=== denza^242 is now known as denza252
=== llanhmod is now known as Guest1468
=== llanhmod_ is now known as llanhmod
=== teal-tabbycat is now known as tealtabbycat
[02:27] <gneeriiloeepdeer> im upgrading to 22.04 and Im stucked with firefox snap update. Terminal reads: Installing the firefox snap but its been like that for 5 minutes already. Is there something wrong?
[02:27] <gneeriiloeepdeer> no more output. Just that line
[02:27] <Crucifyy> mine hung there for like 15 min
[02:28] <Crucifyy> i walked away after 10 and came back in 30 and it was g2g
[02:28] <ravage> gneeriiloeepdeer, from 20.04 ?
[02:29] <gneeriiloeepdeer> 21.10
[02:29] <jhutchins> Firefox is 20 years old this year.
[02:29] <ravage> i know that there is/was a bug related to snap and dbus. that hangs forever. give it some time
[02:30] <gneeriiloeepdeer> why did they move to snap?
[02:30] <ravage> the official statement is that mozilla asked for it
[02:30] <wez> snap is terrible though :(
[02:30] <wez> When are they going to fix it up?  Get rid of squashfs for one
[02:31] <ravage> wez, it is what it is. if you want to discuss please do so in #ubuntu-discuss
[02:31] <llanhmod> I think .NET is also 20 years old.
[02:31] <wez> ravage: ah yes, I forgot about that channel.
[02:51] <hypoon> Quick question, because I'm not an Ubuntu native. A friend is running Ubuntu. "vi" starts vim, but "vim" does not. Is this normal / expected behavior?
[02:54] <ravage> vim should work too
[02:55] <ravage> sudo update-alternatives --list vim
[02:55] <ravage> should show a link to vim.basic
[02:55] <lotuspsychje> !info vim-gtk
[02:55] <ubottu> vim-gtk (2:8.2.3995-1ubuntu2, jammy): Vi IMproved - enhanced vi editor (dummy package). In component universe, is extra. Built by vim. Size 9 kB / 211 kB
[02:56] <ravage> you can try to set the link with "sudo update-alternatives --auto vim"
[02:56] <lotuspsychje> or does he need this?
[02:56] <ravage> the vim package provices the link to vim, vi, vimdiff, rvim, rview, view and ex
[02:57] <hypoon> It says, "update-alternatives: error: no alternatives for vim"
[02:57] <lotuspsychje> ah ok ravage
[02:57] <ravage> hypoon, does /usr/bin/vim.basic exist?
[02:57] <ravage> maybe try "sudo apt --reinstall install vim-runtime vim"
[02:58] <gneeriiloeepdeer> I accidentally clicked to not install the newest privoxy config file, but to keep my configuration. This shouldn't be a problem, correct? Or should I purge, install the newest privoxy from scratch and then modify the file as I want?
[02:58] <hypoon> This is not a big deal, I just was telling him that "vi" is provided by "vim", and that either command will take you to the same place. He said "vi" works but "vim" does not, which surprised me,
[02:59] <ravage> gneeriiloeepdeer, you will find the maintainer version in the same directory as your old config file
[02:59] <hypoon> He has /usr/bin/vim.tiny, but no other entries containing "vim" in /usr/bin.
[03:00] <ravage> then he installed vim-tiny and not the complete one
[03:00] <ravage> it may not create the vim link
[03:00] <hypoon> He doesn't remember installing it at all.
[03:01] <hypoon> I'm figuring it might have been pulled in as a dependency for something else.
[03:02] <ravage> let him run "sudo ln -s /usr/bin/vim.tiny /usr/bin/vim"
[03:02] <ravage> and he should be fine for now
[03:02] <enigma9o7[m]> vim tiny is installed by default, its a posix requirement to have some vi, and thats the package ubuntu includes by default
[03:02] <hypoon> That makes sense
[03:03] <hypoon> Thank you both for the clarification!
[03:03] <ravage> i think the vim link is not there because its not a complete version
[03:03] <ravage> so its more like vi :)
[03:05] <hypoon> ravage: That kinda makes sense, too.
[03:10] <enigma9o7[m]> I have a home network with several linux computers, including debian, ubuntu, and a couple other deriivities.  Sometimes, when I ssh from one to another, I can just `ssh hostname` and sometimes that fails and i have to `ssh hostname.local` and that works.  But sometimes netiehr works and I have to `ssh ip.ip.ip.ip` the long way.  I've never figured out why, anyone know?  I have a jammy machine is one that is requiring me to use the
[03:10] <enigma9o7[m]> numeric IP instead of the name and thats annoying, I'd like to use hostname....
=== brentaarnold_ is now known as brentaarnold
[03:24] <Sven_vB> hi :)
[03:27] <Sven_vB> If Ubuntu users discover a problem with Ubuntu's debmirror that might be fixed in my fork of it, what would be a good way to inform them that my fork exists?
[03:29] <ravage> if the problem is a bug then "ubuntu-bug debmirror"
[03:32] <ravage> but im almost sure that its excatly the version debian uses. so you may also directly try to get your fixes included there
[03:32] <Sven_vB> I'll try and see what that would do.
[03:34] <Sven_vB> yeah, that would be another way I could try
[04:01] <enigma9o7[m]> What would be even better would be to PR as high upstream as you can....
[04:01] <enigma9o7[m]> If your fork fixed it, and you know what the fix is, PR it to debian or better yet the project itself...
[04:49] <Macer> hm
[04:49] <Macer> so i set up nextcloud with a letsencrypt cert.. works fine in firefox. but ubuntu doesn't seem to like it much
[04:49] <Macer> for instance when the files app tries to access it (to mount) ubuntu gives a verification error
[04:54] <Macer> verified by R3 .. hm
=== ssh0732 is now known as ssh073
[05:36] <grumbler> grumbler
[05:38] <awayand> hey grumbler
[05:39] <grumbler> grumbler are you there
[05:39] <awayand> grumbler are you there
[05:40] <awayand> grumbler wassup
[06:06] <Macer> hm. i just stopped using the built in sync
[06:06] <Macer> and installed the desktop applet from the repo
[06:06] <Macer> no issues there it seems. i guess maybe ubuntu just doesn't play well with the nextcloud integration + letsencrypt
[06:31] <nonix4> $ sudo -H -u gdm gsettings set org.gnome.settings-daemon.plugins.power sleep-inactive-ac-type 'interactive' # -> Failed to execute child process “dbus-launch” # ... is dbus-x11 needed by wayland?
