[07:05] <MooDoo> howdy all
[08:37] <brobostigon> morning boys and girls.
[08:38] <lornajane> good morning
[08:41] <diplo> Morning all
[08:41] <brobostigon> morning
[08:48] <SuperMatt> morning all
[08:48] <MooDoo> howdy howdy
[08:54] <Gargoyle> o/
[09:04] <foobarry> has anyone used a smartphone habits tracking app like moment or qualitytime?
[09:05] <SuperMatt> What are they supposed to do?
[09:05] <SuperMatt> (if it's not obvious, my answer is no)
[09:05] <foobarry> tell you what apps you use and for how long, screen time per day etc
[09:06] <SuperMatt> Oh, I see
[09:06] <SuperMatt> I don't think I want to be told I'm an addict
[09:06] <foobarry> ok found one called space. seems to have a better privacy policy and they are in the uk https://phonelifebalance.com/privacy-policy/
[09:08] <foobarry> https://play.google.com/store/apps/details?id=mrigapps.andriod.breakfree.deux&hl=en&rdid=mrigapps.andriod.breakfree.deux
[10:15] <foobarry> This Security Alert addresses CVE-2017-10269 and four other vulnerabilities affecting the Jolt server within Oracle Tuxedo. These vulnerabilities have a maximum CVSS score of 10.0 and may be exploited over a network without the need for a valid username and password. The Oracle Jolt client is not impacted.
[10:15] <foobarry> maximum CVSS score of 10 :|
[10:17] <SuperMatt> Oracle do love their CSEs
[10:17] <SuperMatt> *CVEs
[10:17] <TwistedLucidity> My CVEs go to 11.
[13:37] <diplo> Any of you guys use OpenWRT ?
[13:37] <diplo> Just tring to find a way to do portforwarding via the web admin
[13:40] <TwistedLucidity> I am
[13:40] <TwistedLucidity> diplo: I am, let me open the web admin gubbins.....
[13:41] <diplo> ta fanx, got this Witi board thing about 2 years ago, just about to start using it :)
[13:41] <diplo> I can see how to do it via the cli if it comes to it
[13:42] <TwistedLucidity> diplo: Services/Firewall, then the "Port Forwards" tab
[13:42] <diplo> yeah don't have it
[13:42] <TwistedLucidity> Ah
[13:42] <TwistedLucidity> Don't have Firewall?
[13:42] <diplo> I'm guessing I need to install a package... but can't find what package to install
[13:42] <TwistedLucidity> What version?
[13:42] <diplo> yeah installed that... which is the only package i found referenced, still didn't show up
[13:42] <diplo> Unless it needs a reboot I guess
[13:43] <TwistedLucidity> I'm using 15.05 Chaos Calmer; keep in mind that the advice now is to switch to LEDE.
[13:45] <diplo> Not sure if my device is supported, I'll look later on the device
[13:45] <TwistedLucidity> Tried installing "luci-app-firewall"?
[13:46] <TwistedLucidity> That'll give you the web interface for the firewall. Well, it should do.....
[13:46] <diplo> But the version i used from openwrt packages is out of trunk, so guess whatever the newest version is there.
[13:46] <diplo> I'll try when I get home, can't get in atm as no port forwards :D
[13:46] <TwistedLucidity> Heh
[13:49] <diplo> With openwrt do you need to reboot after package installations, didn't have any prompts tbh, but that could have been me learning new stuff
[13:56] <diddledan> I thought LEDE was supposed to be merging back into openwrt.. or did that fall-through again?
[13:58] <diplo> No idea, will look at lede to see if there is a way of using it
[14:00] <diplo> Hmm it's listed there :) so good start
[14:00] <diplo> 17.0.4
[14:00] <diplo> 17.0.1.4 even
[14:17] <TwistedLucidity> diddledan: In short - OpenWRT is a dead project. 15.05 is the final release. LEDE now has all the active development and will re-brand as OpenWRT.
[14:18] <TwistedLucidity> diplo: You might be able to get away with restarting the web service; but I think I've always just rebooted
[14:23] <diplo> I'll reboot tonight, also see what version I'm on and may upgrade to 17.01.4 - might as well be on latest and greatest before not otuching it again for a while :)
[14:23] <TwistedLucidity> 17.01.4 is the one that has the KRACK fix in it as well IIRC
[14:23] <TwistedLucidity> When we move house, I'll be upgrading. Too risky for me to try it now
[14:30] <diplo> heh, I've got old Draytek there in case, but thought Krack was client side issue anyhoo ?
