| Khalid Schofield | Re: OpenSSL On Openbsd help
I started looking at godaddy and almost bought a 4 year certificate but
the website seemed full of rubbish. Cluttered with adverts and you don't
seem to just be able to order your certificate. You mess around creating
an account, then entering your address and credit card which they store
finally allowing you to buy the certificate after 10 minutes of fafing
| Jun 14, 2:45 pm 2008 |
| Khalid Schofield | OpenSSL On Openbsd help
Hi,
I need to get a proper signed ssl certificate for my ecommerce website
hosted on my openbsd box. Getting confused as most websites describe how
to do this in many different ways and most refere to self signed
certificates. Wanted to ask the experts before I go and throw $100 at the
task.
So do I have to use pass phrases when generating the certificate? If I use
a pass phrase why? How does it effect the certificate and it's use?
Also if I use a pass phrase do I have to tell apache about...
| Jun 14, 12:33 pm 2008 |
| General Delivery | Re: OpenSSL On Openbsd help
-----Original Message-----
From: owner-misc@openbsd.org [mailto:owner-misc@openbsd.org] On Behalf Of
Khalid Schofield
Sent: Saturday, June 14, 2008 12:34
To: misc@openbsd.org
Subject: OpenSSL On Openbsd help
Hi,
I need to get a proper signed ssl certificate for my ecommerce website
hosted on my openbsd box. Getting confused as most websites describe how
to do this in many different ways and most refere to self signed
certificates. Wanted to ask the experts before I go and throw $100 at the
...
| Jun 14, 3:21 pm 2008 |
| Dustin Lundquist | Re: OpenSSL On Openbsd help
You do not need a pass phrase, in fact usually a pass phrase will
prevent apache from starting until you respond to the prompt to enter
the pass phrase. If your server is going to be somewhere where there
might be a power outage, or rebooted by someone who does not have the
pass phrase it's generally a big headache.
That being said, if there is a risk that someone could read your private
key off your webserver, either by physically stealing the server or an
untrusted admin, a pass phrase isn't a ba...
| Jun 14, 1:42 pm 2008 |
| Hannah Schroeter | Re: OpenSSL On Openbsd help
Hi!
Even if I'm not the OP, this is a good guide... Cool.
Before all that: umask 077, so there'll be no window of time when the
Again, thanks for the cool explanations and step-by-step kind of guide.
Will probably be helpful for more than the original poster.
Kind regards,
Hannah.
| Jun 14, 3:20 pm 2008 |
| Khalid Schofield | Re: OpenSSL On Openbsd help
This is REALLY useful. Thanks. Gets right to the matter! Although this
will fix my issue the other people's replys are an interesting insight and
I shall follow advice and read about how x509 works.
| Jun 14, 2:48 pm 2008 |
| Damien Miller | Re: OpenSSL On Openbsd help
First, I'd recommend that you spend a little time reading up on X.509
certificates and how they relate to public key cryptography. There
are nasty consequences if you get things wrong that extend well past
Certificates don't have passphrases, private keys do. A key passphrase
gives some measure of protection should the file containing your key
fall into someone else's hands, e.g. by compromising your server. If
Putting it in a configuration file would defeat the purpose, no?
Yes, if you use a p...
| Jun 14, 1:02 pm 2008 |
| Earin Gregor | libc.so Problem with snapshot from 14 June
Good day everyone
I tried today to upgrade to the snapshot of the 14 June.
All went fine as usual. Before I used a snapshot from hmm about a month ago
(don't remember correctly).
After a final reboot xdm did no longer start with an error message of a
missing libc.so.45.0
After some investigation there was infact really no .45.0 - only .43.0 and
.46.0
A quick (and dirty) 'ln' solved the issue though...
Don't know if I did a mistake or if there's something wrong with the
snapshot.
Maybe s...
| Jun 14, 12:21 pm 2008 |
| Markus Lude | Re: libc.so Problem with snapshot from 14 June
The snapshot X sets were build independently from the other sets and
often may lag behind, e.g. on sparc64 they are still from may 29th.
c.43.0 is the version from -release.
