=== vlm_ is now known as vlm
lordievaderGood morning06:48
=== cpaelzer__ is now known as cpaelzer
=== vlm_ is now known as vlm
=== anton2 is now known as anton
ackkxnox, hi, I have a grub question. what sets net_default_server and pxe_default_server when grub is downloaded over network (tftp or http) ? are the two vars equivalent?14:06
xnoxackk:  the two variables are not equivalent; grub netboot modules have code to retrieve information from firmware; i.e. poke pxe interface to scrape the dhcp lease from there and populate all of those variables.14:16
xnoxackk:  in suse/rhel/etc. they added non-upstream patch to do similar scrapping from UEFI http to reuse the EFI acquired dhcp lease for these things.14:17
xnoxackk:  but Ubuntu's grub doesn't ship those patches yet to also do the same for http boot.14:17
ackkxnox, I see. I'm trying to understand why does pxe_next_server gets set on https://bugs.launchpad.net/maas/+bug/1899581, although the machine did get grub over http14:18
ubottuLaunchpad bug 1899581 in MAAS 2.8 "MAAS fails to enlist HPE DL380 Gen10 in PXE-HTTP mode" [Medium,Triaged]14:18
ackkxnox, also, is (pxe) an alias for (tftp) ? I didn't find any reference of it in grub manual14:18
marethello, I am setting up vsftpd server on ubuntu and I am trying to connect to it by IP address via filezilla biut I am get an error  Permission denied (publickey).Connection closed when running a command sftp user@ipaddress. I also  get an error from filezilla  -> failed to retreive directory listing. The error and vsftpd.conf    can be seen here14:22
xnoxackk:  the two are orthogonal =) one is boot protocol; the other is file transfer protocol....... one can pxe boot over NFS/FTP/HTTPS/TFTP etc.....14:23
xnoxackk:  and EFI-HTTP boot protocol can happen over HTTP or HTTPS file transfer (but others/more might be added soon, i.e. nvme-over-ethernet)14:23
xnoxackk:  so efi machines; may do either PXE or EFI network boot; and get the files over TFTP/HTTP/HTTPS14:24
xnoxhowever, some of those combinations currently don't work in our grub =(14:24
xtaomaret: might be wrong about this, but i thought vsftpd was an FTP/FTPS server. sftp is neither of those14:25
ackkxnox, sure, but IIUC if you "configfile (pxe)/grub/grub.cfg" the server address used by default would be the one set in pxe_default_server, which depends on what happened during network boot?14:25
ackk(same for (http|tftp))14:26
ackkwell, execpt it would use net_default_server I guess?14:26
xnoxackk:  true...... but i thought that efi-http patches faked same/similar vars in rhel/suse acutally to make things "still wrok"14:46
xnoxackk:  i think using net_default_server / next_server is the better ones, indeed.14:46
ackkxnox, what aboug (pxe) vs (tftp) in the configfile command, what is the difference?14:54
RoyKxnox: ftp != sftp, the latter is just ftp-like file transfer over ssh, like rsync or scp. FTP is long dead but some still stick to it, like systems from the ninetees or something15:33
maretxtao sorry i meant ftps,15:34
maretxtao point being i setup vsftpd but I am having a problem to connect to it15:34
marethmm will maybe double check open ports but seems like a config. issue15:35
tewardftp and ftps both have *two* ports necessary for properly speaking, make sure you haveboth ports open (one's a data port and the other's a control port)15:42
tewardand Passive FTP is a pain to get working sometimes if you use firewalls (gotta whitelist a huge section of ports)15:42
xtaothe error you pasted said Permission denied (publickey) which looks like an authentication error with ssh/sftp where it's tried to authenticate using keys and failed. unless that error was nothing to do with it15:46
tewardthat's an SFTP tunneled FTP error, yes.16:03
tewardsftp requires SSH keys, FTP doesn't ;P16:03
patdk-lapftps is likely to never work, due to nat16:06
patdk-lapftps also doesn't use public keys16:06
JanCFTPS can use public keys16:07
JanC(X509 keys)16:10
