| hallyn | upstart had problems? bah! | 00:01 |
|---|---|---|
| RustyShackleford | well this is more an osx question, but regarding ssh | 00:05 |
| RustyShackleford | I am setting up a dotfiles repo to back up and share my dotfiles between computers | 00:05 |
| RustyShackleford | attemping to ln -s ~/dotfiles/sshconfig ~/.ssh/config | 00:05 |
| RustyShackleford | if I instead cp the file, it works as expected. But with the symlink, it doesn't seem to follow the symlink | 00:06 |
| sarnold | RustyShackleford: ssh is picky about permissions. make sure the file is chmod 600, and the directory is 700. Even then it may not work, but that might help. | 00:13 |
| RustyShackleford | I will double check | 00:13 |
| RustyShackleford | yeah those are the permissions | 00:15 |
| RustyShackleford | I suppose copying it isn't the worst thing every | 00:17 |
| RustyShackleford | but it would be nice to edit it, have the changes reflected in my git repo, and then push it up | 00:17 |
| sarnold | RustyShackleford: okay, next step, tracing the thing | 00:17 |
| sarnold | RustyShackleford: I can't remember os x very well, it's probalby something like "kdump ssh localhost" followed by "ktrace" | 00:17 |
| sarnold | RustyShackleford: look for the open() systemcall that refers to the ~/.ssh/config file | 00:18 |
| sarnold | (searching for "config" is probably the best bet) | 00:18 |
| sarnold | I'm curious if your ssh client uses the O_NOFOLLOW open flag. (mine doesn't.) | 00:18 |
| RustyShackleford | hm kdump is not found | 00:19 |
| RustyShackleford | okay what the heck is going on here?! | 00:20 |
| RustyShackleford | well it works lol | 00:20 |
| RustyShackleford | I had tried this a week ago, gave up when it was not working. So I just set it up again and this time it works :/ | 00:21 |
| sarnold | hah :) | 00:23 |
| sarnold | maybe you need to install some developer's kit to get decent syscall tracing tools on OS X? | 00:23 |
| RustyShackleford | how would you feel about keeping private keys in a (private) dotfiles repo as well | 00:24 |
| sarnold | if your passphrase on the keys is decent, it's alright | 00:24 |
| RustyShackleford | I usually use no passphrase hah | 00:25 |
| RustyShackleford | i'm not so secure sometimes for the sake of convenience. I should also find a more secure way to store my passwords | 00:25 |
| nastronaut | RustyShackleford: have you tried verifying that the symlink actually worked? if you do an `ls -al` should return something like this: | 00:33 |
| nastronaut | lrwxr-xr-x 1 user staff 37 Aug 25 11:31 config -> /Users/user/dotfiles/ssh_config | 00:33 |
| === Mobutils_ is now known as Mobutils | ||
| ndboost | evening folks | 00:58 |
| ndboost | regarding an iptables question, using s3 what do i need to allow inbound for it to work | 00:58 |
| RustyShackleford | do you think home internet connections throttle port 22? | 02:28 |
| teward | RustyShackleford: depends on the ISP | 02:28 |
| RustyShackleford | comcast | 02:28 |
| RustyShackleford | just curious how I could test that | 02:29 |
| RustyShackleford | also curious if you get less spambots if you use an alternate port | 02:29 |
| teward | RustyShackleford: IIRC they don't filter traffic in/out or throttle things on those ports, but only Comcast would have the answer | 02:29 |
| sarnold | it'd be easier to just test rather than trying to -talk- to someone there who would know | 02:29 |
| teward | RustyShackleford: security through obscurity only works... for a little bit. OBscuring the port is fine, but disable password auth, use key auth, etc. | 02:29 |
| teward | yep. | 02:29 |
| RustyShackleford | sarnold: you need to be on hold for an hour before you can speak to someone worth a damn | 02:30 |
| sarnold | RustyShackleford: only an hour? that's better than I expected :) | 02:30 |
| RustyShackleford | I had a server exposed to the internet for a while | 02:31 |
| teward | RustyShackleford: Really? I have at least twenty :P | 02:31 |
| RustyShackleford | its crazy how many people try to log into my random ip address | 02:31 |
| teward | RustyShackleford: service scanners, brute forcers, botnets, etc. drivebys most likely | 02:32 |
| RustyShackleford | fail2ban helps a bit | 02:32 |
| teward | RustyShackleford: though, that's *anything* connected to the internet. | 02:32 |
| RustyShackleford | do you think they scan only 22, 80 and the obvious ones? | 02:35 |
| RustyShackleford | I wonder how much using 22000 or something would cut down on drive-bys | 02:35 |
| sarnold | I put mine up on 2222 when I travel, and it gets plenty of scans; don't pretend it'll be silent up there | 02:36 |
| sarnold | it may be less, but whole-internet scanning is commonplace and cheap these days | 02:36 |
| Ben64 | they don't scan every port though | 02:38 |
| RustyShackleford | can't remember if the ssh logs show which port they attempt to connect on | 02:38 |
| RustyShackleford | I could enable them both and see which gets more hits | 02:39 |
| RustyShackleford | er, the difference in the number of hits | 02:39 |
| Ben64 | 22 wins for sure | 02:40 |
| Ben64 | over 2000 hits on my ssh in the past 24 hrs | 02:43 |
| Ben64 | 99.3% for root | 02:44 |
