***: schmir has quit IRC (Remote host closed the connection)
schmir has joined #arpnetworks
baklava has quit IRC (Disconnected by services)
baklava- has joined #arpnetworks
ziyourenxiang has joined #arpnetworks dxtr: I can see that my dad mowed the lawn because there's mud and grass on my window ziyourenxiang: it's a hint to you AndrewBC: nonsense. clearly a sod monster is after you cedwards: clearly. bob^^: there's no other sensible explanation AndrewBC: indeed ***: heavysixer has joined #arpnetworks
ChanServ sets mode: +o heavysixer
baklava- is now known as baklava
vtoms has joined #arpnetworks RandalSchwartz: nice - the three-line change I made to the code a few weeks ago went live last night... reducing the load on 34 boxes by *half*
I wonder if I get to keep the 17 boxes they won't need now :)
each of those is an 8-processor with 16GB of ram schmir: nice one. I'd say it depends on if you wrote the code in the first place RandalSchwartz: I didn't awyeah: yay got a new laptop from work. bob^^: :D awyeah: The laptop I'm giving back is a Centrino... it's kinda old now
2.25GHz centrino. single core. 80gb, 5400rpm hard drive.
new one is a core2 duo t9400. whatever the hell that is. Shit, I don't know anything about computers anymore.
Oh, that's just the model number. ;) -: awyeah moron.
dxtr whiestles RandalSchwartz: so what does a nice 8-proc 16GB box sell for these days? dxtr: Generating a 8192 bit rsa key
o/ RandalSchwartz: you must be afraid of even the NSA :) awyeah: RandalSchwartz: My guess is... somewhere between $1 and $1,000,000,000
it's within that range somewhere. RandalSchwartz: I bet it is! dxtr: RandalSchwartz: It's mostly for the lols actually :)
But my server's got a 4096 bit key
I think that's quite enough.. for now ***: schmir has quit IRC (Ping timeout: 264 seconds) dxtr: I spoke with someone who strongly believed the NSA could break a 256 bit RSA key in seconds :D
Beat that, RandalSchwartz! bob^^: i don't doubt that :/ RandalSchwartz: with my newly-spare 17 boxes? :) dxtr: bob^^: Really? In seconds? C'mon
In months? Sure. But seconds? nah.
"Factoring RSA 512-bit keys is now squarely within the reach of anyone who is determined enough. As testimony to this, several 512-bit RSA keys used to sign the operating systems of Texas Instruments calculators were recently factored, reportedly within "several months""
http://www.javamex.com/tutorials/cryptography/rsa_key_length.shtml
So.. Say weeks ***: vtoms has quit IRC (Quit: Leaving.) dxtr: But I fear the day quantum computers becomes more available bob^^: 512 is not 2x as secure as 256 remember
it's many many factors less secure
if i remember the maths right :/ dxtr: That's why I said weeks :P bob^^: and don't do it in software
design an ASIC
or do it in your graphics card
now factor in an essentially limitless budget
and... :)
suddenly not so unbelievable dxtr: i'm still getting the feeling that this computer will be kind of... power hungry
Hmm.. or was it a 512 bit key the guy said? Don't remember bob^^: ASICs don't need to be that power hungry - they're designed to one task and to do it as quickly as possible
calculating prime factors isn't that complex remember :)
i guess it depends if you drink the coolaid and believe that the NSA have a backdoor into public key encryption anyway ;) dxtr: I'm kind of realistic and believe that NSA aren't some kind god
"OMG! THEY CAN DO SHIT THAT ISN'T EVEN INVENTED!" bob^^: hehe dxtr: It's like here when people hear that I'm heavily encrypting my stuff bob^^: the limitless budget tends to have the ability to invent things you don't think are possible :P
oh i heavily encrypt my stuff too - nothing to hide, but that's not the point dxtr: "The police would still be able to decrypt it!" - How the hell are they going to decrypt my hard drive? 64 byte key, AES encrypted. SSH? 4096 bit rsa key
It's not like they do it over breakfast RandalSchwartz: in some jurisdictions, you can be compelled to reveal your key bob^^: depends on your local laws
you cuold be forced to reveal the key
indeed ^^
it's now a requirement in the UK i believe (amazingly - i do *not* agree with this) RandalSchwartz: I believe truecrypt actually has a stealth mode to combat this bob^^: which i guess is why truecrypt offers hidden volumes with a different key :)
yeah
:D RandalSchwartz: heh
are you sitting next to me? :)
"get outta my head!" bob^^: :D -: bob^^ waves over ***: vtoms has joined #arpnetworks dxtr: Actually I don't know my key
I've got a yubikey .D
So they can ask and beat me how much they want
I've got nothing to tell them
Damn. ftp.openbsd.org doesn't have 4.7 yet :/
ftp.eu.openbsd.org did
! cedwards: dxtr: they want you to pay for it! dxtr: So... I'll upgrade my router some day
Probabl this weekend
probably* cedwards: I'm curious what OpenBSD offers that FreeBSD does not.. besides the free tin-foil hat with each download. RandalSchwartz: an ancient version of apache!
