From nobody Mon Jan 29 00:02:43 2024 X-Original-To: questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TNT5l4vQ0z57bWR for ; Mon, 29 Jan 2024 00:03:07 +0000 (UTC) (envelope-from freebsd@gushi.org) Received: from prime.gushi.org (prime.gushi.org [IPv6:2620:137:6000:10::142]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "prime.gushi.org", Issuer "RapidSSL Global TLS RSA4096 SHA256 2022 CA1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TNT5k0xrGz4kZK for ; Mon, 29 Jan 2024 00:03:05 +0000 (UTC) (envelope-from freebsd@gushi.org) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gushi.org header.s=prime2014 header.b=EtkBeRWA; dmarc=pass (policy=none) header.from=gushi.org; spf=pass (mx1.freebsd.org: domain of freebsd@gushi.org designates 2620:137:6000:10::142 as permitted sender) smtp.mailfrom=freebsd@gushi.org Received: from smtpclient.apple ([IPv6:2601:602:87f:b05d:8571:3541:58d7:93d8]) (authenticated bits=0) by prime.gushi.org (8.17.2/8.17.2) with ESMTPSA id 40T02xt5040465 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 29 Jan 2024 00:03:00 GMT (envelope-from freebsd@gushi.org) DKIM-Filter: OpenDKIM Filter v2.10.3 prime.gushi.org 40T02xt5040465 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gushi.org; s=prime2014; t=1706486580; bh=ZGMNJnFlPRV48c6aAEX8DQbsiqPDqI5ogtuCvPSxI6E=; h=Subject:From:In-Reply-To:Date:Cc:References:To; z=Subject:=20Re:=20Upgrade=208.4-STABLE=20to=2014-STABLE|From:=20Da n=20Mahoney=20|In-Reply-To:=20|Date:=20Sun, =2028=20Jan=202024=2016:02:43=20-0800|Cc:=20questions=20|References:=20|To:=20Odhiambo=20Washington=20; b=EtkBeRWAoFEJX5dglDSWz6W2KAoEI22C0deZum1j7WFkFGlFaFm22VlpFszA1hLkJ H2xc4PuHrVTyHK81u00ufMFHyd2MXOyVk8OEmEFz3QGfXsuf0RBjPZEIzSdjWqy2Yw kgnruQ9bEG0jb1aEFUPO2yUYz4HeeEVpo3XZaUrEWx17cj8gkl3yAZ9ZrjgFsT5849 sbVMrhBmpRvOr/1WXLAtCoN8AU4NvgnzufWibYVBUTqEwNqaMUf/2LtQ63N0wVmm2G F6I7h7RTbkj3dZ5wj7efGfz9NF4rAJh/QZPXpWWcyQhpy7q2hnbsazO8amIOqn+A0F GjXZZnHKSydIA== X-Authentication-Warning: prime.gushi.org: Host [IPv6:2601:602:87f:b05d:8571:3541:58d7:93d8] claimed to be smtpclient.apple Content-Type: text/plain; charset=us-ascii List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3774.400.31\)) Subject: Re: Upgrade 8.4-STABLE to 14-STABLE From: Dan Mahoney In-Reply-To: Date: Sun, 28 Jan 2024 16:02:43 -0800 Cc: questions Content-Transfer-Encoding: quoted-printable Message-Id: <75DCCF1C-BA33-4917-988E-5B92955D1D17@gushi.org> References: To: Odhiambo Washington X-Mailer: Apple Mail (2.3774.400.31) X-Spamd-Bar: ------ X-Spamd-Result: default: False [-6.60 / 15.00]; DWL_DNSWL_MED(-2.00)[gushi.org:dkim]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; DMARC_POLICY_ALLOW(-0.50)[gushi.org,none]; RCVD_DKIM_ARC_DNSWL_MED(-0.50)[]; R_SPF_ALLOW(-0.20)[+mx]; R_DKIM_ALLOW(-0.20)[gushi.org:s=prime2014]; RCVD_IN_DNSWL_MED(-0.20)[2620:137:6000:10::142:from]; MIME_GOOD(-0.10)[text/plain]; ONCE_RECEIVED(0.10)[]; ARC_NA(0.00)[]; RCVD_TLS_ALL(0.00)[]; FREEMAIL_TO(0.00)[gmail.com]; TO_DN_ALL(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; DKIM_TRACE(0.00)[gushi.org:+]; RCVD_COUNT_ONE(0.00)[1]; ASN(0.00)[asn:393507, ipnet:2620:137:6000::/44, country:US]; TO_MATCH_ENVRCPT_SOME(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; FROM_HAS_DN(0.00)[]; MIME_TRACE(0.00)[0:+]; MLMMJ_DEST(0.00)[questions@freebsd.org]; APPLE_MAILER_COMMON(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; HAS_XAW(0.00)[] X-Rspamd-Queue-Id: 4TNT5k0xrGz4kZK > On Jan 26, 2024, at 23:55, Odhiambo Washington = wrote: >=20 > Is there a way to upgrade 8.4-STABLE to 14-STABLE, or even change it = to 14-RELEASE? Most people are saying what my own thought would be, but I do have a = "war story" to share. For us, preserving configuration did not matter, our configuration = management was done by a tool like Puppet or Chef or Ansible. Dayjob has several single machines in very remote places, that were = built with a too-small boot partition for FreeBSD-update to work (some = had been in place since 5.x). And we needed to do upgrades during a = global pandemic, when the normal "go on-site to upgrade" process would = not have worked. Maybe your own situation is the same. Some sites had remote consoles, some only remote serial consoles. = Availability of PXEboot was minimal, and bios access was even more = minimal. Where there *was* remote hands, they were much more comfortable = installing Linux. What worked for me was extracting the contents of an MFSBSD build over = into my /boot direclory, and pumping my existing ip addresses, netmask, = and gateway into /boot/loader.conf On reboot, I had the ability to SSH in, clear out my disks, and start = clean. It took me a long time to mentally reach that point, and I only got it = after I was sure all the other options (pxe boot an installer, = freebsd-update, make buildworld, get-a-rescue-shell and just extract = base.txz over my main filesystem). Thanks to this being the 21st = century, I was able to test a lot of my procedures on VMs of various = flavors like VirtualBox and VMware. If you're still on 8.x, you may still be at the point where you have = separate /usr, /var, and / partitions, and at some point, one of those = will grow beyond what you've done. So even if the upgrades all work, = you're in a situation that will burn you (kernels and /boot partitions = keep getting bigger, until modern BSD where it's all one partition). =3D=3D=3D=3D With modern FreeBSD *most* of your configuration comes down to what's in = /usr/local/etc, and /etc -- these tar up really easily, as well as = /usr/home or /home or whatever. If you have database stuff like postgres or mysql, obviously there's = that directory as well. Your base packages, you can list out without dependencies with "pkg = leaf". If pkg leaf doesn't work, copy a modern /usr/local/etc/pkg.conf = from another machine to get that command (or run the command it is = aliased do).=20 =3D=3D=3D=3D That said... If the disk sizes *are* good (freebsd-update doesn't check), I might = *try* to get there with freebsd-update, but with the knowledge that it's = going to take me like a dozen leap-of-faith reboots, and more often than = not, I have found that freebsd-update finds *some* chance to lose the = linker and run into a long string of "cp: invalid argument" shooting = itself in the foot. I've had this happen. If I were clever, I might = keep a copy of base.txz on the disk beforehand so I could unbreak = things. (It's for this reason that I put in a bug that put ssh/scp into = /rescue, where there's no copy of ftp.) Also, if I were going to go this way, I would grab the freebsd-update = script from a *modern* system, there are bugs in it that were fixed, = that were present in your version. Note well that I say what *I* might do in this case, not what you = *should* do. Hope this helps, or at least lends some perspective. -Dan From nobody Mon Jan 29 00:36:59 2024 X-Original-To: questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TNTs00Kn0z57dwh for ; Mon, 29 Jan 2024 00:37:08 +0000 (UTC) (envelope-from mirror176@hotmail.com) Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02acsn2080b.outbound.protection.outlook.com [IPv6:2a01:111:f400:7ea9::80b]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mail.protection.outlook.com", Issuer "DigiCert Cloud Services CA-1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TNTrz0CP6z4q0t for ; Mon, 29 Jan 2024 00:37:07 +0000 (UTC) (envelope-from mirror176@hotmail.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=hotmail.com header.s=selector1 header.b=Pq6GtKtH; arc=pass ("microsoft.com:s=arcselector9901:i=1"); dmarc=pass (policy=none) header.from=hotmail.com; spf=pass (mx1.freebsd.org: domain of mirror176@hotmail.com designates 2a01:111:f400:7ea9::80b as permitted sender) smtp.mailfrom=mirror176@hotmail.com ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PqVnPZlYBMCFpKWN5MAh5mt8EfnxALIVLbS6D0QiMx//jZYJy7xBNpSfHAR6gSwgMnW0cmg5iGkZdkICLs9/YlEDAwS/a0eXyegcuAhPLqoKoxzRp+sBIER2fgVP/DqjFdeIPv9rNLyQbnHiSfgpdhYkzOrPZYWlyAbqYy2WVyXPYyRvJf6xK8SaZHl7+XWiItA8TVFvE1325zDsRpnd65FSBootmYu9URSAayDRpNBQQNVC4E2PaH0aKpkrOZzIlLnUsG3fdmHVx/+O7lch9X7OCzIZFrM4GGQpRpHgt+vqoyR0AuUHl11MqPi0ep2wrI5WMWCgMb15g0PbflJ57A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=jyMY5ohNxkQWCK6lUEAVBb2TH8e//i4+9Cev3KFfK38=; b=POvyVaRJ3QVlKLdBowC9p4Y7bnEE2APht6iUjZF1mvSerBUIBXxw2fqmODfg+gDqob1tA57pUHQucTMDHbJV9QvRHLV7eZIeYsLC7h3Fg0NLIzW0jcLkhxLhJiucbDf7A6SlaZWF8Msk80fsAd15UyZLKon0Umoz/LjpLa4Rk10MPy2cT7tmna1iuRp6thxjRkGar2j2f+8UHIdsohYNVdubCKnmssY7lDL8zQGlzMoE5codZPjXmjqPjpCMq6dugTz2xsNuxNoxiQwGCdTYNhlkw0XsHComYREivyibsQjyC/vRzp3gtxOBOadJzPTKEjqywd5TbTWpZy+n1r+bhA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hotmail.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=jyMY5ohNxkQWCK6lUEAVBb2TH8e//i4+9Cev3KFfK38=; b=Pq6GtKtH9nU9Bd2YKv8KM+OPj/MXToNyj0gkFEpE34e1qwMBkmYHcmQLm8gnm6uqdtyB+dup4p2+g7u6fHr+6RrH5kI9AzsKaiNfWKlrVq1o1p69J3kMbH3P0/nb1mMNcaZWkEdUNHnlAgJ2Ip24ScuJcO2+eD84YP8ILgq8WNK2Voo7WZbNZfG4b5RiLauQZOgxlCEpMMIZpaHgjxHRs0NkQeatRW89kNPPs37V+VhTtbcfdTHeduuXvwgEdgLxflBbQYWgUWsTG6lch2PPUwLnKdjtw7EO2+qC5pI9ZWAo7I4o+tHMyHflIYwRDEWandUZnycaMWUH3kxJCSwlqA== Received: from CO1PR11MB4770.namprd11.prod.outlook.com (2603:10b6:303:94::19) by CH3PR11MB8467.namprd11.prod.outlook.com (2603:10b6:610:1bd::8) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7228.32; Mon, 29 Jan 2024 00:37:02 +0000 Received: from CO1PR11MB4770.namprd11.prod.outlook.com ([fe80::ea8f:5d06:d3e8:c9cf]) by CO1PR11MB4770.namprd11.prod.outlook.com ([fe80::ea8f:5d06:d3e8:c9cf%6]) with mapi id 15.20.7228.029; Mon, 29 Jan 2024 00:37:02 +0000 Message-ID: Date: Sun, 28 Jan 2024 17:36:59 -0700 User-Agent: Mozilla Thunderbird Subject: Re: Upgrade 8.4-STABLE to 14-STABLE Content-Language: en-US To: questions@freebsd.org References: <75DCCF1C-BA33-4917-988E-5B92955D1D17@gushi.org> From: "Edward Sanford Sutton, III" In-Reply-To: <75DCCF1C-BA33-4917-988E-5B92955D1D17@gushi.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-TMN: [5a/8dLW6uI8IGbeEWRapnC7wI94vf9Q5] X-ClientProxiedBy: MN2PR04CA0018.namprd04.prod.outlook.com (2603:10b6:208:d4::31) To CO1PR11MB4770.namprd11.prod.outlook.com (2603:10b6:303:94::19) X-Microsoft-Original-Message-ID: <7daca832-52cb-4af6-9882-93c6bad990d2@hotmail.com> List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: CO1PR11MB4770:EE_|CH3PR11MB8467:EE_ X-MS-Office365-Filtering-Correlation-Id: d8aa8cb9-5caa-4ccb-51c4-08dc206268bb X-MS-Exchange-SLBlob-MailProps: Mga27o8vReGfIc1VICO0dotZZh0YGuDpVPFyugRQOYUdEZUhm22IpHF6Wi6nqsZPwmFjtUiBFPmXPHZl4hz5d3Ota/UOQxyjlyEclHY/B+Yn3q3U9wP7Sc5rHy1VoVZ/Z+lPVO9pNVWgiY7q/fYx0i2xmtAOUUQE6kCv6q4spC2ECJ2K2RX/pP8LqVk+9v3+EaOey95p4s0RHvfhiYofmoK5+4p7utIzkGEFvck7DuQEPvCS+1mqNnhOeSq4PbLD2W17JActUobRo3/0Ak9V5aAZM/CHBHTyt1hmTptcAlB93tysUitQOXISk0tvkgcuThsnV9Jm14DZI2ojc5oEuS7Zq8iAsNFJ4Fw9QzVb9oNScJpa4bWleOk+/FvqXL6qQD3SEuVhvwga2mtHqcNZnHg17ii1Iz77x5LaQiZ25JAcdE7N+OAtaM2H2XUb9lM9yfMdoITK8QoMp2QcLR4b710O+82lvROKKmniW0JRCEC8ou1lAgZYQQfKz1o6lOGkRp3mMx9tkfteJU45utlJKUTg2s/BkXDcZiV6uGLxl7WNGi761shoqS68LQAdSPgv7uFplXA5Ybvs772ov6ZQxnf5E+SXpR81BapDQ+3r0rWyp+QYTvNx7QUAyz2xjZc22BGvgCQVrewIpEAwNfdVVPObwf+1l8hnvOAn0rVkgda9vs3Q7RP3Mt0eYeefNyiECb78VuogmP5XRjs/lW9Ig467idNkpov33RbdRgpcFkOl33PzjLxqln1PEZtIQsDq4aUyGconHJPJr4m9+zuJaXz0eJWVSyjBV0/uSyUBSjSrORnkVn4XUg== X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: J47UmUE7BO5EPb30rGKEnJ1LNgwC2c3JUGq2TunmZO09X63vpYxiToR3S6+SSIhtfaF4owdhttmnwfVG639TtWRektsxD27Y+VuaOzKH3LiuwLfi53pdIRFc7bR9bdg/iVw5mylGWUbzjWMT/imcz3Idup1TDHw/0L13EykgpR10KAeREJuse3fjKXBB53fig4MhWxhoAx7CO0AyfGCxjqXyaPfCqUq+i+Uha0Cj+NF083SsGyejfwCdnDUu5Frmwsp/8f0XZXeYl6dTnu6+Eas3Nm5g8HJ8Wg7HXf01VIOxmkdb8ubcwVb0hgzygiNdMB7+cpsE93t4sqDv/TjNlNhjAguiGzMgIAcejuj+GYZvdH4Mjmnx/PWU269LkEdd+5p+vOyprnHuj0418J4NewfxG4ux7QJEW0WOf7f2WPgvUcV6TfC7vvYv5hFtG6ISspMvFh5ykajRBozQLraZenMfyAEdmC8kSbZotdMbRpDidOdppSO4bqBHeoUTupOw2GLHsmg3WGLKPkbcz6dytZn6fE52AfVY7en6TKUbbN+mXm1G2D82WcXDXQQMa+oT X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?Z1J2d3JIMCt6QTd1UGZsckNZalZ0eDBJZnJKRG80dVFtOUZCbXBOYU9NTmYr?= =?utf-8?B?MisyWCtSMXBETW9WNCs0d3EyV3QySEgxSGxhLzh5ZnY4V0RqK29lTWZ3Sk1F?= =?utf-8?B?cW52V04wUEMraElPTmNDbUJRRUxjaWJhb1lGQllHRmh4aVhQYXhLYmhOaUxs?= =?utf-8?B?dTVIRE5qK0tWd2x4WmVmUlZ6dzF1bmpRRkh2NUluM0FwWmlIaVluOERlZDE2?= =?utf-8?B?V3B6akd5SUxsVWN1eFpBTGhWNUJyTnk5OTVVaXN0MGlJM0xjVmxZN0VYV01w?= =?utf-8?B?Zy9QYkMvMlJvckhDQ1ZtOWVvbUthNFlXUm5INXc5d3BTY2Jqc0k5dlIwNlRr?= =?utf-8?B?ak85SUVvay9KZjNEYjVHOUVDcFRjQVJ3N1c0akR0VHhENzNBNzlIVWtCelBL?= =?utf-8?B?Mnk0UG8wTE5vSzRtaWVIVHBGK0szWUhXR29QeG1qQjJvSlM3aEVHbGF3Vm11?= =?utf-8?B?a2tadkgyZVJUdkdxZ2xWbFNCTWRvWjFKZ2RzZ203MzNvTWdYYUlQRTJqOVUv?= =?utf-8?B?SkQzSEFsTTNoYVFsMmFDbEtlTjJKSjRDczZSbFFmd2piT3FVV2UrYXFIWEZu?= =?utf-8?B?SWE4SG1rQ2pFOVg4R2ZOdzZzMDcweWFiK1JsZXJTWkNDVE90aC9LWHJBcEtk?= =?utf-8?B?L3l4M20wNFg3cVg5UzdZTEJSTmphcGZtTTZTQWpzb0lEN2czY0ordyt2Tzho?= =?utf-8?B?RkFvTkhXV3dTOFBSQk5aT202bWgzWUJXZlNVbEZqOTFtaFcySUJOK0lFdnhX?= =?utf-8?B?dVlQa0N2ZGNsTUtISk9VUW93ZHpOUXdtSGpLSHhRTExnWnVYUFF2cHBkZDNC?= =?utf-8?B?dmtDVFdqbk1pdzUySitlaW5KMDhlY2N5Zlg2VTZSK096Um5WbkJKTkcxUi9K?= =?utf-8?B?NEQzSlNvVUg4V1g1MXRUa2xHU0ZqdGZNNXRoL1FVbHJhdW5PT1pnVXlDQmtX?= =?utf-8?B?VXlLOU4xbG5uMXRkZmdFWlZzYkRvVVNyZlZHZkJtK0Y3b2JmMEdiVTQ1TE42?= =?utf-8?B?M25qc1pJOEU0RkFVSzl4U3BRWmRaaFFZRll3Yy9DVUxzZW9sd09WQnRldFBR?= =?utf-8?B?WmFHcEFlNUxXdGxlKzg4aUVCTHFxU1E5Q09UZ1JYWmtnSmdFMm05SUNtK0xs?= =?utf-8?B?aDJoMHBVdkhtNWZ2M0ZYNGZxeXcwWlY0alN1SVVFU1dINEdkMC9iMy8wa0F6?= =?utf-8?B?M0NtaE5kQWk3U1Z1elJHZnZSaHhoRVBvT285T2FpdU9TVm9YajZ3UkgwTXk1?= =?utf-8?B?TXR1ZXFZdk9nQmhibFRiVmwxeFdvVWhTdjBxTVhERnIwZ1FRR0pYUlRUU2pN?= =?utf-8?B?TmRnVzlETG5QM0tneCtGa2kzdlkwT2NiNDV4ZHlsM3JoVHJjUDdJYk1VUDNx?= =?utf-8?B?NFJvOHZuZW5KOVdXdzB6MnAvVmUvZndIOEVvZVVkS05Gb2xCT2NUK3luV0lI?= =?utf-8?B?ekkrVWROQlBQMFJ2b1ZpdkJBdDJJRmhaZG1XMHJIY29OOGJJekdpcHhHODhM?= =?utf-8?B?aXhNaXYwdC8vNHJRRFpKRTdSUUwvMzR1Nys5YUJsT1FtMXRvUm1BNUVOUk9H?= =?utf-8?B?cEZtODV4amljeFBUdXpOVWpvaXI2QVBiL1RZMDdTbkxkaVlJR1hSYmZzbHAy?= =?utf-8?Q?9jZ06aF5LK7J1xDutXRHseR18zZHgzDrRmJ9R3Yg8HJM=3D?= X-OriginatorOrg: sct-15-20-4755-11-msonline-outlook-e8f36.templateTenant X-MS-Exchange-CrossTenant-Network-Message-Id: d8aa8cb9-5caa-4ccb-51c4-08dc206268bb X-MS-Exchange-CrossTenant-AuthSource: CO1PR11MB4770.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 29 Jan 2024 00:37:01.9387 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: CH3PR11MB8467 X-Spamd-Bar: -- X-Spamd-Result: default: False [-2.49 / 15.00]; FORGED_MUA_THUNDERBIRD_MSGID_UNKNOWN(2.50)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; ARC_ALLOW(-1.00)[microsoft.com:s=arcselector9901:i=1]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; DMARC_POLICY_ALLOW(-0.50)[hotmail.com,none]; R_DKIM_ALLOW(-0.20)[hotmail.com:s=selector1]; R_SPF_ALLOW(-0.20)[+ip6:2a01:111:f400::/48]; MIME_GOOD(-0.10)[text/plain]; XM_UA_NO_VERSION(0.01)[]; ASN(0.00)[asn:8075, ipnet:2a01:111:f000::/36, country:US]; FREEMAIL_FROM(0.00)[hotmail.com]; MIME_TRACE(0.00)[0:+]; DWL_DNSWL_NONE(0.00)[hotmail.com:dkim]; FREEMAIL_ENVFROM(0.00)[hotmail.com]; RCPT_COUNT_ONE(0.00)[1]; MLMMJ_DEST(0.00)[questions@freebsd.org]; TO_MATCH_ENVRCPT_ALL(0.00)[]; FROM_HAS_DN(0.00)[]; RCVD_TLS_LAST(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; TO_DN_NONE(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; DKIM_TRACE(0.00)[hotmail.com:+] X-Rspamd-Queue-Id: 4TNTrz0CP6z4q0t On 1/28/24 17:02, Dan Mahoney wrote: > > >> On Jan 26, 2024, at 23:55, Odhiambo Washington wrote: >> >> Is there a way to upgrade 8.4-STABLE to 14-STABLE, or even change it to 14-RELEASE? > > Most people are saying what my own thought would be, but I do have a "war story" to share. > > For us, preserving configuration did not matter, our configuration management was done by a tool like Puppet or Chef or Ansible. > > Dayjob has several single machines in very remote places, that were built with a too-small boot partition for FreeBSD-update to work (some had been in place since 5.x). And we needed to do upgrades during a global pandemic, when the normal "go on-site to upgrade" process would not have worked. Maybe your own situation is the same. > > Some sites had remote consoles, some only remote serial consoles. Availability of PXEboot was minimal, and bios access was even more minimal. > > Where there *was* remote hands, they were much more comfortable installing Linux. > > What worked for me was extracting the contents of an MFSBSD build over into my /boot direclory, and pumping my existing ip addresses, netmask, and gateway into /boot/loader.conf > > On reboot, I had the ability to SSH in, clear out my disks, and start clean. > > It took me a long time to mentally reach that point, and I only got it after I was sure all the other options (pxe boot an installer, freebsd-update, make buildworld, get-a-rescue-shell and just extract base.txz over my main filesystem). Thanks to this being the 21st century, I was able to test a lot of my procedures on VMs of various flavors like VirtualBox and VMware. So much nicer when you don't need a second machine or disks being cloned/backup+restored just to try out the process. I'm messing with a test run to see where I could get on virtualbox under windows10 going to an externally attached usb ssd but it feels like I'm being penalized noticeably by that setup. > If you're still on 8.x, you may still be at the point where you have separate /usr, /var, and / partitions, and at some point, one of those will grow beyond what you've done. So even if the upgrades all work, you're in a situation that will burn you (kernels and /boot partitions keep getting bigger, until modern BSD where it's all one partition). Years ago I thought I should prepare a talk about only partitioning <= 1/2 of a drive to avoid this among other problems. It would still serve a purpose to do so today with things like COW (such as what zfs uses) harming performance, always knowing you have room for a temporary backup, and room to rearrange layout in case of 4k alignment mistake, efi/swap/main area resizing, toggling encryption, adding/removing disks to a raid freely without a second set of disks being needed, or giving it up and growing partition space into it. No one wants to keep free space on disks, let alone >50% so it would likely be an unpopular chat. > ==== > > With modern FreeBSD *most* of your configuration comes down to what's in /usr/local/etc, and /etc -- these tar up really easily, as well as /usr/home or /home or whatever. /boot/loader.conf also comes to mind; I'll check my install notes I started making on a recent 14 setup attempt to get all my goodies listed. > If you have database stuff like postgres or mysql, obviously there's that directory as well. > > Your base packages, you can list out without dependencies with "pkg leaf". If pkg leaf doesn't work, copy a modern /usr/local/etc/pkg.conf from another machine to get that command (or run the command it is aliased do). Internet pkg repositories don't exist anymore for such old releases though the install media included a few packages on it (dvd usually had the most that I recall). 8.4 should have had pkg introduced but was more of an option to migrate to. My current steps I'll be posting mentions downloading an archived ports tree to `make install` it to avoid missing pkg as a package or needing any package for cvs/ctm/svn/git as old servers have been getting turned off and newer stuff like git wasn't there in base by default. > ==== > > That said... > > If the disk sizes *are* good (freebsd-update doesn't check), I might *try* to get there with freebsd-update, but with the knowledge that it's going to take me like a dozen leap-of-faith reboots, and more often than not, I have found that freebsd-update finds *some* chance to lose the linker and run into a long string of "cp: invalid argument" shooting itself in the foot. I've had this happen. If I were clever, I might keep a copy of base.txz on the disk beforehand so I could unbreak things. (It's for this reason that I put in a bug that put ssh/scp into /rescue, where there's no copy of ftp.) > > Also, if I were going to go this way, I would grab the freebsd-update script from a *modern* system, there are bugs in it that were fixed, that were present in your version. Is there a reason why freebsd-update does not update itself before doing other work like what pkg does? > Note well that I say what *I* might do in this case, not what you *should* do. > > Hope this helps, or at least lends some perspective. > > -Dan Thanks for sharing experiences. I've only ran freebsd update once or twice and became too annoyed at the archaic task of manually merging files that I found very easy to get done with mergemaster and mergemaster handled many more things automatically with optional switches as long as I'd tolerate the build time proceeding it (generally easy when its a background job). From nobody Mon Jan 29 12:57:45 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TNpHh3Vs3z58g5N for ; Mon, 29 Jan 2024 12:57:52 +0000 (UTC) (envelope-from paulf@quillandmouse.com) Received: from insect.birch.relay.mailchannels.net (insect.birch.relay.mailchannels.net [23.83.209.93]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TNpHg441Cz4Ddn for ; Mon, 29 Jan 2024 12:57:51 +0000 (UTC) (envelope-from paulf@quillandmouse.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=quillandmouse.com header.s=dreamhost header.b=k7hTyHfP; arc=pass ("mailchannels.net:s=arc-2022:i=1"); dmarc=none; spf=pass (mx1.freebsd.org: domain of paulf@quillandmouse.com designates 23.83.209.93 as permitted sender) smtp.mailfrom=paulf@quillandmouse.com X-Sender-Id: dreamhost|x-authsender|paulf@quillandmouse.com Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id 517EE142FD4 for ; Mon, 29 Jan 2024 12:57:47 +0000 (UTC) Received: from pdx1-sub0-mail-a202.dreamhost.com (unknown [127.0.0.6]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id ED1D01427E9 for ; Mon, 29 Jan 2024 12:57:46 +0000 (UTC) ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1706533066; a=rsa-sha256; cv=none; b=VXEwZTbLH1KmEeXooOUvYGn34oyvItY/eI7DiRQdi+p1LKLzx707+4BUKLk5Oc/+ko1O1T qU/OLnrG50U1glLZlloLuU4P1/bJdI4QgxP9C7nB8gGlYNxA9WZc5yEjhxFhxW5cesJ5m6 a9U/b1Vqi2tgqqxwFIUxQpSe2GNMeKykHoNPXzdyhAoKHrfQUJy3i2xpJuLaH1rnV69h14 wJKaRaAy840j2aMOLRwdjHbne3gjRYCAgKG7uBruAEld/hrmBkWGQSiCLzqRWYtFYt7yC3 9ywQ3ZbBy5MZiDByYtLVGQoISPgU81JrxHoicKpgy4Gs83By7FC6nfSWgXniRg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1706533066; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:dkim-signature; bh=7uD/mWrvTG+JbBn7RwkGN2JWHucy0JFY+UEcbvx4CfE=; b=ZkCSR/I0jX50jLRgZhaHrno7KhPFjiwfZivWI0J0AQ0TjQolAP23ODLjrr2ioLIr6kcsO4 r8bO336Da/na3H1dsh4qpWLHyv9KPCTOINt/lNQiF6Z4WbwDwUAceKiYWE3SyU6/D7Myqi f7yTEmwsjlIFxXNYTMukt0nXyfbyiic7b86lBFdedt1ogs19Top/H7L4siqlPY9Qc7p2Ur Ps0KwcdhKh0sZGGPWA6bdpzPMhZQ1uyeRCLMq4JYoWXPDc+Hc7B8dyBpeCEKBXjwNz2WKz tfrdC1Haq8bpVwbwzcjH9fA7st+nUMs3e8vz2K0l2PrkRM3x5YFfThl7bR9r4w== ARC-Authentication-Results: i=1; rspamd-9c9494d96-bxc5h; auth=pass smtp.auth=dreamhost smtp.mailfrom=paulf@quillandmouse.com X-Sender-Id: dreamhost|x-authsender|paulf@quillandmouse.com X-MC-Relay: Neutral X-MailChannels-SenderId: dreamhost|x-authsender|paulf@quillandmouse.com X-MailChannels-Auth-Id: dreamhost X-Little-Shelf: 7e7cff0861c0229d_1706533067187_2098578573 X-MC-Loop-Signature: 1706533067187:2452243464 X-MC-Ingress-Time: 1706533067187 Received: from pdx1-sub0-mail-a202.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.102.32.72 (trex/6.9.2); Mon, 29 Jan 2024 12:57:47 +0000 Received: from yosemite.mars.lan (unknown [47.205.190.127]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: paulf@quillandmouse.com) by pdx1-sub0-mail-a202.dreamhost.com (Postfix) with ESMTPSA id 4TNpHZ5qj6z9w for ; Mon, 29 Jan 2024 04:57:46 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quillandmouse.com; s=dreamhost; t=1706533066; bh=7uD/mWrvTG+JbBn7RwkGN2JWHucy0JFY+UEcbvx4CfE=; h=Date:From:To:Subject:Reply-To:Content-Type; b=k7hTyHfPhrAu4taSOhTVClSE40PBv3UraOPgbMcxutYOdzb2LVG+HJUbrQWx8Q6Z8 8Keg21aYc6NkHzCzci3Hj7xyUkIp7fyGyEU8GKgGIg2vJQghBkKf8KlWgeVPpd0IbT drJ2isz5WthdBRpqpIcyL3+r9CWRLCjXqqgJzkbl59AoeMIj6MTipBLw4ES/xaMH/J wDPYLdH62MwG0vD8J2qGkR2y9g+5+d9rbDXbo4WvfBNici+WOkp3AKzVF87ty4752y FDtNO9AHuGsU+bdf5hnkIxCIXb/SexIEmY7RSNp1NqWcsvCTxafmmFflwePClFfNrV t1CADs9SBnQ0Q== Received: from paulf by yosemite.mars.lan with local (Exim 4.96) (envelope-from ) id 1rURCr-00EmYk-1n for freebsd-questions@freebsd.org; Mon, 29 Jan 2024 07:57:45 -0500 Date: Mon, 29 Jan 2024 07:57:45 -0500 From: Paul M Foster To: freebsd-questions@freebsd.org Subject: Enabling SSHD Message-ID: <20240129125745.fuh6nnc4dooto2oz@yosemite.mars.lan> Reply-To: paulf@quillandmouse.com List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.70 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; ARC_ALLOW(-1.00)[mailchannels.net:s=arc-2022:i=1]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-0.999]; RWL_MAILSPIKE_VERYGOOD(-0.20)[23.83.209.93:from]; R_DKIM_ALLOW(-0.20)[quillandmouse.com:s=dreamhost]; R_SPF_ALLOW(-0.20)[+ip4:23.83.208.0/20]; MIME_GOOD(-0.10)[text/plain]; DKIM_TRACE(0.00)[quillandmouse.com:+]; FROM_HAS_DN(0.00)[]; RCVD_TLS_LAST(0.00)[]; MIME_TRACE(0.00)[0:+]; TO_MATCH_ENVRCPT_ALL(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; DMARC_NA(0.00)[quillandmouse.com]; MISSING_XM_UA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[23.83.209.93:from]; REPLYTO_ADDR_EQ_FROM(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; ASN(0.00)[asn:36483, ipnet:23.83.208.0/21, country:CA]; RCVD_COUNT_FIVE(0.00)[5]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; TO_DN_NONE(0.00)[]; MLMMJ_DEST(0.00)[freebsd-questions@freebsd.org]; HAS_REPLYTO(0.00)[paulf@quillandmouse.com] X-Rspamd-Queue-Id: 4TNpHg441Cz4Ddn Folks: I have a new FreeBSD 14 install. I'd like to be able to do some management on this machine (on my LAN) via SSH. I have a stock /etc/ssh/sshd_config file, except for allowing root to login. I've made that edit to the file, and restarted the SSH daemon via /etc/rc.d/sshd restart. However, this machine still refuses SSH connections, either from a regular user or root. What am I doing wrong? Paul -- Paul M. Foster Personal Blog: http://noferblatz.com Company Site: http://quillandmouse.com Software Projects: https://gitlab.com/paulmfoster From nobody Mon Jan 29 13:14:29 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TNpg65krTz58hYp for ; Mon, 29 Jan 2024 13:14:42 +0000 (UTC) (envelope-from jfadams1963@proton.me) Received: from mail-4322.protonmail.ch (mail-4322.protonmail.ch [185.70.43.22]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "protonmail.com", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TNpg519GRz4HvQ for ; Mon, 29 Jan 2024 13:14:41 +0000 (UTC) (envelope-from jfadams1963@proton.me) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=proton.me header.s=protonmail header.b=Hp07lM7D; dmarc=pass (policy=quarantine) header.from=proton.me; spf=pass (mx1.freebsd.org: domain of jfadams1963@proton.me designates 185.70.43.22 as permitted sender) smtp.mailfrom=jfadams1963@proton.me DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=proton.me; s=protonmail; t=1706534078; x=1706793278; bh=6ZiKRI9E9Hj2O4uE4FgM9HwcWbLpFO/H67Zfnp3LwIE=; h=Date:To:From:Subject:Message-ID:In-Reply-To:References: Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID:BIMI-Selector; b=Hp07lM7DoS7Gud2/SxJDP8P4YS9/U2cpvdLfBLOvoi/aR9tHEvtg1CujqvN40EmBc Gkj/rc7p/ZegfL1lA7mHdblcEGpzugq+lUT9aKMsnoCueWPELRQmoica6YRmr/0w1g KkKOCNT60ALs6wLRRlHMiqlqbradcv76kfOOQk4Fi7kstbT0gtNHpf2eR8brypBPcK 9w3QCgY2ZJfsetA1enCdvxhTnoE3S4yZMtEsrLISrXGLsu7mAvTYQ6ZDWkYdfvfiQV rvgkRUXKdGwZekNxpXQPREDRBWI7XynD9Ba0QnPUvLxi/fRXQ2XMG22Xp6CnZ9wN0K dXldFSiEb5Rxg== Date: Mon, 29 Jan 2024 13:14:29 +0000 To: "freebsd-questions@freebsd.org" From: Jonathan Adams Subject: Re: Enabling SSHD Message-ID: In-Reply-To: References: <20240129125745.fuh6nnc4dooto2oz@yosemite.mars.lan> Feedback-ID: 80741059:user:proton List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha512; boundary="------d18de3d94c718490e11015df27aa06482d9b6052865643d7df56323b0ef5e0a2"; charset=utf-8 X-Spamd-Bar: ------ X-Spamd-Result: default: False [-6.50 / 15.00]; SIGNED_PGP(-2.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-0.999]; DMARC_POLICY_ALLOW(-0.50)[proton.me,quarantine]; RWL_MAILSPIKE_EXCELLENT(-0.40)[185.70.43.22:from]; MIME_GOOD(-0.20)[multipart/signed,multipart/mixed,text/plain]; R_SPF_ALLOW(-0.20)[+ip4:185.70.43.0/24]; R_DKIM_ALLOW(-0.20)[proton.me:s=protonmail]; MLMMJ_DEST(0.00)[freebsd-questions@freebsd.org]; ASN(0.00)[asn:62371, ipnet:185.70.43.0/24, country:CH]; RCPT_COUNT_ONE(0.00)[1]; MISSING_XM_UA(0.00)[]; FROM_HAS_DN(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:+,3:~]; TO_MATCH_ENVRCPT_ALL(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; DKIM_TRACE(0.00)[proton.me:+]; MID_RHS_MATCH_FROM(0.00)[]; TO_DN_EQ_ADDR_ALL(0.00)[]; ARC_NA(0.00)[]; RCVD_COUNT_ZERO(0.00)[0]; HAS_ATTACHMENT(0.00)[] X-Rspamd-Queue-Id: 4TNpg519GRz4HvQ This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------d18de3d94c718490e11015df27aa06482d9b6052865643d7df56323b0ef5e0a2 Content-Type: multipart/mixed;boundary=---------------------389682ebf2940787490e57cbb60521a0 -----------------------389682ebf2940787490e57cbb60521a0 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain;charset=utf-8 ------- Forwarded Message ------- From: Jonathan Adams Date: On Monday, January 29th, 2024 at 8:10 AM Subject: Re: Enabling SSHD To: paulf@quillandmouse.com > On Monday, January 29th, 2024 at 7:57 AM, Paul M Foster paulf@quillandmo= use.com wrote: > = > > Folks: > > = > > I have a new FreeBSD 14 install. I'd like to be able to do some manage= ment > > on this machine (on my LAN) via SSH. I have a stock /etc/ssh/sshd_conf= ig > > file, except for allowing root to login. I've made that edit to the fi= le, > > and restarted the SSH daemon via /etc/rc.d/sshd restart. However, this > > machine still refuses SSH connections, either from a regular user or r= oot. > > What am I doing wrong? If I recall correctly, password-based logins are disabled by default in = favour of key-based logins. You'll need to enable password-based logins or= (better) go with key-based logins. Please disable root logins via SSH. Even on your LAN, it's bad practice. = - Jonathan Adams ____________________________________________ Before Turing, things were done to numbers. After Turing, numbers began doing things" - George Dyson -----------------------389682ebf2940787490e57cbb60521a0-- --------d18de3d94c718490e11015df27aa06482d9b6052865643d7df56323b0ef5e0a2 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: ProtonMail wnUEARYKACcFgmW3pJsJkI6O/sbt8r3IFiEEcBGzOO9wDbcpT/10jo7+xu3y vcgAAPOJAP0VdPKajJ7T/v0nLFhyns8HopCRjUkWvWRxh6FXMt2ezQD/Vw5y eiTbnW5rvyBQYJhOecg/yxYbm43m6e7iNz6Wlwo= =q4Es -----END PGP SIGNATURE----- --------d18de3d94c718490e11015df27aa06482d9b6052865643d7df56323b0ef5e0a2-- From nobody Mon Jan 29 13:47:22 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TNqNv0nCRz58lJF for ; Mon, 29 Jan 2024 13:47:27 +0000 (UTC) (envelope-from paulf@quillandmouse.com) Received: from snail.cherry.relay.mailchannels.net (snail.cherry.relay.mailchannels.net [23.83.223.170]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TNqNt0RLcz4LFM for ; Mon, 29 Jan 2024 13:47:25 +0000 (UTC) (envelope-from paulf@quillandmouse.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=quillandmouse.com header.s=dreamhost header.b=Sn+URsiK; arc=pass ("mailchannels.net:s=arc-2022:i=1"); dmarc=none; spf=pass (mx1.freebsd.org: domain of paulf@quillandmouse.com designates 23.83.223.170 as permitted sender) smtp.mailfrom=paulf@quillandmouse.com X-Sender-Id: dreamhost|x-authsender|paulf@quillandmouse.com Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id F1E89763248 for ; Mon, 29 Jan 2024 13:47:23 +0000 (UTC) Received: from pdx1-sub0-mail-a202.dreamhost.com (unknown [127.0.0.6]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id 916B376356A for ; Mon, 29 Jan 2024 13:47:23 +0000 (UTC) ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1706536043; a=rsa-sha256; cv=none; b=gIAAYUPQQugdV+EWX89DtonlYLUpNfILHznN7W+zyh/BT4KuDY574l/+5HhaCG3hvErPyZ laWBblKaJignsU6gNyxdw5GKWB7PAVXxfWpX4AUfPDrKbnlaIVMehULL9ktVAFtjNEKYtA ZTgpCDAaximAedk9hsjhChgZNUY+wxxZHUUrJcd83FIyEvyC8T93J+IWxW/rasOhQrYHHV bLVHIvZYjjXQWCaR0PuUuL9HWHaf6J/2mcjhjXjixj9DSnEX/dfqWlzxTz0POpPtWB3uyL K4M7hrNxIUomeaJbmS+6opuZIp+kryHbRUv6OZQMaKRdRx9S2YCuyAJjuN2FKg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1706536043; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:in-reply-to:in-reply-to: references:references:dkim-signature; bh=eZbb1Ol3AADHVmMt0xy+Qr6ZXJ6nj1Xp5Tb7aT2ANQo=; b=6gUhLGIvAs6kL2NQHX6bMdTe56Qya6hLVigjRjZo4aNmiiIB6NurfH06BtZrnbZe+iCoaf cWs7nz/B78bIShT+jL3OTm5bH79WWPtrgusebF6u4yl3m2t9ukKSSszEgkwmxjrz22doP0 4C10H5h0YR2Yr1FBzwkm1qHjJOxCHX04KTrSSXemKZMeLNrms3elFLUKkBPK81/nDuuqFl 7pLgUt7+z7JFUstbbSeDd4QU7rbguJKgKxu9V6hh54uPhMC8QfS7BEYvOpCX3A9/AFjFD+ J8X2iPFWlM9pO0N/POHaNCv0U/D+4qp2hsoaXE/dtIw9oM2ZXTXf6PxPPoo7qQ== ARC-Authentication-Results: i=1; rspamd-9c9494d96-bxc5h; auth=pass smtp.auth=dreamhost smtp.mailfrom=paulf@quillandmouse.com X-Sender-Id: dreamhost|x-authsender|paulf@quillandmouse.com X-MC-Relay: Neutral X-MailChannels-SenderId: dreamhost|x-authsender|paulf@quillandmouse.com X-MailChannels-Auth-Id: dreamhost X-Bored-Abortive: 7e1bc8fa602a7a18_1706536043811_416513083 X-MC-Loop-Signature: 1706536043811:3267056930 X-MC-Ingress-Time: 1706536043811 Received: from pdx1-sub0-mail-a202.