Please send a Debug3 trace (sshd -dddp222), debug level 1 doesn't contain all the necessary information -d

Oops, forgot to add my dmesg. This kernel is GENERIC+RAIDFrame: OpenBSD 4.1-beta (JGGIMI) #14: Sun Feb 25 13:36:43 EST 2007 josh@jggimi.homeip.net:/usr/src/sys/arch/i386/compile/JGGIMI cpu0: AMD Sempron(tm) 2600+ ("AuthenticAMD" 686-class, 256KB L2 cache) 1.84 GHz cpu0: FPU,V86,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR,SSE real mem = 502820864 (491036K) avail mem = 450584576 (440024K) using 4278 buffers containing 25264128 bytes (24672K) of memory mainbus0 ...

debug2: load_server_config: filename /etc/ssh/sshd_config debug2: load_server_config: done config len = 268 debug2: parse_server_config: config /etc/ssh/sshd_config len 268 debug3: /etc/ssh/sshd_config:12 setting PermitRootLogin no debug3: /etc/ssh/sshd_config:13 setting PasswordAuthentication no debug3: /etc/ssh/sshd_config:14 setting ClientAliveInterval 15 debug3: /etc/ssh/sshd_config:15 setting ClientAliveCountMax 3 debug3: /etc/ssh/sshd_config:16 setting X11Forwarding yes debug3: ...

I am interested too.

Try looking at /etc/spamd.conf (the default copy from install) Do we look <umop apisdn> from up over?

Buy a CD set http://www.openbsd.org/orders.html ;-) I'm looking for comments from people who have installed OpenBSD 4.0 as a Virtualbox guest. I am currently running Virtualbox 1.3.6 on Gentoo Linux 2006.1. The manual does not mention OBSD as guest even though their website states that it is possible. My main question is how to create an OBSD image since it seems that I need an ISO image.

Something like this? ftp://ftp.openbsd.org/pub/OpenBSD/4.0/i386/cd40.iso

What is wrong with the iso that is on the ftp sites? Can't you finish the install over the network?

You can fetch a installation iso (cd40.iso) from a mirror and install via network. Or support OpenBSD and buy the CD sets ^^ Andreas. -- Hobbes : Shouldn't we read the instructions? Calvin : Do I look like a sissy?

Are you talking about the "install ISO's" like cdrom.iso or floppy.iso? If so, yes, I can use them. I thought I needed a full-blown release ISO. I am also stuck at launching the virtualbox interface itself. I get either a segmentation fault if started using a non-priv user or an 'authentication rejected' error if I 'su -c virtualbox'. I have tried the usual trick of 'xhost +' as the non-priv user and then su to root and 'virtualbox' but I get the 'cannot connect to X server' stuff. Any ...

Hi there, You can buy the OpenBSD CDs here: http://www.openbsd.org/orders.html You can also try to do a FTP installation inside your virtual box, it should have access to the Internet if you configured your host box correctly. There's a tiny ISO on the FTP servers that allows you to boot into the installation program. Another option is to create a full ISO image yourself. Just use Google to lookup the details. It's not difficult at all. regards, Tobias W.

You are queueing on fxp1 on the external firewall. This should affect traffic going from the external firewall to the www/ftp server, however it sounds like you are trying to affect traffice moving the opposite direction. To quote from the pf faq, "Note that queueing is only useful for packets in the outbound direction. Once a packet arrives on an interface in the inbound direction it's already too late to queue it -- it's already consumed network bandwidth to get to the interface that ...

You're queueing on the wrong interface to restrict outgoing traffic. This is throttling _incoming_ traffic e.g. in your example it's throttling requests and mainly ACKs; due to RED dropping these ACKs you're probably triggering TCP congestion-avoidance. You can assign traffic to queues based on _state created by rules on fxp1_ (the state table entry includes the name of the queue to place the associated packets in). But the actual queues are for _outgoing_ traffic so they need to be on the ...