Your X sets were build when c.45.0 was the actual version. Your (non-X)
You may build X from source to resolve your problem or hope to a new X
snapshot appearing in the next days.
Regards,
Markus
| Jun 14, 1:02 pm 2008 |
| Earin Gregor |
| Jun 14, 1:05 pm 2008 |
| Otto Moerbeek |
| Jun 14, 12:58 pm 2008 |
| Khalid Mohammed |
| Jun 14, 10:47 am 2008 |
| Stephen Takacs | usb gamepads
Do they work on OpenBSD? I don't see any mention of them in the FAQ or
man pages.
It looks like some of the ports (generator, zsnes, xmame) link against
usbhid, but others (snes9x) don't.
Any hardware recommendations?
--
Stephen Takacs <perlhaq@gmail.com> http://perlguru.net/
4149 FD56 D078 C988 9027 1EB4 04CC F80F 72CB 09DA
| Jun 14, 9:33 am 2008 |
| rivo nurges | Re: usb gamepads
On Sat, Jun 14, 2008 at 09:33:01AM -0400, Stephen Takacs wrote:
Not exactly same but few days ago I tested USB
Wheel(http://www.speed-link.com/?p=2&cat=314&pid=1804&paus=1) and
it worked.
uhidev0 at uhub3 port 1 configuration 1 interface 0 "AMPAQ ?USB Steering Wheel\^O\^O\^O\^E\^O\^O\^G\^F\^O USB Steering Wheel" rev 1.00/1.00 addr 2
uhidev0: iclass 3/0
uhid0 at uhidev0: input=7, output=7, feature=0
It was possible to record events using "usbhidctl -lv" and at least
bzflag-2.0.8p3 f...
| Jun 14, 4:29 pm 2008 |
| Antti Harri |
| Jun 14, 10:25 am 2008 |
| Alphons "Fonz&q... | 4.3/amd64 install failure
When trying to install OpenBSD 4.3/amd64 on a PC (cpu: AMD 64 X2,
board: Asus M2N SLI Deluxe), the system hangs at the (I)nstall (U)pgrade
etc. prompt.
I can't provide the complete dmesg because it scrolls by too fast for me
to write down, but the last couple of lines are:
isa0 at mainbus0
com0 at isa0 port 0x3f8/8 irq4: ns16550a, 16 byte fifo
pckbc0 at isa0 port 0x60/5
kbc: cmd word write error <----
rd0: fixed, 4480 blocks
root on rd0a swap on rd0b dump on rd0b
erase ^?, we...
| Jun 14, 9:29 am 2008 |
| Jona Joachim | Re: Call for testing - uvideo(4)
There has been a post on this list one or two days ago where somebody asked
about the support iSight cameras. Unfortunately it seems like these cameras do
not comply with the usb video standard. I don't know if this applies to your
cam, too but chances are that yes...
Jona
--
Pond-erosa Puff wouldn't take no guff
Water oughta be clean and free
So he fought the fight and he set things right
With his OpenBSD
| Jun 14, 8:54 am 2008 |
| Mikolaj Kucharski | OT: App to get detailed http measurements
Hi,
This is off topic, but does anyone know preferably commandline utility
with which I could test HTTP server? What interests me is repeated
connections and stats how long it took dns resolv, tcp connect, send
request and finaly download of data.
Really appreciate any tips. Thanks.
--
best regards
q#
| Jun 14, 6:55 am 2008 |
| Pete Vickers |
| Jun 14, 8:33 am 2008 |
| Lars Noodén | Call for testing - uvideo(4)
I see on undeadly a call for testing uvideo(4) in CURRENT which seems to
require UVC (USB Video Class) compatible webcams.
Would that include the webcam built into last year's models of MacBook Pro?
What options, if any, are there for IEEE 1394? I have one such web cam
lying around.
Regards,
-Lars
| Jun 13, 11:36 pm 2008 |
| Theo de Raadt | Re: Call for testing - uvideo(4)
> Would that include the webcam built into last year's models of MacBook Pro?