[14:30] <TwistedLucidity> Both
[14:30] <diplo> I've not followed up on krack at all, apart from seeing that Motorola aren't patching it yet
[14:30] <TwistedLucidity> Nor has Google AIUI
[14:31] <TwistedLucidity> Well, I don't think I've gotten an update (could be wrong)
[16:45] <diddledan> weird. git apply isn't applying the changes yet it is exiting with code 0 indicating success
[16:51] <diddledan> maybe it doesn't like that I edited the diff
[17:06] <diddledan> reacreated the diff and it still isn't working. but ONLY in my xenial vm (snapcraft)
[18:23] <Knightwise> hey peeps
[18:23] <daftykins> \o
[18:24] <brobostigon> hi
[18:26] <Knightwise> Muddling around here :) running IRSSI in Brew on my mac , using my ipad pro as a secundary screen
[18:26] <Knightwise> pretty cool actually :)
[18:28] <Knightwise> Ubuntu in a vm on the main screen of my laptop ,
[18:29] <Knightwise> irssi in a terminal on the ipad pro
[18:29] <Knightwise> and osx on the main screen :)
[18:30] <daftykins> each to their own ;)
[18:32] <Knightwise> nice experiment , but it think 17.10 is just a little 'raw" these days
[18:35] <zmoylan-pixi> irssi on a pi usually and use tmux to access it fron any device at home. but am in hospital so atomic irc client on android... i miss my pi...
[18:35] <Knightwise> zmoylan-pixi: what happened to it ?
[18:36] <zmoylan-pixi> well i didn't want to constantly worry about extwrnal threats so it's not accessible from outside house
[18:37] <zmoylan-pixi> and the wifi ap it's connected to needs a reboot once a week so it's fallen offline
[18:38] <daftykins> zmoylan-pixi: all ok with you?
[18:38] <zmoylan-pixi> they amputated a toe 6 weeks ago and an now twiddling my thumbs (still have both of those) waiting to be released
[18:39] <daftykins> zmoylan-pixi: ah is that a sign of larger woes, or unrelated? sounds like quirky circulation
[18:42] <zmoylan-pixi> i have health issues. but this one came out of left field.
[18:44] <daftykins> mm funky
[18:45] <zmoylan-pixi> as i headed to a+e i thought 'chuck the netbook and charger in the bag' but no.... so been on android and dumb nokia for 6 weeks
[18:46] <zmoylan-pixi> i really really miss symbian....
[18:46] <daftykins> i'll post you my Psion - you can pinch alcohol swabs and clean off the gunky rubber for me ;)
[18:47]  * zmoylan-pixi casts inflict piles on elop
[18:47] <zmoylan-pixi> i've toyed with idea of buying a psion or even a palm os device... might still do it
[18:48] <zmoylan-pixi> new psion looks shiny...
[18:49] <brobostigon> new psion? umm, do you own a tardis?
[18:50] <daftykins> nah there's some new project
[18:51] <zmoylan-pixi> https://www.theregister.co.uk/2017/02/27/the_psions_is_back_meet_gemini/
[18:51] <brobostigon> first time i have heard about that one.
[18:52] <brobostigon> 9 months ago, ok.
[18:52] <zmoylan-pixi> there's later story of them showing current breadboard prototype to journalists. soynded good
[18:53] <zmoylan-pixi> i'd rathee they took time and do it right than rush out junk
[18:53] <zmoylan-pixi> psions were rolls royce of pda market
[18:55] <zmoylan-pixi> https://www.theregister.co.uk/2017/09/11/gemini_psion_alike_pre_production_prototype_handson/
[19:06] <diplo> Don't ask... but I need to enable sshv1 on a server on an internal network
[19:07] <diplo> Created keys, allowed Protocol 2,1
[19:07] <diplo> Anything else to why it may not work ?
[19:07] <diplo> SELinux is disabled, firewall is off
[19:08] <diplo> [root@localhost ssh]# ssh -1 localhost
[19:08] <diplo> Protocol major versions differ: 1 vs. 2
[19:45] <daftykins> diplo: sorted it? config pointing to the v1 keys? daemon restarted?
