[06:09] *** dj_goku has joined #arpnetworks
[06:09] *** dj_goku has quit IRC (Changing host)
[06:09] *** dj_goku has joined #arpnetworks
[06:48] *** mkb has quit IRC (Quit: leaving)
[06:48] *** mkb_ has joined #arpnetworks
[06:49] *** mkb_ is now known as mkb
[08:55] <RandalSchwartz> great success by doing nothing. :)
[08:55] <RandalSchwartz> good thing I finally had my private key
[09:24] <sorressean> great success by doing nothing? you should write a book.
[09:30] <sorressean> I guess reading that book would imply doing something to achieve great success, so...
[09:40] <RandalSchwartz> heh
[16:08] *** sorressean has quit IRC (Remote host closed the connection)
[17:04] *** sorressean has joined #arpnetworks
[17:04] <sorressean> up_the_irons:  you around by chance?
[17:05] <up_the_irons> indeed
[17:19] <sorressean> wow. does anyone actually have a "monumental"?
[17:40] <up_the_irons> sorressean: mercutio : is it at the login prompt?
[17:40] <up_the_irons> sorressean: mercutio | but the gist is it's in single user mode
[17:40] <up_the_irons> and
[17:40] <up_the_irons> sorressean: mercutio | and has some directory number not found
[17:41] <mercutio> then "Unknown error: help!"
[17:41] <up_the_irons> sorressean: people do have Monumental's
[17:41] <sorressean> ouch. okay.
[17:41] <mercutio> hmm that could be bad /etc/fstab
[17:42] <sorressean> Is there any way to get an IPMI console in text or something or am I stuck with vnc?
[17:42] <mercutio> nope fstab looks fine
[17:42] <up_the_irons> sorressean: have you configured your OS to output to the serial port?
[17:42] <sorressean> I have not.
[17:42] <mercutio> umm yeah there is a way, but it involves changing some stuff in the freebsd loader iirc
[17:42] <up_the_irons> b/c then you could get a text-based console with ipmitool
[17:43] <mercutio> it looks like it's pretty simple
[17:43] <sorressean> up_the_irons:  I'll send a csr from littlefieldt@wit.edu, I can bribe more eyeballs with beer if you wouldn't mind signing and I can IPMI in with his help.
[17:44] <sorressean> Yeah probably isn't hard, I just have no way of doing that/seeing the error currently.
[17:44] <mercutio> yeah i mean to enable it
[17:44] <up_the_irons> sorressean: I'll sign the CSR as soon as I get it
[17:44] <mercutio> as long as ipmi is on com1
[17:45] <up_the_irons> I think it's simply: echo 'console="comconsole"' >> /boot/loader.conf
[17:45] <mercutio> yeah, if it's on com1
[17:45] <sorressean> oh that would be easy.
[17:45] <up_the_irons> mercutio: yeah
[17:45] <mercutio> i think it's on com2
[17:46] <mercutio> wtf
[17:46] <mercutio> using a port other than com2 requires recompiling
[17:47] <sorressean> up_the_irons:  sent
[17:47] <mercutio> i suspect that in bios can disable hardware com1
[17:47] <mercutio> or set it to com2, then have ipmi set to com1
[17:47] <sorressean> up_the_irons:  mercutio : thanks a lot for the help, really appreciate it. was hoping it was something simple.
[17:47] <sorressean> up_the_irons:  also your arpnetworks.com is incredibly hard to read with a screen reader.
[17:48] <sorressean> not that it matters, but I like to point people at arpnetworks when I get the chance. :p
[17:48] <sorressean> mercutio:  probably going to be a weekend project to figure that out, or at least a couple hours.
[17:49] <up_the_irons> mercutio: Yeah in the BIOS i think you can set the port number for virtual serial
[17:49] <up_the_irons> sorressean: Sorry it's hard to read, I never knew that
[17:49] <mercutio> shall i reboot and go into bios and try to setup serial port
[17:50] <sorressean> up_the_irons:  I didn't think you did, I can send a list of stuff that might help this weekend if that helps. I didn't need anything from it, I was just looking at it and seen it had changed.
[17:50] <sorressean> mercutio:  if you wouldn't mind I'd appreciate it. then I only need to echo that line into loader.conf
[17:50] <up_the_irons> sorressean: yeah that'd be great
[17:50] <mercutio> for some erason my java froze now
[17:50] <sorressean> the reason is java
[17:51] <up_the_irons> hahaha
[17:51] <up_the_irons> mercutio: I actually connected to serial with ipmitool, maybe that did something.  I've quit now.
[17:51] <mercutio> who knows
[17:51] <mercutio> it's still not working for input
[17:51] <mercutio> but i see ltters that werne't there before
[17:52] <mercutio> oh si saw a space just now
[17:52] <mercutio> i wonder if i go in with ipmitool sol it'll let me type
[17:52] <up_the_irons> I didn't get any output with ipmitool
[17:53] <mercutio> did you type anything into it?
