60-138-166.hsd1.nm.comcast.net] has joined #openbsd 17:28 -!- dooder [~dooder@75.164.78.39] has joined #openbsd 17:28 -!- dooder [~dooder@75.164.78.39] has quit [Changing host] 17:28 -!- dooder [~dooder@user/dooder] has joined #openbsd 17:33 -!- jadi [~jadi@ip-208-181-103-138.adsl.radiant.net] has quit [Ping timeout: 246 seconds] 17:34 -!- jonf_ [~jonf@163.5.171.92] has quit [Read error: Connection reset by peer] 17:34 -!- jonf [~jjf@163.5.171.92] has quit [Read error: Connection reset by peer] 17:36 -!- jonf_ [~jonf@163.5.171.92] has joined #openbsd 17:36 -!- jonf [~jjf@163.5.171.92] has joined #openbsd 17:38 -!- nature [~nature@64.137.144.64] has quit [Ping timeout: 252 seconds] 17:42 -!- lusciouslover [~luscious@user/lusciouslover] has quit [Ping timeout: 246 seconds] 17:44 -!- lusciouslover [~luscious@user/lusciouslover] has joined #openbsd 17:45 -!- nerflad [~nerflad@user/nerflad] has joined #openbsd 17:46 < nerflad> on a fresh install with no rpcd? should I just build from source. thx 17:47 -!- dwayneiam [~dwayne@172.56.112.184] has joined #openbsd 17:47 -!- dwayneiam [~dwayne@172.56.112.184] has quit [Client Quit] 17:47 < echelon> anyone tried vs code remote ssh with an openbsd target system? 17:48 < echelon> apparently it deploys a "vs code server" binary on the target host to get it all to work, wondering if it's open source 17:49 -!- jadi [~jadi@ip-208-181-103-138.adsl.radiant.net] has joined #openbsd 17:49 -!- housemate_ [~housemate@120.20.110.35] has joined #openbsd 17:49 < librecat> echelon: nope its not open source 17:49 < librecat> you need to download codium server 17:50 < echelon> ah 17:50 < librecat> and i would strongly recommend replacing any builtin binary with a symlink 17:50 < librecat> it would be so easy to sneak in a node binary with malware 17:50 < echelon> codium server is a substitute? 17:50 < librecat> on gnu/linxu 17:50 < librecat> yes 17:50 < librecat> the install for vscode deploys that at the eend 17:50 < librecat> and unlike the vscode one the codium one is truly yours 17:51 < librecat> the vscode one FORCES github SSO 17:51 < librecat> on the codium one you run binary and connect from any machine 17:51 < librecat> btw thanks for idea 17:51 < librecat> i will use openbsd on a powerful x86 tower and connect using a laptop 17:51 < librecat> because i need to do kernel development 17:51 < echelon> :) 17:52 -!- housemate_ [~housemate@120.20.110.35] has quit [Read error: Connection reset by peer] 17:52 -!- housemate [~housemate@203.56.146.214] has quit [Ping timeout: 240 seconds] 17:53 < echelon> librecat: it says "available for windows, mac os and linux.. any reason it might not work on *bsd? 17:53 < librecat> echelon: replace all those bundled binaries with symlinks 17:53 < librecat> i would do that on linux aswell 17:53 < librecat> i do not trust random node binaries 17:54 -!- housemate [~housemate@120.20.110.35] has joined #openbsd 17:54 < echelon> gross.. nodejs? aren't they vulnerable to supply chain attacks 17:55 < echelon> maybe i'll just use one of those sshfs extensions instead 17:55 < echelon> or just create a git repo and compile locally 17:56 < librecat> echelon: try remote neovim but its laggier than vscode server 17:56 < librecat> yeah do sshfs actually 17:56 < librecat> great idea 17:56 < librecat> or NFS 17:58 -!- housemate [~housemate@120.20.110.35] has quit [Read error: Connection reset by peer] 17:59 -!- housemate [~housemate@203.56.146.214] has joined #openbsd 18:00 < nerflad> trying to setup an nfs share myself, i have rpc.statd etc binaries but the services aren't showing up with rcctl 18:00 < nerflad> would I need to write the service files? 18:01 < nerflad> the share is working just need rpc 18:12 -!- nature [~nature@138-51-41-129-lsn-1.nat.utoronto.ca] has joined #openbsd 18:13 -!