[06:43]  * enigma9o7[m] uploaded an image: (439KiB) < https://libera.ems.host/_matrix/media/r0/download/matrix.org/XUbqjHthjwgTtMkwbdBEbyiS/Screenshot%20from%202022-04-30%2023-42-36.png >
[06:43] <enigma9o7[m]> there's like almost a thousand packages, some im not fami liar with
[06:47] <alkisg> There are 60.000 packages, if you know 59.000 and just miss 1.000 you're awesome :D
[06:48] <enigma9o7[m]> Well I got 846, but really i dunno wtf they all are.
[06:48] <enigma9o7[m]> That seems like sooooooooooooooooooo many.
[06:49] <enigma9o7[m]> And then, 59k more, well I dunno thats just mindblowing.
=== diskin_ is now known as diskin
[07:18] <epigramx> Does anyone know how to debug, I had set up on ubuntu server: netplan / networkmanager for wifi to automatically connect, but now it doesn't without any settings changed?
[07:49] <epigramx> Hrm it required a reboot.
[07:49] <epigramx> That sounds like a bug because it never asked for a reboot at login.
[07:55] <epigramx> most probably related to the linux-firmware update of 22.05 (messages like "fwupd-refresh.service: Failed with result 'exit-code'." and after the reboot they stopped)
[07:55] <epigramx> 20.04 lts*
[08:05] <jenshae> Hello everyone. I am trying to migrate from a large HDD to a smaller SSD. How do I "dd" a boot sector + partition to a new drive?
[08:10] <EriC^^> jenshae: can you share the output of 'sudo parted -ls' ?
[08:11] <jenshae> I think I might have just found what I am looking for: https://unix.stackexchange.com/questions/111895/copy-mbr-and-boot-partition-to-a-smaller-disk
[08:11] <jenshae> MBR wasn't in my search phrase.
[08:18] <jenshae> Cheers o7
[09:22] <Jono> Hi Team, is anyone able to help me? I am trying to download emails via TLS on gmail. On Exim2 error 2022-05-01 19:46:13 TLS error on connection from [212.xx.xx.72] (cert/key setup                                                                                        : cert=/etc/letsencrypt/live/mail.xxx.co.nz/cert.pem key=/etc/letsencr                                                                                        ypt/live/mail.xxx.co.
[09:22] <Jono> nz/privkey.pem): Error while reading file.
[09:25] <Jono> I check the file owner lrwxrwxrwx 1 root mail  48 May  1 11:06 cert.pem
[09:25] <ravage> also check the path
[09:25] <Jono> Path is correct
[09:26] <ravage> path permissions
[09:30] <Jono> Yeah this is where I get confused. lrwxrwxrwx is that OK or does it need to be changed? I can't change it everytime I try chmod 400  cert.pem
[09:30] <Jono>  for example nothing happens, are you saying I need to change all the path permissions also before I can chmod the actual file? (Ive been trying to sort this for 3 hours now so I appreciate the help)
[09:32] <Jono> lrwxrwxrwx 1 root mail  48 May  1 11:06 cert.pem -> ../../archive/mail.xxx.co.nz/cert2.pem
[09:32] <Jono> lrwxrwxrwx 1 root mail  49 May  1 11:06 chain.pem -> ../../archive/mail.xx.co.nz/chain2.pem
[09:32] <Jono> lrwxrwxrwx 1 root mail  53 May  1 11:06 fullchain.pem -> ../../archive/mail.xx.co.nz/fullchain2.pem
[09:32] <Jono> lrwxrwxrwx 1 root mail  51 May  1 11:06 privkey.pem -> ../../archive/mail.xx.co.nz/privkey2.pem
[09:32] <Jono> Currently reads like that
[09:32] <ravage> if your exim user is now allowed to access /etc/letsencrypt/live/ for example then it does not matter how you set permissions on single files in one of the subdirs
[09:33] <ravage> so at least set a+x on all dirs to /etc/letsencrypt/live/mail.xxx.co.nz
[09:34] <Jono> so what would be the command for that? user is root:mail?
[09:34] <ravage> the user does not really mattwe
[09:34] <ravage> matter
[09:34] <Jono> root:root has access from what I can see
[09:34] <ravage> chmod a+x /etc/letsencrypt;chmod a+x /etc/letsencrypt/live/;chmod a+x /etc/letsencrypt/live/mail.xxx.co.nz
[09:35] <ravage> your mail server does not run as root (i hope)
[09:35] <ravage> oh and those are links
[09:35] <ravage> so also set it for the archive and subdir
[09:38] <BlackMage> i have problems with google-chrome 79.0.3945.88: after the upgrade to ubuntu 22.04 the browser display only "Aw, Snap!" pages
[09:38] <BlackMage> config cleared, browser reinstalled
[09:38] <BlackMage> problem persists
[09:39] <ravage> BlackMage, chrome comes directly from google. it is not an Ubuntu package. Also the version looks very old.
[09:39] <BlackMage> i have GLX version: 1.4
[09:40] <ravage> the current stable version of google-chrome is 101
[09:40] <BlackMage> old versions not supported? :(
[09:41] <ravage> why would you run a browser with known vulnerabilities?
[09:41] <BlackMage> just for testing
[09:41] <ravage> good luck :)
[09:42] <BlackMage> it seems glx api have changed
[09:44] <pikapika> what was the default tts program in ubuntu
[09:44] <pikapika> I forgot what it was
[09:44] <pikapika> I remember turning it on by mistake once
[09:46] <Jono> I ran both chmod a+x /etc/letsencrypt/archive/; chmod a+x /etc/letsencrypt/archive/mail.xxx.co.nz/
[09:46] <Jono> chmod a+x /etc/letsencrypt;chmod a+x /etc/letsencrypt/live/;chmod a+x /etc/letsencrypt/live/mail.xxx.co.nz
[09:46] <Jono> still cannot connect
[09:47] <BlackMage> where is the xorg.conf saved?
