| _ZeuZ_ | Hello guys, hope you received my email from the mailing list... what do you think about my little script? | 00:39 |
|---|---|---|
| * _ZeuZ_ Feels ignorated... | 00:52 | |
| owh | _ZeuZ_: You have to remember that not every body is doing Ubuntu full-time. For example I'm self-employed and I'm volunteering my time to the project because in the long term both I and my clients benefit. Others have different motivations. | 01:07 |
| _ZeuZ_ | I know, I'm also at university, while working for TodoSoft and trying to start my own security team at savajesoft.net my style is pretty secure until now... savajesoft.net/site/index.php | 01:08 |
| gouki | giovani: thank you | 01:52 |
| pteague | yay, i finally got rid of my grub error 17, but now i'm just getting a grub prompt | 02:19 |
| _ZeuZ_ | pteague, why not just doing update-grub after installing it? | 02:31 |
| _ZeuZ_ | pteague, first remove it (apt-get purge grub) then reinstall it (apt-get install grub) and then make it update and configure itself with update-grub | 02:31 |
| pteague | first time i've been able to even get to anything from grub other than the Error 17... i can't even get to a linux terminal to run apt | 02:41 |
| pteague | if you can tell me what i need to do in order to get grub to actually load the kernel i'll be happy to do whatever's needed with apt :) | 02:43 |
| flotishtu | how to auto configure dpkg-reconfigure ipmasq .(no need to press enter or yes/no again and again) just one command. ? | 02:44 |
| _ZeuZ_ | pteague, well, you have any working OS there that you can access? | 02:44 |
| _ZeuZ_ | flotishtu, I really don;t trust that server, I rather do masquerading myself through iptables | 02:45 |
| _ZeuZ_ | Though, you'll have to pass the parameters, or you can do something like assume yes, letme review what;s the glitch to make it do that | 02:45 |
| flotishtu | _ZeuZ_ how | 02:47 |
| flotishtu | ok | 02:47 |
| _ZeuZ_ | flotishu: check the mailing list, you'll see a script I made for that... | 02:48 |
| pteague | nope, new install of ubuntu-server | 02:49 |
| flotishtu | _ZeuZ_ what list? | 02:49 |
| _ZeuZ_ | pteague: boot from a live-cd | 02:49 |
| _ZeuZ_ | flotishtu, read the topic and you'll find what you need to know | 02:50 |
| flotishtu | _ZeuZ_ ^_- | 02:50 |
| _ZeuZ_ | You might also find this: http://bulma.net/body.phtml?nIdNoticia=1794&nIdPage=6 intresting | 02:51 |
| pteague | i installed fedora 9 which actually booted & seemed to fix the detection error i was having before... reinstalled ubuntu-server again & now i'm stuck at grub... think i'll have to burn a cd for *buntu desktop | 02:51 |
| _ZeuZ_ | pteague, come again? you are now on fedora, right? | 02:51 |
| Centaur5 | Does apt-cacher need inetutils-inetd or can you use xinetd now? | 02:52 |
| _ZeuZ_ | ONe does not have any relationship (exept perhas some dependencie) with the other, Centaur5 | 02:53 |
| Centaur5 | _ZeuZ_: well I didn't have any inetd package installed before but apt-cacher was the only thing that broke upgrading from Gutsy to Hardy and /var/log/apt-cacher/error.log says no running inetd server so I was wondering if it mattered which one I chose. | 02:55 |
| _ZeuZ_ | I don;t see any realtion and theoretically it shouldn;t be there any | 02:56 |
| pteague | no, i was initially having problems getting anything... "GRUB loading... \ Error 17" & that was it... guy from local lug is a fedora chump & suggested i install fedora... so i installed fedora & it started right up with no problems... but i'm trying to set up a debian based server so that doesn't get me anywhere in the long term so i deleted the partitions & reinstalled ubuntu-server & got the grub prompt | 02:56 |