- ublx [~ublx@user/ublx] has quit [Ping timeout: 265 seconds] 18:17 -!- treefrob [~treefrob@p57a96d6b.dip0.t-ipconnect.de] has quit [Remote host closed the connection] 18:27 -!- MsInput [~l0v3ris@user/MsInput] has quit [Quit: WeeChat 4.7.2] 18:30 < echelon> nerflad: https://www.openbsdhandbook.com/nfs/ 18:30 < echelon> looks like there are rcctl scripts.. rpc.lockd and rpc.statd 18:36 -!- lolok [~lolok@user/lolok] has quit [Quit: lolok] 18:36 < fro> i wouldn't trust anything from that site 18:36 < nerflad> exactly what i was looking at 18:36 < nerflad> thx 18:36 -!- treefrob [~treefrob@p57a96d6b.dip0.t-ipconnect.de] has joined #openbsd 18:37 < cgnarne> yes. obsdhandbook is dubious at best 18:37 < nerflad> i'll check the man 18:43 -!- psydroid2 [~psydroid@user/psydroid] has quit [Quit: KVIrc 5.2.6 Quasar http://www.kvirc.net/] 18:43 -!- jadi [~jadi@ip-208-181-103-138.adsl.radiant.net] has quit [Ping timeout: 264 seconds] 18:49 -!- memset [~memset@gateway/tor-sasl/memset] has quit [Remote host closed the connection] 18:50 -!- memset [~memset@gateway/tor-sasl/memset] has joined #openbsd 18:50 -!- jadi [~jadi@ip-208-181-103-138.adsl.radiant.net] has joined #openbsd 18:53 -!- euphores [~SASL_euph@user/euphores] has quit [Quit: Leaving.] 19:00 < librecat> nerflad: check faq also 19:01 < librecat> it might have a guide in there related to NFS 19:02 -!- Lucas_ [~Lucas@moon.lgv5.net] has quit [Quit: bye] 19:07 -!- euphores [~SASL_euph@user/euphores] has joined #openbsd 19:10 -!- mexen [uid495612@user/mexen] has quit [Quit: Connection closed for inactivity] 19:12 -!- jlavsund [~jlavsund@2.70.156.118.mobile.tre.se] has joined #openbsd 19:12 -!- Lucas_ [~Lucas@moon.lgv5.net] has joined #openbsd 19:18 -!- Markiz [~Markiz@c-67-163-233-223.hsd1.pa.comcast.net] has joined #openbsd 19:20 -!- emmanuelux [~emmanuelu@user/emmanuelux] has joined #openbsd 19:31 -!- jlavsund [~jlavsund@2.70.156.118.mobile.tre.se] has quit [Remote host closed the connection] 19:40 -!- stuart [~stuart@195.52.164.129] has joined #openbsd 19:41 -!- ublx [~ublx@user/ublx] has joined #openbsd 19:43 -!- housemate [~housemate@203.56.146.214] has quit [Quit: https://ineedsomeacidtocalmmedown.space/] 19:43 -!- housemate [~housemate@203.56.146.214] has joined #openbsd 19:55 -!- niftily [~niftily@user/niftily] has joined #openbsd 19:58 -!- nature [~nature@138-51-41-129-lsn-1.nat.utoronto.ca] has quit [Ping timeout: 264 seconds] 19:58 -!- fro [fro@humpty.dance] has quit [Remote host closed the connection] 20:10 -!- memset [~memset@gateway/tor-sasl/memset] has quit [Remote host closed the connection] 20:10 -!- memset [~memset@gateway/tor-sasl/memset] has joined #openbsd 20:14 -!- fro [fro@humpty.dance] has joined #openbsd 20:15 -!- fasecx [~fasecx@79.117.202.144] has joined #openbsd 20:17 -!- nature [~nature@138-51-45-169-lsn-1.nat.utoronto.ca] has joined #openbsd 20:18 -!- tvtoon [~The_cUnix@user/tvtoon] has joined #openbsd 20:22 -!- gotohello [~gotohello@user/gotohello] has joined #openbsd 20:26 -!- dooder [~dooder@user/dooder] has quit [Quit: ZNC 1.9.1 - https://znc.in] 20:27 -!- nature [~nature@138-51-45-169-lsn-1.nat.utoronto.ca] has quit [Ping timeout: 240 seconds] 20:27 -!- dooder [~dooder@75.164.78.39] has joined #openbsd 20:27 -!- dooder [~dooder@75.164.78.39] has quit [Changing host] 20:27 -!- dooder [~dooder@user/dooder] has joined #openbsd 20:31 -!- jpb [~jimbznc@user/jpb] has quit [Quit: Bye!] 20:32 -!- jpb [~jimbznc@user/jpb] has joined #openbsd 20:39 -!- housemate [~housemate@203.56.146.214] has quit [Quit: https://ineedsomeacidtocalmmedown.space/] 20:42 -!- housemate [~housemate@203.56.146.214] has joined #openbsd 20:45 -!- grain77 [~grain77@user/grain77] has quit [Read error: Connection reset by peer] 20:47 -!