| lydgate | so i'm using ubuntu server for the first time, i like it a lot... but how different is it from debian? (which i've never set up) | 00:17 |
|---|---|---|
| J-_ | how hard would it be to create an Ubuntu mirror of torrents, and how much bandwidth would it suck up? | 00:17 |
| Burgundavia | lydgate: development focus is a key difference. Ubuntu Server is designed to be easy to setup and administer | 00:18 |
| Burgundavia | J-_: I don't know what you are getting at? | 00:18 |
| Burgundavia | are you talking about mirroring ubuntu isos or illegal content? | 00:18 |
| J-_ | ubuntu isos | 00:18 |
| J-_ | if it's possible | 00:18 |
| lydgate | running any torrent client will do that | 00:18 |
| J-_ | why would I mirror illegal content? | 00:18 |
| lydgate | that's the whole point of torrents | 00:19 |
| lydgate | if you set it up properly you're uploading | 00:19 |
| lydgate | the client will allow you to determine how much bandwidth is used | 00:19 |
| J-_ | cool | 00:19 |
| J-_ | I just have a server that I really have no use for anymore(I hosted a blog) and don't really want to anymore since it's a waste. I can do it elsewhere for free like wordpress, etc.. | 00:20 |
| lydgate | Burgundavia: interesting. i'm coming from slack/arch to it, and i do find it very easy... but a friend who uses all debian servers asks why i would use ubuntu | 00:20 |
| lydgate | J-_: and you have ssh access? or what? | 00:20 |
| J-_ | lydgate: yep | 00:20 |
| Burgundavia | J-_: it is pretty easy, but the question about bandwidth can be answered this way: try it | 00:20 |
| Burgundavia | if you are seeding off the main seeds, you are likely to get a great deal of traffic | 00:21 |
| lydgate | then just get ctorrent (bad) or rtorrent (good) and leave it running | 00:21 |
| Burgundavia | lydgate: a lot of the work ubuntu does builds off what debian does | 00:21 |
| Burgundavia | they do great packaging of individual apps | 00:21 |
| J-_ | kinda blows my mind "illegal content" was ruptured when I asked. | 00:22 |
| Burgundavia | that is a large use of bittorrent | 00:22 |
| Burgundavia | and having never met you, given you just joined the channel, I had to ask | 00:22 |
| J-_ | heh besides it's o4o, and probably against the CoC and also noting the ubotu piracy factoid. | 00:25 |
| lydgate | Burgundavia: yeah, I'm finding the ability to apt-get (almost) everything is what makes it all easy | 00:26 |
| lydgate | in arch or slack you still end up compiling a lot of stuff | 00:26 |
| lydgate | which is fine sometimes | 00:26 |
| lydgate | just depends what you want to do i guess | 00:26 |
| leonel | lydgate: http://www.youtube.com/watch?v=F6L51uZjaZU :) | 00:34 |
| lydgate | hehehe | 00:37 |
| fujin | win | 00:37 |
| fujin | although in our office, we'd more likely be playing Office Cricket. | 00:37 |
| fujin | which involves cricket, and office chairs | 00:38 |
| ScottK | lydgate: IMO the big difference between Ubuntu and Debian on servers is that ubuntu-server is largely a stabilized version of the Debian development branch and so if you need stuff not in the Debian stable release, ubuntu-server's a good place to be. | 00:39 |
| ScottK | OTOH, if Debian Stable covers what you need, then it's not a big deal either way. | 00:39 |
| ajmitch | fujin: sounds like fun | 00:39 |
| ajmitch | our office isn't quite big enough for that | 00:39 |
| lydgate | ScottK: yeah, i like stuff newer than stable typically | 00:40 |
| lydgate | which is i guess why i'm using arch :) | 00:40 |
| lydgate | for my workstation | 00:40 |
| fujin | is Gutsy using exim now by default, instead of postfix? | 00:40 |
| ScottK | fujin: Ubuntu does not include an MTA at all by default. | 00:40 |
| fujin | yes, but when you pull a package that requires an MTA of some sort | 00:40 |
| ScottK | fujin: Postfix is the standard MTA for ubunt-server though. | 00:40 |
| fujin | in feisty it pulled postfix | 00:41 |
| ScottK | It depends on the package you install. | 00:41 |
| fujin | but, upstairs on a gutsy desktop yesterday I tried to install mailx and it went to pull exim4 | 00:41 |