| Centaur5 | _ZeuZ_: Okay, I'll keep trying to fix it then. Do you think it would be wise to use apt-cacher-ng now that it's in repositories? | 02:58 |
| pteague | this box used to dual-boot win/linux as it's my old desktop... only difference is it now has an extra drive in it attached to a new sata pci card | 02:59 |
| pteague | ok, i installed kubuntu 8.04, rebooted & ended up at a grub prompt again ;) | 03:43 |
| ScottK | For Kubuntu help, try #kubuntu | 03:58 |
| cyris| | hows it going everyone? | 04:09 |
| nealmcb | hmm - it seems I'd want a version of ssh-vulnkey that runs on dapper so I can see if folks have uploaded bad keys to it - but the USN only provides post-dapper updates - anyone have a dapper version? | 06:28 |
| hotmonkeyluv | when installing ubuntu server, where is the option to install the bootloader to a different partition (or does it automatically install it to /boot no matter where that partition is?)? | 06:39 |
| nealmcb | Looks like dowkd.pl is the easy option most anywhere: http://wiki.debian.org/SSLkeys#head-45e521140d6b8f2a0f96a115a5fc616c4f1baf0b | 06:43 |
| randomwalker | i upgraded openssh after the recent vulnerability report, and now my authorized_keys stopped working | 06:45 |
| randomwalker | i freshly copied the id_rsa.pub from the client, but still no go | 06:46 |
| randomwalker | any ideas? | 06:46 |
| kraut | moin | 08:09 |
| kraut | moin | 08:28 |
| RockHound | hi everyone ... is there a way that I can force an openldap 2.3.x to be installed on hardy instead of 2.4.x? | 09:30 |
| nxvl | RockHound: we are just on an openldap talk at FOSS Camp | 09:35 |
| nxvl | but yes | 09:35 |
| nxvl | i think you can | 09:35 |
| nxvl | just you need to install it by hand | 09:36 |
| nxvl | downloading the .deb | 09:36 |
| RockHound | okay ... thank .. ran into real troubles with syncprov and syncrepl ... | 09:41 |
| RockHound | so the deb of feisty should work? | 09:42 |
| nxvl | i think | 09:42 |
| RockHound | will try my best | 09:42 |
| nxvl | search the gusty ones if there are some | 09:42 |
| nxvl | or just package it by yourself | 09:42 |
| nxvl | :D | 09:42 |
| RockHound | gutsy is what i meant | 09:43 |
| uvirtbot | New bug: #231006 in nagios2 (universe) "Recommend mailx or other package providing /usr/bin/mail" [Undecided,New] https://launchpad.net/bugs/231006 | 09:45 |
| uvirtbot | New bug: #231007 in nagios-plugins (main) "check_radius command uses wrong syntax" [Undecided,New] https://launchpad.net/bugs/231007 | 09:51 |
| AnRkey | does anyone here know why M$ outlook 2k3 hangs when it opens and tries to connect to a postfix server? | 11:31 |
| AnRkey | i am using dovecot | 11:31 |
| ivoks | so, postfix or dovecot? :) | 11:34 |
| ivoks | one is for sending mail, and the other for recieving | 11:34 |
| AnRkey | ivoks, soz for not answering, i was cruising through the forums | 11:46 |
| AnRkey | this is my problem >> http://ubuntuforums.org/showthread.php?p=4971185#post4971185 | 11:47 |
| AnRkey | Outlook 2k3 hangs when it tries to connect to dovecot-imapd | 11:47 |
| ivoks | so, your users are in mysql? | 11:48 |
| ivoks | (today is not my day; not sure why...) | 11:50 |
| AnRkey | mysql? | 11:50 |
| ivoks | yes | 11:50 |
| AnRkey | no | 11:51 |
| AnRkey | i am using unix accounts | 11:51 |
| ivoks | ok | 11:51 |
| AnRkey | default install | 11:51 |
| ivoks | you've setup mail_location in dovecot.conf? | 11:51 |
| \sh | plain or login mech? | 11:53 |
