[01:52] so is sftp the best secure file transfer protocol? [01:56] I'd say that's a tricky question... It's definitely reasonably secure and built on a strong base with a solid reputation, and it works very well. [01:56] And related is scp [01:58] I'd also say it's become the defacto standard, with good reason. [01:59] sftp it is [01:59] the default stock stuff in fbsd 10 solid? [01:59] Just don't confuse sftp with ftps :p [01:59] Probably [02:00] i'm about to set up my first fbsd vps @ arp :) [02:00] that's great [02:01] ty, ty :) [02:02] to make some side money to buy more vps's, i was thinking about setting up a basic but nice monitoring service to offer to other arp customers. think there'd be any value in that? [02:02] There might be. Who's to say? [02:03] I'm not interested, but I have my own monitoring setup already [02:03] sweet :) [02:05] i want to put an install disc in cdrom. fbsd 10 isn't offered yet, so 9.2. i386 or amd? [02:05] why would both be offered to me when obviously both wouldn't work? [02:06] Why wouldn't both work? [02:06] s/both/either/ [02:06] Why wouldn't either work? [02:07] why would an amd build run on an intel cpu? [02:07] and how do i know which my vm runs on? [02:07] * brycec facedesks [02:07] uhm, ok? [02:07] robonerd: amd64 isn't for AMD CPUs... It's for 64bit CPUs. AMD won the race and got to name (so to speak) what the 64bit architecture is called. [02:07] please don't feel obliged to help me. [02:08] no kidding? [02:08] Not kidding. [02:08] fascinating [02:08] I facedesked because it's a very common assumption among the ill-informed. [02:08] ahh :) [02:09] Same goes for Intel/x86/i386 [02:09] what about it? [02:09] x86 is x86. x86_64 is x86_64 [02:09] oh ppl assum eintel only? [02:09] right [02:09] ok [02:09] so i changed the cdrom. what's next step in reinstalling os of a vps? [02:10] i went with amd64, is that stable btw? [02:10] any caveats with 64 bit fbsd? [02:10] Generally speaking , connect to the VNC console, reboot, press the key to boot from cdrom, and go. [02:10] If you don't plan to have/use 4GB of RAM (or more) then you're better off with 32bit. 64bit binaries are larger and end up being a waste of disk space. [02:11] ah no, i have 786 on this little guy hehe [02:11] 32bit it is! [02:12] ok i'll look for an osx vnc client [02:13] "Connect To Server" (Command K) in Finder, vnc://IPaddress [02:13] you must be kidding [02:13] I'm not [02:14] Why do you keep assuming I'm kidding...? [02:15] vnc://kvr30.arpnetworks.com isn't working [02:15] ...did you add the display/port? [02:15] huh? [02:16] "VNC Server:... Port: XXXX" [02:16] adding :port didn't work [02:16] what syntax does this stupid text box expect? [02:16] Correct syntax, I assume. [02:17] vnc://kvr30.arpnetworks.com:6142 [02:17] didn't work [02:17] try :242 then [02:19] that worked [02:19] why am i given an incorrect port please? [02:19] I don't feel obligated. I'm just filling my time while configuring the new router. 02:07:07 < robonerd> please don't feel obliged to help me. [02:19] well, ty :) [02:19] You're not. The OSX client expects a "display" (base port 5900) and ARP gives you the port number. [02:20] what? [02:20] ah no even 242 failed [02:20] In short, it's a matter of terminology. [02:20] just not right away [02:20] Is your VPS running? [02:20] no [02:20] ah [02:20] You can't connect to something that's not running ;) [02:21] i can see it!!! [02:21] is this secure? [02:22] Not especially... Don't send anything sensitive over the connection if you're paranoid, change your password once you can SSH in, etc. The login is reasonably secure though. [02:22] uhm, my name is used in my 'cust.' hostname of arp. how can i change that? i'm not comfortable with that [02:23] The hostname? Just set it to whatever you'd like when you reinstall. [02:23] but won't the dns entry stay in arps record? [02:24] Are you sure it's even setup as a DNS entry? [02:24] i can ping it. [02:25] I'm not aware of ARP assigning DNS names to customers, so I can't help you