- grain77 [~grain77@user/grain77] has joined #openbsd 20:51 -!- ivdsangen [~ivo@94-209-18-79.cable.dynamic.v4.ziggo.nl] has quit [Quit: leaving] 20:56 -!- ixc [~ixc@user/ixc] has quit [Ping timeout: 246 seconds] 21:01 < nerflad> i added a daemon start script for rpc.statd to /etc/rc.d but it isn't showing up. are there any other changes i need to make to manage the daemon with rcctl 21:02 < nerflad> it works if i start the daemon with the terminal, jst want to add 2 init 21:04 -!- zcram [~zcram@user/zcram] has quit [Quit: Do the right thing.] 21:04 -!- izder456 [~izder456@2a13:e3c1:400e:1337::664] has quit [Remote host closed the connection] 21:05 < jca> to start automatically it should be listed in one of the start_daemon lines of /etc/rc 21:06 -!- izder456 [~izder456@2a13:e3c1:400e:1337::664] has joined #openbsd 21:06 -!- fredrikb [~fredrikb@h-158-174-138-47.A980.priv.bahnhof.se] has quit [Quit: leaving] 21:06 < jca> pending that you could also add it to pkg_scripts in rc.conf.local 21:08 < jca> I suspect the rpc.* daemons were left out because the dot in the daemon name makes for awkward variable names. 21:09 -!- qqq [~qqq@185.54.21.105] has joined #openbsd 21:10 < stuart> Isn't it just rcctl enable statd? 21:11 < jca> oooh 21:11 < nerflad> haha -- yes. thanks very much. and now i know how to add a daemon 21:11 < stuart> grep -r rpc.statd /etc/rc.d/ <- Similar might come in handy later 21:16 -!- DebianSidUser [~quassel@185.9.78.115] has quit [Ping timeout: 246 seconds] 21:17 -!- DebianSidUser [~quassel@185.9.76.215] has joined #openbsd 21:19 -!- lolok [~lolok@user/lolok] has joined #openbsd 21:23 -!- DebianSidUser [~quassel@185.9.76.215] has quit [Ping timeout: 246 seconds] 21:26 -!- DebianSidUser [~quassel@185.9.78.115] has joined #openbsd 21:28 -!- niftily [~niftily@user/niftily] has quit [Quit: leaving] 21:31 < supaman> at https://www.openbsd.org/faq/faq16.html there is missing information about passing traffic through to tap0, something like ÃÃ'pass quick on tap0' 21:33 -!- shiranaihito_ [~shiranaih@ppp-58-11-158-108.revip2.asianet.co.th] has quit [Quit: My Mac has gone to sleep. ZZZzzz…] 21:38 < fro> send a diff? 21:39 < dg> supaman: the default firewall is open, so it's really a apecial case of whatever firewall configuration you're doing 21:40 < dg> also, hardcoding a tap interface doesn't seem ideal, particularly for docs 21:40 < supaman> dg: ah, ok. I donÃ't remember if I tampered with the pf.conf file at some time or not, really should have added a comment and date when/if I did that 21:50 < supaman> if I start a VM with vmctl start -c, is there any way to detach from that cu? I use a danish keyboard and the tilde is not being sent as an escape signal 21:53 < cgnarne> kill 21:55 < supaman> brutal ;-) 21:55 < cgnarne> are you sure it is because of your keyboard? for me it takes some timing to hit the keys 21:57 -!- jab [~user@user/jab] has quit [Remote host closed the connection] 21:58 < supaman> well, inside the screen I am at a Debian login prompt, when pressing ~. then it only displays that, doesnáº't go into any kind of escape mode 22:00 < humm> and you’re certain your input line started with ~, i.e., you typed nothing before the ~ or ~.? 22:01 < supaman> on danish keyboards then the tilde is a dead character, sort of a diacritic, so we can do Ãõ f.x. 22:01 -!- stuart [~stuart@195.52.164.129] has quit [] 22:02 < humm> Compose key my beloved 22:02 < humm> õ 22:02 < supaman> yup, no other key pressed, except the alt key to get the tilde 22:02 < supaman> compose key? 22:04 < humm> if you happen to have X running, try something like `setxkbmap -option compose:menu` and then type something like Menu, a, e to get æ 22:05 < humm> that’s the Compose key 22:06 < supaman> ahh, I can try switching to us keyboard, setxkbmap us 22:06 < humm> see also xkeyboard-config(7) for more options and xorg.conf(5) for how to configure it in the X.Org configuration files and Compose(5) for how to customize the Compose sequences 22:07 -!