| soren | AnRkey: Which version of Ubuntu? | 11:53 |
| AnRkey | 7.10 | 11:54 |
| AnRkey | i see now that the thread is about mysql too | 11:54 |
| AnRkey | i don't think that is the prob as my install has the same issue | 11:54 |
| ivoks | well, i can't tell you that this combination works on at least 10 my mail servers :) | 11:55 |
| AnRkey | can't or can | 11:55 |
| ivoks | i'm sure it's configuration problem | 11:55 |
| ivoks | can | 11:55 |
| ivoks | sorry | 11:55 |
| AnRkey | :P | 11:55 |
| AnRkey | i am soooo close to being finished too :D | 11:56 |
| ivoks | are you using maildir or mbox format? | 11:56 |
| AnRkey | maildir | 11:56 |
| ivoks | ok, so did you set up mail_location in dovecot? | 11:56 |
| AnRkey | do you know how to increase the verbosity of the logging? | 11:56 |
| AnRkey | checking | 11:56 |
| ivoks | #mail_debug = no | 11:56 |
| ivoks | and even | 11:56 |
| ivoks | #auth_debug = no | 11:56 |
| ivoks | #auth_verbose = no | 11:57 |
| AnRkey | ahh ok | 11:57 |
| AnRkey | thanks | 11:57 |
| AnRkey | mail_location is not set no | 11:57 |
| ivoks | heh | 11:57 |
| AnRkey | but TB and OE both work fine | 11:57 |
| ivoks | maildir:~/Maildir | 11:58 |
| ivoks | i guess you've setup postfix to use maildir? | 11:58 |
| AnRkey | yes | 11:59 |
| AnRkey | i followed this guide without all the SSL stuff https://help.ubuntu.com/community/Postfix | 11:59 |
| ivoks | then fix dovecot to user maildir | 12:00 |
| AnRkey | so set the mail_location to mail_location = maildir:~/Maildir | 12:00 |
| ivoks | oe ant thunderbird probably work, but don't show you your mails :) | 12:00 |
| AnRkey | they both show and send emails | 12:00 |
| ivoks | oe ant? omg... time for food :D | 12:00 |
| AnRkey | oe ant? << ? | 12:01 |
| Myrtti | I've got a question. I've got a virtual server, dapper 6.06.2 which I plan to update to hardy. the person hosting the virtual server says I've got to update to libc6-xen and remove libc6. I'd love to do the update with sudo do-release update, though. Will I run into trouble if I do the upgrade with do-release update and not the way he says it should be done, namely fiddling with the sources.list, installing the libc6-xen and removing the libc6? | 12:03 |
| Myrtti | and then doing aptitude safe-upgrade? | 12:04 |
| AnRkey | ivoks, | 12:04 |
| AnRkey | Task 'Checking for new mail in subscribed folders on 192.9.201.6.' reported error (0x800CCC0F) : 'Outlook is unable to download folder (null) from the IMAP e-mail server for account 192.9.201.6. Error: The TCP/IP connection was unexpectedly terminated by the server. If you continue to receive this message, contact your server administrator or Internet service provider (ISP).' | 12:04 |
| AnRkey | thats what i get now | 12:04 |
| ivoks | Myrtti: i think that would work fine... libc6-xen provides libc6 | 12:06 |
| Myrtti | I know, but I still cringe at the idea of upgrading that way | 12:06 |
| ivoks | AnRkey: try subscribing to some folders trough oe | 12:07 |
| Myrtti | makes my skin crawl | 12:07 |
| ivoks | Myrtti: do do-release-upgrade, and when it is over, install libc6-xen | 12:07 |
| AnRkey | ivoks, ok | 12:07 |
| Myrtti | I managed to break several installations of Debian back in the days of pre-ubuntu-existance that way | 12:07 |
| Myrtti | ivoks: you think that could do it too? | 12:08 |
| ivoks | Myrtti: just do it | 12:09 |
| === Myrtti_ is now known as Myrtti | ||
| Myrtti | here it goes then. | 12:42 |
| Myrtti | *sigh* | 12:42 |
| reya276 | morning | 13:12 |