[09:47] <Jono> now pop3 also stopped working.
[09:49] <Jono> any ideas @revage?
[09:50] <Jono> pop3 was working before I made the last change is there a way to revert the command?
[09:54] <ravage> certbot has a post hook. write a script that copies your cert where you need it and set the right owner on the copy
[09:55] <ravage> for testing copy it manually and set permissions
[09:55] <ravage> for exim the cert usually is in /etc/exim somewhere
[09:56] <ravage> https://stack-source.com/2020/01/22/configure-lets-encrypt-certs-for-use-by-multiple-services/
[09:56] <ravage> as a reference
[10:09] <global_elites> my name is john smith but when installing i used a typo and out john smoth - annoying to see this on my login screen. how can I change this?
[10:10] <global_elites> *put john smoth
=== dionysus70 is now known as dionysus69
[10:12] <pikapika> whats the default tts package
[10:12] <pikapika> in 18.04
[10:19] <ravage> global_elites, Settings -> Users
[10:19] <pikapika> espeak is apparently already installed
[10:23] <rdr> so i swapped from MATE to vanilla Ubuntu, now i'm trying ot edit my crontab, it's looking for /bin/sh -> "tilde" which is no longer installed.  How would I change this to the right variable? it doesn't seem to be x-terminal-emulator or editor in update-alternatives
=== dionysus70 is now known as dionysus69
[10:24] <ravage> the path is /usr/bin/sh
[10:24] <pikapika> oh, nice tool. Looks like it can emit a wav stream of the narration to a file
[10:24] <rdr> /bin/sh: 1: tilde: not found
[10:24] <ravage> no idea where that "tilde" comes from
[10:24] <ravage> that should not be there
[10:26] <ravage> if it is a tool you want to call then maybe "sudo apt install tilde"
[10:26] <ravage> seems to be a text editor
[10:26] <rdr> ohhhh sorry
[10:26] <rdr> that's my zshrc doing that
[10:26] <rdr> i used to use it
[10:27] <rdr> but for some reaosn thought it was tilda, a terminal emulator
[10:27] <rdr> thanks for the help
[10:27] <ravage> :)
[10:28] <rdr> and now i remember this great little editor :D
[10:37] <Sky-Dancer> SELAM
[10:41] <mirage_> aleyküm sleam
[10:41] <mirage_> selam
[10:42] <peirik> How can I change view modes in file selections dialogs? Like this one: https://i.imgur.com/tvXyIz4.png
[10:42] <peirik> When I'm browsing for images I'd really like to see larger thumbnails for instance
[10:44] <mirage_> peirik, just mark all file with cntrl+a and after still press cntrl button and move the scroll wheel from your mouse
[10:47] <peirik> mirage_: that works in a normal file explorer windows in nautilus, but not in file selection dialogs openend from other programs (like "Save as...", "Browse..." etc.)
[10:56] <rdr> peirik: that is an open bug for 18 years now, someone is working on it now (xdg-portal-gnome) integrating it with Nautilus.  There have been patches for GTK Filepicker but they have been rejected due to performance issues
[10:57] <rdr> Kubuntu (i.e. KDE) has a different filepicker with thumbnails, but it can be slow, sometimes fials to loads thumbnails, and doesn't load all thumbnails that Dolphin does
[10:59] <peirik> rdr: jesus, 18 years? 😯
[11:00] <rdr> https://wiki.installgentoo.com/images/7/75/Filepicker-new.png
[11:00] <peirik> well then, never mind i guess 😕
[11:00] <rdr> it's actually worse at the moment because it's a work in progress, and we don't even have a side thumbnail
[11:00] <rdr> but what I do on GNOME is open a Nautilus (Files) window and drag the file into the open dialog
[11:01] <rdr> unlike windows, it doesn't copy the file to that folder, it selects the file you drag
[11:01] <peirik> hm 🤔
[11:02] <rdr> you can usually also drag it directly into the upload box without opening a dialog, but that can be hit or miss (sometimes you miss and it opens the image in the tab instead)
[11:02] <peirik> cool, thats a workaround I guess 🙃
[11:02] <Jono> nginx: [emerg] cannot load certificate "/etc/letsencrypt/live/mail..co.nz/fullchain.pem": PEM_read_bio_X50
[11:02] <Jono> my whole site went down
[11:02] <peirik> Thanks rdr 👍️
[11:03] <Jono> I changed premissions earlier, now I dont know what to change them back to?
[11:06] <rdr> Jono: uh oh, let's see what the folder should be
[11:06] <rdr> https://community.letsencrypt.org/t/recommended-permissions-on-files-distributed-by-lets-encrypt/104266
[11:07] <Jono> live/ this one is the issue
[11:07] <Jono> Can I go
[11:07] <Jono> chmod drwx------ live/
[11:07] <Jono> if im in the /etc/letsencrypt/
[11:08] <Jono> will that work?
[11:08] <rdr> i believe you have to use numbers
[11:08] <Jono> ok
[11:08] <Jono> do you know what the numbers would be for that?
[11:08] <rdr> https://wintelguy.com/permissions-calc.pl
[11:10] <rdr> you can do ls -al to see current permissions
[11:11] <rdr> and then it *should* be as simple as "chmod -R 700 live/" but this can be dangerous
[11:11] <rdr> as you probably know from messing it up in the first place :D
[11:11] <rdr> the -R flag is recursive, but it might be -r
[11:11] <rdr> i forget
[12:29] <BluesKaj> Hi all
[12:45] <glick> hi
[12:45] <glick> how can i see what files are installed where when i apt install a package?
[12:52] <alkisg> dpkg -S package
[13:02] <thrice> dpkg -L package
[13:18] <jhutchins> alkisg: -S is "source for this file".
[13:24]  * filename is now known as normalhuman
=== elton is now known as Tron
[14:03] <jhutchins> I see that my ancient (lenny?) server's AVG anti-virus files are dated 2018.  The avg site just automatically downloads a Windows installer, there's no path to any Linux support.