there. [02:26] np [02:26] I can tell you where to edit the reverse DNS... but that just maps IP to a name. [02:26] so if i do an install over vnc, couldn't someone intercept the root pw i pick? [02:26] Yes. So use something temporary. And change it. [02:26] It's not likely someone will be sniffing your traffic though. But it's technically possible. [02:27] so what's the secure solution here? [02:27] for secure installation from scratch up [02:28] Probably VNC over SSH. But that's not exactly easy. (Though there is a walkthrough when you login to console.) [02:28] (console.arpnetworks.com that is) [02:31] wow 0230 already [02:31] time for me to go home [02:31] have fun robonerd [02:32] thank you bryce :) [02:32] * robonerd waves [04:09] *** xiphias has quit IRC (Ping timeout: 240 seconds) [04:09] *** xiphias has joined #arpnetworks [04:20] *** laotzi has joined #arpnetworks [04:32] *** ziyourenxiang has joined #arpnetworks [04:39] *** ziyourenxiang has quit IRC (Quit: ziyourenxiang) [05:15] *** laotzi has quit IRC (Remote host closed the connection) [06:18] robonerd: there's already an osx vnc client, it's called screen sharing [06:19] /System/Library/CoreServices/Screen Sharing.app [06:20] oh, mentioned already - nevermind. scrollback was wonky [06:37] *** heavysixer has joined #arpnetworks [06:37] *** ChanServ sets mode: +o heavysixer [06:56] *** heavysixer has quit IRC (Quit: heavysixer) [07:11] *** heavysixer has joined #arpnetworks [07:11] *** ChanServ sets mode: +o heavysixer [07:18] *** laotzi has joined #arpnetworks [07:23] *** heavysixer has quit IRC (Quit: heavysixer) [07:27] *** heavysixer has joined #arpnetworks [07:27] *** ChanServ sets mode: +o heavysixer [07:56] *** heavysixer has quit IRC (Quit: heavysixer) [08:35] *** xiphias has quit IRC (Ping timeout: 240 seconds) [08:36] *** xiphias has joined #arpnetworks [08:45] *** xiphias has quit IRC (Ping timeout: 240 seconds) [08:46] *** xiphias has joined #arpnetworks [10:03] m0unds thanks hehe [10:38] haha, it's the thought that counts, right? [10:38] yep! [10:39] does work really well too, i made a shortcut to it on my dock [10:39] looks like centurylink fixed their ntt nonsense [10:39] maybe [10:45] doubt it [10:48] damn i hate os x so much. and apple in general [10:48] they did, pulling 30MB/sec [10:49] yesterday i was lucky to hit 95KB/sec [10:49] haha [10:49] now i can actually finish this remote backup [10:49] 50.56.34.188 keeps trying to log in to root on my vps [10:49] wow [10:49] huge diff there lol [10:49] change your ssh port to something else [10:49] yeah [10:49] well i might just implement port knocking [10:50] some people will say it's dumb to change ssh because if you just use a strong pw or keys or whatever, but i'm a big fan of not seeing shit in my logs [10:50] wtf [10:50] and the fewer failed login attempts clogging my logs, the better [10:50] it's someone from within rackspace [10:50] cloud-ips.com? [10:50] yea, probably their cloud platform [10:50] yep [10:50] haha [10:50] it's like aws but crappy [10:50] ? [10:50] so ppl spin up instances to crack with? [10:50] either a compromised box or someone did that ^ [10:51] if you wanted to, you could excerpt the failed login attempts (a ton of them) and email them to rackspace abuse [10:51] i've kinda given up on doing that except in cases where there's a good level of belligerence, haha [10:51] i'll probably just write a script to automatically do that [10:52] as soon as some threshold of failed login attemps is sent, send an email off to abuse dept of IP allocation perhaps? [10:52] yea, if you want [10:52] they're going to spam me with crack attempts? i'll spam right back with abuse reports to their noc [10:58] *** RandalSchwartz has joined #arpnetworks [10:58] *** RandalSchwartz has quit IRC (Changing host) [10:58] *** RandalSchwartz has joined #arpnetworks [10:58] wee, backup completed [11:00] woohoo [11:00] screen sharing.app steals my command tab :/ [11:01] not useful for a damn fbsd box [11:01] stupid apple :/ [11:01] it *has* to send that to the remote [11:01] why? it could just give me an option to not send any command + keys [11:03] i usually just use expose to switch apps away from screen sharing [11:03] i thnk cmd opt x releases the keyboard, but i could be wrong [11:04] the arp portal doesn't perform shut down, but it does perform power off and boot [11:04] any idea why? [11:04] acpi support in your guest? [11:04] wow, nice [11:04] command opt x does release it [11:04] word [11:04] thank you! why isn't that listed anywhere or a click pref? [11:04] what a terrible OS this is [11:05] * m0unds shrugs [11:05] m0unds not sure re acpi support in guest. check by rebooting into bios settings? [11:05] what guest os is it? [11:06] freebsd 9.1 [11:07] can't remember my root pw, but i don't care because i want to install 9.2 anyway [11:10] i just requested the vps w/9.1 then mounted the cdrom via the portal and then installed 9.2 from scratch] [11:11] yea, that's what i'm doing now [11:11] when we do power off and such, does that actually cut power to some hardware? or just 'virtually' cut power to a guest vps [11:12] just virutally shuts it down [11:12] shutdown uses acpi i think to command a shutdown similar to pressing the power button on a modern machine [11:12] it's a graceful shutdown when it works [11:12] power off is, as you said, like virtually pulling the plug or switching the psu off [11:13] so i just booted to 9.2 in cdrom device 4. it boots to 'nakatomi socrates' [11:13] single or multi user to install? [11:13] just press enter [11:15] *** heavysixer has joined #arpnetworks [11:15] *** ChanServ sets mode: +o heavysixer [11:19] *** xiphias has quit IRC (Ping timeout: 240 seconds) [11:20] *** xiphias has joined #arpnetworks [11:26] *** xiphias has quit IRC (Ping timeout: 240 seconds) [11:27] *** xiphias has joined #arpnetworks [11:28] *** heavysixer has quit IRC (Quit: heavysixer) [11:32] *** xiphias has quit IRC (Ping timeout: 240 seconds) [11:33] *** xiphias has joined #arpnetworks [11:37] in network configuration - resolver configuration, what should i use for "search", and dns 1 and 2? [11:38] fail2ban already has such a script 10:50:46 < robonerd> i'll probably just write a script to automatically do that [11:40] that sounds awesome [11:40] *** ese has quit IRC (Ping timeout: 246 seconds) [11:47] oh no, bsdinstall is asking if machine's cmos clock is set to utc? [11:47] i don't know how to get into the bios of my vps, or if it even has one, to change that [11:48] but i do want a utc based system, i always do :) [11:48] No there is no BIOS per se, and yes, choose UTC [11:49] haha, it also says "if you're not sure, select no" [11:50] ah yes, no [11:50] then next screen, TZ selector where i pick utc! [11:52] do i want ntpd to be running? [12:07] yes [12:11] login group [foo]: <- i want this user to be in wheel, so do i type just wheel there, or will that replace the foo part? [12:11] user's name is foo, btw [12:15] it'll ask you if you want it added to other groups [12:16] type wheel in that dialog [12:16] leave the user in foo [12:16] k but... [12:16] how would i remove it from it? [12:16] it's in [], so to me it says that's the default, but if i enter something else, it'll not go into there [12:17] first dialog will say it's gonna default to its own user group [12:17] then it'll ask you "Do you want this user added to any other groups" type wheel, press enter [12:18] *** heavysixer has joined #arpnetworks [12:18] *** ChanServ sets mode: +o heavysixer [12:23] *** xiphias has quit IRC (Ping timeout: 240 seconds) [12:24] *** xiphias has joined #arpnetworks [12:56] *** heavysixer has quit IRC (Quit: heavysixer) [13:28] *** heavysixer has joined #arpnetworks [13:28] *** ChanServ sets mode: +o heavysixer [13:31] i booted with acpi option enabled and i can't use the web interface to 'shutdown' [13:31] i'm watching via vnc and no console message ever comes up [13:31] idk [13:31] dangit [13:31] i can't remember my root pw and i really don't like to hard cut power