great success by doing nothing. :) good thing I finally had my private key great success by doing nothing? you should write a book. I guess reading that book would imply doing something to achieve great success, so... heh up_the_irons: you around by chance? indeed wow. does anyone actually have a "monumental"? sorressean: mercutio : is it at the login prompt? sorressean: mercutio | but the gist is it's in single user mode and sorressean: mercutio | and has some directory number not found then "Unknown error: help!" sorressean: people do have Monumental's ouch. okay. hmm that could be bad /etc/fstab Is there any way to get an IPMI console in text or something or am I stuck with vnc? nope fstab looks fine sorressean: have you configured your OS to output to the serial port? I have not. umm yeah there is a way, but it involves changing some stuff in the freebsd loader iirc b/c then you could get a text-based console with ipmitool it looks like it's pretty simple up_the_irons: I'll send a csr from littlefieldt@wit.edu, I can bribe more eyeballs with beer if you wouldn't mind signing and I can IPMI in with his help. Yeah probably isn't hard, I just have no way of doing that/seeing the error currently. yeah i mean to enable it sorressean: I'll sign the CSR as soon as I get it as long as ipmi is on com1 I think it's simply: echo 'console="comconsole"' >> /boot/loader.conf yeah, if it's on com1 oh that would be easy. mercutio: yeah i think it's on com2 wtf using a port other than com2 requires recompiling up_the_irons: sent i suspect that in bios can disable hardware com1 or set it to com2, then have ipmi set to com1 up_the_irons: mercutio : thanks a lot for the help, really appreciate it. was hoping it was something simple. up_the_irons: also your arpnetworks.com is incredibly hard to read with a screen reader. not that it matters, but I like to point people at arpnetworks when I get the chance. :p mercutio: probably going to be a weekend project to figure that out, or at least a couple hours. mercutio: Yeah in the BIOS i think you can set the port number for virtual serial sorressean: Sorry it's hard to read, I never knew that shall i reboot and go into bios and try to setup serial port up_the_irons: I didn't think you did, I can send a list of stuff that might help this weekend if that helps. I didn't need anything from it, I was just looking at it and seen it had changed. mercutio: if you wouldn't mind I'd appreciate it. then I only need to echo that line into loader.conf sorressean: yeah that'd be great for some erason my java froze now the reason is java hahaha mercutio: I actually connected to serial with ipmitool, maybe that did something. I've quit now. who knows it's still not working for input but i see ltters that werne't there before oh si saw a space just now i wonder if i go in with ipmitool sol it'll let me type I didn't get any output with ipmitool did you type anything into it? yeah probalby "lkajdsf" it's changed again wtf i se aasdas might have been me, but i've disconnected yeah and i hadn't typed anything i was trying to do the serial and it changed :) woot it's working again i'm not going to guess what's causing that ;) I just created: https://trello.com/c/iThnvyyo/29-arp-metal-connect-serial-port-of-a-server-to-console-cust-for-easy-console-access the sol is enabled for bios but the keyboard stopped working again sorressean: ^ vote if that is something you'd like to see ;) mercutio: maybe your VPN is going in/out ? (Happens when you're connected from a different computer) up_the_irons: will do. that would be useful. the time is updating and that's working continuously ah OK mercutio: there's an option in the web UI to reset video/keyboard. That usually "un-sticks" it. up_the_irons: I didn't get a support response (there's usually automated isn't there)? my school can never manage to get email right, so it could be something else. the macro ctrl-alt-delete worked though i'm not sure what's with it i can press del to get into bios then can't move in bios sorressean: I haven't received anything yet mercutio: does the virtual keyboard work? I wonder if arrow keys are somehow not mapping right yaeh just trying that escape should still work to exit though? yes i've tried many keys it's most bizzare resent in case that matters. I hope it does because my other email addresses are tied up on the down box sorressean: nothing yet. you could just copy & paste the CSR into a private gist up_the_irons: doing that now it seems it's not easy to change serial port it may be possible to run manual getty once booted mercutio: if it's a lot of trouble I don't mind recompiling once I get things up and running. oh I didn't think about doing getty yeah that was mostly about getting you up and running :) getty -h runs a getty locally :) mercutio: there's also "/usr/libexec/getty std.9600 ttyu0" mercutio: that's how you put it on the serial port ok cool might need to change speed and/or port (u0, u1, ...) yeah it's u2 i think OK hmm that's not working is it in single-user mode still? yeh but a getty should still work could just fsck it manually thought gettys didn't work in single user mode... that's why i'm starting it manually mercutio: if you don't mind doing that, I'm cool with whatever works. mercutio: sorressean has a new VPN cert. You could let him have serial control now. serial's not showing anything once it loads freebsd is the issue it shows the freebsd loader... aah ok that's why was trying to get a getty so you're still doing it over Java yeah OK well both are open roger that uhh i think i got it but i have black on black text? :) yeah restart ipmitool and it's there ok i have /usr/libexec/getty std.115200 cuau2 & but it needs l/p, so sorressean can test it out so serial is all yours sorressean. do you know how to use ipmitool? That's what she said!! mercutio: was just reading manpage/getting everything going. ipmitool -I lanplus -H -U -P sol activate Oh. sweet, thanks while vpn is connected. brb got it. thanks a lot, really appreciate it. getting everything set up and I'll connect. does that persist over a reboot? i just connected, got a getty! sweet. thanks! I screwed up and overwrote the CA. Is that publically available? it won't persist over reboot with the manual getty sorressean: you mean ARP_Networks_Server_CA.crt ? oh wow i think i found a better solution up_the_irons: yeah. apparently you can set the comconsole port now but the freebsd thing i was reading didn't mention that o'rly? http://serverfault.com/questions/574351/serial-over-lan-on-freebsd-10-0-with-supermicro-x9-scm-f touche sorressean: I added it to your gist up_the_irons: heh, thanks. appreciate it mercutio: oh damn, there's "comconsole_port" Despite what the FreeBSD handbook seems to say, you should not need to compile a custom kernel. yeah mercutio: that's a great answer that guy gave great find!! i'm too used to openbsd's docs that actually are authorative haha yeah mercutio: that's bad ass, thanks also openbsd is to cool for me. openbsd has the best serial port support on the planet are you set sorressean ? mercutio: I believe so, yes. thanks again, I really appreciate the help... and I owe you a beer if you ever end up in boston. :p mercutio: thanks!! up_the_irons: is there a separate openvpn password from that of key? sorressean: no that's odd. I can use openssl openssl rsa -in mycert-arpnetworks.key -check and decrypt the key fine, but can not authenticate to vpn. sorressean: let me check sorressean: try again, I think it was an issue with the CN (was different than your last cert) up_the_irons: trying again. sorry, smoke alarms started going off. had to afk a sec. haha I'm going to be relocating soon myself; driving home up_the_irons: sorry for the confusion, we're good to go. thanks again for the help! sorressean: OK so all good? up_the_irons: yeah. good to go. ok great! thanks! mercutio: I have ipmitool -I lanplus -H ... -P ... -U ... sol (I can't scroll far enough to see your command). Is that what you were using? I'm used to my server having irclogs and it saves me from scrollback activate at the end oh gotcha. thanks did you get in ok sorressean ? didn't realize arp had a trello i like the block storage idea it's recent mercutio: sorry, was afw figuring stuff out. yeah, got everything booted back up. I thinki my drive is going bad. smartctl it yeah. that's my second goal there was a clean boot, so nothing to make fs break but fsck had a really hard time recovering freebsd's ufs isn't actually very good for data integrity been thinking of switching email to googl eapps though so I don't have to manage it, so a rebuild would be pretty quick and easy i reckon zfs is better mercutio: journaling was enabled Yeah. it probably is i went off freebsd originally due to data corruption :) it's how i ended up with openbsd 'cos when i was new apparently freebsd was better for desktops I've been considering openbsd, but I love jails and the reinventing the wheel for funzies doesn't seem all that great to me. opensmtpd openhttpd for example yeah jails is kind of nifty feature to have i dunno i always used postfix with openbsd :) i'm not even sure what freebsd uses by default sendmail :( postfix isn't hard to set up, but tuning it for spam is really really hard. it is? That's what she said!! I've got clamav plus spamassassin plus postfix and ack. you can kill a lot with spamhaus rbl I don't know, never really managed to find the happy medium to block out all the phishing emails and allow good stuff. yeah, that gets blocked at the edge. my e-mail /was/ pretty good recently it's been getting wors e:) very low false positive though which is what's important to me :) i had a spam somewhere, now i can't find it. maybe it is pretty good :) yeah that's what I want. I see spikes. sometimes I don't get anything, then I'll get five "we noticed a transaction to a spammer" from paypal phishing yeah i got some bank spam once damn i can't find it i'm using amavis btw with spamassassin and pyzor pyzor, razor, dkim, domainkeys, argh ok maybe it is a bit complicated :) i also have -all on my spf which means people can't pretend to be my domain lol yeah. it's just hard to get right. it's been incremental for me i've hosted my own mail for like 17 years I'd love to say the same, but I didn't start mail when I was 8. Also I feel like mail has been incremental over the alst 17 years. you get something right, some asshole abuses it, add another layer. now it's just like dam there's 95 layers you need. it's not really that bad, is it? you kinda need a spam filter, and maybe add SPF records I don't know. I get lots of email from princes who are going to die from cancer of the left eyeball who have 55 million dollars they would love to send to me not bad, just takes tuning is my only point. I dunno, just throw spamassassin at it and train it? I never tuned anything, just set spamassassin to learn everything it considers ham as ham, and then train it on every spam that gets through (to make it unlearn the wrong information, and learn the correct information instead) it's not perfect, but good enough for me, very low false positive rate, and not much work to set up (and for spam from companies that I'm a customer of (which might be difficult to filter with a spam filter), I simply give everyone an individual random localpart, so if some webshop starts spamming, I simply disable the address) JC_Denton: the Trello board is pretty new; you're encouraged to vote on features you like will do cool :) hrm. looks like I might need to do a total reinstall it's ufs fault, the drives look fine. well, drive. up_the_irons: is freebsd 10.3 in the library in ipmi? going to reinstall tomorrow I think. to bad openbsd doesn't have jails, this would be enough. freebsd 10.3 release for amd64 and i386 are both there what's happened to the dat sorressean ?