[14:03] <jhutchins> Is there a functional anti-virus for linux these days? (ClamAV doesn't count.)
[14:03] <jhutchins> (This would apply to an Ubuntu replacement.)
[14:04] <cbreak> you don't like clamav?
[14:04] <jhutchins> cbreak: Correct, I've run it.  The main thing it provides is evidence that you're running a scanner for the auditors.
[14:05] <cbreak> sounds like it fulfills the main purpose of an AV then
[14:05] <jhutchins> It can also be used to provide evidence that you need new hardare.
[14:05] <jhutchins> hardware.
[14:06] <jhutchins> I suppose the best strategy is to run something on the Windows clients rather than the server that hosts Windows files.
[14:07] <cbreak> I suppose switching the clients to something better isn't viable? :D
[14:07] <cbreak> A quick internet search did indicate that there are some commercial offerings for linux, but you've probably done the same search
[14:08] <jhutchins> cbreak: Not really.  They need Word Perfect for some legal jurisdiction's filings, and retraining them on a new OS is a bit of a stretch.
[14:09] <cbreak> ah, historic software
[14:09] <Macer> does clamav not function? heh
[14:09] <jhutchins> I keep telling them that one of these days the power's going to go out (it does so reguloarly) and the server isn't going to come back, but they keep deferring anything new.
[14:09] <Macer> jhutchins: then let it die on them :)
[14:10] <jhutchins> Marz: Well, it functions in that it proves that you're running a scanning program.
[14:10] <cbreak> no UPS?
[14:10] <cbreak> I have like three of those and I'm at home...
[14:10] <Macer> jhutchins: i get that much but are the signatures invalid or something?
[14:10] <Macer> last i checked the clamav signatures are rather up to date. it's been a while though so i could be wrong
[14:10] <jhutchins> cbreak: I wouldn't bet my pacemaker on the battery.
[14:10] <Macer> there's always option b. just move off of windows completely :)
[14:11] <Macer> UPS is just meant for a graceful shutdown anyways
[14:11] <cbreak> might be possible to virtualize the required program
[14:11] <jhutchins> Macer: Not really an option.  If I can't upgrade the server, I certainly can't migrate their OS.
[14:11] <cbreak> but that's not trivial for most end users to handle
[14:12] <Macer> jhutchins: probably mostly because most linux distros aren't very certified. plus you'd have to deal with stupid users who are brain washed into windows even though most modern linux interfaces are just as intuitive if not even better
[14:12] <Macer> and i guess niche windows only software that companies bought like 20 years ago that MUST function
[14:12] <jhutchins> cbreak: This is for two users.  Not really even worth maintaining a server.  I was planning on replacing it with a thumb drive, but I got complaints about it being different.
[14:13] <jhutchins> Macer: There are legal jurisdictions that require a specific document format, and support for exporting to WordPerfect has been intermittent over the years.
[14:13] <Macer> exporting to wordperfect? LOL
[14:13] <Macer> wow
[14:13] <Macer> jhutchins: i figured nowadays nearly everything was pdf
[14:14] <cbreak> pdf sucks as an intermediate format
[14:14] <jhutchins> Macer: I think it's mostly MSWord for this level of filing.
[14:14] <jhutchins> cbreak: It's supposed to be a final format.
[14:14] <Macer> cbreak: well i mean it would be the final
[14:14] <Macer> yah
[14:14] <jhutchins> People keep trying to edit it though.
[14:14] <cbreak> word perfect as final format? :O what were they thinking
[14:14] <Macer> cbreak: pdf afaik
[14:14] <Macer> heh
[14:15] <jhutchins> We're getting pertty off topic here, my question was is there any AV for Ubuntu.
[14:15] <Macer> haha
[14:15] <Macer> i still say clamav is suitable
[14:15] <jhutchins> cbreak: They bucked the Microsoft trend - a noble cause at the time.
[14:15] <cbreak> jhutchins: well, the duckduckgo gave me some pointers, like mcafe, or sophos, but ... not free
[14:16] <jhutchins> Macer: I won't put the effort into installing and running something that provides no benefit.  I'm the only auditor.
[14:16] <jhutchins> cbreak: I get lots of hits for AVG, but no downloads.
[14:16] <jhutchins> (Except for Windows)
[14:17] <Macer> i don't understand how clamav doesn't provide any benefit. maybe i'm missing something here.
[14:20] <Macer> i need to hunt down why letsencrypt doesn't work with the integrated ubuntu nextcloud stuff
[14:20] <Macer> but the nextcloud desktop applet works just fine and sort of does mostly the same thing
[14:20] <Macer> without spitting out a cert error
=== diskin_ is now known as diskin
[14:24] <Tron> hello
[14:33] <Tron> ola, alguem do brasil ou que fale portugues?
[14:34] <oerheks> !pt
[14:34] <ubottu> Por favor, use #ubuntu-br para ajuda em português. Para entrar no canal por favor faça "/join #ubuntu-br" sem as aspas. Para a comunidade local portuguêsa, use #ubuntu-pt. Obrigada.
[14:34] <Tron> tks
=== diskin is now known as Guest7501
=== diskin_ is now known as diskin
[14:40] <jhutchins> !doesn't work
[14:40] <ubottu> Please elaborate; your question or issue may not seem clear or detailed enough for people to help you. Please give more detailed information; for example, we might need errors, steps, relevant configuration files, Ubuntu version, and hardware information. Use a !pastebin to avoid flooding the channel.
[14:40] <jhutchins> Macer: What did you try to do?  How did you try to do it?  What did you expect to happen?  What happened instead?
[14:55] <rpnx> Hello, I found a problem with Ubuntu 20 LTS,  there seems to be a denial of service attack zero day against the sshd
[14:55] <rpnx> I'm not sure what they're doing, but they seem to be able to hang the ssh daemon with very little network traffic
[14:55] <rpnx> I was able to mitigate it by changing the port number that my ssh was exposed on
[14:56] <rpnx> However, I'm a bit concerned, how could I gather information about this attack to find out how/why the ssh daemon is hanged?
