so is sftp the best secure file transfer protocol?
I'd say that's a tricky question... It's definitely reasonably secure and built on a strong base with a solid reputation, and it works very well.
And related is scp
I'd also say it's become the defacto standard, with good reason.
sftp it is
the default stock stuff in fbsd 10 solid?
Just don't confuse sftp with ftps :p
Probably
i'm about to set up my first fbsd vps @ arp :)
that's great
ty, ty :)
to make some side money to buy more vps's, i was thinking about setting up a basic but nice monitoring service to offer to other arp customers. think there'd be any value in that?
There might be. Who's to say?
I'm not interested, but I have my own monitoring setup already
sweet :)
i want to put an install disc in cdrom. fbsd 10 isn't offered yet, so 9.2. i386 or amd?
why would both be offered to me when obviously both wouldn't work?
Why wouldn't both work?
s/both/either/
<brycec> Why wouldn't either work?
why would an amd build run on an intel cpu?
and how do i know which my vm runs on?
uhm, ok?
robonerd: amd64 isn't for AMD CPUs... It's for 64bit CPUs. AMD won the race and got to name (so to speak) what the 64bit architecture is called.
please don't feel obliged to help me.
no kidding?
Not kidding.
fascinating
I facedesked because it's a very common assumption among the ill-informed.
ahh :)
Same goes for Intel/x86/i386
what about it?
x86 is x86. x86_64 is x86_64
oh ppl assum eintel only?
right
ok
so i changed the cdrom. what's next step in reinstalling os of a vps?
i went with amd64, is that stable btw?
any caveats with 64 bit fbsd?
Generally speaking , connect to the VNC console, reboot, press the key to boot from cdrom, and go.
If you don't plan to have/use 4GB of RAM (or more) then you're better off with 32bit. 64bit binaries are larger and end up being a waste of disk space.
ah no, i have 786 on this little guy hehe
32bit it is!
ok i'll look for an osx vnc client
"Connect To Server" (Command K) in Finder, vnc://IPaddress
you must be kidding
I'm not
Why do you keep assuming I'm kidding...?
vnc://kvr30.arpnetworks.com isn't working
...did you add the display/port?
huh?
"VNC Server:... Port: XXXX"
adding :port didn't work
what syntax does this stupid text box expect?
Correct syntax, I assume.
vnc://kvr30.arpnetworks.com:6142
didn't work
try :242 then
that worked
why am i given an incorrect port please?
I don't feel obligated. I'm just filling my time while configuring the new router.  02:07:07 < robonerd> please don't feel obliged to help me.
well, ty :)
You're not. The OSX client expects a "display" (base port 5900) and ARP gives you the port number.
what?
ah no even 242 failed
In short, it's a matter of terminology.
just not right away
Is your VPS running?
no
ah
You can't connect to something that's not running ;)
i can see it!!!
is this secure?
Not especially... Don't send anything sensitive over the connection if you're paranoid, change your password once you can SSH in, etc. The login is reasonably secure though.
uhm, my name is used in my 'cust.' hostname of arp. how can i change that? i'm not comfortable with that
The hostname? Just set it to whatever you'd like when you reinstall.
but won't the dns entry stay in arps record?
Are you sure it's even setup as a DNS entry?
i can ping it.
I'm not aware of ARP assigning DNS names to customers, so I can't help you there.
np
I can tell you where to edit the reverse DNS... but that just maps IP to a name.
so if i do an install over vnc, couldn't someone intercept the root pw i pick?
Yes. So use something temporary. And change it.
It's not likely someone will be sniffing your traffic though. But it's technically possible.
so what's the secure solution here?
for secure installation from scratch up
Probably VNC over SSH. But that's not exactly easy. (Though there is a walkthrough when you login to console.)
(console.arpnetworks.com that is)
wow 0230 already
time for me to go home
have fun robonerd
thank you bryce :)
robonerd: there's already an osx vnc client, it's called screen sharing
/System/Library/CoreServices/Screen Sharing.app
oh, mentioned already - nevermind. scrollback was wonky
m0unds thanks hehe
haha, it's the thought that counts, right?
yep!
does work really well too, i made a shortcut to it on my dock
looks like centurylink fixed their ntt nonsense
maybe
doubt it
damn i hate os x so much. and apple in general
they did, pulling 30MB/sec
yesterday i was lucky to hit 95KB/sec
haha
now i can actually finish this remote backup
50.56.34.188 keeps trying to log in to root on my vps
wow
huge diff there lol
change your ssh port to something else
yeah
well i might just implement port knocking
some people will say it's dumb to change ssh because if you just use a strong pw or keys or whatever, but i'm a big fan of not seeing shit in my logs
wtf
and the fewer failed login attempts clogging my logs, the better
it's someone from within rackspace
cloud-ips.com?
yea, probably their cloud platform
yep
haha
it's like aws but crappy
?
so ppl spin up instances to crack with?