a non-standard version of NTP that breaks specs!
however, a version of PF that is still ahead of FreeBSD's version
(but not for long) dxtr: Okay guys... I've gotta two book reports until tomorrow. Do you know of any good books? :D
gotta do two*
(Hint: It must be novels) bob^^: what sort of books do you like? cedwards: dxtr: any specific genre or just "two books" dxtr: cedwards: Well, no specific genre as long as they're novels
bob^^: I don't like books at allk bob^^: ahh hehe dxtr: That's kind of the reason I haven't done it cedwards: ohh, so this doesn't count: http://store.xkcd.com/xkcd/#xkcdvolume0 ;) bob^^: i guess there's plenty of classics to choose from cedwards: I highly recommend Stephen King, but his novels are generally long. dxtr: cedwards: If it did I'd read that and "Simons cat" (Yes, my girlfriend got that book) bob^^: animal farm? 1984?
i've got simons cat too :) dxtr: :D RandalSchwartz: how novel does it have to be? bob^^: something by john steinbeck? of mice and men is quite good and nie and short iirc dxtr: RandalSchwartz: The thing is that I won't have time to read anything. I'm thinking I'll google up some reports on books wich I've seen the movie and then go from there
Like.. Twilight and Harry Potter RandalSchwartz: that can be dangerous bob^^: yaeh, i wouldn't do that
you can read of mice and men in a few hours RandalSchwartz: the book is usually a bit (or a lot) different bob^^: http://en.wikipedia.org/wiki/Of_Mice_and_Men RandalSchwartz: just steal something from wikipedia :) bob^^: only 107 pages RandalSchwartz: nobody will figure *that* out bob^^: and it's actually quite an interesting book RandalSchwartz: is it the Disney story?
about the beginnings of Mickey Mouse? dxtr: Well, I'm averaging VG (The second highest grade on a three-grade-scale)
So hopefully I can't fail with this :D bob^^: this is great too: http://en.wikipedia.org/wiki/The_Thirty-Nine_Steps RandalSchwartz: "if you fail to plan... you will plan to fail" bob^^: i'd read those two
39 steps is a good action story too, might keep you interested RandalSchwartz: "it's the memory guy!"
oops. Spoiler :) dxtr: oh, actually it's four grades. IG > G > VG > MVG. And beacause I'm averaging VG in this course (English B) I'm hoping that no matter how this goes I'll get a G bob^^: dxtr: you could read the 39 steps *and* of mice and men within 6 hours
and understand them both quite well dxtr: cool
So if I start now I'll be finished after midnight? :D cedwards: better get started! bob^^: go go go RandalSchwartz: ahh - it's the memory guy only in the Hitchcock version bob^^: hehehe dxtr: Then I'll have to write the report + civics course
Awesome -: cedwards puts on his drill instructor hat and lets fly the obscenities to "motivate" dxtr bob^^: i've not seen the hitchcock one :( dxtr: I'm hungry
I'll start studying whenever my dad comes home with food
:D
http://en.wikipedia.org/wiki/Gyros <- Om nom nom nom cedwards: procrastinator dxtr: :D
FFFFUUUUUU-. I might be a true procrastinator
"Procrastination can be a persistent and debilitating disorder in some people, causing significant psychological disability and dysfunction. These individuals may actually be suffering from an underlying mental health problem such as depression or ADHD."