to OSs [13:32] http://www.lastpass.com [13:32] fwiw [13:32] you do have to remember the pw to the account on lastpass to be able to access your other pws, but it's a good way to securely save lots of pws [13:39] *** heavysixer has quit IRC (Quit: heavysixer) [13:47] indeed [13:47] I use 1Password too [13:47] belt *and* suspenders [13:47] RandalSchwartz any idea why the shutdown button doesn't 'do' anything in the portal? [13:48] does your OS respect ACPI? [13:48] yea [13:48] fbsd 9.2 [13:48] it auto boots with acpi enabled [13:48] then it should, unless something's broken [13:48] I've had to hard stop my FBSD 8.x from time to time [13:48] it must be the shutdown button that's broken [13:48] No - it has worked [13:48] it sends the signal [13:48] it's not working for me [13:49] but the OS has to respond [13:49] i'm vnc'd in, i see no console message [13:49] i boot freebsd with acpi on [13:49] again - the OS has to response [13:49] maybe that part is broken [13:49] could be you're in the bottom half of a device interrupt [13:49] how can we get this resolved? [13:49] in that case, the ACPI interrupt isn't going to get dealt with anytime soon [13:50] i'm held up now doing a damn fsck or w/e that i don't know how to do vs getting work done [13:50] "this" "resolved"? [13:50] hard stop [13:50] reboot [13:50] the web panel isn't working [13:50] it should be fixed [13:50] NO [13:50] it's the damn os [13:50] doubt it. [13:50] if safe stop doesn't work, do a hard stop [13:50] it's not ARP's fault, by any means [13:51] how do you even know that? [13:51] the ACPI protocol is trivial [13:51] and has worked *most* of the time for me [13:51] but there are times when FBSD gets mad [13:51] and won't listen to ACPI [13:52] do you understand bottom-half of device routines? [13:52] no [13:52] when you're in the middle of handling a device interrupt [13:52] NOTHING else works [13:52] so you might be there [13:52] practically, we hope we spend very little time there [13:52] but sometimes, things go wrong [13:53] named from when the "top half" of the device handling code was all kernel side at normal priority, and "bottom half" of the code was all "interrupt level priority", aka "non-interruptable" [13:53] if FBSD is in bottom half, ACPI won't work [13:53] not ARP's fault [13:53] Wow, so many relevant Google results! [13:54] heh [13:54] And yes, ARP's button works just fucking fine. Why would you assume a commercially paid-for, for-profit service would have something as simple as a non-working button? [13:55] I'm pretty sure that "send an ACPI signal to a child VM" is hard to screw up [13:55] given that it works for me *most* of the time [13:55] Also given that ARP didn't even write the underlying code, it's just a call to the qemu ipc [13:56] indeed [13:56] sometimes, you just gotta hard-stop [13:56] and use a filesystem that survives that [13:56] k pardon me for offending your gods [13:56] An fsck would've been done hours ago at this rate anyways. [13:56] one million apologies, or we [13:56] * RandalSchwartz boots from ZFS, and has no problems with hard-stop [13:56] I have no gods [13:57] * brycec worships only himself [13:57] uhu [13:58] you mean uhura? from new star trek? Yeah, I could worship Zoe. :) [13:58] i nailed her [13:58] it was at a comicon [13:58] I *totally* believe that. Not. [13:59] * brycec wanders off in search of breakfast. at 1400. [13:59] Hard to believe a person who can't hard-stop their VPS for fear of a long fsck could possibly get into that girl. [14:00] * RandalSchwartz grins [14:00] on the other hand, a famous tech book author and podcaster... :) [14:02] it'll never happen [14:02] she needs the freshness [14:03] ... [14:03] m0unds: S [14:03] ... [14:03] m0unds: S [14:03] haha [14:04] i feel like i'm missing something [14:05] .... [14:05] hazardous: H [14:05] ahhhhhhhhh [14:05] . [14:05] m0unds: E [14:05] .. [14:05] m0unds: I [14:05] .. [14:05] ..... [14:05] hazardous: I [14:05] hazardous: 5 [14:05] deterministic? [14:05] i'm so confused [14:05] hahaha [14:06] i really want to just do every single dot [14:06] up until it stops responding [14:06] and then figure it out [14:06] but that owuld piss off a number of people [14:07] ... --- ... [14:07] brycec: SOS [14:07] oh [14:08] morse code? [14:08] yep [14:08] I plan to tweak it, make it not trigger on a single "letter" [14:08] someday [14:08] @cw Hello, World! [14:08] brycec: .... . .