either a compromised box or someone did that ^
if you wanted to, you could excerpt the failed login attempts (a ton of them) and email them to rackspace abuse
i've kinda given up on doing that except in cases where there's a good level of belligerence, haha
i'll probably just write a script to automatically do that
as soon as some threshold of failed login attemps is sent, send an email off to abuse dept of IP allocation perhaps?
yea, if you want
they're going to spam me with crack attempts? i'll spam right back with abuse reports to their noc
wee, backup completed
woohoo
screen sharing.app steals my command tab :/
not useful for a damn fbsd box
stupid apple :/
it *has* to send that to the remote
why? it could just give me an option to not send any command + keys
i usually just use expose to switch apps away from screen sharing
i thnk cmd opt x releases the keyboard, but i could be wrong
the arp portal doesn't perform shut down, but it does perform power off and boot
any idea why?
acpi support in your guest?
wow, nice
command opt x does release it
word
thank you! why isn't that listed anywhere or a click pref?
what a terrible OS this is
m0unds not sure re acpi support in guest. check by rebooting into bios settings?
what guest os is it?
freebsd 9.1
can't remember my root pw, but i don't care because i want to install 9.2 anyway
i just requested the vps w/9.1 then mounted the cdrom via the portal and then installed 9.2 from scratch]
yea, that's what i'm doing now
when we do power off and such, does that actually cut power to some hardware? or just 'virtually' cut power to a guest vps
just virutally shuts it down
shutdown uses acpi i think to command a shutdown similar to pressing the power button on a modern machine
it's a graceful shutdown when it works
power off is, as you said, like virtually pulling the plug or switching the psu off
so i just booted to 9.2 in cdrom device 4. it boots to 'nakatomi socrates'
single or multi user to install?
just press enter
in network configuration - resolver configuration, what should i use for "search", and dns 1 and 2?
fail2ban already has such a script 10:50:46 < robonerd> i'll probably just write a script to automatically do that
that sounds awesome
oh no, bsdinstall is asking if machine's cmos clock is set to utc?
i don't know how to get into the bios of my vps, or if it even has one, to change that
but i do want a utc based system, i always do :)
No there is no BIOS per se, and yes, choose UTC
haha, it also says "if you're not sure, select no"
ah yes, no
then next screen, TZ selector where i pick utc!
do i want ntpd to be running?
yes
login group [foo]: <- i want this user to be in wheel, so do i type just wheel there, or will that replace the foo part?
user's name is foo, btw
it'll ask you if you want it added to other groups
type wheel in that dialog
leave the user in foo
k but...
how would i remove it from it?
it's in [], so to me it says that's the default, but if i enter something else, it'll not go into there
first dialog will say it's gonna default to its own user group
then it'll ask you "Do you want this user added to any other groups" type wheel, press enter
i booted with acpi option enabled and i can't use the web interface to 'shutdown'
i'm watching via vnc and no console message ever comes up
idk
dangit
i can't remember my root pw and i really don't like to hard cut power to OSs
http://www.lastpass.com
fwiw
you do have to remember the pw to the account on lastpass to be able to access your other pws, but it's a good way to securely save lots of pws
indeed
I use 1Password too
belt *and* suspenders
RandalSchwartz any idea why the shutdown button doesn't 'do' anything in the portal?
does your OS respect ACPI?
yea
fbsd 9.2
it auto boots with acpi enabled
then it should, unless something's broken
I've had to hard stop my FBSD 8.x from time to time
it must be the shutdown button that's broken
No - it has worked
it sends the signal
it's not working for me
but the OS has to respond
i'm vnc'd in, i see no console message
i boot freebsd with acpi on
again - the OS has to response
maybe that part is broken
could be you're in the bottom half of a device interrupt
how can we get this resolved?
in that case, the ACPI interrupt isn't going to get dealt with anytime soon
i'm held up now doing a damn fsck or w/e that i don't know how to do vs getting work done
"this" "resolved"?
hard stop
reboot
the web panel isn't working
it should be fixed
NO
it's the damn os
doubt it.
if safe stop doesn't work, do a hard stop
it's not ARP's fault, by any means
how do you even know that?
the ACPI protocol is trivial
and has worked *most* of the time for me
but there are times when FBSD gets mad
and won't listen to ACPI
do you understand bottom-half of device routines?
no
when you're in the middle of handling a device interrupt
NOTHING else works
so you might be there
practically, we hope we spend very little time there
but sometimes, things go wrong
named from when the "top half" of the device handling code was all kernel side at normal priority, and "bottom half" of the code was all "interrupt level priority", aka "non-interruptable"
if FBSD is in bottom half, ACPI won't work
not ARP's fault
Wow, so many relevant Google results!
heh
And yes, ARP's button works just fucking fine. Why would you assume a commercially paid-for, for-profit service would have something as simple as a non-working button?
