=== vlm_ is now known as vlm [06:48] Good morning === cpaelzer__ is now known as cpaelzer === vlm_ is now known as vlm === anton2 is now known as anton [14:06] xnox, hi, I have a grub question. what sets net_default_server and pxe_default_server when grub is downloaded over network (tftp or http) ? are the two vars equivalent? [14:16] ackk: the two variables are not equivalent; grub netboot modules have code to retrieve information from firmware; i.e. poke pxe interface to scrape the dhcp lease from there and populate all of those variables. [14:17] ackk: in suse/rhel/etc. they added non-upstream patch to do similar scrapping from UEFI http to reuse the EFI acquired dhcp lease for these things. [14:17] ackk: but Ubuntu's grub doesn't ship those patches yet to also do the same for http boot. [14:18] xnox, I see. I'm trying to understand why does pxe_next_server gets set on https://bugs.launchpad.net/maas/+bug/1899581, although the machine did get grub over http [14:18] Launchpad bug 1899581 in MAAS 2.8 "MAAS fails to enlist HPE DL380 Gen10 in PXE-HTTP mode" [Medium,Triaged] [14:18] xnox, also, is (pxe) an alias for (tftp) ? I didn't find any reference of it in grub manual [14:22] hello, I am setting up vsftpd server on ubuntu and I am trying to connect to it by IP address via filezilla biut I am get an error Permission denied (publickey).Connection closed when running a command sftp user@ipaddress. I also get an error from filezilla -> failed to retreive directory listing. The error and vsftpd.conf can be seen here [14:22] https://pastebin.com/HU67phx8 [14:23] ackk: the two are orthogonal =) one is boot protocol; the other is file transfer protocol....... one can pxe boot over NFS/FTP/HTTPS/TFTP etc..... [14:23] ackk: and EFI-HTTP boot protocol can happen over HTTP or HTTPS file transfer (but others/more might be added soon, i.e. nvme-over-ethernet) [14:24] ackk: so efi machines; may do either PXE or EFI network boot; and get the files over TFTP/HTTP/HTTPS [14:24] however, some of those combinations currently don't work in our grub =( [14:25] maret: might be wrong about this, but i thought vsftpd was an FTP/FTPS server. sftp is neither of those [14:25] xnox, sure, but IIUC if you "configfile (pxe)/grub/grub.cfg" the server address used by default would be the one set in pxe_default_server, which depends on what happened during network boot? [14:26] (same for (http|tftp)) [14:26] well, execpt it would use net_default_server I guess? [14:46] ackk: true...... but i thought that efi-http patches faked same/similar vars in rhel/suse acutally to make things "still wrok" [14:46] ackk: i think using net_default_server / next_server is the better ones, indeed. [14:54] xnox, what aboug (pxe) vs (tftp) in the configfile command, what is the difference? [15:33] xnox: ftp != sftp, the latter is just ftp-like file transfer over ssh, like rsync or scp. FTP is long dead but some still stick to it, like systems from the ninetees or something [15:34] xtao sorry i meant ftps, [15:34] xtao point being i setup vsftpd but I am having a problem to connect to it [15:35] hmm will maybe double check open ports but seems like a config. issue [15:42] ftp and ftps both have *two* ports necessary for properly speaking, make sure you haveboth ports open (one's a data port and the other's a control port) [15:42] and Passive FTP is a pain to get working sometimes if you use firewalls (gotta whitelist a huge section of ports) [15:46] the error you pasted said Permission denied (publickey) which looks like an authentication error with ssh/sftp where it's tried to authenticate using keys and failed. unless that error was nothing to do with it [16:03] that's an SFTP tunneled FTP error, yes. [16:03] sftp requires SSH keys, FTP doesn't ;P [16:06] ftps is likely to never work, due to nat [16:06] ftps also doesn't use public keys [16:07] FTPS can use public keys [16:10] (X509 keys) [16:12] guess it depends on the ftp server implementation [16:13] would imagine it would be using the x509 naming, client key [16:21] i see so I should use ftps? and just stick with ftp? [16:25] no one should be using ftp, unless you want 0 security [16:25] ftps is almost impossible to make work [16:26] sftp is really the only sane option [16:27] ftp and ftps are both obsolete [16:27] ftps is a pain to get working, because NAT. [16:27] sftp is really the only sane way. [16:42] FTP is okay for anonymous downloads, as it works in most browsers also [16:43] WAT !!!!! [16:43] FTP is NEVER ok [16:45] firefox ripped out ftp in some recent version. i thought chrome had done so too actually [16:45] that's sad, as there is no real alternative for it [16:46] its still in FF and Chrome, but its NEVER ok [16:46] ahhh no they haven't done it yet [16:46] it's scheduled for removal in 2021 [16:46] FTP is nevre never never ok [16:46] IIRC they removed gopher at some point [16:46] Ussat: so what alternative do you have? [16:47] sftp, ftps, scp [16:47] can't do anonymous sftp/scp [16:47] so ? [16:48] FTP is never OK' [16:48] and FTPS _is_ FTP [16:49] ... [16:50] SSH supports anonymous login IIRC [16:51] so anonymous sftp is possible === fredl_ is now known as fredl [16:55] sdeziel: how would you do that? [16:56] JanC: https://superuser.com/questions/1152645/openssh-server-anonymous-account [16:59] right, that was sort of what I was thinking about, but it's not really the same as anonymous FTP (you still need to know what login to use etc.) [17:01] and it's not as easy to use obviously (e.g. no browser support) [17:01] ... [17:02] JanC: true but web browsers are now actively trying to get rid of FTP [17:02] it's sad if there is no good replacement... [17:03] maybe they could implement WebDAV or something instead... [17:03] but that's way more complicated than FTP [17:04] anonymous ftp is still very much in use/demand [17:04] but it would fit into the everything-over-HTTP-folly [17:05] I'm still not seeing the everything-over-http demand beyond paper exercises [17:06] pretty much all streaming services do streaming over HTTP now, even if it's worse than dedicated streaming protocols === ijohnson is now known as ijohnson|lunch [17:06] yeah, that is common, same with api's [17:09] it has higher latency, suffers from caching issues (web caches aren't designed for real-time), it's much more complicated to do QoS on it because it's HTTP like everything else, ... [17:37] ackk: so the prefies in the configfile / variable names is whatever $protocol grub things it can use..... i think...... [17:38] ackk: i will re-read the source code and come back to you with answers that are usable =) === ijohnson|lunch is now known as ijohnson [18:00] thanks xnox [22:01] Is there a reason to prefer VNC or Spice for working with remote VMs with qemu+kvm? [22:01] From kvm-manager, it seems like the defaults are now for Spice [22:05] jayjo-: this bug says you can get copy-paste across guest/host and arbitrary resolution if you run a guest agent https://bugs.launchpad.net/ubuntu/+source/spice-vdagent/+bug/1200296 [22:05] Launchpad bug 1200296 in ubuntu-meta (Ubuntu) "[MIR] spice-vdagent" [Wishlist,Fix released] [22:17] I assume that's not available with plain/regular VNC? I am still working on it, but I can connect with VNC, not yet with the Spice defaults [22:21] is the vdagent a particular qemu guest agent? https://wiki.libvirt.org/page/Qemu_guest_agent [22:22] or https://wiki.qemu.org/Features/GuestAgent? Using QMP commands? [22:25] I don't recall seeing copy-paste things across vnc, but I rarely used the graphical interface to vms [22:25] re the agent, binary package spice-vdagent [23:15] jayjo-, you can connect remotely with vnc? what desktop do you use? === vlm_ is now known as vlm