- Bradipo [~Bradipo@50.77.44.19] has joined #openbsd 22:08 < supaman> well, setxkbmap us does not help 22:10 -!- fflam [~mdt@2600:4040:10f9:2b00::1c19] has quit [Ping timeout: 255 seconds] 22:12 -!- nologin [~nightwolf@gateway/tor-sasl/sonya] has quit [Remote host closed the connection] 22:12 -!- nologin [~nightwolf@gateway/tor-sasl/sonya] has joined #openbsd 22:16 -!- yclept [~yclept@user/yclept] has quit [Quit: nyaa~] 22:17 -!- nature [~nature@64.137.144.64] has joined #openbsd 22:31 -!- morte [~user@user/monkey/x-0691028] has quit [Ping timeout: 240 seconds] 22:36 -!- morte [~user@user/monkey/x-0691028] has joined #openbsd 22:38 -!- euphores [~SASL_euph@user/euphores] has quit [Read error: Connection reset by peer] 22:39 -!- nologin [~nightwolf@gateway/tor-sasl/sonya] has quit [Ping timeout: 252 seconds] 22:47 -!- euphores [~SASL_euph@user/euphores] has joined #openbsd 22:49 -!- lagkage [~yaypixxo@li2046-61.members.linode.com] has quit [Quit: ZNC 1.9.0 - https://znc.in] 22:51 -!- Markiz [~Markiz@c-67-163-233-223.hsd1.pa.comcast.net] has quit [Ping timeout: 264 seconds] 22:52 -!- Markiz [~Markiz@172.59.140.220] has joined #openbsd 22:52 -!- lagkage [~yaypixxo@li2046-61.members.linode.com] has joined #openbsd 22:56 -!- rc [~rc@user/rc] has joined #openbsd 22:57 < Bradipo> If I want to use my Yubikey to do OTP I guess my only option after upgrading to 7.8 is to run my own kernel? 22:58 < Bradipo> Is there another way? Can the toolkits available output an OTP that I can copy/paste? 22:59 -!- mexen [uid495612@user/mexen] has joined #openbsd 23:02 < mischief> in theory you could write a userspace program using libusb and let that run it 23:05 -!- sjg [~sjg@user/sjg] has quit [Ping timeout: 240 seconds] 23:07 -!- mtoy [~mtoy@user/mtoy] has quit [Ping timeout: 240 seconds] 23:07 -!- sjg [~sjg@user/sjg] has joined #openbsd 23:08 -!- mtoy [~mtoy@user/mtoy] has joined #openbsd 23:09 < Bradipo> Well, I looked at yubikey-manager and apparently it doesn't work with the OTP mode. 23:09 < Bradipo> But I don't have a problem patching my kernel to restore the functionality. 23:09 < Bradipo> But Theo did say that if there's a way to manage it in OpenBSD and not Windows that he would reconsider... 23:10 < Bradipo> And it has been shown that it can be disabled using ykman. I just ran: ykman config mode FIDO+CCID 23:10 < Bradipo> And it no longer does OTP, so I don't see what the beef is. 23:14 -!- fasecx [~fasecx@79.117.202.144] has quit [Ping timeout: 246 seconds] 23:21 -!- km [~km@c978F5BC1.dhcp.as2116.net] has quit [Ping timeout: 246 seconds] 23:22 < Bradipo> Oh well, this is the first time I've had to compile a kernel in many years on OpenBSD. 23:22 < Bradipo> I'll just backout the change to ukbd.c. 23:22 < fro> to be clear: you don't HAVE to 23:22 < fro> you're choosing to 23:23 -!- megawatt [~megawatt@user/megawatt] has left #openbsd [] 23:24 < mischief> its pretty easy 23:27 -!- vdamewood [~vdamewood@fedora/vdamewood] has joined #openbsd 23:35 -!- witcher [~witcher@2001:4090:e007:9581:df64:fc87:f439:6cea] has quit [Ping timeout: 265 seconds] 23:39 < Bradipo> fro: Oh, right, I'm choosing to continue to use OpenBSD, got it. 23:39 < Bradipo> If I want to use OpenBSD, what alternative is there for Yubikey OTP? 23:40 -!- CrimeWave [~Ebox-MTL@user/CrimeWave] has joined #openbsd 23:41 < Bradipo> mischief: Yeah, it's pretty easy, I just haven't had to do it in a long time. 23:41 < Bradipo> I've been using OpenBSD since 2.6, so I'm no stranger to compiling. I used to patch my own system long before syspatch was a thing. 