=== vlm_ is now known as vlm | ||
lordievader | Good morning | 06:48 |
---|---|---|
=== cpaelzer__ is now known as cpaelzer | ||
=== vlm_ is now known as vlm | ||
=== anton2 is now known as anton | ||
ackk | xnox, hi, I have a grub question. what sets net_default_server and pxe_default_server when grub is downloaded over network (tftp or http) ? are the two vars equivalent? | 14:06 |
xnox | ackk: the two variables are not equivalent; grub netboot modules have code to retrieve information from firmware; i.e. poke pxe interface to scrape the dhcp lease from there and populate all of those variables. | 14:16 |
xnox | ackk: in suse/rhel/etc. they added non-upstream patch to do similar scrapping from UEFI http to reuse the EFI acquired dhcp lease for these things. | 14:17 |
xnox | ackk: but Ubuntu's grub doesn't ship those patches yet to also do the same for http boot. | 14:17 |
ackk | xnox, I see. I'm trying to understand why does pxe_next_server gets set on https://bugs.launchpad.net/maas/+bug/1899581, although the machine did get grub over http | 14:18 |
ubottu | Launchpad bug 1899581 in MAAS 2.8 "MAAS fails to enlist HPE DL380 Gen10 in PXE-HTTP mode" [Medium,Triaged] | 14:18 |
ackk | xnox, also, is (pxe) an alias for (tftp) ? I didn't find any reference of it in grub manual | 14:18 |
maret | hello, I am setting up vsftpd server on ubuntu and I am trying to connect to it by IP address via filezilla biut I am get an error Permission denied (publickey).Connection closed when running a command sftp user@ipaddress. I also get an error from filezilla -> failed to retreive directory listing. The error and vsftpd.conf can be seen here | 14:22 |
maret | https://pastebin.com/HU67phx8 | 14:22 |
xnox | ackk: the two are orthogonal =) one is boot protocol; the other is file transfer protocol....... one can pxe boot over NFS/FTP/HTTPS/TFTP etc..... | 14:23 |
xnox | ackk: and EFI-HTTP boot protocol can happen over HTTP or HTTPS file transfer (but others/more might be added soon, i.e. nvme-over-ethernet) | 14:23 |
xnox | ackk: so efi machines; may do either PXE or EFI network boot; and get the files over TFTP/HTTP/HTTPS | 14:24 |
xnox | however, some of those combinations currently don't work in our grub =( | 14:24 |
xtao | maret: might be wrong about this, but i thought vsftpd was an FTP/FTPS server. sftp is neither of those | 14:25 |
ackk | xnox, sure, but IIUC if you "configfile (pxe)/grub/grub.cfg" the server address used by default would be the one set in pxe_default_server, which depends on what happened during network boot? | 14:25 |
ackk | (same for (http|tftp)) | 14:26 |
ackk | well, execpt it would use net_default_server I guess? | 14:26 |
xnox | ackk: true...... but i thought that efi-http patches faked same/similar vars in rhel/suse acutally to make things "still wrok" | 14:46 |
xnox | ackk: i think using net_default_server / next_server is the better ones, indeed. | 14:46 |
ackk | xnox, what aboug (pxe) vs (tftp) in the configfile command, what is the difference? | 14:54 |
RoyK | xnox: ftp != sftp, the latter is just ftp-like file transfer over ssh, like rsync or scp. FTP is long dead but some still stick to it, like systems from the ninetees or something | 15:33 |
maret | xtao sorry i meant ftps, | 15:34 |
maret | xtao point being i setup vsftpd but I am having a problem to connect to it | 15:34 |
maret | hmm will maybe double check open ports but seems like a config. issue | 15:35 |
teward | ftp and ftps both have *two* ports necessary for properly speaking, make sure you haveboth ports open (one's a data port and the other's a control port) | 15:42 |
teward | and Passive FTP is a pain to get working sometimes if you use firewalls (gotta whitelist a huge section of ports) | 15:42 |
xtao | the error you pasted said Permission denied (publickey) which looks like an authentication error with ssh/sftp where it's tried to authenticate using keys and failed. unless that error was nothing to do with it | 15:46 |
teward | that's an SFTP tunneled FTP error, yes. | 16:03 |
teward | sftp requires SSH keys, FTP doesn't ;P | 16:03 |
patdk-lap | ftps is likely to never work, due to nat | 16:06 |
patdk-lap | ftps also doesn't use public keys | 16:06 |
JanC | FTPS can use public keys | 16:07 |
JanC | (X509 keys) | 16:10 |
patdk-lap | guess it depends on the ftp server implementation | 16:12 |