[17:53] <up_the_irons> yeah probalby "lkajdsf"
[17:53] <mercutio> it's changed again wtf
[17:53] <mercutio> i se aasdas
[17:53] <up_the_irons> might have been me, but i've disconnected
[17:54] <mercutio> yeah and i hadn't typed anything i was trying to do the serial
[17:54] <mercutio> and it changed :)
[17:54] <mercutio> woot it's working again
[17:54] <up_the_irons> i'm not going to guess what's causing that
[17:54] <up_the_irons> ;)
[17:58] <up_the_irons> I just created: https://trello.com/c/iThnvyyo/29-arp-metal-connect-serial-port-of-a-server-to-console-cust-for-easy-console-access
[17:58] <mercutio> the sol is enabled for bios
[17:58] <mercutio> but the keyboard stopped working again
[17:58] <up_the_irons> sorressean: ^ vote if that is something you'd like to see ;)
[17:59] <up_the_irons> mercutio: maybe your VPN is going in/out ? (Happens when you're connected from a different computer)
[17:59] <sorressean> up_the_irons:  will do. that would be useful.
[17:59] <mercutio> the time is updating
[17:59] <mercutio> and that's working continuously
[17:59] <up_the_irons> ah OK
[18:00] <up_the_irons> mercutio: there's an option in the web UI to reset video/keyboard.  That usually "un-sticks" it.
[18:00] <sorressean> up_the_irons:  I didn't get a support response (there's usually automated isn't there)? my school can never manage to get email right, so it could be something else.
[18:00] <mercutio> the macro ctrl-alt-delete worked though
[18:00] <mercutio> i'm not sure what's with it
[18:01] <mercutio> i can press del to get into bios
[18:01] <mercutio> then can't move in bios
[18:01] <up_the_irons> sorressean: I haven't received anything yet
[18:02] <up_the_irons> mercutio: does the virtual keyboard work?  I wonder if arrow keys are somehow not mapping right
[18:02] <mercutio> yaeh just trying that
[18:02] <mercutio> escape should still work to exit though?
[18:02] <up_the_irons> yes
[18:02] <mercutio> i've tried many keys
[18:02] <mercutio> it's most bizzare
[18:06] <sorressean> resent in case that matters.
[18:07] <sorressean> I hope it does because my other email addresses are tied up on the down box
[18:09] <up_the_irons> sorressean: nothing yet.  you could just copy & paste the CSR into a private gist
[18:11] <sorressean> up_the_irons:  doing that now
[18:17] <mercutio> it seems it's not easy to change serial port
[18:17] <mercutio> it may be possible to run manual getty once booted
[18:18] <sorressean> mercutio:  if it's a lot of trouble I don't mind recompiling once I get things up and running.
[18:18] <sorressean> oh I didn't think about doing getty
[18:18] <mercutio> yeah that was mostly about getting you up and running :)
[18:18] <mercutio> getty -h runs a getty locally :)
[18:19] <up_the_irons> mercutio: there's also "/usr/libexec/getty std.9600 ttyu0"
[18:19] <up_the_irons> mercutio: that's how you put it on the serial port
[18:19] <mercutio> ok cool
[18:19] <up_the_irons> might need to change speed and/or port (u0, u1, ...)
[18:20] <mercutio> yeah it's u2 i think
[18:20] <up_the_irons> OK
[18:21] <mercutio> hmm that's not working
[18:21] <up_the_irons> is it in single-user mode still?
[18:21] <mercutio> yeh
[18:22] <mercutio> but a getty should still work
[18:22] <mercutio> could just fsck it manually
[18:23] <up_the_irons> thought gettys didn't work in single user mode...
[18:23] <mercutio> that's why i'm starting it manually
[18:23] <sorressean> mercutio:  if you don't mind doing that, I'm cool with whatever works.
[18:23] <up_the_irons> mercutio: sorressean has a new VPN cert.  You could let him have serial control now.
[18:23] <mercutio> serial's not showing anything once it loads freebsd is the issue
[18:24] <mercutio> it shows the freebsd loader...
[18:24] <up_the_irons> aah ok
[18:24] <mercutio> that's why was trying to get a getty
[18:24] <up_the_irons> so you're still doing it over Java
[18:24] <mercutio> yeah
[18:24] <up_the_irons> OK
[18:24] <mercutio> well both are open
[18:24] <up_the_irons> roger that
[18:25] <mercutio> uhh
[18:25] <mercutio> i think i got it but i have black on black text? :)
[18:26] <mercutio> yeah restart ipmitool and it's there
[18:26] <mercutio> ok i have /usr/libexec/getty std.115200 cuau2 &
[18:26] <mercutio> but it needs l/p, so sorressean can test it out
[18:27] <mercutio> so serial is all yours sorressean.  do you know how to use ipmitool?