| ScottK | Most such packages have either exim4|mail-transport-agent if they are straight from Debian or postfix|mail-transport-agent if we've touched them. | 00:42 |
| fujin | makes sense :) | 00:42 |
| ScottK | So it's a function of whatever package you choose to install first needing an MTA. | 00:42 |
| ScottK | There has been an attempt by soren to get Debian to invent a default-mta package in Debian so derivatives can pick without a lot of hassle to change dependencies. | 00:43 |
| ScottK | It solves this exact use case. | 00:43 |
| fujin | ah yep | 00:43 |
| fujin | not sure why debian is so exim-happy | 00:43 |
| ScottK | Exim isn't bad. I'm not a huge fan of it for my needs, but it's not like it's qmail or sendmail. | 00:43 |
| fujin | that's true | 00:44 |
| ScottK | Both Debian and Ubuntu balance between exim4 and postfix. | 00:44 |
| ScottK | I think usage in Debian is pretty evenly split among developers | 00:45 |
| ScottK | Here Postfix and Exim4 are both in Main (Sendmail is in Universe). | 00:45 |
| lamont | ScottK: debian policy says that you depend on the standard-pri package, or virtual-package. in debian, taht's exim4, not postfix. | 01:00 |
| lamont | in ubuntu, it's postfix, and several packages are "incorrect" in depending on exim4. | 01:00 |
| lamont | hrm.. that reminds me, I need to review and upload default-mail-transport-agent so we can sync it. | 01:00 |
| * lamont goes to fetch kids | 01:00 | |
| ScottK | lamont: Yes. I know. | 01:11 |
| soren | lamont: Did you ever grab that package I posted a link to? | 01:22 |
| NineTeen67Comet | Hello all .. Is there a good way to watch my server's data via something like Munin? I "tried" Gkrellm but I'm not sure how to get it to display on my client from the server .. Nagios? I see it but I can't figure out how to "use" it .. ideas? | 02:18 |
| NineTeen67Comet | data like CPU temps, Network data, and of course loads... | 02:19 |
| soren | Why are you looking for something like munin instead of just using munin? | 02:20 |
| NineTeen67Comet | soren: Munin works good and I use it. but it doesn't monitor cpu temps . | 02:20 |
| * NineTeen67Comet Munin monitors all my computers via my server. | 02:21 | |
| fujin | I'm certain you can configure munin to use lm_sensors? | 02:27 |
| fujin | yes, indeed | 02:28 |
| fujin | sensors will let you monitor through stuff through lm-sensors | 02:28 |
| NineTeen67Comet | fujin: I'll go check on that .. I have lm_sensors installed already .. | 02:28 |
| NineTeen67Comet | Looks like my mobo/cpu is too old to have built in sensors .. sa-la-vi I guess .. :( | 02:36 |
| NineTeen67Comet | Sounds like I have a good reason to "upgrade" my server .. hehehehehe | 02:38 |
| osmosis | how difficult is it for me to setup some sort of local smtp server so I can send msgs without needing someone elses smtp. | 02:39 |
| fujin | apt-get install postfix | 02:40 |
| fujin | dpkg-reconfigure postfix | 02:40 |
| * NineTeen67Comet e-mail has always kicked my butt, called me a sissy and told me to go play darts with water baloons .. | 02:40 | |
| fujin | the dpkg wizard in postfix will point you in the right direction | 02:41 |
| fujin | 'wizard'? :P | 02:41 |
| osmosis | fujin: cool, so postfix is the way to go ? | 02:41 |
| fujin | well | 02:41 |
| fujin | it's kidn of like a vi vs. nano debate, right? | 02:42 |
| fujin | you could pick postfix, exim, sendmail, qmail | 02:42 |
| fujin | whatever.. | 02:42 |
| fujin | postfix is easy, and the dpkg configuration will get you up-and-running, delivering mail with no hassel at all | 02:42 |
| osmosis | fujin: well...the way i understand it, exim isnt at stable, and qmail has a bad license. | 02:42 |
| osmosis | so postfix must be the way to go. | 02:42 |
| fujin | Postfix is nice. | 02:42 |
| osmosis | fujin: No configuration Internet Site Internet with smarthost Satellite system Local only | 02:44 |
| infinity | In who's world is exim "not stable"? | 02:45 |
| osmosis | I think Internet Site is what I want | 02:45 |
| fujin | osmosis: read what it says! | 02:45 |