My girlfriend suspects I've got ADHD
But I don't want ADHD so I'm not going to a doctor bob^^: heh, some swedish people i know in another channel are always going on abuot gyros :)
it looks a lot like donner kebab ;) dxtr: "Traditionally, procrastination has been associated with perfectionism" <- again, my girlfriend is always bashing me because I'm a perfectionist like that
"Fuck everything else until this is perfect" kind of
bob^^: Gyros > Kebab :)
I hate kebab
cedwards: I hate you for bringing tht up :P
that up* bob^^: :) cedwards: lol
go read your books dxtr: hehe
No, but seriously. I'm too hungry to do anything productive right now bob^^: once you start reading you'll forget about being hungry ***: ziyourenxiang has quit IRC (Quit: ziyourenxiang)
schmir has joined #arpnetworks
schmir has quit IRC (Remote host closed the connection)
AndrewBC has quit IRC (Ping timeout: 252 seconds)
schmir has joined #arpnetworks
AndrewBC has joined #arpnetworks jdoe: hrm, 4.7
wonder how pleasant upgrading is... ***: schmir has quit IRC (Remote host closed the connection)
schmir has joined #arpnetworks
schmir has quit IRC (Ping timeout: 240 seconds)
schmir has joined #arpnetworks
schmir has quit IRC (Remote host closed the connection)
vtoms has quit IRC (Quit: Leaving.) up_the_irons: cedwards: for me, OpenBSD offers basically: a community that is big enough that useful work gets done, yet small enough that things pretty much move in the same direction. there's not 26 ways to do the same thing in OpenBSD. There's generally one, and only one, way. I find this make it a lot simpler for me to understand.
cedwards: but specifically, I'm liking the idea of using OpenBSD's spamd with my new Postfix configuration, to reduce spam (of course)
now, time to fight with apparmor and libvirt dxtr: Okay...
up_the_irons: You won't believe what I've just done
I've written a 13 page report about my school project up_the_irons: in LaTeX? dxtr: Now I've got to improvise 100 hours worth of logs :P
Actually, no. I took the easy road and wrote it in OOo and exporting it to a pdf up_the_irons: OOo?
i c ***: ballen has joined #arpnetworks
ballen has quit IRC (Changing host)
ballen has joined #arpnetworks
ChanServ sets mode: +o ballen dxtr: I'm in a hurry here. Don't have the time to learn latex right now :)
As I said, I've got to improvise a logbook for the 100 hours I was supposed to put into this project (In reality it took more like 2-3 hours) up_the_irons: haha dxtr: Okay, I've written down 36 hours so... 64 to go :P
Seriously, the rules for this project was insane
It couldn't take less than 100 hours and one of my teacher asked me if I couldn't make them a webserver that the first year students can use (Upload php scripts and use a shell in the linux class)
"Sure" I said ***: nbari|away has quit IRC (*.net *.split)
cedwards has quit IRC (*.net *.split) dxtr: Installed Apache and PHP (with SuExec and SuPHP) plus MySQL on a Debian machine
"Done!"
Fixed quotas and stuff too
I did it as slow as possible to drag it out. And I made a side project trying to learn my friend to write a script in either bash or perl that adds users in bulk (One class at a time)
But he didn't gave so I gave that up
he didn't care* ***: nbari|away has joined #arpnetworks
cedwards has joined #arpnetworks dxtr: But the fun part was that my mentor said that it must not take less than 100 hours but the teacher that "ordered" the webserver wanted it as fast as possible
So here I am
Retardedly behind schedule (With the report and log book).. And tired... and hungry
And Tomorrow I've got two more courses to finish (English and civics), on Friday I got two more
But then I'm done with high school
After this summer I'll study some high school math, religion and swedish so I can attend university though -: up_the_irons just discovered "netcap" up_the_irons: Nice util (Linux only, however)
Shows which capabilities your listening processes have ***: AndrewBC has quit IRC (Ping timeout: 240 seconds) dxtr: cool
"This course will provide in-depth knowledge of various software and hardware. This course will also provide knowledge of other equipment and documentation in the field. This course will provide skills in installation, commissioning, maintenance and documentation of IT facilities. This course will also provide knowledge of the duties incumbent upon an IT coordinator and ...