[14:57] <rpnx> An interesting thing about this attack is that it also seems to make samba unresponsive
[14:57] <rpnx> So I am wondering if this could be a kernel level exploit
[14:57] <rpnx> Although I'm assuming it's more likely some shared resource that's being abused
[14:59] <defiant> hey, is anyone else getting hiccups on VLC player in 20.04? When I leave VLC playing an internet radio overnight it often stops playing. The debug output says pulse audio underflow.
[15:00] <rpnx> https://pastebin.com/qqwVYNTG
[15:00] <rpnx> you can see I'm only getting 1 login attempt per 30 seconds ish
[15:00] <rpnx> But when I change the external port forward, I can log into the box
[15:01] <rpnx> On the other hand, if I leave the port set at 22 for server 1, then I cannot log into that server from LAN or WAN
[15:01] <rpnx> Samba also fails
[15:01] <oerheks> rpnx, i see only 2 ip adresses trying.
[15:02] <oerheks> !fail2ban
[15:02] <rpnx> I am already using fail2ban
[15:02] <rpnx> Those are just the recent ones they are using
[15:03] <rpnx> But I don't think this denial of serivce is from just sending many login requests
[15:03] <rpnx> Status for the jail: sshd
[15:03] <rpnx> |- Filter
[15:03] <rpnx> |  |- Currently failed:	9
[15:03] <rpnx> |  |- Total failed:	8168
[15:03] <rpnx> |  `- File list:	/var/log/auth.log
[15:06] <rpnx> Anyway, there is 15 banned IP only
[15:07] <rpnx> 8168 failed in the fail2ban status, which isn't that many
[15:07] <rpnx> I think somehow they are leaving connections open
[15:08] <rpnx> Or in some other way tricking sshd into abusing resources
[15:09] <rpnx> I am sure there is some kind of denial of service because if I disconnect the WAN or change the port then loggin into the server seems to work fine
[15:09] <rpnx> But I'm not sure how it works
[15:09] <rpnx> Any suggestions for gathering this information?
[15:09] <oerheks> use hosts.allow and hosts.deny ? https://docs.rackspace.com/support/how-to/restrict-ssh-login-to-a-specific-ip-or-host/
[15:09] <oerheks> that saves some trouble
[15:10] <rpnx> That wont work because I need to be able to ssh into this server from random locations
[15:10] <rpnx> 514 IPs that have been banned by fail2ban so far and only 24 hours have past
[15:11] <rpnx> and each time ips are banned they just use new ones
[15:11] <cbreak> I hope you disabled password login
[15:12] <rpnx> I don't but the password has enough entropy I don't think it can be guessed by these bots
[15:12] <rpnx> I am not concerned about the login succeeding
[15:13] <oerheks> a proper certificate would do too, without password login
[15:13] <oerheks> i see no help for your situation then.
[15:13] <rpnx> Why would that protect against DOS attack?
[15:14] <rpnx> I thought certificates are for preventing brute force guess attacks
[15:14] <rpnx> Am I running out of randomness or something?
[15:15] <rpnx> Since this server has a Ryzen processor and ddr4 ecc memory, I would think it would be able to handle a few login attempts
[15:15] <rpnx> this isn't a raspberry pi, I think they are using an exploit for denial of service
[15:17] <rpnx> That's why I want to know if there's a good way to gather information about the logins so that I can report a bug in sshd
[15:18] <rpnx> I have seen other servers handle many thousands of login requests with no issue
[15:18] <oerheks> Why do you think there is a bug in sshd? disabling password and using certificates could speed up the check.
[15:18] <oerheks> or try cloudflare?
[15:19] <rpnx> oh... is it using argon now or some slow hash instead of a fast sha256?
[15:19] <rpnx> that could explain
[15:25] <gneeriiloeepdeer> since I upgraded to 22.04, each time I start firefox a temp directory appears in my downloads dir. Is this normal?
[15:25] <ogra> yes
[15:26] <ogra> gneeriiloeepdeer, https://forum.snapcraft.io/t/changing-temp-directory-of-firefox-snap/29686
[15:28] <gneeriiloeepdeer> firefox took longer to start after upgrading. Is this going to be the new normal, or is it just a one time event?
[15:29] <oerheks> only the first start takes a bit longer.
[15:29] <gneeriiloeepdeer> thanks
[15:30] <cbreak> that seems like a weird thing to do
[15:34] <ioria> i'am afraid it would be so each reboot
[15:34] <ogra> on first start ...
[15:34] <ioria> yes
[15:35] <oerheks> independent check for snap updates
[15:35] <lbracher> Hello! There's something weird happening with my second monitor, I can see it when I issue the command xrandr and I also see it on Screen Configurations, but I keep having the message "Cable Not Connected" on the monitor screen. Could anybody help me with this? Thanks in advance!
[15:38] <oerheks> lbracher, is this a desktop or laptop?
[15:38] <lbracher> oerheks, laptop, with a VGA monitor attached
[15:38] <oerheks> if laptop, do you see/have a FN key + screen internal/external/both?
[15:39] <lbracher> Yes, I tried to change it from "side by side" to "mirrored" and back. Nothing happens.
[15:40] <ravage> he meansa physical button. usually used in combination with a special key like FN
[15:41] <lbracher> ravage, yes, I tried it.
[15:43] <ravage> lbracher, any drivers available in "Additional Drivers" ?
[15:45] <lbracher> ravage, no. And strangely, this same monitor was perfectly working 3 months ago.
[15:45] <ravage> could it just be a broken cable?
[15:46] <lbracher> Oh, I made it. I just changed the resolution and the image came. Thanks for the ideas! :)
[15:46] <ravage> that is an off error message then
[15:46] <ravage> it should say out of sync or anything
[15:48] <lbracher> Yes, this is weird.
[15:48] <lbracher> Anyway, now it's working! Thanks! :)
[15:57] <jhutchins> We get a lot of credit for accidental solutions.
[15:59] <oerheks> jhutchins, +2
[16:00] <oerheks> or: how do i ... oh, found it!
[16:01] <jhutchins> Works for me.