| fujin | internet site delivers and receives mail directly (via DNS MX records) | 02:45 |
| fujin | internet site with smarthost receives mail directly, but delivers through another server (relay) | 02:45 |
| fujin | satelllite system doesn't receive mail at all, it only delivers through a relay | 02:46 |
| fujin | and local only is for user->user (i.e.; cron) mail | 02:46 |
| osmosis | fujin: cool | 02:52 |
| _ruben | and qmail got stripped of its bad license as well .. at last | 03:15 |
| fujin | shame it's terrible anyway. | 03:19 |
| antdedyet | == fujin ... | 03:19 |
| J_5 | anyone have any idea why mysql wouldn't install /etc/mysql/my.cnf or /etc/mysql/debian-start/ when I use apt-get install? | 03:22 |
| fujin | mysql is a metapacakge I think? | 03:24 |
| fujin | you want mysql-server-5 or similar | 03:25 |
| J_5 | so, apt-get install mysql-server-5 ? | 03:26 |
| _ruben | fujin: once you set a ton of patches loose on it, it's actually not so bad imo | 03:34 |
| fujin | J_5: something liek that | 03:34 |
| fujin | _ruben: vs. no-patches Postfix? :) | 03:34 |
| _ruben | fujin: i wasnt saying its perfect ;) .. but i also must admit i havent given postfix the ammount of attention it might deserve .. we've been using qmail for ages, and that's im used to work with now | 03:37 |
| fujin | as is the way with most engineers/admins :) | 03:37 |
| _ruben | guess so yeah :) | 03:38 |
| _ruben | and this admin is sitting at home .. at 4:38am .. waiting for a customer to give a green light to complete their migration between 2 enviroments .. *sigh* :P | 03:39 |
| fujin | agh | 03:39 |
| fujin | hate that | 03:39 |
| _ruben | if i had known it would take this long i might had concidered getting some shut-eye for a bit | 03:41 |
| J_5 | is it a good idea to apt-get dist-upgrade on a new install before I start reinstall my packages? So it doesn't mess anything up after I have everything installed and running? | 03:47 |
| _ruben | it shouldnt really matter at what stage you'd do it .. doing it first shouldnt do any harm | 03:50 |
| fujin | I generally do it straight away | 03:51 |
| fujin | after installing | 03:51 |
| fujin | especially as we're still in Feisty's life cycle here. | 03:51 |
| J_5 | ok thanks. I ask, because I did this the other night and then mysql stopped working after that. my i am a noob, so it my be me :) | 03:53 |
| J_5 | this is my thrid reinstall..i'm getting pretty good at that part lol | 03:54 |
| pschulz01 | Greeting.. I have a gutsy server which 'kind of' hangs on reboot at 'starting syslog' stage. | 03:58 |
| fujin | install syslog-ng! :D | 03:58 |
| pschulz01 | Has anyone seen'heard of this sort of thing? | 03:58 |
| pschulz01 | fujin: Is this a well known issue? | 03:59 |
| fujin | no idea | 03:59 |
| fujin | I always replace the ubuntu standard syslog with -ng | 03:59 |
| fujin | as I'm more familiar with it and prefer it | 03:59 |
| pschulz01 | I kill 'syslogd' and then everything else continues to load. | 03:59 |
| sommer | pschulz01: can you start syslogd after you've booted the system? | 04:02 |
| pschulz01 | Whan I try and restart by hand (/etc/init.d/syslogd restart) I get 'syslogd: Unknown priority name 'exec' | 04:10 |
| pschulz01 | The odd thing is that this is only on the console.. | 04:10 |
| sommer | pschulz01: mmm... it smells like a config issue. I found this: http://www.freebsddiary.org/syslog.php | 04:11 |
| pschulz01 | Ahh.. | 04:11 |
| pschulz01 | Running it from an ssh session causes it also to be displayed on the console. | 04:11 |
| sommer | pschulz01: it may be a tabs v. spaces thing in your config file | 04:11 |
| pschulz01 | (not to the ssh window) | 04:11 |
| pschulz01 | ha ha! somer.. you are a genius! | 04:13 |
| pschulz01 | Trailing '/' on one of the options | 04:13 |
| sommer | pschulz01: heh... it happens | 04:13 |
| pschulz01 | Located just after the line '# Modified by x' | 04:14 |
| pschulz01 | Where x is going to receive some counciling sortly. | 04:14 |
| pschulz01 | shortly. | 04:14 |