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.126.230.203 (trex/6.9.2); Mon, 29 Jan 2024 13:47:23 +0000 Received: from yosemite.mars.lan (unknown [47.205.190.127]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: paulf@quillandmouse.com) by pdx1-sub0-mail-a202.dreamhost.com (Postfix) with ESMTPSA id 4TNqNq35X2z9w for ; Mon, 29 Jan 2024 05:47:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quillandmouse.com; s=dreamhost; t=1706536043; bh=eZbb1Ol3AADHVmMt0xy+Qr6ZXJ6nj1Xp5Tb7aT2ANQo=; h=Date:From:To:Subject:Reply-To:Content-Type; b=Sn+URsiK+/3XZMFYpn0TfoA5JWOeaUkezeAh8MsB8XAydVLkPN5nbPZdcoM9IXZOq lD4jE0rL+2EjjKyFkU6Y+SYyLi/zOfxO6UnQveIYu+K7MoXpsJcJjD7qgwjFV0Up7T SnnHblLds7J+eLeLo/cu4Ut78EtExN2yhE+cj6cQC8GnNcmJjdAymCv/fzmDiD/WO8 ltR2XSiZ/4Nn0Smnf6X3uI0XWyjtCJKFF7oaodrxQ07gtX8P3xuoMcrtyDonLlmgJd 88S41DoJEY17dRoStOQZ1obbLvy3z4qFH184fyNDgQ7TbFPwl9jvuqwDqBN1/VDR1V smml9leExTBAA== Received: from paulf by yosemite.mars.lan with local (Exim 4.96) (envelope-from ) id 1rURys-00Ewa4-0c for freebsd-questions@freebsd.org; Mon, 29 Jan 2024 08:47:22 -0500 Date: Mon, 29 Jan 2024 08:47:22 -0500 From: Paul M Foster To: freebsd-questions@freebsd.org Subject: Re: Enabling SSHD Message-ID: <20240129134722.fbwrvamdf2wx4vik@yosemite.mars.lan> Reply-To: paulf@quillandmouse.com References: <20240129125745.fuh6nnc4dooto2oz@yosemite.mars.lan> List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.70 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; ARC_ALLOW(-1.00)[mailchannels.net:s=arc-2022:i=1]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; RWL_MAILSPIKE_VERYGOOD(-0.20)[23.83.223.170:from]; R_DKIM_ALLOW(-0.20)[quillandmouse.com:s=dreamhost]; R_SPF_ALLOW(-0.20)[+ip4:23.83.208.0/20]; MIME_GOOD(-0.10)[text/plain]; DKIM_TRACE(0.00)[quillandmouse.com:+]; FROM_HAS_DN(0.00)[]; RCVD_TLS_LAST(0.00)[]; MIME_TRACE(0.00)[0:+]; TO_MATCH_ENVRCPT_ALL(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; DMARC_NA(0.00)[quillandmouse.com]; MISSING_XM_UA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[23.83.223.170:from]; REPLYTO_ADDR_EQ_FROM(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; ASN(0.00)[asn:63213, ipnet:23.83.223.0/24, country:CA]; RCVD_COUNT_FIVE(0.00)[5]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; TO_DN_NONE(0.00)[]; MLMMJ_DEST(0.00)[freebsd-questions@freebsd.org]; HAS_REPLYTO(0.00)[paulf@quillandmouse.com] X-Rspamd-Queue-Id: 4TNqNt0RLcz4LFM On Mon, Jan 29, 2024 at 01:14:29PM +0000, Jonathan Adams wrote: > ------- Forwarded Message ------- From: Jonathan Adams > Date: On Monday, January 29th, 2024 at 8:10 AM > Subject: Re: Enabling SSHD To: paulf@quillandmouse.com > > > > > On Monday, January 29th, 2024 at 7:57 AM, Paul M Foster > > paulf@quillandmouse.com wrote: > > > > > > Folks: > > > > > > > I have a new FreeBSD 14 install. I'd like to be able to do some > > > management on this machine (on my LAN) via SSH. I have a stock > > > /etc/ssh/sshd_config file, except for allowing root to login. I've > > > made that edit to the file, and restarted the SSH daemon via > > > /etc/rc.d/sshd restart. However, this machine still refuses SSH > > > connections, either from a regular user or root. What am I doing > > > wrong? > > If I recall correctly, password-based logins are disabled by default in > favour of key-based logins. You'll need to enable password-based logins > or (better) go with key-based logins. > I certainly hope this is not the case. I've been running Linux for 30 years, and am looking to transition to FreeBSD. If passwords are prohibited for SSH access, that would be a major reason for me not to pursue FreeBSD any further. FWIW, I disagree with the current fad of believing that passwords should be eliminated for everything. I believe passwords, properly implemented, are more than adequate for normal security. If you're trying to secure NSA servers or something, by all means eliminate passwords in favor of hardware keys or the like. In any case, this doesn't provide any actual methods for resolving the current problem. Paul -- Paul M. Foster Personal Blog: http://noferblatz.com Company Site: http://quillandmouse.com Software Projects: https://gitlab.com/paulmfoster From nobody Mon Jan 29 13:59:07 2024 X-Original-To: questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TNqfP1w9Sz58m5F for ; Mon, 29 Jan 2024 13:59:09 +0000 (UTC) (envelope-from roberthuff@rcn.com) Received: from smtp.rcn.com (mail.rcn.syn-alias.com [129.213.13.252]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TNqfN5mLCz4NDV for ; Mon, 29 Jan 2024 13:59:08 +0000 (UTC) (envelope-from roberthuff@rcn.com) Authentication-Results: mx1.freebsd.org; none DKIM-Signature: v=1; a=rsa-sha1; d=rcn.com; s=20180516; c=relaxed/simple; q=dns/txt; i=@rcn.com; t=1706536747; h=From:Subject:Date:To:MIME-Version:Content-Type; bh=AMGmDp/epqaAUAPKuYPgY+CkoJ4=; b=AIhoom443gO/Oh9mc3Vht+6lo6XSljxNwiQshkxblJDAqZlXwsCoPNuT2pE24tBL mWkDs0dpPEvltJizlXtLtUTULWsqJc+EhqlX9R8EeXKOZn83LrwK8i/01RTFA9sE o4GD2F66m28neos7GaK1w32K2OoSgJMFxFUShymSrjsEfeio9aM5jVh8+STuAwlp 1JHdI/OmYlLXTbBVEqqhvjoDu+d739+ldDxpggfpwNblcVrYwAQVJzZcJdNqZrSY rbUHRzAOp7WIrZArmagFBZKKuWs1rC7tF4n5ct7EW4KoquHeLKTKbAitk2Xatjsc MfdHYMcdSs739frpLlUVHg==; X-Authed-Username: cm9iZXJ0aHVmZkByY24uY29t Received: from [130.44.151.156] ([130.44.151.156:50880] helo=jerusalem.litteratus.org.litteratus.org) by smtp.rcn.com (envelope-from ) (ecelerity 4.4.1.20033 r(msys-ecelerity:tags/4.4.1.0^0)) with ESMTPSA (cipher=AES256-GCM-SHA384) id AA/4B-10852-B2FA7B56; Mon, 29 Jan 2024 08:59:07 -0500 List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <26039.44843.485920.143283@jerusalem.litteratus.org> Date: Mon, 29 Jan 2024 08:59:07 -0500 From: Robert Huff To: paulf@quillandmouse.com CC: questions@freebsd.org Subject: Re: Enabling SSHD In-Reply-To: <20240129134722.fbwrvamdf2wx4vik@yosemite.mars.lan> References: <20240129125745.fuh6nnc4dooto2oz@yosemite.mars.lan> <20240129134722.fbwrvamdf2wx4vik@yosemite.mars.lan> X-Mailer: VM 8.2.0b under 29.1 (amd64-portbld-freebsd14.0) X-Vade-Verdict: clean X-Vade-Analysis-1: gggruggvucftvghtrhhoucdtuddrgedvkedrfedtgedggeekucetufdoteggodetrfdotffvucfrrhho X-Vade-Analysis-2: fhhilhgvmecuufgjpfetvefqtfdptfevpfdpgffpggdqtfevpfdpqfgfvfenuceurghilhhouhhtmecu X-Vade-Analysis-3: fedtudenucenucfjughrpeggtgfgkfffhffvvefujghfofesthejredtredtvdenucfhrhhomheptfho X-Vade-Analysis-4: sggvrhhtucfjuhhffhcuoehrohgsvghrthhhuhhffhesrhgtnhdrtghomheqnecuggftrfgrthhtvghr X-Vade-Analysis-5: nhepheduiedvteehueejhffhudevhedthfeukeetudfhkeduveektedvgedvkeeuvddtnecukfhppedu X-Vade-Analysis-6: fedtrdeggedrudehuddrudehieenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepihhnvght X-Vade-Analysis-7: pedufedtrdeggedrudehuddrudehiedphhgvlhhopehjvghruhhsrghlvghmrdhlihhtthgvrhgrthhu X-Vade-Analysis-8: shdrohhrghdrlhhithhtvghrrghtuhhsrdhorhhgpdhmrghilhhfrhhomheprhhosggvrhhthhhufhhf X-Vade-Analysis-9: sehrtghnrdgtohhmpdhrtghpthhtohepqhhuvghsthhiohhnshesfhhrvggvsghsugdrohhrghdprhgt X-Vade-Analysis-10: phhtthhopehprghulhhfsehquhhilhhlrghnughmohhushgvrdgtohhmpdhmthgrhhhoshhtpehsmhht X-Vade-Analysis-11: phdtvddrrhgtnhdrvghmrghilhdqrghshhdurdhshihntgdrlhgrnhdpnhgspghrtghpthhtohepvddp X-Vade-Analysis-12: ihhspghnrgepthhruhgvpdgruhhthhgpuhhsvghrpehrohgsvghrthhhuhhffh X-Vade-Client: RCN X-Rspamd-Queue-Id: 4TNqfN5mLCz4NDV X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:31898, ipnet:129.213.8.0/21, country:US] Paul: > I certainly hope this is not the case. The key phrase is "by default"; if memory serves - haven't had to mess with the configuration in years - the code is already there, but passwords are disabled by a single line in sshd_config. Respectfully, Robert Huff From nobody Mon Jan 29 14:08:29 2024 X-Original-To: questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TNqsM2tkcz58mmV for ; Mon, 29 Jan 2024 14:08:39 +0000 (UTC) (envelope-from luciano@vespaperitivo.it) Received: from baobab.bilink.net (baobab.bilink.net [212.45.144.44]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TNqsL3dM8z4Q43 for ; Mon, 29 Jan 2024 14:08:38 +0000 (UTC) (envelope-from luciano@vespaperitivo.it) Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of luciano@vespaperitivo.it designates 212.45.144.44 as permitted sender) smtp.mailfrom=luciano@vespaperitivo.it Received: from baobab.bilink.net (localhost [127.0.0.1]) by baobab.bilink.it (Postfix) with ESMTP id 4TNqsB0P11zLcY for ; Mon, 29 Jan 2024 15:08:30 +0100 (CET) Received: from hermes.mcs.it (hermes.mcs.it [192.168.132.21]) by baobab.bilink.it (Postfix) with ESMTP id 4TNqs970XtzLlG for ; Mon, 29 Jan 2024 15:08:29 +0100 (CET) Received: from mordeus.mcs.it (mordeus.mcs.it [192.168.45.6]) by hermes.mcs.it (Postfix) with ESMTP id CA79B4E6053 for ; Mon, 29 Jan 2024 15:08:29 +0100 (CET) Date: Mon, 29 Jan 2024 15:08:29 +0100 From: Luciano Mannucci To: questions@freebsd.org Subject: Re: Enabling SSHD In-Reply-To: <20240129134722.fbwrvamdf2wx4vik@yosemite.mars.lan> References: <20240129125745.fuh6nnc4dooto2oz@yosemite.mars.lan> <20240129134722.fbwrvamdf2wx4vik@yosemite.mars.lan> X-Mailer: Claws Mail 3.19.1 (GTK+ 2.24.33; amd64-portbld-freebsd13.2) X-Face: 4qPv4GNcD;h<7Q/sK>+GqF4=CR@KmnPkSmwd+#%\F`4yjKO3"C]p'z=(oWRnsYBQGM\5g:4skqQY0NnV'dM:Mm:^/_+I@a";[-s=ogufdF"9ggQ'=y List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Message-Id: <20240129140829.CA79B4E6053@hermes.mcs.it> X-Virus-Scanned: PippoLillo, ClamAV using ClamSMTP X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.23 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-0.93)[-0.926]; R_SPF_ALLOW(-0.20)[+ip4:212.45.144.0/24]; MIME_GOOD(-0.10)[text/plain]; RCVD_COUNT_THREE(0.00)[3]; RCPT_COUNT_ONE(0.00)[1]; DMARC_NA(0.00)[vespaperitivo.it]; TO_MATCH_ENVRCPT_ALL(0.00)[]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:8816, ipnet:212.45.128.0/19, country:IT]; FROM_HAS_DN(0.00)[]; R_DKIM_NA(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; ARC_NA(0.00)[]; TO_DN_NONE(0.00)[]; MLMMJ_DEST(0.00)[questions@freebsd.org]; PREVIOUSLY_DELIVERED(0.00)[questions@freebsd.org]; MIME_TRACE(0.00)[0:+] X-Rspamd-Queue-Id: 4TNqsL3dM8z4Q43 On Mon, 29 Jan 2024 08:47:22 -0500 Paul M Foster wrote: > In any case, this doesn't provide any actual methods for resolving the > current problem. I don't use 14 yet. With freebsd up to 13.X "UsePAM yes" is the default. You might try to set it explicitly on 14... Cheers, Luciano. -- /"\ /Via A. Salaino, 7 - 20144 Milano (Italy) \ / ASCII RIBBON CAMPAIGN / PHONE : +39 02485781 FAX: +39 0248028247 X AGAINST HTML MAIL / E-MAIL: posthamster@sublink.sublink.ORG / \ AND POSTINGS / WWW: http://www.lesassaie.IT/ From nobody Mon Jan 29 14:15:19 2024 X-Original-To: questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TNr1H0QjZz58nc2 for ; Mon, 29 Jan 2024 14:15:31 +0000 (UTC) (envelope-from matthew@FreeBSD.org) Received: from smtp.freebsd.org (smtp.freebsd.org [IPv6:2610:1c1:1:606c::24b:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TNr1G72vtz4TH1 for ; Mon, 29 Jan 2024 14:15:30 +0000 (UTC) (envelope-from matthew@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1706537731; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=nWXz7vCK2dPzeTH5XPLSOwyH0IZ4+MjgSX3dwWZup0g=; b=IeQ79H0fWND+/+m1PfBueK7562OsBC6fA7jnfMbB+5RwqrYzM3fS5+PReW2IWVY/HkT7ub 35O1AeefefkMn+v4SUKI748KDsSbF+FuPjrj5djerayP90CpdO/IcIvlLHoYZFKdVPD+uN 3qUz18MQ7hcp8wPv+k9r5Pma9FZA2TFbKk+yrMms3JnLuggVgY397MPNlt7wwCKH98UWGP /T9WnI78JStnbwCw9SCFnpTbEXmfO+u41LURrM96IRzWBiGQEFEjTFkxUd/2oZZCznSNgw HkaOshIPeRFKCwefldhhU/3G42I56w3OfWt0aio+kUdmdLbwPTTzg4jbpxIAeg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1706537731; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=nWXz7vCK2dPzeTH5XPLSOwyH0IZ4+MjgSX3dwWZup0g=; b=beBaPV7oRxqTDjxpxzKhS2HtSMw0rWDZWXfvMydhxOQwvjoUGELU7i4yZjhnuKLM4KDawl f7BL/96qWurPUzbXKEMChpcQViy1DnDK9QRRZqPOeWweJFU2H5XdvHpUSzODiuP8enNcRy dX8l7gPIUYZg2ka0ZMw2WKmDiFntWpw8GvIVdUCr7JCwd9OMVRXjPtA/X6xOMOzOVrfVWJ PtDL4j24RZKeSZoO1jF4DkhXmK6tM16Kkhlg6tz+1NU0TDKIJ4qRWYLm6aH7cFZfLGXFvh Tp+hohUtZM40yNqX4fyBh7QQakk6S3h+jBSHkAMkMhkDhfH72XUb+CoPcjxqpw== ARC-Authentication-Results: i=1; smtp.infracaninophile.co.uk; dmarc=fail (p=none dis=none) header.from=FreeBSD.org ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1706537731; a=rsa-sha256; cv=none; b=B7NX7Q+kD1rQbvkYN7G2qx7IfYHt9fp8E1XEmnWgRbFOmWRoqlr/n9W0zmNVhjQoG27uQ4 I/i0T+Im6My+Igq6Y6rnjVOQmgZFxtvsky+0EwYV3w+fDtrKT3hUaQdYfKZOItNQRn4ywA G0tL2UDkXXmQ4/4Q1CNqRS+aGg5pds57FLuc1z26Fr2COmbCFCA82PebgQP1gbECiXah4D g7k1jQjTCiL5SUOLeXJHScZOZxsWTs7I9/twNTd8su2SP/UFOl6ZPhXz4mkFBwOJF20Yyu 7ZuYncoGFfTTO8bQMLNns71/+aao3i9nLMaGCSGdwtceNVBS261gXnW+RqdjlA== Received: from smtp.infracaninophile.co.uk (smtp.infracaninophile.co.uk [81.2.117.100]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) (Authenticated sender: matthew/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id 4TNr1G57rrz1CvZ for ; Mon, 29 Jan 2024 14:15:30 +0000 (UTC) (envelope-from matthew@FreeBSD.org) Received: from [IPV6:2001:8b0:151:1:bdf3:d5c:b59a:68f5] (unknown [IPv6:2001:8b0:151:1:bdf3:d5c:b59a:68f5]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (prime256v1) server-digest SHA256) (No client certificate requested) (Authenticated sender: m.seaman@infracaninophile.co.uk) by smtp.infracaninophile.co.uk (Postfix) with ESMTPSA id B11A216663 for ; Mon, 29 Jan 2024 14:15:27 +0000 (GMT) Authentication-Results: smtp.infracaninophile.co.uk; dmarc=fail (p=none dis=none) header.from=FreeBSD.org Message-ID: <4f60fad9-c5b1-46ea-bfbf-7e654bd5d3d1@FreeBSD.org> Date: Mon, 29 Jan 2024 14:15:19 +0000 List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: Enabling SSHD To: questions@freebsd.org References: <20240129125745.fuh6nnc4dooto2oz@yosemite.mars.lan> <20240129134722.fbwrvamdf2wx4vik@yosemite.mars.lan> Content-Language: en-GB From: Matthew Seaman In-Reply-To: <20240129134722.fbwrvamdf2wx4vik@yosemite.mars.lan> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit On 29/01/2024 13:47, Paul M Foster wrote: > I certainly hope this is not the case. I've been running Linux for 30 > years, and am looking to transition to FreeBSD. If passwords are prohibited > for SSH access, that would be a major reason for me not to pursue FreeBSD > any further. FWIW, I disagree with the current fad of believing that > passwords should be eliminated for everything. I believe passwords, > properly implemented, are more than adequate for normal security. If you're > trying to secure NSA servers or something, by all means eliminate > passwords in favor of hardware keys or the like. Passwords are not prohibited for SSH access. The default configuration supplied with a basic install of FreeBSD doesn't turn password access on for root by default, because we know that many people will just use the "out of the box" configuration, so it is set to be as secure as feasible. However this is FreeBSD. We have a saying around here: "tools, not policy" -- meaning that, yes, the system comes with ssh, but it's entirely up to you how to configure it. If you want password based auth for sshd, then go ahead and edit /etc/ssh/sshd_config and/or /etc/pam.d entries, as appropriate. In fact, in general, if you install any software that requires configuration files to be set up, don't assume you're going to get to get anything like a working configuration directly from `pkg install`. You might get something immediately usable, sometimes, but you can't rely on that happening. Likewise, don't expect daemon processes to be automatically enabled and started up as a result of `pkg install`. On FreeBSD, those are deliberately separate steps that you, as the admin, are expected make intentionally. It's maybe not as convenient for a more casual user, but it plays much better with automated configuration tools like Ansible, and if you're working at scale with whole clusters of machines. Cheers, Matthew From nobody Mon Jan 29 14:32:38 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TNrPZ5Xwwz58plQ for ; Mon, 29 Jan 2024 14:33:06 +0000 (UTC) (envelope-from jfadams1963@proton.me) Received: from mail-40134.protonmail.ch (mail-40134.protonmail.ch [185.70.40.134]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "protonmail.com", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TNrPZ3DY8z4XYg for ; Mon, 29 Jan 2024 14:33:06 +0000 (UTC) (envelope-from jfadams1963@proton.me) Authentication-Results: mx1.freebsd.org; none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=proton.me; s=protonmail; t=1706538782; x=1706797982; bh=Blxu1YnQNkTo81I6tb/3eFqRG/kB52n1VcUfVw+p9nA=; h=Date:To:From:Cc:Subject:Message-ID:In-Reply-To:References: Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID:BIMI-Selector; b=AtCrpF5v3ogamIihE5xgscZyME44mq6vQc/rvyB75nff1PhsN+j4VftFw0gnrwbzB R51wFYKfHheMBagHIynyLsHgx9IVaKHmleCKhtUx0uyIbwkvxZ2AJlWTA6iA69Ckkv QTWavnStkLyew6FAWKhybSZtlOKldp2/HQ7Y7SFTLTClN058s/rQGBcXiGUjrlUojw NG9j1GIQ3OOqELzXMj0gV9mb3X3QnKdlPlwtam3gc7xTizbzph3fDfFH5JjOtliUrt hLKBc/ct+fVgdTAAFSOce+AQFpy+VyE6CeuMrR4vBKrGL38LR2PB9ZlajNiVbWWeL4 gk0EaN1nmbDaw== Date: Mon, 29 Jan 2024 14:32:38 +0000 To: paulf@quillandmouse.com From: Jonathan Adams Cc: freebsd-questions@freebsd.org Subject: Re: Enabling SSHD Message-ID: <_0xW_8YPFIoxsQASaPqgrUvPLXSCNsDB5KjMZWGwJYy52yAeL99T_4zb9iyA4Cdjm3qOj5SALAO8iQO8Y4c90A7S7JHs1eq0jcrW2A0KBFI=@proton.me> In-Reply-To: <20240129134722.fbwrvamdf2wx4vik@yosemite.mars.lan> References: <20240129125745.fuh6nnc4dooto2oz@yosemite.mars.lan> <20240129134722.fbwrvamdf2wx4vik@yosemite.mars.lan> Feedback-ID: 80741059:user:proton List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha512; boundary="------7ae26d532ed0517ce78b19ea48bd91869015cdb2b27a2fbb325a36136ac6b4e1"; charset=utf-8 X-Rspamd-Queue-Id: 4TNrPZ3DY8z4XYg X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:62371, ipnet:185.70.40.0/24, country:CH] This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------7ae26d532ed0517ce78b19ea48bd91869015cdb2b27a2fbb325a36136ac6b4e1 Content-Type: multipart/mixed;boundary=---------------------403f46ec28f7b07a2d02321eac6bebdc -----------------------403f46ec28f7b07a2d02321eac6bebdc Content-Transfer-Encoding: quoted-printable Content-Type: text/plain;charset=utf-8 On Monday, January 29th, 2024 at 8:47 AM, Paul M Foster wrote: = > In any case, this doesn't provide any actual methods for resolving the > current problem. Paul, please accept my apologies for a less than useful reply--I was a lit= tle rushed at the time. In /etc/ssh/sshd_config set to "YES": # Change to yes to enable built-in password authentication. # Note that passwords may also be accepted via KbdInteractiveAuthenticatio= n. PasswordAuthentication no In /etc/rc.conf add--if not there already: sshd_enable=3DYES Then you can (re)start sshd: # service sshd start Hopefully I didn't forget anything. If I did, someone will let us know! :-= ) -=C2=A0Jonathan Adams ____________________________________________ "Before Turing, things were done to numbers. After Turing, numbers began doing things" - George Dyson -----------------------403f46ec28f7b07a2d02321eac6bebdc-- --------7ae26d532ed0517ce78b19ea48bd91869015cdb2b27a2fbb325a36136ac6b4e1 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: ProtonMail wnUEARYKACcFgmW3ttgJkI6O/sbt8r3IFiEEcBGzOO9wDbcpT/10jo7+xu3y vcgAAPUwAQDSrB8l8o37M/UbBrtZSNEzJUW3BxGfq5hJHKtj1Mj12QD/d0C/ m7VENy4jic6ju8gwiSDvkSGRb0TdAV1mQJHCNwk= =Dwlj -----END PGP SIGNATURE----- --------7ae26d532ed0517ce78b19ea48bd91869015cdb2b27a2fbb325a36136ac6b4e1-- From nobody Mon Jan 29 14:34:00 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TNrQr5zkGz58pj0 for ; Mon, 29 Jan 2024 14:34:12 +0000 (UTC) (envelope-from gray@nxg.name) Received: from mx1.mythic-beasts.com (mx1.mythic-beasts.com [IPv6:2a00:1098:0:86:1000:0:2:1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TNrQq62HSz4YT5 for ; Mon, 29 Jan 2024 14:34:11 +0000 (UTC) (envelope-from gray@nxg.name) Authentication-Results: mx1.freebsd.org; none Received: by mailhub-cam-d.mythic-beasts.com with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1rUSi8-00GHW4-TL; Mon, 29 Jan 2024 14:34:09 +0000 From: Norman Gray To: Jonathan Adams Cc: freebsd-questions@freebsd.org Subject: Re: Enabling SSHD Date: Mon, 29 Jan 2024 14:34:00 +0000 X-Mailer: MailMate (1.14r5964) Message-ID: <3CBFBF9D-B141-4417-AF5B-1E85CE6ABBC9@nxg.name> In-Reply-To: References: <20240129125745.fuh6nnc4dooto2oz@yosemite.mars.lan> List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain Content-Transfer-Encoding: quoted-printable X-BlackCat-Spam-Score: 24 X-Spam-Status: No, score=2.4 X-Rspamd-Queue-Id: 4TNrQq62HSz4YT5 X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:44684, ipnet:2a00:1098::/32, country:GB] Greetings. On 29 Jan 2024, at 13:14, Jonathan Adams wrote: > Please disable root logins via SSH. Even on your LAN, it's bad practic= e. I think this is going a step too far. I'd agree with you that password-b= ased root access is likely to be problematic (pace Paul Foster's comments= elsewhere in the thread), but key-based ssh authentication, plus either = group or cert-based AuthZ, seems adequately secure. ssh certs are quite nice -- [1] is a nice write-up. Short-validity ssh c= erts let you control who has access, and allow clear logging of who has c= onnected. Password-based root logins don't make clear who has logged in,= and to me that's an important argument against permitting that. I don't= see a difference, in security terms, between permitting sudo to a root s= hell, and permitting cert-based ssh access. (I'm talking only about internal connections, of course -- outward facing= sshd servers are a different issue). Best wishes, Norman [1] https://engineering.fb.com/2016/09/12/security/scalable-and-secure-ac= cess-with-ssh/ -- = Norman Gray : https://nxg.me.uk From nobody Mon Jan 29 15:14:00 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TNsL761FKz58snm for ; Mon, 29 Jan 2024 15:15:11 +0000 (UTC) (envelope-from naddy@mips.inka.de) Received: from mail.inka.de (mail.inka.de [IPv6:2a04:c9c7:0:1073:217:a4ff:fe3b:e77c]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TNsL72wTgz4cZh for ; Mon, 29 Jan 2024 15:15:11 +0000 (UTC) (envelope-from naddy@mips.inka.de) Authentication-Results: mx1.freebsd.org; none Received: from mips.inka.de (naddy@[127.0.0.1]) by mail.inka.de with uucp (rmailwrap 0.5) id 1rUTLl-00GIVi-8o; Mon, 29 Jan 2024 16:15:05 +0100 Received: from lorvorc.mips.inka.de (localhost [127.0.0.1]) by lorvorc.mips.inka.de (8.17.1/8.17.1) with ESMTP id 40TFE0JV066284; Mon, 29 Jan 2024 16:14:00 +0100 (CET) (envelope-from naddy@lorvorc.mips.inka.de) Received: (from naddy@localhost) by lorvorc.mips.inka.de (8.17.1/8.17.1/Submit) id 40TFE06W066283; Mon, 29 Jan 2024 16:14:00 +0100 (CET) (envelope-from naddy) Date: Mon, 29 Jan 2024 16:14:00 +0100 From: Christian Weisgerber To: Paul M Foster Cc: freebsd-questions@freebsd.org Subject: Re: Enabling SSHD Message-ID: References: <20240129125745.fuh6nnc4dooto2oz@yosemite.mars.lan> List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20240129125745.fuh6nnc4dooto2oz@yosemite.mars.lan> X-Rspamd-Queue-Id: 4TNsL72wTgz4cZh X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:202113, ipnet:2a04:c9c7::/32, country:DE] Paul M Foster: > I have a new FreeBSD 14 install. I'd like to be able to do some management > on this machine (on my LAN) via SSH. I have a stock /etc/ssh/sshd_config > file, except for allowing root to login. I've made that edit to the file, > and restarted the SSH daemon via /etc/rc.d/sshd restart. However, this > machine still refuses SSH connections, either from a regular user or root. Is sshd running? Check with ps. Are you blocking the ssh port (22) with a packet filter? What does a client say when you try to connect with "ssh -v"? -- Christian "naddy" Weisgerber naddy@mips.inka.de From nobody Mon Jan 29 15:57:58 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TNtHb37rJz58xHx for ; Mon, 29 Jan 2024 15:58:03 +0000 (UTC) (envelope-from paulf@quillandmouse.com) Received: from iguana.tulip.relay.mailchannels.net (iguana.tulip.relay.mailchannels.net [23.83.218.253]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TNtHZ3hd2z4kdd for ; Mon, 29 Jan 2024 15:58:02 +0000 (UTC) (envelope-from paulf@quillandmouse.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=quillandmouse.com header.s=dreamhost header.b=WVDUzLsq; arc=pass ("mailchannels.net:s=arc-2022:i=1"); dmarc=none; spf=pass (mx1.freebsd.org: domain of paulf@quillandmouse.com designates 23.83.218.253 as permitted sender) smtp.mailfrom=paulf@quillandmouse.com X-Sender-Id: dreamhost|x-authsender|paulf@quillandmouse.com Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id 17877363D1A for ; Mon, 29 Jan 2024 15:58:00 +0000 (UTC) Received: from pdx1-sub0-mail-a230.dreamhost.com (unknown [127.0.0.6]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id B07F73648B0 for ; Mon, 29 Jan 2024 15:57:59 +0000 (UTC) ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1706543879; a=rsa-sha256; cv=none; b=n+Tm2zgoNDFzrnsm3tXVhmMKJSSh5qIU5jUPytJxHSI6tEAnN8KsFcuBkKNbO0nZ+qnEte TZ9n6RoZ9wK4ZTOijC01afwzciYipZiE57g3N+IO47hyhIEgOgsb9+tq614nK8s8U5oTDd 7ENru022zW+cSK8RJHD4ErZRpntiWQxnr+KvNbNJ2vLnZ28vGJG9jsoR2Wbso7KkOWRnsD SvdmQCFAcjofxwO5st0H+Vu/owkLKWvLevxn7yLa4dz2TzzE9KmVO0h9IKAyoqMovL3ZEE Eg7/PIGGQHonm74jRFkbo0WbnnOCe6z3nVfFDwK7EzbH/rFk4hHBPSzu7uw9OA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1706543879; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:in-reply-to:in-reply-to: references:references:dkim-signature; bh=UKYiBSnWmlc3nGTsl+iFvBEj/+ZjW1hZe4myySEf+QY=; b=EjyNiUknf8/Abe5ZA2u3SpqaiMHcTxR66Afzo82RgGZr6bzMvFSKrufvlrfKH4PcuAajHm /XtOSUKSQLq0t/ngBe9q1+uQSzi2Msp/TD737VGaIZwo0wY3kHNQe6e+gB7ZYDduSjXgp6 wI5tkinhbQz756+lORipVnp+HNqWdvgeZP2Hky6zxqGerkNuEGYqyyHZYM+vmttqX1CSAO /PjN75QUfn2/Zl15L+Uxek5Iqnt5TJMELt6/mbW3loqRAaq3qamLk2RghzFBdPf+wkkYHa 9oHnboEDyXwyxYiSMV2A9+NSG3/uFEtY3La508GDidRZQGmDH1JdDQUsYG8O4g== ARC-Authentication-Results: i=1; rspamd-9c9494d96-dd9sc; auth=pass smtp.auth=dreamhost smtp.mailfrom=paulf@quillandmouse.com X-Sender-Id: dreamhost|x-authsender|paulf@quillandmouse.com X-MC-Relay: Neutral X-MailChannels-SenderId: dreamhost|x-authsender|paulf@quillandmouse.com X-MailChannels-Auth-Id: dreamhost X-Stupid-Tart: 7d6885777931db56_1706543879940_600967212 X-MC-Loop-Signature: 1706543879940:4239981867 X-MC-Ingress-Time: 1706543879940 Received: from pdx1-sub0-mail-a230.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.109.86.202 (trex/6.9.2); Mon, 29 Jan 2024 15:57:59 +0000 Received: from yosemite.mars.lan (unknown [47.205.190.127]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: paulf@quillandmouse.com) by pdx1-sub0-mail-a230.dreamhost.com (Postfix) with ESMTPSA id 4TNtHW30tRzGK for ; Mon, 29 Jan 2024 07:57:59 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quillandmouse.com; s=dreamhost; t=1706543879; bh=UKYiBSnWmlc3nGTsl+iFvBEj/+ZjW1hZe4myySEf+QY=; h=Date:From:To:Subject:Reply-To:Content-Type; b=WVDUzLsqy1zv6Q4M5I9D1Wr+zdz5zoVNuhCslB8xX84A3tr+7UzAWXzA9J8J5xewL u2dVSTbfHmkJHxPgT85UprD1SZRAlNIi3jtR5qqAFzsO0O4WUooX/cA0JmaS6QwR4Z KtxS0H6GSzNyF4QY4FE1GbbAnYFHoX2bZcMT5x1bYRKHsshb+UIUOQMrg6eXdkoImF 7BYWpmKE4by11ubsRpp+M+UZMJShc5+x/pkNR9e1n56105pGhpwRyBhM8oYthZROI2 4k2L+5eKmVdLbscqYclEfKDzkgq9DbSFqIxOCUQKQ32SOIMI1kyJew5ou9ghfYJ7Yn sSLXjdvVkpqCg== Received: from paulf by yosemite.mars.lan with local (Exim 4.96) (envelope-from ) id 1rUU1G-00FNQG-16 for freebsd-questions@freebsd.org; Mon, 29 Jan 2024 10:57:58 -0500 Date: Mon, 29 Jan 2024 10:57:58 -0500 From: Paul M Foster To: freebsd-questions@freebsd.org Subject: Re: Enabling SSHD Message-ID: <20240129155758.2nnyjihsyiyxztib@yosemite.mars.lan> Reply-To: paulf@quillandmouse.com References: <20240129125745.fuh6nnc4dooto2oz@yosemite.mars.lan> <20240129134722.fbwrvamdf2wx4vik@yosemite.mars.lan> <4f60fad9-c5b1-46ea-bfbf-7e654bd5d3d1@FreeBSD.org> List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4f60fad9-c5b1-46ea-bfbf-7e654bd5d3d1@FreeBSD.org> X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.90 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; ARC_ALLOW(-1.00)[mailchannels.net:s=arc-2022:i=1]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; RWL_MAILSPIKE_EXCELLENT(-0.40)[23.83.218.253:from]; R_DKIM_ALLOW(-0.20)[quillandmouse.com:s=dreamhost]; R_SPF_ALLOW(-0.20)[+ip4:23.83.208.0/20]; MIME_GOOD(-0.10)[text/plain]; DKIM_TRACE(0.00)[quillandmouse.com:+]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DMARC_NA(0.00)[quillandmouse.com]; RCVD_TLS_LAST(0.00)[]; MIME_TRACE(0.00)[0:+]; RCPT_COUNT_ONE(0.00)[1]; MISSING_XM_UA(0.00)[]; RCVD_VIA_SMTP_AUTH(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[23.83.218.253:from]; REPLYTO_ADDR_EQ_FROM(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; FROM_HAS_DN(0.00)[]; ASN(0.00)[asn:63213, ipnet:23.83.216.0/22, country:CA]; RCVD_COUNT_FIVE(0.00)[5]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; TO_DN_NONE(0.00)[]; MLMMJ_DEST(0.00)[freebsd-questions@freebsd.org]; HAS_REPLYTO(0.00)[paulf@quillandmouse.com] X-Rspamd-Queue-Id: 4TNtHZ3hd2z4kdd On Mon, Jan 29, 2024 at 02:15:19PM +0000, Matthew Seaman wrote: [snip] > how to configure it. If you want password based auth for sshd, then go > ahead and edit /etc/ssh/sshd_config and/or /etc/pam.d entries, as > appropriate. Assuming I want to login as any user on the system, hacking pam shouldn't be necessary, right? I've made the following changes to the stock /etc/ssh/sshd_config: PubkeyAuthentication no PermitRootLogin yes PasswordAuthentication yes And of course, restarted the daemon each time I made a change. However, when I try to ssh in in the following ways: ssh paulf@buckaroo ssh root@buckaroo ssh buckaroo ssh 192.168.254.30 I get a flat "Permission denied (password,keyboard-interactive)". Not even an attempt to ask for a password. Clearly something's wrong, but I have no idea what. And I have googled the problem and visitied numerous sites to no avail. Paul -- Paul M. Foster Personal Blog: http://noferblatz.com Company Site: http://quillandmouse.com Software Projects: https://gitlab.com/paulmfoster From nobody Mon Jan 29 17:46:45 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TNwj94yqtz596Hk for ; Mon, 29 Jan 2024 17:46:53 +0000 (UTC) (envelope-from freebsd-questions@umpquanet.com) Received: from sfo.umpquanet.com (sfo.umpquanet.com [104.245.33.249]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "umpquanet.com", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TNwj85kzgz4xp2 for ; Mon, 29 Jan 2024 17:46:52 +0000 (UTC) (envelope-from freebsd-questions@umpquanet.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=umpquanet.com header.s=20231023 header.b="LeT+BB/w"; dmarc=none; spf=pass (mx1.freebsd.org: domain of freebsd-questions@umpquanet.com designates 104.245.33.249 as permitted sender) smtp.mailfrom=freebsd-questions@umpquanet.com Received: from sfo.umpquanet.com (localhost [127.0.0.1]) by sfo.umpquanet.com (8.16.1/8.16.1) with ESMTPS id 40THkjlh030076 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO) for ; Mon, 29 Jan 2024 09:46:45 -0800 (PST) (envelope-from freebsd-questions@umpquanet.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=umpquanet.com; s=20231023; t=1706550405; bh=pp1BVepX7vcOnSW95SjPc6bRo8ag+6teHLUh7c0aq2M=; h=Date:From:To:Subject; b=LeT+BB/w8I77oFRrK7jv1RLpQ/f7Q7/QuSf2VFZTNAm0J29LtesOV8lS3JAnxNE8L wyW6WDDzSmC2y13uACHyniJk7P9+ySDCNOy09B/lc9FnPyzDAMLxwbBe893M6P/mzs OTGqMLU0EMWkoyGZoT0/MXD71uSV1GUD6Y12dlXOmT84O4Z24d9d3yP7CZF3rtp7Gm OPFyFaqPv85ejIHXkQxJsLPziNG7JhBEC9WqgN+rya5PI1zBVt+PoSot45pmr5/xy3 5w3h06nNl4apK5kltk8jw2t/PbrIWmzNOLfayVWQ67OB0rt9ddjrNfsdDwcLgaXNsB ELb7i/7xpr+TQ== Received: (from james@localhost) by sfo.umpquanet.com (8.16.1/8.16.1/Submit) id 40THkjgw030075 for freebsd-questions@freebsd.org; Mon, 29 Jan 2024 09:46:45 -0800 (PST) (envelope-from freebsd-questions@umpquanet.com) X-Authentication-Warning: sfo.umpquanet.com: james set sender to freebsd-questions@umpquanet.com using -f Date: Mon, 29 Jan 2024 09:46:45 -0800 From: Jim Long To: freebsd-questions@freebsd.org Subject: VirtIO/ipfw/natd throughput problem in hosted VM Message-ID: List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.50 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[umpquanet.com:s=20231023]; R_SPF_ALLOW(-0.20)[+a]; MIME_GOOD(-0.10)[text/plain]; RCPT_COUNT_ONE(0.00)[1]; ASN(0.00)[asn:6364, ipnet:104.245.32.0/23, country:US]; DMARC_NA(0.00)[umpquanet.com]; MIME_TRACE(0.00)[0:+]; MISSING_XM_UA(0.00)[]; HAS_XAW(0.00)[]; MLMMJ_DEST(0.00)[freebsd-questions@freebsd.org]; MID_RHS_MATCH_FROMTLD(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; FROM_EQ_ENVFROM(0.00)[]; FROM_HAS_DN(0.00)[]; ARC_NA(0.00)[]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; TO_MATCH_ENVRCPT_ALL(0.00)[]; RCVD_TLS_LAST(0.00)[]; DKIM_TRACE(0.00)[umpquanet.com:+] X-Rspamd-Queue-Id: 4TNwj85kzgz4xp2 I'm running FreeBSD 14.0-RELEASE in a quad-core, 12G VM commercially hosted under KVM (I'm told). It was installed from the main disc1.iso image, not any of the VM-centric ISOs. # grep -i network /var/run/dmesg.boot virtio_pci0: port 0xc000-0xc03f mem 0xfebd1000-0xfebd1fff,0xfe000000-0xfe003fff irq 11 at device 3.0 on pci0 vtnet0: on virtio_pci0 # ifconfig public public: flags=1008843 metric 0 mtu 1500 options=4c079b ether fa:16:3e:ca:b5:9c inet 10.1.170.27 netmask 0xffffff00 broadcast 10.1.170.255 media: Ethernet autoselect (10Gbase-T ) status: active nd6 options=29 (10.1.170.27 is my obfuscated routable public IP.) Using ipfw *without* any "divert" rule, I get good network speed. Transfering two larger files, one time apiece: # ipfw show 65000 2966704 2831806570 allow ip from any to any 65535 135 35585 deny ip from any to any # 128MB @ > 94MB/s: # rm -f random-data-test-128M # time rsync -Ppv example.com:random-data-test-128M . random-data-test-128M 134,217,728 100% 94.26MB/s 0:00:01 (xfr#1, to-chk=0/1) sent 43 bytes received 134,250,588 bytes 53,700,252.40 bytes/sec total size is 134,217,728 speedup is 1.00 real 0m1.645s user 0m0.826s sys 0m0.788s # 1024MB @ > 105MB/s: # rm -f random-data-test-1G # time rsync -Ppv example.com:random-data-test-1G . random-data-test-1G 1,073,741,824 100% 105.98MB/s 0:00:09 (xfr#1, to-chk=0/1) sent 43 bytes received 1,074,004,060 bytes 102,286,105.05 bytes/sec total size is 1,073,741,824 speedup is 1.00 real 0m9.943s user 0m4.701s sys 0m5.769s But with an "ipfw divert" rule in place (and natd running as 'natd -n public'), across 5 transfers of a 2M file of /dev/random, I get very poor transfer speeds: # ipfw add 65000 divert natd all from any to any via public # ipfw show 60000 3 292 divert 8668 ip from any to any via public 65000 2950208 2817524670 allow ip from any to any 65535 135 35585 deny ip from any to any Test 1 of 5, < 180kB/s: # rm -f random-data-test-2M # time rsync -Ppv example.com:random-data-test-2M . random-data-test-2M 2,097,152 100% 179.08kB/s 0:00:11 (xfr#1, to-chk=0/1) sent 43 bytes received 2,097,752 bytes 167,823.60 bytes/sec total size is 2,097,152 speedup is 1.00 real 0m12.199s user 0m0.085s sys 0m0.027s Test 2 of 5, < 115kB/s: # rm -f random-data-test-2M # rsync -Ppv example.com:random-data-test-2M . random-data-test-2M 2,097,152 100% 114.40kB/s 0:00:17 (xfr#1, to-chk=0/1) sent 43 bytes received 2,097,752 bytes 107,579.23 bytes/sec total size is 2,097,152 speedup is 1.00 real 0m19.300s user 0m0.072s sys 0m0.051s Test 3 of 5, < 37kB/s (almost 57s elapsed time): # rm -f random-data-test-2M # time rsync -Ppv example.com:random-data-test-2M . random-data-test-2M 2,097,152 100% 36.49kB/s 0:00:56 (xfr#1, to-chk=0/1) sent 43 bytes received 2,097,752 bytes 36,483.39 bytes/sec total size is 2,097,152 speedup is 1.00 real 0m56.868s user 0m0.080s sys 0m0.023s Test 4 of 5, < 112kB/s: # rm -f random-data-test-2M # time rsync -Ppv example.com:random-data-test-2M . random-data-test-2M 2,097,152 100% 111.89kB/s 0:00:18 (xfr#1, to-chk=0/1) sent 43 bytes received 2,097,752 bytes 102,331.46 bytes/sec total size is 2,097,152 speedup is 1.00 real 0m19.544s user 0m0.095s sys 0m0.015s Test 5 of 5, 130kB/s: # rm -f random-data-test-2M # time rsync -Ppv example.com:random-data-test-2M . random-data-test-2M 2,097,152 100% 130.21kB/s 0:00:15 (xfr#1, to-chk=0/1) sent 43 bytes received 2,097,752 bytes 127,139.09 bytes/sec total size is 2,097,152 speedup is 1.00 real 0m16.583s user 0m0.072s sys 0m0.035s How can I tweak my network stack to get reasonable throughput from natd? I'm happy to respond to requests for additional details. Thank you! From nobody Mon Jan 29 17:54:49 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TNwtC3yHNz596qL for ; Mon, 29 Jan 2024 17:54:43 +0000 (UTC) (envelope-from pprocacci@gmail.com) Received: from mail-ej1-x629.google.com (mail-ej1-x629.google.com [IPv6:2a00:1450:4864:20::629]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TNwtC1lldz51M4 for ; Mon, 29 Jan 2024 17:54:43 +0000 (UTC) (envelope-from pprocacci@gmail.com) Authentication-Results: mx1.freebsd.org; none Received: by mail-ej1-x629.google.com with SMTP id a640c23a62f3a-a35385da5bbso328232266b.3 for ; Mon, 29 Jan 2024 09:54:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1706550880; x=1707155680; darn=freebsd.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=s7xsdtczBVanOprgyaePLOyI0NdFCknlxiWerOKShlE=; b=eS2hzJdZcUkMVw/GBwCgt5Sg1G1ZNmTlmmvm6TZBpBk0q7c94srTToHlAzaU2fodko 4fvit8UVNTGxB1Layqo0Oi9UDIWCvh79bIbotV/swtp7GuPipjmrDZtL2lh63Qr/4eAi Ym9u0fxz8hnymhj8MaTr8cDBqKWiwD2cH6UtU+SqrU39hRDRHxW9LWLdcG49oflB9m6G Jp4bmdebA4GpF9LxcN0Mdcm4gYkPnW3qElcAxfxJ61nj/9Eq+tCe48NyXELpoU7WQ5/+ 4JrwAUWJ7rOw2FWSlSLbAwAJinTrDVbJkF0Mc39ArM9MTpPwT6KE8CcjMT42EUTnQps4 AI7A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706550880; x=1707155680; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=s7xsdtczBVanOprgyaePLOyI0NdFCknlxiWerOKShlE=; b=DEx2LIjvR+6XE3MZ3IZxjVIu6Mv0nicx8AhVuRdXAall+SPCKwRGIGwuXX0I4tjj/e /ZCQlIH5jPwzmWOtEEDTTeWVxeJGe4ToROhCOfVd01aeI5cmwKJxiz6RO0XntQtEWZOo N4CNLIOk4U7RyqkMG92n1jAFvcf7uKjVPRpJ6MM48mvEO/xt3bwrcJBrhYucOdpvobfP wVg/sOBrLXw1y/dR9LIjECFZbSrzLoqAnTIUUCrB1FFBZMakyWGom3Wtf/9uMXbzox58 Lyhr77/6F+Vxajn+54nzO8y/Lzh/9Z1fM/Eq8UowkxW5LXLEkGynEhAkXQjdYEUxqErC 4scA== X-Gm-Message-State: AOJu0YyIpLOEmMcYScfydEJNYyO4DoQmg7Blq00rgoPW3g6etfQ+86cn YvCQ9ICJUilbTNOdlEjU8nsrFakpeHJhRoFtn+jV58jNcFVtDTkNxsYvVYXu/Jp8AcOVrOxegsd zCTu7chNTxH55IS7mCn14iVdhb8mmqO4= X-Google-Smtp-Source: AGHT+IHerCF5IGV7blof7k2iJV5ud6wEyuwk5nkRTziw3B1i4VqbteE09YXFB80KDA8KvIiJsCve8e7m3F31C1464wM= X-Received: by 2002:a17:906:140a:b0:a30:474a:916e with SMTP id p10-20020a170906140a00b00a30474a916emr5019321ejc.7.1706550880245; Mon, 29 Jan 2024 09:54:40 -0800 (PST) List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 References: In-Reply-To: From: Paul Procacci Date: Mon, 29 Jan 2024 12:54:49 -0500 Message-ID: Subject: Re: VirtIO/ipfw/natd throughput problem in hosted VM To: Jim Long Cc: freebsd-questions@freebsd.org Content-Type: multipart/alternative; boundary="000000000000021cf506101957f3" X-Rspamd-Queue-Id: 4TNwtC1lldz51M4 X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US] --000000000000021cf506101957f3 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Mon, Jan 29, 2024 at 12:47=E2=80=AFPM Jim Long wrote: > I'm running FreeBSD 14.0-RELEASE in a quad-core, 12G VM commercially > hosted under KVM (I'm told). It was installed from the main disc1.iso > image, not any of the VM-centric ISOs. > > # grep -i network /var/run/dmesg.boot > virtio_pci0: port 0xc000-0xc03f mem > 0xfebd1000-0xfebd1fff,0xfe000000-0xfe003fff irq 11 at device 3.0 on pci0 > vtnet0: on virtio_pci0 > # ifconfig public > public: flags=3D1008843 > metric 0 mtu 1500 > > options=3D4c079b > ether fa:16:3e:ca:b5:9c > inet 10.1.170.27 netmask 0xffffff00 broadcast 10.1.170.255 > media: Ethernet autoselect (10Gbase-T ) > status: active > nd6 options=3D29 > > (10.1.170.27 is my obfuscated routable public IP.) > > Using ipfw *without* any "divert" rule, I get good network speed. > Transfering two larger files, one time apiece: > > # ipfw show > 65000 2966704 2831806570 allow ip from any to any > 65535 135 35585 deny ip from any to any > > # 128MB @ > 94MB/s: > # rm -f random-data-test-128M > # time rsync -Ppv example.com:random-data-test-128M . > random-data-test-128M > 134,217,728 100% 94.26MB/s 0:00:01 (xfr#1, to-chk=3D0/1) > > sent 43 bytes received 134,250,588 bytes 53,700,252.40 bytes/sec > total size is 134,217,728 speedup is 1.00 > > real 0m1.645s > user 0m0.826s > sys 0m0.788s > > # 1024MB @ > 105MB/s: > # rm -f random-data-test-1G > # time rsync -Ppv example.com:random-data-test-1G . > random-data-test-1G > 1,073,741,824 100% 105.98MB/s 0:00:09 (xfr#1, to-chk=3D0/1) > > sent 43 bytes received 1,074,004,060 bytes 102,286,105.05 bytes/sec > total size is 1,073,741,824 speedup is 1.00 > > real 0m9.943s > user 0m4.701s > sys 0m5.769s > > > > But with an "ipfw divert" rule in place (and natd running as 'natd -n > public'), across 5 transfers of a 2M file of /dev/random, I get very > poor transfer speeds: > > # ipfw add 65000 divert natd all from any to any via public > # ipfw show > 60000 3 292 divert 8668 ip from any to any via public > 65000 2950208 2817524670 allow ip from any to any > 65535 135 35585 deny ip from any to any > > Test 1 of 5, < 180kB/s: > > # rm -f random-data-test-2M > # time rsync -Ppv example.com:random-data-test-2M . > random-data-test-2M > 2,097,152 100% 179.08kB/s 0:00:11 (xfr#1, to-chk=3D0/1) > > sent 43 bytes received 2,097,752 bytes 167,823.60 bytes/sec > total size is 2,097,152 speedup is 1.00 > > real 0m12.199s > user 0m0.085s > sys 0m0.027s > > Test 2 of 5, < 115kB/s: > > # rm -f random-data-test-2M > # rsync -Ppv example.com:random-data-test-2M . > random-data-test-2M > 2,097,152 100% 114.40kB/s 0:00:17 (xfr#1, to-chk=3D0/1) > > sent 43 bytes received 2,097,752 bytes 107,579.23 bytes/sec > total size is 2,097,152 speedup is 1.00 > > real 0m19.300s > user 0m0.072s > sys 0m0.051s > > Test 3 of 5, < 37kB/s (almost 57s elapsed time): > > # rm -f random-data-test-2M > # time rsync -Ppv example.com:random-data-test-2M . > random-data-test-2M > 2,097,152 100% 36.49kB/s 0:00:56 (xfr#1, to-chk=3D0/1) > > sent 43 bytes received 2,097,752 bytes 36,483.39 bytes/sec > total size is 2,097,152 speedup is 1.00 > > real 0m56.868s > user 0m0.080s > sys 0m0.023s > > Test 4 of 5, < 112kB/s: > > # rm -f random-data-test-2M > # time rsync -Ppv example.com:random-data-test-2M . > random-data-test-2M > 2,097,152 100% 111.89kB/s 0:00:18 (xfr#1, to-chk=3D0/1) > > sent 43 bytes received 2,097,752 bytes 102,331.46 bytes/sec > total size is 2,097,152 speedup is 1.00 > > real 0m19.544s > user 0m0.095s > sys 0m0.015s > > Test 5 of 5, 130kB/s: > > # rm -f random-data-test-2M > # time rsync -Ppv example.com:random-data-test-2M . > random-data-test-2M > 2,097,152 100% 130.21kB/s 0:00:15 (xfr#1, to-chk=3D0/1) > > sent 43 bytes received 2,097,752 bytes 127,139.09 bytes/sec > total size is 2,097,152 speedup is 1.00 > > real 0m16.583s > user 0m0.072s > sys 0m0.035s > > > How can I tweak my network stack to get reasonable throughput from natd? > I'm happy to respond to requests for additional details. > > > Thank you! > > > > The most glaringly obvious thing to me is to use in-kernel nat instead of natd. Packets won't have to leave the kernel at that point. It's detailed in ipfw(8). ~Paul --=20 __________________ :(){ :|:& };: --000000000000021cf506101957f3 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable


On Mon, Jan 29, 2024 at 12:= 47=E2=80=AFPM Jim Long <freebsd-questions@umpquanet.com> wrote:
I'm running FreeBSD 14.0-RELEASE in a= quad-core, 12G VM commercially
hosted under KVM (I'm told).=C2=A0 It was installed from the main disc1= .iso
image, not any of the VM-centric ISOs.

# grep -i network /var/run/dmesg.boot
virtio_pci0: <VirtIO PCI (legacy) Network adapter> port 0xc000-0xc03f= mem 0xfebd1000-0xfebd1fff,0xfe000000-0xfe003fff irq 11 at device 3.0 on pc= i0
vtnet0: <VirtIO Networking Adapter> on virtio_pci0
# ifconfig public
public: flags=3D1008843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,LOWER_UP&= gt; metric 0 mtu 1500
=C2=A0 =C2=A0 =C2=A0 =C2=A0 options=3D4c079b<RXCSUM,TXCSUM,VLAN_MTU,VLAN= _HWTAGGING,VLAN_HWCSUM,TSO4,TSO6,LRO,VLAN_HWTSO,LINKSTATE,TXCSUM_IPV6> =C2=A0 =C2=A0 =C2=A0 =C2=A0 ether fa:16:3e:ca:b5:9c
=C2=A0 =C2=A0 =C2=A0 =C2=A0 inet 10.1.170.27 netmask 0xffffff00 broadcast 1= 0.1.170.255
=C2=A0 =C2=A0 =C2=A0 =C2=A0 media: Ethernet autoselect (10Gbase-T <full-= duplex>)
=C2=A0 =C2=A0 =C2=A0 =C2=A0 status: active
=C2=A0 =C2=A0 =C2=A0 =C2=A0 nd6 options=3D29<PERFORMNUD,IFDISABLED,AUTO_= LINKLOCAL>

(10.1.170.27 is my obfuscated routable public IP.)

Using ipfw *without* any "divert" rule, I get good network speed.=
Transfering two larger files, one time apiece:

# ipfw show
65000 2966704 2831806570 allow ip from any to any
65535=C2=A0 =C2=A0 =C2=A0135=C2=A0 =C2=A0 =C2=A0 35585 deny ip from any to = any

# 128MB @ > 94MB/s:
# rm -f random-data-test-128M
# time rsync -Ppv example.com:random-data-test-128M .
random-data-test-128M
=C2=A0 =C2=A0 134,217,728 100%=C2=A0 =C2=A094.26MB/s=C2=A0 =C2=A0 0:00:01 (= xfr#1, to-chk=3D0/1)

sent 43 bytes=C2=A0 received 134,250,588 bytes=C2=A0 53,700,252.40 bytes/se= c
total size is 134,217,728=C2=A0 speedup is 1.00

real=C2=A0 =C2=A0 0m1.645s
user=C2=A0 =C2=A0 0m0.826s
sys=C2=A0 =C2=A0 =C2=A00m0.788s

# 1024MB @ > 105MB/s:
# rm -f random-data-test-1G
# time rsync -Ppv example.com:random-data-test-1G .
random-data-test-1G
=C2=A0 1,073,741,824 100%=C2=A0 105.98MB/s=C2=A0 =C2=A0 0:00:09 (xfr#1, to-= chk=3D0/1)

sent 43 bytes=C2=A0 received 1,074,004,060 bytes=C2=A0 102,286,105.05 bytes= /sec
total size is 1,073,741,824=C2=A0 speedup is 1.00

real=C2=A0 =C2=A0 0m9.943s
user=C2=A0 =C2=A0 0m4.701s
sys=C2=A0 =C2=A0 =C2=A00m5.769s



But with an "ipfw divert" rule in place (and natd running as '= ;natd -n
public'), across 5 transfers of a 2M file of /dev/random, I get very poor transfer speeds:

# ipfw add 65000 divert natd all from any to any via public
# ipfw show
60000=C2=A0 =C2=A0 =C2=A0 =C2=A03=C2=A0 =C2=A0 =C2=A0 =C2=A0 292 divert 866= 8 ip from any to any via public
65000 2950208 2817524670 allow ip from any to any
65535=C2=A0 =C2=A0 =C2=A0135=C2=A0 =C2=A0 =C2=A0 35585 deny ip from any to = any

Test 1 of 5, < 180kB/s:

# rm -f random-data-test-2M
# time rsync -Ppv example.com:random-data-test-2M .
random-data-test-2M
=C2=A0 =C2=A0 =C2=A0 2,097,152 100%=C2=A0 179.08kB/s=C2=A0 =C2=A0 0:00:11 (= xfr#1, to-chk=3D0/1)

sent 43 bytes=C2=A0 received 2,097,752 bytes=C2=A0 167,823.60 bytes/sec
total size is 2,097,152=C2=A0 speedup is 1.00

real=C2=A0 =C2=A0 0m12.199s
user=C2=A0 =C2=A0 0m0.085s
sys=C2=A0 =C2=A0 =C2=A00m0.027s

Test 2 of 5, < 115kB/s:

# rm -f random-data-test-2M
# rsync -Ppv example.com:random-data-test-2M .
random-data-test-2M
=C2=A0 =C2=A0 =C2=A0 2,097,152 100%=C2=A0 114.40kB/s=C2=A0 =C2=A0 0:00:17 (= xfr#1, to-chk=3D0/1)

sent 43 bytes=C2=A0 received 2,097,752 bytes=C2=A0 107,579.23 bytes/sec
total size is 2,097,152=C2=A0 speedup is 1.00

real=C2=A0 =C2=A0 0m19.300s
user=C2=A0 =C2=A0 0m0.072s
sys=C2=A0 =C2=A0 =C2=A00m0.051s

Test 3 of 5, < 37kB/s (almost 57s elapsed time):

# rm -f random-data-test-2M
# time rsync -Ppv example.com:random-data-test-2M .
random-data-test-2M
=C2=A0 =C2=A0 =C2=A0 2,097,152 100%=C2=A0 =C2=A036.49kB/s=C2=A0 =C2=A0 0:00= :56 (xfr#1, to-chk=3D0/1)

sent 43 bytes=C2=A0 received 2,097,752 bytes=C2=A0 36,483.39 bytes/sec
total size is 2,097,152=C2=A0 speedup is 1.00

real=C2=A0 =C2=A0 0m56.868s
user=C2=A0 =C2=A0 0m0.080s
sys=C2=A0 =C2=A0 =C2=A00m0.023s

Test 4 of 5, < 112kB/s:

# rm -f random-data-test-2M
# time rsync -Ppv example.com:random-data-test-2M .
random-data-test-2M
=C2=A0 =C2=A0 =C2=A0 2,097,152 100%=C2=A0 111.89kB/s=C2=A0 =C2=A0 0:00:18 (= xfr#1, to-chk=3D0/1)

sent 43 bytes=C2=A0 received 2,097,752 bytes=C2=A0 102,331.46 bytes/sec
total size is 2,097,152=C2=A0 speedup is 1.00

real=C2=A0 =C2=A0 0m19.544s
user=C2=A0 =C2=A0 0m0.095s
sys=C2=A0 =C2=A0 =C2=A00m0.015s

Test 5 of 5, 130kB/s:

# rm -f random-data-test-2M
# time rsync -Ppv example.com:random-data-test-2M .
random-data-test-2M
=C2=A0 =C2=A0 =C2=A0 2,097,152 100%=C2=A0 130.21kB/s=C2=A0 =C2=A0 0:00:15 (= xfr#1, to-chk=3D0/1)

sent 43 bytes=C2=A0 received 2,097,752 bytes=C2=A0 127,139.09 bytes/sec
total size is 2,097,152=C2=A0 speedup is 1.00

real=C2=A0 =C2=A0 0m16.583s
user=C2=A0 =C2=A0 0m0.072s
sys=C2=A0 =C2=A0 =C2=A00m0.035s


How can I tweak my network stack to get reasonable throughput from natd? I'm happy to respond to requests for additional details.


Thank you!




The most glaringly obvious thing= to me is to use in-kernel nat instead of natd.
Packets won't= have to leave the kernel at that point.
It's detailed in ipf= w(8).

~Paul

--
__________________

:(){ :|:& };:
<= /div> --000000000000021cf506101957f3-- From nobody Mon Jan 29 18:30:52 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TNxhC3xycz599sG for ; Mon, 29 Jan 2024 18:31:07 +0000 (UTC) (envelope-from walterp@gmail.com) Received: from mail-yb1-xb31.google.com (mail-yb1-xb31.google.com [IPv6:2607:f8b0:4864:20::b31]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TNxhB19F5z56cj for ; Mon, 29 Jan 2024 18:31:06 +0000 (UTC) (envelope-from walterp@gmail.com) Authentication-Results: mx1.freebsd.org; none Received: by mail-yb1-xb31.google.com with SMTP id 3f1490d57ef6-dc261316b0dso2575079276.3 for ; Mon, 29 Jan 2024 10:31:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1706553064; x=1707157864; darn=freebsd.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=vMT+If5oCKfxHHIBig5O2QyRS3bwjjMNaVhWgVm7k3Q=; b=PLFQgMOOo7MqAJc+8kL9C/PcJSp+b2ZmdSGinZOUM8eOVtnYvAQtSOJIhHkkSwA7iw eRXf1G1K91UWPVBHhTMi6jamdZ/Jn7zbMiSFxe1gwxuBSN9s7w2otpApGSN+yDk3YqF8 x8QsumwPX4ZKhvnP011xybeuAJUA89sOLMGEHUcJLOORJ9XFoUZLt/WnTQXpf+iMFHLN UTumFnWPAD6iiVgKqZa+yEIRfUn2hobvhsdqsU27AONLcpPLtysxzs9AK/65zghk4mqP LtXuFytHl45uxYXougZm4aI78/Gx0FQnn7sx9fHMa2foN1lDJntc+nK+pnJZOMHvlWNq rg3g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706553064; x=1707157864; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=vMT+If5oCKfxHHIBig5O2QyRS3bwjjMNaVhWgVm7k3Q=; b=lk45F7zygzYaaNRhQQHbRtZA2t9+gaBPvRfWiPDkWSITqKl0ny1HLk8w0G5SzMVOrR uKDWxjQ4fNKfD8Uc3R7N+GT8cXyeCmq4oP4rhEb6m1wDfCyo9N6xzvgM6jzinz/TvSNT gtIHyn6tlDLSV3/FDWQnP+D0tF21gfHmBP7YzAHj/QcUFOWn7/vS+f8AlAyr04Y4tuxu CCMUHEKlmkEfc8X6BnmZ8OMDBiGctesHQujdIk0PgtOdsLy5OlYezNYrtEW+nuNPxeiW CkQX86AX32krCrAbFJtVXI/uTIiph4DTcLqTWzK10ax+mogHpYPxx8yBqmoUIuJvQ4Th q05Q== X-Gm-Message-State: AOJu0YyomASb51e2UGrWV1vdqpIRsBU6/Iw8U0ao9486zb6IxZklWlEv Vmv9Z/hy8q48fjJYNhQExRnQURvzUgWjRwzYDX1PmYbgW6asEyuv6HuaVirTNBRUE7N2QK5rJZw 0rsP3ZAPfrJRHRJ9RKpoWoSYB2nz6GQSK X-Google-Smtp-Source: AGHT+IG6KKwwjfvTHjLJfPT3oRBBbgu77qTweCRLAXzAEL1LvEK8Ebqxz9QGhD5n5Lhd4b/a1CZzuUdJTCMW4gztQcc= X-Received: by 2002:a25:6941:0:b0:dc2:20c8:66a4 with SMTP id e62-20020a256941000000b00dc220c866a4mr3695283ybc.123.1706553063814; Mon, 29 Jan 2024 10:31:03 -0800 (PST) List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 References: <20240129125745.fuh6nnc4dooto2oz@yosemite.mars.lan> <20240129134722.fbwrvamdf2wx4vik@yosemite.mars.lan> <4f60fad9-c5b1-46ea-bfbf-7e654bd5d3d1@FreeBSD.org> <20240129155758.2nnyjihsyiyxztib@yosemite.mars.lan> In-Reply-To: <20240129155758.2nnyjihsyiyxztib@yosemite.mars.lan> From: Walter Parker Date: Mon, 29 Jan 2024 10:30:52 -0800 Message-ID: Subject: Re: Enabling SSHD To: paulf@quillandmouse.com Cc: freebsd-questions@freebsd.org Content-Type: multipart/alternative; boundary="00000000000028ba13061019d96d" X-Rspamd-Queue-Id: 4TNxhB19F5z56cj X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US] --00000000000028ba13061019d96d Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable For a permission denied error, check to see if the files have the correct permission (home dir, -/.ssh, other files as used). Also check your client to make sure it has the proper permissions. The other way to find errors is to start sshd (from the command line) with -d and/or -v flags and then try to connect using your ssh client. The sshd server will out logging as to what the errors are. It may tell you what is causing the permission denied error. Walter The greatest dangers to liberty lurk in insidious encroachment by men of zeal, well-meaning but without understanding. -- Justice Louis D. Brandei= s On Mon, Jan 29, 2024 at 7:58=E2=80=AFAM Paul M Foster wrote: > On Mon, Jan 29, 2024 at 02:15:19PM +0000, Matthew Seaman wrote: > > [snip] > > > how to configure it. If you want password based auth for sshd, then go > > ahead and edit /etc/ssh/sshd_config and/or /etc/pam.d entries, as > > appropriate. > > Assuming I want to login as any user on the system, hacking pam shouldn't > be necessary, right? > > I've made the following changes to the stock /etc/ssh/sshd_config: > > PubkeyAuthentication no > PermitRootLogin yes > PasswordAuthentication yes > > And of course, restarted the daemon each time I made a change. However, > when I try to ssh in in the following ways: > > ssh paulf@buckaroo > ssh root@buckaroo > ssh buckaroo > ssh 192.168.254.30 > > I get a flat "Permission denied (password,keyboard-interactive)". Not eve= n > an attempt to ask for a password. > > Clearly something's wrong, but I have no idea what. And I have googled th= e > problem and visitied numerous sites to no avail. > > Paul > > -- > Paul M. Foster > Personal Blog: http://noferblatz.com > Company Site: http://quillandmouse.com > Software Projects: https://gitlab.com/paulmfoster > > --00000000000028ba13061019d96d Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
For a permission denied error, check to see if the files = have the correct permission (home dir, -/.ssh, other files as used). Also c= heck your client to make sure it has the proper permissions.

The other way to find errors is to st= art sshd (from the command line) with =C2=A0-d and/or -v flags and then try= to connect using your ssh client. The sshd server will out logging as to w= hat the errors are. It may tell you what is causing the permission denied e= rror.


Walter
The greatest dangers to liberty lurk in i= nsidious encroachment by men=C2=A0of zeal, well-meaning but without underst= anding. =C2=A0 -- Justice Louis D.=C2=A0Brandeis


On Mon, Jan 29, 2024 at 7:58=E2=80=AFAM Paul M Foster <paulf@quillandmouse.com> wrote= :
On Mon, Jan 29, 2024 at 02:15:19P= M +0000, Matthew Seaman wrote:

[snip]

> how to configure it.=C2=A0 If you want password based auth for sshd, t= hen go
> ahead and edit /etc/ssh/sshd_config and/or /etc/pam.d entries, as
> appropriate.

Assuming I want to login as any user on the system, hacking pam shouldn'= ;t
be necessary, right?

I've made the following changes to the stock /etc/ssh/sshd_config:

PubkeyAuthentication no
PermitRootLogin yes
PasswordAuthentication yes

And of course, restarted the daemon each time I made a change. However,
when I try to ssh in in the following ways:

ssh paulf@buckaroo
ssh root@buckaroo
ssh buckaroo
ssh 192.168.254.30

I get a flat "Permission denied (password,keyboard-interactive)".= Not even
an attempt to ask for a password.

Clearly something's wrong, but I have no idea what. And I have googled = the
problem and visitied numerous sites to no avail.

Paul

--
Paul M. Foster
Personal Blog: http://noferblatz.com
Company Site: http://quillandmouse.com
Software Projects: https://gitlab.com/paulmfoster

--00000000000028ba13061019d96d-- From nobody Mon Jan 29 18:38:58 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TNxsJ2Z8Yz59BkS for ; Mon, 29 Jan 2024 18:39:00 +0000 (UTC) (envelope-from freebsd-questions@umpquanet.com) Received: from sfo.umpquanet.com (sfo.umpquanet.com [104.245.33.249]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "umpquanet.com", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TNxsH3BDtz586P for ; Mon, 29 Jan 2024 18:38:59 +0000 (UTC) (envelope-from freebsd-questions@umpquanet.com) Authentication-Results: mx1.freebsd.org; none Received: from sfo.umpquanet.com (localhost [127.0.0.1]) by sfo.umpquanet.com (8.16.1/8.16.1) with ESMTPS id 40TIcwCA031284 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO); Mon, 29 Jan 2024 10:38:58 -0800 (PST) (envelope-from freebsd-questions@umpquanet.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=umpquanet.com; s=20231023; t=1706553538; bh=KXihWi5hGFklLUCiTLGU4AMYN2YhDwfLX8fvG2rtpJs=; h=Date:From:To:Cc:Subject:References:In-Reply-To; b=a0NzaeqGPqfBIurRUjMg/jGevErIYMkjdRiBUR4Si8iB5NcZG4yoVr96MygU8XE0L +CxWUp9Nt5Y3PTHX2ctrAYJGk04331L6Bf7lq/t3CFQ6swRcId21xUA9sxsGBBqB7d Sv+bIGtpY4rnlK30WNs5cOm+UfUbrrO5gUa1bCOxn9FeAa8vrvfPqO8XcgDPX97V/+ btrfL6KWtxKVuWmYzg19/E9CXmOk1V7tzR2as5nsRM8iSlNaiGZPEfnEcRtz2hD7Em 06ig6PD3Q3m/iHRf2P+Zbdp0YCAnOW98ZjVo+Wb6N33+uthQh2IRHaA7/zMOZ9bcHU GrsoRgK6wbFrw== Received: (from james@localhost) by sfo.umpquanet.com (8.16.1/8.16.1/Submit) id 40TIcweU031283; Mon, 29 Jan 2024 10:38:58 -0800 (PST) (envelope-from freebsd-questions@umpquanet.com) X-Authentication-Warning: sfo.umpquanet.com: james set sender to freebsd-questions@umpquanet.com using -f Date: Mon, 29 Jan 2024 10:38:58 -0800 From: Jim Long To: Paul Procacci Cc: freebsd-questions@freebsd.org Subject: Re: VirtIO/ipfw/natd throughput problem in hosted VM Message-ID: References: List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Rspamd-Queue-Id: 4TNxsH3BDtz586P X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:6364, ipnet:104.245.32.0/23, country:US] On Mon, Jan 29, 2024 at 12:54:49PM -0500, Paul Procacci wrote: > > The most glaringly obvious thing to me is to use in-kernel nat instead of > natd. > Packets won't have to leave the kernel at that point. > It's detailed in ipfw(8). > > ~Paul Thank you very much! Your tip plus some cribbing from: https://www.neelc.org/posts/freebsd-ipfw-nat/ seems to have taken care of it. Regards, Jim From nobody Mon Jan 29 19:15:05 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TNyg20WVWz59Fbc for ; Mon, 29 Jan 2024 19:15:10 +0000 (UTC) (envelope-from paulf@quillandmouse.com) Received: from seashell.cherry.relay.mailchannels.net (seashell.cherry.relay.mailchannels.net [23.83.223.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TNyg13XlQz45GD for ; Mon, 29 Jan 2024 19:15:09 +0000 (UTC) (envelope-from paulf@quillandmouse.com) Authentication-Results: mx1.freebsd.org; none X-Sender-Id: dreamhost|x-authsender|paulf@quillandmouse.com Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id D510B942B15; Mon, 29 Jan 2024 19:15:07 +0000 (UTC) Received: from pdx1-sub0-mail-a231.dreamhost.com (unknown [127.0.0.6]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id 79FA8942C3D; Mon, 29 Jan 2024 19:15:07 +0000 (UTC) ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1706555707; a=rsa-sha256; cv=none; b=kGn/tGrHr3Iu/qqL00vYA/vMYdoiek7PsT3b4qu/HrkFMiAo5YBRBWzSnkjzSzM5HDfX8k /EsFYXrAxWgSuUlaURNv1EPYcZ5eur/A1/Sp0mL4rOGDtR/7Ub1YjWERqDbfGdLS8CwZOZ XCBZxTvSR0uD5i9mA+s8JskGD3FzSXLOLjQWnZfO1eVU/Oeewnxf7sIwLwm8rrs+qJk+nR aprWO0a6zHiVcJy6QVQ+5DS0rLQNav9BX/YbnUp4Z3O+Xw+OatTbWMo5t+aRtkCLj1N7TR p0TAIX+INK+a+HXNYvmjUHXSwmIPmh+1tHzKpQ451HRPYi2F73GGeZOrgOS5Cw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1706555707; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:in-reply-to:in-reply-to: references:references:dkim-signature; bh=9NcN642fASGbZkjC0fPi+QBA47G4l8rzJve6MOhjD5o=; b=1XbtA8dQJ8uKFkZyf3viZTkEfEQI8cKImK52Dq3niLGmB/bh0GFiX/8w0RG9Qgg41EGhuJ RQYvr/t87GXOzC/BtQafxSbXWLj+xPDYke5L75MoWX3srAiiLmLN2SN7TNmNVRXgHdKyXX 2nk0wuQvRL5OLk4gno70ize25bSVJ9jkWY45B0XsSU3mFoAYu0idggVg6CDa6LhLXrokWi sFo1uoiQ9zwmth/ItKzA3LxtezGrI5+g9NnEsJ5YhXjM9fQSOTOcRzax+TkiSTsGcJz+Vu oNJB3C5pxKU+++EhzN2UDeQtfI6el9JyAeqLJJftoTovi1M1DI+feMJm9Y/JKA== ARC-Authentication-Results: i=1; rspamd-6fdd97fffb-ddjhw; auth=pass smtp.auth=dreamhost smtp.mailfrom=paulf@quillandmouse.com X-Sender-Id: dreamhost|x-authsender|paulf@quillandmouse.com X-MC-Relay: Neutral X-MailChannels-SenderId: dreamhost|x-authsender|paulf@quillandmouse.com X-MailChannels-Auth-Id: dreamhost X-Ruddy-Little: 60084ba105cebd6f_1706555707724_1949107780 X-MC-Loop-Signature: 1706555707724:1025632201 X-MC-Ingress-Time: 1706555707724 Received: from pdx1-sub0-mail-a231.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.123.181.199 (trex/6.9.2); Mon, 29 Jan 2024 19:15:07 +0000 Received: from yosemite.mars.lan (unknown [47.205.190.127]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: paulf@quillandmouse.com) by pdx1-sub0-mail-a231.dreamhost.com (Postfix) with ESMTPSA id 4TNyfz28jQz2b; Mon, 29 Jan 2024 11:15:07 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quillandmouse.com; s=dreamhost; t=1706555707; bh=9NcN642fASGbZkjC0fPi+QBA47G4l8rzJve6MOhjD5o=; h=Date:From:To:Cc:Subject:Reply-To:Content-Type; b=skJOAYFy/OPaB2Nk360qvMLTSlfOw51x0ClBTe+v5uVpDGFwm+EZRZj3bClYnCved UrXDGRhEx9NJ35rfO0wijboHoYTR9g3hcWZ5/D8tIwuz7SihFxNBF3IFkSD2/rzoAk 8gRMOydQ/oq3fNtJ3+bCnztjzhRM71rz7Goaq973Il/2iR1u+jkHj4PCu7ieY4k2OD 8zYnyjQn2y6Q6j2iUTMQ8iJogDu0ZM/QwMKt44x0aAv+tS3X6GEbcDi0XR89KP6fik +Qi88x6Z2AaxOPYvu1oG5WeIcDUbKJ7a4cFjcnYfvZBSJ6gCRNR1nAH6SK6KE1I2K+ votlFu56Wyqxg== Received: from paulf by yosemite.mars.lan with local (Exim 4.96) (envelope-from ) id 1rUX61-00G1Wj-2o; Mon, 29 Jan 2024 14:15:05 -0500 Date: Mon, 29 Jan 2024 14:15:05 -0500 From: Paul M Foster To: Walter Parker Cc: freebsd-questions@freebsd.org Subject: Re: Enabling SSHD Message-ID: <20240129191505.4xfntt4zbqsfmjdp@yosemite.mars.lan> Reply-To: paulf@quillandmouse.com References: <20240129125745.fuh6nnc4dooto2oz@yosemite.mars.lan> <20240129134722.fbwrvamdf2wx4vik@yosemite.mars.lan> <4f60fad9-c5b1-46ea-bfbf-7e654bd5d3d1@FreeBSD.org> <20240129155758.2nnyjihsyiyxztib@yosemite.mars.lan> List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Rspamd-Queue-Id: 4TNyg13XlQz45GD X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:63213, ipnet:23.83.223.0/24, country:CA] On Mon, Jan 29, 2024 at 10:30:52AM -0800, Walter Parker wrote: > For a permission denied error, check to see if the files have the > correct permission (home dir, -/.ssh, other files as used). Also check > your client to make sure it has the proper permissions. On the server (the BSD machine) there are no ~/.ssh files for my user. Does that matter? On the Linux box (the client), my local ssh files are all okay. I routinely ssh into other (Linux) boxes on my network. > > The other way to find errors is to start sshd (from the command line) > with -d and/or -v flags and then try to connect using your ssh client. > The sshd server will out logging as to what the errors are. It may tell > you what is causing the permission denied error. Lots of gobbledegook, except maybe this: debug1: userauth-request for user paulf service ssh-connection method none [preauth] Then it does a couple of other things and closes the connection. Paul -- Paul M. Foster Personal Blog: http://noferblatz.com Company Site: http://quillandmouse.com Software Projects: https://gitlab.com/paulmfoster From nobody Mon Jan 29 19:33:02 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TNz3k3rcmz59H6X for ; Mon, 29 Jan 2024 19:33:06 +0000 (UTC) (envelope-from freebsd-questions@umpquanet.com) Received: from sfo.umpquanet.com (sfo.umpquanet.com [104.245.33.249]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "umpquanet.com", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TNz3j73ykz49cP for ; Mon, 29 Jan 2024 19:33:05 +0000 (UTC) (envelope-from freebsd-questions@umpquanet.com) Authentication-Results: mx1.freebsd.org; none Received: from sfo.umpquanet.com (localhost [127.0.0.1]) by sfo.umpquanet.com (8.16.1/8.16.1) with ESMTPS id 40TJX38h032917 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NO); Mon, 29 Jan 2024 11:33:03 -0800 (PST) (envelope-from freebsd-questions@umpquanet.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=umpquanet.com; s=20231023; t=1706556783; bh=p6BXnXTVOyArkRFDTJ4Qvfgb4LAa2dHobHaZtAXL9/c=; h=Date:From:To:Cc:Subject:References:In-Reply-To; b=Zuym+66d+aXtzW73gIqj81CeFTgUhkLZ/dTp2Mk/e/Jib60jd3dCeBrXF1lsQARW7 nFwnWIrC7j/zqJ1pMfT4O1y8Fs84GzSMdMhVEau6uPdwjZiXaEzGTdxnTivp+Vj/bE NviLitZ+OHooZxd8jjNF2jMd0wGZjzIj2lVX8WZ/CrupVloSqxjxr5SGS/r8LkWEjI 7ayvWQQlFvdepgyyVF4C9yejlI5uVb/U4lWTn6JDljYXMB2IqdW9cgyns9iLKSJDDh 5d/QmGNy2Yccjtd0HYnLz+/EbKO381Xrh1Q0F29E5iKuOcMEWhVPhqnOaWpMX3+eie bj0utEyJW36KA== Received: (from james@localhost) by sfo.umpquanet.com (8.16.1/8.16.1/Submit) id 40TJX251032916; Mon, 29 Jan 2024 11:33:02 -0800 (PST) (envelope-from freebsd-questions@umpquanet.com) X-Authentication-Warning: sfo.umpquanet.com: james set sender to freebsd-questions@umpquanet.com using -f Date: Mon, 29 Jan 2024 11:33:02 -0800 From: Jim Long To: Paul M Foster Cc: freebsd-questions@freebsd.org Subject: Re: Enabling SSHD Message-ID: References: <20240129125745.fuh6nnc4dooto2oz@yosemite.mars.lan> <20240129134722.fbwrvamdf2wx4vik@yosemite.mars.lan> <4f60fad9-c5b1-46ea-bfbf-7e654bd5d3d1@FreeBSD.org> <20240129155758.2nnyjihsyiyxztib@yosemite.mars.lan> List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20240129155758.2nnyjihsyiyxztib@yosemite.mars.lan> X-Rspamd-Queue-Id: 4TNz3j73ykz49cP X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:6364, ipnet:104.245.32.0/23, country:US] On Mon, Jan 29, 2024 at 10:57:58AM -0500, Paul M Foster wrote: > > Assuming I want to login as any user on the system, hacking pam > shouldn't be necessary, right? Correct. > I've made the following changes to the stock /etc/ssh/sshd_config: > > PubkeyAuthentication no > PermitRootLogin yes > PasswordAuthentication yes Comment out the first line, and the third line. So then you'll have only one change to the stock file, namely: PermitRootLogin yes Just to ensure there aren't any mistaken assumptions, please confirm by replying with the output of: # grep '^[^#]' /etc/ssh/sshd_config You should see: PermitRootLogin yes AuthorizedKeysFile .ssh/authorized_keys Subsystem sftp /usr/libexec/sftp-server and nothing else. If that's so, then restart the sshd service: # service sshd restart and re-try your logins. You may also find clues in /var/log/auth.log on the sshd server side. Good luck! Jim > And of course, restarted the daemon each time I made a change. However, > when I try to ssh in in the following ways: > > ssh paulf@buckaroo > ssh root@buckaroo > ssh buckaroo > ssh 192.168.254.30 > > I get a flat "Permission denied (password,keyboard-interactive)". Not even > an attempt to ask for a password. > > Clearly something's wrong, but I have no idea what. And I have googled the > problem and visitied numerous sites to no avail. > > Paul > > -- > Paul M. Foster > Personal Blog: http://noferblatz.com > Company Site: http://quillandmouse.com > Software Projects: https://gitlab.com/paulmfoster From nobody Mon Jan 29 19:56:57 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TNzb60b5yz59K2J for ; Mon, 29 Jan 2024 19:56:50 +0000 (UTC) (envelope-from pprocacci@gmail.com) Received: from mail-ed1-x536.google.com (mail-ed1-x536.google.com [IPv6:2a00:1450:4864:20::536]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TNzb55bl4z4Gl2 for ; Mon, 29 Jan 2024 19:56:49 +0000 (UTC) (envelope-from pprocacci@gmail.com) Authentication-Results: mx1.freebsd.org; none Received: by mail-ed1-x536.google.com with SMTP id 4fb4d7f45d1cf-55ef011e934so2060457a12.3 for ; Mon, 29 Jan 2024 11:56:49 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1706558208; x=1707163008; darn=freebsd.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=pYmVDFvl7Sx+Ar6x2fJwa5S+XXryLg56EGbqz85BBLU=; b=eDyKToHENYLiN/hQnAmbwB2eJapERQBjFO8aH+weBXxI29TN7xJ7xCXu7sL+vS0G92 Cu13MVIGtcUyUrSepafjLTge2H3OdpjCYd2Co9OrEOfchvFmFFnnXc3dCqMtWJBPGkWt UUs9axpA6rxx5AWNAJqTtTmuBu8XnQ9LMt1g7qK2M4AjyFUep2HNOxySiq4EO5QFHQhX 0Iut9tm2UYjVuvILJifvzTS6JqC30XfOeq6vqFBtf/DWscglJYobAMhJzr4thjtt6FVO naMhGB5dvhSc/61xB6xbSmLs1LypkiGFLzbQ44FBy1kHVOa9h12doU75/YcwT2NRBqge Bn7w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706558208; x=1707163008; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=pYmVDFvl7Sx+Ar6x2fJwa5S+XXryLg56EGbqz85BBLU=; b=tbieKNs4GkIWqRw4kk1AILpSUP5PhgBX0J4m1f7NauBNgPJiPkHwgimH+4k7l1xHbk uClCeGU06gHzX4HOxta26JaQBq54eGhHfTvL8w/MjMYBm+Tx4SJV0g5VQbBRsRPtTgEM Ys13oaMk6I8opaxkls9cTO6Mxi+7cROzKlIuVsP2jFL+rVdn9FxxaijCDeXMzik2Bmci hXDYVR+G7/gEU4ZO3JcbrPQN+uUZ4a4CaUreHg4a6m73YZ1xvhgBlKTUwyXImeWWY/OP OY5f+8GVMSAgwooZkN47G+S6+3oR54AMEdhobpFL/tbkDAr2jNFpE4L/Z7ZZi+gQZr9o Nr0w== X-Gm-Message-State: AOJu0YynP002hRnfCzTeh86LLdWDhuLeOXK7huHtdrY7U6tZlpw3N47M 9pKbwSCFF5jd+bMtR35QyTRuYDApIT3TX13zl8HAxQ+N783Lk38vbUsvenFsoWFiogp+j973ULX 7VMHhCDstj6Vf4VgSgpgNVyHWnyZ10hU= X-Google-Smtp-Source: AGHT+IEwG+YX/6LTn6DnAKHCgX5Hw2poZH393W4e504SBvSyHnmYdUEDjREnd2YsmXa/kPaovolgJ08bvbL89M+LGYc= X-Received: by 2002:a05:6402:278c:b0:55f:31f7:4279 with SMTP id b12-20020a056402278c00b0055f31f74279mr465757ede.12.1706558208014; Mon, 29 Jan 2024 11:56:48 -0800 (PST) List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 References: In-Reply-To: From: Paul Procacci Date: Mon, 29 Jan 2024 14:56:57 -0500 Message-ID: Subject: Re: VirtIO/ipfw/natd throughput problem in hosted VM To: Jim Long Cc: freebsd-questions@freebsd.org Content-Type: multipart/alternative; boundary="000000000000c6fbcb06101b0b64" X-Rspamd-Queue-Id: 4TNzb55bl4z4Gl2 X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US] --000000000000c6fbcb06101b0b64 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Mon, Jan 29, 2024 at 1:39=E2=80=AFPM Jim Long wrote: > On Mon, Jan 29, 2024 at 12:54:49PM -0500, Paul Procacci wrote: > > > > The most glaringly obvious thing to me is to use in-kernel nat instead = of > > natd. > > Packets won't have to leave the kernel at that point. > > It's detailed in ipfw(8). > > > > ~Paul > > Thank you very much! Your tip plus some cribbing from: > > https://www.neelc.org/posts/freebsd-ipfw-nat/ > > seems to have taken care of it. > > Regards, > > Jim > My pleasure Jim. ~Paul --=20 __________________ :(){ :|:& };: --000000000000c6fbcb06101b0b64 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable


On Mon, Jan 29, 2024 at 1:39=E2= =80=AFPM Jim Long <fr= eebsd-questions@umpquanet.com> wrote:
On Mon, Jan 29, 2024 at 12:54:49PM -0500, Paul= Procacci wrote:
>
> The most glaringly obvious thing to me is to use in-kernel nat instead= of
> natd.
> Packets won't have to leave the kernel at that point.
> It's detailed in ipfw(8).
>
> ~Paul

Thank you very much!=C2=A0 Your tip plus some cribbing from:

https://www.neelc.org/posts/freebsd-ipfw-nat/

seems to have taken care of it.