[18:27] <BryceBot> That's what she said!!
[18:27] <sorressean> mercutio:  was just reading manpage/getting everything going.
[18:28] <mercutio> ipmitool -I lanplus -H <ip> -U <username> -P <password> sol activate
[18:28] <sorressean> Oh. sweet, thanks
[18:28] <mercutio> while vpn is connected.
[18:29] <mercutio> brb
[18:29] <sorressean> got it. thanks a lot, really appreciate it. getting everything set up and I'll connect. does that persist over a reboot?
[18:29] <up_the_irons> i just connected, got a getty!
[18:30] <sorressean> sweet. thanks!
[18:31] <sorressean> I screwed up and overwrote the CA. Is that publically available?
[18:32] <mercutio> it won't persist over reboot with the manual getty
[18:32] <up_the_irons> sorressean: you mean ARP_Networks_Server_CA.crt ?
[18:33] <mercutio> oh wow
[18:33] <mercutio> i think i found a better solution
[18:33] <sorressean> up_the_irons:  yeah.
[18:33] <mercutio> apparently you can set the comconsole port now
[18:33] <mercutio> but the freebsd thing i was reading didn't mention that
[18:33] <up_the_irons> o'rly?
[18:34] <mercutio> http://serverfault.com/questions/574351/serial-over-lan-on-freebsd-10-0-with-supermicro-x9-scm-f
[18:34] <up_the_irons> touche
[18:34] <up_the_irons> sorressean: I added it to your gist
[18:34] <sorressean> up_the_irons:  heh, thanks. appreciate it
[18:35] <up_the_irons> mercutio: oh damn, there's "comconsole_port"
[18:35] <mercutio> Despite what the FreeBSD handbook seems to say, you should not need to compile a custom kernel.
[18:35] <mercutio> yeah
[18:35] <up_the_irons> mercutio: that's a great answer that guy gave
[18:35] <up_the_irons> great find!!
[18:35] <mercutio> i'm too used to openbsd's docs that actually are authorative
[18:36] <up_the_irons> haha yeah
[18:36] <sorressean> mercutio:  that's bad ass, thanks
[18:36] <sorressean> also openbsd is to cool for me.
[18:38] <up_the_irons> openbsd has the best serial port support on the planet
[18:41] <mercutio> are you set sorressean ?
[18:42] <sorressean> mercutio:  I believe so, yes. thanks again, I really appreciate the help... and I owe you a beer if you ever end up in boston. :p
[18:43] <up_the_irons> mercutio: thanks!!
[18:45] <sorressean> up_the_irons:  is there a separate openvpn password from that of key?
[18:45] <up_the_irons> sorressean: no
[18:49] <sorressean> that's odd. I can use openssl openssl rsa -in mycert-arpnetworks.key  -check and decrypt the key fine, but can not authenticate to vpn.
[18:57] <up_the_irons> sorressean: let me check
[18:58] <up_the_irons> sorressean: try again, I think it was an issue with the CN (was different than your last cert)
[19:05] <sorressean> up_the_irons:  trying again. sorry, smoke alarms started going off.
[19:05] <sorressean> had to afk a sec. haha
[19:06] <up_the_irons> I'm going to be relocating soon myself; driving home
[19:06] <sorressean> up_the_irons:  sorry for the confusion, we're good to go.
[19:06] <sorressean> thanks again for the help!
[19:07] <up_the_irons> sorressean: OK so all good?
[19:07] <sorressean> up_the_irons:  yeah. good to go.
[19:07] <up_the_irons> ok great!
[19:07] <sorressean> thanks!
[19:29] <sorressean> mercutio:  I have ipmitool -I lanplus -H ... -P ... -U ... sol (I can't scroll far enough to see your command). Is that what you were using?
[19:29] <sorressean> I'm used to my server having irclogs and it saves me from scrollback
[19:30] <mercutio> activate at the end
[19:31] <sorressean> oh gotcha. thanks
[19:49] <mercutio> did you get in ok sorressean ?
[19:58] <JC_Denton> didn't realize arp had a trello
[19:58] <JC_Denton> i like the block storage idea
[19:58] <mercutio> it's recent
[21:06] <sorressean> mercutio:  sorry, was afw figuring stuff out. yeah, got everything booted back up. I thinki my drive is going bad.