[20:01] <diplo> daftykins
[20:02] <diplo> daftykins: Nope, sorry.. screen locked up :) the sshd_config is pointing at /etc/ssh/ssh_hosts_key
[20:02] <diplo> If that's what you mean, restarteddaemon, even rebooted now
[20:03] <diplo> Last thing I need to sort till I can sign off, been working 13 hours
[20:03] <daftykins> D:
[20:04] <diplo> Any other suggestions I'm all ears
[20:05] <daftykins> when you tested to localhost, it said the versions differed - i wonder if you gain anything by forcing v1 on the client side with /etc/ssh/ssh_config too?
[20:05] <daftykins> i see a line "# Protocol 2" in there so maybe you can have "Protocol 1" to force
[20:06] <diplo> I think I did that already on the client side
[20:06] <diplo> trying now anyhoo
[20:07] <daftykins> yeah i'd have a go on the same host to see if that message changes at least
[20:07] <diplo> Still the same :/
[20:08] <diplo> -vvv gives me this debug1: key_load_public: No such file or directory
[20:08] <daftykins> sounds like it's going out for a key file and not finding it
[20:08] <diplo> apparently its normal output in vvv
[20:09] <daftykins> hmm
[20:09] <daftykins> anything crop up in the server logs on that fail too?
[20:10] <diplo> https://pastebin.com/tNBPmcWD
[20:10] <diplo> Output from -vvv and I'll get that a mo
[20:11] <diplo> https://pastebin.com/PCRs7Gn0
[20:11] <diplo> That's it, can't find anything else
[20:12] <diplo> Exactly the same setup on their VM, all we did is add Protocol 2,1 and add ssh keys and restarted teh daemon
[20:17] <daftykins> hmm earlier when you said you allowed Protocol 2,1 - does that mean that exact statement is in the config, so 2 is taking precedence?
[20:19] <diplo> yeah its how all the examples show it
[20:20] <diplo> It's also how the working machine looks as well
[20:20] <diplo> I've even copied keys/config over from the working server
[20:21] <diplo> So really don't think it's config related... tried permissions.. must be something else.. maybe need to install something
[20:22]  * daftykins asks some folks in -discuss if they know
[20:22] <diplo> https://www.openssh.com/releasenotes.html
[20:22] <diplo> Think I've found the issue
[20:23] <diplo> Wonder if it's compiled without support...
[20:23] <daftykins> ah-ha
[20:24] <diplo> Can't work out how to find that out.. with nginx and such things it lists it
[20:24]  * diplo googles some more
[20:24] <diplo> 6.6 worked, wonder if I can pin it for now
[20:25] <daftykins> Bashing-om: \o
[20:26] <Bashing-om> daftykins: Maybe of no help .. but I can watch for errors :)
[20:27] <daftykins> :D diplo reckons the compile options to v7 of sshd may be to blame now
[20:33] <diplo> Well stupid people wanting to use old versions of ssh are to blame!
[20:35] <daftykins> hehe damn right
[20:36] <diplo> dadasq
[20:37] <diplo_> Can't reconnect to my byobu session
[20:37] <diplo_> All I need is network problems here as well :D
[20:38] <daftykins> sounds like a work day from hell
[20:38] <daftykins> that guys nick isn't nice ^
[20:38] <diplo_> Hasn't been great no, text my boss and he's going out :)
[20:39] <daftykins> diplo_: what's the distro on each host? working and non-working
[20:39] <diplo_> I have joins/parts so miss most things
[20:39] <diplo_> I know ubuntu channel, but both hosts are CentOS :)
[20:40] <daftykins> ah, one of the guys just pointed out ubuntu has a separate package for a v1 client - openssh-client-ssh1
[20:40] <diplo_> Hate centos channel, and most answers are generic for me, I'm trying to search out where they do there compile stuff
[20:40] <diplo_> ooh, I'll see if cent does too
[20:40] <diplo_> I rpm -qa | grep ssh and had same packages
[20:43] <diplo_> openssh.x86_64 : An open source implementation of SSH protocol versions 1 and 2
[20:44] <daftykins> hmm single package for both client and server eh?