| sommer | heh... least they documented who made the change | 04:15 |
| pschulz01 | It was followed by '# This didn't work.' | 04:15 |
| sommer | lol... that's pretty awesome | 04:15 |
| J_5 | why does it ask me to cd everytime I use apt-get now? Can I change this? The most up to date packages are not on the CD, correct? | 04:16 |
| _ruben | comment out the line in /etc/apt/sources.list | 04:16 |
| J_5 | oh ok, thanks | 04:17 |
| pschulz01 | Kamping_Kaiser: Ping | 04:23 |
| pschulz01 | sommer: I spoke to soon.. my syslog problem is still there. (Although the error message ehas not gone away.) | 04:50 |
| pschulz01 | How do I reinstall a package and force it to replace the config files with their default packaged files? | 05:05 |
| pschulz01 | Something like 'apt-get install --reinstall <package>' appears to work.. but does it replace the default files? | 05:06 |
| antdedyet | pschulz01: you can 'sudo apt-get remove --purge <package> && sudo apt-get install <package>' | 05:08 |
| pschulz01 | antdedyet: Unfortunaely there are a lot of other packages that depend on sysklogd and klogd. | 05:12 |
| pschulz01 | Hmm.. maynbe apt-get install --purge --reinstall <package> | 05:12 |
| antdedyet | pschulz01: I'd disclose my practice of 'sudo dpkg --purge --force-all <package> && sudo apt-get install <package>' but it should be handled with care. :) | 05:14 |
| antdedyet | That last one is probably the reason Ubuntu wants to hide the command-line. | 05:15 |
| ScottK | antdedyet: In what way does Ubuntu hide the command line? | 05:16 |
| antdedyet | ScottK: well ... Debian doesn't come with X! :) | 05:19 |
| ScottK | antdedyet: ubuntu-server doesn't either. | 05:20 |
| ScottK | antdedyet: Notice which channel you're in. | 05:20 |
| antdedyet | ScottK: I'm sold on Ubuntu (even to the point of spooling out a few servers based on it), you won't have to lecture me. :) | 05:20 |
| ScottK | antdedyet: Fair enough. | 05:20 |
| antdedyet | The only thing left in my house that isn't Ubuntu is an u2w SCSI disk separated from a controlling motherboard with Debian installed since slink. | 05:24 |
| antdedyet | any servers going into my colo space will be Ubuntu server. | 05:25 |
| ScottK | Cool. I wouldn't mess with that one either. | 05:28 |
| pschulz01 | Now I'm really confused!!! | 05:30 |
| antdedyet | nice to meet you ScottK ... you have an amazing resemblance to someone that wrote a web based SPF query tool I was using earlier this afternoon | 05:31 |
| antdedyet | pschulz01: about? | 05:31 |
| ScottK | antdedyet: Interesting. It's a small world. Glad you found it useful. | 05:32 |
| pschulz01 | I remove (rename) /etc/rc2.d/S10sysklogd and the system boots.. other than syslog not running.. but if I rename it to S12syslogd .. just to put it after S12dbus then the system halts on the scripts after that.. | 05:32 |
| pschulz01 | which is bind | 05:32 |
| pschulz01 | This is just nuts. | 05:35 |
| ScottK | pschulz01: Why are you moving it to S12? | 05:39 |
| pschulz01 | ScottK: 'cause it doesn't work at S10 | 05:40 |
| ScottK | OK. Mine's at S10 and working. | 05:40 |
| antdedyet | Mine's also at S10 and working. | 05:40 |
| ScottK | So whatever your problem is, I don't think that's it. | 05:40 |
| pschulz01 | ScottK: System is hanging on bootup, at the S11klogd.. if I stop sysklogd manually then book progresses and completes. | 05:41 |
| pschulz01 | antdedyet: I have 10 other machines that work as well :-/ | 05:41 |
| ScottK | OK. I don't know what your problem is, but I really think moving the init scripts around is barking up the wrong tree. | 05:41 |
| pschulz01 | ScottK: (1) I know that leaving out sysklogd from the boot sequence allows the system to boot. | 05:42 |
| pschulz01 | (2) I need start sysklogd at some stage. | 05:43 |
| pschulz01 | (3) I would really like ot ge tto the bottom of this :-) | 05:43 |
| antdedyet | will sysklogd start after the system boots if you manually run 'sudo /etc/init.d/sysklogd start' ? | 05:45 |
| antdedyet | Yes, that the time after you have disabled the init script, but you really should consider learning 'update-rc.d' to handle that for you. | 05:46 |