When you buy from Apple, you do not get what you paid for. Instead
you get exactly what you got suckered into buying.
| Jun 14, 3:19 am 2008 |
| Yonetici Asistanlıg... | Son Kayitlar Yonetici Asistanligi Zirvesi
S 0 N K A Y I T L A R =
3. Yvnetici Asistanl}p} Zirvesi
Zirve Konu~mac}lar}:
TANJU ARGUN -(Yonetim Danismani), PERIHAN YAZICI -(Northel Telecom -
Ingiltere), SERAP OZAY -(Alsim Alarko Yon. Asst.), KELLY HEVEL -(Yasam
Kocu - ABD), CANAN CETIN -(STM Savunma Teknolojileri Gn. Md. Asst.), Dr.
SELIN AYGEN -(Akdeniz Uni. Buro Yon. ve Sekreterlik Bolum Baskani), ERDAL
GULMEZ -(THY Egitim Baskanligi Program Muduru), ZULAL GUNAL(THY Egitim
Baskanligi Yon. Asst. Egitmeni), Yrd. Doc. Dr. EBRU NURLU...
| Jun 13, 10:36 pm 2008 |
| Aaron Stellman | rpc.lockd doesn't build in current
Freshly checked out -current doesn't build:
===> usr.sbin/rpc.lockd
cc -O2 -pipe -I. -DSYSLOG -c nlm_prot_svc.c
cc -O2 -pipe -I. -DSYSLOG -c /usr/src/usr.sbin/rpc.lockd/procs.c
cc -O2 -pipe -I. -DSYSLOG -c /usr/src/usr.sbin/rpc.lockd/lockd.c
nroff -Tascii -mandoc /usr/src/usr.sbin/rpc.lockd/rpc.lockd.8 >
rpc.lockd.cat8
cc -o rpc.lockd nlm_prot_svc.o lockd.o procs.o -lrpcsvc
collect2: ld returned 1 exit status
Stop in /usr/src/usr.sbin/rpc.lockd:
Exit status 1 (rpc.lockd, line 95 ...
| Jun 13, 9:19 pm 2008 |
| openbsd misc |
| Jun 14, 3:55 pm 2008 |
| Lu Vo |
| Jun 14, 1:47 pm 2008 |
| Philip Guenther | Re: pf.conf comment lines
On Fri, Jun 13, 2008 at 1:14 PM, Theo de Raadt <deraadt@cvs.openbsd.org> wrote:
Sadly, this varies among languages and file-formats. You just have to
know how the one you're working in behaves.
Languages and file-formats where comment removal occurs before
backslash-newline removal:
sh
csh
perl
python
awk
/etc/sudoers
/etc/ipsec.conf
Languages and file-formats where backslash-newline removal occurs
before comment removal:
tcl
C
C++
ge...
| Jun 14, 12:05 am 2008 |
| Sunnz | Re: pf.conf comment lines
So, when in doubt, comment every line that needs to be comment out,
should work in almost all cases?
--
This e-mail may be confidential. You may not copy, forward,
distribute, or, use any part of it. Note, this text has no effective
legal binding on your part. There is no obligation to abide any or all
parts of this, just as any texts appended to e-mail on rest of the
Internet. For more information about disclaimers, please see:
http://www.goldmark.org/jeff/stupid-disclaimers/
| Jun 14, 10:58 am 2008 |
| Philip Guenther | Re: pf.conf comment lines
The ambiguous case is a comment line that ends with a backslash, so
commenting out all the lines in a group of continued lines works in
all cases, yes.
(Beware how you phrase things: "comment every line that needs to be
comment[ed] out" is a tautology, as the meaning of "needs to be
commented out" depends on the file format, which isn't what you wanted
to ask...)
Philip Guenther
| Jun 14, 2:03 pm 2008 |
| Pieter Verberne | Re: captivating window manager
I'm working almost only full screen. So DWM is not -that- usefull for me
( CWM's binary is almost twice the size of DWM:)
32.0K /usr/bin/dwm
52.0K /usr/X11R6/bin/cwm
But I really don't know about libraries and memory usage etc. )
What I need is a GNU-Screen-like graphical-window-manager. Smaller than
DWM and have a permissive license.
| Jun 14, 8:35 am 2008 |
| F. Caulier | Re: captivating window manager
Do you know 'ratpoison' [0]?