[20:44] <diplo_> openssh-server is the server package, doesn't mention 1/2 on there though
[20:45] <diplo_> Just running yum info on it now, see what description says
[20:49] <diplo_> I'd assume if I set protocol 2,1 it would error out if it wasn't an option
[20:49] <daftykins> i reckon it's fine but i reckon it's changing what is tried first
[20:49] <daftykins> back it up and try 1,2 or even 1 on its' own just for fun
[20:50] <daftykins> may be on the wrong lines but it'll rule it out
[20:52] <diplo_> Just tried that, failed
[20:52] <daftykins> weird, still with the 2 and 1 error?
[20:52] <diplo_> Specifying ssh -1 or ssh -2 allows that
[20:53] <daftykins> mmm i suppose if the client is picking the server doesn't have a say
[20:55] <diplo_> Can't install older packages either
[20:55] <diplo_> Basically, think the client needs to spend some money, as I don't know how to do it :D
[20:56] <diplo_> Or I'm being stupid, but it appears to be very simple
[20:56] <daftykins> is your testing VM on the same major version and have the same package versions as their host?
[20:56] <diplo_> 7.3 and new server 7.4
[20:56] <diplo_> 7.3 is the VM
[20:57] <daftykins> and that's where it worked fine? (your VM)
[20:57] <diplo_> Jumps from 6.6 to 7.4 version of ssh between the two
[20:57] <diplo_> Yeah
[20:57] <daftykins> hrmm
[20:57] <diplo_> I may see if I can find a iso with both versions and create some local VM's
[20:57] <daftykins> *nod* sounds like a good way to go
[21:00] <zmoylan-samj3> just don't follow someone blindly... :-P https://i.imgur.com/ZSdlAjX.gifv
[21:01] <Bashing-om> diplo_: A thought 7.4 - netplan ? then we got a learning curve ; ls -al /etc/netplan/ ' .
[21:01] <daftykins> O_O
[21:02] <daftykins> hmm did your 7.x relate to how their site has v7 17.08 as current?
[21:03] <diplo_> No /etc/netplan on this box
[21:04] <diplo_> I just upgraded/insatlled new server, customers tech people were in charge of old one, ie installed it and never touched it
[21:04] <diplo_> 3mins for the first 7.3 iso, 15mins for 7.4 :/
[21:05] <daftykins> i can't see those version numbers at centos.org
[21:08] <diplo_> They don't display it anymore, newest always
[21:08] <diplo_> http://mirror.nsc.liu.se/centos-store/
[21:08] <diplo_> Installing 7.3 now, if this works, I'm quitting
[21:09] <daftykins> cool
[21:09] <daftykins> ah yeah so the 1708 i'm seeing is 7.4, ok
[21:09] <diplo_> ta fanx for help btw.. at least I don't feel stupid as I don't think I've missed anything
[21:09] <diplo_> Ah that's the release date from Redhat
[21:10] <daftykins> *nod* no worries, hate to see someone working late suffering that fate alone
[21:10] <daftykins> mmm them and MS using the same year.month bit now
[21:11] <diplo_> Had to google it to work out, as we use CentOS, they release a month or so after sometimes, confused me at first
[21:20] <diplo_> taking forever for the post-install on the vm... cmon! :P
[21:21] <daftykins> mechanical VM storage? :)
[21:21] <diplo_> Running on my 6 year old work laptop :/ upgraded to ssd which has much improved things... but its old.. work sucks :)
[21:22] <daftykins> :)
[21:22] <diplo_> Spec'd a new PC, just over 1k, said it was a bit expensive.. I said no, you're just tight! MD's laptop is £1500
[21:22] <daftykins> :(
[21:23] <daftykins> and the higher they are the less they do i'm sure
[21:25] <diplo_> Worked first time!
[21:31] <daftykins> sheesh
[21:31] <daftykins> so it's that newer version ruining your evening
[21:33] <zmoylan-samj3> is that the laptop the md never uses and the most difficult thing it does is activate a pretty scrensaver?
[21:33] <daftykins> :D
[21:35] <zmoylan-samj3> did i tell you the one were md had 486 and secretary who did all the accounts had 286? so so slow. so we swapped the cases to speed things up ;-)
[21:36] <daftykins> XD genius
[21:37] <zmoylan-samj3> he had a new shiby box that said 486 on his desk. that's all he cared about
[21:40] <diplo_> zmoylan-samj3: Yup, pretty much yes ref the use of it. I have my personal screen at work and an old PC to run some VM's
[21:40] <diplo_> Keep saying I'll take them home and not use it, but I like playing..