| Ben64 | don't even have root ssh enabled, you silly bots | 02:44 |
| === php_ is now known as php | ||
| RustyShackleford | I need a domain for this server | 04:47 |
| RustyShackleford | i'm so uncreative | 04:47 |
| Seveas | RustyShackleford: uncreative.space :P | 06:17 |
| Choups | how do i run tor, in a ubuntu 16.04 ? | 07:00 |
| Choups | i need an app to use tor as proxy | 07:00 |
| Choups | so i need tor to be runing on the machine | 07:00 |
| Choups | how do i do it? | 07:00 |
| jamespage | coreycb, I remember that it was suggested that was a good idea | 08:00 |
| cpaelzer | jamespage: I pushed the openvswitch changes to the repo and uploaded | 08:49 |
| cpaelzer | jamespage: I also added the ubuntu1 release you had in the repo and tagged yours and mine so that repo matches reality | 08:49 |
| jamespage | cpaelzer, good morning! | 08:50 |
| jamespage | sorry yesterday was frenetic for a number of reasons | 08:50 |
| * jamespage looks | 08:50 | |
| cpaelzer | jamespage: totally fine - as I said I want to help not to disturb :-) | 08:51 |
| cpaelzer | jamespage: so I did what I announced to you and know that in case of blergh we can still fix and upload more if needed | 08:51 |
| cpaelzer | jamespage: I also have something written up for the ovs-dpdk charming that I'm about to send | 08:51 |
| cpaelzer | jamespage: anyone but you to add as CC on that? | 08:52 |
| cpaelzer | a.k.a did get that work to be done by somebody else? | 08:52 |
| jamespage | cpaelzer, no it will get in the right queue | 08:52 |
| === _degorenko|afk is now known as degorenko | ||
| === Malediction_ is now known as Malediction | ||
| Pjusur | Whats the major difference between a standard Ubuntu server install and a minimal one? just fewer packages install by default? | 10:34 |
| rbasak | Pjusur: if you're referring to the options in the traditional installer, then that's the only difference. | 10:39 |
| Pjusur | rbasak: Yes :), the F4 option after boot before install, tnx mate | 10:40 |
| rbasak | powersj: for bug 1629890, my understanding of the typical use case for mongodb says that it's more than wishlist for the process limit to be so low - I'd make it High rather than Wishlist | 11:04 |
| ubottu | bug 1629890 in mongodb (Ubuntu) "/lib/systemd/system/mongodb.service should set LimitNOFILE" [Wishlist,Triaged] https://launchpad.net/bugs/1629890 | 11:04 |
| rbasak | Also bitesize perhaps? | 11:04 |
| zioproto | hello | 12:38 |
| coreycb | jamespage, is network access in unit tests limited to ppas? python-k8sclient tests are getting 404's when backporting to the staging ppa, but ran ok on yakkety. | 13:19 |
| coreycb | lack of network access, that is | 13:19 |
| jamespage | coreycb, hmm | 13:19 |
| jamespage | the builders all have limited egress | 13:20 |
| coreycb | jamespage, ok, interesting | 13:20 |
| gargsms | I am trying to write a custom log for Apache. For any log entry ending with 0, I am using this declaration, just to test ```CustomLog "|/bin/bash -c 'if [ awk \'{print $NF}\'` -eq 0 ]; then logger -s ; fi" combined``` Nothing gets logged to syslog in this case. However, if I just do logger -s, then the entry is logged completely. | 13:50 |
| powersj | rbasak, ok - however the link you provided makes me think we shouldn't yet | 14:16 |
| rbasak | powersj: I stuck it in the backlog. Perhaps we should just check deeper that mongodb doesn't use FD_SET. | 14:18 |
| rbasak | (it seems unlikely) | 14:18 |
| === JanC is now known as Guest96823 | ||
| === JanC_ is now known as JanC | ||
| kaslcrof | Does anybody know the way to propose changes to UCA(Ubuntu Cloud Archive). There is problem with file io.murano.zip [1] which is contained in murano-common package [2] . The problem is file io.murano.zip exist in package (murano-common) but it is in the wrong directory(/usr/share/murano-common/ but should be in /var/cache/murano/meta/).[1] https://review.openstack.org/#/c/250436/ [2] http://mirror.regionone.osic-cloud1.openstack.org/ubuntu-clou | 16:23 |
| kaslcrof | <kaslcrof> d-archive/pool/main/m/murano/ | 16:23 |
| jgrimm | coreycb maybe ^^ | 16:23 |
| coreycb | kaslcrof, hi which release of openstack is this for? | 16:25 |
| kaslcrof | coreycb, it is for newton | 16:55 |
| coreycb | kaslcrof, I think it makes sense where it is stored in /usr/share/murano-common. but if you want we can switch over to #openstack-pkg and we can chat with zigo to get his thoughts (since this package originates in debian). | 17:02 |
| jgrimm | thanks coreycb | 17:08 |
| kaslcrof | coreycb, many thanks. | 17:10 |
| zul | coreycb: barbican uploaded | 17:48 |
| coreycb | zul, thanks | 17:48 |
| dannf | smb: thx for the libvirt SRU upload! will verify asap | 17:51 |
| coreycb | jamespage, zul, ddellav: I had to manually backport python-k8sclient to newton-staging. for some reason backport_package couldn't backport it successfully (maybe interference with port 8080?). | 18:39 |
| zul | coreycb: ack | 18:39 |
| zul | coreycb: bug deweeding is so much fun | 20:08 |
| coreycb | zul, what are you up to? | 20:09 |
| zul | coreycb: deweeding ubuntu/nova bugs on launchpad | 20:09 |
| coreycb | zul, awesome | 20:10 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!