It's not under a permissive license nor smaller than
dwm, but it's GNU-Screen-like.
If you plan to develop a window manager which is
GNU-Screen-like, smaller than dwm and under a
permissive license, then drop me line as I'd be really
interested.
[0] http://www.nongnu.org/ratpoison/
| Jun 14, 8:59 am 2008 |
| Pieter Verberne | Re: captivating window manager
I've seen the name ratpoison many times before, but when I see it is
Right.. I think I'll plan to learn coding some day..
| Jun 14, 11:07 am 2008 |
| Nicolas Legrand |
| Jun 14, 10:42 am 2008 |
| Toni Mueller | Re: 4.3: netstat question
Hi,
I'll look into finding appropriate RAM and/or putting that card into a
I'm not sure that I understand the need to copy the table, or parts
thereof, correctly. Sure, the table changes all the time. So, the
routes viewed when running 'netstat -r' are only a snapshot and may have
changed by the time the user views them, anyway.
Would it be possible to walk along the live table, without copying the
table, or would the continuous stream of route inserts and deletes lead
to a corrupted vie...
| Jun 14, 5:25 am 2008 |
| Henning Brauer |
| Jun 14, 1:11 pm 2008 |
| David Higgs | Re: 4.3: netstat question
If the kernel table is kept in an ordered state, userland could
provide a "starting value" or key. The kernel can then return the
requested chunk (up to the size requested) starting at the "next"
table item that comes after the key.
Also depends if you're willing to let netstat display routes that are
may appear inconsistent.
Just thinking off the top of my head for ways to avoid allocating the
whole table at once. Apologies if it's too gross an API change or has
other, worse repercussions.
...
| Jun 14, 7:53 pm 2008 |
| Philip Guenther | Re: 4.3: netstat question
On Fri, Jun 13, 2008 at 5:39 PM, Claudio Jeker <cjeker@diehard.n-r-g.com> wrote:
Yuck. For now, how about the following patch?
Index: sysctl.3
===================================================================
RCS file: /cvs/src/lib/libc/gen/sysctl.3,v
retrieving revision 1.181
diff -u -r1.181 sysctl.3
--- sysctl.3 30 May 2008 19:09:42 -0000 1.181
+++ sysctl.3 14 Jun 2008 03:26:26 -0000
@@ -2176,6 +2176,12 @@
The length pointed to by
.Fa oldlenp
is too short to hold the...
| Jun 13, 11:28 pm 2008 |
| Nicolas Legrand | Re: cwm keybindings misbehavior
I had the same problem on a very old iMac. It was the only computer
who had the same problem you have. I could remap the keybindings in
.cwmrc, but none of the ASCII characters could be used in a
keybinding. Anyway I found a work around five minutes ago.
The big difference with this one and the others is I have a xorg.conf
on it with those rules for keyboard :
Section "InputDevice"
Identifier "Keyboard0"
Driver "keyboard"
Option "Protocol" "standard"
...
| Jun 14, 8:32 am 2008 |
| Glenn Becker |
| Jun 14, 10:09 am 2008 |
| Matthew Szudzik | Re: cwm keybindings misbehavior
I always configure my window managers to use the Windows key (i.e. Mod4)
rather than Control or Alt (i.e. Meta). This prevents conflicts with
the applications that are being managed by the window manager--since
ordinary applications, like Firefox, don't use the Windows key.
Note, I was told by one of the Fluxbox developers that I need to add the
following line
xmodmap -e 'add Mod4 = Super_L'
to my .xinitrc file if I want the Windows key to be well-behaved, but I
don't understand the reason...
| Jun 14, 11:37 am 2008 |
| Matthew Szudzik |
| Jun 14, 12:32 pm 2008 |
| Glenn Becker |
| Jun 14, 12:35 pm 2008 |
| Brian A. Seklecki | Re: snmpd
Or more importantly, are HOST-RESOURCES-MIB and UCD-DISKIO-MIB
supported? Also, PF-MIB.
--
Brian A. Seklecki <bseklecki@collaborativefusion.com>
Collaborative Fusion, Inc.
| Jun 14, 4:49 pm 2008 |
| Toni Mueller |
| Jun 14, 11:00 am 2008 |
