#arpnetworks 2016-08-31,Wed

↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)

WhoWhatWhen
***dj_goku has joined #arpnetworks
dj_goku has quit IRC (Changing host)
dj_goku has joined #arpnetworks
[06:09]
........ (idle for 39mn)
mkb has quit IRC (Quit: leaving)
mkb_ has joined #arpnetworks
mkb_ is now known as mkb
[06:48]
.......................... (idle for 2h6mn)
RandalSchwartzgreat success by doing nothing. :)
good thing I finally had my private key
[08:55]
...... (idle for 29mn)
sorresseangreat success by doing nothing? you should write a book. [09:24]
I guess reading that book would imply doing something to achieve great success, so... [09:30]
RandalSchwartzheh [09:40]
.............................................................................. (idle for 6h28mn)
***sorressean has quit IRC (Remote host closed the connection) [16:08]
............ (idle for 56mn)
sorressean has joined #arpnetworks [17:04]
sorresseanup_the_irons: you around by chance? [17:04]
up_the_ironsindeed [17:05]
sorresseanwow. does anyone actually have a "monumental"? [17:19]
..... (idle for 21mn)
up_the_ironssorressean: mercutio : is it at the login prompt?
sorressean: mercutio | but the gist is it's in single user mode
and
sorressean: mercutio | and has some directory number not found
[17:40]
mercutiothen "Unknown error: help!" [17:41]
up_the_ironssorressean: people do have Monumental's [17:41]
sorresseanouch. okay. [17:41]
mercutiohmm that could be bad /etc/fstab [17:41]
sorresseanIs there any way to get an IPMI console in text or something or am I stuck with vnc? [17:42]
mercutionope fstab looks fine [17:42]
up_the_ironssorressean: have you configured your OS to output to the serial port? [17:42]
sorresseanI have not. [17:42]
mercutioumm yeah there is a way, but it involves changing some stuff in the freebsd loader iirc [17:42]
up_the_ironsb/c then you could get a text-based console with ipmitool [17:42]
mercutioit looks like it's pretty simple [17:43]
sorresseanup_the_irons: I'll send a csr from littlefieldt@wit.edu, I can bribe more eyeballs with beer if you wouldn't mind signing and I can IPMI in with his help.
Yeah probably isn't hard, I just have no way of doing that/seeing the error currently.
[17:43]
mercutioyeah i mean to enable it [17:44]
up_the_ironssorressean: I'll sign the CSR as soon as I get it [17:44]
mercutioas long as ipmi is on com1 [17:44]
up_the_ironsI think it's simply: echo 'console="comconsole"' >> /boot/loader.conf [17:45]
mercutioyeah, if it's on com1 [17:45]
sorresseanoh that would be easy. [17:45]
up_the_ironsmercutio: yeah [17:45]
mercutioi think it's on com2
wtf
using a port other than com2 requires recompiling
[17:45]
sorresseanup_the_irons: sent [17:47]
mercutioi suspect that in bios can disable hardware com1
or set it to com2, then have ipmi set to com1
[17:47]
sorresseanup_the_irons: mercutio : thanks a lot for the help, really appreciate it. was hoping it was something simple.
up_the_irons: also your arpnetworks.com is incredibly hard to read with a screen reader.
not that it matters, but I like to point people at arpnetworks when I get the chance. :p
mercutio: probably going to be a weekend project to figure that out, or at least a couple hours.
[17:47]
up_the_ironsmercutio: Yeah in the BIOS i think you can set the port number for virtual serial
sorressean: Sorry it's hard to read, I never knew that
[17:49]
mercutioshall i reboot and go into bios and try to setup serial port [17:49]
sorresseanup_the_irons: I didn't think you did, I can send a list of stuff that might help this weekend if that helps. I didn't need anything from it, I was just looking at it and seen it had changed.
mercutio: if you wouldn't mind I'd appreciate it. then I only need to echo that line into loader.conf
[17:50]
up_the_ironssorressean: yeah that'd be great [17:50]
mercutiofor some erason my java froze now [17:50]
sorresseanthe reason is java [17:50]
up_the_ironshahaha
mercutio: I actually connected to serial with ipmitool, maybe that did something. I've quit now.