This question may be more appropriate for tech@ but i thought i'd try here first just in case. lets say i have a bunch of #defines, for example (from sys/dev/wscons/wsconsio.h): /* Event type definitions. Comment for each is information in value. */ #define WSCONS_EVENT_KEY_UP 1 /* key code */ #define WSCONS_EVENT_KEY_DOWN 2 /* key code */ #define WSCONS_EVENT_ALL_KEYS_UP 3 /* void */ #define WSCONS_EVENT_MOUSE_UP 4 /* button # ...

It's not very fun. As well as ports, you have to take care of the boot loader; install an amd64 bsd.rd and boot loader from i386; reboot into the new bsd.rd and you can do an upgrade install from *.tgz. Not really recommended unless there's no alternative.

Well, April, not March, doh! Okay so there will be some more time to make this work :) But to quote from undeadly.org: ... fast build machines will help compiling kernels, as most of the work takes place in the kernel and we will compile a lot of them .. It was just targeted at THIS particular issue and the future ideas to continue making OpenBSD (development) better/more fun. Regards, ahb

Unfortunately I have nothing financial to help out, but I see this was the wrong time and wrong place. SORRY I don't know if a lot of big corps (meaning the "decision making part") is reading misc@, but if they do: IF YOU (big corp, small corp, rich guy) ARE USING OPENBSD AND YOU ARE TAKING ADVANTAGE OF ITS GREAT POSSIBILITIES, LOAN/DONATE BIG HARDWARE TO GIVE THE DEVS AT LEAST A LITTLE HAND FOR WHAT THEY GIVE TO YOU! Btw. they SHOULD know already, this was said many times over and ...

Jeez, I sense some hostility on misc@. Andreas, It's a nice effort, but unfortunately, it won't support the goals of f2k7. The most important lacking thing for the hackathon is fast, memory-packed machines, and lots of disks. AKA, modern expensive, top of the line stuff. It seems to me that developers just don't have that stuff lying around (hence their asking for it.) If these machines were avaliable, distcc would see a lot of diminishing returns. However, without the hardware for f2k7, ...

I just noticed that myself. dmesg with device unplugged. I can get a dmesg with the device plugged in at boot later tonight. OpenBSD 4.1-beta (GENERIC.MP.acpi) #0: Thu Feb 22 12:27:00 MST 2007 root@laptop.ntelos.net:/usr/src/sys/arch/amd64/compile/GENERIC.MP.acpi real mem = 2137128960 (2087040K) avail mem = 1826136064 (1783336K) using 22937 buffers containing 213921792 bytes (208908K) of memory mainbus0 (root) bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xf6e60 (62 entries) bios0: Dell ...

Looks like it's already there. From /usr/src/sys/dev/usb/usbdevs: /* Palm Computing, Inc. product */ product PALM SERIAL 0x0080 USB Serial Adaptor That's from a 4.0-stable source tree. Can you supply a dmesg? -- Darrin Chandler | Phoenix BSD Users Group dwchandler@stilyagin.com | http://bsd.phoenix.az.us/ http://www.stilyagin.com/darrin/ |

It's in usbdevs but not attached to a driver. Looks like Linux attaches this to their equivalent to uvisor; you could try Index: dev/usb/uvisor.c =================================================================== RCS file: /cvs/src/sys/dev/usb/uvisor.c,v retrieving revision 1.27 diff -u -p -r1.27 uvisor.c --- dev/usb/uvisor.c 23 Jun 2006 06:27:12 -0000 1.27 +++ dev/usb/uvisor.c 27 Feb 2007 16:07:06 -0000 @@ -186,6 +186,7 @@ static const struct uvisor_type uvisor_d {{ USB_VENDOR_PALM, ...

Could you send your pf.conf entirely?