| reya276 | If users that are on a windows client connecting to ubuntu using "winscp" software for sftp/ssh will that connection be compromised due to this ssh vulnerability issue? Keep in mind I have already applied the updates to openssh and ssl | 13:14 |
| normanm | reya276, if the pubkeys they use are affected yes.. if not no | 13:15 |
| reya276 | normanm: ok is there a way for me to reset those keys mainly for the windows users connecting to the server | 13:16 |
| reya276 | because other ubuntu PC automatically let's the users know they can't connect | 13:17 |
| Terrasque | reya276: do they use key based auth? or password based? | 13:18 |
| normanm | reya276, find /home -name authorized_keys -exec ssh-vulnkey {} \; | 13:18 |
| normanm | if they use not key based out it is not affected anyway | 13:19 |
| Terrasque | normanm: "ssh-vulnkey -a" will check all users | 13:20 |
| normanm | Terrasque, oh ok ;-) | 13:20 |
| normanm | so no need for find ;-) | 13:20 |
| Terrasque | correct :) | 13:20 |
| normanm | Terrasque, but find is such a nifty tool =P | 13:21 |
| Terrasque | true, true. But no need to overuse :p | 13:21 |
| Terrasque | I'm sure you could have chained in grep and xargs too if you really wanted, but .. simple is good :D | 13:22 |
| reya276 | Terrasque: well they have to put in their passwords to be able to logon to their home directories, but their is some sort of key authentication | 13:22 |
| Terrasque | reya276: well, "sudo ssh-vulnkey -a" will tell you all weak keys on the system | 13:22 |
| Terrasque | if they're used or not, it will show them | 13:23 |
| reya276 | thank you guys, let me try this | 13:24 |
| reya276 | oh I got this message | 13:25 |
| reya276 | sudo: ssh-vulnkey: command not found | 13:25 |
| reya276 | Terrasque: that command is not working for me | 13:26 |
| Terrasque | then upgrade :) | 13:30 |
| Terrasque | its included in the latest upgrade | 13:30 |
| reya276 | I though I did, I'm running fiesty 7.04 | 13:31 |
| Terrasque | did you do upgrade, or dist-upgrade? | 13:31 |
| Terrasque | the new openssh packages pulls a new package too, so you need to use dist-upgrade | 13:31 |
| reya276 | I did sudo apt-get update then sudo apt-get upgrade | 13:32 |
| reya276 | yes but if I do dist-upgrade means that my OS will be update right? | 13:32 |
| Terrasque | no | 13:33 |
| Terrasque | its called "dist-upgrade" for historical reasons :) but basically, upgrade only updates existing packages, and will not for example download a new package. dist-upgrade will do that. Historically (and most of the times now) it was used to upgrade to a newer version with new packages (and removed old packages). | 13:34 |
| Terrasque | it will show what it will do and ask for confirmation first, so you can doublecheck that nothing weird happens | 13:34 |
| reya276 | yes I was able to | 13:38 |
| rysiek | hi all | 13:48 |
| rysiek | I am trying to set-up syslog to log remote messages (i.e. set-up a syslogd *server*) | 13:49 |
| rysiek | the thing I cannot find anything on is: is there a way of telling syslog "log messages from SOME_IP to /var/log/SOME_IP.log" | 13:49 |
| rysiek | man syslog.conf tells me only about how to send my log messages to a remote syslogd server | 13:50 |
| rysiek | so does google | 13:50 |
| rysiek | any ideas? | 13:50 |
| Myrtti | ivoks: busted, segfaulted | 13:50 |
| ivoks | do-release-upgrade is python script | 13:52 |
| ivoks | it doesn't segfault :) | 13:52 |
| TrioTorus | installing ebox on 8.04: http://pastebin.com/m73a88b0a what password is being asked for here? root? ebox user? | 13:53 |
| mok0 | TrioTorus: spooky | 13:56 |