[17:51]
mercutiowho knows
it's still not working for input
but i see ltters that werne't there before
oh si saw a space just now
i wonder if i go in with ipmitool sol it'll let me type
[17:51]
up_the_ironsI didn't get any output with ipmitool [17:52]
mercutiodid you type anything into it? [17:53]
up_the_ironsyeah probalby "lkajdsf" [17:53]
mercutioit's changed again wtf
i se aasdas
[17:53]
up_the_ironsmight have been me, but i've disconnected [17:53]
mercutioyeah and i hadn't typed anything i was trying to do the serial
and it changed :)
woot it's working again
[17:54]
up_the_ironsi'm not going to guess what's causing that
;)
I just created: https://trello.com/c/iThnvyyo/29-arp-metal-connect-serial-port-of-a-server-to-console-cust-for-easy-console-access
[17:54]
mercutiothe sol is enabled for bios
but the keyboard stopped working again
[17:58]
up_the_ironssorressean: ^ vote if that is something you'd like to see ;)
mercutio: maybe your VPN is going in/out ? (Happens when you're connected from a different computer)
[17:58]
sorresseanup_the_irons: will do. that would be useful. [17:59]
mercutiothe time is updating
and that's working continuously
[17:59]
up_the_ironsah OK
mercutio: there's an option in the web UI to reset video/keyboard. That usually "un-sticks" it.
[17:59]
sorresseanup_the_irons: I didn't get a support response (there's usually automated isn't there)? my school can never manage to get email right, so it could be something else. [18:00]
mercutiothe macro ctrl-alt-delete worked though
i'm not sure what's with it
i can press del to get into bios
then can't move in bios
[18:00]
up_the_ironssorressean: I haven't received anything yet
mercutio: does the virtual keyboard work? I wonder if arrow keys are somehow not mapping right
[18:01]
mercutioyaeh just trying that
escape should still work to exit though?
[18:02]
up_the_ironsyes [18:02]
mercutioi've tried many keys
it's most bizzare
[18:02]
sorresseanresent in case that matters.
I hope it does because my other email addresses are tied up on the down box
[18:06]
up_the_ironssorressean: nothing yet. you could just copy & paste the CSR into a private gist [18:09]
sorresseanup_the_irons: doing that now [18:11]
mercutioit seems it's not easy to change serial port
it may be possible to run manual getty once booted
[18:17]
sorresseanmercutio: if it's a lot of trouble I don't mind recompiling once I get things up and running.
oh I didn't think about doing getty
[18:18]
mercutioyeah that was mostly about getting you up and running :)
getty -h runs a getty locally :)
[18:18]
up_the_ironsmercutio: there's also "/usr/libexec/getty std.9600 ttyu0"
mercutio: that's how you put it on the serial port
[18:19]
mercutiook cool [18:19]
up_the_ironsmight need to change speed and/or port (u0, u1, ...) [18:19]
mercutioyeah it's u2 i think [18:20]
up_the_ironsOK [18:20]
mercutiohmm that's not working [18:21]
up_the_ironsis it in single-user mode still? [18:21]
mercutioyeh
but a getty should still work
could just fsck it manually
[18:21]
up_the_ironsthought gettys didn't work in single user mode... [18:23]
mercutiothat's why i'm starting it manually [18:23]
sorresseanmercutio: if you don't mind doing that, I'm cool with whatever works. [18:23]
up_the_ironsmercutio: sorressean has a new VPN cert. You could let him have serial control now. [18:23]
mercutioserial's not showing anything once it loads freebsd is the issue
it shows the freebsd loader...
[18:23]
up_the_ironsaah ok [18:24]
mercutiothat's why was trying to get a getty [18:24]
up_the_ironsso you're still doing it over Java [18:24]
mercutioyeah [18:24]
up_the_ironsOK [18:24]
mercutiowell both are open [18:24]
up_the_ironsroger that [18:24]
mercutiouhh
i think i got it but i have black on black text? :)
yeah restart ipmitool and it's there
ok i have /usr/libexec/getty std.115200 cuau2 &
but it needs l/p, so sorressean can test it out
so serial is all yours sorressean. do you know how to use ipmitool?