I'm pretty sure that "send an ACPI signal to a child VM" is hard to screw up
given that it works for me *most* of the time
Also given that ARP didn't even write the underlying code, it's just a call to the qemu ipc
indeed
sometimes, you just gotta hard-stop
and use a filesystem that survives that
k pardon me for offending your gods
An fsck would've been done hours ago at this rate anyways.
one million apologies, or we
I have no gods
uhu
you mean uhura?  from new star trek?  Yeah, I could worship Zoe. :)
i nailed her
it was at a comicon
I *totally* believe that.  Not.
Hard to believe a person who can't hard-stop their VPS for fear of a long fsck could possibly get into that girl.
on the other hand, a famous tech book author and podcaster... :)
it'll never happen
she needs the freshness
...
m0unds: S
...
m0unds: S
haha
i feel like i'm missing something
....
hazardous: H
ahhhhhhhhh
.
m0unds: E
..
m0unds: I
..
.....
hazardous: I
hazardous: 5
deterministic?
i'm so confused
hahaha
i really want to just do every single dot
up until it stops responding
and then figure it out
but that owuld piss off a number of people
... --- ...
brycec: SOS
oh
morse code?
yep
I plan to tweak it, make it not trigger on a single "letter"
someday
@cw Hello, World!
brycec: .... . .-.. .-.. --- --..--  .-- --- .-. .-.. -.. -.-.--
-.- .. ... ... / -- -.-- / --. .-. .. - ...
?
isn't a dit or a da
what is morse code
 / isn't a dit or a da
breka
break
haha
good god hazardous whare are you, 9 years old???
-.- .. ... ...  -- -.--  --. .-. .. - ...
m0unds: KISS MY GRITS
lol
i feel like it's a meme
--
robonerd: M
WHAT IS <X>?
.--
robonerd: W
haha m0unds
"What is AOL?"
.-- .... .- -  .. ...  .-  -- . -- . ..--..
m0unds: WHAT IS A MEME?
brycec: to be fair my first ever internet connection was broadband
What is ICQ? What is a pager? What is etc
and i never got the chance tou se the legendary aol
i should grep my logs and see how many times i've seen that
dammit bryce
AOL had a broadband plan
"my first internet connection was broadband"
i had a smartphone as a kid!
it ran like
windows mobile 5 or 6
and was terrible
aol still does isp?
it was great
does it have the online service?
i think they still have the client
and you BYO internet nowadays
ah
i used a winmo device for years for work
but i'm slightly unsure why they're still around
i wonder if kids are still hacking it
m0unds: when i was in like year 5 or something i had this weird windows mobile thing
the touchscreen was terrible, it came with a stylus
You can't kill something that's already deaD!
0xdead
http://irclogger.arpnetworks.com/irclogger_log_search/arpnetworks?search=hazardous%3Bbroadband&action=search&error=0
portsnap is kewl
how does this logger work?
nicely done m0unds
i want to run the same thing in #coindev
how well does freebsd run on <64mb ram vm's
http://irclogger.arpnetworks.com/irclogger_log_search/arpnetworks?search=hazardous%3Binternet&action=search&error=0
robonerd: then setup your own http://colas.nahaboo.net/Software/IrcLogger
haha
k
i forgot i stopped logging my client because i rarely ever refer to my own logs
ty
(or whatever other IRC channel loger you like)
and 99% of the time it's not worth it, except in an instance like this..for lulz
i never really logged
not sure why
what is logging?
well, our chan gets some serious convo
real funny mounds
m0unds: o/
what should i get for lunch, im a bit undecided
"What is a newspaper?"
w/e is in your lunchbox
what is lunch?
baby dont hurt me
dont hurt me
no more
that song's too old for you dude
^
came out in like 1994
shit, 1993
s/too old for/older than/
<m0unds> that song's older than you dude
it's alright, i was still in elementary school in 1993
likewise
i was NINE
o_O
ahahahah
omg
searched harzardous;what's
and what is
 [17:46] <hazardous> what's winnuke?  this is the best one
haha
in 1993, I was 22
no... 32
damn - I'm old :)
slightly younger than my dad, haha
"Luke... I am your father..."
RandalSchwartz have any nice daughters?
in 1993, is was 3 :)
as far as I know, I have no offspring
at least, no letters from lawyers yet
haha
almost had, twice
almost!?
what IS winnuke though
you kids
i don't know either. and i'm old enough to get alcohol without being asked for my ID...
I got asked for my ID the other day.  It never ends.
http://irclogger.arpnetworks.com/irclogger_log/arpnetworks?date=2013-06-22,Sat&sel=288#l284
RandalSchwartz: maybe you just look so young ;)
haha
it was a bar open only two weeks
so they carded "everyone"
ah. don't wanna put the liquor license in jeopardy
i once did that when i had duty on a entrance at a big party at our university..some people got really pissed
'doody'
... http://www.jonathancoulton.com/2005/09/30/thing-a-week-3-ws-duty/
can't help but think of "call of doody"
heh
also spaulding's "DOODY" in caddyshack
up_the_irons: I'm curious, where does ARP stand on tor and running an exit node? Is anyone running a tor node? (I have no plans to do so, just wondering what ARP does about theses things.)