| Myrtti | LALALALALALALA | 13:57 |
| TrioTorus | mok0: when I tried first time around, the ebox users was being added to the system and to the adm group | 13:57 |
| Terrasque | ivoks: I've seen python runtime segfault :D | 13:58 |
| Myrtti | ivoks: dpkg segfaults | 13:58 |
| Myrtti | dpkg --configure -a does a cowardly exit and runs to a nearby forest | 13:58 |
| stickystyle | TrioTorus: Never touched ebox, but if i had to guess by looking at the install log you posted, its asking for a pass for the SSL key file probably. | 13:58 |
| stickystyle | TrioTorus: since it looks like one already exists. | 13:59 |
| mok0 | TrioTorus: try looking in the postinst script | 13:59 |
| ivoks | Myrtti: you should at least paste output to pastebin or something | 14:02 |
| Myrtti | I'm trying the magic tricks first | 14:02 |
| Jeeves_ | http://www.prevented.net/~mark/bit/openssl-remote-vulncert | 14:03 |
| MatBoy | huh ? my systems doesn't recognize updatedb anymore | 14:13 |
| uvirtbot | New bug: #231003 in openssh (main) "Host key regeneration leaves ltsp out in the cold (dup-of: 230565)" [Undecided,New] https://launchpad.net/bugs/231003 | 15:23 |
| glycoknob | hi | 15:27 |
| glycoknob | is it possible to disable openvpn-vulnkeys? i'm aware of the problems and new keys are on the way but i'd like to have running deamon | 15:27 |
| ScottK | jdstrand_: ^^^ | 15:28 |
| jdstrand_ | glycoknob: there is not currently an option to disable it no. if you were really determined, you could move openvpn-vulnkey out of the way and put a script in it's place | 15:29 |
| jdstrand_ | s/it's/its/ | 15:29 |
| glycoknob | works thanks | 15:34 |
| jdstrand_ | glycoknob: I am not recommending doing that though :) | 15:34 |
| === jjesse_ is now known as jjesse | ||
| cyris|| | If I take a password, hash it with ssha, and then take the same password and hash it again with ssha, will i get the same hash? | 16:45 |
| dennda | What's the easiest way to set up a fully functional mailing server on ubuntu hardy? (Which programs, for example?) On Debian Etch I use postfix and dovecot | 16:46 |
| dennda | cyris||: yes, that's the theory. but you won't be able to reproduce the passwort from the hash | 16:46 |
| cyris|| | dennda, right, i understand that, then hrm why are we getting a different hash value for the same password entered :S | 16:47 |
| ivoks | dennda: exactly the same; postfix + dovecot + postfix/dovecot for sasl | 16:49 |
| ivoks | there are even docs for doing that | 16:49 |
| m1r | hello | 16:51 |
| ivoks | dennda: https://help.ubuntu.com/community/PostfixDovecotSASL | 16:51 |
| cyris|| | dennda, lots of guides on howtoforge as well | 16:54 |
| c1|freaky | is there any possibility to have a directory ona linux server mounted or whatever on a windows vista machine? so i can make changes directly there (save/read) etc.? | 17:57 |
| cyris|| | c1|freaky, check out samba | 18:01 |
| c1|freaky | it's a server somewhere on the internet | 18:01 |
| c1|freaky | no LAN | 18:02 |
| cyris|| | c1|freaky, you may need to run a vpn then,or get some software to map a drive over ssh | 18:04 |
| cyris|| | c1|freaky, thats assuming you have ssh access to this machine | 18:04 |
| c1|freaky | yes i have | 18:04 |
| cyris|| | c1|freaky, novel also has netdrive, maps ftp sites, but thats insecure :S | 18:05 |
| c1|freaky | ok thank you | 18:05 |
| cyris|| | pretty dead in here today, i smell a long weekend :D | 18:06 |
| Deeps | samba works over the internet | 18:06 |
| cyris|| | well, its a long weekend in canada anyways | 18:06 |
| Deeps | you probably dont want to do samba over an unsecured link though, heh | 18:06 |