[18:25]
BryceBotThat's what she said!! [18:27]
sorresseanmercutio: was just reading manpage/getting everything going. [18:27]
mercutioipmitool -I lanplus -H <ip> -U <username> -P <password> sol activate [18:28]
sorresseanOh. sweet, thanks [18:28]
mercutiowhile vpn is connected.
brb
[18:28]
sorresseangot it. thanks a lot, really appreciate it. getting everything set up and I'll connect. does that persist over a reboot? [18:29]
up_the_ironsi just connected, got a getty! [18:29]
sorresseansweet. thanks!
I screwed up and overwrote the CA. Is that publically available?
[18:30]
mercutioit won't persist over reboot with the manual getty [18:32]
up_the_ironssorressean: you mean ARP_Networks_Server_CA.crt ? [18:32]
mercutiooh wow
i think i found a better solution
[18:33]
sorresseanup_the_irons: yeah. [18:33]
mercutioapparently you can set the comconsole port now
but the freebsd thing i was reading didn't mention that
[18:33]
up_the_ironso'rly? [18:33]
mercutiohttp://serverfault.com/questions/574351/serial-over-lan-on-freebsd-10-0-with-supermicro-x9-scm-f [18:34]
up_the_ironstouche
sorressean: I added it to your gist
[18:34]
sorresseanup_the_irons: heh, thanks. appreciate it [18:34]
up_the_ironsmercutio: oh damn, there's "comconsole_port" [18:35]
mercutioDespite what the FreeBSD handbook seems to say, you should not need to compile a custom kernel.
yeah
[18:35]
up_the_ironsmercutio: that's a great answer that guy gave
great find!!
[18:35]
mercutioi'm too used to openbsd's docs that actually are authorative [18:35]
up_the_ironshaha yeah [18:36]
sorresseanmercutio: that's bad ass, thanks
also openbsd is to cool for me.
[18:36]
up_the_ironsopenbsd has the best serial port support on the planet [18:38]
mercutioare you set sorressean ? [18:41]
sorresseanmercutio: I believe so, yes. thanks again, I really appreciate the help... and I owe you a beer if you ever end up in boston. :p [18:42]
up_the_ironsmercutio: thanks!! [18:43]
sorresseanup_the_irons: is there a separate openvpn password from that of key? [18:45]
up_the_ironssorressean: no [18:45]
sorresseanthat's odd. I can use openssl openssl rsa -in mycert-arpnetworks.key -check and decrypt the key fine, but can not authenticate to vpn. [18:49]
up_the_ironssorressean: let me check
sorressean: try again, I think it was an issue with the CN (was different than your last cert)
[18:57]
sorresseanup_the_irons: trying again. sorry, smoke alarms started going off.
had to afk a sec. haha
[19:05]
up_the_ironsI'm going to be relocating soon myself; driving home [19:06]
sorresseanup_the_irons: sorry for the confusion, we're good to go.
thanks again for the help!
[19:06]
up_the_ironssorressean: OK so all good? [19:07]
sorresseanup_the_irons: yeah. good to go. [19:07]
up_the_ironsok great! [19:07]
sorresseanthanks! [19:07]
..... (idle for 22mn)
mercutio: I have ipmitool -I lanplus -H ... -P ... -U ... sol (I can't scroll far enough to see your command). Is that what you were using?
I'm used to my server having irclogs and it saves me from scrollback
[19:29]
mercutioactivate at the end [19:30]
sorresseanoh gotcha. thanks [19:31]
.... (idle for 18mn)
mercutiodid you get in ok sorressean ? [19:49]
JC_Dentondidn't realize arp had a trello
i like the block storage idea
[19:58]
mercutioit's recent [19:58]
.............. (idle for 1h8mn)
sorresseanmercutio: sorry, was afw figuring stuff out. yeah, got everything booted back up. I thinki my drive is going bad. [21:06]
mercutiosmartctl it [21:06]
sorresseanyeah. that's my second goal
there was a clean boot, so nothing to make fs break but fsck had a really hard time recovering
[21:07]
mercutiofreebsd's ufs isn't actually very good for data integrity [21:08]
sorresseanbeen thinking of switching email to googl eapps though so I don't have to manage it, so a rebuild would be pretty quick and easy [21:09]
mercutioi reckon zfs is better [21:09]
sorresseanmercutio: journaling was enabled
Yeah. it probably is
[21:09]
mercutioi went off freebsd originally due to data corruption :)
it's how i ended up with openbsd
'cos when i was new apparently freebsd was better for desktops
[21:10]
sorresseanI've been considering openbsd, but I love jails and the reinventing the wheel for funzies doesn't seem all that great to me.