[16:06] <pelle4> Transmission is lacking speed @ubuntu 18.04, Transmission 3.0
[16:08] <pelle4> My internet connection works fine on a windows computer with qbittorrent but trans mission and ubuntu will not do even 50 kb/s
[16:10] <coz_> pelle4, I am on a different dosribution at the moment, Fedora, works fast here, I assume it's an Ubuntu issue
[16:10] <ioria> i don't think Transmission is 3 on 18.04
[16:11] <pelle4> I tried another bittorrent (Orion) but no difference
[16:11] <ioria> !info transmission bionic
[16:11] <ubottu> 'bionic' is not a valid release
[16:12] <pelle4> @ioria it says 3.0
[16:12] <ioria> maybe, but it's not :   apt-cache policy transmission
[16:12] <ioria> but it's not the point
[16:13] <pelle4> So, what do I have to do?
[16:17] <ioria> pelle4, if you got the same result with other torrent clients, i'd ay the problem is 'that' torrent
[16:17] <ioria> *say
[16:17] <pelle4> I've tried with other torrents with the same result. With my windows 10 and qbittorrent it works
[16:21] <ioria> pelle4, then is a problem with your network drivers
[16:29] <pelle4> I manage to watch web-television so I think it's related to transmission
[16:33] <ogra> well, the transmission version in 18.04 is 2.92 ... how did you get 3.x ?
[16:33] <Guest87> Hi, everybody. Recently I was curious about how to hardening my workstation a little bit. So I want to configure this like: Software RAID(1) -> LUKS -> LVM. I found guide https://help.ubuntu.com/community/Full_Disk_Encryption_Howto_2019 but it is outdated. Anyone made similar configuration and is able to answear a few question?
[16:36] <pelle4> Ogra I did'n't do anything special. Today i've deleted Transmission and reinstalled and it says 3.0
[16:38] <jhutchins> pelle4: I assume you're testing the same torrent, and that Orion is a different client, right?
[16:40] <enigma9o7[m]> Why not just use qbittorrent anyway, the built in search is quite useful.
[16:44] <cbreak> transmission is the best
[16:44] <cbreak> I use it inside an lxc container in daemon mode
[16:45] <enigma9o7[m]> ah well ok i didn't realize that
[16:46] <cbreak> pelle4: have you checked if there are any issues with port forwarding / firewall rules?
[16:47] <cbreak> and have you checked with other content? like this torrent: https://releases.ubuntu.com/22.04/ubuntu-22.04-desktop-amd64.iso.torrent
[16:48] <tomreyn> Guest87: what is outdated about the 2019 guide? which questions do you have?
[17:02] <freakyy85> I love ubuntu
[17:02] <freakyy85> :D
[17:03] <ogra> ubuntu loves you too !
[17:03] <freakyy85> yay ^^
=== root is now known as Guest3414
[17:38] <pelle4> cbreak trying your torrent now
[17:39] <pelle4> and it is slow, 50 kb/s
=== diskin_ is now known as diskin
=== NoSQL is now known as SQL
[18:17] <ksx4system> is there a way to monitor Bluetooth audio sink bitrate in real time?
[18:19] <enigma9o7[m]> probably, but you'd have to have an understanding of how the driver works to write software for that.
[18:20] <jhutchins> I have a server I need to remotely lock down to what would have been runlevel1, no networking, (single user).  What's the equivalent target for systemd?  The docs I find are suspiciously old.
[18:26] <ravage> https://fedoraproject.org/wiki/SysVinit_to_Systemd_Cheatsheet says runlevel1.target
[18:26] <ravage> same as rescue.target
[18:29] <Chalky> Excuse me where, do I go to discuss some minor issues I am having with Ubuntu 22.04?
[18:31] <ravage> if you have a support question then here. if you want to discuss a general topic then #ubuntu-discuss
[18:38] <Chalky> Lets give it a go.  After upgrading to Ubuntu 22.04 I have lost my wireless connection.  The netplan folder exists but with very little in it.  I am using an old Dell desk with a wireless dongle attached.  I was hoping there would be an installation program avialalbe to reinstall the netork. It all worked before on 21.10.  Had trouble setting that up to but got their in the end.  Searched the web high and low but not found anything to solve this problem as
[18:38] <Chalky> yet.
[18:39] <jhutchins> ravage: Yeah, I saw that and I was suspicious.  Initially all of the runlevels were runlevelX.target, but most have functional names now.
[18:40] <jhutchins> "single" supposedly still works.
=== Guest91 is now known as HAL2000
[18:42] <HAL2000> is it possible to dual boot Windows 11 and Ubuntu with boot encrypted? If so anyone can point to a good guide?
[18:51] <jhutchins> HAL2000: What's your threat model?
[18:59] <juopl> Hi
[18:59] <juopl> Is there no stable Wine version for ubuntu?
[19:00] <ravage> juopl, define stable. jammy comes with https://packages.ubuntu.com/jammy/wine
[19:00] <HAL2000> jhutchins: I'm not sure what you mean with that term exactly, AFAIK with unencrypted boot it is possible to compromise the boot sequence since the kernel and initramfs can be modified/patched without me knowing
[19:01] <juopl> I installed it from the software center but it doesnt show anywhere
[19:01] <juopl> Says its installed but its not visible
[19:01] <mybalzitch> juopl: there is https://wiki.winehq.org/Ubuntu direct from winehq
[19:02] <ravage> juopl, wine is mostly command line. so open a terminal and type "wine"
[19:03] <kostkon> juopl, it's not a program with/that opens windows (excuse the pun) per se. You mostly use it from the cmd
[19:03] <kostkon> oh 2nd person to say the same
[19:04] <juopl> https://pastebin.com/u7RiqkA0
[19:04] <juopl> This is the output I get when trying to install WIne via WIneHQ
[19:05] <WeeBey> Hi frens. I think I need to add something to grub to fix my suspend issues.