Regards,

Jim

My pleasure Jim.
=
~Paul

--
________= __________

:(){ :|:& };:
--000000000000c6fbcb06101b0b64-- From nobody Mon Jan 29 22:13:06 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TP2fC18vBz59WCM for ; Mon, 29 Jan 2024 22:14:43 +0000 (UTC) (envelope-from dewayne@heuristicsystems.com.au) Received: from heuristicsystems.com.au (hermes.heuristicsystems.com.au [203.41.22.115]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2560 bits) client-digest SHA256) (Client CN "hermes.heuristicsystems.com.au", Issuer "Heuristic Systems Type 4 Host CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TP2fB3gBhz4ZCt for ; Mon, 29 Jan 2024 22:14:42 +0000 (UTC) (envelope-from dewayne@heuristicsystems.com.au) Authentication-Results: mx1.freebsd.org; none Received: from [10.0.5.4] ([10.0.5.4]) (authenticated bits=0) by heuristicsystems.com.au (8.15.2/8.15.2) with ESMTPA id 40TMD6V2041634; Tue, 30 Jan 2024 09:13:06 +1100 (AEDT) (envelope-from dewayne@heuristicsystems.com.au) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=heuristicsystems.com.au; s=hsa; t=1706566386; x=1707171187; bh=Ehxm1d8nSqRlL5cw32e+parJu0IHgqec86EJar/yhYI=; h=Message-ID:Date:Subject:To:Cc:From; b=KlSpKQGf+tIc7MHNfRvSeo5Xy/J+/c6REE46X34vwIdh7JbcAN0/D/O7Mi0Ac9l/N K0p5Eu0wGgu3RbDkEM4bIZfdmAyjo19TLmuDWwgIs63cVfDow6TnvzKHI/kXbjkGPx LX+aHGyFelZbgrTVDXOuz5PVH/arfdKFazbtpmCWW1gMNuJEAPf5u Message-ID: Date: Tue, 30 Jan 2024 09:13:06 +1100 List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: Enabling SSHD Content-Language: en-GB To: paulf@quillandmouse.com Cc: freebsd-questions@freebsd.org References: <20240129125745.fuh6nnc4dooto2oz@yosemite.mars.lan> <20240129134722.fbwrvamdf2wx4vik@yosemite.mars.lan> <4f60fad9-c5b1-46ea-bfbf-7e654bd5d3d1@FreeBSD.org> <20240129155758.2nnyjihsyiyxztib@yosemite.mars.lan> <20240129191505.4xfntt4zbqsfmjdp@yosemite.mars.lan> From: Dewayne Geraghty In-Reply-To: <20240129191505.4xfntt4zbqsfmjdp@yosemite.mars.lan> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4TP2fB3gBhz4ZCt X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:1221, ipnet:203.40.0.0/13, country:AU] Hi Paul, You don't need to populate ~/.ssh. It is required if you use ssh keys for outbound connections with keys or because that's the usual place for the authorized_keys file for inbound (to your machine). But you're not doing that. I use a lot of virtualbox VM's for development and use an ssh password to connect to them. This is what I do: 1. Change root's password so you have something in master.passwd to log into. 2. cat /etc/ssh/sshd_config |grep -v "^Port " PermitRootLogin yes AuthorizedKeysFile .ssh/authorized_keys ChallengeResponseAuthentication yes PasswordAuthentication yes UsePAM yes Subsystem sftp /usr/libexec/sftp-server UseDNS no RekeyLimit default none PermitTunnel no UseBlacklist no VersionAddendum Linux-Kali KerberosAuthentication no GSSAPIAuthentication no X11Forwarding no PrintMotd no PrintLastLog no 3. Adjust the client accordingly, I use putty from windoz. 4. Be happy. This is NOT what I have for machines accessible via the internet, where I only use long keys (rsa > 5K), no root, different port, encrypted keys and restrict KEX etc - stuff you'll learn as you progress. Its a lot of fun and "ssh -vv" is your friend. :) Cheers. PS I don't like having sftp but it does make copying convenient On 30/01/2024 6:15 am, Paul M Foster wrote: > On Mon, Jan 29, 2024 at 10:30:52AM -0800, Walter Parker wrote: > >> For a permission denied error, check to see if the files have the >> correct permission (home dir, -/.ssh, other files as used). Also check >> your client to make sure it has the proper permissions. > > On the server (the BSD machine) there are no ~/.ssh files for my user. Does > that matter? On the Linux box (the client), my local ssh files are all > okay. I routinely ssh into other (Linux) boxes on my network. > >> >> The other way to find errors is to start sshd (from the command line) >> with -d and/or -v flags and then try to connect using your ssh client. >> The sshd server will out logging as to what the errors are. It may tell >> you what is causing the permission denied error. > > Lots of gobbledegook, except maybe this: > > debug1: userauth-request for user paulf service ssh-connection method none [preauth] > > Then it does a couple of other things and closes the connection. > > Paul > From nobody Mon Jan 29 23:29:32 2024 X-Original-To: questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TP4K02X6kz57gj1 for ; Mon, 29 Jan 2024 23:29:56 +0000 (UTC) (envelope-from jfadams1963@proton.me) Received: from mail-40134.protonmail.ch (mail-40134.protonmail.ch [185.70.40.134]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "protonmail.com", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TP4K00781z4r6q for ; Mon, 29 Jan 2024 23:29:56 +0000 (UTC) (envelope-from jfadams1963@proton.me) Authentication-Results: mx1.freebsd.org; none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=proton.me; s=o5rib4e7wbdx5dksybvhcf4sei.protonmail; t=1706570992; x=1706830192; bh=2zSzPFMdPriI7TYXNH/Oj5oUVkPlNK2xxDZPMJLPpnI=; h=Date:To:From:Subject:Message-ID:In-Reply-To:References: Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID:BIMI-Selector; b=B4mK0Yn8FQ4labhBOQLbq/DCfduNvL9avNVw0/WdLnBWxRx64RNCv/LcGEni2KaMW R8xgQ+MqJXvTuYolCt4i3VezCyc2k9cFhNwm3Pkc4Q/a4NTjKWvqyB3ETwebpUprRB f4NBYigzolEFLlB2eh8Z4AEJmO3Rw8KdVfkljwT/GDRH6+5DpkHrWmipUAE6OxPin/ hSsRaX5dux4KAlrG4f/EPpIgIpwRkikal7YC275IbeDWlEG5NiYFFG6yxyz+us40t6 w5YyknQXTMDYQfUkC0tCgh8Gwua7o61mxrOo2eMs8AxFWgbY83CHVHWNYeXCL7+hZN 1ooReUCqY4bcQ== Date: Mon, 29 Jan 2024 23:29:32 +0000 To: questions@freebsd.org, Matthew Seaman From: Jonathan Adams Subject: Re: Enabling SSHD Message-ID: In-Reply-To: <4f60fad9-c5b1-46ea-bfbf-7e654bd5d3d1@FreeBSD.org> References: <20240129125745.fuh6nnc4dooto2oz@yosemite.mars.lan> <20240129134722.fbwrvamdf2wx4vik@yosemite.mars.lan> <4f60fad9-c5b1-46ea-bfbf-7e654bd5d3d1@FreeBSD.org> Feedback-ID: 80741059:user:proton List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha512; boundary="------bfa6cf80e735d26942d448431a2f20756132cf3976d6b5822d1b4e047ef1e4da"; charset=utf-8 X-Rspamd-Queue-Id: 4TP4K00781z4r6q X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:62371, ipnet:185.70.40.0/24, country:CH] This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------bfa6cf80e735d26942d448431a2f20756132cf3976d6b5822d1b4e047ef1e4da Content-Type: multipart/mixed;boundary=---------------------60aa9b5362dfdcf6a33872e7bf44c790 -----------------------60aa9b5362dfdcf6a33872e7bf44c790 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain;charset=utf-8 On Monday, January 29th, 2024 at 9:15 AM, Matthew Seaman wrote: > > Passwords are not prohibited for SSH access. Yes, thank you. I was misremembering the default config, though I do remem= ber now that it 'just worked' before I set up key-based logins and disable= d passwd logins. https://docs.freebsd.org/en/books/handbook/security/#security-sshd-securit= y-options Paul, I'm curious about what your server's /var/log/auth.log says when you= try to connect. - Jonathan Adams ____________________________________________ "Before Turing, things were done to numbers. After Turing, numbers began doing things" - George Dyson -----------------------60aa9b5362dfdcf6a33872e7bf44c790-- --------bfa6cf80e735d26942d448431a2f20756132cf3976d6b5822d1b4e047ef1e4da Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: ProtonMail wnUEARYKACcFgmW4NLIJkI6O/sbt8r3IFiEEcBGzOO9wDbcpT/10jo7+xu3y vcgAAMGzAQCNpvl8tclPz6DJAOlr6vYVkxEX5Nln/4ZIn4fPBKB3PgD/Yozq 8GkAnVejzKbe96/1skiWW2i7B3K+vnwSkv79+gA= =5m+0 -----END PGP SIGNATURE----- --------bfa6cf80e735d26942d448431a2f20756132cf3976d6b5822d1b4e047ef1e4da-- From nobody Tue Jan 30 03:27:31 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TP9bV3ct2z5879T for ; Tue, 30 Jan 2024 03:27:50 +0000 (UTC) (envelope-from smithi@nimnet.asn.au) Received: from h1.out2.mxs.au (h1.out2.mxs.au [110.232.143.236]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TP9bV0Cp5z4Gmp for ; Tue, 30 Jan 2024 03:27:48 +0000 (UTC) (envelope-from smithi@nimnet.asn.au) Authentication-Results: mx1.freebsd.org; none Received: from s121.syd3.hostingplatform.net.au (s121.syd3.hostingplatform.net.au [103.27.34.4]) by out2.mxs.au (Halon) with ESMTPS (TLSv1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 id 830f684e-bf1f-11ee-b49b-00163c1ebd60 for ; Tue, 30 Jan 2024 14:27:35 +1100 (AEDT) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=nimnet.asn.au; s=default; h=Message-ID:From:CC:To:Subject: Content-Transfer-Encoding:Content-Type:MIME-Version:References:In-Reply-To: Date:Sender:Reply-To:Content-ID:Content-Description:Resent-Date:Resent-From: Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help: List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=2OxKIRbmPYBP1eKHex7D8VZ/nGXpoFJBxpDsg0THzV0=; b=DsN/+/l3ZklCUljbnE71K5m8rZ BkpeZh9Nh1+Ies/qhIyS6ILg7AvgAhXEKpZzo4fUcO4k+Qf0B/5DYsm8tnfQqm6Q2Io73fF2XTWvL hqgl9Fn7602fqhsHxOGu2eq7mn9Xf3P631J4vsKZTUYtTtS9PKN9nLd9Sz83K/FrgZlgZSL3SYusy t8VOeSGLfLoyTpS6fZ91Y1IC0RcPkwCGz5ZQ5q0oiflVygTU5hIE3G9yWi0xi7Ik4tzUz6gzW3CV5 hsTSEjCgn0IGZBDnH1EZjZFdi9dIe7/5AAeweoptxMOm0svHaRaG5JHMzQGsE1pGV2Ja/uQhq1RoZ FhIp79xQ==; Received: from [1.145.40.16] (port=1851 helo=[10.174.66.243]) by s121.syd3.hostingplatform.net.au with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.96.2) (envelope-from ) id 1rUemd-003hAZ-20; Tue, 30 Jan 2024 14:27:35 +1100 Date: Tue, 30 Jan 2024 14:27:31 +1100 User-Agent: K-9 Mail for Android In-Reply-To: References: List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Subject: Re: VirtIO/ipfw/natd throughput problem in hosted VM To: Jim Long ,Paul Procacci CC: freebsd-questions@freebsd.org From: Ian Smith Message-ID: X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - s121.syd3.hostingplatform.net.au X-AntiAbuse: Original Domain - freebsd.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - nimnet.asn.au X-Get-Message-Sender-Via: s121.syd3.hostingplatform.net.au: authenticated_id: smithi@nimnet.asn.au X-Authenticated-Sender: s121.syd3.hostingplatform.net.au: smithi@nimnet.asn.au X-Source: X-Source-Args: X-Source-Dir: X-Rspamd-Queue-Id: 4TP9bV0Cp5z4Gmp X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:45638, ipnet:110.232.143.0/24, country:AU] On 30 January 2024 5:38:58 am AEDT, Jim Long wrote: > On Mon, Jan 29, 2024 at 12:54:49PM -0500, Paul Procacci wrote: > > > > The most glaringly obvious thing to me is to use in-kernel nat > instead of > > natd=2E > > Packets won't have to leave the kernel at that point=2E > > It's detailed in ipfw(8)=2E > >=20 > > ~Paul >=20 > Thank you very much! Your tip plus some cribbing from: >=20 > https://www=2Eneelc=2Eorg/posts/freebsd-ipfw-nat/ >=20 > seems to have taken care of it=2E >=20 > Regards, >=20 > Jim That's great, but for future reference be sure to a) only divert 'ip4', not 'ip' packets to natd(8) - i=2Ee=2E no ipv6 packe= ts=2E b) see section BUGS at the end of ipfw(8): you must disable TSO with ifcon= fig(8) to use ipfw nat, which the above article doesn't mention=2E cheers, Ian From nobody Tue Jan 30 04:32:05 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TPC1k2ydfz58DcS for ; Tue, 30 Jan 2024 04:32:10 +0000 (UTC) (envelope-from paulf@quillandmouse.com) Received: from seahorse.cherry.relay.mailchannels.net (seahorse.cherry.relay.mailchannels.net [23.83.223.161]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TPC1h3VBwz4MmN for ; Tue, 30 Jan 2024 04:32:08 +0000 (UTC) (envelope-from paulf@quillandmouse.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=quillandmouse.com header.s=dreamhost header.b=LSVKhtPr; arc=pass ("mailchannels.net:s=arc-2022:i=1"); dmarc=none; spf=pass (mx1.freebsd.org: domain of paulf@quillandmouse.com designates 23.83.223.161 as permitted sender) smtp.mailfrom=paulf@quillandmouse.com X-Sender-Id: dreamhost|x-authsender|paulf@quillandmouse.com Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id B718B83B24 for ; Tue, 30 Jan 2024 04:32:06 +0000 (UTC) Received: from pdx1-sub0-mail-a269.dreamhost.com (unknown [127.0.0.6]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id 5EA39839E1 for ; Tue, 30 Jan 2024 04:32:06 +0000 (UTC) ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1706589126; a=rsa-sha256; cv=none; b=XK9xqmiO36wvjFdjnNTs5nk/WysgU5oP6RRDwGVRPPZfLVWExg53AwllO8+wgmnABkmBV3 nnOAT/JFuwYV0L3wcC21USs2yDQenIapswhovKMeFDjkylXdBSZ1o7N41Kzjkp9WfpazN9 4TJey5/Ia44tAoM1FxsjGCe/fz1LctrWwg7Ju8AGs0L+MrbXPgq6K72IKr6/YIA4T/76yb Iehl4zUtaYICEXteVK9pEmmr0x6yPYvlcwEjeHWkzDlXHENvgY1G/NYV1//HEfNghBYSeC NNbHC31yL1XAIJPk4EOAz/RqgPyhw1Ob58iWZmtNMZlp9wv76PFbRQTJG4kVEQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1706589126; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:dkim-signature; bh=1+UxYmn4b0UJivCmmeZKvUhHoYO38uMY0t58eFRk8Ro=; b=pbPYiz7r4FhdqR6bLSBEtsik8UQGs1eIMyz1V1uB/B1zfnn85r9ZUxoM4YRf/1+/QJ9jR4 AIYLy9K9i5J2fZMs5zW7LjR1AjtuG4+P42eExaROig9VaSKZXH7Y8P0dUCddlvQ1SGFYMR VgAdJBJngrUp5QTYb3v+Tpo20eZ0Hg4A0+7MCulmVH7cl8zH/ii1tahBl225+ofe6UELne Y5orwiyJHIU8IGRqY0vM3bM572sDsUXPwV3kBd44PdKgSNur0HKzDwyqrzf1zJg4I6JAYq DRjbe8ueJchV3DXOTntXQ47jUEt2cZPaaMNNfCpl6pD9bfRp5iVbHciyt99VLQ== ARC-Authentication-Results: i=1; rspamd-6fdd97fffb-btctq; auth=pass smtp.auth=dreamhost smtp.mailfrom=paulf@quillandmouse.com X-Sender-Id: dreamhost|x-authsender|paulf@quillandmouse.com X-MC-Relay: Neutral X-MailChannels-SenderId: dreamhost|x-authsender|paulf@quillandmouse.com X-MailChannels-Auth-Id: dreamhost X-Whimsical-Society: 279dfad059d3c61e_1706589126603_190849580 X-MC-Loop-Signature: 1706589126603:3221264587 X-MC-Ingress-Time: 1706589126603 Received: from pdx1-sub0-mail-a269.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.110.105.71 (trex/6.9.2); Tue, 30 Jan 2024 04:32:06 +0000 Received: from yosemite.mars.lan (unknown [47.205.190.127]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: paulf@quillandmouse.com) by pdx1-sub0-mail-a269.dreamhost.com (Postfix) with ESMTPSA id 4TPC1f1cJxz4g for ; Mon, 29 Jan 2024 20:32:06 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quillandmouse.com; s=dreamhost; t=1706589126; bh=1+UxYmn4b0UJivCmmeZKvUhHoYO38uMY0t58eFRk8Ro=; h=Date:From:To:Subject:Reply-To:Content-Type; b=LSVKhtPrGDifQw3TH4VeOmS4Vy9OpceFE7pz9aIHP2rwfBppvc+WxyGmGhOEGIYKi WwsDthJ5VUfjlrSsrkL27YroMcNf1GwlbzaUdyZ6d1VI2xIZNlBnnAIuoHl9R8ENis cFLwzycL9kvlrZIYX55qTKuDI5o8+kMKC4ZLrQ+tXaY6EWJzOJvaxhzLnCKLx7cbay FYHcfcKxoeR6mFww2rnO4bONey01xC4f4ldM5sRM7oksJ5lbIrmRUGubdyUE7fmI2X qt5q8ei5S9tEOrWfKwd+4e19ubcegiSPbb3hpdU1mZLQ1GkRJ68OrRybeJvjTbhwYk iUjuOS3vPZTMQ== Received: from paulf by yosemite.mars.lan with local (Exim 4.96) (envelope-from ) id 1rUfn3-000Esn-0X for freebsd-questions@freebsd.org; Mon, 29 Jan 2024 23:32:05 -0500 Date: Mon, 29 Jan 2024 23:32:05 -0500 From: Paul M Foster To: freebsd-questions@freebsd.org Subject: Enabling SSD Message-ID: <20240130043205.2japt7ja7j5urm5r@yosemite.mars.lan> Reply-To: paulf@quillandmouse.com Mail-Followup-To: freebsd-questions@freebsd.org List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.60 / 15.00]; ARC_ALLOW(-1.00)[mailchannels.net:s=arc-2022:i=1]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; R_SPF_ALLOW(-0.20)[+ip4:23.83.208.0/20]; R_DKIM_ALLOW(-0.20)[quillandmouse.com:s=dreamhost]; MIME_GOOD(-0.10)[text/plain]; RWL_MAILSPIKE_GOOD(-0.10)[23.83.223.161:from]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DKIM_TRACE(0.00)[quillandmouse.com:+]; DMARC_NA(0.00)[quillandmouse.com]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; MISSING_XM_UA(0.00)[]; FROM_HAS_DN(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[23.83.223.161:from]; RCVD_COUNT_FIVE(0.00)[5]; REPLYTO_ADDR_EQ_FROM(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; ASN(0.00)[asn:63213, ipnet:23.83.223.0/24, country:CA]; TO_DN_NONE(0.00)[]; MLMMJ_DEST(0.00)[freebsd-questions@freebsd.org]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; RCVD_VIA_SMTP_AUTH(0.00)[]; HAS_REPLYTO(0.00)[paulf@quillandmouse.com] X-Rspamd-Queue-Id: 4TPC1h3VBwz4MmN Folks: Fresh install of FreeBSD 14. The following changes in /etc/ssh/sshd_config: LogLevel DEBUG PermitRootLogin yes PubkeyAuthentication no PasswordAuthentication yes KbdInteractiveAuthentication no No modifications have been made to other files, including the PAM files. My intent is to insist on password, not public key authentication. Root login is more or less irrelevent, just convenient. Regardless of edits to the file, or which user, attempts to login from elsewhere on the LAN fail. The response on the client side: I'm not asked for a password at all. The connection just closes. This client has consistently been able to SSH into other Linux clients on this LAN. It's based on the latest Debian, so it's particularly out of date. Here are the relevant lines from auth.log: Jan 30 03:24:22 buckaroo sshd[3121]: Connection from 192.168.254.20 port 60568 on 192.168.254.30 port 22 Jan 30 03:34:22 buckaroo sshd[3121]: Connection closed by authenticating user paulf 192.168.254.20 port 60568 [preauth] The last line puzzles me. Does this mean that the *client* closed the connection? If so, any guesses why? If this is no help, any other reasons why SSH is not working properly? Paul -- Paul M. Foster Personal Blog: http://noferblatz.com Company Site: http://quillandmouse.com Software Projects: https://gitlab.com/paulmfoster From nobody Tue Jan 30 04:55:55 2024 X-Original-To: questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TPCYD4whKz58GDb; Tue, 30 Jan 2024 04:56:00 +0000 (UTC) (envelope-from paulf@quillandmouse.com) Received: from rusty.tulip.relay.mailchannels.net (rusty.tulip.relay.mailchannels.net [23.83.218.252]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TPCYC3x1bz4PlJ; Tue, 30 Jan 2024 04:55:59 +0000 (UTC) (envelope-from paulf@quillandmouse.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=quillandmouse.com header.s=dreamhost header.b=ZjhwGSz7; arc=pass ("mailchannels.net:s=arc-2022:i=1"); dmarc=none; spf=pass (mx1.freebsd.org: domain of paulf@quillandmouse.com designates 23.83.218.252 as permitted sender) smtp.mailfrom=paulf@quillandmouse.com X-Sender-Id: dreamhost|x-authsender|paulf@quillandmouse.com Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id CAFA6141F91; Tue, 30 Jan 2024 04:55:57 +0000 (UTC) Received: from pdx1-sub0-mail-a269.dreamhost.com (unknown [127.0.0.6]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id 6FE75142AC0; Tue, 30 Jan 2024 04:55:57 +0000 (UTC) ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1706590557; a=rsa-sha256; cv=none; b=DzhefoguuAVUy+CrLYTaFSwKJnG4hAUylL1tt/2/zBCpDZuUHNVA1XfCtavX55tbMMJVp2 zgneAohFcQTNJQ6xwN0HODc4cKiZg91j1ooEOy8taujXxtXVs90hdJBvz4+5zm025pR1BY RI8XH7Y4DJiswbeYp990T/rN7M3ybAl1ic03NhDd5m/bLB3wImTzkZ6NrIyy0NpIXO2R92 lEOqA3JP/VFeqBtAwmHkvROQYHPQ9Ne2fk9tX31adrR7++wFe6qSy427a8JxZDlUD+vfpy qYXLR6iT7MhHZi16DAbjbMvQZiioJmMPv+1j3y5NKoD8DEWFmkbmMT46l/SKww== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1706590557; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references:dkim-signature; bh=n38eMxm8JGNpqOXUWiNlL2dH/84a0rHWSBbc6/CxPJg=; b=bvIOiXdajIEWN5Om0LEFohV3aI01d4sxe2gG84XZfnS/1uvXIVksUF6xz0y1DOPptt6yJf ArEZwOodD9VvULrdYg46M4ho5khWeWEaPbawJ/tltnRv5mWgROTwoGl3VBaKXIKg0wNbBQ ZoU+mIKTWu0d9K6boZEzOmnWwjHwmsD38qp8dbuZNxYKsAgSrlqE56v0OzDTcA4dapUb+u r037QPAAmghiYc6yzw0yEZdiHEdNGD6bjsP6O/pxu1lAJxi9nVhRR7IPpdjsrvMV9npdlu +4LmNrl/90jW1gpzK/1saJws+sXt58D+rUyayV0dYLU/QZHvGEJInH6ZiJTAYA== ARC-Authentication-Results: i=1; rspamd-9c9494d96-wjxlk; auth=pass smtp.auth=dreamhost smtp.mailfrom=paulf@quillandmouse.com X-Sender-Id: dreamhost|x-authsender|paulf@quillandmouse.com X-MC-Relay: Neutral X-MailChannels-SenderId: dreamhost|x-authsender|paulf@quillandmouse.com X-MailChannels-Auth-Id: dreamhost X-Snatch-Tart: 3df3e59d0d685ffe_1706590557699_1049158193 X-MC-Loop-Signature: 1706590557699:4239126854 X-MC-Ingress-Time: 1706590557698 Received: from pdx1-sub0-mail-a269.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.100.20.137 (trex/6.9.2); Tue, 30 Jan 2024 04:55:57 +0000 Received: from yosemite.mars.lan (unknown [47.205.190.127]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: paulf@quillandmouse.com) by pdx1-sub0-mail-a269.dreamhost.com (Postfix) with ESMTPSA id 4TPCY91pCMzGK; Mon, 29 Jan 2024 20:55:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quillandmouse.com; s=dreamhost; t=1706590557; bh=n38eMxm8JGNpqOXUWiNlL2dH/84a0rHWSBbc6/CxPJg=; h=Date:From:To:Subject:Content-Type; b=ZjhwGSz7K+k86lREf9MD32gdf+IgVh1hJ3XnwQWLWC9aKK47OZ1i15djwGDgFvqWY T/ff+o1/arTNfmd+hwi/MUTdQvjVEiV1CsLnIVpmStO9IQRtGNj7w762juwlr9hL/9 N2hg35cG8A185QR+Y6ofIck72Esaugy+3wk7tgNExofkS5H5782bR0Jda9T+QRTBgk bl3ZOh/SycYImR9UfpF+mxx0X6EybAJ6Q5HJnhHx+W1XhKLGVEj8tkz8+mvlVgElt2 Zbw93ZF0vmBSR7ouZiEm6Z0/nVZrmuCmrzj6t6BiuPH86LitBrb+NNYdbIgCEQICih 7MdV692ehBy0A== Received: from paulf by yosemite.mars.lan with local (Exim 4.96) (envelope-from ) id 1rUgA7-000JiD-2x; Mon, 29 Jan 2024 23:55:55 -0500 Date: Mon, 29 Jan 2024 23:55:55 -0500 From: Paul M Foster To: questions@freebsd.org, freebsd-questions@freebsd.org Subject: [SOLVED] Re: Enabling SSD Message-ID: <20240130045555.rh56scckxauiaqhj@yosemite.mars.lan> Mail-Followup-To: questions@freebsd.org, freebsd-questions@freebsd.org References: <20240130043205.2japt7ja7j5urm5r@yosemite.mars.lan> List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20240130043205.2japt7ja7j5urm5r@yosemite.mars.lan> X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.70 / 15.00]; ARC_ALLOW(-1.00)[mailchannels.net:s=arc-2022:i=1]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-0.999]; R_SPF_ALLOW(-0.20)[+ip4:23.83.208.0/20]; R_DKIM_ALLOW(-0.20)[quillandmouse.com:s=dreamhost]; RWL_MAILSPIKE_VERYGOOD(-0.20)[23.83.218.252:from]; MIME_GOOD(-0.10)[text/plain]; MISSING_XM_UA(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_VIA_SMTP_AUTH(0.00)[]; ASN(0.00)[asn:63213, ipnet:23.83.216.0/22, country:CA]; FROM_HAS_DN(0.00)[]; DMARC_NA(0.00)[quillandmouse.com]; RCPT_COUNT_TWO(0.00)[2]; RCVD_COUNT_FIVE(0.00)[5]; FROM_EQ_ENVFROM(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[23.83.218.252:from]; TO_DN_NONE(0.00)[]; RCVD_TLS_LAST(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MLMMJ_DEST(0.00)[freebsd-questions@freebsd.org,questions@freebsd.org]; DKIM_TRACE(0.00)[quillandmouse.com:+] X-Rspamd-Queue-Id: 4TPCYC3x1bz4PlJ On Mon, Jan 29, 2024 at 11:32:05PM -0500, Paul M Foster wrote: > Folks: > > Fresh install of FreeBSD 14. The following changes in /etc/ssh/sshd_config: > > LogLevel DEBUG > PermitRootLogin yes > PubkeyAuthentication no > PasswordAuthentication yes > KbdInteractiveAuthentication no > > No modifications have been made to other files, including the PAM files. > > My intent is to insist on password, not public key authentication. Root > login is more or less irrelevent, just convenient. > > Regardless of edits to the file, or which user, attempts to login from > elsewhere on the LAN fail. The response on the client side: I'm not asked > for a password at all. The connection just closes. This client has > consistently been able to SSH into other Linux clients on this LAN. It's > based on the latest Debian, so it's particularly out of date. > > Here are the relevant lines from auth.log: > > Jan 30 03:24:22 buckaroo sshd[3121]: Connection from 192.168.254.20 port > 60568 on 192.168.254.30 port 22 > Jan 30 03:34:22 buckaroo sshd[3121]: Connection closed by authenticating > user paulf 192.168.254.20 port 60568 [preauth] > > The last line puzzles me. Does this mean that the *client* closed the > connection? If so, any guesses why? If this is no help, any other reasons > why SSH is not working properly? > > Paul > Well, I solved it. On the CLIENT, in the ~/.ssh/config, I had: PasswordAuthentication no When I changed this value to yes, it all worked. Thanks to all who attempted to help. It is appreciated. Paul -- Paul M. Foster Personal Blog: http://noferblatz.com Company Site: http://quillandmouse.com Software Projects: https://gitlab.com/paulmfoster From nobody Tue Jan 30 04:55:55 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TPCYD4whKz58GDb; Tue, 30 Jan 2024 04:56:00 +0000 (UTC) (envelope-from paulf@quillandmouse.com) Received: from rusty.tulip.relay.mailchannels.net (rusty.tulip.relay.mailchannels.net [23.83.218.252]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TPCYC3x1bz4PlJ; Tue, 30 Jan 2024 04:55:59 +0000 (UTC) (envelope-from paulf@quillandmouse.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=quillandmouse.com header.s=dreamhost header.b=ZjhwGSz7; arc=pass ("mailchannels.net:s=arc-2022:i=1"); dmarc=none; spf=pass (mx1.freebsd.org: domain of paulf@quillandmouse.com designates 23.83.218.252 as permitted sender) smtp.mailfrom=paulf@quillandmouse.com X-Sender-Id: dreamhost|x-authsender|paulf@quillandmouse.com Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id CAFA6141F91; Tue, 30 Jan 2024 04:55:57 +0000 (UTC) Received: from pdx1-sub0-mail-a269.dreamhost.com (unknown [127.0.0.6]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id 6FE75142AC0; Tue, 30 Jan 2024 04:55:57 +0000 (UTC) ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1706590557; a=rsa-sha256; cv=none; b=DzhefoguuAVUy+CrLYTaFSwKJnG4hAUylL1tt/2/zBCpDZuUHNVA1XfCtavX55tbMMJVp2 zgneAohFcQTNJQ6xwN0HODc4cKiZg91j1ooEOy8taujXxtXVs90hdJBvz4+5zm025pR1BY RI8XH7Y4DJiswbeYp990T/rN7M3ybAl1ic03NhDd5m/bLB3wImTzkZ6NrIyy0NpIXO2R92 lEOqA3JP/VFeqBtAwmHkvROQYHPQ9Ne2fk9tX31adrR7++wFe6qSy427a8JxZDlUD+vfpy qYXLR6iT7MhHZi16DAbjbMvQZiioJmMPv+1j3y5NKoD8DEWFmkbmMT46l/SKww== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1706590557; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references:dkim-signature; bh=n38eMxm8JGNpqOXUWiNlL2dH/84a0rHWSBbc6/CxPJg=; b=bvIOiXdajIEWN5Om0LEFohV3aI01d4sxe2gG84XZfnS/1uvXIVksUF6xz0y1DOPptt6yJf ArEZwOodD9VvULrdYg46M4ho5khWeWEaPbawJ/tltnRv5mWgROTwoGl3VBaKXIKg0wNbBQ ZoU+mIKTWu0d9K6boZEzOmnWwjHwmsD38qp8dbuZNxYKsAgSrlqE56v0OzDTcA4dapUb+u r037QPAAmghiYc6yzw0yEZdiHEdNGD6bjsP6O/pxu1lAJxi9nVhRR7IPpdjsrvMV9npdlu +4LmNrl/90jW1gpzK/1saJws+sXt58D+rUyayV0dYLU/QZHvGEJInH6ZiJTAYA== ARC-Authentication-Results: i=1; rspamd-9c9494d96-wjxlk; auth=pass smtp.auth=dreamhost smtp.mailfrom=paulf@quillandmouse.com X-Sender-Id: dreamhost|x-authsender|paulf@quillandmouse.com X-MC-Relay: Neutral X-MailChannels-SenderId: dreamhost|x-authsender|paulf@quillandmouse.com X-MailChannels-Auth-Id: dreamhost X-Snatch-Tart: 3df3e59d0d685ffe_1706590557699_1049158193 X-MC-Loop-Signature: 1706590557699:4239126854 X-MC-Ingress-Time: 1706590557698 Received: from pdx1-sub0-mail-a269.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.100.20.137 (trex/6.9.2); Tue, 30 Jan 2024 04:55:57 +0000 Received: from yosemite.mars.lan (unknown [47.205.190.127]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: paulf@quillandmouse.com) by pdx1-sub0-mail-a269.dreamhost.com (Postfix) with ESMTPSA id 4TPCY91pCMzGK; Mon, 29 Jan 2024 20:55:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quillandmouse.com; s=dreamhost; t=1706590557; bh=n38eMxm8JGNpqOXUWiNlL2dH/84a0rHWSBbc6/CxPJg=; h=Date:From:To:Subject:Content-Type; b=ZjhwGSz7K+k86lREf9MD32gdf+IgVh1hJ3XnwQWLWC9aKK47OZ1i15djwGDgFvqWY T/ff+o1/arTNfmd+hwi/MUTdQvjVEiV1CsLnIVpmStO9IQRtGNj7w762juwlr9hL/9 N2hg35cG8A185QR+Y6ofIck72Esaugy+3wk7tgNExofkS5H5782bR0Jda9T+QRTBgk bl3ZOh/SycYImR9UfpF+mxx0X6EybAJ6Q5HJnhHx+W1XhKLGVEj8tkz8+mvlVgElt2 Zbw93ZF0vmBSR7ouZiEm6Z0/nVZrmuCmrzj6t6BiuPH86LitBrb+NNYdbIgCEQICih 7MdV692ehBy0A== Received: from paulf by yosemite.mars.lan with local (Exim 4.96) (envelope-from ) id 1rUgA7-000JiD-2x; Mon, 29 Jan 2024 23:55:55 -0500 Date: Mon, 29 Jan 2024 23:55:55 -0500 From: Paul M Foster To: questions@freebsd.org, freebsd-questions@freebsd.org Subject: [SOLVED] Re: Enabling SSD Message-ID: <20240130045555.rh56scckxauiaqhj@yosemite.mars.lan> Mail-Followup-To: questions@freebsd.org, freebsd-questions@freebsd.org References: <20240130043205.2japt7ja7j5urm5r@yosemite.mars.lan> List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20240130043205.2japt7ja7j5urm5r@yosemite.mars.lan> X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.70 / 15.00]; ARC_ALLOW(-1.00)[mailchannels.net:s=arc-2022:i=1]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-0.999]; R_SPF_ALLOW(-0.20)[+ip4:23.83.208.0/20]; R_DKIM_ALLOW(-0.20)[quillandmouse.com:s=dreamhost]; RWL_MAILSPIKE_VERYGOOD(-0.20)[23.83.218.252:from]; MIME_GOOD(-0.10)[text/plain]; MISSING_XM_UA(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_VIA_SMTP_AUTH(0.00)[]; ASN(0.00)[asn:63213, ipnet:23.83.216.0/22, country:CA]; FROM_HAS_DN(0.00)[]; DMARC_NA(0.00)[quillandmouse.com]; RCPT_COUNT_TWO(0.00)[2]; RCVD_COUNT_FIVE(0.00)[5]; FROM_EQ_ENVFROM(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[23.83.218.252:from]; TO_DN_NONE(0.00)[]; RCVD_TLS_LAST(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MLMMJ_DEST(0.00)[freebsd-questions@freebsd.org,questions@freebsd.org]; DKIM_TRACE(0.00)[quillandmouse.com:+] X-Rspamd-Queue-Id: 4TPCYC3x1bz4PlJ On Mon, Jan 29, 2024 at 11:32:05PM -0500, Paul M Foster wrote: > Folks: > > Fresh install of FreeBSD 14. The following changes in /etc/ssh/sshd_config: > > LogLevel DEBUG > PermitRootLogin yes > PubkeyAuthentication no > PasswordAuthentication yes > KbdInteractiveAuthentication no > > No modifications have been made to other files, including the PAM files. > > My intent is to insist on password, not public key authentication. Root > login is more or less irrelevent, just convenient. > > Regardless of edits to the file, or which user, attempts to login from > elsewhere on the LAN fail. The response on the client side: I'm not asked > for a password at all. The connection just closes. This client has > consistently been able to SSH into other Linux clients on this LAN. It's > based on the latest Debian, so it's particularly out of date. > > Here are the relevant lines from auth.log: > > Jan 30 03:24:22 buckaroo sshd[3121]: Connection from 192.168.254.20 port > 60568 on 192.168.254.30 port 22 > Jan 30 03:34:22 buckaroo sshd[3121]: Connection closed by authenticating > user paulf 192.168.254.20 port 60568 [preauth] > > The last line puzzles me. Does this mean that the *client* closed the > connection? If so, any guesses why? If this is no help, any other reasons > why SSH is not working properly? > > Paul > Well, I solved it. On the CLIENT, in the ~/.ssh/config, I had: PasswordAuthentication no When I changed this value to yes, it all worked. Thanks to all who attempted to help. It is appreciated. Paul -- Paul M. Foster Personal Blog: http://noferblatz.com Company Site: http://quillandmouse.com Software Projects: https://gitlab.com/paulmfoster From nobody Tue Jan 30 05:06:51 2024 X-Original-To: questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TPCq94SlSz58HRf for ; Tue, 30 Jan 2024 05:08:05 +0000 (UTC) (envelope-from lain@fair.moe) Received: from mail.076.ne.jp (mail.076.ne.jp [45.76.218.69]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TPCq70spFz4SM2 for ; Tue, 30 Jan 2024 05:08:03 +0000 (UTC) (envelope-from lain@fair.moe) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=076.ne.jp header.s=dkim header.b=oo8jnq45; dmarc=none; spf=none (mx1.freebsd.org: domain of lain@fair.moe has no SPF policy when checking 45.76.218.69) smtp.mailfrom=lain@fair.moe Received: from mail.076.ne.jp (localhost [127.0.0.1]) by mail.076.ne.jp (Postfix) with ESMTP id 4TPCpy72GQzW3Sn for ; Tue, 30 Jan 2024 14:07:54 +0900 (JST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=076.ne.jp; h= user-agent:in-reply-to:content-disposition:content-type :mime-version:references:message-id:subject:to:from:date; s= dkim; t=1706591274; x=1709183275; bh=AaLG+pcudnv/KQ/8KOVsqpxkaMN 8xkK6z3CEXDwbE9s=; b=oo8jnq4544EqqsxoKIy8rzu+GdFAPMYloxEqlNHC8LR KPlZPOSwnvH0ABo8+7owaGMeL9JokfZkk351dQeRwf0psHDwXS5+ebqFdayJMsG8 zsX3+kTjz0fDPnuQKfnbXt+W205yXZm8K2lQjoFOaSMywjRikDQdDKV2jKAKJfbc ET1rkawWHqdtJLjgANh7hBYhfSed5ntwhjU+igKJjyxJlTcxi5J2PyyQhQyRps6X d+3khk8llQqb2VM7bK4advPH00rOCxlk1/XUY8oiLQqzX0s83HDK+Ci3BeJwa/Lv UzA6pNPh72f60tvCEuq/sy5kcFaq/utlNN1WuM4P0zw== X-Virus-Scanned: Debian amavisd-new at guest.guest Received: from mail.076.ne.jp ([127.0.0.1]) by mail.076.ne.jp (mail.076.ne.jp [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id S_LbAqNLmATB for ; Tue, 30 Jan 2024 14:07:54 +0900 (JST) Received: from mail.fair.moe (ip1.193.076.moe [219.117.254.193]) by mail.076.ne.jp (Postfix) with ESMTPSA id 4TPCpy0FbrzW0sl for ; Tue, 30 Jan 2024 14:07:53 +0900 (JST) Date: Tue, 30 Jan 2024 14:06:51 +0900 From: "lain." To: questions@freebsd.org Subject: Re: Re: Enabling SSHD Message-ID: <6eaugbyc7ajemwqbrodp4tu73uhjrkfbdmdaavvgjssnzopx6i@4ocegiuwuca3> X-Location: =?utf-8?B?IkVhcnRoL+WcsOeQgyI=?= X-Operating-System: "GNU/Linux" References: <20240129125745.fuh6nnc4dooto2oz@yosemite.mars.lan> <20240129134722.fbwrvamdf2wx4vik@yosemite.mars.lan> List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="a6upnnm5qpel2qu6" Content-Disposition: inline In-Reply-To: <20240129134722.fbwrvamdf2wx4vik@yosemite.mars.lan> User-Agent: NeoMutt/20231221 X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.90 / 15.00]; SIGNED_PGP(-2.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; MID_RHS_NOT_FQDN(0.50)[]; R_DKIM_ALLOW(-0.20)[076.ne.jp:s=dkim]; MIME_GOOD(-0.20)[multipart/signed,text/plain]; DMARC_NA(0.00)[fair.moe]; RCVD_VIA_SMTP_AUTH(0.00)[]; ASN(0.00)[asn:20473, ipnet:45.76.192.0/19, country:US]; RCPT_COUNT_ONE(0.00)[1]; MIME_TRACE(0.00)[0:+,1:+,2:~]; R_SPF_NA(0.00)[no SPF record]; MLMMJ_DEST(0.00)[questions@freebsd.org]; RCVD_COUNT_THREE(0.00)[3]; FROM_EQ_ENVFROM(0.00)[]; FROM_HAS_DN(0.00)[]; ARC_NA(0.00)[]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[questions@freebsd.org]; TO_MATCH_ENVRCPT_ALL(0.00)[]; RCVD_TLS_LAST(0.00)[]; DKIM_TRACE(0.00)[076.ne.jp:+] X-Rspamd-Queue-Id: 4TPCq70spFz4SM2 --a6upnnm5qpel2qu6 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2024=E5=B9=B401=E6=9C=8829=E6=97=A5 08:47, the silly Paul M Foster claim= ed to have said: > I certainly hope this is not the case. I've been running Linux for 30 > years, and am looking to transition to FreeBSD. If passwords are prohibit= ed > for SSH access, that would be a major reason for me not to pursue FreeBSD > any further. FWIW, I disagree with the current fad of believing that > passwords should be eliminated for everything. I believe passwords, > properly implemented, are more than adequate for normal security. If you'= re > trying to secure NSA servers or something, by all means eliminate > passwords in favor of hardware keys or the like. >=20 > In any case, this doesn't provide any actual methods for resolving the > current problem. >=20 > Paul PGP keys are generally safer than passwords in the case of SSH. If you have password-based authentication enabled, you'll get a password prompt, which could be exploited if your password is known, or somebody guessed it. If you disable that and have key-based authentication instead, you can only login from a machine that has the public and private keys available, so if the NSA or some other criminal organization would try to break in, they'll be greeted with a "permission denied". If you're super paranoid, you can configure pf to only allow connections to port 22 from specific hosts only on top of that. I personally use 64 character long, randomly generated passwords with lowercase, uppercase, digits, and special characters for each login, but way too many people don't. And unlike the well known 2FA stupidity, PGP keys can be generated and configured on the remote server in just a few seconds. By the way, if you use Git, you probably already have a PGP key. However, if that Git server happens to be Microsoft Github or some Gitea/Gitlab/Forgejo instance hosted behind Cloudflare or Fastly, better generate separate PGP keys for each one of them, so you can easily revoke access to bad actors while maintaining access to your own servers. --=20 lain. Did you know that? 90% of all emails sent on a daily basis are being sent in plain text, and i= t's super easy to intercept emails as they flow over the internet? Never send passwords, tokens, personal information, or other volunerable in= formation without proper PGP encryption! If you're writing your emails unencrypted, please consider sending PGP encr= ypted emails for security reasons. You can find my PGP public key at: https://fair.moe/lain.asc Every good email client is able to send encrypted emails. If yours can't, then you should consider switching to a secure email client= , because yours just sucks. My recommendations are Claws Mail or NeoMutt. For instructions on how to encrypt your emails: https://unixsheikh.com/tutorials/gnupg-tutorial.html --a6upnnm5qpel2qu6 Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQGzBAEBCAAdFiEEozVhUpXECiNYIKIXtWNzC1Y29b0FAmW4g+EACgkQtWNzC1Y2 9b0RGgv/bmQ1XV8DINGCGGh2nDg0zGC3HrX3JvdBV0IOlnlpzhMzZ3Cml+Et6v9A qqSkOlP3uwffKYO1rFmsVuGV59yTjJ+vRYgWuzGqUrcLNk/Yk58noP7z3rqSBgKY L/tfCQkd0gDMEjzIdqXX9yzWilCs3o+mpn3k5+mG2T0rGhmKlXVT8x9AEFBSxvwp bk4A4wBxqNTUzW84ZlEQI7f40JKbrRBVQDqSJr7Y3NwHax1nbnFQhgf1cMNatSF1 Kc0IfqR/5frEG85cUMLyQ7yHcKTcFHQhBwIjY1z/IfYNWjcRVcd2RK+BNRlCL9Of VigqvD+RoSVuoCjKZ2fZRn+ipbKkNMBISRiHb4ojftvtzPHoDOfseWF8pU4e90Oh 7QHTsIEBz2mskeRoP0Av04gWlM4BVKlhN93NTxStVswbPsC9+B/kbUF1b7s8XOhx VDumPSc31g4D9vEFwpt2adnQcJdWmnZqo0lNGg8olApdwFpjRj3AkFRAQ37q2qTA ntdWYmSx =Sx2p -----END PGP SIGNATURE----- --a6upnnm5qpel2qu6-- From nobody Tue Jan 30 06:43:08 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TPFx75TkJz58RKh for ; Tue, 30 Jan 2024 06:43:23 +0000 (UTC) (envelope-from tomek@cedro.info) Received: from mail-yw1-x1131.google.com (mail-yw1-x1131.google.com [IPv6:2607:f8b0:4864:20::1131]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TPFx72gjzz4jGR for ; Tue, 30 Jan 2024 06:43:23 +0000 (UTC) (envelope-from tomek@cedro.info) Authentication-Results: mx1.freebsd.org; none Received: by mail-yw1-x1131.google.com with SMTP id 00721157ae682-6029e069e08so48233297b3.0 for ; Mon, 29 Jan 2024 22:43:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cedro.info; s=google; t=1706597002; x=1707201802; darn=freebsd.org; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc:subject:date:message-id:reply-to; bh=eKf8HDE7UQX2lFx5pOQR63jwBaVboYix8PmkRWSBYeo=; b=JB22JjXqwrytrU++6u2VsZX0zwRuVlRNLgxXq1egv+bAqfKsxsyZUjHsektYPtwu1Y HJTIqLOgibDIBIJrljA733PlK2eVWgchERX8TaWsdIQooeT7sh/2UyZiEDW2Uvyzj2sT 1E4eYgYYmX2CKIZaHIGk5le8Po7lSuX/PnJPqV8SHcX6PX+ZIiwwlI2Nq1kmgBxBTLbX zOsND3vcy0Yl6ZOJarBSGB+bHDiHaPbHVAauv+fqOYs3gZwoRzCfFC5nf94ijQNollSV uELv94A0bloqeXqnxAL2Rtaj621eUwwUL+QosOYpe8X9rIxX5FMevqzhCGAAK2zueqJS q8kw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706597002; x=1707201802; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=eKf8HDE7UQX2lFx5pOQR63jwBaVboYix8PmkRWSBYeo=; b=BXOjyGey/amvbu+1zxU0aRgKdMf2yqhW3NfRXQMGSjAxTywVbZ/ldnZSQ9CjsOdIuI Pv6LxSw/qn9vQNosyD+nGglEs/CoZ5RAR8Za39cMmYTVUaJKFMZ78BSeCQsp6b/gK8L1 OKxl8mZWtJaXcPNLwt3FmaR4RRX3ZNmFnn0LYnBQkHBOpwCKA7fm9wsTcrFZAp2/QZaS cBeAmzf/kmhuJoPXdUfyY5JjQL7rsRB2jo7b/VXK7Bpj3VfsgmfXx6jO54HwuJXpywQv sfGTYQKCfoBBgddK7yxn9XWB2zNRZ3NTkIclsRwM75j/vDq/+ebq6Lub8IqPDiMSyQsD HbDw== X-Gm-Message-State: AOJu0Yz7vYSF5jCcQT+mPD5F4ywsOo+v+1mJOy0KrXOEcpcSiON0uMk8 0ZzBPTqKTGA41Kh64ypm4F27iZydsFJ/Zw3dFmyzcrNpdQwFdnB7bupoX0xDuckQYtAXX8pmLPA = X-Google-Smtp-Source: AGHT+IG/YjmxzXV2KKmLTCyuZdaCtbOGSLC+S1c87SoEribJ+pByhT2xeBnPBQ8U2d269CNE7qSZNQ== X-Received: by 2002:a81:e207:0:b0:5ff:4d23:9243 with SMTP id p7-20020a81e207000000b005ff4d239243mr5074735ywl.15.1706597001941; Mon, 29 Jan 2024 22:43:21 -0800 (PST) Received: from mail-yw1-f174.google.com (mail-yw1-f174.google.com. [209.85.128.174]) by smtp.gmail.com with ESMTPSA id i71-20020a81914a000000b00603eb201977sm600781ywg.70.2024.01.29.22.43.21 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Mon, 29 Jan 2024 22:43:21 -0800 (PST) Received: by mail-yw1-f174.google.com with SMTP id 00721157ae682-5edfcba97e3so40353587b3.2 for ; Mon, 29 Jan 2024 22:43:21 -0800 (PST) X-Received: by 2002:a0d:ead2:0:b0:5ff:82fc:9686 with SMTP id t201-20020a0dead2000000b005ff82fc9686mr5488910ywe.3.1706597001141; Mon, 29 Jan 2024 22:43:21 -0800 (PST) List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 References: <20240130043205.2japt7ja7j5urm5r@yosemite.mars.lan> In-Reply-To: <20240130043205.2japt7ja7j5urm5r@yosemite.mars.lan> From: Tomek CEDRO Date: Tue, 30 Jan 2024 07:43:08 +0100 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: Enabling SSD To: paulf@quillandmouse.com, FreeBSD Questions Mailing List Content-Type: multipart/alternative; boundary="00000000000007248506102414be" X-Rspamd-Queue-Id: 4TPFx72gjzz4jGR X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US] --00000000000007248506102414be Content-Type: text/plain; charset="UTF-8" > PermitRootLogin yes this is extremely dangerous. have you considered su or sudo? > PubkeyAuthentication no this is really easy. try one as an exercise. you can generate public and private keys pair with a script. then you keep the private key on your own computer and public key on the remote host. you can protect the key with password. you can even put the private key on the usb token (i.e. yubikey) so it's not stored as a file and you carry the key all the times protect it with a pin and use it for different hosts so you don't have to remember thousands of passwords :-) -- CeDeROM, SQ7MHZ, http://www.tomek.cedro.info --00000000000007248506102414be Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
> PermitRootLogin yes

this is extremely dangerous. have= you considered su or sudo?