| InsomniaCity | yeah, its dead easy to do over an ssh tunnel | 18:07 |
| Deeps | wtf are you doing in here noob? | 18:13 |
| InsomniaCity | watching you ofc | 18:13 |
| Deeps | saucy | 18:13 |
| specialK | so if ssh-vulnkey says a key is unknown should I just assume that key is weak/comprimised | 21:21 |
| cyris|| | specialK, good question, id regenerate | 21:31 |
| cyris|| | my co-worker is about finished writing a php script that updates a users userPassword attribute in ldap, and he is interested in making this available for anyone who wants it. Is sourceforge the best place for this? | 21:32 |
| ScottK | There are lots of good places to host open source software projects. That's one. Google Code it another. Some people speak highly of Launchpad for the purpose. | 21:34 |
| cyris|| | ScottK, oh right Launchpad! :D | 21:34 |
| giovani | specialK: unless you have specific knowledge of where/when the key was generated, regenerate it | 21:34 |
| Myrtti | cyris||: there are people who don't like launchpad because it's proprietary, and dislike google because it's $evil_global_corporate | 21:35 |
| ScottK | Personally as an Ubuntu developer I find it highly confusing to deal with upstreams that are also on LP, but in theory it's supposed to be great. | 21:35 |
| ScottK | All three of the ones I mentioned are proprietary. | 21:35 |
| cyris|| | Myrtti, haha yeah i hear ya | 21:35 |
| ScottK | I don't like Launchpad also because it's hard to use. | 21:35 |
| ScottK | There is also gforge. | 21:35 |
| Myrtti | ScottK: sourceforge too? | 21:36 |
| ScottK | And other FOSS based services. | 21:36 |
| ScottK | Yes. What they release and what they use are very different things. | 21:36 |
| Myrtti | hm | 21:36 |
| ScottK | Gotta run. | 21:36 |
| cyris|| | ScottK, thanks later | 21:36 |
| Myrtti | never thought of that before | 21:36 |
| macd | On gutsy sshd, when a user logs out, its leaving a stale session, is anyone else experiencing this, (only started a after the second sshd update) | 21:57 |
| === klaf is now known as afk_away | ||
| vcorreia | hello everyone | 22:16 |
| vcorreia | has anyone tried ubuntu's ebox new integration | 22:16 |
| vcorreia | ? | 22:16 |
| cyris|| | vcorreia, i played with in a few weeks ago for like 30mins thats it | 22:17 |
| vcorreia | what do u make of it? | 22:17 |
| cyris|| | vcorreia, um its alright | 22:17 |
| vcorreia | i've noticed that the ebox developers have already launched new eBox 0.11.100 ubuntu specific packages | 22:18 |
| vcorreia | cyris, i'm testing them as we speak | 22:19 |
| vcorreia | cyris, thanks for your feedback | 22:19 |
| cyris|| | vcorreia, sorry i can't provide any more feedback, i didn't use it that long | 22:20 |
| cyris|| | vcorreia, what do you plan on using it for? | 22:21 |
| vcorreia | cyris, no problem :) i've used the debian implementation, but as soon as i heard they'd be porting it to ubuntu.... ahhh it was bliss :) | 22:22 |
| cyris|| | vcorreia, so you use it on production machines? | 22:24 |
| vcorreia | cyris, i have used it on a semi-devel/production environment | 22:25 |
| vcorreia | cyris, i administer some production ubuntu servers and if i could use ebox with ubuntu, it would be perfect, harmony-wise | 22:27 |
| cyris|| | :D | 22:27 |
| vcorreia | cyris, just the fact that it supports 802.1q is, on its own, excellent | 22:29 |
| cyris|| | vcorreia, sexy | 22:43 |
| vcorreia | cyris, indeed | 22:44 |
| === Shkodra is now known as ShKoDrAnI | ||
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!