[19:06] <ogra> HAL2000, the normal install process should just detect windows and that there is secureboot enabled and do the right thing ... i dont think yu eed any special guide (canoncal pays for having the secureboot keys signed by microsoft so parallel installs are possible)
[19:06] <WeeBey> Oh wait, it's still in /etc/default/grub right? never mind.  UGh these suspend issues. :-(
[19:06]  * ogra throws some spare vowels into the sentence he just wrote before
[19:09] <HAL2000> ogra: I tried but I the installer doesn't even give the option to use LVM in the first place, let alone encrypt my boot partition
[19:10] <fengshaun> how do I disable compositing in gnome on ubuntu 21.10? steam games play at 5fps and on xfce they play >60fps
[19:10] <ogra> HAL2000, the should give you the option to "install alongside windows" and then just DTRT
[19:10] <ogra> s/the/it/
[19:11] <HAL2000> ogra: maybe I should select USB booting from windows itself of turn of bitlocker for that to work
[19:13] <jhutchins> HAL2000: How does the miscreant gain access to the un-booted (hence un-decrypted) system to accomplish this attack?
=== evanextreme is now known as evanextreme[away
=== evanextreme[away is now known as evanextreme
[19:16] <gneeriiloeepdeer> what command do I need to get rid of the splash screen
[19:16] <gneeriiloeepdeer> ?
[19:16] <HAL2000> jhutchins: what if my live (booted) windows system is compromised, doesn't it have access to an unencrypted linux boot partition, what happens if my initramfs is compromised from there?
[19:17] <WeeBey> Hi! Ok, could someone help me trouble shoot this suspend issue? When I open the lid I just have a blank screen with ACPI errors. There's nothing I can do. Although when I was testing it I left a "shutdown -r +2" and it rebooted after 2 mins even in the error screen
[19:18] <WeeBey> one of the error says, "ACPI Error: AE_NOT_EXIST, while executing method \_WAK
[19:19] <ogra> HAL2000, https://discourse.ubuntu.com/t/ubuntu-installation-on-computers-running-windows-and-bitlocker-turned-on/15338
[19:26] <ogra> gneeriiloeepdeer, you cn always just hit alt+left/right cursor key to get to the messages ... to actually turn it off though you need to edit /etc/grub/default, drop "quiet splash" from the command line there and run "sudo update-grub" after savin the file
[19:29] <gneeriiloeepdeer> curious ogra , I dont have a dir named grub, only a grub.d, but inside there ain't any default file
[19:29] <ogra> gneeriiloeepdeer, eek, sorry, that is /etc/default/grub indeed
=== eroc19909 is now known as eroc1990
[19:33] <gneeriiloeepdeer> apparently this is already solved: no 'quiet splash' in this file. What I mean is this: Upon starting my computer, I see several command lines telling me what the computer is loading, but right before the password screen appears, I get to see for some miliseconds what I assume is the default ubuntu / grub theme. This is what I want to get rid of
[19:34] <Jeremy31> gneeriiloeepdeer: check in terminal> cat /proc/cmdline
[19:35] <jhutchins> gneeriiloeepdeer: What does getting rid of that screen accomplish?
[19:35] <jhutchins> gneeriiloeepdeer: (BTW it's just a log/outout line, it's not a command line unless you can enter a command.)
[19:35] <jhutchins> output
[19:36] <WeeBey> Man, no luck with this suspend problem. Ok, I know y'all busy. Last question. It seems that I can only update my bios if I have windows installed. :-(  Is it possible to install it on a USB external drive and run the bios updater from there without messing up my Ubuntu os drive?
[19:36] <gneeriiloeepdeer> peace of mind
[19:38] <gneeriiloeepdeer> Jeremy31, output prints a directory, where I found several 0 bit files (like vgubuntu-root)
[19:39] <HAL2000> ogra: thx for the guide, will try turning bitlocker off before the install to turn it back on later as stated, leaves me still wondering how my boot partition will be protected against tampering, are the files on there signed and checked by the boot chain that way?
[19:40] <ogra> HAL2000, read the whole thread, i think there are some useful hints (like only suspending bitlocker to save time etc)
[19:42] <ogra> HAL2000, kernel and modules are definitely signed, not sure where the initramfs stands though (last time i looked deeper into securebot in 2018 it was not yet signed, 22.04 might do that nowadays though, not sure)
[19:46] <HAL2000> ogra: I have shrunk my windows partition already (from windows) to make space, leaving unused space on the disk, still I don't get the "install alongside" option in installer, guess I have to use the manual option
[19:47] <ogra> hmm, yeah, probably
[19:48] <HAL2000> ogra: I see now that it mentions suspending bitlocker instead of disabling (decrypting) haven't seen suspend option anywhere, will look into that
[19:54] <HAL2000> ogra: there is no suspend bitlocker option as far as I can see, that aplies maybe to older windows versions and not windows 11 with TPM
[19:55] <ogra> HAL2000, ah, the dicsussion is also already older ... that can indeed be ..
[19:59] <rob0> WeeBey: are you asking here if you can install Windows on USB?  I
[19:59] <rob0> 'd have no clue, but maybe a Windows place would be better to ask in.
[20:00] <WeeBey> Great idea rob0. I'll try that.
[20:00] <rob0> I've never had problems with suspend in Linux.
[20:00] <WeeBey> rob0, It's this stupid razer blade 15". Lots of things that are a bit annoying.
[20:01] <WeeBey> I somewhat regret getting it.
[20:01] <rob0> Another idea is to open a ticket with the manufacturer.
[20:01] <rob0> they'll tell you to get lost, most likely, but there ARE Linux-based BIOS updating tools.
[20:02] <rob0> if you're lucky they might work with yours
[20:02] <WeeBey> I was just writing that.
[20:02] <WeeBey> Ha.
[20:02] <rob0> :)
[20:02] <WeeBey> I know a lot of people dual boot (i've seen the questions here) so I was wondering if someone did that (install Win on a USB drive to not mess with the main Ubuntu drive and its partitions)
[20:02] <rob0> or maybe theirs will work with FreeDOS; some manufacturers distribute that
[20:03] <rob0> I doubt Windows would be fleible enough to boot from USB.
[20:03] <rob0> *flexible
[20:04] <WeeBey> rob0, yeah. Doesn't even let you remove Internet Explorer.