| antdedyet | s/that/that's | 05:48 |
| antdedyet | ScottK: Things would have been much better if the authoritive dns server for the txt records wasn't tinydns (and also even possibly nicer if the SPF type record was supported) | 05:50 |
| ScottK | Ah. | 05:50 |
| ScottK | antdedyet: Type SPF has virtually zero deployment. I wouldn't sweat it to much. | 05:50 |
| pschulz01 | I'm trying a syslog.conf file from another machine that I know is working (waiting to reboot).. one hit was that there was a complaint about /dev/xconsole not exisitng. | 05:51 |
| ScottK | We knew it would never get deployed, but adding it was enough to appease the IETF DNS gurus who knew the internet would melt if we didn't. | 05:51 |
| pschulz01 | I commented that out.. still no luck.. same issue. | 05:52 |
| antdedyet | Talk about liking self-induced pain: I was working for DJB based client (qmail, tinydns, daemontools, although, I don't think rblsmtpd is in the mix) that can't send email to hotmail.com/msn.com. That's how I spent the first part of this week. | 05:52 |
| ScottK | Yum. Well no one can send mail to Hotmail reliably unless they are mass marketers who pay to play. | 05:53 |
| antdedyet | pschulz01: so the init scripts definately re-installed after the 'sudo dpkg --purge ...' ? | 05:54 |
| antdedyet | pschulz01: because my sysklogd init script makes the /dev/xconsole device and prepares it for use | 05:54 |
| antdedyet | pschulz01: see create_xconsole() | 05:55 |
| antdedyet | pschulz01: (in the sysklogd init script) | 05:56 |
| pschulz01 | antdedyet: I don't think the init scripts did get re-installed.. conf file certainly didn't/ | 05:56 |
| pschulz01 | gutsy? | 05:57 |
| antdedyet | pschulz01: gutsy desktop ... what have you got? | 05:59 |
| pschulz01 | antdedyet: It was an alternate install.. had some odd SAS driver to deal with.. DELL 1950 1RU | 06:01 |
| antdedyet | pschulz01: also shows up in gutsy server | 06:01 |
| antdedyet | ScottK: Maybe the SPF query-type will gain some traction with the IETF in the future now that the statement has been made. | 06:03 |
| ScottK | antdedyet: Maybe, but it's got a serious chicken-egg problem. Particularly as there are brain dead resolvers out there that don't respond at all to queries about unknown types. | 06:04 |
| ScottK | Because of that you have to look up TXT no matter what SPF tells you, so why bother? | 06:04 |
| antdedyet | ScottK: I continued to wonder why there wasn't a way to query more sub-types like you can with chaosnet (version.bind is the only example that comes to mind), but my thinking was probably influenced entirely too much on microsoft-ism at the time... | 06:04 |
| lousygarua | is there any security risk in running `ssh-keygen` on a remote server? | 06:04 |
| pschulz01 | lousygarua: For user keys? or server keys? | 06:05 |
| ScottK | antdedyet: Dunno, but the biggest impact is time, not packets anyway. | 06:05 |
| pschulz01 | lousygarua: No risk at all.. as long as you don't copy private keys around afterwards. | 06:06 |
| lousygarua | pschulz01: not sure. i'm setting up a script for remote backups between servers over rsync+ssh. so i'm creating an ssh key on my server remotley because i'm not in office. | 06:06 |
| lousygarua | pschulz01: yes it does not sound risky to me i just recalled i read somewhere DONT CREATE KEYS REMOTELY but i might have been sleepy | 06:07 |
| ScottK | lousygarua: How are you connected to the machine? | 06:07 |
| pschulz01 | lousygarua: No problem at all.. provided you do the key generation on the machine that you plan to login 'from'. | 06:07 |
| lousygarua | ScottK: via ssh | 06:07 |
| pschulz01 | lousygarua: You don't want to be moving private keys over the network. | 06:07 |
| antdedyet | lousygarua: If you are using ssh to connect to that remote server that you are running ssh on, you are fine. A pro (although albeit minor) of running ssh-keygen over ssh is that ssh data used xfer contributes to the entropy pool used for generating the new key pair. | 06:08 |