-.. .-.. --- --..-- .-- --- .-. .-.. -.. -.-.-- [14:09] -.- .. ... ... / -- -.-- / --. .-. .. - ... [14:09] ? [14:09] isn't a dit or a da [14:09] what is morse code [14:09] / isn't a dit or a da [14:09] breka [14:09] break [14:09] haha [14:09] good god hazardous whare are you, 9 years old??? [14:10] -.- .. ... ... -- -.-- --. .-. .. - ... [14:10] m0unds: KISS MY GRITS [14:10] lol [14:10] i feel like it's a meme [14:10] -- [14:10] robonerd: M [14:10] WHAT IS ? [14:10] .-- [14:10] robonerd: W [14:10] haha m0unds [14:10] "What is AOL?" [14:10] .-- .... .- - .. ... .- -- . -- . ..--.. [14:10] m0unds: WHAT IS A MEME? [14:10] brycec: to be fair my first ever internet connection was broadband [14:10] What is ICQ? What is a pager? What is etc [14:10] and i never got the chance tou se the legendary aol [14:11] i should grep my logs and see how many times i've seen that [14:11] dammit bryce [14:11] AOL had a broadband plan [14:11] "my first internet connection was broadband" [14:11] i had a smartphone as a kid! [14:11] it ran like [14:11] windows mobile 5 or 6 [14:11] and was terrible [14:11] aol still does isp? [14:11] it was great [14:11] does it have the online service? [14:11] i think they still have the client [14:11] and you BYO internet nowadays [14:11] ah [14:11] i used a winmo device for years for work [14:11] but i'm slightly unsure why they're still around [14:11] i wonder if kids are still hacking it [14:12] m0unds: when i was in like year 5 or something i had this weird windows mobile thing [14:12] the touchscreen was terrible, it came with a stylus [14:12] You can't kill something that's already deaD! [14:12] 0xdead [14:12] http://irclogger.arpnetworks.com/irclogger_log_search/arpnetworks?search=hazardous%3Bbroadband&action=search&error=0 [14:12] portsnap is kewl [14:12] how does this logger work? [14:12] nicely done m0unds [14:13] i want to run the same thing in #coindev [14:13] how well does freebsd run on <64mb ram vm's [14:13] http://irclogger.arpnetworks.com/irclogger_log_search/arpnetworks?search=hazardous%3Binternet&action=search&error=0 [14:13] robonerd: then setup your own http://colas.nahaboo.net/Software/IrcLogger [14:13] haha [14:13] k [14:13] i forgot i stopped logging my client because i rarely ever refer to my own logs [14:13] ty [14:13] (or whatever other IRC channel loger you like) [14:13] and 99% of the time it's not worth it, except in an instance like this..for lulz [14:13] i never really logged [14:14] not sure why [14:14] what is logging? [14:14] well, our chan gets some serious convo [14:14] real funny mounds [14:14] m0unds: o/ [14:14] what should i get for lunch, im a bit undecided [14:14] "What is a newspaper?" [14:14] w/e is in your lunchbox [14:14] what is lunch? [14:14] baby dont hurt me [14:14] dont hurt me [14:14] no more [14:14] that song's too old for you dude [14:14] ^ [14:14] came out in like 1994 [14:15] shit, 1993 [14:15] s/too old for/older than/ [14:15] that song's older than you dude [14:15] it's alright, i was still in elementary school in 1993 [14:15] likewise [14:15] i was NINE [14:16] * brycec was not nine [14:16] o_O [14:16] ahahahah [14:16] omg [14:16] searched harzardous;what's [14:16] and what is [14:16] [17:46] what's winnuke? this is the best one [14:19] haha [14:19] in 1993, I was 22 [14:19] no... 32 [14:19] damn - I'm old :) [14:20] slightly younger than my dad, haha [14:20] "Luke... I am your father..." [14:20] RandalSchwartz have any nice daughters? [14:21] in 1993, is was 3 :) [14:21] as far as I know, I have no offspring [14:21] at least, no letters from lawyers yet [14:21] haha [14:22] almost had, twice [14:29]