[20:04] <WeeBey> :D
[20:04] <rob0> maybe if you have a second hard drive, you could tell your BIOS to boot from that
[20:04] <rob0> why not a smallish partition on the Ubuntu drive?
[20:04] <WeeBey> Back in the day, I remember trying to install windows on the side and I lost grub and Had a hard time booting again into linux.
[20:05] <WeeBey> rob0, Can i partition my main drive without losing data? (as long as it's the free space at the end, of course).
[20:06] <Crucifyy> I just use 2 separate SSD's for ubuntu and windows
[20:06] <WeeBey> Crucifyy, internally?
[20:06] <rob0> well, um, I'd personally be happier with a full backup if repartitioning
[20:06] <WeeBey> rob0, word.
[20:06] <rob0> sure, most systems will let you specify an alternate boot device
[20:07] <Crucifyy> WeeBey: Yes
[20:07] <WeeBey> hmmm. Ok, maybe Ill do that this week. AFter all that, I bet you that suspend still won't work.
[20:08] <rob0> I have a Win11 Home on a laptop, only taking about 35GB out of 200 (I repartitioned in Windows to make free space.)
[20:08] <WeeBey> It was working (kinda) in 21.10 but I would lose my touchpad so I would need to reboot anyway after. Now it's just black screen.
[20:08] <Crucifyy> WeeBey: To be fair, i never do suspend, I am on Ubuntu for most the day, only time i really every switch over is for playing some games that Linux doesnt support
[20:08] <rob0> what did you do to wake it up?  hit Enter?
[20:09] <WeeBey> Crucifyy, Yeah. Desktops are different, I suppose. This is a laptop and it would be nice to close the lid and it wasn't still running and using up battery like crazy.
[20:09] <Crucifyy> WeeBey: ahh, i missed the laptop part. My apologies
[20:09] <jhutchins> People have been dual-booting linux since very early on.
[20:10] <rob0> strange that it does not work
[20:10] <rob0> all mine have always worked with suspend
[20:10] <jhutchins> Crucifyy: I have a Dell Lattitude E6540 - at least my third Dell Lattitude, and all have supported suspend to ram and disk out-of-the-box.
[20:10] <rob0> and usually just open the lid
[20:11] <jhutchins> Resume can be a little un-predictable, sometimes it's just open the lid, sometimes hit a key, sometimes tap the power button.
[20:11] <HAL2000> I'm having a hard time to dual boot on my laptop, can't even turn bitlocker off in windows for some reason
[20:12] <rob0> I've never bothered with hibernate, because you need an unused swap partition with enough to cover the RAM + active swap.
[20:12] <jhutchins> HAL2000: Secure boot?  What does "hard time" look like?
[20:13] <rob0> "hard time", "Cool Hand Luke" :)
[20:13] <HAL2000> jhutchins: the option is not present in windows like I see on all kinds of guides/tutorials maybe got something todo with EFI settings or specific hardware implementation
[20:13] <WeeBey> If you are curious, these are the suspend messages I see when I open the lid
[20:13] <WeeBey> https://i.postimg.cc/rsqg59Xh/IMG-20220428-081035.jpg
[20:14] <WeeBey> So for now I'll keep suspen off.
[20:17] <HAL2000> It would be nice if it was easy to dual boot Ubuntu with windows using secure boot and full encryption (besides EFI partition itself) but that seems not to be the case, at least for me
[20:18] <EriC^^> HAL2000: it really depends on the uefi/manufacturer, it's not that hard but sometimes there are some kinks to work out
[20:19] <WeeBey> HAL2000, I had to turn off secure boot and ended up not having full disk encryption.
[20:19] <WeeBey> Was not happy with how I had to set up this turd laptop.
[20:19] <HAL2000> EriC^^: it's Lenovo with AMD CPU
[20:21] <Jeremy31> WeeBey: Razer Blade?
[20:21] <HAL2000> I would not turn off secure boot if I fail in the end, I would delete windows and run it in VM maybe
[20:22] <WeeBey> Jeremy31, Indeed.
[20:22] <EriC^^> HAL2000: did you install ubuntu and get it to boot grub?
[20:23] <HAL2000> EriC^^: not yet, next option is manual partitioning, was just looking if its possible with installer
[20:24] <HAL2000> no I am wondering why I can't even disable bitlocker
[20:33] <peirik> Is there a hotkey for "restore all minimized windows"? I know Super+D toggles "show desktop" but that sometimes gets messed up if you open and close an app while "show desktop" mode is on, where toggling off no long works and you have to restore all minimized windows manually :/
[20:53] <HAL2000> idd
[20:55] <jhutchins> The main purpose of Secure Boot is to prevent you from booting or installing an operating system other than the one installed by the OEM (presumably Windows).
[20:55] <jhutchins> HAL2000: Turning Secure Boot off should happen at the pre-boot "BIOS" level, or whatever menu UEFI displays before it goes to hard storage to boot.
[20:58] <HAL2000> jhutchins: I am able too boot linux from USB, that seems not to be the problem
[21:01] <HAL2000> once you are verified in the one installed it should be possible I think
[21:05] <HAL2000> jhutchins: can you give a reference where it is stated that I must turn off secure boot before installing? preferably ubuntu docs
[21:08] <jhutchins> HAL2000: No.  Try it, if it works for you, great.
[21:09] <HAL2000> jhutchins: I will, for now I will suspend myself, thx for the help
[21:34] <jhutchins> 
=== duxco is now known as duxsco
=== duxco is now known as duxsco
[22:41] <fengshaun> how do I disable compositing in gnome on ubuntu 21.10? steam games play at 5fps and on xfce they play >60fps
[22:43] <jhutchins> fengshaun: Easy, use xfce.
[22:44] <fengshaun> -_-
=== ssh0732 is now known as ssh073
[22:56] <ogra> fengshaun, if this is 22.04, i'd assume xfce uses Xorg while gnome uses wayland ... there is an opiton to pick gnome on Xorg in the login manager
[23:01] <fengshaun> it's 21.10
[23:01] <fengshaun> I'll have a look
[23:45] <jhutchins> I'm sorry I side-tracked the question, how _do_ you disable compositing on 22.10 Gnome?
[23:47] <sker> hi