patdk-lapguess it depends on the ftp server implementation16:12
patdk-lapwould imagine it would be using the x509 naming, client key16:13
mareti see so I should use ftps? and just stick with ftp?16:21
patdk-lapno one should be using ftp, unless you want 0 security16:25
patdk-lapftps is almost impossible to make work16:25
patdk-lapsftp is really the only sane option16:26
tewardftp and ftps are both obsolete16:27
tewardftps is a pain to get working, because NAT.16:27
tewardsftp is really the only sane way.16:27
JanCFTP is okay for anonymous downloads, as it works in most browsers also16:42
UssatWAT !!!!!16:43
UssatFTP is NEVER ok16:43
xtaofirefox ripped out ftp in some recent version. i thought chrome had done so too actually16:45
JanCthat's sad, as there is no real alternative for it16:45
Ussatits still in FF and Chrome, but its NEVER ok16:46
xtaoahhh no they haven't done it yet16:46
xtaoit's scheduled for removal in 202116:46
UssatFTP is nevre never never ok16:46
JanCIIRC they removed gopher at some point16:46
JanCUssat: so what alternative do you have?16:46
Ussatsftp, ftps, scp16:47
JanCcan't do anonymous sftp/scp16:47
Ussatso ?16:47
UssatFTP is never OK'16:48
JanCand FTPS _is_ FTP16:48
sdezielSSH supports anonymous login IIRC16:50
sdezielso anonymous sftp is possible16:51
=== fredl_ is now known as fredl
JanCsdeziel: how would you do that?16:55
sdezielJanC: https://superuser.com/questions/1152645/openssh-server-anonymous-account16:56
JanCright, that was sort of what I was thinking about, but it's not really the same as anonymous FTP (you still need to know what login to use etc.)16:59
JanCand it's not as easy to use obviously (e.g. no browser support)17:01
sdezielJanC: true but web browsers are now actively trying to get rid of FTP17:02
JanCit's sad if there is no good replacement...17:02
JanCmaybe they could implement WebDAV or something instead...17:03
JanCbut that's way more complicated than FTP17:03
ikoniaanonymous ftp is still very much in use/demand17:04
JanCbut it would fit into the everything-over-HTTP-folly17:04
ikoniaI'm still not seeing the everything-over-http demand beyond paper exercises17:05
JanCpretty much all streaming services do streaming over HTTP now, even if it's worse than dedicated streaming protocols17:06
=== ijohnson is now known as ijohnson|lunch
ikoniayeah, that is common, same with api's17:06
JanCit has higher latency, suffers from caching issues (web caches aren't designed for real-time), it's much more complicated to do QoS on it because it's HTTP like everything else, ...17:09
xnoxackk:  so the prefies in the configfile / variable names is whatever $protocol grub things it can use..... i think......17:37
xnoxackk:  i will re-read the source code and come back to you with answers that are usable =)17:38
=== ijohnson|lunch is now known as ijohnson
ackkthanks xnox18:00
jayjo-Is there a reason to prefer VNC or Spice for working with remote VMs with qemu+kvm?22:01
jayjo-From kvm-manager, it seems like the defaults are now for Spice22:01
sarnoldjayjo-: this bug says you can get copy-paste across guest/host and arbitrary resolution if you run a guest agent https://bugs.launchpad.net/ubuntu/+source/spice-vdagent/+bug/120029622:05
ubottuLaunchpad bug 1200296 in ubuntu-meta (Ubuntu) "[MIR] spice-vdagent" [Wishlist,Fix released]22:05
jayjo-I assume that's not available with plain/regular VNC? I am still working on it, but I can connect with VNC, not yet with the Spice defaults22:17
jayjo-is the vdagent a particular qemu guest agent? https://wiki.libvirt.org/page/Qemu_guest_agent22:21
jayjo-or https://wiki.qemu.org/Features/GuestAgent? Using QMP commands?22:22
sarnoldI don't recall seeing copy-paste things across vnc, but I rarely used the graphical interface to vms22:25
sarnoldre the agent, binary package spice-vdagent22:25
compdocjayjo-, you can connect remotely with vnc? what desktop do you use?23:15
=== vlm_ is now known as vlm

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!