23:42 < sibiria> if it's about TOTP, do you absolutely need it to auto-fill in your browser or similar? 23:42 < Bradipo> Yes, my company requires it. 23:42 < sibiria> because smartphones work well, and so do the various stand-alone TOTP devices 23:42 < Bradipo> It's not TOTP, it's Yubikey. 23:42 < Bradipo> If it were TOTP this would already work. :-) 23:43 < Bradipo> Unfortunately I'm constrainted to use the Yubikey OTP for one resource that I have to access. 23:43 < Bradipo> What if I had a VM running in vmm? Could I put Linux on it and then have Yubikey work there? :-) 23:43 < sibiria> so it's not really an OTP but a security key 23:43 < sibiria> yeah you could, but, gosh... 23:43 < Bradipo> Yeah, I know. 23:44 < fro> i mean 23:45 < fro> you don't have to like what i said but that doesn't make it any less true 23:45 < sibiria> if it's regular FIDO passkey stuff, google titan keys are an option 23:45 < sibiria> i *think* firefox on openbsd will manage those just fine 23:45 < Bradipo> It's not FIDO, if that were the case I imagine the Yubikey would work already. 23:46 -!- Markiz [~Markiz@172.59.140.220] has quit [Ping timeout: 240 seconds] 23:46 < Bradipo> I must be the only person who uses OpenBSD for real work. 23:47 < Bradipo> The login wants a Yubikey OTP. It says "Insert your Yubikey and press the button." 23:47 < Bradipo> If I could get the key off of the Yubikey and generate my own OTP from that, that would be great, but as I understand it, they are pretty locked down. 23:48 < fro> and your work absolutely requires this? 23:49 < Bradipo> Yep, unfortunately. 23:49 < fro> sounds like a work problem rather than an openbsd problem 23:49 < Bradipo> I cannot disable 2FA. 23:49 < Bradipo> No, it's an OpenBSD problem. 23:49 < fro> oh openbsd made your employer require this? 23:49 < Bradipo> It's an OpenBSD problem because Yubikey OTP works everywhere but OpenBSD. :-) 23:50 < Bradipo> That's alright, I stopped donating so I have no right to complain. 23:50 < fro> complaining certainly won't change anything either way 23:51 < Bradipo> Yes, but I wasn't complaining, I was asking if there was any other way to use OpenBSD and have Yubikey OTP work? 23:51 < fro> i'd say you were doing both 23:51 < fro> but sure 23:51 < Bradipo> It sounds like if I want Yubikey OTP + OpenBSD, my only options are to 1) Not upgrade, 2) patch the kernel. 23:52 < Bradipo> I suppose a 3rd option is to install a VM that is running Linux and plug the Yubikey into that. 23:52 < sibiria> by design, you can't extract the shared secret used for HOTP/TOTP, nor the private key for FIDO/U2F webauthn stuff. so you're kinda in the sticks 23:53 < sibiria> also there's no USB passthrough in vmm/vmd yet 23:53 < Bradipo> Oh. 23:53 < Bradipo> Hmm, well, I guess that's *not* an option then. 23:54 < fro> and there's no alternative way to login from your employer? 23:54 < fro> you've already asked them i assume 23:54 < sibiria> ask them to implement FIDO2 with passkeys instead. a lot more universal 23:55 < Bradipo> I can check, but I remember that of all the options available when I signed up for this particular account, the best alternative was Yubikey OTP. 23:56 < Bradipo> It worked on OpenBSD at the time I signed up, lol. 23:57 < sibiria> the change theo insisted on was kinda harsh 23:57 < sibiria> the keyboard incidents aren't common. and they are after all one-time tokens... 23:58 -!- Xe [~Xe@perl/impostor/xe] has quit [Ping timeout: 260 seconds] 23:58 -!- OnASnoopPhone [~OnASnoopP@user/OnASnoopPhone] has quit [Remote host closed the connection] 23:59 < brynet> Until someone comes forward with a better solution in the kernel, this conversation is a waste of time. It's not being reverted anytime soon. --- Log closed Sat Jan 10 00:00:21 2026