brycec: dammit tmux ***: dwarren has quit IRC (Read error: Connection reset by peer)
dwarren has joined #arpnetworks
rVn has joined #arpnetworks pjs: anyone know what happened overnight?
my db server was rebooted m0unds: pjs: vps? pjs: Yea
sorry m0unds: pjs: did your vm crash or anything? didn't see anyone mention any issues in irc
might help if you happen to know which kvr you're on, in case someone here is on that same server and experienced any trouble last night pjs: yea, one sec (sorry, just got back from vacation yesterday and am in a pile of shit this morning)
kbr16
kvr*
Been looking all morning. No signs of issues
(in the logs) brycec: Was it a graceful shutdown, or a hard/improper reset?
How long between the the shutdown/last log entry and the next boot?
And I can confirm no issues reported on IRC.
I have VPS on kvr18 and kvr21, no troubles. pjs: Yea, nothing. Not an entry in /var/log/messages for days, then: Aug 14 11:47:50 db syslogd: kernel boot file is /boot/kernel/kernel brycec: What about your cron log?
Presumably, you have periodic cron jobs at least
Certainly doesn't sound graceful thoguh pjs: Aug 14 04:22:00 db /usr/sbin/cron[54891]: (operator) CMD (/usr/libexec/save-entropy)
Aug 14 11:50:00 db /usr/sbin/cron[945]: (root) CMD (/usr/libexec/atrun)
LOL
Slept through my alerts haha mercutio: pjs: there was an issue with kvr16 in particular last night. brycec: mercutio: You on kvr16 too? Or is this from behind the scenes? mercutio: nah i'm on kvr15
but yeah there was an alert last night. brycec: What sort of alert?
And also, thanks for chiming in :) mercutio: well your morning
load average being really high brycec: Huh, how odd.
I can't think of a reason that would cause a VM to reboot though.
(I don't question that it did/caused it, just that I can't think of why)
eg: if it had been load/swap and oom-killer fired, the VM would be dead, would not have rebooted mercutio: i haven't had my morning coffee yet :) brycec: (: Didn't mean to badger, sorry
Just trying to think of what the reboot's cause may have been mercutio: heh brycec: Actually one option comes to mind - if the whole host had rebooted mercutio: i know the feeling of wanting to know why things are i get it too :)
but the world makes so much less sense pre-coffee :)
the host did reboot
at like 3:30 am pst.
but why it did i'm not sure. brycec: hooray, I was somewhat right at least -: brycec feels vindicated mercutio: it is what i see initially wasn't it?
oh i just said there was an issue brycec: Yeah, of high load. I was trying to figure out how we got from high load --> guests rebooting
(and the only explanation was host reboot) mercutio: yeah why the host rebooted is still a mystery though m0unds: did it reboot?
or are we just assuming it did? brycec: mercutio says it rebooted. I trust him. -: m0unds is having issues with weechat m0unds: oh, ok
i'm updating bootcamp so i can use pgup/dn brycec: Afterall, mercutio's name is on http://support.arpnetworks.com/ m0unds: ohhhhh, gotcha mercutio: damnit, i been found m0unds: had no idea brycec: mercutio: if you were hiding, you were doing a very poor job of it mercutio: haha m0unds: guess that says a lot about arp, since i can't remember the last time i went to support.arpnetworks.com
hahaha mercutio: m0unds: you can just e-mail anyway.
support@ m0unds: yes, i know brycec: I do ^^ m0unds: haha mercutio: yeah reboots on arp aren't very common
on vultr they seem to happen all the time
brycec: did you try this freebsd 10.2 yet? brycec: On my RPI, but haven't upgraded my main box yet
(job and all that gettin' in the way6) m0unds: brycec: did you just do a fresh install or upgrade? brycec: m0unds: on the RPI? All you can do is a fresh dd m0unds: ah, ok
hadn't run it on an rpi brycec: home server has the upgraded downloaded and ready to apply
m0unds: there are no official pkg or freebsd-update mirrors for arm*
makes me sad mercutio: oh yeh it's friday there
brycec: are you using freebsd desktop?