[21:40] <diplo_> Second VM is installing, 7.4
[21:41] <zmoylan-samj3> you need to start stuffing rasp pi into calculators, desk lamp, radio on your desk and off load the cpu heavy tasks to them... :-)
[21:45] <diplo_> I want a standing desk, and a led light.. said yeah no problem 4 months ago, chased 5 times
[21:45] <diplo_> Going to order it myself soon
[21:52] <diplo_> So CONFIRMED - doesn't work
[21:53] <diplo_> Bah mother ********* - wasted hours
[22:01] <daftykins> :|
[22:01] <daftykins> must be the compile options as you say in the 7.4 then?
[22:02] <diplo_> Waiting on customer to text back now - I reckon so, not sure how to find that out with CentOS, told the customer.. I can't do anything tonight, if they want to go live in the morning they'll have to have newer clients, lots of pennies or carry on with old box and I see if I can downgrade the ssh version package - but do that tomorrow daytime
[22:03] <diplo_> :)
[22:03] <daftykins> :>
[22:04] <diplo_> Electrical wholesalers are skin flints tbh
[22:10] <daftykins> =]
[22:11] <daftykins> kennyloggins: sort out your connection
[22:12] <diplo_> joins/quits being removed
[22:12] <diplo_> is great
[22:13] <daftykins> yeah, need to keep when you do chat support though
[22:14] <diplo_> I guess yeah, I haven't been on IRC much outside of work really, I rarely boot my machine up anymore, had enough or PC's recently :)
[22:15] <daftykins> :)
[22:15] <diplo_> Used to live on it, just cba anymore - maybe when I get my new PC / laptop for home
[22:15] <daftykins> what do you fill evenings with instead?
[22:16] <diplo_> Have 2 young boys with me half the week, so quite busy with them now. Free time I leave the house and see friends or tidy etc and recently, work!
[22:18] <daftykins> ah-ha
[22:19] <daftykins> i'm still in the midst of insurance repair work here, so should have plenty of painting to keep me occupied again soon enough
[22:19] <daftykins> i've let this house work stuff stunt my social goings on the whole year really
[22:19] <diplo_> I have to do my whole house too, what caused the insurance work ? Flooding ?
[22:20] <diplo_> You're IoW aren't you ?
[22:20] <daftykins> almost, Guernsey
[22:20] <daftykins> water leaks, bathroom + roof
[22:21] <diplo_> Ah, had the same thing myself. Sucks
[22:22] <daftykins> brand new bathroom has been ace :D £11k of work for only £350 spend of my own
[22:25] <diplo_> Nice! my issue was I had was stuff in the paint that I'm having a blank..
[22:27] <diplo_> Can't think what it's called. Tired, but basically had to have people in, sealed the house off and ripped it out and dumped it properly
[22:27] <diplo_> I wish I'd just done it myself, load of fuss
[22:27] <daftykins> asbestos?
[22:28] <diplo_> yay, thanks! I was struggling :D
[22:28] <diplo_> I even googled it and failed... defo time for bed I think
[22:28] <daftykins> :D
[22:29] <daftykins> i hadn't considered it could be in paint, they reckoned i was a bit lucky not having such a discovery in my place - but then mine is ancient, listed building for being a 16th/17th century cottage
[22:31] <diplo_> It's miniscule amounts though, I'd have been happy to do it myself, I think it's more to make money
[22:35] <daftykins> yeah no doubt, one of the apprentices has been telling me how little the building firm i'm using spends on facemasks for them when they're removing old questionable stuff
[22:37] <diplo_> byobu won't let me scroll up with putty, wouldn't do me a favour, I was advised to use luci-admin something on here about 10am, wouldn't take a look for me would you ?
[22:38] <daftykins> 13:45 < diplo> Not sure if my device is supported, I'll look later on the device
[22:38] <daftykins> 13:45 < TwistedLucidity> Tried installing "luci-app-firewall"?
[22:38] <daftykins> 13:46 < TwistedLucidity> That'll give you the web interface for the firewall. Well, it should do.....
[22:38] <daftykins> that all you need?
[22:39] <diplo_> yay thank you!
[22:39] <diplo_> And it has worked! Must remember to say thanks tomorrow :)
[22:40] <daftykins> hehe
[22:44] <diplo_> Website and ssh re-opened
[23:20] <diplo_> Thanks again daftykins - bed time now