opensmtpd openhttpd for example
[21:10]
mercutioyeah jails is kind of nifty feature to have
i dunno i always used postfix with openbsd :)
i'm not even sure what freebsd uses by default
[21:10]
sorresseansendmail :(
postfix isn't hard to set up, but tuning it for spam is really really hard.
[21:11]
mercutioit is? [21:12]
BryceBotThat's what she said!! [21:12]
sorresseanI've got clamav plus spamassassin plus postfix and ack. [21:12]
mercutioyou can kill a lot with spamhaus rbl [21:12]
sorresseanI don't know, never really managed to find the happy medium to block out all the phishing emails and allow good stuff.
yeah, that gets blocked at the edge.
[21:12]
mercutiomy e-mail /was/ pretty good
recently it's been getting wors e:)
very low false positive though
which is what's important to me :)
i had a spam somewhere, now i can't find it. maybe it is pretty good :)
[21:12]
sorresseanyeah that's what I want.
I see spikes. sometimes I don't get anything, then I'll get five "we noticed a transaction to a spammer" from paypal phishing
[21:13]
mercutioyeah i got some bank spam once
damn i can't find it
i'm using amavis btw
with spamassassin
and pyzor
pyzor, razor, dkim, domainkeys, argh
ok maybe it is a bit complicated :)
i also have -all on my spf
which means people can't pretend to be my domain
[21:14]
sorresseanlol yeah. it's just hard to get right. [21:19]
mercutioit's been incremental for me
i've hosted my own mail for like 17 years
[21:25]
sorresseanI'd love to say the same, but I didn't start mail when I was 8.
Also I feel like mail has been incremental over the alst 17 years. you get something right, some asshole abuses it, add another layer. now it's just like dam there's 95 layers you need.
[21:35]
fIorzit's not really that bad, is it?
you kinda need a spam filter, and maybe add SPF records
[21:40]
sorresseanI don't know. I get lots of email from princes who are going to die from cancer of the left eyeball who have 55 million dollars they would love to send to me
not bad, just takes tuning is my only point.
[21:42]
fIorzI dunno, just throw spamassassin at it and train it?
I never tuned anything, just set spamassassin to learn everything it considers ham as ham, and then train it on every spam that gets through (to make it unlearn the wrong information, and learn the correct information instead)
it's not perfect, but good enough for me, very low false positive rate, and not much work to set up
[21:42]
(and for spam from companies that I'm a customer of (which might be difficult to filter with a spam filter), I simply give everyone an individual random localpart, so if some webshop starts spamming, I simply disable the address) [21:51]
up_the_ironsJC_Denton: the Trello board is pretty new; you're encouraged to vote on features you like [21:57]
JC_Dentonwill do [21:57]
up_the_ironscool :) [21:59]
sorresseanhrm. looks like I might need to do a total reinstall
it's ufs fault, the drives look fine. well, drive.
up_the_irons: is freebsd 10.3 in the library in ipmi? going to reinstall tomorrow I think. to bad openbsd doesn't have jails, this would be enough.
[22:05]
......... (idle for 41mn)
mercutiofreebsd 10.3 release for amd64 and i386 are both there
what's happened to the dat sorressean ?
[22:48]
....... (idle for 33mn)
***ben1 has joined #arpnetworks
ChanServ sets mode: +o ben1
mercutio has quit IRC (Read error: Connection reset by peer)
[23:21]

↑back Search ←Prev date Next date→ Show only urls(Click on time to select a line by its url)