> PubkeyAuthentication no

this is really easy. try one as an exercise. you can generat= e public and private keys pair with a script. then you keep the private key= on your own computer and public key on the remote host. you can protect th= e key with password. you can even put the private key on the usb token (i.e= . yubikey) so it's not stored as a file and you carry the key all the t= imes protect it with a pin and use it for different hosts so you don't = have to remember thousands of passwords :-)

--
CeDeROM, SQ7MHZ, http://www.tomek.cedro.info
--00000000000007248506102414be-- From nobody Wed Jan 31 03:32:35 2024 X-Original-To: questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TPnfZ28TBz58HRh for ; Wed, 31 Jan 2024 03:32:38 +0000 (UTC) (envelope-from pkagan@videotron.ca) Received: from alt41.smtp-out.videotron.ca (alt41.smtp-out.videotron.ca [23.233.128.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "vl-vm-csp356.ip.videotron.ca", Issuer "int-SNINTCAP1-CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TPnfY1VqVz4PXj for ; Wed, 31 Jan 2024 03:32:37 +0000 (UTC) (envelope-from pkagan@videotron.ca) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=videotron.ca header.s=s1 header.b=p0gBZvnt; dmarc=pass (policy=none) header.from=videotron.ca; spf=pass (mx1.freebsd.org: domain of pkagan@videotron.ca designates 23.233.128.28 as permitted sender) smtp.mailfrom=pkagan@videotron.ca Received: from AWLDM ([173.178.79.2]) by Videotron with ESMTP id V1L1rX4GhIUiKV1L1rlfOd; Tue, 30 Jan 2024 22:32:35 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=videotron.ca; s=s1; t=1706671955; bh=xpghvBgPdwC461Lo+qeK+Iv+HRCSrvIwa8PEYkCm/qo=; h=From:To:Subject:Date; b=p0gBZvnt/QjBFcoaLp/wgrw16OkeJHBzSA1vpaUyr2y71uFRdHhBEGJsfuZNixrng RMdkqmVl5lu6YRAma2ULWwK250hRQ0E1C/aSflmYaWaEJqyrlskWCTiCFGdYvoTQ2c 9uwKc5uYyYZZhlTVFqEkXl56Y2KYfqLr70ZbUmjLNVBRhti/ynEwOU3C1K0ZIVevBM m1CwLBJuAvNIfxZ8AmVyKcjlhfDYtpdfRXZ4s0Ou7vY7jA4OlQKe1An7XX40CMPpFI t0Bj6YvctrcmvYFOE8O9vYVhR/ArrdQeymjnKKIy2NbOGXeUrqXN599ftHy6k6quRG crGLi6zopBbdg== X-Authority-Analysis: v=2.4 cv=P4T8xAMu c=1 sm=1 tr=0 ts=65b9bf53 a=8sNthiHmWqMLc6V2qJRLaA==:117 a=8sNthiHmWqMLc6V2qJRLaA==:17 a=DAwyPP_o2Byb1YXLmDAA:9 a=D627BkHD90XJFeaNFkMA:9 a=CjuIK1q_8ugA:10 a=yMhMjlubAAAA:8 a=SSmOFEACAAAA:8 a=KjDL-FC8lmMJcfABIcYA:9 a=gKO2Hq4RSVkA:10 a=UiCQ7L4-1S4A:10 a=hTZeC7Yk6K0A:10 a=frz4AuCg-hUA:10 From: "Paul Kagan" To: Subject: certbot does not work Date: Tue, 30 Jan 2024 22:32:35 -0500 Message-ID: <00c501da53f6$222d8640$668892c0$@videotron.ca> List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_00C6_01DA53CC.39581A80" X-Mailer: Microsoft Outlook 16.0 Content-language: fr Thread-index: AdpT9bsXvcdM6YqmRYOEQdePSFKHkg== X-CMAE-Envelope: MS4xfNo4OoLMFXn4qvLYBV7z+jAr6J/VhZUCi+ZfIPNF/ck00y4EoYqJNi6wvi0lsMlRMk1GLG55X8Hhc39Hoo35ofSMMVqB2KT+UydIiZdMGYHLq2caAMFM DE1K31hTZcz187p4qZBnrwl2/Lu6XWrDCmL7argTQAbKvvTCkpUdcBpQF3yu02zvw2sNppHBFEojeg== X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.22 / 15.00]; DWL_DNSWL_LOW(-1.00)[videotron.ca:dkim]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-0.999]; DMARC_POLICY_ALLOW(-0.50)[videotron.ca,none]; NEURAL_HAM_SHORT(-0.22)[-0.217]; R_DKIM_ALLOW(-0.20)[videotron.ca:s=s1]; R_SPF_ALLOW(-0.20)[+ip4:23.233.128.28/30]; ONCE_RECEIVED(0.10)[]; RCVD_IN_DNSWL_LOW(-0.10)[23.233.128.28:from]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; FREEMAIL_ENVFROM(0.00)[videotron.ca]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RCPT_COUNT_ONE(0.00)[1]; FREEMAIL_FROM(0.00)[videotron.ca]; ASN(0.00)[asn:5769, ipnet:23.233.128.0/18, country:CA]; RCVD_COUNT_ONE(0.00)[1]; ARC_NA(0.00)[]; MLMMJ_DEST(0.00)[questions@freebsd.org]; FROM_EQ_ENVFROM(0.00)[]; FROM_HAS_DN(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; TO_DN_NONE(0.00)[]; RCVD_TLS_LAST(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DKIM_TRACE(0.00)[videotron.ca:+] X-Rspamd-Queue-Id: 4TPnfY1VqVz4PXj This is a multipart message in MIME format. ------=_NextPart_000_00C6_01DA53CC.39581A80 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit root@videotron:/usr/ports/security/openssl # @CRYPTOGRAPHY_OPENSSL_NO_LEGACY @CRYPTOGRAPHY_OPENSSL_NO_LEGACY: Command not found. root@videotron:/usr/ports/security/openssl # setenv CRYPTOGRAPHY_OPENSSL_NO_LEGACY=yes ; certbot setenv: Variable name must contain alphanumeric characters. Traceback (most recent call last): File "/usr/local/bin/certbot", line 33, in sys.exit(load_entry_point('certbot==2.8.0', 'console_scripts', 'certbot')()) File "/usr/local/bin/certbot", line 25, in importlib_load_entry_point return next(matches).load() File "/usr/local/lib/python3.9/importlib/metadata.py", line 86, in load module = import_module(match.group('module')) File "/usr/local/lib/python3.9/importlib/__init__.py", line 127, in import_module return _bootstrap._gcd_import(name[level:], package, level) File "", line 1030, in _gcd_import File "", line 1007, in _find_and_load File "", line 986, in _find_and_load_unlocked File "", line 680, in _load_unlocked File "", line 850, in exec_module File "", line 228, in _call_with_frames_removed File "/usr/local/lib/python3.9/site-packages/certbot/main.py", line 6, in from certbot._internal import main as internal_main File "/usr/local/lib/python3.9/site-packages/certbot/_internal/main.py", line 21, in import josepy as jose File "/usr/local/lib/python3.9/site-packages/josepy/__init__.py", line 40, in from josepy.json_util import ( File "/usr/local/lib/python3.9/site-packages/josepy/json_util.py", line 24, in from OpenSSL import crypto File "/usr/local/lib/python3.9/site-packages/OpenSSL/__init__.py", line 8, in from OpenSSL import SSL, crypto File "/usr/local/lib/python3.9/site-packages/OpenSSL/SSL.py", line 9, in from OpenSSL._util import ( File "/usr/local/lib/python3.9/site-packages/OpenSSL/_util.py", line 6, in from cryptography.hazmat.bindings.openssl.binding import Binding File "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/openssl /binding.py", line 167, in Binding.init_static_locks() File "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/openssl /binding.py", line 134, in init_static_locks cls._ensure_ffi_initialized() File "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/openssl /binding.py", line 123, in _ensure_ffi_initialized _legacy_provider_error(cls._legacy_provider_loaded) File "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/openssl /binding.py", line 43, in _legacy_provider_error raise RuntimeError( RuntimeError: OpenSSL 3.0's legacy provider failed to load. This is a fatal error by default, but cryptography supports running without legacy algorithms by setting the environment variable CRYPTOGRAPHY_OPENSSL_NO_LEGACY. If you did not expect this error, you have likely made a mistake with your OpenSSL configuration. root@videotron:/usr/ports/security/openssl # setenv CRYPTOGRAPHY_OPENSSL_NO_LEGACY=yes ; certbot setenv: Variable name must contain alphanumeric characters. Traceback (most recent call last): File "/usr/local/bin/certbot", line 33, in sys.exit(load_entry_point('certbot==2.8.0', 'console_scripts', 'certbot')()) File "/usr/local/bin/certbot", line 25, in importlib_load_entry_point return next(matches).load() File "/usr/local/lib/python3.9/importlib/metadata.py", line 86, in load module = import_module(match.group('module')) File "/usr/local/lib/python3.9/importlib/__init__.py", line 127, in import_module return _bootstrap._gcd_import(name[level:], package, level) File "", line 1030, in _gcd_import File "", line 1007, in _find_and_load File "", line 986, in _find_and_load_unlocked File "", line 680, in _load_unlocked File "", line 850, in exec_module File "", line 228, in _call_with_frames_removed File "/usr/local/lib/python3.9/site-packages/certbot/main.py", line 6, in from certbot._internal import main as internal_main File "/usr/local/lib/python3.9/site-packages/certbot/_internal/main.py", line 21, in import josepy as jose File "/usr/local/lib/python3.9/site-packages/josepy/__init__.py", line 40, in from josepy.json_util import ( File "/usr/local/lib/python3.9/site-packages/josepy/json_util.py", line 24, in from OpenSSL import crypto File "/usr/local/lib/python3.9/site-packages/OpenSSL/__init__.py", line 8, in from OpenSSL import SSL, crypto File "/usr/local/lib/python3.9/site-packages/OpenSSL/SSL.py", line 9, in from OpenSSL._util import ( File "/usr/local/lib/python3.9/site-packages/OpenSSL/_util.py", line 6, in from cryptography.hazmat.bindings.openssl.binding import Binding File "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/openssl /binding.py", line 167, in Binding.init_static_locks() File "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/openssl /binding.py", line 134, in init_static_locks cls._ensure_ffi_initialized() File "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/openssl /binding.py", line 123, in _ensure_ffi_initialized _legacy_provider_error(cls._legacy_provider_loaded) File "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/openssl /binding.py", line 43, in _legacy_provider_error raise RuntimeError( RuntimeError: OpenSSL 3.0's legacy provider failed to load. This is a fatal error by default, but cryptography supports running without legacy algorithms by setting the environment variable CRYPTOGRAPHY_OPENSSL_NO_LEGACY. If you did not expect this error, you have likely made a mistake with your OpenSSL configuration. root@videotron:/usr/ports/security/openssl # ------=_NextPart_000_00C6_01DA53CC.39581A80 Content-Type: text/html; charset="US-ASCII" Content-Transfer-Encoding: quoted-printable

root@videotron:/usr/ports/security/openssl # = @CRYPTOGRAPHY_OPENSSL_NO_LEGACY

@CRYPTOGRAPHY_OPENSSL_NO_LEGACY: Command not = found.

root@videotron:/usr/ports/security/openssl # setenv = CRYPTOGRAPHY_OPENSSL_NO_LEGACY=3Dyes ; certbot

setenv: Variable name must contain alphanumeric = characters.

Traceback (most recent = call last):

File = "/usr/local/bin/certbot", line 33, in = <module>

sys.exit(load_entry_point('certbot=3D=3D2.8.0', = 'console_scripts', 'certbot')())

File = "/usr/local/bin/certbot", line 25, in = importlib_load_entry_point

return = next(matches).load()

File = "/usr/local/lib/python3.9/importlib/metadata.py", line 86, in = load

module =3D = import_module(match.group('module'))

File = "/usr/local/lib/python3.9/importlib/__init__.py", line 127, in = import_module

return = _bootstrap._gcd_import(name[level:], package, level)

File "<frozen importlib._bootstrap>", = line 1030, in _gcd_import

File = "<frozen importlib._bootstrap>", line 1007, in = _find_and_load

File "<frozen = importlib._bootstrap>", line 986, in = _find_and_load_unlocked

File = "<frozen importlib._bootstrap>", line 680, in = _load_unlocked

File "<frozen = importlib._bootstrap_external>", line 850, in = exec_module

File "<frozen = importlib._bootstrap>", line 228, in = _call_with_frames_removed

File = "/usr/local/lib/python3.9/site-packages/certbot/main.py", line = 6, in <module>

from = certbot._internal import main as internal_main

File = "/usr/local/lib/python3.9/site-packages/certbot/_internal/main.py&qu= ot;, line 21, in <module>

import josepy as jose

File = "/usr/local/lib/python3.9/site-packages/josepy/__init__.py", = line 40, in <module>

from = josepy.json_util import (

File = "/usr/local/lib/python3.9/site-packages/josepy/json_util.py", = line 24, in <module>

from = OpenSSL import crypto

File = "/usr/local/lib/python3.9/site-packages/OpenSSL/__init__.py", = line 8, in <module>

from = OpenSSL import SSL, crypto

File = "/usr/local/lib/python3.9/site-packages/OpenSSL/SSL.py", line = 9, in <module>

from = OpenSSL._util import (

File = "/usr/local/lib/python3.9/site-packages/OpenSSL/_util.py", = line 6, in <module>

from = cryptography.hazmat.bindings.openssl.binding import = Binding

File = "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings= /openssl/binding.py", line 167, in <module>

Binding.init_static_locks()

File = "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings= /openssl/binding.py", line 134, in = init_static_locks

cls._ensure_ffi_initialized()

File = "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings= /openssl/binding.py", line 123, in = _ensure_ffi_initialized

_legacy_provider_error(cls._legacy_provider_loaded)

File = "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings= /openssl/binding.py", line 43, in = _legacy_provider_error

raise = RuntimeError(

RuntimeError: OpenSSL = 3.0's legacy provider failed to load. This is a fatal error by default, = but cryptography supports running without legacy algorithms by setting = the environment variable CRYPTOGRAPHY_OPENSSL_NO_LEGACY. If you did not = expect this error, you have likely made a mistake with your OpenSSL = configuration.

root@videotron:/usr/ports/security/openssl # setenv = CRYPTOGRAPHY_OPENSSL_NO_LEGACY=3Dyes ; certbot

setenv: Variable name must contain alphanumeric = characters.

Traceback (most recent = call last):

File = "/usr/local/bin/certbot", line 33, in = <module>

sys.exit(load_entry_point('certbot=3D=3D2.8.0', = 'console_scripts', 'certbot')())

File = "/usr/local/bin/certbot", line 25, in = importlib_load_entry_point

return = next(matches).load()

File = "/usr/local/lib/python3.9/importlib/metadata.py", line 86, in = load

module =3D = import_module(match.group('module'))

File = "/usr/local/lib/python3.9/importlib/__init__.py", line 127, in = import_module

return = _bootstrap._gcd_import(name[level:], package, level)

File "<frozen importlib._bootstrap>", = line 1030, in _gcd_import

File = "<frozen importlib._bootstrap>", line 1007, in = _find_and_load

File "<frozen = importlib._bootstrap>", line 986, in = _find_and_load_unlocked

File = "<frozen importlib._bootstrap>", line 680, in = _load_unlocked

File "<frozen = importlib._bootstrap_external>", line 850, in = exec_module

File "<frozen = importlib._bootstrap>", line 228, in = _call_with_frames_removed

File = "/usr/local/lib/python3.9/site-packages/certbot/main.py", line = 6, in <module>

from = certbot._internal import main as internal_main

File = "/usr/local/lib/python3.9/site-packages/certbot/_internal/main.py&qu= ot;, line 21, in <module>

import josepy as jose

File = "/usr/local/lib/python3.9/site-packages/josepy/__init__.py", = line 40, in <module>

from = josepy.json_util import (

File = "/usr/local/lib/python3.9/site-packages/josepy/json_util.py", = line 24, in <module>

from = OpenSSL import crypto

File = "/usr/local/lib/python3.9/site-packages/OpenSSL/__init__.py", = line 8, in <module>

from = OpenSSL import SSL, crypto

File = "/usr/local/lib/python3.9/site-packages/OpenSSL/SSL.py", line = 9, in <module>

from = OpenSSL._util import (

File = "/usr/local/lib/python3.9/site-packages/OpenSSL/_util.py", = line 6, in <module>

from = cryptography.hazmat.bindings.openssl.binding import = Binding

File = "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings= /openssl/binding.py", line 167, in <module>

Binding.init_static_locks()

File = "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings= /openssl/binding.py", line 134, in = init_static_locks

cls._ensure_ffi_initialized()

File = "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings= /openssl/binding.py", line 123, in = _ensure_ffi_initialized

_legacy_provider_error(cls._legacy_provider_loaded)

File = "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings= /openssl/binding.py", line 43, in = _legacy_provider_error

raise = RuntimeError(

RuntimeError: OpenSSL = 3.0's legacy provider failed to load. This is a fatal error by default, = but cryptography supports running without legacy algorithms by setting = the environment variable CRYPTOGRAPHY_OPENSSL_NO_LEGACY. If you did not = expect this error, you have likely made a mistake with your OpenSSL = configuration.

root@videotron:/usr/ports/security/openssl = #

------=_NextPart_000_00C6_01DA53CC.39581A80-- From nobody Wed Jan 31 03:38:59 2024 X-Original-To: questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TPnnw4cRGz58J22 for ; Wed, 31 Jan 2024 03:39:00 +0000 (UTC) (envelope-from pkagan@videotron.ca) Received: from alt41.smtp-out.videotron.ca (alt41.smtp-out.videotron.ca [23.233.128.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "vl-vm-csp357.ip.videotron.ca", Issuer "int-SNINTCAP1-CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TPnnv6v8Bz4R0l for ; Wed, 31 Jan 2024 03:38:59 +0000 (UTC) (envelope-from pkagan@videotron.ca) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=videotron.ca header.s=s1 header.b=FSBjRa+x; dmarc=pass (policy=none) header.from=videotron.ca; spf=pass (mx1.freebsd.org: domain of pkagan@videotron.ca designates 23.233.128.28 as permitted sender) smtp.mailfrom=pkagan@videotron.ca Received: from AWLDM ([173.178.79.2]) by Videotron with ESMTP id V1RDrXhar6v1YV1RDrhdsv; Tue, 30 Jan 2024 22:38:59 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=videotron.ca; s=s1; t=1706672339; bh=WbKlnWulKnJ/CskVT2C0El9xe149j529nj214JbS234=; h=From:To:Subject:Date; b=FSBjRa+xoyKgpakww1kGjfGOrwaP2JiprpU6ddNS78N0Ye+pOz52igb4gUZlaWAp3 8fBh9R7tH1lworY2p3Qi2saUoeJK7n9//kRtR1bpn6lKqZPRfvwOcSpFIRmPnyPHnw vx1RuM172JlAYseqLGj497eMkmY8PVe579fdu2miBCEcy/T+/qnailDQ0490rpXhMT KJeXa+yUiBnlhRU4K7mPpCznEHKRJNWNiIzNRzSqJ5fBNzQK5JrbdI+n0yVvgxBFXE zY371XxRKzjC0uWvlZF6pbHAOi1gk5D68G8yIdol9uwaa3X+8C7Xk4O8zK1jbOw1sw oOAzAcvrhFCHg== X-Authority-Analysis: v=2.4 cv=NqUXMeRJ c=1 sm=1 tr=0 ts=65b9c0d3 a=8sNthiHmWqMLc6V2qJRLaA==:117 a=8sNthiHmWqMLc6V2qJRLaA==:17 a=DAwyPP_o2Byb1YXLmDAA:9 a=ljV_r89MnBoSW3r30x4A:9 a=CjuIK1q_8ugA:10 a=ZXulRonScM0A:10 a=yMhMjlubAAAA:8 a=SSmOFEACAAAA:8 a=yIUcDTXivtdnl0PvTSQA:9 a=BNUIUmO78P0BPH_u:21 a=gKO2Hq4RSVkA:10 a=UiCQ7L4-1S4A:10 a=hTZeC7Yk6K0A:10 a=frz4AuCg-hUA:10 From: "Paul Kagan" To: Subject: make does not work after upgrade to 14 Date: Tue, 30 Jan 2024 22:38:59 -0500 Message-ID: <00cc01da53f7$06f24860$14d6d920$@videotron.ca> List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="----=_NextPart_000_00CD_01DA53CD.1E1C4060" X-Mailer: Microsoft Outlook 16.0 Content-language: fr Thread-index: AdpT9vYtGSmx+9GZTjKPTI/nogIk4A== X-CMAE-Envelope: MS4xfEQXFIfP5P0c/elPKs6qRNf83MzW9kv9tH2fszOEeejBxIpaRMtIxKeg5h/gLBL5Y2Il5IS3a97BmOh4HlC1IMOjH3Pkhzxq/vcUjwggiLVOHeoWpoBg wYLi3qu+tpZUQG7edU7MF2vYpULXdBkE2fkNm6r1BKCO9vC+SuIf0Hf+DSwM2T58UEqVbq8gCAIM1w== X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.22 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; DWL_DNSWL_LOW(-1.00)[videotron.ca:dkim]; NEURAL_HAM_MEDIUM(-1.00)[-0.999]; DMARC_POLICY_ALLOW(-0.50)[videotron.ca,none]; NEURAL_HAM_SHORT(-0.22)[-0.222]; R_DKIM_ALLOW(-0.20)[videotron.ca:s=s1]; R_SPF_ALLOW(-0.20)[+ip4:23.233.128.28/30:c]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; RCVD_IN_DNSWL_LOW(-0.10)[23.233.128.28:from]; ONCE_RECEIVED(0.10)[]; ASN(0.00)[asn:5769, ipnet:23.233.128.0/18, country:CA]; FREEMAIL_ENVFROM(0.00)[videotron.ca]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FREEMAIL_FROM(0.00)[videotron.ca]; ARC_NA(0.00)[]; RCVD_COUNT_ONE(0.00)[1]; RCPT_COUNT_ONE(0.00)[1]; MLMMJ_DEST(0.00)[questions@freebsd.org]; FROM_EQ_ENVFROM(0.00)[]; FROM_HAS_DN(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; TO_DN_NONE(0.00)[]; RCVD_TLS_LAST(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DKIM_TRACE(0.00)[videotron.ca:+] X-Rspamd-Queue-Id: 4TPnnv6v8Bz4R0l This is a multipart message in MIME format. ------=_NextPart_000_00CD_01DA53CD.1E1C4060 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Have been getting a lot of problems with freebsd 14 upgrade . Please help me to solve this one: root@videotron:/usr/ports/security/openssl # make make: "/usr/ports/Mk/bsd.port.mk" line 1204: UNAME_r (14.0-RELEASE-p3) and OSVERSION (1302001) do not agree on major version number. make: stopped in /usr/ports/security/openssl You have new mail. root@videotron:/usr/ports/security/openssl # to assist in solving the issue: root@videotron:/usr/ports/security/openssl # freebsd-version -kru 14.0-RELEASE-p3 14.0-RELEASE-p3 14.0-RELEASE-p4 root@videotron:/usr/ports/security/openssl # ------=_NextPart_000_00CD_01DA53CD.1E1C4060 Content-Type: text/html; charset="US-ASCII" Content-Transfer-Encoding: quoted-printable

Have been getting a lot = of problems with freebsd 14 upgrade …

 

Please help me to solve = this one:

 

root@videotron:/usr/ports/= security/openssl # make
make: = "/usr/ports/Mk/bsd.port.mk" line 1204: UNAME_r = (14.0-RELEASE-p3) and OSVERSION (1302001) do not agree on major version = number.

make: stopped in = /usr/ports/security/openssl
You have new mail.
root@videotron:/usr/ports/security/openssl = #

to assist in solving = the issue:
root@videotron:/usr/ports/security/openssl # = freebsd-version -kru
14.0-RELEASE-p3
14.0-RELEASE-p3
14.0-RELEASE-p4
root@videotron:/usr/ports/security/openssl = #

------=_NextPart_000_00CD_01DA53CD.1E1C4060-- From nobody Wed Jan 31 05:19:59 2024 X-Original-To: questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TPr2D4KhHz58S3S for ; Wed, 31 Jan 2024 05:19:48 +0000 (UTC) (envelope-from pprocacci@gmail.com) Received: from mail-ej1-x631.google.com (mail-ej1-x631.google.com [IPv6:2a00:1450:4864:20::631]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TPr2D1L8vz4cwP for ; Wed, 31 Jan 2024 05:19:48 +0000 (UTC) (envelope-from pprocacci@gmail.com) Authentication-Results: mx1.freebsd.org; none Received: by mail-ej1-x631.google.com with SMTP id a640c23a62f3a-a2d7e2e7fe0so97655766b.1 for ; Tue, 30 Jan 2024 21:19:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1706678387; x=1707283187; darn=freebsd.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=sVgXIXrViVjSDbGnAsoqz4ChxgIRaYEIfQGTGEcnHKY=; b=L0fxjjzdeibnmUwQ1yzD73DjWOyCH76z/95NlBLk0NO/HHooEgSkEhW3ageBZGbnd6 EkK/YYrRb/0drHcpYGPyV88FCWNWuqC3R2VPck7sb+EhcGoMB16z2aJBF+ojxxZmN2RE RqeUrD0hnCNe/VciML2PaK6DPJl4mbNrdmiWyYNBvP2uRvIp9nu7yUfaSU0TCPCxXdt8 nvocb/8w/HLgk4wL21oktRuzw+0d3zQSt8oUNnveLS3TwbcSSXhBkcl1T00LSkRRpcAH GEbJaa57/N4DtQs4FoeGiHGMUXfLo/dEuUByR7rPmZCWBYZelDC3VM2zacQQwz2o/TVT c3lQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706678387; x=1707283187; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=sVgXIXrViVjSDbGnAsoqz4ChxgIRaYEIfQGTGEcnHKY=; b=p1nYlUsLh5zTazrTuxNvDLDn+fm+PYrX3pacW001iI9JAODwRe4zP9oDz+ImxlPREl 0ES4d192phtt3ucAOzNy38254epQxATTsT2iS6YOqDU1GbHIeO7AxVkG1RaUUh9loHnl IMCGdH1DLfOEEmtEOmeNto6sT0pEpoBMP6TQ0E6tNWPzSrAGevTdbsoe+Vwp35RjojaJ M/KkXKqnnk6QWXHaO/F7CIgy5yM4R37emZTglJst8xQuSKZbGBdR3ZPy79sm1FS8F6Ix fuce+BkhmCJRPcrpxJ8TGOJzWkB0QW3ikWmsbvNf8LD6Mdn79tYoEmTh7rsLyuot7uQm HGKg== X-Gm-Message-State: AOJu0YxwJ/Fp7QV0IyVyNE2cjtnsHTU+LaT2sr47MjOhmPYjDbDlvDWO BmfUZQcjod48171Xz+HJXR+SP510ijcy18dB8OqJmZf8/t+T/OhhOiVOCwuVVmyq2/VN3mz3jSJ 75+v/kRaahfSZM6ZqenbDrV1CQco84TM= X-Google-Smtp-Source: AGHT+IE9ShrgJNqsCWKHQ4UOrX7sscGKhY7/2rS+OtwaPJsHMUrfGpyE2Y/Sjh/H0Q8cxd6NeIAv6be89oPjFCpiUTM= X-Received: by 2002:a17:906:7049:b0:a36:5c45:1e09 with SMTP id r9-20020a170906704900b00a365c451e09mr518268ejj.31.1706678386356; Tue, 30 Jan 2024 21:19:46 -0800 (PST) List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 References: <00c501da53f6$222d8640$668892c0$@videotron.ca> In-Reply-To: <00c501da53f6$222d8640$668892c0$@videotron.ca> From: Paul Procacci Date: Wed, 31 Jan 2024 00:19:59 -0500 Message-ID: Subject: Re: certbot does not work To: Paul Kagan Cc: questions@freebsd.org Content-Type: multipart/alternative; boundary="000000000000f6f690061037068c" X-Rspamd-Queue-Id: 4TPr2D1L8vz4cwP X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US] --000000000000f6f690061037068c Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Tue, Jan 30, 2024 at 10:33=E2=80=AFPM Paul Kagan w= rote: > root@videotron:/usr/ports/security/openssl # > @CRYPTOGRAPHY_OPENSSL_NO_LEGACY > > @CRYPTOGRAPHY_OPENSSL_NO_LEGACY: Command not found. > > root@videotron:/usr/ports/security/openssl # setenv > CRYPTOGRAPHY_OPENSSL_NO_LEGACY=3Dyes ; certbot > > setenv: Variable name must contain alphanumeric characters. > > Traceback (most recent call last): > > File "/usr/local/bin/certbot", line 33, in > > sys.exit(load_entry_point('certbot=3D=3D2.8.0', 'console_scripts', > 'certbot')()) > > File "/usr/local/bin/certbot", line 25, in importlib_load_entry_point > > return next(matches).load() > > File "/usr/local/lib/python3.9/importlib/metadata.py", line 86, in load > > module =3D import_module(match.group('module')) > > File "/usr/local/lib/python3.9/importlib/__init__.py", line 127, in > import_module > > return _bootstrap._gcd_import(name[level:], package, level) > > File "", line 1030, in _gcd_import > > File "", line 1007, in _find_and_load > > File "", line 986, in _find_and_load_unlocke= d > > File "", line 680, in _load_unlocked > > File "", line 850, in exec_module > > File "", line 228, in > _call_with_frames_removed > > File "/usr/local/lib/python3.9/site-packages/certbot/main.py", line 6, in > > > from certbot._internal import main as internal_main > > File "/usr/local/lib/python3.9/site-packages/certbot/_internal/main.py", > line 21, in > > import josepy as jose > > File "/usr/local/lib/python3.9/site-packages/josepy/__init__.py", line 40= , > in > > from josepy.json_util import ( > > File "/usr/local/lib/python3.9/site-packages/josepy/json_util.py", line > 24, in > > from OpenSSL import crypto > > File "/usr/local/lib/python3.9/site-packages/OpenSSL/__init__.py", line 8= , > in > > from OpenSSL import SSL, crypto > > File "/usr/local/lib/python3.9/site-packages/OpenSSL/SSL.py", line 9, in > > > from OpenSSL._util import ( > > File "/usr/local/lib/python3.9/site-packages/OpenSSL/_util.py", line 6, i= n > > > from cryptography.hazmat.bindings.openssl.binding import Binding > > File > "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/open= ssl/binding.py", > line 167, in > > Binding.init_static_locks() > > File > "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/open= ssl/binding.py", > line 134, in init_static_locks > > cls._ensure_ffi_initialized() > > File > "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/open= ssl/binding.py", > line 123, in _ensure_ffi_initialized > > _legacy_provider_error(cls._legacy_provider_loaded) > > File > "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/open= ssl/binding.py", > line 43, in _legacy_provider_error > > raise RuntimeError( > > RuntimeError: OpenSSL 3.0's legacy provider failed to load. This is a > fatal error by default, but cryptography supports running without legacy > algorithms by setting the environment variable > CRYPTOGRAPHY_OPENSSL_NO_LEGACY. If you did not expect this error, you hav= e > likely made a mistake with your OpenSSL configuration. > > root@videotron:/usr/ports/security/openssl # setenv > CRYPTOGRAPHY_OPENSSL_NO_LEGACY=3Dyes ; certbot > > setenv: Variable name must contain alphanumeric characters. > > Traceback (most recent call last): > > File "/usr/local/bin/certbot", line 33, in > > sys.exit(load_entry_point('certbot=3D=3D2.8.0', 'console_scripts', > 'certbot')()) > > File "/usr/local/bin/certbot", line 25, in importlib_load_entry_point > > return next(matches).load() > > File "/usr/local/lib/python3.9/importlib/metadata.py", line 86, in load > > module =3D import_module(match.group('module')) > > File "/usr/local/lib/python3.9/importlib/__init__.py", line 127, in > import_module > > return _bootstrap._gcd_import(name[level:], package, level) > > File "", line 1030, in _gcd_import > > File "", line 1007, in _find_and_load > > File "", line 986, in _find_and_load_unlocke= d > > File "", line 680, in _load_unlocked > > File "", line 850, in exec_module > > File "", line 228, in > _call_with_frames_removed > > File "/usr/local/lib/python3.9/site-packages/certbot/main.py", line 6, in > > > from certbot._internal import main as internal_main > > File "/usr/local/lib/python3.9/site-packages/certbot/_internal/main.py", > line 21, in > > import josepy as jose > > File "/usr/local/lib/python3.9/site-packages/josepy/__init__.py", line 40= , > in > > from josepy.json_util import ( > > File "/usr/local/lib/python3.9/site-packages/josepy/json_util.py", line > 24, in > > from OpenSSL import crypto > > File "/usr/local/lib/python3.9/site-packages/OpenSSL/__init__.py", line 8= , > in > > from OpenSSL import SSL, crypto > > File "/usr/local/lib/python3.9/site-packages/OpenSSL/SSL.py", line 9, in > > > from OpenSSL._util import ( > > File "/usr/local/lib/python3.9/site-packages/OpenSSL/_util.py", line 6, i= n > > > from cryptography.hazmat.bindings.openssl.binding import Binding > > File > "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/open= ssl/binding.py", > line 167, in > > Binding.init_static_locks() > > File > "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/open= ssl/binding.py", > line 134, in init_static_locks > > cls._ensure_ffi_initialized() > > File > "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/open= ssl/binding.py", > line 123, in _ensure_ffi_initialized > > _legacy_provider_error(cls._legacy_provider_loaded) > > File > "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/open= ssl/binding.py", > line 43, in _legacy_provider_error > > raise RuntimeError( > > RuntimeError: OpenSSL 3.0's legacy provider failed to load. This is a > fatal error by default, but cryptography supports running without legacy > algorithms by setting the environment variable > CRYPTOGRAPHY_OPENSSL_NO_LEGACY. If you did not expect this error, you hav= e > likely made a mistake with your OpenSSL configuration. > > root@videotron:/usr/ports/security/openssl # > What is your shell? setenv is a csh builtin. The default shell was changed to /bin/ss. Did you account for this change? ~Paul --=20 __________________ :(){ :|:& };: --000000000000f6f690061037068c Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable


On Tue, Jan 30, 2024 at 10:33=E2= =80=AFPM Paul Kagan <pkagan@video= tron.ca> wrote:
=

root@videotron:/usr/ports/security/openssl # @CRYPTO= GRAPHY_OPENSSL_NO_LEGACY

@CRYPTOGRA= PHY_OPENSSL_NO_LEGACY: Command not found.

root@videotron:/usr/ports/security/openssl # setenv CRYPTOGRAPHY_OPE= NSSL_NO_LEGACY=3Dyes ; certbot

sete= nv: Variable name must contain alphanumeric characters.

Traceback (most recent call last):

File "/usr/local/bin/certbot", line 33, in &= lt;module>

sys.exit(load_entry_p= oint('certbot=3D=3D2.8.0', 'console_scripts', 'certbot&= #39;)())

File "/usr/local/bin/= certbot", line 25, in importlib_load_entry_point

return next(matches).load()

File "/usr/local/lib/python3.9/importlib/metadata.py"= , line 86, in load

module =3D impor= t_module(match.group('module'))

File "/usr/local/lib/python3.9/importlib/__init__.py", line = 127, in import_module

return _boots= trap._gcd_import(name[level:], package, level)

File "<frozen importlib._bootstrap>", line 1030= , in _gcd_import

File "<fro= zen importlib._bootstrap>", line 1007, in _find_and_load<= /u>

File "<frozen importlib._bootstrap>= ;", line 986, in _find_and_load_unlocked

File "<frozen importlib._bootstrap>", line 680, = in _load_unlocked

File "<fr= ozen importlib._bootstrap_external>", line 850, in exec_module

File "<frozen importlib._bootst= rap>", line 228, in _call_with_frames_removed

File "/usr/local/lib/python3.9/site-packages/certbo= t/main.py", line 6, in <module>

from certbot._internal import main as internal_main

File "/usr/local/lib/python3.9/site-packages/= certbot/_internal/main.py", line 21, in <module>

import josepy as jose

File "/usr/local/lib/python3.9/site-packages/josepy/__init= __.py", line 40, in <module>

from josepy.json_util import (

File "/usr/local/lib/python3.9/site-packages/josepy/json_util.py"= ;, line 24, in <module>

from = OpenSSL import crypto

File "/u= sr/local/lib/python3.9/site-packages/OpenSSL/__init__.py", line 8, in = <module>

from OpenSSL import = SSL, crypto

File "/usr/local/l= ib/python3.9/site-packages/OpenSSL/SSL.py", line 9, in <module><= u>

from OpenSSL._util import (<= u>

File "/usr/local/lib/python3.9/site-p= ackages/OpenSSL/_util.py", line 6, in <module>

=

from cryptography.hazmat.bindings.openssl.binding im= port Binding

File "/usr/local/= lib/python3.9/site-packages/cryptography/hazmat/bindings/openssl/binding.py= ", line 167, in <module>

Binding.init_static_locks()

File &= quot;/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/op= enssl/binding.py", line 134, in init_static_locks

cls._ensure_ffi_initialized()

File "/usr/local/lib/python3.9/site-packages/cryptograp= hy/hazmat/bindings/openssl/binding.py", line 123, in _ensure_ffi_initi= alized

_legacy_provider_error(cls._= legacy_provider_loaded)

File "= /usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/openssl= /binding.py", line 43, in _legacy_provider_error

raise RuntimeError(

RuntimeError: OpenSSL 3.0's legacy provider failed to load. This is= a fatal error by default, but cryptography supports running without legacy= algorithms by setting the environment variable CRYPTOGRAPHY_OPENSSL_NO_LEG= ACY. If you did not expect this error, you have likely made a mistake with = your OpenSSL configuration.

root@vi= deotron:/usr/ports/security/openssl # setenv CRYPTOGRAPHY_OPENSSL_NO_LEGACY= =3Dyes ; certbot

setenv: Variable n= ame must contain alphanumeric characters.

Traceback (most recent call last):

File "/usr/local/bin/certbot", line 33, in <module><= u>

sys.exit(load_entry_point('cert= bot=3D=3D2.8.0', 'console_scripts', 'certbot')())

File "/usr/local/bin/certbot",= line 25, in importlib_load_entry_point

return next(matches).load()

Fi= le "/usr/local/lib/python3.9/importlib/metadata.py", line 86, in = load

module =3D import_module(match= .group('module'))

File &quo= t;/usr/local/lib/python3.9/importlib/__init__.py", line 127, in import= _module

return _bootstrap._gcd_impo= rt(name[level:], package, level)

Fi= le "<frozen importlib._bootstrap>", line 1030, in _gcd_impo= rt

File "<frozen importlib.= _bootstrap>", line 1007, in _find_and_load

File "<frozen importlib._bootstrap>", line = 986, in _find_and_load_unlocked

Fil= e "<frozen importlib._bootstrap>", line 680, in _load_unloc= ked

File "<frozen importlib= ._bootstrap_external>", line 850, in exec_module

<= p class=3D"MsoNormal">File "<frozen importlib._bootstrap>",= line 228, in _call_with_frames_removed

File "/usr/local/lib/python3.9/site-packages/certbot/main.py"= ;, line 6, in <module>

from c= ertbot._internal import main as internal_main

File "/usr/local/lib/python3.9/site-packages/certbot/_inter= nal/main.py", line 21, in <module>

import josepy as jose

Fi= le "/usr/local/lib/python3.9/site-packages/josepy/__init__.py", l= ine 40, in <module>

from jose= py.json_util import (

File "/u= sr/local/lib/python3.9/site-packages/josepy/json_util.py", line 24, in= <module>

from OpenSSL import= crypto

File "/usr/local/lib/p= ython3.9/site-packages/OpenSSL/__init__.py", line 8, in <module>=

from OpenSSL import SSL, crypto=

File "/usr/local/lib/python3.9/s= ite-packages/OpenSSL/SSL.py", line 9, in <module><= /p>

from OpenSSL._util import (

File "/usr/local/lib/python3.9/site-packages/OpenSS= L/_util.py", line 6, in <module>

from cryptography.hazmat.bindings.openssl.binding import Binding

File "/usr/local/lib/python3.9/= site-packages/cryptography/hazmat/bindings/openssl/binding.py", line 1= 67, in <module>

Binding.init_= static_locks()

File "/usr/loca= l/lib/python3.9/site-packages/cryptography/hazmat/bindings/openssl/binding.= py", line 134, in init_static_locks

cls._ensure_ffi_initialized()

File "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bind= ings/openssl/binding.py", line 123, in _ensure_ffi_initialized<= u>

_legacy_provider_error(cls._legacy_provide= r_loaded)

File "/usr/local/lib= /python3.9/site-packages/cryptography/hazmat/bindings/openssl/binding.py&qu= ot;, line 43, in _legacy_provider_error

raise RuntimeError(

RuntimeErr= or: OpenSSL 3.0's legacy provider failed to load. This is a fatal error= by default, but cryptography supports running without legacy algorithms by= setting the environment variable CRYPTOGRAPHY_OPENSSL_NO_LEGACY. If you di= d not expect this error, you have likely made a mistake with your OpenSSL c= onfiguration.

root@videotron:/usr/p= orts/security/openssl #


What is your shell?
setenv is a csh buil= tin.
The default shell was changed to /bin/ss.=C2=A0 Did you acco= unt for this change?