| antdedyet | s/used/used for the/ | 06:08 |
| ScottK | lousygarua: OK. As long as it's not telnet or something. | 06:08 |
| antdedyet | s/running ssh/running ssh\-keygen | 06:08 |
| lousygarua | antdedyet: oh so it's not a REAL problem because i'm not the pentagon | 06:09 |
| lousygarua | here's another funny question, i seem to have the old ssh private key, what's the command to generate a public key out of it (rtfmlazy) | 06:10 |
| antdedyet | I don't know. <-- rtfmlazy too | 06:11 |
| lousygarua | ok well thanks everyone :) | 06:15 |
| antdedyet | ScottK: Ah ... I am not yet that familiar with SPF. Today was the first time I had a reason/chance to implement it and from what I read, the visual effects of it publishing a SPF record only keep my senders' emails out of the Junk/Spam Folder of hotmail.com. But I know I'm overlooking the technical advantages of an sysadmin/netadmin of it in this statement. | 06:16 |
| antdedyet | lousygarua: ssh-keygen -y | 06:16 |
| antdedyet | lousygarua: or some variant of that | 06:16 |
| lousygarua | antdedyet: oh cool :) | 06:16 |
| antdedyet | lousygarua: ssh-key -y -f priv_key | 06:16 |
| antdedyet | prints to STDOUT, methinks | 06:16 |
| lousygarua | yeah | 06:16 |
| lousygarua | thanks | 06:17 |
| antdedyet | np | 06:17 |
| ScottK | antdedyet: As far as Hotmail goes, maybe, maybe not. | 06:17 |
| antdedyet | ScottK: There's that too. | 06:17 |
| ScottK | antdedyet: They do lots of strange stuff, so no guarantees. | 06:17 |
| ScottK | antdedyet: As a domain owner, a complete (ends in -all) SPF record is a good way to deter spammers from using your domains. | 06:18 |
| antdedyet | ScottK: In a certain way, I really wish people would take the psychological approach of boycotting Microsoft and all it's deritivies. | 06:18 |
| ScottK | antdedyet: As a receiver it's a good way to reject during SMTP (when it's cheap - before DATA even) a class of mail that's almost certainly (~99% in the data I've seen) junk. | 06:19 |
| ScottK | SPF's biggest drawback is that it's complicated and even 99% right isn't enough for some services/companies. | 06:19 |
| antdedyet | ScottK: ah, good... I used the openspf.org wizard to create the first records I did today, which included the -all for my bind backed domains and an ~all for the tinydns served ones. | 06:19 |
| antdedyet | The biggest resistance I had to adopting SPF early was the availablity of format/syntax documentation. | 06:20 |
| ScottK | antdedyet: Just keep in mind that the wizard is not very smart. It can and will lead you astray. | 06:21 |
| ScottK | The SPF record syntax is just a fancy way to come up with a list of IP addresses that a domain is authorized to send from. | 06:21 |
| ScottK | antdedyet: When you have a choice, what MTA do you use? | 06:22 |
| antdedyet | ScottK: I use Postfix for myself and recommend it to as many of my clients as possible when they do a server rebuild/replacement/redesign | 06:33 |
| nealmcb | lousygarua, antdedyet huh - that openssh -y option is odd. as far as I know you can't generate a public key from a private key - that would be a huge security issue - instead you generate both at the same time. I'm guessing openssh stores both public and private keys in the private file, and the -y option extracts it rather than regenerating it. | 06:33 |
| ScottK | antdedyet: Yeah. Me too. For SPF checking we've got several policy servers you can use that are easy enough to integrate. | 06:34 |
| nealmcb | seems like the man page gets it right and the faq confuses private file with private key | 06:35 |
| lousygarua | nealmcb: i know that you can generate public keys from ssl private keys as well with openssl | 06:35 |
| lousygarua | nealmcb: so they really save the public key along with the private key somewhere? | 06:35 |
| nealmcb | that's my guess - just semantics, but that's a scary way to document it | 06:36 |
| lousygarua | maybe mathematically the keys are not the exactly same | 06:37 |
| nealmcb | they are opposite sides of the coin, and if you could make the public key from the private key, you could also make the private key from the public key.... | 06:37 |