... knowledge of reliability and data security. This course will also provide knowledge about the collection of information, advice and guidance in the field"
up_the_irons: That's one of the courses I've got to do
:D ***: AndrewBC has joined #arpnetworks up_the_irons: dxtr: doesn't sound too bad dxtr: IT coordination [17:34] <dxtr> o ***: fink has joined #arpnetworks awyeah: About to try installing BackupPC on my bsd box here at home.
We'll see how well that goes ;) dxtr: http://tinyurl.com/238qyp7 <- My first three logs in my log book
Written six months ago ***: fink has left infrared: hi awyeah: Well that's not going very well.
It really wants to have everything run under the "backuppc" user.
But Apache runs under the www user of course. ***: fink has joined #arpnetworks
nbari|away is now known as nbari
nbari has quit IRC (Changing host)
nbari has joined #arpnetworks infrared: awyeah: rsync > * cedwards: +1 infrared: o awyeah: yeah
I just... i want a little history
like to be able to go back a few days.
ooh. http://www.nongnu.org/rdiff-backup/ RandalSchwartz: just posted to template toolkit mailing list about how I got rid of 17 8-way machines for $client
... http://lists.template-toolkit.org/pipermail/templates/2010-May/011317.html ***: heavysixer has quit IRC (Quit: heavysixer) ballen: RandalSchwartz: thats fun RandalSchwartz: yeah ***: RonnyBarber has joined #arpnetworks
fink has quit IRC (Quit: fink)
BarberRonny has quit IRC (*.net *.split)
woremacx has quit IRC (*.net *.split)
mtve has quit IRC (*.net *.split)
awyeah has quit IRC (Ping timeout: 260 seconds)
awyeah has joined #arpnetworks jdoe: awyeah: either run it as backuppc or use suexec, I guess ballen: or chmod everything to apache
run everything as apache's user
I wouldn't use suexec
mostly because you'll likely have to recompile perl RandalSchwartz: I don't run suexec
mostly bcause I don't run CGI :) jdoe: why would you have to recompile perl to use suexec? ballen: try it ;-) jdoe: I already do it ***: woremacx has joined #arpnetworks jdoe: that's why I'm asking why I can't ;) ballen: alright, pretty sure you can compile perl to no allow it to be suexeced
and thats the default in a lot of system's packages RandalSchwartz: what's your real question? jdoe: you're not thinking of suidperl or anything are you? ballen: might be RandalSchwartz: allowing perl in suexec is a problem jdoe: ... how so? RandalSchwartz: because perl can do anything jdoe: I'm not following. ballen: a perl suid executable could run anything
as root
which would be bad jdoe: yeah you're not talking about the same thing I am.
http://httpd.apache.org/docs/2.2/suexec.html ***: ballen_ has joined #arpnetworks
ballen_ has quit IRC (Changing host)
ballen_ has joined #arpnetworks
ChanServ sets mode: +o ballen_
ballen has quit IRC (Disconnected by services)
ballen_ is now known as ballen jdoe: ballen: http://httpd.apache.org/docs/2.2/suexec.html ballen: yea jdoe: yeah, you're thinking of ... the general insanity of suid scripts. ballen: a lot easier, and still safer to just use a single user
I have BackupPC setup so the apache user has a ssh key
use that key to deploy to clients jdoe: whatever works.
I don't use it at all, it was awyeah asking ***: nbari is now known as nbari|away
ballen has quit IRC (Quit: ballen) awyeah: ah
yeh
I may try that at some point.
for now I'm just going to do rsync or rdiff-backup
I only have one system to back up to my server anyway ;)
alright. sleep needed. ***: RandalSchwartz has quit IRC (Ping timeout: 245 seconds) jdoe: awyeah: word. I love rdiff-backup. ***: mtve has joined #arpnetworks
nuke` has quit IRC (Ping timeout: 252 seconds)
sentabi has quit IRC (Remote host closed the connection)
sentabi_ has quit IRC (Read error: Connection reset by peer)
sentabi has joined #arpnetworks
sentabi has quit IRC (Read error: Connection timed out)
sentabi has joined #arpnetworks
nuke` has joined #arpnetworks