~Paul

--
__________________

:(){ :|:& };:
--000000000000f6f690061037068c-- From nobody Wed Jan 31 05:21:26 2024 X-Original-To: questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TPr3x0zYZz58Ry8 for ; Wed, 31 Jan 2024 05:21:17 +0000 (UTC) (envelope-from pprocacci@gmail.com) Received: from mail-ej1-x636.google.com (mail-ej1-x636.google.com [IPv6:2a00:1450:4864:20::636]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TPr3v6SZ0z4fSj for ; Wed, 31 Jan 2024 05:21:15 +0000 (UTC) (envelope-from pprocacci@gmail.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20230601 header.b=LAxdqo7D; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of pprocacci@gmail.com designates 2a00:1450:4864:20::636 as permitted sender) smtp.mailfrom=pprocacci@gmail.com Received: by mail-ej1-x636.google.com with SMTP id a640c23a62f3a-a35385da5bbso628845366b.3 for ; Tue, 30 Jan 2024 21:21:15 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1706678473; x=1707283273; darn=freebsd.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=22KwKbtywQ0qoMBvbIxeEb6QCSLUHnVxdivV5cjiQso=; b=LAxdqo7D+PAOL19y8vRToZvPLQOVO5XpqoR35O20/L53NCor4T8HFyBIXI0TJh4Riz 4YVJn1WSxbT83o81GIulrt846oToozNTTuywVkpW8Y8jQmTztW8ryQj6mn5ftKROIE0b j9tM/xMfkzrUM/65L7thTEu18Z1ww5cPrnbV2v2sVr4D2wYRUR8djrhsQIXw+Jfa4Xkd o7FeFviSfdX5YawTE5m+Dc/6i4/S9ThcVIz5uw9UK0p+vbpD4q7Beb1rgeppbjNr7Pk2 /DjYdyfsOMPbx1ljOnnK93czcaTOZLac7npUZqUX3ukJD5r/PLHrnJUZ2yfLnUmqn9OG ktxw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706678473; x=1707283273; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=22KwKbtywQ0qoMBvbIxeEb6QCSLUHnVxdivV5cjiQso=; b=ZMbtQay6Zh+vqJjNAlBBNpT3+4yIbILyZGI44wskd3nhF9KEcNQn8ohhlr67jHkoZ6 weglUFZmUcOeO1iarU6zpxXg7a8yAh0zZyd/05kFQEHY1pByWfeJml4Pq9Jy/aI/rESl reFDgntECWAB3dryfrRfb4GeaxY+Bx5Xeox+hAEwSerNESQcrj/QwXbiyoGiHIoW+H5A 5fNcCxEA2VqNDNd+fyO+TQ/RwRSCPOFfSpTZRfSiCUqz4crJLH7HMi9bbuNHI7ni5C4B mBrYmK1DwlovzhQpOE6pK7U92KeWJpFxyKpRwtojS9JoAfpaOpdb1z4X/UNVdfG2JNl+ knVg== X-Gm-Message-State: AOJu0YwX5/goUjRR1T49ICKea2jDw+0IN9q4FSwqBfu3S/XruESF7jXB S7f0f+7GnQGm4ZV8AmZjwWjNfhuG9NOmASMJc9JD9ATBO8xmWAqc3NxwKK+ebfVI/FjoGiZU0vk fqRGpfZt4XOlC2eN1LN3cCF6TdAhtgs0= X-Google-Smtp-Source: AGHT+IHWlBTJUQ+ZRJ4TgyLuO78X17GfXlDWn4z5uu/B+4NhYRk5tnYGVeua9uCgV0+xFKl5Nv9WdNIT1MCi8NWgvLE= X-Received: by 2002:a17:906:f296:b0:a30:e4d8:2e46 with SMTP id gu22-20020a170906f29600b00a30e4d82e46mr310692ejb.20.1706678473500; Tue, 30 Jan 2024 21:21:13 -0800 (PST) List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 References: <00c501da53f6$222d8640$668892c0$@videotron.ca> In-Reply-To: From: Paul Procacci Date: Wed, 31 Jan 2024 00:21:26 -0500 Message-ID: Subject: Re: certbot does not work To: Paul Kagan Cc: questions@freebsd.org Content-Type: multipart/alternative; boundary="00000000000028ade70610370c1d" X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.21 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-0.21)[-0.211]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20230601]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; FREEMAIL_TO(0.00)[videotron.ca]; RCPT_COUNT_TWO(0.00)[2]; ARC_NA(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; RCVD_TLS_LAST(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; TO_DN_SOME(0.00)[]; FROM_HAS_DN(0.00)[]; MISSING_XM_UA(0.00)[]; FREEMAIL_ENVFROM(0.00)[gmail.com]; PREVIOUSLY_DELIVERED(0.00)[questions@freebsd.org]; TO_MATCH_ENVRCPT_SOME(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; MID_RHS_MATCH_FROMTLD(0.00)[]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; MLMMJ_DEST(0.00)[questions@freebsd.org]; RCVD_COUNT_ONE(0.00)[1]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::636:from] X-Rspamd-Queue-Id: 4TPr3v6SZ0z4fSj --00000000000028ade70610370c1d Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable On Wed, Jan 31, 2024 at 12:19=E2=80=AFAM Paul Procacci wrote: > > > On Tue, Jan 30, 2024 at 10:33=E2=80=AFPM Paul Kagan = wrote: > >> root@videotron:/usr/ports/security/openssl # >> @CRYPTOGRAPHY_OPENSSL_NO_LEGACY >> >> @CRYPTOGRAPHY_OPENSSL_NO_LEGACY: Command not found. >> >> root@videotron:/usr/ports/security/openssl # setenv >> CRYPTOGRAPHY_OPENSSL_NO_LEGACY=3Dyes ; certbot >> >> setenv: Variable name must contain alphanumeric characters. >> >> Traceback (most recent call last): >> >> File "/usr/local/bin/certbot", line 33, in >> >> sys.exit(load_entry_point('certbot=3D=3D2.8.0', 'console_scripts', >> 'certbot')()) >> >> File "/usr/local/bin/certbot", line 25, in importlib_load_entry_point >> >> return next(matches).load() >> >> File "/usr/local/lib/python3.9/importlib/metadata.py", line 86, in load >> >> module =3D import_module(match.group('module')) >> >> File "/usr/local/lib/python3.9/importlib/__init__.py", line 127, in >> import_module >> >> return _bootstrap._gcd_import(name[level:], package, level) >> >> File "", line 1030, in _gcd_import >> >> File "", line 1007, in _find_and_load >> >> File "", line 986, in _find_and_load_unlock= ed >> >> File "", line 680, in _load_unlocked >> >> File "", line 850, in exec_module >> >> File "", line 228, in >> _call_with_frames_removed >> >> File "/usr/local/lib/python3.9/site-packages/certbot/main.py", line 6, i= n >> >> >> from certbot._internal import main as internal_main >> >> File "/usr/local/lib/python3.9/site-packages/certbot/_internal/main.py", >> line 21, in >> >> import josepy as jose >> >> File "/usr/local/lib/python3.9/site-packages/josepy/__init__.py", line >> 40, in >> >> from josepy.json_util import ( >> >> File "/usr/local/lib/python3.9/site-packages/josepy/json_util.py", line >> 24, in >> >> from OpenSSL import crypto >> >> File "/usr/local/lib/python3.9/site-packages/OpenSSL/__init__.py", line >> 8, in >> >> from OpenSSL import SSL, crypto >> >> File "/usr/local/lib/python3.9/site-packages/OpenSSL/SSL.py", line 9, in >> >> >> from OpenSSL._util import ( >> >> File "/usr/local/lib/python3.9/site-packages/OpenSSL/_util.py", line 6, >> in >> >> from cryptography.hazmat.bindings.openssl.binding import Binding >> >> File >> "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/ope= nssl/binding.py", >> line 167, in >> >> Binding.init_static_locks() >> >> File >> "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/ope= nssl/binding.py", >> line 134, in init_static_locks >> >> cls._ensure_ffi_initialized() >> >> File >> "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/ope= nssl/binding.py", >> line 123, in _ensure_ffi_initialized >> >> _legacy_provider_error(cls._legacy_provider_loaded) >> >> File >> "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/ope= nssl/binding.py", >> line 43, in _legacy_provider_error >> >> raise RuntimeError( >> >> RuntimeError: OpenSSL 3.0's legacy provider failed to load. This is a >> fatal error by default, but cryptography supports running without legacy >> algorithms by setting the environment variable >> CRYPTOGRAPHY_OPENSSL_NO_LEGACY. If you did not expect this error, you ha= ve >> likely made a mistake with your OpenSSL configuration. >> >> root@videotron:/usr/ports/security/openssl # setenv >> CRYPTOGRAPHY_OPENSSL_NO_LEGACY=3Dyes ; certbot >> >> setenv: Variable name must contain alphanumeric characters. >> >> Traceback (most recent call last): >> >> File "/usr/local/bin/certbot", line 33, in >> >> sys.exit(load_entry_point('certbot=3D=3D2.8.0', 'console_scripts', >> 'certbot')()) >> >> File "/usr/local/bin/certbot", line 25, in importlib_load_entry_point >> >> return next(matches).load() >> >> File "/usr/local/lib/python3.9/importlib/metadata.py", line 86, in load >> >> module =3D import_module(match.group('module')) >> >> File "/usr/local/lib/python3.9/importlib/__init__.py", line 127, in >> import_module >> >> return _bootstrap._gcd_import(name[level:], package, level) >> >> File "", line 1030, in _gcd_import >> >> File "", line 1007, in _find_and_load >> >> File "", line 986, in _find_and_load_unlock= ed >> >> File "", line 680, in _load_unlocked >> >> File "", line 850, in exec_module >> >> File "", line 228, in >> _call_with_frames_removed >> >> File "/usr/local/lib/python3.9/site-packages/certbot/main.py", line 6, i= n >> >> >> from certbot._internal import main as internal_main >> >> File "/usr/local/lib/python3.9/site-packages/certbot/_internal/main.py", >> line 21, in >> >> import josepy as jose >> >> File "/usr/local/lib/python3.9/site-packages/josepy/__init__.py", line >> 40, in >> >> from josepy.json_util import ( >> >> File "/usr/local/lib/python3.9/site-packages/josepy/json_util.py", line >> 24, in >> >> from OpenSSL import crypto >> >> File "/usr/local/lib/python3.9/site-packages/OpenSSL/__init__.py", line >> 8, in >> >> from OpenSSL import SSL, crypto >> >> File "/usr/local/lib/python3.9/site-packages/OpenSSL/SSL.py", line 9, in >> >> >> from OpenSSL._util import ( >> >> File "/usr/local/lib/python3.9/site-packages/OpenSSL/_util.py", line 6, >> in >> >> from cryptography.hazmat.bindings.openssl.binding import Binding >> >> File >> "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/ope= nssl/binding.py", >> line 167, in >> >> Binding.init_static_locks() >> >> File >> "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/ope= nssl/binding.py", >> line 134, in init_static_locks >> >> cls._ensure_ffi_initialized() >> >> File >> "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/ope= nssl/binding.py", >> line 123, in _ensure_ffi_initialized >> >> _legacy_provider_error(cls._legacy_provider_loaded) >> >> File >> "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/ope= nssl/binding.py", >> line 43, in _legacy_provider_error >> >> raise RuntimeError( >> >> RuntimeError: OpenSSL 3.0's legacy provider failed to load. This is a >> fatal error by default, but cryptography supports running without legacy >> algorithms by setting the environment variable >> CRYPTOGRAPHY_OPENSSL_NO_LEGACY. If you did not expect this error, you ha= ve >> likely made a mistake with your OpenSSL configuration. >> >> root@videotron:/usr/ports/security/openssl # >> > > What is your shell? > setenv is a csh builtin. > The default shell was changed to /bin/ss. Did you account for this chang= e? > > ~Paul > > -- > __________________ > > :(){ :|:& };: > Sorry, I quite literally just woke up. The default shell was changed to /bin/sh. ~Paul --=20 __________________ :(){ :|:& };: --00000000000028ade70610370c1d Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable


On Wed, Jan 31, 2024 at 12:19=E2= =80=AFAM Paul Procacci <pprocacci= @gmail.com> wrote:


On Tue, Jan 30, 2024= at 10:33=E2=80=AFPM Paul Kagan <pkagan@videotron.ca> wrote:

root@videotron:/usr/ports/security/openssl # @CRYPTOGRAPHY_OPEN= SSL_NO_LEGACY

@CRYPTOGRAPHY_OPENSSL= _NO_LEGACY: Command not found.

root= @videotron:/usr/ports/security/openssl # setenv CRYPTOGRAPHY_OPENSSL_NO_LEG= ACY=3Dyes ; certbot

setenv: Variabl= e name must contain alphanumeric characters.

Traceback (most recent call last):

File "/usr/local/bin/certbot", line 33, in <module&g= t;

sys.exit(load_entry_point('c= ertbot=3D=3D2.8.0', 'console_scripts', 'certbot')())=

File "/usr/local/bin/certbot&quo= t;, line 25, in importlib_load_entry_point

return next(matches).load()

File "/usr/local/lib/python3.9/importlib/metadata.py", line 86, = in load

module =3D import_module(ma= tch.group('module'))

File &= quot;/usr/local/lib/python3.9/importlib/__init__.py", line 127, in imp= ort_module

return _bootstrap._gcd_i= mport(name[level:], package, level)

File "<frozen importlib._bootstrap>", line 1030, in _gcd_i= mport

File "<frozen importl= ib._bootstrap>", line 1007, in _find_and_load

File "<frozen importlib._bootstrap>", li= ne 986, in _find_and_load_unlocked

= File "<frozen importlib._bootstrap>", line 680, in _load_un= locked

File "<frozen import= lib._bootstrap_external>", line 850, in exec_module

File "<frozen importlib._bootstrap>&quo= t;, line 228, in _call_with_frames_removed

File "/usr/local/lib/python3.9/site-packages/certbot/main.py&q= uot;, line 6, in <module>

fro= m certbot._internal import main as internal_main

File "/usr/local/lib/python3.9/site-packages/certbot/_i= nternal/main.py", line 21, in <module>

import josepy as jose

File "/usr/local/lib/python3.9/site-packages/josepy/__init__.py"= ;, line 40, in <module>

from = josepy.json_util import (

File &quo= t;/usr/local/lib/python3.9/site-packages/josepy/json_util.py", line 24= , in <module>

from OpenSSL im= port crypto

File "/usr/local/l= ib/python3.9/site-packages/OpenSSL/__init__.py", line 8, in <module= >

from OpenSSL import SSL, crypt= o

File "/usr/local/lib/python3= .9/site-packages/OpenSSL/SSL.py", line 9, in <module><= /u>

from OpenSSL._util import (

=

File "/usr/local/lib/python3.9/site-packages/Op= enSSL/_util.py", line 6, in <module>

from cryptography.hazmat.bindings.openssl.binding import Bin= ding

File "/usr/local/lib/pyth= on3.9/site-packages/cryptography/hazmat/bindings/openssl/binding.py", = line 167, in <module>

Binding= .init_static_locks()

File "/us= r/local/lib/python3.9/site-packages/cryptography/hazmat/bindings/openssl/bi= nding.py", line 134, in init_static_locks

cls._ensure_ffi_initialized()

File "/usr/local/lib/python3.9/site-packages/cryptography/hazma= t/bindings/openssl/binding.py", line 123, in _ensure_ffi_initialized

_legacy_provider_error(cls._legacy_p= rovider_loaded)

File "/usr/loc= al/lib/python3.9/site-packages/cryptography/hazmat/bindings/openssl/binding= .py", line 43, in _legacy_provider_error

raise RuntimeError(

Runt= imeError: OpenSSL 3.0's legacy provider failed to load. This is a fatal= error by default, but cryptography supports running without legacy algorit= hms by setting the environment variable CRYPTOGRAPHY_OPENSSL_NO_LEGACY. If = you did not expect this error, you have likely made a mistake with your Ope= nSSL configuration.

root@videotron:= /usr/ports/security/openssl # setenv CRYPTOGRAPHY_OPENSSL_NO_LEGACY=3Dyes ;= certbot

setenv: Variable name must= contain alphanumeric characters.

T= raceback (most recent call last):

F= ile "/usr/local/bin/certbot", line 33, in <module>

sys.exit(load_entry_point('certbot=3D= =3D2.8.0', 'console_scripts', 'certbot')())

File "/usr/local/bin/certbot", line = 25, in importlib_load_entry_point

r= eturn next(matches).load()

File &qu= ot;/usr/local/lib/python3.9/importlib/metadata.py", line 86, in load

module =3D import_module(match.group= ('module'))

File "/usr= /local/lib/python3.9/importlib/__init__.py", line 127, in import_modul= e

return _bootstrap._gcd_import(nam= e[level:], package, level)

File &qu= ot;<frozen importlib._bootstrap>", line 1030, in _gcd_import<= /u>

File "<frozen importlib._boots= trap>", line 1007, in _find_and_load

File "<frozen importlib._bootstrap>", line 986, i= n _find_and_load_unlocked

File &quo= t;<frozen importlib._bootstrap>", line 680, in _load_unlocked=

File "<frozen importlib._boot= strap_external>", line 850, in exec_module

File "<frozen importlib._bootstrap>", line = 228, in _call_with_frames_removed

F= ile "/usr/local/lib/python3.9/site-packages/certbot/main.py", lin= e 6, in <module>

from certbot= ._internal import main as internal_main

File "/usr/local/lib/python3.9/site-packages/certbot/_internal/ma= in.py", line 21, in <module>

import josepy as jose

File &qu= ot;/usr/local/lib/python3.9/site-packages/josepy/__init__.py", line 40= , in <module>

from josepy.jso= n_util import (

File "/usr/loc= al/lib/python3.9/site-packages/josepy/json_util.py", line 24, in <m= odule>

from OpenSSL import crypt= o

File "/usr/local/lib/python3= .9/site-packages/OpenSSL/__init__.py", line 8, in <module>

from OpenSSL import SSL, crypto

File "/usr/local/lib/python3.9/site-pa= ckages/OpenSSL/SSL.py", line 9, in <module>

from OpenSSL._util import (

File "/usr/local/lib/python3.9/site-packages/OpenSSL/_u= til.py", line 6, in <module>

from cryptography.hazmat.bindings.openssl.binding import Binding

File "/usr/local/lib/python3.9/site= -packages/cryptography/hazmat/bindings/openssl/binding.py", line 167, = in <module>

Binding.init_stat= ic_locks()

File "/usr/local/li= b/python3.9/site-packages/cryptography/hazmat/bindings/openssl/binding.py&q= uot;, line 134, in init_static_locks

cls._ensure_ffi_initialized()

Fil= e "/usr/local/lib/python3.9/site-packages/cryptography/hazmat/bindings= /openssl/binding.py", line 123, in _ensure_ffi_initialized

_legacy_provider_error(cls._legacy_provider_lo= aded)

File "/usr/local/lib/pyt= hon3.9/site-packages/cryptography/hazmat/bindings/openssl/binding.py",= line 43, in _legacy_provider_error

raise RuntimeError(

RuntimeError: = OpenSSL 3.0's legacy provider failed to load. This is a fatal error by = default, but cryptography supports running without legacy algorithms by set= ting the environment variable CRYPTOGRAPHY_OPENSSL_NO_LEGACY. If you did no= t expect this error, you have likely made a mistake with your OpenSSL confi= guration.

root@videotron:/usr/ports= /security/openssl #

<= br clear=3D"all">
What is your shell?
setenv is a csh builtin.=
The default shell was changed to /bin/ss.=C2=A0 Did you account = for this change?

~Paul

--
__________________

:(){ :|:& };:

Sorry, I quite literally ju= st woke up.=C2=A0 The default shell was changed to /bin/sh.