Hi, I've got now a openBSD kernel with USB I would like to see all debug (printf in code) I compile with option USB_debug but i have not get more message what have I to do? thanks ___________________________________________________________________________ Dicouvrez une nouvelle fagon d'obtenir des riponses ` toutes vos questions ! Profitez des connaissances, des opinions et des expiriences des internautes sur Yahoo! Questions/Riponses http://fr.answers.yahoo.com

fwiw, one piece of fallout from listing the same address on a loopback interface as a real iface is that ntpd 'listen on *' tries to listen to the same address twice and fails, so you need to list the addresses individually in ntpd.conf. (other than that, I haven't seen any major problems, but I'd put it in the category of "if you do this you'd better be ready to work out what's breaking and how to fix it" and my third question definitely still stands :)

Hi. Does anyone have a problem with the latest macppc snapshot? Booting the cd41.iso, it loops with: "init: single user shell terminated, restarting" If you upgrade by extracting the sets, when restarting, you get: "init: /bin/dh on /etc/rc terminated abnormally, going to single user mode" "Enter pathname of shell or RETURN for sh:" "init: single user shell terminated, restarting" "Enter pathname of shell or RETURN for sh:" "init: single user shell terminated, restarting" ... -- ...

Because in both cases the full packet content, header and all need/would be move between the network card vlan 2 to memory then back to the same card vlan 3 for example, oppose to card 1 to memory, then card 2? So, it might only make a difference then on big packets that would need to cross over a PCI bridge then? Or not even then? I am really trying to find ways to increase the pps limitations.

not really. -- Henning Brauer, hb@bsws.de, henning@openbsd.org BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg & Amsterdam

use better network cards, or start hacking :) -- Henning Brauer, hb@bsws.de, henning@openbsd.org BS Web Services, http://bsws.de Full-Service ISP - Secure Hosting, Mail and DNS Services Dedicated Servers, Rootservers, Application Hosting - Hamburg & Amsterdam

Hah. Developing an ueberfast FPGA network card needs at least a manyear of work and that's a very optimistic prognosis. I guess buying two three motherbords and a bunch of GigE cards (two or three cards for em, bge, There is no mystical knob to push and the network stack enables the afterburner. Sure there is net.inet.ip.ifq.maxlen that needs to be bumped up on high speed routers (check against net.inet.ip.ifq.drops to find the sweet spot) but that's about it. The normal routing path is ...

How's your subnetting? Are the APs doing any routing? If so they're going to need to be doing some dhcp relaying. Greg

How do we know if you're not explaining your configuration and showing the setup? DS

When will we ever see binary updates for OpenBSD? Taking a system off-line for over 20 hours to do a source code rebuild is just too long, and just tracking RELEASE means running an insecure system. Binary updating - try it, you'll like it!

Just curious - why are you using a system that you don't understand the philosophy of? No, that came out wrong. Why aren't you trying to better understand the system you are using?

Troll >/dev/null Do we look <umop apisdn> from up over?

You don't have host principal for your machine added to Run, don't walk, to your nearest bookstore and buy a kerberos book, and see ktutil(8). For login type services in kerberos you should add a host principal on your kerberos server, and save the key on your machine in your krb5.keytab. SSH enforces this. This is to ensure you aren't talking to a fake kdc, otherwise, someone could pretend to be your kdc and you'd be hooped. Note you need to have admin access to do a ktuil add. ...

No it isn't. Looking at the source does not seem hard to do, however. Maybe I'll make an small patch to address this. It's not an uncommon situation to sit a public addressable range in a DMZ, and use a Yes, I have tried with different natt modes. But connection dies 2h50min after. I'm not sure if the problem is natt related, it's just I had done that. Thanks for your comments, Darren

Hi, good idea, I used snapshot from Feb 25th. This works very well. Regards Stefan Kell

Yes you can. Multicast over gre(4) works since 4.0 IIRC. ciao, chakl

netflow using pfflowd does the trick but it might be a bit daunting to set up. --- Lars Hansson