patdk-lap | would imagine it would be using the x509 naming, client key | 16:13 |
maret | i see so I should use ftps? and just stick with ftp? | 16:21 |
patdk-lap | no one should be using ftp, unless you want 0 security | 16:25 |
patdk-lap | ftps is almost impossible to make work | 16:25 |
patdk-lap | sftp is really the only sane option | 16:26 |
teward | ftp and ftps are both obsolete | 16:27 |
teward | ftps is a pain to get working, because NAT. | 16:27 |
teward | sftp is really the only sane way. | 16:27 |
JanC | FTP is okay for anonymous downloads, as it works in most browsers also | 16:42 |
Ussat | WAT !!!!! | 16:43 |
Ussat | FTP is NEVER ok | 16:43 |
xtao | firefox ripped out ftp in some recent version. i thought chrome had done so too actually | 16:45 |
JanC | that's sad, as there is no real alternative for it | 16:45 |
Ussat | its still in FF and Chrome, but its NEVER ok | 16:46 |
xtao | ahhh no they haven't done it yet | 16:46 |
xtao | it's scheduled for removal in 2021 | 16:46 |
Ussat | FTP is nevre never never ok | 16:46 |
JanC | IIRC they removed gopher at some point | 16:46 |
JanC | Ussat: so what alternative do you have? | 16:46 |
Ussat | sftp, ftps, scp | 16:47 |
JanC | can't do anonymous sftp/scp | 16:47 |
Ussat | so ? | 16:47 |
Ussat | FTP is never OK' | 16:48 |
JanC | and FTPS _is_ FTP | 16:48 |
Ussat | ... | 16:49 |
sdeziel | SSH supports anonymous login IIRC | 16:50 |
sdeziel | so anonymous sftp is possible | 16:51 |
=== fredl_ is now known as fredl | ||
JanC | sdeziel: how would you do that? | 16:55 |
sdeziel | JanC: https://superuser.com/questions/1152645/openssh-server-anonymous-account | 16:56 |
JanC | right, that was sort of what I was thinking about, but it's not really the same as anonymous FTP (you still need to know what login to use etc.) | 16:59 |
JanC | and it's not as easy to use obviously (e.g. no browser support) | 17:01 |
Ussat | ... | 17:01 |
sdeziel | JanC: true but web browsers are now actively trying to get rid of FTP | 17:02 |
JanC | it's sad if there is no good replacement... | 17:02 |
JanC | maybe they could implement WebDAV or something instead... | 17:03 |
JanC | but that's way more complicated than FTP | 17:03 |
ikonia | anonymous ftp is still very much in use/demand | 17:04 |
JanC | but it would fit into the everything-over-HTTP-folly | 17:04 |
ikonia | I'm still not seeing the everything-over-http demand beyond paper exercises | 17:05 |
JanC | pretty much all streaming services do streaming over HTTP now, even if it's worse than dedicated streaming protocols | 17:06 |
=== ijohnson is now known as ijohnson|lunch | ||
ikonia | yeah, that is common, same with api's | 17:06 |
JanC | it has higher latency, suffers from caching issues (web caches aren't designed for real-time), it's much more complicated to do QoS on it because it's HTTP like everything else, ... | 17:09 |
xnox | ackk: so the prefies in the configfile / variable names is whatever $protocol grub things it can use..... i think...... | 17:37 |
xnox | ackk: i will re-read the source code and come back to you with answers that are usable =) | 17:38 |
=== ijohnson|lunch is now known as ijohnson | ||
ackk | thanks xnox | 18:00 |
jayjo- | Is there a reason to prefer VNC or Spice for working with remote VMs with qemu+kvm? | 22:01 |
jayjo- | From kvm-manager, it seems like the defaults are now for Spice | 22:01 |
sarnold | jayjo-: this bug says you can get copy-paste across guest/host and arbitrary resolution if you run a guest agent https://bugs.launchpad.net/ubuntu/+source/spice-vdagent/+bug/1200296 | 22:05 |
ubottu | Launchpad bug 1200296 in ubuntu-meta (Ubuntu) "[MIR] spice-vdagent" [Wishlist,Fix released] | 22:05 |
jayjo- | I assume that's not available with plain/regular VNC? I am still working on it, but I can connect with VNC, not yet with the Spice defaults | 22:17 |
jayjo- | is the vdagent a particular qemu guest agent? https://wiki.libvirt.org/page/Qemu_guest_agent | 22:21 |
jayjo- | or https://wiki.qemu.org/Features/GuestAgent? Using QMP commands? | 22:22 |
sarnold | I don't recall seeing copy-paste things across vnc, but I rarely used the graphical interface to vms | 22:25 |
sarnold | re the agent, binary package spice-vdagent | 22:25 |
compdoc | jayjo-, you can connect remotely with vnc? what desktop do you use? | 23:15 |
=== vlm_ is now known as vlm |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!