[08:33] <lordievader> Good morning.
[08:33]  * CiPi wtf, i was disconnected
[08:35] <Lartza> CiPi, Are you pasting some huge wall of text to some channel?
[08:37] <CiPi> Nehhh
[08:37] <CiPi> I did /list
[08:37] <CiPi> Got excess flood?
[08:38] <Lartza> Maybe don't do /list then
[08:38] <Lartza> :P
[08:56] <lordievader> Hehe, from the irssi help page: Trying to list all the channel names usually causes you to be disconnected from the server with the reason "Excess flood", as usually all 40000 channels form together and server naively attempts to send you them.
[10:14]  * CiPi https://www.youtube.com/watch?v=lUF6klWuB38
[18:45] <mojtaba1> Does anybody know how can I print specific emails from command line? (and also check for new emails all the time?) basically I have a gmail account and I want to be able to print automatically all receiving emails with specific subject.
[19:25] <mojtaba1> Does anybody know how can I print specific emails from command line? (and also check for new emails all the time?) basically I have a gmail account and I want to be able to print automatically all receiving emails with specific subject.
[19:27] <bekks> You could setup a satellite SMTP server, receive your email, and use procmail.
[22:40] <Stuxweb> Hi all newbie here. So I have vsftpd set up on my server to allow SFTP login which is working great. I also wanted to enable FTPS for other reasons (optional for my purposes though.)
[22:41] <Stuxweb> Anyway, while trying to connect via FTPS I get an error: GnuTLS error -15: An unexpected TLS packet was received.
[22:42] <Stuxweb> I only found one solution which was to revert back to an old version of vsftpd and I think that's not acceptable
[22:43] <Stuxweb> Apparently it was documented as a bug in File Zilla which is the client I'm using but the page for the bug is here https://trac.filezilla-project.org/ticket/8313 which is way out dated.
[22:43] <Stuxweb> Does anybody have any experience with this problem? It seemed to be pretty well known. I just couldn't find the solution.
[22:44] <Stuxweb> Apparently they rejected the bug claiming it was a server problem.
[22:46] <patdk-lap> are you using nat in there anywhere?
[22:46] <Stuxweb> Okay this is the latest bug report on it https://trac.filezilla-project.org/ticket/10207
[22:46] <patdk-lap> ftps does NOT work with nat, won't ever, and is impossible
[22:47] <Stuxweb> no I don't think so
[22:47] <patdk-lap> no private ips on either side? only public?
[22:47] <patdk-lap> without any firewalls
[22:47] <patdk-lap> guess firewall would be ok if running in pasv mode
[22:47] <Stuxweb> Forgive me I am very ignorant when it comes to networking but
[22:47] <Stuxweb> the server is behind a router
[22:47] <patdk-lap> what is the ip addresses on both machines?
[22:48] <Stuxweb> the server's ufw is set to enable ftps and sftp
[22:48] <patdk-lap> how can it enable ftps?
[22:48] <patdk-lap> ftps uses all kinds of random ports
[22:48] <patdk-lap> unless you configure those ports in your ftps server and in the firewall manually
[22:48] <Stuxweb> Well I did sudo ufw allow ftps, sudo ufw allow sftp
[22:48] <Stuxweb> and it accepted the rules..
[22:48] <patdk-lap> yes, it will accept the primary port
[22:48] <patdk-lap> but not the data ports
[22:48] <Stuxweb> ah
[22:49] <patdk-lap> but that only is needed when doing a file transfer to directory listing
[22:49] <patdk-lap> or
[22:49] <patdk-lap> basically, ftps is impossible
[22:49] <patdk-lap> due to the limitations of it living in the 70/80's
[22:49] <Stuxweb> Well the ubuntu server documentation only mentioned that in order to enable ftps simply add one line in the my ftps daemon config file enabling SSL
[22:49] <Stuxweb> and said nothing more at all about it lol
[22:49] <Stuxweb> ok
[22:49] <patdk-lap> yes, if you are running in active mode
[22:50] <patdk-lap> but active mode won't work with any client side firewalls
[22:50] <patdk-lap> or nat's
[22:50] <Stuxweb> oh ok
[22:50] <patdk-lap> so ftps is unusable to use basically outside a local network
[22:50] <Stuxweb> Gotcha. I did not know that
[22:50] <patdk-lap> well, your firewall has to do a lot of stuff to *fix* ftp
[22:50] <Stuxweb> That would probably be the problem.
[22:50] <patdk-lap> ftps blocks that cause it's encrypted
[22:50] <patdk-lap> no fix, no work, unless you do it all manually
[22:51] <Stuxweb> Okay. that makes sense because I am currently at work on a laptop on a secured wireless network.
[22:51] <patdk-lap> and manually is normally way over peoples head
[22:52] <Stuxweb> So to allow external secured FTP for users I should just allow a user to SFTP and maybe disable shell access?
[22:52] <patdk-lap> yes
[22:52] <patdk-lap> well
[22:52] <patdk-lap> depends
[22:52] <patdk-lap> the best way is normally use a ftp server that does sftp, put it on port 22
[22:52] <patdk-lap> then move ssh to a different port
[22:52] <patdk-lap> you could go with real users, with only sftp access, and chroot them
[22:53] <Stuxweb> Okay well I do my SSH on a different port anyway
[22:53] <patdk-lap> but I really don't like openssh's way to do that, it's rather annoying
[22:53] <Stuxweb> heh
[22:53] <patdk-lap> or do what I did
[22:53] <patdk-lap> and completely wrap the hell around sftp with apparmor
[22:54] <Stuxweb> ah
[22:54] <patdk-lap> would still be a good idea for whatever ftp server you use
[22:54] <patdk-lap> but can be alittle annoying to get it nice and tight
[22:54] <Stuxweb> So that basically controls what files users have access to right?
[22:54] <patdk-lap> I wonder if any of the ftp server support apparmour profile changes
[22:55] <patdk-lap> more than that
[22:55] <patdk-lap> it controls everything, files, directorys, read, write, execute, socket, ...
[22:55] <Stuxweb> Cool
[22:55] <patdk-lap> so just incase they *break* out of the sftp program, they can't really go anywhere
[22:55] <patdk-lap> or if chroot is broken, can't see anything
[22:55] <Stuxweb> Gotcha
[22:56] <Stuxweb> Well that definitely answers my question, thanks man.
[23:54] <Kully3xf> hey all - how can I connect to my file server connected to router
[23:55] <Kully3xf> tried mounting direct over smb but it fails out each time