| nealmcb | would would be really bad :-) | 06:37 |
| lousygarua | we should consult the high ubuntu mathmeatician | 06:37 |
| nealmcb | who? | 06:38 |
| * lousygarua looks left and right, and still has no idea | 06:38 | |
| antdedyet | lousygarua: there is no different in the keys generated that I tested. | 06:39 |
| antdedyet | s/keys/public keys | 06:39 |
| nealmcb | ? | 06:39 |
| antdedyet | s/different/difference | 06:39 |
| antdedyet | nealmcb: tested the theory of the generated public keys being different from openssh's -y option with an RSA key | 06:40 |
| antdedyet | nealmcb: they were the same except for the comment at the end | 06:40 |
| antdedyet | dropped that off and ran diff on it; they came up the identical | 06:40 |
| antdedyet | so the public key could definately possibly be stored in the private key | 06:40 |
| antdedyet | or less like that my machine doesn't have enough entropy to generate a unique key, eheh. | 06:41 |
| antdedyet | ScottK: Are your policy servers open or paid for or available to outsiders at all? # /me surfs to your site again | 06:42 |
| ScottK | Open. | 06:43 |
| ScottK | antdedyet: For Ubuntu you can just apt-get them. | 06:43 |
| antdedyet | ScottK: Ahh, I see you are part of the openspf.org site Council and so forth. | 06:43 |
| ScottK | Yes. | 06:43 |
| nealmcb | antdedyet: I'd say " public key could definately possibly be stored in the private FILE" | 06:46 |
| nealmcb | like the man page says.... | 06:46 |
| antdedyet | nealmcb: ah, my mistake. I know now. | 06:46 |
| nealmcb | id_rsa is much bigger than id_rsa.pub - so that's my guess | 06:47 |
| lousygarua | nealmcb: cool to know | 06:51 |
| ScottK | antdedyet: If you decide you want to install SPF checking for your Ubuntu servers, https://help.ubuntu.com/community/Postfix/SPF | 07:00 |
| ScottK | antdedyet: In general I recommend the Python one as it's more featureful. | 07:00 |
| * ScottK is off to bed. | 07:01 | |
| antdedyet | ScottK: Ahh ... Just as you'd have it I would be installing the postfix-policyd-spf-perl package just because the name says postfix. After further inspection of the python-policyd-spf I see it is also for Postfix. Thanks. Have a good night. | 07:03 |
| ScottK | antdedyet: Yes. I plan to rename the binary package for the Python one. | 07:03 |
| ScottK | Thanks. | 07:03 |
| antdedyet | nealmcb: looks like the public key data is stored inside even a pem encoded private key file. | 07:27 |
| === antdedyet is now known as jtraylor | ||
| === jtraylor is now known as antdedyet | ||
| === antdedyet is now known as jtraylor | ||
| === jtraylor is now known as jonathant | ||
| === jonathant is now known as jtraylor | ||
| === jtraylor is now known as antdedyet | ||
| vetrii | how to use scramdisk | 08:30 |
| susscorfa | hi i have a ubuntu desktop with apache installed and i can reach it from the localhost but from other computers i can't access it | 09:23 |
| lousygarua | susscorfa: you should check 3 things, first if your firewall is not blocking port 80 | 09:23 |
| lousygarua | susscorfa: then that apache listens on port 80 and not on 127.0.0.1:80 or something similar | 09:24 |
| lousygarua | susscorfa: hmm and that's it. there's also an issue with permissions on a per-directory basis | 09:24 |
| lousygarua | susscorfa: but if you get 404 instead of 'permission denied' it's probably one of the first things i mentioned | 09:25 |
| susscorfa | ok ill check the firewall first | 09:26 |
| susscorfa | ok it is firestarter thx lousygarua just have to find out how to allow port 80 to be allowed | 09:30 |
| lousygarua | susscorfa: np, if you need more help ping me | 09:31 |
| vetrii | how to use scramdisk | 11:36 |
| vetrii | how to encryt my hard disk | 11:36 |
| vetrii | i installed scramdisk | 11:37 |
| vetrii | but i dont know how to use | 11:37 |
| good_dana | what do i need to do to install on a sata raid with 6.06? | 22:53 |
| Nafallo | install? | 23:12 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!