[21:06] <mercutio> smartctl it
[21:07] <sorressean> yeah. that's my second goal
[21:08] <sorressean> there was a clean boot, so nothing to make fs break but fsck had a really hard time recovering
[21:08] <mercutio> freebsd's ufs isn't actually very good for data integrity
[21:09] <sorressean> been thinking of switching email to googl eapps though so I don't have to manage it, so a rebuild would be pretty quick and easy
[21:09] <mercutio> i reckon zfs is better
[21:09] <sorressean> mercutio:  journaling was enabled
[21:09] <sorressean> Yeah. it probably is
[21:10] <mercutio> i went off freebsd originally due to data corruption :)
[21:10] <mercutio> it's how i ended up with openbsd
[21:10] <mercutio> 'cos when i was new apparently freebsd was better for desktops
[21:10] <sorressean> I've been considering openbsd, but I love jails and the reinventing the wheel for funzies doesn't seem all that great to me.
[21:10] <sorressean> opensmtpd openhttpd for example
[21:10] <mercutio> yeah jails is kind of nifty feature to have
[21:11] <mercutio> i dunno i always used postfix with openbsd :)
[21:11] <mercutio> i'm not even sure what freebsd uses by default
[21:11] <sorressean> sendmail :(
[21:12] <sorressean> postfix isn't hard to set up, but tuning it for spam is really really hard.
[21:12] <mercutio> it is?
[21:12] <BryceBot> That's what she said!!
[21:12] <sorressean> I've got clamav plus spamassassin plus postfix and ack.
[21:12] <mercutio> you can kill a lot with spamhaus rbl
[21:12] <sorressean> I don't know, never really managed to find the happy medium to block out all the phishing emails and allow good stuff.
[21:12] <sorressean> yeah, that gets blocked at the edge.
[21:12] <mercutio> my e-mail /was/ pretty good
[21:12] <mercutio> recently it's been getting wors e:)
[21:13] <mercutio> very low false positive though
[21:13] <mercutio> which is what's important to me :)
[21:13] <mercutio> i had a spam somewhere, now i can't find it.  maybe it is pretty good :)
[21:13] <sorressean> yeah that's what I want.
[21:14] <sorressean> I see spikes. sometimes I don't get anything, then I'll get five "we noticed a transaction to a spammer" from paypal phishing
[21:14] <mercutio> yeah i got some bank spam once
[21:14] <mercutio> damn i can't find it
[21:15] <mercutio> i'm using amavis btw
[21:15] <mercutio> with spamassassin
[21:15] <mercutio> and pyzor
[21:16] <mercutio> pyzor, razor, dkim, domainkeys, argh
[21:16] <mercutio> ok maybe it is a bit complicated :)
[21:17] <mercutio> i also have -all on my spf
[21:17] <mercutio> which means people can't pretend to be my domain
[21:19] <sorressean> lol yeah. it's just hard to get right.
[21:25] <mercutio> it's been incremental for me
[21:25] <mercutio> i've hosted my own mail for like 17 years
[21:35] <sorressean> I'd love to say the same, but I didn't start mail when I was 8.
[21:35] <sorressean> Also I feel like mail has been incremental over the alst 17 years. you get something right, some asshole abuses it, add another layer. now it's just like dam there's 95 layers you need.
[21:40] <fIorz> it's not really that bad, is it?
[21:40] <fIorz> you kinda need a spam filter, and maybe add SPF records
[21:42] <sorressean> I don't know. I get lots of email from princes who are going to die from cancer of the left eyeball who have 55 million dollars they would love to send to me
[21:42] <sorressean> not bad, just takes tuning is my only point.
[21:42] <fIorz> I dunno, just throw spamassassin at it and train it?
[21:46] <fIorz> I never tuned anything, just set spamassassin to learn everything it considers ham as ham, and then train it on every spam that gets through (to make it unlearn the wrong information, and learn the correct information instead)
[21:46] <fIorz> it's not perfect, but good enough for me, very low false positive rate, and not much work to set up
[21:51] <fIorz> (and for spam from companies that I'm a customer of (which might be difficult to filter with a spam filter), I simply give everyone an individual random localpart, so if some webshop starts spamming, I simply disable the address)
[21:57] <up_the_irons> JC_Denton: the Trello board is pretty new; you're encouraged to vote on features you like
[21:57] <JC_Denton> will do
[21:59] <up_the_irons> cool :)
[22:05] <sorressean> hrm. looks like I might need to do a total reinstall
[22:05] <sorressean> it's ufs fault, the drives look fine. well, drive.
[22:07] <sorressean> up_the_irons:  is freebsd 10.3 in the library in ipmi? going to reinstall tomorrow I think. to bad openbsd doesn't have jails, this would be enough.
[22:48] <mercutio> freebsd 10.3 release for amd64 and i386 are both there
[22:48] <mercutio> what's happened to the dat sorressean ?
[23:21] *** ben1 has joined #arpnetworks
[23:21] *** ChanServ sets mode: +o ben1
[23:22] *** mercutio has quit IRC (Read error: Connection reset by peer)