btw, i noticed openbsd is being released early this year m0unds: oh, lame mercutio: like two weeks early but still brycec: mercutio: freebsd *as* a desktop? No. mercutio: they seem very good at not being late
but early makes me suspect there's some hackathon or something that they want to preempt m0unds: i suppose i might just go ahead and do this box, since it has nothing critical or important on it and only a couple packages to rebuild mercutio: so usally it's 1st of may, 1st of november
but this year it's oct 18
i had to use a newer key with openbsd snapshots though. it doesn'tlike my old one :(
seems they're deprecating dsa keys
so i generated ecdsa, which of course doesn't work with old ssh implementations... brycec: ...and you were still using a DSA key? Sheesh. mercutio: but at least ssh-agent can accomodate both brycec: RSA is a good middle-ground for support mercutio: brycec: it wasn't one of the debian insecure ones.
is dsa bad?
i thought rsa was bad brycec: But in this day and age, DSA are practically ancient.
anything less than ecdsa/ed25519 is "bad"... BryceBot: That's what she said!! mercutio: isn't rsa even more ancident?
ancient?
yeh well i'm using ecdsa now
i'd used ecdsa in the past for host to host ssh
when it's known to work between the two
but like i doubt my old hp server will take ecdsa key
actually my old hp server doesn't even like openssh
no matching key exchange method found. Their offer: diffie-hellman-group1-sha1 brycec: RSA keys have always been more cryptographically sound than DSA. The only reason DSA was "preferred" for a time was due to a patent covering RSA mercutio: ahh good to know
a bit late :) brycec: the patent opened up about 10 years ago though. People are just slow... mercutio: yeah it was like around 2000 all the crazy was aruond
downloading from canada as US couldn't export crypto etc
hmm, what's this chacha20-poly1305 like? brycec: The difference, cryptographically, and why DSA was vulnerable to weak RNG's in the first place (and remains weak), is that DSA is "based on the discrete logarithm problem" whereas RSA "... is based on the fact that factorization of large integers is known to be "difficult"" mercutio: apparently it's becoming the default cypher ***: m0unds_ has joined #arpnetworks brycec: Yes, from what I understand, it's super-secure.
(but I don't know much more than that)
(and its funny name) mercutio: is it fast? ***: m0unds has quit IRC (Quit: derp derp derp) brycec: I gather it is mercutio: yes the name is rather strange brycec: I haven't noticed a difference or anything, so it's not obviously slower... mercutio: rebooting are we, m0unds_ ?
i found a way to test before using pv
although that was on /dev/zero i was using, which is probably bad brycec: Oh also, if you're just going by key length, DSA by spec can only be 1024, RSA can be longer.
In fact http://security.stackexchange.com/revisions/46781/6 is relatively sound describing all 4 major keys mercutio: % time ssh localhost cat /srv/http/200m | pv > /dev/null
where 200m is 200mb of random data
shows that i get 71.2MiB/s with normal ssh
and 244MiB/sec with that poly chacha or whatever brycec: are you accounting for in-ram caching? (retesting) mercutio: yeh, but it's on raid 10 ssd
so it doesn't really make a diff
but i tested multiple times over anyway brycec: That's crazy mercutio: yeah it's only 63gb for / though
Timing buffered disk reads: 4012 MB in 3.00 seconds = 1336.87 MB/sec
and it's got an 840 evo in there stlil
i need to swap it out
i also have more ram for it too, ... neither of which i seem in a huge rush to do, ... cos ... rebooting! brycec: DAMMIT STARTSSL - email me a notice of a cert expiring soon, so I go to renew it "Weekend Maintenance". YOU LITERALLY EMAILED ME 15 MINUTES AGO. mercutio: hahaha
i had one of those temp free certificates and it expired
so i just added it to bypass
i was only using it to test spdy anyway
what's with nginx not doing http2 yet anyway brycec: I use StartSSL for all my cert needs :) mercutio: actually i might see if i can make h2o work
yeh most of them are on that
i thought i'd try a normal one. m0unds_: brycec: what trolls brycec: m0unds_: srsly BryceBot: srsly m0unds_: i just renewed mine monday i think mercutio: has that free ssl cert thing came out yet?
wasn't it meant to be mid year brycec: I have no idea mercutio: Timing buffered disk reads: 4012 MB in 3.00 seconds = 1336.87 MB/sec
oops
synergy cut and paste issue again brycec: Q4 https://letsencrypt.org/ mercutio: https://letsencrypt.org
yeh i was going to say that :) m0unds_: cool -: m0unds_ bookmarks brycec: btw, everything in the Pacific Northwest US is on fire :( Even a goddamn rainforest is on fire, and has been burning for at least 3 months already.
And while there's no fire immediately nearby, I'm getting plenty of smoke http://imgur.com/5cD5L3Q
What you can't see in the distance: MOUNTAINS
There are mountains just at the edge of where the smoke takes over mercutio: ou can't tell from that photo really
it just looks like it's overcast
but that'd be disconcerting. m0unds_: oh great
i hate wildfires
craziest wildfire related shit i've ever seen was when we got smoke from the wallow fire in eastern az a few years ago brycec: http://www.washingtonpost.com/news/morning-mix/wp/2015/07/13/the-west-is-so-dry-even-a-rainforest-is-on-fire/
mercutio: I'm digging up a historical pic right now... well, trying to m0unds_: https://www.flickr.com/photos/m0unds/albums/72157626778903963https://www.flickr.com/photos/m0unds/albums/72157626778903963
err, doubled for some reason. stupid putty.
https://www.flickr.com/photos/m0unds/albums/72157626778903963
there we go
the oranger ones were later on the same week, just kind of dumped them on flickr brycec: mercutio: from about the same time, yesterday http://imgur.com/Gmt8AF0
Nice pics m0unds_: the pink sun was freaky brycec: m0unds_: hair, or lightning? https://www.flickr.com/photos/m0unds/5812998965/in/album-72157626778903963/
heh I know what you mean. I've lived with that level of smoke too m0unds_: hair, that was from the test roll i shot with an old olympus xa film camera i bought to refurb mercutio: ok m0unds one is disturbing m0unds_: cleaned it out, new light seals and stuff, good little shooter brycec: a film camera? how novel! how quaint! m0unds_: was a way for me to say "see, you don't need a dslr"
"it's a new camera, but not a new camera but it's still a new camera so you don't need a dslr"
hahahaha
but yeah, fires suck and i hate smoke
that's such a bummer (paradise fire)
so pretty up there brycec: That's forest that has been essentially unchanged for centuries and millenia BryceBot: That's what she said!! brycec: BryceBot: no BryceBot: Oh, okay... I'm sorry. 'That's forest that has been essentially unchanged for centuries and millenia' brycec: Never seen a huge fire like this in our recorded history m0unds_: crazy that it burned for a month before it was reported
what also sucks is if it clears away too much stuff, water flow during rain will trigger mudslides
in the burn scar mercutio: brycec: so do you think there's much chance you may have to take a drive away from fire? brycec: mercutio: 50/50
There's nothing near me right now, but there could be mercutio: ahh
so you're kidn of prepared brycec: We've been under a "everything might catch fire and burn everything down" warning for weeks mercutio: i see brycec: mercutio: inasmuch as I know what I would grab... m0unds_: stamp collection? brycec: Having a tiny Intel NUC has its benefits mercutio: did you guys see about the ceo of soylent brycec: But I really should consider some offsite cold storage
What about him? mercutio: living off solar power
maybe you linked it :/
with a small nuc and low power monitors etc.
of course he's in california so gets lots of sun. m0unds_: haha, i searched for "soylent ceo" and the second result had the title "soylent ceo is lifehacking water by pissing in the sink" mercutio: haha m0unds_
he doesn't wash his clothes because it uses too much water
so he just buys new ones m0unds_: that doesn't seem wasteful at all brycec: To be fair, considering California's drought... mercutio: california's draught isn't even residential
they should stop wasteful farming brycec: *drought mercutio: ki mean seriously. brycec: unless we're talking beer mercutio: err yes s/draught/drought/
yeh let's talk beer.. :)
yeh i was acting dyslexic or something brycec: (What's dumb - I made the same typo. but my spellcheck caught it) mercutio: i swear when i was younger i never made those kinds of mistakes. m0unds_: ha, thought i hosed my vm w/the kernel update for 10.2 brycec: I blame the Internet. m0unds_: realized wlan dropped and disconnected my session mercutio: more ssh vulnerabilities..
this morning brycec: That was result #1 for me :( 16:33:00 m0unds_ | haha, i searched for "soylent ceo" and the second result had the title... mercutio: it was first for me when i tried it too m0unds_: haha
upgrade finished, woo ***: m0unds has joined #arpnetworks brycec: congrats :D m0unds: painless upgrade, just the way i like 'em mercutio: yeah
damnit i am struggling with fastcgi and h2o
it's not painless :/
woot got it going
it's /way/ faster
although it's actually faster with http than http2 ***: dj_goku has quit IRC (Remote host closed the connection)
dj_goku has joined #arpnetworks JC_Denton: 2
whoops :P