<= /div>
~Paul
--
__________________
:(){ :|:& };:
--00000000000028ade70610370c1d-- From nobody Wed Jan 31 06:15:08 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TPsG90DpMz58XV7 for ; Wed, 31 Jan 2024 06:15:13 +0000 (UTC) (envelope-from paulf@quillandmouse.com) Received: from hedgehog.birch.relay.mailchannels.net (hedgehog.birch.relay.mailchannels.net [23.83.209.81]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TPsG80gbtz4lCL for ; Wed, 31 Jan 2024 06:15:11 +0000 (UTC) (envelope-from paulf@quillandmouse.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=quillandmouse.com header.s=dreamhost header.b=lqEYthlH; arc=pass ("mailchannels.net:s=arc-2022:i=1"); dmarc=none; spf=pass (mx1.freebsd.org: domain of paulf@quillandmouse.com designates 23.83.209.81 as permitted sender) smtp.mailfrom=paulf@quillandmouse.com X-Sender-Id: dreamhost|x-authsender|paulf@quillandmouse.com Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id D810B4C2E13 for ; Wed, 31 Jan 2024 06:15:09 +0000 (UTC) Received: from pdx1-sub0-mail-a222.dreamhost.com (unknown [127.0.0.6]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id 7C9784C369A for ; Wed, 31 Jan 2024 06:15:09 +0000 (UTC) ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1706681709; a=rsa-sha256; cv=none; b=ebWME+uT9ok1fTCj0LRze0fZVceNKx4e1MM8Nkf25eLYyeJfI5kcG2+pgMtEFdPTGArsiZ suoLzB5brKb/jumlHer218KfFSXymwrAUgQaG6erqNO0cJL1gRa3pnioDk89GZ+QN5MWgY N+DvOTuU8T9EtHin0L0xZeC41/O7CZnGKfKQUlBg07mrwN4+HQRTGKmHCdT1Qcn8axbWCZ sx6XxEiGzp8NzW+70/CpJvZDxv35ajhxgw5cGjECH1qCuFJBZyRtrSWK3vSa2yTBwlNWXG HtzDK3DM42UhKc5IBDcNNRXdePCEsnV0sVQWLersy+5+6YBFKn+ad136RddSnQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1706681709; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:dkim-signature; bh=NGo9MG6W4quiKFDYhfIf2zCMs87RNRvlLVmv0AS4nKE=; b=Bpo3nV0YtBW3N+/xkknCW6GmIX+qLdvvJoiYBv31m1yjY24X8mcbp9I+wkmeqbfHzLtYPL M9qz7vXwbN6vFk0lhgSJ6Wzn02u8IRVy1Y7yg05EnVXarxhaYaJcjGMfGIPyy5yqEvdMPE wri7bgtAHoh5qbSf7NTR/hOAsfZVaS382J5+DArHRhJGOyX2QBW3BWuoJIWCes/xg+eDil yhPDYETUHxpAuNOiDSulBiCJ8ECUdteea99Y7IrLJT+Lnp0sqKPXDj8Ii/bgzICzvufK2K 0ccn5n8lHkHOvAP5JbzBISX2Ii+1hoisN/UyvW5CF71xUHjDuZZO+MmJgdAn9A== ARC-Authentication-Results: i=1; rspamd-55b4bfd7cb-ckgvk; auth=pass smtp.auth=dreamhost smtp.mailfrom=paulf@quillandmouse.com X-Sender-Id: dreamhost|x-authsender|paulf@quillandmouse.com X-MC-Relay: Neutral X-MailChannels-SenderId: dreamhost|x-authsender|paulf@quillandmouse.com X-MailChannels-Auth-Id: dreamhost X-Celery-Soft: 161c4bf319380d46_1706681709736_2744882919 X-MC-Loop-Signature: 1706681709736:4050277880 X-MC-Ingress-Time: 1706681709736 Received: from pdx1-sub0-mail-a222.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.126.230.231 (trex/6.9.2); Wed, 31 Jan 2024 06:15:09 +0000 Received: from yosemite.mars.lan (unknown [47.205.190.127]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: paulf@quillandmouse.com) by pdx1-sub0-mail-a222.dreamhost.com (Postfix) with ESMTPSA id 4TPsG52Q5Kz83 for ; Tue, 30 Jan 2024 22:15:09 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quillandmouse.com; s=dreamhost; t=1706681709; bh=NGo9MG6W4quiKFDYhfIf2zCMs87RNRvlLVmv0AS4nKE=; h=Date:From:To:Subject:Reply-To:Content-Type; b=lqEYthlHAKkYiC5agjV1FOAVvhjxW+Iu3dXB08n3v9jnSO/ElSpQEHowzFg6L8d8F RZPkyenp8D2QeZgvfm5pTf7UQwNK7eFsCZaVD3q3SHjOw1pK9A3BZ7E1Pnn1DUNh7o xEE9Jz7KueXHT9btXGJAziiznnurLMMwuTYFh1PdaNFOAiAsByKkf6zUQ9XA45zWfi NbjYKMTnUOrKOjryW5CmMzOFoHruchrf9g3IrveRwwsKH0+RgLtUXtRGOklLnpHaq+ 6DvZAgwkr3i/1bdxXSFXTyjO2qxglDKLuMCYDfesoG+96xD9WeayqbJgveH2Vfxkqw 8Q0OtsbkzA3Hw== Received: from paulf by yosemite.mars.lan with local (Exim 4.96) (envelope-from ) id 1rV3sK-0062Zd-10 for freebsd-questions@freebsd.org; Wed, 31 Jan 2024 01:15:08 -0500 Date: Wed, 31 Jan 2024 01:15:08 -0500 From: Paul M Foster To: freebsd-questions@freebsd.org Subject: Unable to git clone ports collection Message-ID: <20240131061508.5nttnygaqrwvm6xi@yosemite.mars.lan> Reply-To: paulf@quillandmouse.com Mail-Followup-To: freebsd-questions@freebsd.org List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.32 / 15.00]; ARC_ALLOW(-1.00)[mailchannels.net:s=arc-2022:i=1]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-0.72)[-0.717]; R_SPF_ALLOW(-0.20)[+ip4:23.83.208.0/20]; R_DKIM_ALLOW(-0.20)[quillandmouse.com:s=dreamhost]; MIME_GOOD(-0.10)[text/plain]; RWL_MAILSPIKE_GOOD(-0.10)[23.83.209.81:from]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DKIM_TRACE(0.00)[quillandmouse.com:+]; DMARC_NA(0.00)[quillandmouse.com]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; MISSING_XM_UA(0.00)[]; FROM_HAS_DN(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[23.83.209.81:from]; RCVD_COUNT_FIVE(0.00)[5]; REPLYTO_ADDR_EQ_FROM(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; ASN(0.00)[asn:36483, ipnet:23.83.208.0/21, country:CA]; TO_DN_NONE(0.00)[]; MLMMJ_DEST(0.00)[freebsd-questions@freebsd.org]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; RCVD_VIA_SMTP_AUTH(0.00)[]; HAS_REPLYTO(0.00)[paulf@quillandmouse.com] X-Rspamd-Queue-Id: 4TPsG80gbtz4lCL Folks: I'm following the docs at docs.freebsd.org. There's a line which dictates: git clone https://git.freebsd.org/ports.git /usr/ports This results in a redirection error. The error: Cloning into '/usr/ports' fatal: unable to update url base from redirection: asked for: https://git.freebsd.org/ports.git/info/refs?service=git-upload-pack redirect: https://cgit.freebsd.org/ports Nothing is downloaded at /usr/ports and in fact the directory doesn't exist. Normally I would suspect I did something wrong, but this more like the docs haven't been updated, or things moved unexpectedly. Any clues? Paul -- Paul M. Foster Personal Blog: http://noferblatz.com Company Site: http://quillandmouse.com Software Projects: https://gitlab.com/paulmfoster From nobody Wed Jan 31 06:22:33 2024 X-Original-To: questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TPsbv3RDNz58YnD for ; Wed, 31 Jan 2024 06:30:35 +0000 (UTC) (envelope-from pkagan@videotron.ca) Received: from alt12.smtp-out.videotron.ca (alt12.smtp-out.videotron.ca [135.19.0.25]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "vl-vm-csp056.ip.videotron.ca", Issuer "int-SNINTCAP1-CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TPsbv1R9bz4mxp for ; Wed, 31 Jan 2024 06:30:35 +0000 (UTC) (envelope-from pkagan@videotron.ca) Authentication-Results: mx1.freebsd.org; none Received: from videotron.ca ([10.23.87.22]) by Videotron with ESMTP id V3zVrFuTveXspV3zVrkekb; Wed, 31 Jan 2024 01:22:33 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=videotron.ca; s=s1; t=1706682153; bh=J21T8aZfCY+CvWnHbZ81iL1Wu0U36LaXzZh5ONaVyR8=; h=From:To:Cc:Date:Subject:In-Reply-To:References; b=aZfo2tCiKCqKuc4Gqe624CcMTIOSZv5xxgaGsVdTXXHjyvj2p8KW70tlGZbQ8FmpV 8xd/wmE5pUPuO1CjRNg+lExd4uAA4qMCJ9P2QKEMcUxh2SxWzB2ubYDKTEiIysx2v6 GCUTlzSthAc51JehIipaRvB8mZy/Zp5PABrIa3TWFYsxyru1LRK5csfAtK6iR95R4t ykop9ielXxxXPpleOhPNKtr2TcPB0ahPsm81Tq3+73BYh14Slzmiol6BPmQxU/O0cT ze3hmiKjaeQfYQ5sy1waRDfacFGAvSuW+CRdvtEjszhz5Rf8noFywpRR+rKyRvYByT b7NLAoEUkv4eg== X-Authority-Analysis: v=2.4 cv=fYhriWcF c=1 sm=1 tr=0 ts=65b9e729 a=XLKDa1dvwskvRpGt32uEXQ==:117 a=L288NTmOKCdYeLypifJNVw==:17 a=dEuoMetlWLkA:10 a=r77TgQKjGQsHNAKrUKIA:9 a=pGLkceISAAAA:8 a=aE0cJvjpAAAA:8 a=irT6Xvgwaw9eXvQHcZkA:9 a=QEXdDO2ut3YA:10 a=APAwn_jKTUHms2E7Cx0A:9 a=ORL7YWOSXFnf9h1F:21 a=lqcHg5cX4UMA:10 a=y-4rJCg2yiSUOuYm88t7:22 Received: from [10.23.87.22] (Forwarded-For: 116.203.104.61) by VL-VM-JAS131.ip.videotron.ca (mshttpd); Wed, 31 Jan 2024 01:22:33 -0500 From: pkagan@videotron.ca To: Paul Procacci Cc: questions@freebsd.org Message-ID: Date: Wed, 31 Jan 2024 01:22:33 -0500 X-Mailer: Oracle Communications Messenger Express 8.1.0.6.20200729 64bit (built Jul 29 2020) List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Language: fr Subject: Re : Re: certbot does not work X-Accept-Language: fr Priority: normal In-Reply-To: References: <00c501da53f6$222d8640$668892c0$@videotron.ca> Content-Type: multipart/alternative; boundary="--c2bcadb8120ee67a5a6e74" X-CMAE-Envelope: MS4xfE08y83KJ5+gqN/KTgyatePnUiauRmP/GZXZISd05USSqxh26yFj9iqVSfSSHavUVCW4CMJzwut7alvOjiFcstUR538a/lrhQsM9oCBoYguk8arV37c9 gAtdMeyBrEpiN5XlBdz1KxB+APn3NhkQiBtZWKR87HDSZ51KiWEDvknEINn/o4EztYtUYYW9TOpBT0YI2+d7qAWCUcxC13x7mhE= X-Rspamd-Queue-Id: 4TPsbv1R9bz4mxp X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:5769, ipnet:135.19.0.0/18, country:CA] This is a multi-part message in MIME format. ----c2bcadb8120ee67a5a6e74 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable problem solved by Darius as follows =3A = vi /usr/local/bin/certbot = after import sys=3A = import os = os=2Eenviron=5B=27CRYPTOGRAPHY=5FOPENSSL=5FNO=5FLEGACY=27=5D =3D =271=27= = = thank you for all correspondance = Le 31/01/24 00=3A21=2C Paul Procacci =3Cpprocacci=40gmail=2Ecom=3E a =C3= =A9crit =3A = =3E = =3E = =3E = =3E = =3E = =3E = =3E = =3E = =3E On Wed=2C Jan 31=2C 2024 at 12=3A19=E2=80=AFAM Paul Procacci =3Cppro= cacci=40gmail=2Ecom=3E wrote=3A =3E = =3E =3E = =3E =3E = =3E =3E = =3E =3E = =3E =3E = =3E =3E = =3E =3E = =3E =3E On Tue=2C Jan 30=2C 2024 at 10=3A33=E2=80=AFPM Paul Kagan =3Cpka= gan=40videotron=2Eca=3E wrote=3A =3E =3E = =3E =3E =3E = =3E =3E =3E = =3E =3E =3E = =3E =3E =3E = =3E =3E =3E root=40videotron=3A/usr/ports/security/openssl =23 =40CRYPTO= GRAPHY=5FOPENSSL=5FNO=5FLEGACY =3E =3E =3E = =3E =3E =3E =40CRYPTOGRAPHY=5FOPENSSL=5FNO=5FLEGACY=3A Command not found= =2E =3E =3E =3E = =3E =3E =3E root=40videotron=3A/usr/ports/security/openssl =23 setenv CR= YPTOGRAPHY=5FOPENSSL=5FNO=5FLEGACY=3Dyes =3B certbot =3E =3E =3E = =3E =3E =3E setenv=3A Variable name must contain alphanumeric characters= =2E =3E =3E =3E = =3E =3E =3E Traceback (most recent call last)=3A =3E =3E =3E = =3E =3E =3E File =22/usr/local/bin/certbot=22=2C line 33=2C in =3Cmodule= =3E =3E =3E =3E = =3E =3E =3E sys=2Eexit(load=5Fentry=5Fpoint(=27certbot=3D=3D2=2E8=2E0=27= =2C =27console=5Fscripts=27=2C =27certbot=27)()) =3E =3E =3E = =3E =3E =3E File =22/usr/local/bin/certbot=22=2C line 25=2C in importlib= =5Fload=5Fentry=5Fpoint =3E =3E =3E = =3E =3E =3E return next(matches)=2Eload() =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/importlib/metadata=2Epy=22= =2C line 86=2C in load =3E =3E =3E = =3E =3E =3E module =3D import=5Fmodule(match=2Egroup(=27module=27)) =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/importlib/=5F=5Finit=5F=5F= =2Epy=22=2C line 127=2C in import=5Fmodule =3E =3E =3E = =3E =3E =3E return =5Fbootstrap=2E=5Fgcd=5Fimport(name=5Blevel=3A=5D=2C = package=2C level) =3E =3E =3E = =3E =3E =3E File =22=3Cfrozen importlib=2E=5Fbootstrap=3E=22=2C line 103= 0=2C in =5Fgcd=5Fimport =3E =3E =3E = =3E =3E =3E File =22=3Cfrozen importlib=2E=5Fbootstrap=3E=22=2C line 100= 7=2C in =5Ffind=5Fand=5Fload =3E =3E =3E = =3E =3E =3E File =22=3Cfrozen importlib=2E=5Fbootstrap=3E=22=2C line 986= =2C in =5Ffind=5Fand=5Fload=5Funlocked =3E =3E =3E = =3E =3E =3E File =22=3Cfrozen importlib=2E=5Fbootstrap=3E=22=2C line 680= =2C in =5Fload=5Funlocked =3E =3E =3E = =3E =3E =3E File =22=3Cfrozen importlib=2E=5Fbootstrap=5Fexternal=3E=22=2C= line 850=2C in exec=5Fmodule =3E =3E =3E = =3E =3E =3E File =22=3Cfrozen importlib=2E=5Fbootstrap=3E=22=2C line 228= =2C in =5Fcall=5Fwith=5Fframes=5Fremoved =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/certbot/mai= n=2Epy=22=2C line 6=2C in =3Cmodule=3E =3E =3E =3E = =3E =3E =3E from certbot=2E=5Finternal import main as internal=5Fmain =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/certbot/=5F= internal/main=2Epy=22=2C line 21=2C in =3Cmodule=3E =3E =3E =3E = =3E =3E =3E import josepy as jose =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/josepy/=5F=5F= init=5F=5F=2Epy=22=2C line 40=2C in =3Cmodule=3E =3E =3E =3E = =3E =3E =3E from josepy=2Ejson=5Futil import ( =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/josepy/json= =5Futil=2Epy=22=2C line 24=2C in =3Cmodule=3E =3E =3E =3E = =3E =3E =3E from OpenSSL import crypto =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/OpenSSL/=5F= =5Finit=5F=5F=2Epy=22=2C line 8=2C in =3Cmodule=3E =3E =3E =3E = =3E =3E =3E from OpenSSL import SSL=2C crypto =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python39/site-packages/OpenSSL/SSL=2E= py=22=2C line 9=2C in =3Cmodule=3E =3E =3E =3E = =3E =3E =3E from OpenSSL=2E=5Futil import ( =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/OpenSSL/=5F= util=2Epy=22=2C line 6=2C in =3Cmodule=3E =3E =3E =3E = =3E =3E =3E from cryptography=2Ehazmat=2Ebindings=2Eopenssl=2Ebinding im= port Binding =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/cryptograph= y/hazmat/bindings/openssl/binding=2Epy=22=2C line 167=2C in =3Cmodule=3E= =3E =3E =3E = =3E =3E =3E Bindinginit=5Fstatic=5Flocks() =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/cryptograph= y/hazmat/bindings/openssl/binding=2Epy=22=2C line 134=2C in init=5Fstati= c=5Flocks =3E =3E =3E = =3E =3E =3E cls=2E=5Fensure=5Fffi=5Finitialized() =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/cryptograph= y/hazmat/bindings/openssl/binding=2Epy=22=2C line 123=2C in =5Fensure=5F= ffi=5Finitialized =3E =3E =3E = =3E =3E =3E =5Flegacy=5Fprovider=5Ferror(cls=2E=5Flegacy=5Fprovider=5Flo= aded) =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/cryptograph= y/hazmat/bindings/openssl/bindingpy=22=2C line 43=2C in =5Flegacy=5Fprov= ider=5Ferror =3E =3E =3E = =3E =3E =3E raise RuntimeError( =3E =3E =3E = =3E =3E =3E RuntimeError=3A OpenSSL 3=2E0=27s legacy provider failed to = load=2E This is a fatal error by default=2C but cryptography supports ru= nning without legacy algorithms by setting the environment variable CRYP= TOGRAPHY=5FOPENSSL=5FNO=5FLEGACY=2E If you did not expect this error=2C = you have likely made a mistake with your OpenSSL configuration=2E =3E =3E =3E = =3E =3E =3E root=40videotron=3A/usr/ports/security/openssl =23 setenv CR= YPTOGRAPHY=5FOPENSSL=5FNO=5FLEGACY=3Dyes =3B certbot =3E =3E =3E = =3E =3E =3E setenv=3A Variable name must contain alphanumeric characters= =2E =3E =3E =3E = =3E =3E =3E Traceback (most recent call last)=3A =3E =3E =3E = =3E =3E =3E File =22/usr/local/bin/certbot=22=2C line 33=2C in =3Cmodule= =3E =3E =3E =3E = =3E =3E =3E sys=2Eexit(load=5Fentry=5Fpoint(=27certbot=3D=3D2=2E8=2E0=27= =2C =27console=5Fscripts=27=2C =27certbot=27)()) =3E =3E =3E = =3E =3E =3E File =22/usr/local/bin/certbot=22=2C line 25=2C in importlib= =5Fload=5Fentry=5Fpoint =3E =3E =3E = =3E =3E =3E return next(matches)=2Eload() =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/importlib/metadata=2Epy=22= =2C line 86=2C in load =3E =3E =3E = =3E =3E =3E module =3D import=5Fmodule(match=2Egroup(=27module=27)) =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/importlib/=5F=5Finit=5F=5F= =2Epy=22=2C line 127=2C in import=5Fmodule =3E =3E =3E = =3E =3E =3E return =5Fbootstrap=2E=5Fgcd=5Fimport(name=5Blevel=3A=5D=2C = package=2C level) =3E =3E =3E = =3E =3E =3E File =22=3Cfrozen importlib=2E=5Fbootstrap=3E=22=2C line 103= 0=2C in =5Fgcd=5Fimport =3E =3E =3E = =3E =3E =3E File =22=3Cfrozen importlib=2E=5Fbootstrap=3E=22=2C line 100= 7=2C in =5Ffind=5Fand=5Fload =3E =3E =3E = =3E =3E =3E File =22=3Cfrozen importlib=2E=5Fbootstrap=3E=22=2C line 986= =2C in =5Ffind=5Fand=5Fload=5Funlocked =3E =3E =3E = =3E =3E =3E File =22=3Cfrozen importlib=2E=5Fbootstrap=3E=22=2C line 680= =2C in =5Fload=5Funlocked =3E =3E =3E = =3E =3E =3E File =22=3Cfrozen importlib=2E=5Fbootstrap=5Fexternal=3E=22=2C= line 850=2C in exec=5Fmodule =3E =3E =3E = =3E =3E =3E File =22=3Cfrozen importlib=2E=5Fbootstrap=3E=22=2C line 228= =2C in =5Fcall=5Fwith=5Fframes=5Fremoved =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/certbot/mai= n=2Epy=22=2C line 6=2C in =3Cmodule=3E =3E =3E =3E = =3E =3E =3E from certbot=5Finternal import main as internal=5Fmain =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/certbot/=5F= internal/main=2Epy=22=2C line 21=2C in =3Cmodule=3E =3E =3E =3E = =3E =3E =3E import josepy as jose =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/josepy/=5F=5F= init=5F=5F=2Epy=22=2C line 40=2C in =3Cmodule=3E =3E =3E =3E = =3E =3E =3E from josepy=2Ejson=5Futil import ( =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/josepy/json= =5Futil=2Epy=22=2C line 24=2C in =3Cmodule=3E =3E =3E =3E = =3E =3E =3E from OpenSSL import crypto =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python39/site-packages/OpenSSL/=5F=5F= init=5F=5F=2Epy=22=2C line 8=2C in =3Cmodule=3E =3E =3E =3E = =3E =3E =3E from OpenSSL import SSL=2C crypto =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/OpenSSL/SSL= =2Epy=22=2C line 9=2C in =3Cmodule=3E =3E =3E =3E = =3E =3E =3E from OpenSSL=2E=5Futil import ( =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/OpenSSL/=5F= util=2Epy=22=2C line 6=2C in =3Cmodule=3E =3E =3E =3E = =3E =3E =3E from cryptography=2Ehazmat=2Ebindings=2Eopenssl=2Ebinding im= port Binding =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/cryptograph= y/hazmat/bindings/openssl/binding=2Epy=22=2C line 167=2C in =3Cmodule=3E= =3E =3E =3E = =3E =3E =3E Binding=2Einit=5Fstatic=5Flocks() =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/cryptograph= y/hazmat/bindings/openssl/binding=2Epy=22=2C line 134=2C in init=5Fstati= c=5Flocks =3E =3E =3E = =3E =3E =3E cls=2E=5Fensure=5Fffi=5Finitialized() =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/cryptograph= y/hazmat/bindings/openssl/binding=2Epy=22=2C line 123=2C in =5Fensure=5F= ffi=5Finitialized =3E =3E =3E = =3E =3E =3E =5Flegacy=5Fprovider=5Ferror(cls=2E=5Flegacy=5Fprovider=5Flo= aded) =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/cryptograph= y/hazmat/bindings/openssl/binding=2Epy=22=2C line 43=2C in =5Flegacy=5Fp= rovider=5Ferror =3E =3E =3E = =3E =3E =3E raise RuntimeError( =3E =3E =3E = =3E =3E =3E RuntimeError=3A OpenSSL 3=2E0=27s legacy provider failed to = load=2E This is a fatal error by default=2C but cryptography supports ru= nning without legacy algorithms by setting the environment variable CRYP= TOGRAPHY=5FOPENSSL=5FNO=5FLEGACY=2E If you did not expect this error=2C = you have likely made a mistake with your OpenSSL configuration=2E =3E =3E =3E = =3E =3E =3E root=40videotron=3A/usr/ports/security/openssl =23 =3E =3E =3E = =3E =3E =3E = =3E =3E =3E = =3E =3E = =3E =3E = =3E =3E What is your shell=3F =3E =3E setenv is a csh builtin=2E =3E =3E The default shell was changed to /bin/ss=2E Did you account for = this change=3F =3E =3E = =3E =3E = =3E =3E =7EPaul =3E =3E = =3E =3E -- = =3E =3E = =3E =3E =5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F =3E =3E = =3E =3E =3A()=7B =3A=7C=3A=26 =7D=3B=3A =3E =3E = =3E =3E = =3E = =3E = =3E = =3E Sorry=2C I quite literally just woke up=2E The default shell was cha= nged to /bin/sh=2E =3E = =3E =7EPaul =3E = =3E -- = =3E = =3E =5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F =3E = =3E =3A()=7B =3A=7C=3A=26 =7D=3B=3A =3E = =3E ----c2bcadb8120ee67a5a6e74 Content-Type: text/html; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable =3Cspan style=3D=22font-family=3A Helvetica=2C Arial=2C sans-serif=3B fo= nt-size=3A 12px=3B=22=3Eproblem solved by Darius as follows =3A=3C/span=3E= =3Cdiv style=3D=22font-family=3A Helvetica=2C Arial=2C sans-serif=3B fon= t-size=3A 12px=3B=22=3E=3Cbr /=3E=3C/div=3E=3Cdiv style=3D=22font-family= =3A Helvetica=2C Arial=2C sans-serif=3B font-size=3A 12px=3B=22=3E=3Cspa= n style=3D=22color=3A rgb(20=2C 20=2C 20)=3B font-family=3A =26quot=3Bse= goe ui=26quot=3B=2C =26quot=3Bhelvetica neue=26quot=3B=2C helvetica=2C r= oboto=2C oxygen=2C ubuntu=2C cantarell=2C =26quot=3Bfira sans=26quot=3B=2C= =26quot=3Bdroid sans=26quot=3B=2C sans-serif=3B font-size=3A 16px=3B ba= ckground-color=3A rgb(255=2C 255=2C 255)=3B=22=3Evi /usr/local/bin/certb= ot=3C/span=3E=3Cbr style=3D=22color=3A rgb(20=2C 20=2C 20)=3B font-famil= y=3A =26quot=3Bsegoe ui=26quot=3B=2C =26quot=3Bhelvetica neue=26quot=3B=2C= helvetica=2C roboto=2C oxygen=2C ubuntu=2C cantarell=2C =26quot=3Bfira = sans=26quot=3B=2C =26quot=3Bdroid sans=26quot=3B=2C sans-serif=3B font-s= ize=3A 16px=3B background-color=3A rgb(255=2C 255=2C 255)=3B=22 /=3E=3Cb= r style=3D=22color=3A rgb(20=2C 20=2C 20)=3B font-family=3A =26quot=3Bse= goe ui=26quot=3B=2C =26quot=3Bhelvetica neue=26quot=3B=2C helvetica=2C r= oboto=2C oxygen=2C ubuntu=2C cantarell=2C =26quot=3Bfira sans=26quot=3B=2C= =26quot=3Bdroid sans=26quot=3B=2C sans-serif=3B font-size=3A 16px=3B ba= ckground-color=3A rgb(255=2C 255=2C 255)=3B=22 /=3E=3Cspan style=3D=22co= lor=3A rgb(20=2C 20=2C 20)=3B font-family=3A =26quot=3Bsegoe ui=26quot=3B= =2C =26quot=3Bhelvetica neue=26quot=3B=2C helvetica=2C roboto=2C oxygen=2C= ubuntu=2C cantarell=2C =26quot=3Bfira sans=26quot=3B=2C =26quot=3Bdroid= sans=26quot=3B=2C sans-serif=3B font-size=3A 16px=3B background-color=3A= rgb(255=2C 255=2C 255)=3B=22=3Eafter import sys=3A=3C/span=3E=3Cbr styl= e=3D=22color=3A rgb(20=2C 20=2C 20)=3B font-family=3A =26quot=3Bsegoe ui= =26quot=3B=2C =26quot=3Bhelvetica neue=26quot=3B=2C helvetica=2C roboto=2C= oxygen=2C ubuntu=2C cantarell=2C =26quot=3Bfira sans=26quot=3B=2C =26qu= ot=3Bdroid sans=26quot=3B=2C sans-serif=3B font-size=3A 16px=3B backgrou= nd-color=3A rgb(255=2C 255=2C 255)=3B=22 /=3E=3Cspan style=3D=22color=3A= rgb(20=2C 20=2C 20)=3B font-family=3A =26quot=3Bsegoe ui=26quot=3B=2C =26= quot=3Bhelvetica neue=26quot=3B=2C helvetica=2C roboto=2C oxygen=2C ubun= tu=2C cantarell=2C =26quot=3Bfira sans=26quot=3B=2C =26quot=3Bdroid sans= =26quot=3B=2C sans-serif=3B font-size=3A 16px=3B background-color=3A rgb= (255=2C 255=2C 255)=3B=22=3Eimport os=3C/span=3E=3Cbr style=3D=22color=3A= rgb(20=2C 20=2C 20)=3B font-family=3A =26quot=3Bsegoe ui=26quot=3B=2C =26= quot=3Bhelvetica neue=26quot=3B=2C helvetica=2C roboto=2C oxygen=2C ubun= tu=2C cantarell=2C =26quot=3Bfira sans=26quot=3B=2C =26quot=3Bdroid sans= =26quot=3B=2C sans-serif=3B font-size=3A 16px=3B background-color=3A rgb= (255=2C 255=2C 255)=3B=22 /=3E=3Cspan style=3D=22color=3A rgb(20=2C 20=2C= 20)=3B font-family=3A =26quot=3Bsegoe ui=26quot=3B=2C =26quot=3Bhelveti= ca neue=26quot=3B=2C helvetica=2C roboto=2C oxygen=2C ubuntu=2C cantarel= l=2C =26quot=3Bfira sans=26quot=3B=2C =26quot=3Bdroid sans=26quot=3B=2C = sans-serif=3B font-size=3A 16px=3B background-color=3A rgb(255=2C 255=2C= 255)=3B=22=3Eos=2Eenviron=5B=27CRYPTOGRAPHY=5FOPENSSL=5FNO=5FLEGACY=27=5D= =3D =271=27=3C/span=3E=3C/div=3E=3Cdiv style=3D=22font-family=3A Helvet= ica=2C Arial=2C sans-serif=3B font-size=3A 12px=3B=22=3E=3Cfont color=3D= =22=23141414=22 face=3D=22Segoe UI=2C Helvetica Neue=2C Helvetica=2C Rob= oto=2C Oxygen=2C Ubuntu=2C Cantarell=2C Fira Sans=2C Droid Sans=2C sans-= serif=22=3E=3Cspan style=3D=22font-size=3A 16px=3B=22=3E=3Cbr /=3E=3C/sp= an=3E=3C/font=3E=3C/div=3E=3Cdiv style=3D=22font-family=3A Helvetica=2C = Arial=2C sans-serif=3B font-size=3A 12px=3B=22=3E=3Cfont color=3D=22=231= 41414=22 face=3D=22Segoe UI=2C Helvetica Neue=2C Helvetica=2C Roboto=2C = Oxygen=2C Ubuntu=2C Cantarell=2C Fira Sans=2C Droid Sans=2C sans-serif=22= =3E=3Cspan style=3D=22font-size=3A 16px=3B=22=3Ethank you for all corres= pondance=3C/span=3E=3C/font=3E=3C/div=3E=3Cbr /=3E=3Cspan=3ELe 31/01/24 = 00=3A21=2C =3Cb class=3D=22name=22=3EPaul Procacci =3C/b=3E =26lt=3Bppro= cacci=40gmail=2Ecom=26gt=3B a =C3=A9crit =3A=3C/span=3E=3Cblockquote cit= e=3D=22mid=3ACAFbbPugryaz=3Du4Y41aG6gKaPPEf427uV6a2ZSaowtW8E-OoG8w=40mai= l=2Egmail=2Ecom=22 class=3D=22iwcQuote=22 style=3D=22border-left=3A 1px = solid =2300F=3B padding-left=3A 13px=3B margin-left=3A 0=3B=22 type=3D=22= cite=22=3E=3Cdiv class=3D=22mimetype-multipart-alternative=22=3E=3Cdiv d= ir=3D=22ltr=22=3E=3Cdiv=3E=3Cdiv dir=3D=22ltr=22=3E=3Cbr /=3E=3C/div=3E=3C= br /=3E=3Cdiv class=3D=22gmail=5Fquote=22=3E=3Cdiv class=3D=22gmail=5Fat= tr=22 dir=3D=22ltr=22=3EOn Wed=2C Jan 31=2C 2024 at 12=3A19=E2=80=AFAM P= aul Procacci =26lt=3B=3Ca href=3D=22mailto=3Approcacci=40gmail=2Ecom=22 = rel=3D=22noopener noreferrer=22 target=3D=221=22=3Epprocacci=40gmail=2Ec= om=3C/a=3E=26gt=3B wrote=3A=3Cbr /=3E=3C/div=3E=3Cblockquote class=3D=22= gmail=5Fquote=22 style=3D=22margin=3A0px 0px 0px 0=2E8ex=3Bborder-left=3A= 1px solid rgb( 204 =2C 204 =2C 204 )=3Bpadding-left=3A1ex=22=3E=3Cdiv di= r=3D=22ltr=22=3E=3Cdiv=3E=3Cdiv dir=3D=22ltr=22=3E=3Cbr /=3E=3C/div=3E=3C= br /=3E=3Cdiv class=3D=22gmail=5Fquote=22=3E=3Cdiv class=3D=22gmail=5Fat= tr=22 dir=3D=22ltr=22=3EOn Tue=2C Jan 30=2C 2024 at 10=3A33=E2=80=AFPM P= aul Kagan =26lt=3B=3Ca href=3D=22mailto=3Apkagan=40videotron=2Eca=22 rel= =3D=22noopener noreferrer=22 target=3D=221=22=3Epkagan=40videotron=2Eca=3C= /a=3E=26gt=3B wrote=3A=3Cbr /=3E=3C/div=3E=3Cblockquote class=3D=22gmail= =5Fquote=22 style=3D=22margin=3A0px 0px 0px 0=2E8ex=3Bborder-left=3A1px = solid rgb( 204 =2C 204 =2C 204 )=3Bpadding-left=3A1ex=22=3E=3Cdiv=3E=3Cd= iv lang=3D=22FR=22=3E=3Cdiv=3E=3Cp class=3D=22MsoNormal=22=3Eroot=40vide= otron=3A/usr/ports/security/openssl =23 =40CRYPTOGRAPHY=5FOPENSSL=5FNO=5F= LEGACY=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22= =3E=40CRYPTOGRAPHY=5FOPENSSL=5FNO=5FLEGACY=3A Command not found=2E=3Cu=3E= =3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3Eroot=40vid= eotron=3A/usr/ports/security/openssl =23 setenv CRYPTOGRAPHY=5FOPENSSL=5F= NO=5FLEGACY=3Dyes =3B certbot=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp = class=3D=22MsoNormal=22=3Esetenv=3A Variable name must contain alphanume= ric characters=2E=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22M= soNormal=22=3ETraceback (most recent call last)=3A=3Cu=3E=3C/u=3E=3Cu=3E= =3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26quot=3B/usr/local= /bin/certbot=26quot=3B=2C line 33=2C in =26lt=3Bmodule=26gt=3B=3Cu=3E=3C= /u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3Esys=2Eexit(lo= ad=5Fentry=5Fpoint(=27certbot=3D=3D2=2E8=2E0=27=2C =27console=5Fscripts=27= =2C =27certbot=27)())=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D= =22MsoNormal=22=3EFile =26quot=3B/usr/local/bin/certbot=26quot=3B=2C lin= e 25=2C in importlib=5Fload=5Fentry=5Fpoint=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E= =3C/p=3E=3Cp class=3D=22MsoNormal=22=3Ereturn next(matches)=2Eload()=3Cu= =3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26= quot=3B/usr/local/lib/python3=2E9/importlib/metadata=2Epy=26quot=3B=2C l= ine 86=2C in load=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22M= soNormal=22=3Emodule =3D import=5Fmodule(match=2Egroup(=27module=27))=3C= u=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26= quot=3B/usr/local/lib/python3=2E9/importlib/=5F=5Finit=5F=5F=2Epy=26quot= =3B=2C line 127=2C in import=5Fmodule=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p= =3E=3Cp class=3D=22MsoNormal=22=3Ereturn =5Fbootstrap=2E=5Fgcd=5Fimport(= name=5Blevel=3A=5D=2C package=2C level)=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C= /p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26quot=3B=26lt=3Bfrozen import= lib=2E=5Fbootstrap=26gt=3B=26quot=3B=2C line 1030=2C in =5Fgcd=5Fimport=3C= u=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26= quot=3B=26lt=3Bfrozen importlib=2E=5Fbootstrap=26gt=3B=26quot=3B=2C line= 1007=2C in =5Ffind=5Fand=5Fload=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3C= p class=3D=22MsoNormal=22=3EFile =26quot=3B=26lt=3Bfrozen importlib=2E=5F= bootstrap=26gt=3B=26quot=3B=2C line 986=2C in =5Ffind=5Fand=5Fload=5Funl= ocked=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3E= File =26quot=3B=26lt=3Bfrozen importlib=2E=5Fbootstrap=26gt=3B=26quot=3B= =2C line 680=2C in =5Fload=5Funlocked=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p= =3E=3Cp class=3D=22MsoNormal=22=3EFile =26quot=3B=26lt=3Bfrozen importli= b=2E=5Fbootstrap=5Fexternal=26gt=3B=26quot=3B=2C line 850=2C in exec=5Fm= odule=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3E= File =26quot=3B=26lt=3Bfrozen importlib=2E=5Fbootstrap=26gt=3B=26quot=3B= =2C line 228=2C in =5Fcall=5Fwith=5Fframes=5Fremoved=3Cu=3E=3C/u=3E=3Cu=3E= =3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26quot=3B/usr/local= /lib/python3=2E9/site-packages/certbot/main=2Epy=26quot=3B=2C line 6=2C = in =26lt=3Bmodule=26gt=3B=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp clas= s=3D=22MsoNormal=22=3Efrom certbot=2E=5Finternal import main as internal= =5Fmain=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22= =3EFile =26quot=3B/usr/local/lib/python3=2E9/site-packages/certbot/=5Fin= ternal/main=2Epy=26quot=3B=2C line 21=2C in =26lt=3Bmodule=26gt=3B=3Cu=3E= =3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3Eimport jos= epy as jose=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNorm= al=22=3EFile =26quot=3B/usr/local/lib/python3=2E9/site-packages/josepy/=5F= =5Finit=5F=5F=2Epy=26quot=3B=2C line 40=2C in =26lt=3Bmodule=26gt=3B=3Cu= =3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3Efrom jo= sepy=2Ejson=5Futil import (=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp cl= ass=3D=22MsoNormal=22=3EFile =26quot=3B/usr/local/lib/python3=2E9/site-p= ackages/josepy/json=5Futil=2Epy=26quot=3B=2C line 24=2C in =26lt=3Bmodul= e=26gt=3B=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal= =22=3Efrom OpenSSL import crypto=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3C= p class=3D=22MsoNormal=22=3EFile =26quot=3B/usr/local/lib/python3=2E9/si= te-packages/OpenSSL/=5F=5Finit=5F=5F=2Epy=26quot=3B=2C line 8=2C in =26l= t=3Bmodule=26gt=3B=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22= MsoNormal=22=3Efrom OpenSSL import SSL=2C crypto=3Cu=3E=3C/u=3E=3Cu=3E=3C= /u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26quot=3B/usr/local/li= b/python39/site-packages/OpenSSL/SSL=2Epy=26quot=3B=2C line 9=2C in =26l= t=3Bmodule=26gt=3B=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22= MsoNormal=22=3Efrom OpenSSL=2E=5Futil import (=3Cu=3E=3C/u=3E=3Cu=3E=3C/= u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26quot=3B/usr/local/lib= /python3=2E9/site-packages/OpenSSL/=5Futil=2Epy=26quot=3B=2C line 6=2C i= n =26lt=3Bmodule=26gt=3B=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class= =3D=22MsoNormal=22=3Efrom cryptography=2Ehazmat=2Ebindings=2Eopenssl=2Eb= inding import Binding=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D= =22MsoNormal=22=3EFile =26quot=3B/usr/local/lib/python3=2E9/site-package= s/cryptography/hazmat/bindings/openssl/binding=2Epy=26quot=3B=2C line 16= 7=2C in =26lt=3Bmodule=26gt=3B=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp= class=3D=22MsoNormal=22=3EBindinginit=5Fstatic=5Flocks()=3Cu=3E=3C/u=3E= =3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26quot=3B/us= r/local/lib/python3=2E9/site-packages/cryptography/hazmat/bindings/opens= sl/binding=2Epy=26quot=3B=2C line 134=2C in init=5Fstatic=5Flocks=3Cu=3E= =3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3Ecls=2E=5Fe= nsure=5Fffi=5Finitialized()=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp cl= ass=3D=22MsoNormal=22=3EFile =26quot=3B/usr/local/lib/python3=2E9/site-p= ackages/cryptography/hazmat/bindings/openssl/binding=2Epy=26quot=3B=2C l= ine 123=2C in =5Fensure=5Fffi=5Finitialized=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E= =3C/p=3E=3Cp class=3D=22MsoNormal=22=3E=5Flegacy=5Fprovider=5Ferror(cls=2E= =5Flegacy=5Fprovider=5Floaded)=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp= class=3D=22MsoNormal=22=3EFile =26quot=3B/usr/local/lib/python3=2E9/sit= e-packages/cryptography/hazmat/bindings/openssl/bindingpy=26quot=3B=2C l= ine 43=2C in =5Flegacy=5Fprovider=5Ferror=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C= /p=3E=3Cp class=3D=22MsoNormal=22=3Eraise RuntimeError(=3Cu=3E=3C/u=3E=3C= u=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3ERuntimeError=3A OpenS= SL 3=2E0=27s legacy provider failed to load=2E This is a fatal error by = default=2C but cryptography supports running without legacy algorithms b= y setting the environment variable CRYPTOGRAPHY=5FOPENSSL=5FNO=5FLEGACY=2E= If you did not expect this error=2C you have likely made a mistake with= your OpenSSL configuration=2E=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp= class=3D=22MsoNormal=22=3Eroot=40videotron=3A/usr/ports/security/openss= l =23 setenv CRYPTOGRAPHY=5FOPENSSL=5FNO=5FLEGACY=3Dyes =3B certbot=3Cu=3E= =3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3Esetenv=3A = Variable name must contain alphanumeric characters=2E=3Cu=3E=3C/u=3E=3Cu= =3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3ETraceback (most recent= call last)=3A=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoN= ormal=22=3EFile =26quot=3B/usr/local/bin/certbot=26quot=3B=2C line 33=2C= in =26lt=3Bmodule=26gt=3B=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp cla= ss=3D=22MsoNormal=22=3Esys=2Eexit(load=5Fentry=5Fpoint(=27certbot=3D=3D2= =2E8=2E0=27=2C =27console=5Fscripts=27=2C =27certbot=27)())=3Cu=3E=3C/u=3E= =3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26quot=3B/us= r/local/bin/certbot=26quot=3B=2C line 25=2C in importlib=5Fload=5Fentry=5F= point=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3E= return next(matches)=2Eload()=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp = class=3D=22MsoNormal=22=3EFile =26quot=3B/usr/local/lib/python3=2E9/impo= rtlib/metadata=2Epy=26quot=3B=2C line 86=2C in load=3Cu=3E=3C/u=3E=3Cu=3E= =3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3Emodule =3D import=5Fmodul= e(match=2Egroup(=27module=27))=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp= class=3D=22MsoNormal=22=3EFile =26quot=3B/usr/local/lib/python3=2E9/imp= ortlib/=5F=5Finit=5F=5F=2Epy=26quot=3B=2C line 127=2C in import=5Fmodule= =3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3Eret= urn =5Fbootstrap=2E=5Fgcd=5Fimport(name=5Blevel=3A=5D=2C package=2C leve= l)=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EF= ile =26quot=3B=26lt=3Bfrozen importlib=2E=5Fbootstrap=26gt=3B=26quot=3B=2C= line 1030=2C in =5Fgcd=5Fimport=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3C= p class=3D=22MsoNormal=22=3EFile =26quot=3B=26lt=3Bfrozen importlib=2E=5F= bootstrap=26gt=3B=26quot=3B=2C line 1007=2C in =5Ffind=5Fand=5Fload=3Cu=3E= =3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26qu= ot=3B=26lt=3Bfrozen importlib=2E=5Fbootstrap=26gt=3B=26quot=3B=2C line 9= 86=2C in =5Ffind=5Fand=5Fload=5Funlocked=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C= /p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26quot=3B=26lt=3Bfrozen import= lib=2E=5Fbootstrap=26gt=3B=26quot=3B=2C line 680=2C in =5Fload=5Funlocke= d=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EFi= le =26quot=3B=26lt=3Bfrozen importlib=2E=5Fbootstrap=5Fexternal=26gt=3B=26= quot=3B=2C line 850=2C in exec=5Fmodule=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C= /p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26quot=3B=26lt=3Bfrozen import= lib=2E=5Fbootstrap=26gt=3B=26quot=3B=2C line 228=2C in =5Fcall=5Fwith=5F= frames=5Fremoved=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22Ms= oNormal=22=3EFile =26quot=3B/usr/local/lib/python3=2E9/site-packages/cer= tbot/main=2Epy=26quot=3B=2C line 6=2C in =26lt=3Bmodule=26gt=3B=3Cu=3E=3C= /u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3Efrom certbot=5F= internal import main as internal=5Fmain=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C= /p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26quot=3B/usr/local/lib/python= 3=2E9/site-packages/certbot/=5Finternal/main=2Epy=26quot=3B=2C line 21=2C= in =26lt=3Bmodule=26gt=3B=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp cla= ss=3D=22MsoNormal=22=3Eimport josepy as jose=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E= =3C/p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26quot=3B/usr/local/lib/pyt= hon3=2E9/site-packages/josepy/=5F=5Finit=5F=5F=2Epy=26quot=3B=2C line 40= =2C in =26lt=3Bmodule=26gt=3B=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp = class=3D=22MsoNormal=22=3Efrom josepy=2Ejson=5Futil import (=3Cu=3E=3C/u= =3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26quot=3B= /usr/local/lib/python3=2E9/site-packages/josepy/json=5Futil=2Epy=26quot=3B= =2C line 24=2C in =26lt=3Bmodule=26gt=3B=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C= /p=3E=3Cp class=3D=22MsoNormal=22=3Efrom OpenSSL import crypto=3Cu=3E=3C= /u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26quot=3B= /usr/local/lib/python39/site-packages/OpenSSL/=5F=5Finit=5F=5F=2Epy=26qu= ot=3B=2C line 8=2C in =26lt=3Bmodule=26gt=3B=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E= =3C/p=3E=3Cp class=3D=22MsoNormal=22=3Efrom OpenSSL import SSL=2C crypto= =3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EFil= e =26quot=3B/usr/local/lib/python3=2E9/site-packages/OpenSSL/SSL=2Epy=26= quot=3B=2C line 9=2C in =26lt=3Bmodule=26gt=3B=3Cu=3E=3C/u=3E=3Cu=3E=3C/= u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3Efrom OpenSSL=2E=5Futil import= (=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EF= ile =26quot=3B/usr/local/lib/python3=2E9/site-packages/OpenSSL/=5Futil=2E= py=26quot=3B=2C line 6=2C in =26lt=3Bmodule=26gt=3B=3Cu=3E=3C/u=3E=3Cu=3E= =3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3Efrom cryptography=2Ehazma= t=2Ebindings=2Eopenssl=2Ebinding import Binding=3Cu=3E=3C/u=3E=3Cu=3E=3C= /u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26quot=3B/usr/local/li= b/python3=2E9/site-packages/cryptography/hazmat/bindings/openssl/binding= =2Epy=26quot=3B=2C line 167=2C in =26lt=3Bmodule=26gt=3B=3Cu=3E=3C/u=3E=3C= u=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EBinding=2Einit=5Fstat= ic=5Flocks()=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNor= mal=22=3EFile =26quot=3B/usr/local/lib/python3=2E9/site-packages/cryptog= raphy/hazmat/bindings/openssl/binding=2Epy=26quot=3B=2C line 134=2C in i= nit=5Fstatic=5Flocks=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22= MsoNormal=22=3Ecls=2E=5Fensure=5Fffi=5Finitialized()=3Cu=3E=3C/u=3E=3Cu=3E= =3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26quot=3B/usr/local= /lib/python3=2E9/site-packages/cryptography/hazmat/bindings/openssl/bind= ing=2Epy=26quot=3B=2C line 123=2C in =5Fensure=5Fffi=5Finitialized=3Cu=3E= =3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3E=5Flegacy=5F= provider=5Ferror(cls=2E=5Flegacy=5Fprovider=5Floaded)=3Cu=3E=3C/u=3E=3Cu= =3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26quot=3B/usr/lo= cal/lib/python3=2E9/site-packages/cryptography/hazmat/bindings/openssl/b= inding=2Epy=26quot=3B=2C line 43=2C in =5Flegacy=5Fprovider=5Ferror=3Cu=3E= =3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3Eraise Runt= imeError(=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal= =22=3ERuntimeError=3A OpenSSL 3=2E0=27s legacy provider failed to load=2E= This is a fatal error by default=2C but cryptography supports running w= ithout legacy algorithms by setting the environment variable CRYPTOGRAPH= Y=5FOPENSSL=5FNO=5FLEGACY=2E If you did not expect this error=2C you hav= e likely made a mistake with your OpenSSL configuration=2E=3Cu=3E=3C/u=3E= =3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3Eroot=40videotron=3A= /usr/ports/security/openssl =23=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3C= /div=3E=3C/div=3E=3C/div=3E=3C/blockquote=3E=3C/div=3E=3Cbr /=3E=3C/div=3E= What is your shell=3F=3Cbr /=3E=3Cdiv=3Esetenv is a csh builtin=2E=3C/di= v=3E=3Cdiv=3EThe default shell was changed to /bin/ss=2E=C2=A0 Did you a= ccount for this change=3F=3Cbr /=3E=3Cbr /=3E=3C/div=3E=3Cdiv=3E=7EPaul=3C= br /=3E=3C/div=3E=3Cbr /=3E=3Cdiv=3E=3Cspan class=3D=22gmail=5Fsignature= =5Fprefix=22=3E-- =3C/span=3E=3Cbr /=3E=3Cdiv class=3D=22gmail=5Fsignatu= re=22 dir=3D=22ltr=22=3E=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F= =5F=5F=3Cbr /=3E=3Cbr /=3E=3A()=7B =3A=7C=3A=26amp=3B =7D=3B=3A=3C/div=3E= =3C/div=3E=3C/div=3E=3C/blockquote=3E=3C/div=3E=3Cbr /=3E=3C/div=3E=3Cdi= v=3ESorry=2C I quite literally just woke up=2E=C2=A0 The default shell w= as changed to /bin/sh=2E=3C/div=3E=3Cdiv=3E=3Cbr /=3E=3C/div=3E=3Cdiv=3E= =7EPaul=3Cbr /=3E=3C/div=3E=3Cdiv=3E=3Cspan class=3D=22gmail=5Fsignature= =5Fprefix=22=3E-- =3C/span=3E=3Cbr /=3E=3Cdiv class=3D=22gmail=5Fsignatu= re=22 dir=3D=22ltr=22=3E=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F= =5F=5F=3Cbr /=3E=3Cbr /=3E=3A()=7B =3A=7C=3A=26amp=3B =7D=3B=3A=3C/div=3E= =3C/div=3E=3C/div=3E=3C/div=3E=3C/blockquote=3E ----c2bcadb8120ee67a5a6e74-- From nobody Wed Jan 31 06:23:51 2024 X-Original-To: questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TPsdP6K8Nz58YdN for ; Wed, 31 Jan 2024 06:31:53 +0000 (UTC) (envelope-from pkagan@videotron.ca) Received: from alt42.smtp-out.videotron.ca (alt42.smtp-out.videotron.ca [23.233.128.29]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "vl-vm-csp356.ip.videotron.ca", Issuer "int-SNINTCAP1-CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TPsdN6PZjz4nRh for ; Wed, 31 Jan 2024 06:31:52 +0000 (UTC) (envelope-from pkagan@videotron.ca) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=videotron.ca header.s=s1 header.b="YW/BzobI"; dmarc=pass (policy=none) header.from=videotron.ca; spf=pass (mx1.freebsd.org: domain of pkagan@videotron.ca designates 23.233.128.29 as permitted sender) smtp.mailfrom=pkagan@videotron.ca Received: from videotron.ca ([10.23.87.22]) by Videotron with ESMTP id V40lrXNJ4IUiKV40lrljVY; Wed, 31 Jan 2024 01:23:51 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=videotron.ca; s=s1; t=1706682231; bh=Hc1GN+AcK9IemQa/zRZuU+0FgCFfrInwc0TvVtPIwAc=; h=From:To:Date:Subject:In-Reply-To:References; b=YW/BzobIgs1qcQP1DKLbH6feDp7yPTgbtsqNRiJ32t7mhss+2Cc96Ezgb5nJ5oRHK bbBHXeXYIQStksmSDt0DU4hCPpD8Pude1d2/hKt5MGS7v9ZIBt0H1p769tfYCkbivn KTPEzA//aLR9bl8iBdnJJhKvDUaE5lv9Wdvfs4eDFtFBHS+XY1j95zPAlt5Btp7ooG bATEsjYI+Z1TFy/Y2gMCgKXsK9SzpJ9QcPHVu5PIa9/6ss4/KLQi+UmMAkVkyjhBUm mL1CsWS6JCvHs/JuV85F2b3Tk28zAzjpf3Z0frzIOOiWIQ/3upGhBHNL11uZzlrh0x VQi+q31ex5Mzw== X-Authority-Analysis: v=2.4 cv=P4T8xAMu c=1 sm=1 tr=0 ts=65b9e777 a=XLKDa1dvwskvRpGt32uEXQ==:117 a=L288NTmOKCdYeLypifJNVw==:17 a=dEuoMetlWLkA:10 a=r77TgQKjGQsHNAKrUKIA:9 a=pGLkceISAAAA:8 a=aE0cJvjpAAAA:8 a=irT6Xvgwaw9eXvQHcZkA:9 a=QEXdDO2ut3YA:10 a=APAwn_jKTUHms2E7Cx0A:9 a=ORL7YWOSXFnf9h1F:21 a=lqcHg5cX4UMA:10 a=y-4rJCg2yiSUOuYm88t7:22 Received: from [10.23.87.22] (Forwarded-For: 116.203.104.61) by VL-VM-JAS131.ip.videotron.ca (mshttpd); Wed, 31 Jan 2024 01:23:51 -0500 From: pkagan@videotron.ca To: questions@freebsd.org Message-ID: Date: Wed, 31 Jan 2024 01:23:51 -0500 X-Mailer: Oracle Communications Messenger Express 8.1.0.6.20200729 64bit (built Jul 29 2020) List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Language: fr Subject: Re : Re: certbot does not work X-Accept-Language: fr Priority: normal In-Reply-To: References: <00c501da53f6$222d8640$668892c0$@videotron.ca> Content-Type: multipart/alternative; boundary="--c3d1ba70124a966b8a68a3" X-CMAE-Envelope: MS4xfJ6hIbOkNFpVj5jSdaF2d34/b5tNEbaoB3jWUAa/l/qsR8Ea8Vx0D9+I8/hQ+wR7at/wsFVDgOU/o4R5dj0RjzY5Ko8hBGysl6gWO1igGX052ly9JaK8 XYI/U6PZwNJuJEyz9kmvORO83fjX7NR+zbP7CeIvRn++tG4eRebVo8aTMJY3BEoAbRZEyIrEUO5lSQ== X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.97 / 15.00]; DWL_DNSWL_LOW(-1.00)[videotron.ca:dkim]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; DMARC_POLICY_ALLOW(-0.50)[videotron.ca,none]; R_DKIM_ALLOW(-0.20)[videotron.ca:s=s1]; R_SPF_ALLOW(-0.20)[+ip4:23.233.128.28/30:c]; NEURAL_SPAM_SHORT(0.13)[0.126]; RCVD_IN_DNSWL_LOW(-0.10)[23.233.128.29:from]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; ARC_NA(0.00)[]; ASN(0.00)[asn:5769, ipnet:23.233.128.0/18, country:CA]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FROM_NO_DN(0.00)[]; FREEMAIL_ENVFROM(0.00)[videotron.ca]; FREEMAIL_FROM(0.00)[videotron.ca]; RCPT_COUNT_ONE(0.00)[1]; MID_RHS_MATCH_FROM(0.00)[]; RCVD_TLS_LAST(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; MLMMJ_DEST(0.00)[questions@freebsd.org]; FROM_EQ_ENVFROM(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; TO_DN_NONE(0.00)[]; DKIM_TRACE(0.00)[videotron.ca:+] X-Rspamd-Queue-Id: 4TPsdN6PZjz4nRh This is a multi-part message in MIME format. ----c3d1ba70124a966b8a68a3 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable problem solved by Darius as follows =3A = vi /usr/local/bin/certbot = after import sys=3A = import os = os=2Eenviron=5B=27CRYPTOGRAPHY=5FOPENSSL=5FNO=5FLEGACY=27=5D =3D =271=27= = = thank you for all correspondance = Le 31/01/24 00=3A21=2C Paul Procacci =3Cpprocacci=40gmail=2Ecom=3E a =C3= =A9crit =3A = =3E = =3E = =3E = =3E = =3E = =3E = =3E = =3E = =3E On Wed=2C Jan 31=2C 2024 at 12=3A19=E2=80=AFAM Paul Procacci =3Cppro= cacci=40gmail=2Ecom=3E wrote=3A =3E = =3E =3E = =3E =3E = =3E =3E = =3E =3E = =3E =3E = =3E =3E = =3E =3E = =3E =3E On Tue=2C Jan 30=2C 2024 at 10=3A33=E2=80=AFPM Paul Kagan =3Cpka= gan=40videotron=2Eca=3E wrote=3A =3E =3E = =3E =3E =3E = =3E =3E =3E = =3E =3E =3E = =3E =3E =3E = =3E =3E =3E root=40videotron=3A/usr/ports/security/openssl =23 =40CRYPTO= GRAPHY=5FOPENSSL=5FNO=5FLEGACY =3E =3E =3E = =3E =3E =3E =40CRYPTOGRAPHY=5FOPENSSL=5FNO=5FLEGACY=3A Command not found= =2E =3E =3E =3E = =3E =3E =3E root=40videotron=3A/usr/ports/security/openssl =23 setenv CR= YPTOGRAPHY=5FOPENSSL=5FNO=5FLEGACY=3Dyes =3B certbot =3E =3E =3E = =3E =3E =3E setenv=3A Variable name must contain alphanumeric characters= =2E =3E =3E =3E = =3E =3E =3E Traceback (most recent call last)=3A =3E =3E =3E = =3E =3E =3E File =22/usr/local/bin/certbot=22=2C line 33=2C in =3Cmodule= =3E =3E =3E =3E = =3E =3E =3E sys=2Eexit(load=5Fentry=5Fpoint(=27certbot=3D=3D2=2E8=2E0=27= =2C =27console=5Fscripts=27=2C =27certbot=27)()) =3E =3E =3E = =3E =3E =3E File =22/usr/local/bin/certbot=22=2C line 25=2C in importlib= =5Fload=5Fentry=5Fpoint =3E =3E =3E = =3E =3E =3E return next(matches)=2Eload() =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/importlib/metadata=2Epy=22= =2C line 86=2C in load =3E =3E =3E = =3E =3E =3E module =3D import=5Fmodule(match=2Egroup(=27module=27)) =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/importlib/=5F=5Finit=5F=5F= =2Epy=22=2C line 127=2C in import=5Fmodule =3E =3E =3E = =3E =3E =3E return =5Fbootstrap=2E=5Fgcd=5Fimport(name=5Blevel=3A=5D=2C = package=2C level) =3E =3E =3E = =3E =3E =3E File =22=3Cfrozen importlib=2E=5Fbootstrap=3E=22=2C line 103= 0=2C in =5Fgcd=5Fimport =3E =3E =3E = =3E =3E =3E File =22=3Cfrozen importlib=2E=5Fbootstrap=3E=22=2C line 100= 7=2C in =5Ffind=5Fand=5Fload =3E =3E =3E = =3E =3E =3E File =22=3Cfrozen importlib=2E=5Fbootstrap=3E=22=2C line 986= =2C in =5Ffind=5Fand=5Fload=5Funlocked =3E =3E =3E = =3E =3E =3E File =22=3Cfrozen importlib=2E=5Fbootstrap=3E=22=2C line 680= =2C in =5Fload=5Funlocked =3E =3E =3E = =3E =3E =3E File =22=3Cfrozen importlib=2E=5Fbootstrap=5Fexternal=3E=22=2C= line 850=2C in exec=5Fmodule =3E =3E =3E = =3E =3E =3E File =22=3Cfrozen importlib=2E=5Fbootstrap=3E=22=2C line 228= =2C in =5Fcall=5Fwith=5Fframes=5Fremoved =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/certbot/mai= n=2Epy=22=2C line 6=2C in =3Cmodule=3E =3E =3E =3E = =3E =3E =3E from certbot=2E=5Finternal import main as internal=5Fmain =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/certbot/=5F= internal/main=2Epy=22=2C line 21=2C in =3Cmodule=3E =3E =3E =3E = =3E =3E =3E import josepy as jose =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/josepy/=5F=5F= init=5F=5F=2Epy=22=2C line 40=2C in =3Cmodule=3E =3E =3E =3E = =3E =3E =3E from josepy=2Ejson=5Futil import ( =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/josepy/json= =5Futil=2Epy=22=2C line 24=2C in =3Cmodule=3E =3E =3E =3E = =3E =3E =3E from OpenSSL import crypto =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/OpenSSL/=5F= =5Finit=5F=5F=2Epy=22=2C line 8=2C in =3Cmodule=3E =3E =3E =3E = =3E =3E =3E from OpenSSL import SSL=2C crypto =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python39/site-packages/OpenSSL/SSL=2E= py=22=2C line 9=2C in =3Cmodule=3E =3E =3E =3E = =3E =3E =3E from OpenSSL=2E=5Futil import ( =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/OpenSSL/=5F= util=2Epy=22=2C line 6=2C in =3Cmodule=3E =3E =3E =3E = =3E =3E =3E from cryptography=2Ehazmat=2Ebindings=2Eopenssl=2Ebinding im= port Binding =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/cryptograph= y/hazmat/bindings/openssl/binding=2Epy=22=2C line 167=2C in =3Cmodule=3E= =3E =3E =3E = =3E =3E =3E Bindinginit=5Fstatic=5Flocks() =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/cryptograph= y/hazmat/bindings/openssl/binding=2Epy=22=2C line 134=2C in init=5Fstati= c=5Flocks =3E =3E =3E = =3E =3E =3E cls=2E=5Fensure=5Fffi=5Finitialized() =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/cryptograph= y/hazmat/bindings/openssl/binding=2Epy=22=2C line 123=2C in =5Fensure=5F= ffi=5Finitialized =3E =3E =3E = =3E =3E =3E =5Flegacy=5Fprovider=5Ferror(cls=2E=5Flegacy=5Fprovider=5Flo= aded) =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/cryptograph= y/hazmat/bindings/openssl/bindingpy=22=2C line 43=2C in =5Flegacy=5Fprov= ider=5Ferror =3E =3E =3E = =3E =3E =3E raise RuntimeError( =3E =3E =3E = =3E =3E =3E RuntimeError=3A OpenSSL 3=2E0=27s legacy provider failed to = load=2E This is a fatal error by default=2C but cryptography supports ru= nning without legacy algorithms by setting the environment variable CRYP= TOGRAPHY=5FOPENSSL=5FNO=5FLEGACY=2E If you did not expect this error=2C = you have likely made a mistake with your OpenSSL configuration=2E =3E =3E =3E = =3E =3E =3E root=40videotron=3A/usr/ports/security/openssl =23 setenv CR= YPTOGRAPHY=5FOPENSSL=5FNO=5FLEGACY=3Dyes =3B certbot =3E =3E =3E = =3E =3E =3E setenv=3A Variable name must contain alphanumeric characters= =2E =3E =3E =3E = =3E =3E =3E Traceback (most recent call last)=3A =3E =3E =3E = =3E =3E =3E File =22/usr/local/bin/certbot=22=2C line 33=2C in =3Cmodule= =3E =3E =3E =3E = =3E =3E =3E sys=2Eexit(load=5Fentry=5Fpoint(=27certbot=3D=3D2=2E8=2E0=27= =2C =27console=5Fscripts=27=2C =27certbot=27)()) =3E =3E =3E = =3E =3E =3E File =22/usr/local/bin/certbot=22=2C line 25=2C in importlib= =5Fload=5Fentry=5Fpoint =3E =3E =3E = =3E =3E =3E return next(matches)=2Eload() =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/importlib/metadata=2Epy=22= =2C line 86=2C in load =3E =3E =3E = =3E =3E =3E module =3D import=5Fmodule(match=2Egroup(=27module=27)) =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/importlib/=5F=5Finit=5F=5F= =2Epy=22=2C line 127=2C in import=5Fmodule =3E =3E =3E = =3E =3E =3E return =5Fbootstrap=2E=5Fgcd=5Fimport(name=5Blevel=3A=5D=2C = package=2C level) =3E =3E =3E = =3E =3E =3E File =22=3Cfrozen importlib=2E=5Fbootstrap=3E=22=2C line 103= 0=2C in =5Fgcd=5Fimport =3E =3E =3E = =3E =3E =3E File =22=3Cfrozen importlib=2E=5Fbootstrap=3E=22=2C line 100= 7=2C in =5Ffind=5Fand=5Fload =3E =3E =3E = =3E =3E =3E File =22=3Cfrozen importlib=2E=5Fbootstrap=3E=22=2C line 986= =2C in =5Ffind=5Fand=5Fload=5Funlocked =3E =3E =3E = =3E =3E =3E File =22=3Cfrozen importlib=2E=5Fbootstrap=3E=22=2C line 680= =2C in =5Fload=5Funlocked =3E =3E =3E = =3E =3E =3E File =22=3Cfrozen importlib=2E=5Fbootstrap=5Fexternal=3E=22=2C= line 850=2C in exec=5Fmodule =3E =3E =3E = =3E =3E =3E File =22=3Cfrozen importlib=2E=5Fbootstrap=3E=22=2C line 228= =2C in =5Fcall=5Fwith=5Fframes=5Fremoved =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/certbot/mai= n=2Epy=22=2C line 6=2C in =3Cmodule=3E =3E =3E =3E = =3E =3E =3E from certbot=5Finternal import main as internal=5Fmain =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/certbot/=5F= internal/main=2Epy=22=2C line 21=2C in =3Cmodule=3E =3E =3E =3E = =3E =3E =3E import josepy as jose =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/josepy/=5F=5F= init=5F=5F=2Epy=22=2C line 40=2C in =3Cmodule=3E =3E =3E =3E = =3E =3E =3E from josepy=2Ejson=5Futil import ( =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/josepy/json= =5Futil=2Epy=22=2C line 24=2C in =3Cmodule=3E =3E =3E =3E = =3E =3E =3E from OpenSSL import crypto =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python39/site-packages/OpenSSL/=5F=5F= init=5F=5F=2Epy=22=2C line 8=2C in =3Cmodule=3E =3E =3E =3E = =3E =3E =3E from OpenSSL import SSL=2C crypto =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/OpenSSL/SSL= =2Epy=22=2C line 9=2C in =3Cmodule=3E =3E =3E =3E = =3E =3E =3E from OpenSSL=2E=5Futil import ( =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/OpenSSL/=5F= util=2Epy=22=2C line 6=2C in =3Cmodule=3E =3E =3E =3E = =3E =3E =3E from cryptography=2Ehazmat=2Ebindings=2Eopenssl=2Ebinding im= port Binding =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/cryptograph= y/hazmat/bindings/openssl/binding=2Epy=22=2C line 167=2C in =3Cmodule=3E= =3E =3E =3E = =3E =3E =3E Binding=2Einit=5Fstatic=5Flocks() =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/cryptograph= y/hazmat/bindings/openssl/binding=2Epy=22=2C line 134=2C in init=5Fstati= c=5Flocks =3E =3E =3E = =3E =3E =3E cls=2E=5Fensure=5Fffi=5Finitialized() =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/cryptograph= y/hazmat/bindings/openssl/binding=2Epy=22=2C line 123=2C in =5Fensure=5F= ffi=5Finitialized =3E =3E =3E = =3E =3E =3E =5Flegacy=5Fprovider=5Ferror(cls=2E=5Flegacy=5Fprovider=5Flo= aded) =3E =3E =3E = =3E =3E =3E File =22/usr/local/lib/python3=2E9/site-packages/cryptograph= y/hazmat/bindings/openssl/binding=2Epy=22=2C line 43=2C in =5Flegacy=5Fp= rovider=5Ferror =3E =3E =3E = =3E =3E =3E raise RuntimeError( =3E =3E =3E = =3E =3E =3E RuntimeError=3A OpenSSL 3=2E0=27s legacy provider failed to = load=2E This is a fatal error by default=2C but cryptography supports ru= nning without legacy algorithms by setting the environment variable CRYP= TOGRAPHY=5FOPENSSL=5FNO=5FLEGACY=2E If you did not expect this error=2C = you have likely made a mistake with your OpenSSL configuration=2E =3E =3E =3E = =3E =3E =3E root=40videotron=3A/usr/ports/security/openssl =23 =3E =3E =3E = =3E =3E =3E = =3E =3E =3E = =3E =3E = =3E =3E = =3E =3E What is your shell=3F =3E =3E setenv is a csh builtin=2E =3E =3E The default shell was changed to /bin/ss=2E Did you account for = this change=3F =3E =3E = =3E =3E = =3E =3E =7EPaul =3E =3E = =3E =3E -- = =3E =3E = =3E =3E =5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F =3E =3E = =3E =3E =3A()=7B =3A=7C=3A=26 =7D=3B=3A =3E =3E = =3E =3E = =3E = =3E = =3E = =3E Sorry=2C I quite literally just woke up=2E The default shell was cha= nged to /bin/sh=2E =3E = =3E =7EPaul =3E = =3E -- = =3E = =3E =5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F =3E = =3E =3A()=7B =3A=7C=3A=26 =7D=3B=3A =3E = =3E ----c3d1ba70124a966b8a68a3 Content-Type: text/html; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable =3Cspan style=3D=22font-size=3A 12px=3B font-family=3A helvetica=2C aria= l=2C sans-serif=3B=22=3Eproblem solved by Darius as follows =3A=3C/span=3E= =3Cdiv style=3D=22font-size=3A 12px=3B font-family=3A helvetica=2C arial= =2C sans-serif=3B=22=3E=3Cbr /=3E=3C/div=3E=3Cdiv style=3D=22font-size=3A= 12px=3B font-family=3A helvetica=2C arial=2C sans-serif=3B=22=3E=3Cspan= style=3D=22color=3A rgb(20=2C 20=2C 20)=3B font-family=3A =26quot=3Bseg= oe ui=26quot=3B=2C =26quot=3Bhelvetica neue=26quot=3B=2C helvetica=2C ro= boto=2C oxygen=2C ubuntu=2C cantarell=2C =26quot=3Bfira sans=26quot=3B=2C= =26quot=3Bdroid sans=26quot=3B=2C sans-serif=3B font-size=3A 16px=3B ba= ckground-color=3A rgb(255=2C 255=2C 255)=3B=22=3Evi /usr/local/bin/certb= ot=3C/span=3E=3Cbr style=3D=22color=3A rgb(20=2C 20=2C 20)=3B font-famil= y=3A =26quot=3Bsegoe ui=26quot=3B=2C =26quot=3Bhelvetica neue=26quot=3B=2C= helvetica=2C roboto=2C oxygen=2C ubuntu=2C cantarell=2C =26quot=3Bfira = sans=26quot=3B=2C =26quot=3Bdroid sans=26quot=3B=2C sans-serif=3B font-s= ize=3A 16px=3B background-color=3A rgb(255=2C 255=2C 255)=3B=22 /=3E=3Cb= r style=3D=22color=3A rgb(20=2C 20=2C 20)=3B font-family=3A =26quot=3Bse= goe ui=26quot=3B=2C =26quot=3Bhelvetica neue=26quot=3B=2C helvetica=2C r= oboto=2C oxygen=2C ubuntu=2C cantarell=2C =26quot=3Bfira sans=26quot=3B=2C= =26quot=3Bdroid sans=26quot=3B=2C sans-serif=3B font-size=3A 16px=3B ba= ckground-color=3A rgb(255=2C 255=2C 255)=3B=22 /=3E=3Cspan style=3D=22co= lor=3A rgb(20=2C 20=2C 20)=3B font-family=3A =26quot=3Bsegoe ui=26quot=3B= =2C =26quot=3Bhelvetica neue=26quot=3B=2C helvetica=2C roboto=2C oxygen=2C= ubuntu=2C cantarell=2C =26quot=3Bfira sans=26quot=3B=2C =26quot=3Bdroid= sans=26quot=3B=2C sans-serif=3B font-size=3A 16px=3B background-color=3A= rgb(255=2C 255=2C 255)=3B=22=3Eafter import sys=3A=3C/span=3E=3Cbr styl= e=3D=22color=3A rgb(20=2C 20=2C 20)=3B font-family=3A =26quot=3Bsegoe ui= =26quot=3B=2C =26quot=3Bhelvetica neue=26quot=3B=2C helvetica=2C roboto=2C= oxygen=2C ubuntu=2C cantarell=2C =26quot=3Bfira sans=26quot=3B=2C =26qu= ot=3Bdroid sans=26quot=3B=2C sans-serif=3B font-size=3A 16px=3B backgrou= nd-color=3A rgb(255=2C 255=2C 255)=3B=22 /=3E=3Cspan style=3D=22color=3A= rgb(20=2C 20=2C 20)=3B font-family=3A =26quot=3Bsegoe ui=26quot=3B=2C =26= quot=3Bhelvetica neue=26quot=3B=2C helvetica=2C roboto=2C oxygen=2C ubun= tu=2C cantarell=2C =26quot=3Bfira sans=26quot=3B=2C =26quot=3Bdroid sans= =26quot=3B=2C sans-serif=3B font-size=3A 16px=3B background-color=3A rgb= (255=2C 255=2C 255)=3B=22=3Eimport os=3C/span=3E=3Cbr style=3D=22color=3A= rgb(20=2C 20=2C 20)=3B font-family=3A =26quot=3Bsegoe ui=26quot=3B=2C =26= quot=3Bhelvetica neue=26quot=3B=2C helvetica=2C roboto=2C oxygen=2C ubun= tu=2C cantarell=2C =26quot=3Bfira sans=26quot=3B=2C =26quot=3Bdroid sans= =26quot=3B=2C sans-serif=3B font-size=3A 16px=3B background-color=3A rgb= (255=2C 255=2C 255)=3B=22 /=3E=3Cspan style=3D=22color=3A rgb(20=2C 20=2C= 20)=3B font-family=3A =26quot=3Bsegoe ui=26quot=3B=2C =26quot=3Bhelveti= ca neue=26quot=3B=2C helvetica=2C roboto=2C oxygen=2C ubuntu=2C cantarel= l=2C =26quot=3Bfira sans=26quot=3B=2C =26quot=3Bdroid sans=26quot=3B=2C = sans-serif=3B font-size=3A 16px=3B background-color=3A rgb(255=2C 255=2C= 255)=3B=22=3Eos=2Eenviron=5B=27CRYPTOGRAPHY=5FOPENSSL=5FNO=5FLEGACY=27=5D= =3D =271=27=3C/span=3E=3C/div=3E=3Cdiv style=3D=22font-size=3A 12px=3B = font-family=3A helvetica=2C arial=2C sans-serif=3B=22=3E=3Cfont color=3D= =22=23141414=22 face=3D=22Segoe UI=2C Helvetica Neue=2C Helvetica=2C Rob= oto=2C Oxygen=2C Ubuntu=2C Cantarell=2C Fira Sans=2C Droid Sans=2C sans-= serif=22=3E=3Cspan style=3D=22font-size=3A 16px=3B=22=3E=3Cbr /=3E=3C/sp= an=3E=3C/font=3E=3C/div=3E=3Cdiv style=3D=22font-size=3A 12px=3B font-fa= mily=3A helvetica=2C arial=2C sans-serif=3B=22=3E=3Cfont color=3D=22=231= 41414=22 face=3D=22Segoe UI=2C Helvetica Neue=2C Helvetica=2C Roboto=2C = Oxygen=2C Ubuntu=2C Cantarell=2C Fira Sans=2C Droid Sans=2C sans-serif=22= =3E=3Cspan style=3D=22font-size=3A 16px=3B=22=3Ethank you for all corres= pondance=3C/span=3E=3C/font=3E=3C/div=3E=3Cbr /=3E=3Cspan=3ELe 31/01/24 = 00=3A21=2C =3Cb class=3D=22name=22=3EPaul Procacci =3C/b=3E =26lt=3Bppro= cacci=40gmail=2Ecom=26gt=3B a =C3=A9crit =3A=3C/span=3E=3Cblockquote cit= e=3D=22mid=3ACAFbbPugryaz=3Du4Y41aG6gKaPPEf427uV6a2ZSaowtW8E-OoG8w=40mai= l=2Egmail=2Ecom=22 class=3D=22iwcQuote=22 style=3D=22border-left=3A 1px = solid =2300F=3B padding-left=3A 13px=3B margin-left=3A 0=3B=22 type=3D=22= cite=22=3E=3Cdiv class=3D=22mimetype-multipart-alternative=22=3E=3Cdiv d= ir=3D=22ltr=22=3E=3Cdiv=3E=3Cdiv dir=3D=22ltr=22=3E=3Cbr /=3E=3C/div=3E=3C= br /=3E=3Cdiv class=3D=22gmail=5Fquote=22=3E=3Cdiv class=3D=22gmail=5Fat= tr=22 dir=3D=22ltr=22=3EOn Wed=2C Jan 31=2C 2024 at 12=3A19=E2=80=AFAM P= aul Procacci =26lt=3B=3Ca href=3D=22mailto=3Approcacci=40gmail=2Ecom=22 = rel=3D=22noopener noreferrer=22 target=3D=221=22=3Epprocacci=40gmail=2Ec= om=3C/a=3E=26gt=3B wrote=3A=3Cbr /=3E=3C/div=3E=3Cblockquote class=3D=22= gmail=5Fquote=22 style=3D=22margin=3A0px 0px 0px 0=2E8ex=3Bborder-left=3A= 1px solid rgb( 204 =2C 204 =2C 204 )=3Bpadding-left=3A1ex=22=3E=3Cdiv di= r=3D=22ltr=22=3E=3Cdiv=3E=3Cdiv dir=3D=22ltr=22=3E=3Cbr /=3E=3C/div=3E=3C= br /=3E=3Cdiv class=3D=22gmail=5Fquote=22=3E=3Cdiv class=3D=22gmail=5Fat= tr=22 dir=3D=22ltr=22=3EOn Tue=2C Jan 30=2C 2024 at 10=3A33=E2=80=AFPM P= aul Kagan =26lt=3B=3Ca href=3D=22mailto=3Apkagan=40videotron=2Eca=22 rel= =3D=22noopener noreferrer=22 target=3D=221=22=3Epkagan=40videotron=2Eca=3C= /a=3E=26gt=3B wrote=3A=3Cbr /=3E=3C/div=3E=3Cblockquote class=3D=22gmail= =5Fquote=22 style=3D=22margin=3A0px 0px 0px 0=2E8ex=3Bborder-left=3A1px = solid rgb( 204 =2C 204 =2C 204 )=3Bpadding-left=3A1ex=22=3E=3Cdiv=3E=3Cd= iv lang=3D=22FR=22=3E=3Cdiv=3E=3Cp class=3D=22MsoNormal=22=3Eroot=40vide= otron=3A/usr/ports/security/openssl =23 =40CRYPTOGRAPHY=5FOPENSSL=5FNO=5F= LEGACY=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22= =3E=40CRYPTOGRAPHY=5FOPENSSL=5FNO=5FLEGACY=3A Command not found=2E=3Cu=3E= =3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3Eroot=40vid= eotron=3A/usr/ports/security/openssl =23 setenv CRYPTOGRAPHY=5FOPENSSL=5F= NO=5FLEGACY=3Dyes =3B certbot=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp = class=3D=22MsoNormal=22=3Esetenv=3A Variable name must contain alphanume= ric characters=2E=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22M= soNormal=22=3ETraceback (most recent call last)=3A=3Cu=3E=3C/u=3E=3Cu=3E= =3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26quot=3B/usr/local= /bin/certbot=26quot=3B=2C line 33=2C in =26lt=3Bmodule=26gt=3B=3Cu=3E=3C= /u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3Esys=2Eexit(lo= ad=5Fentry=5Fpoint(=27certbot=3D=3D2=2E8=2E0=27=2C =27console=5Fscripts=27= =2C =27certbot=27)())=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D= =22MsoNormal=22=3EFile =26quot=3B/usr/local/bin/certbot=26quot=3B=2C lin= e 25=2C in importlib=5Fload=5Fentry=5Fpoint=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E= =3C/p=3E=3Cp class=3D=22MsoNormal=22=3Ereturn next(matches)=2Eload()=3Cu= =3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26= quot=3B/usr/local/lib/python3=2E9/importlib/metadata=2Epy=26quot=3B=2C l= ine 86=2C in load=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22M= soNormal=22=3Emodule =3D import=5Fmodule(match=2Egroup(=27module=27))=3C= u=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26= quot=3B/usr/local/lib/python3=2E9/importlib/=5F=5Finit=5F=5F=2Epy=26quot= =3B=2C line 127=2C in import=5Fmodule=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p= =3E=3Cp class=3D=22MsoNormal=22=3Ereturn =5Fbootstrap=2E=5Fgcd=5Fimport(= name=5Blevel=3A=5D=2C package=2C level)=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C= /p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26quot=3B=26lt=3Bfrozen import= lib=2E=5Fbootstrap=26gt=3B=26quot=3B=2C line 1030=2C in =5Fgcd=5Fimport=3C= u=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26= quot=3B=26lt=3Bfrozen importlib=2E=5Fbootstrap=26gt=3B=26quot=3B=2C line= 1007=2C in =5Ffind=5Fand=5Fload=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3C= p class=3D=22MsoNormal=22=3EFile =26quot=3B=26lt=3Bfrozen importlib=2E=5F= bootstrap=26gt=3B=26quot=3B=2C line 986=2C in =5Ffind=5Fand=5Fload=5Funl= ocked=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3E= File =26quot=3B=26lt=3Bfrozen importlib=2E=5Fbootstrap=26gt=3B=26quot=3B= =2C line 680=2C in =5Fload=5Funlocked=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p= =3E=3Cp class=3D=22MsoNormal=22=3EFile =26quot=3B=26lt=3Bfrozen importli= b=2E=5Fbootstrap=5Fexternal=26gt=3B=26quot=3B=2C line 850=2C in exec=5Fm= odule=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3E= File =26quot=3B=26lt=3Bfrozen importlib=2E=5Fbootstrap=26gt=3B=26quot=3B= =2C line 228=2C in =5Fcall=5Fwith=5Fframes=5Fremoved=3Cu=3E=3C/u=3E=3Cu=3E= =3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26quot=3B/usr/local= /lib/python3=2E9/site-packages/certbot/main=2Epy=26quot=3B=2C line 6=2C = in =26lt=3Bmodule=26gt=3B=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp clas= s=3D=22MsoNormal=22=3Efrom certbot=2E=5Finternal import main as internal= =5Fmain=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22= =3EFile =26quot=3B/usr/local/lib/python3=2E9/site-packages/certbot/=5Fin= ternal/main=2Epy=26quot=3B=2C line 21=2C in =26lt=3Bmodule=26gt=3B=3Cu=3E= =3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3Eimport jos= epy as jose=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNorm= al=22=3EFile =26quot=3B/usr/local/lib/python3=2E9/site-packages/josepy/=5F= =5Finit=5F=5F=2Epy=26quot=3B=2C line 40=2C in =26lt=3Bmodule=26gt=3B=3Cu= =3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3Efrom jo= sepy=2Ejson=5Futil import (=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp cl= ass=3D=22MsoNormal=22=3EFile =26quot=3B/usr/local/lib/python3=2E9/site-p= ackages/josepy/json=5Futil=2Epy=26quot=3B=2C line 24=2C in =26lt=3Bmodul= e=26gt=3B=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal= =22=3Efrom OpenSSL import crypto=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3C= p class=3D=22MsoNormal=22=3EFile =26quot=3B/usr/local/lib/python3=2E9/si= te-packages/OpenSSL/=5F=5Finit=5F=5F=2Epy=26quot=3B=2C line 8=2C in =26l= t=3Bmodule=26gt=3B=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22= MsoNormal=22=3Efrom OpenSSL import SSL=2C crypto=3Cu=3E=3C/u=3E=3Cu=3E=3C= /u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26quot=3B/usr/local/li= b/python39/site-packages/OpenSSL/SSL=2Epy=26quot=3B=2C line 9=2C in =26l= t=3Bmodule=26gt=3B=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22= MsoNormal=22=3Efrom OpenSSL=2E=5Futil import (=3Cu=3E=3C/u=3E=3Cu=3E=3C/= u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26quot=3B/usr/local/lib= /python3=2E9/site-packages/OpenSSL/=5Futil=2Epy=26quot=3B=2C line 6=2C i= n =26lt=3Bmodule=26gt=3B=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class= =3D=22MsoNormal=22=3Efrom cryptography=2Ehazmat=2Ebindings=2Eopenssl=2Eb= inding import Binding=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D= =22MsoNormal=22=3EFile =26quot=3B/usr/local/lib/python3=2E9/site-package= s/cryptography/hazmat/bindings/openssl/binding=2Epy=26quot=3B=2C line 16= 7=2C in =26lt=3Bmodule=26gt=3B=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp= class=3D=22MsoNormal=22=3EBindinginit=5Fstatic=5Flocks()=3Cu=3E=3C/u=3E= =3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26quot=3B/us= r/local/lib/python3=2E9/site-packages/cryptography/hazmat/bindings/opens= sl/binding=2Epy=26quot=3B=2C line 134=2C in init=5Fstatic=5Flocks=3Cu=3E= =3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3Ecls=2E=5Fe= nsure=5Fffi=5Finitialized()=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp cl= ass=3D=22MsoNormal=22=3EFile =26quot=3B/usr/local/lib/python3=2E9/site-p= ackages/cryptography/hazmat/bindings/openssl/binding=2Epy=26quot=3B=2C l= ine 123=2C in =5Fensure=5Fffi=5Finitialized=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E= =3C/p=3E=3Cp class=3D=22MsoNormal=22=3E=5Flegacy=5Fprovider=5Ferror(cls=2E= =5Flegacy=5Fprovider=5Floaded)=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp= class=3D=22MsoNormal=22=3EFile =26quot=3B/usr/local/lib/python3=2E9/sit= e-packages/cryptography/hazmat/bindings/openssl/bindingpy=26quot=3B=2C l= ine 43=2C in =5Flegacy=5Fprovider=5Ferror=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C= /p=3E=3Cp class=3D=22MsoNormal=22=3Eraise RuntimeError(=3Cu=3E=3C/u=3E=3C= u=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3ERuntimeError=3A OpenS= SL 3=2E0=27s legacy provider failed to load=2E This is a fatal error by = default=2C but cryptography supports running without legacy algorithms b= y setting the environment variable CRYPTOGRAPHY=5FOPENSSL=5FNO=5FLEGACY=2E= If you did not expect this error=2C you have likely made a mistake with= your OpenSSL configuration=2E=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp= class=3D=22MsoNormal=22=3Eroot=40videotron=3A/usr/ports/security/openss= l =23 setenv CRYPTOGRAPHY=5FOPENSSL=5FNO=5FLEGACY=3Dyes =3B certbot=3Cu=3E= =3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3Esetenv=3A = Variable name must contain alphanumeric characters=2E=3Cu=3E=3C/u=3E=3Cu= =3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3ETraceback (most recent= call last)=3A=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoN= ormal=22=3EFile =26quot=3B/usr/local/bin/certbot=26quot=3B=2C line 33=2C= in =26lt=3Bmodule=26gt=3B=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp cla= ss=3D=22MsoNormal=22=3Esys=2Eexit(load=5Fentry=5Fpoint(=27certbot=3D=3D2= =2E8=2E0=27=2C =27console=5Fscripts=27=2C =27certbot=27)())=3Cu=3E=3C/u=3E= =3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26quot=3B/us= r/local/bin/certbot=26quot=3B=2C line 25=2C in importlib=5Fload=5Fentry=5F= point=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3E= return next(matches)=2Eload()=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp = class=3D=22MsoNormal=22=3EFile =26quot=3B/usr/local/lib/python3=2E9/impo= rtlib/metadata=2Epy=26quot=3B=2C line 86=2C in load=3Cu=3E=3C/u=3E=3Cu=3E= =3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3Emodule =3D import=5Fmodul= e(match=2Egroup(=27module=27))=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp= class=3D=22MsoNormal=22=3EFile =26quot=3B/usr/local/lib/python3=2E9/imp= ortlib/=5F=5Finit=5F=5F=2Epy=26quot=3B=2C line 127=2C in import=5Fmodule= =3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3Eret= urn =5Fbootstrap=2E=5Fgcd=5Fimport(name=5Blevel=3A=5D=2C package=2C leve= l)=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EF= ile =26quot=3B=26lt=3Bfrozen importlib=2E=5Fbootstrap=26gt=3B=26quot=3B=2C= line 1030=2C in =5Fgcd=5Fimport=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3C= p class=3D=22MsoNormal=22=3EFile =26quot=3B=26lt=3Bfrozen importlib=2E=5F= bootstrap=26gt=3B=26quot=3B=2C line 1007=2C in =5Ffind=5Fand=5Fload=3Cu=3E= =3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26qu= ot=3B=26lt=3Bfrozen importlib=2E=5Fbootstrap=26gt=3B=26quot=3B=2C line 9= 86=2C in =5Ffind=5Fand=5Fload=5Funlocked=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C= /p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26quot=3B=26lt=3Bfrozen import= lib=2E=5Fbootstrap=26gt=3B=26quot=3B=2C line 680=2C in =5Fload=5Funlocke= d=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EFi= le =26quot=3B=26lt=3Bfrozen importlib=2E=5Fbootstrap=5Fexternal=26gt=3B=26= quot=3B=2C line 850=2C in exec=5Fmodule=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C= /p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26quot=3B=26lt=3Bfrozen import= lib=2E=5Fbootstrap=26gt=3B=26quot=3B=2C line 228=2C in =5Fcall=5Fwith=5F= frames=5Fremoved=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22Ms= oNormal=22=3EFile =26quot=3B/usr/local/lib/python3=2E9/site-packages/cer= tbot/main=2Epy=26quot=3B=2C line 6=2C in =26lt=3Bmodule=26gt=3B=3Cu=3E=3C= /u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3Efrom certbot=5F= internal import main as internal=5Fmain=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C= /p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26quot=3B/usr/local/lib/python= 3=2E9/site-packages/certbot/=5Finternal/main=2Epy=26quot=3B=2C line 21=2C= in =26lt=3Bmodule=26gt=3B=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp cla= ss=3D=22MsoNormal=22=3Eimport josepy as jose=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E= =3C/p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26quot=3B/usr/local/lib/pyt= hon3=2E9/site-packages/josepy/=5F=5Finit=5F=5F=2Epy=26quot=3B=2C line 40= =2C in =26lt=3Bmodule=26gt=3B=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp = class=3D=22MsoNormal=22=3Efrom josepy=2Ejson=5Futil import (=3Cu=3E=3C/u= =3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26quot=3B= /usr/local/lib/python3=2E9/site-packages/josepy/json=5Futil=2Epy=26quot=3B= =2C line 24=2C in =26lt=3Bmodule=26gt=3B=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C= /p=3E=3Cp class=3D=22MsoNormal=22=3Efrom OpenSSL import crypto=3Cu=3E=3C= /u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26quot=3B= /usr/local/lib/python39/site-packages/OpenSSL/=5F=5Finit=5F=5F=2Epy=26qu= ot=3B=2C line 8=2C in =26lt=3Bmodule=26gt=3B=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E= =3C/p=3E=3Cp class=3D=22MsoNormal=22=3Efrom OpenSSL import SSL=2C crypto= =3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EFil= e =26quot=3B/usr/local/lib/python3=2E9/site-packages/OpenSSL/SSL=2Epy=26= quot=3B=2C line 9=2C in =26lt=3Bmodule=26gt=3B=3Cu=3E=3C/u=3E=3Cu=3E=3C/= u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3Efrom OpenSSL=2E=5Futil import= (=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EF= ile =26quot=3B/usr/local/lib/python3=2E9/site-packages/OpenSSL/=5Futil=2E= py=26quot=3B=2C line 6=2C in =26lt=3Bmodule=26gt=3B=3Cu=3E=3C/u=3E=3Cu=3E= =3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3Efrom cryptography=2Ehazma= t=2Ebindings=2Eopenssl=2Ebinding import Binding=3Cu=3E=3C/u=3E=3Cu=3E=3C= /u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26quot=3B/usr/local/li= b/python3=2E9/site-packages/cryptography/hazmat/bindings/openssl/binding= =2Epy=26quot=3B=2C line 167=2C in =26lt=3Bmodule=26gt=3B=3Cu=3E=3C/u=3E=3C= u=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EBinding=2Einit=5Fstat= ic=5Flocks()=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNor= mal=22=3EFile =26quot=3B/usr/local/lib/python3=2E9/site-packages/cryptog= raphy/hazmat/bindings/openssl/binding=2Epy=26quot=3B=2C line 134=2C in i= nit=5Fstatic=5Flocks=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22= MsoNormal=22=3Ecls=2E=5Fensure=5Fffi=5Finitialized()=3Cu=3E=3C/u=3E=3Cu=3E= =3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26quot=3B/usr/local= /lib/python3=2E9/site-packages/cryptography/hazmat/bindings/openssl/bind= ing=2Epy=26quot=3B=2C line 123=2C in =5Fensure=5Fffi=5Finitialized=3Cu=3E= =3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3E=5Flegacy=5F= provider=5Ferror(cls=2E=5Flegacy=5Fprovider=5Floaded)=3Cu=3E=3C/u=3E=3Cu= =3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3EFile =26quot=3B/usr/lo= cal/lib/python3=2E9/site-packages/cryptography/hazmat/bindings/openssl/b= inding=2Epy=26quot=3B=2C line 43=2C in =5Flegacy=5Fprovider=5Ferror=3Cu=3E= =3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3Eraise Runt= imeError(=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal= =22=3ERuntimeError=3A OpenSSL 3=2E0=27s legacy provider failed to load=2E= This is a fatal error by default=2C but cryptography supports running w= ithout legacy algorithms by setting the environment variable CRYPTOGRAPH= Y=5FOPENSSL=5FNO=5FLEGACY=2E If you did not expect this error=2C you hav= e likely made a mistake with your OpenSSL configuration=2E=3Cu=3E=3C/u=3E= =3Cu=3E=3C/u=3E=3C/p=3E=3Cp class=3D=22MsoNormal=22=3Eroot=40videotron=3A= /usr/ports/security/openssl =23=3Cu=3E=3C/u=3E=3Cu=3E=3C/u=3E=3C/p=3E=3C= /div=3E=3C/div=3E=3C/div=3E=3C/blockquote=3E=3C/div=3E=3Cbr /=3E=3C/div=3E= What is your shell=3F=3Cbr /=3E=3Cdiv=3Esetenv is a csh builtin=2E=3C/di= v=3E=3Cdiv=3EThe default shell was changed to /bin/ss=2E=C2=A0 Did you a= ccount for this change=3F=3Cbr /=3E=3Cbr /=3E=3C/div=3E=3Cdiv=3E=7EPaul=3C= br /=3E=3C/div=3E=3Cbr /=3E=3Cdiv=3E=3Cspan class=3D=22gmail=5Fsignature= =5Fprefix=22=3E-- =3C/span=3E=3Cbr /=3E=3Cdiv class=3D=22gmail=5Fsignatu= re=22 dir=3D=22ltr=22=3E=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F= =5F=5F=3Cbr /=3E=3Cbr /=3E=3A()=7B =3A=7C=3A=26amp=3B =7D=3B=3A=3C/div=3E= =3C/div=3E=3C/div=3E=3C/blockquote=3E=3C/div=3E=3Cbr /=3E=3C/div=3E=3Cdi= v=3ESorry=2C I quite literally just woke up=2E=C2=A0 The default shell w= as changed to /bin/sh=2E=3C/div=3E=3Cdiv=3E=3Cbr /=3E=3C/div=3E=3Cdiv=3E= =7EPaul=3Cbr /=3E=3C/div=3E=3Cdiv=3E=3Cspan class=3D=22gmail=5Fsignature= =5Fprefix=22=3E-- =3C/span=3E=3Cbr /=3E=3Cdiv class=3D=22gmail=5Fsignatu= re=22 dir=3D=22ltr=22=3E=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F=5F= =5F=5F=3Cbr /=3E=3Cbr /=3E=3A()=7B =3A=7C=3A=26amp=3B =7D=3B=3A=3C/div=3E= =3C/div=3E=3C/div=3E=3C/div=3E=3C/blockquote=3E ----c3d1ba70124a966b8a68a3-- From nobody Wed Jan 31 07:46:03 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TPvH841Kvz58gXP for ; Wed, 31 Jan 2024 07:46:12 +0000 (UTC) (envelope-from vogelke@pobox.com) Received: from pb-smtp21.pobox.com (pb-smtp21.pobox.com [173.228.157.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TPvH76DFHz4v9H for ; Wed, 31 Jan 2024 07:46:11 +0000 (UTC) (envelope-from vogelke@pobox.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=pobox.com header.s=sasl header.b=c78eIbt1; dmarc=pass (policy=none) header.from=pobox.com; spf=pass (mx1.freebsd.org: domain of vogelke@pobox.com designates 173.228.157.53 as permitted sender) smtp.mailfrom=vogelke@pobox.com Received: from pb-smtp21.pobox.com (unknown [127.0.0.1]) by pb-smtp21.pobox.com (Postfix) with ESMTP id 2986A2E634; Wed, 31 Jan 2024 02:46:09 -0500 (EST) (envelope-from vogelke@pobox.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed; d=pobox.com; h=date:from :to:subject:message-id:reply-to:references:mime-version :content-type:in-reply-to; s=sasl; bh=sPbD5HHORRjuvfglCytjaYgMpc SVy6BzYo2ot7+Ozfw=; b=c78eIbt1ARMojWGmwiXmD4fR+UIWdVIE7ZSjRcmowv PlBPl2FVe6SlJIQ2wa5I6iBOuqmYjCvUC1ZJqKFql3KbDZBvf081Qq+G+xZyD79/ bLfAYUDNLwbFFmSL0nchiA73C2jkl1wEZ1/xJWZRO/Ypx7NX/DTV6OM4cgmGrXEb U= Received: from pb-smtp21.sea.icgroup.com (unknown [127.0.0.1]) by pb-smtp21.pobox.com (Postfix) with ESMTP id 238132E633; Wed, 31 Jan 2024 02:46:09 -0500 (EST) (envelope-from vogelke@pobox.com) Received: from localhost (unknown [98.29.137.148]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by pb-smtp21.pobox.com (Postfix) with ESMTPSA id 977372E632; Wed, 31 Jan 2024 02:46:05 -0500 (EST) (envelope-from vogelke@pobox.com) Date: Wed, 31 Jan 2024 02:46:03 -0500 From: Karl Vogel To: freebsd-questions@freebsd.org Subject: Re: Unable to git clone ports collection Message-ID: Reply-To: vogelke@pobox.com References: <20240131061508.5nttnygaqrwvm6xi@yosemite.mars.lan> List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20240131061508.5nttnygaqrwvm6xi@yosemite.mars.lan> X-PGP-Fingerprint: B9B0 D8CF 0413 515D BED4 B507 C123 B01E C8AE 08E9 X-PGP-URL: X-Pobox-Relay-ID: CA02C1F0-C00C-11EE-872F-A19503B9AAD1-01134313!pb-smtp21.pobox.com X-Spamd-Bar: ----- X-Spamd-Result: default: False [-5.10 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; DWL_DNSWL_LOW(-1.00)[pobox.com:dkim]; NEURAL_HAM_SHORT(-1.00)[-0.999]; DMARC_POLICY_ALLOW(-0.50)[pobox.com,none]; R_SPF_ALLOW(-0.20)[+ip4:173.228.157.0/24]; R_DKIM_ALLOW(-0.20)[pobox.com:s=sasl]; RCVD_IN_DNSWL_LOW(-0.10)[173.228.157.53:from]; MIME_GOOD(-0.10)[text/plain]; ASN(0.00)[asn:29838, ipnet:173.228.157.0/24, country:US]; MISSING_XM_UA(0.00)[]; MIME_TRACE(0.00)[0:+]; FROM_HAS_DN(0.00)[]; ARC_NA(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; RCVD_VIA_SMTP_AUTH(0.00)[]; TO_DN_NONE(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; RCVD_TLS_LAST(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; REPLYTO_ADDR_EQ_FROM(0.00)[]; RCVD_COUNT_THREE(0.00)[3]; HAS_REPLYTO(0.00)[vogelke@pobox.com]; MLMMJ_DEST(0.00)[freebsd-questions@freebsd.org]; DKIM_TRACE(0.00)[pobox.com:+] X-Rspamd-Queue-Id: 4TPvH76DFHz4v9H On Wed, Jan 31, 2024 at 01:15:26AM -0500, Paul M Foster wrote: > I'm following the docs at docs.freebsd.org. There's a line which dictates: > git clone https://git.freebsd.org/ports.git /usr/ports > This results in a redirection error. Try doing it in two steps: download to a scratch directory, then copy to /usr/ports. Fair warning -- it might take a bit of time: me% mkdir /tmp/ports me% cd /tmp/ports me% git clone https://git.freebsd.org/ports.git Cloning into 'ports'... remote: Enumerating objects: 6084351, done. remote: Counting objects: 100% (962/962), done. remote: Compressing objects: 100% (144/144), done. Receiving objects: 0% (40191/6084351), 12.20 MiB | 627.00 KiB/s ... -- Karl Vogel I don't speak for anyone but myself There is considerable overlap between the intelligence of the smartest bears and the dumbest tourists. --overheard during development of bear-proof trashcans at Yellowstone From nobody Wed Jan 31 07:48:36 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TPvN12zgrz58gw8 for ; Wed, 31 Jan 2024 07:50:25 +0000 (UTC) (envelope-from dch@skunkwerks.at) Received: from wout4-smtp.messagingengine.com (wout4-smtp.messagingengine.com [64.147.123.20]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TPvN10nndz3wfH for ; Wed, 31 Jan 2024 07:50:25 +0000 (UTC) (envelope-from dch@skunkwerks.at) Authentication-Results: mx1.freebsd.org; none Received: from compute2.internal (compute2.nyi.internal [10.202.2.46]) by mailout.west.internal (Postfix) with ESMTP id 823643200906; Wed, 31 Jan 2024 02:50:23 -0500 (EST) Received: from imap44 ([10.202.2.94]) by compute2.internal (MEProxy); Wed, 31 Jan 2024 02:50:23 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=skunkwerks.at; h=cc:cc:content-transfer-encoding:content-type:content-type :date:date:from:from:in-reply-to:in-reply-to:message-id :mime-version:references:reply-to:subject:subject:to:to; s=fm1; t=1706687422; x=1706773822; bh=RZN107h3aiE6qHQHYqNL3vZLlc8luZhg Yh0b063EO6M=; b=TK+36DG+5k+eCVSRj+pUnPxqa7nkXuV626WmBVdYwsd4xTzG TlF8gsdOM6KPCGiVSPRUGUsKB+w6uWqXhn3RQJP7j/gQVERBp7dqGCOIAHLAiAIk 3mKGX+UQx/IrzArlxsI5K1yStF4yKVoQUp0vDviNWnS2FSQGLkbRrmI4gIp0NJkg iGyM7iS/PTns4NqBfAOr3G84JRoEVla6AfAKR/IHvuBVlZhecaIfQHK5sdhZDXAi bBdYyDaLQWIFmRLTsA9tE8e7+oJ221OYgzgVsrHvtHrs1YK+TuV8wrko+BJ9vFa0 OD7pEiBcXFJZpvRpo/NWodnLvkcx/HeU3fCKPQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:content-type:date:date:feedback-id:feedback-id :from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:subject:subject:to:to:x-me-proxy:x-me-proxy :x-me-sender:x-me-sender:x-sasl-enc; s=fm3; t=1706687422; x= 1706773822; bh=RZN107h3aiE6qHQHYqNL3vZLlc8luZhgYh0b063EO6M=; b=H ZEzPFmh6eh+w/tvtajlf3QZCHss/KZ5RAJm+UX9HLNbGovKiOvgN1hJOcW2RRsuq 803po+1isxjFqMhuo9L5oscJ0tx7Nq977uf742ZGa41PF6YTb8f1ou5sw9CH/98T 9wVhGbQqrP3JTLEqKQ50UnUFP0Sg7aX4Kkrwm3gQyYJzmed/fCT5VegoVBmBzDJx MdZkjkeleErsea4lgqOaxMgAbzqTdQUuRh9ZaCme0/3/R/QnUI+E/CRognsjSFlt hTXowAK+F1pKw1bQ81IqSYnRXb9PoTXppX3k/+h2JMVF2mn/Le7NkXGQWSkGF8+E fqJ8fVIgHdKU71PRSndsg== X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvkedrfedtkedgudduudcutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd enucfjughrpefofgggkfgjfhffhffvvefutgfgsehtqhertderreejnecuhfhrohhmpedf ffgrvhgvucevohhtthhlvghhuhgsvghrfdcuoegutghhsehskhhunhhkfigvrhhkshdrrg htqeenucggtffrrghtthgvrhhnpeekffevgffgieehhedvudfgvdffudeilefgfeektdfh jedttddtteehteffuddtudenucffohhmrghinhepfhhrvggvsghsugdrohhrghenucevlh hushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfhhrohhmpegutghhsehskhhu nhhkfigvrhhkshdrrght X-ME-Proxy: Feedback-ID: ic0e84090:Fastmail Received: by mailuser.nyi.internal (Postfix, from userid 501) id A5BDD36A0076; Wed, 31 Jan 2024 02:50:22 -0500 (EST) X-Mailer: MessagingEngine.com Webmail Interface User-Agent: Cyrus-JMAP/3.11.0-alpha0-144-ge5821d614e-fm-20240125.002-ge5821d61 List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Message-Id: In-Reply-To: <20240131061508.5nttnygaqrwvm6xi@yosemite.mars.lan> References: <20240131061508.5nttnygaqrwvm6xi@yosemite.mars.lan> Date: Wed, 31 Jan 2024 07:48:36 +0000 From: "Dave Cottlehuber" To: "Paul M Foster" Cc: freebsd-questions Subject: Re: Unable to git clone ports collection Content-Type: text/plain;charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Rspamd-Queue-Id: 4TPvN10nndz3wfH X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:29838, ipnet:64.147.123.0/24, country:US] On Wed, 31 Jan 2024, at 06:15, Paul M Foster wrote: > Folks: > > I'm following the docs at docs.freebsd.org. There's a line which dicta= tes: > > git clone https://git.freebsd.org/ports.git /usr/ports > > This results in a redirection error. The error: > > Cloning into '/usr/ports' > fatal: unable to update url base from redirection: > asked for: > https://git.freebsd.org/ports.git/info/refs?service=3Dgit-upload-pack > redirect: https://cgit.freebsd.org/ports > > Nothing is downloaded at /usr/ports and in fact the directory doesn't > exist. On a fresh server, this seems to work just fine (here in EU at least) and that's the same URL I use for fetching daily from ports tree. > git clone -v https://git.freebsd.org/ports.git /tmp/ports Cloning into '/tmp/ports'... POST git-upload-pack (175 bytes) POST git-upload-pack (gzip 7002 to 3523 bytes) remote: Enumerating objects: 6084351, done. remote: Counting objects: 100% (936/936), done. remote: Compressing objects: 100% (120/120), done. ^C=E2=8F=8E =20 So I'm guessing either temporary glitch, or your local mirror isn't happy? re-try with: env GIT_CURL_VERBOSE=3D1 GIT_TRACE=3D1 git clone -v \ https://git.freebsd.org/ports.git /usr/ports and report back anything interesting. NB I think the internal git url is https://cgit.freebsd.org/ports.git (a= t least I need that to commit & push my changes back via ssh), but the one you use= d seems entirely legit to me. A+ Dave From nobody Wed Jan 31 08:05:04 2024 X-Original-To: questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TPvj83VCpz58j8s for ; Wed, 31 Jan 2024 08:05:16 +0000 (UTC) (envelope-from herbert@gojira.at) Received: from mail.bsd4all.net (mail.bsd4all.net [IPv6:2a01:4f8:13b:240c::25]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "mail.bsd4all.net", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TPvj65T2Hz40jT for ; Wed, 31 Jan 2024 08:05:14 +0000 (UTC) (envelope-from herbert@gojira.at) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gojira.at header.s=mail202005 header.b=LrxBiEwU; dmarc=none; spf=pass (mx1.freebsd.org: domain of herbert@gojira.at designates 2a01:4f8:13b:240c::25 as permitted sender) smtp.mailfrom=herbert@gojira.at Date: Wed, 31 Jan 2024 09:05:04 +0100 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=gojira.at; s=mail202005; t=1706688304; bh=OQiCO3PUNquseFXZwUrBRF8Om412W5BuiCrsIp0uoV4=; h=Date:From:To:Subject:Message-ID:MIME-Version:Content-Type; b=LrxBiEwU3fYPS5Im3lodX/MwceCPzUFGLpsicZuLTC8Iwq6L3fwXTyaqWG8CVcREx zb/FCocPjsqgli7gKSlPafx8QaZjTWCuYyOvxE8k7P3f7Y48eI5MkJwAiU/vUdwwAr 4//Pp7RFhsgNcdZ2P5mxTr+tuwZKNvISlxoE/6ormKMaNrS/j1h/eB3d5iOp8n0E/W 7AHPmZxmDIK9NUpBLJJ2+gewVAsoq3/NkYHbWIfY4eLQ3FZszGYBwkUoMW88z4H+gD yonbMM02iLU6NOjk3yMBzM5tMVIaVyOc4sXV83xpQXkZOihTdV9v1YTJlwd7H9SaTJ jJYTDZh02SCRw== From: "Herbert J. Skuhra" To: questions@freebsd.org Subject: Re: make does not work after upgrade to 14 Message-ID: References: <00cc01da53f7$06f24860$14d6d920$@videotron.ca> List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <00cc01da53f7$06f24860$14d6d920$@videotron.ca> X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.50 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-0.998]; R_SPF_ALLOW(-0.20)[+ip6:2a01:4f8:13b:240c::25]; R_DKIM_ALLOW(-0.20)[gojira.at:s=mail202005]; MIME_GOOD(-0.10)[text/plain]; MIME_TRACE(0.00)[0:+]; RCPT_COUNT_ONE(0.00)[1]; ASN(0.00)[asn:24940, ipnet:2a01:4f8::/32, country:DE]; MISSING_XM_UA(0.00)[]; FROM_HAS_DN(0.00)[]; RCVD_COUNT_ZERO(0.00)[0]; DMARC_NA(0.00)[gojira.at]; FROM_EQ_ENVFROM(0.00)[]; ARC_NA(0.00)[]; TO_DN_NONE(0.00)[]; MLMMJ_DEST(0.00)[questions@freebsd.org]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DKIM_TRACE(0.00)[gojira.at:+] X-Rspamd-Queue-Id: 4TPvj65T2Hz40jT On Tue, Jan 30, 2024 at 10:38:59PM -0500, Paul Kagan wrote: > Have been getting a lot of problems with freebsd 14 upgrade . > > > > Please help me to solve this one: > > > > root@videotron:/usr/ports/security/openssl # make > make: "/usr/ports/Mk/bsd.port.mk" line 1204: UNAME_r (14.0-RELEASE-p3) and > OSVERSION (1302001) do not agree on major version number. > > make: stopped in /usr/ports/security/openssl > You have new mail. > root@videotron:/usr/ports/security/openssl # > > to assist in solving the issue: > root@videotron:/usr/ports/security/openssl # freebsd-version -kru > 14.0-RELEASE-p3 > 14.0-RELEASE-p3 > 14.0-RELEASE-p4 Can you check if /usr/include/sys/param.h was updated? $ grep __FreeBSD_version /usr/include/sys/param.h Do you override OSVERSION in e.g.: /etc/make.conf? -- Herbert From nobody Wed Jan 31 08:19:35 2024 X-Original-To: questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TPw1q0Sctz58kqw for ; Wed, 31 Jan 2024 08:19:43 +0000 (UTC) (envelope-from julf@Julf.com) Received: from outbound3.mail.transip.nl (outbound3.mail.transip.nl [IPv6:2a01:7c8:7c9:ca11:136:144:136:12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TPw1n3Qp6z42W8 for ; Wed, 31 Jan 2024 08:19:41 +0000 (UTC) (envelope-from julf@Julf.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=julf.com header.s=transip-a header.b=IP7Q5ki4; dmarc=pass (policy=quarantine) header.from=julf.com; spf=pass (mx1.freebsd.org: domain of julf@Julf.com designates 2a01:7c8:7c9:ca11:136:144:136:12 as permitted sender) smtp.mailfrom=julf@Julf.com Received: from submission15.mail.transip.nl (unknown [10.103.8.166]) by outbound3.mail.transip.nl (Postfix) with ESMTP id 4TPw1h1s2fznJKn for ; Wed, 31 Jan 2024 09:19:36 +0100 (CET) Received: from [172.24.42.151] (julf.connected.by.freedominter.net [45.138.231.4]) by submission15.mail.transip.nl (Postfix) with ESMTPA id 4TPw1g4XsWz3xYG for ; Wed, 31 Jan 2024 09:19:35 +0100 (CET) Message-ID: <209c9ead-3e2e-42f5-bc25-39d161bbeeca@Julf.com> Date: Wed, 31 Jan 2024 09:19:35 +0100 List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: certbot does not work Content-Language: en-GB, sv-FI, nl-NL To: questions@freebsd.org References: <00c501da53f6$222d8640$668892c0$@videotron.ca> From: Johan Helsingius In-Reply-To: Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Scanned-By: ClueGetter at submission15.mail.transip.nl DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; s=transip-a; d=julf.com; t=1706689175; h=from:subject:to:references: in-reply-to:date:mime-version:content-type; bh=6skQ/vk/iXzEcQvMZl/ZdtYrx1Ley/w27i+0I2h8AWQ=; b=IP7Q5ki4DPkqcZFfawRSsrQfEj0xZhkWuXty/w9HMc90P+T2nmfMafqtw39IfBYz1eOBlk 0xMxtC9uYdl0dI49rbNaXff0o5wEfh0NPoPpdAQNmMcHo5khLTy0NEDIoKflPNMLVv22PH A/yJafIDBGK2CDHMGrnPqWlQ00HQiX94ASm8dtNx8sMpt0SDoIgnLoiFv6pCAIaQ3hocan MrwaFlwf9qQ/oAT9tYxywkkxmbhbcqMqB2jQfY45ObqYbBuzYSs5f0lJr4waGA7TvZpaDd yM/ecNk93cNJVAXKFK/PkjYv2Yi4l7d6IU6bUb1ksxfv+fzoswQEbqI1bbEkpw== X-Report-Abuse-To: abuse@transip.nl X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.09 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-0.997]; DMARC_POLICY_ALLOW(-0.50)[julf.com,quarantine]; R_DKIM_ALLOW(-0.20)[julf.com:s=transip-a]; R_SPF_ALLOW(-0.20)[+ip6:2a01:7c8:7c9:ca11::/64]; RCVD_IN_DNSWL_LOW(-0.10)[2a01:7c8:7c9:ca11:136:144:136:12:from]; MIME_GOOD(-0.10)[text/plain]; XM_UA_NO_VERSION(0.01)[]; RCPT_COUNT_ONE(0.00)[1]; ASN(0.00)[asn:20857, ipnet:2a01:7c8::/32, country:NL]; RCVD_VIA_SMTP_AUTH(0.00)[]; MIME_TRACE(0.00)[0:+]; MID_RHS_MATCH_FROM(0.00)[]; MLMMJ_DEST(0.00)[questions@freebsd.org]; ARC_NA(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; FROM_HAS_DN(0.00)[]; RCVD_TLS_LAST(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; TO_MATCH_ENVRCPT_ALL(0.00)[]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[questions@freebsd.org]; DKIM_TRACE(0.00)[julf.com:+] X-Rspamd-Queue-Id: 4TPw1n3Qp6z42W8 On 31/01/2024 06:21, Paul Procacci wrote: >> The default shell was changed to /bin/ss.  Did you account for this >> change? > > Sorry, I quite literally just woke up.  The default shell was changed to > /bin/sh. For a second I was thinking you made a pretty accurate political statement of the current world situation... Julf From nobody Wed Jan 31 11:35:02 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TQ0Mx2YRnz58Kwj; Wed, 31 Jan 2024 11:35:41 +0000 (UTC) (envelope-from marietto2008@gmail.com) Received: from mail-ej1-x629.google.com (mail-ej1-x629.google.com [IPv6:2a00:1450:4864:20::629]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TQ0Mx24pJz4RCG; Wed, 31 Jan 2024 11:35:41 +0000 (UTC) (envelope-from marietto2008@gmail.com) Authentication-Results: mx1.freebsd.org; none Received: by mail-ej1-x629.google.com with SMTP id a640c23a62f3a-a35e65df2d8so376076266b.0; Wed, 31 Jan 2024 03:35:41 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1706700940; x=1707305740; darn=freebsd.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=IErXxhnr7Sr3iuRkIP+bNCT9P+lyiJi7K5wIctH9pCQ=; b=LpfarKJwa0DzMHG7DEGDrSXAQm+ltSyG26jVHXwcwhSyhjKCTGDQP116f4ceJTiuaA vwoo1frgmRVcwSRBMpa2zc/vaeobSkSOB4dkhK3ahLDI/agU4il3aT4wBi4KdNGQ/aQu k54/yNEpvp6gqQvzZ9KHK28jCp8Y0lfE7IxhDwojeLLBr9GwKY5p2ufkM9EJMep6n/eC OUgshVMgUSuYIycopBGmJRnVLHsxgSXgPSzFDtRY7Didvn+Ccb/+GV3VDz9R0QVl50t9 emsbAbONYEJI8wojv6qo8iwfFeJCEHdQdiq2EvN/syOqNjbOVVQ3xwdkNdAmy9HsVcJ8 1siQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706700940; x=1707305740; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=IErXxhnr7Sr3iuRkIP+bNCT9P+lyiJi7K5wIctH9pCQ=; b=gFkfP57gnjFUiX2nOFUzLjQ+mI3MziVbAoXVArscaszL6TeibaRGH8DMpCXUhdPQea jt+J6/QXnYZQsCOjir4uuw75BoRnpQHm+Fq+BxWYBceje9ljAl373VhpylsS2S3ySgTn 8JuiYdWLEVJdhZCARHr+lAzy7HNPhObPvwVQVOvI1wkJ8xPiY41mYxRjbG9RXpPsRy8k gC2ECCHuTLY/a5bCyWVELPvTrNk6O9TXIITtoy9GhG0r+VSLuwqtusd2X+9LX8TklEwh D8da/zUzi7WF4l2U9O0BKm2l6twu+5BTSyJQHlhVivYMmz7wP7htqbZT1NAAdGIIXa6O Xtcw== X-Gm-Message-State: AOJu0YyOSNE1vyU8CEmHAtxNm90d6Ws7yCC8a2YMMtbSfoRs+Ycjlv44 mc+aZLrodoylokjvBnSNzAY+IY/ej1GcH9+x+yeIt30ataojXMC9suew3TxRm+aNKhsGguDcoyc e0NqjfbEJEXb59ufXOtddqWGiFIo= X-Google-Smtp-Source: AGHT+IGFM8zgkJSyB2q1hiXS4r8mphdY7yGpchl9Fr50578iFlW5B4itXMaw3v6bC3eTBG6zP0UPMHuE4h3m+O9u6uw= X-Received: by 2002:a17:907:171b:b0:a31:1907:2fe8 with SMTP id le27-20020a170907171b00b00a3119072fe8mr957060ejc.48.1706700939343; Wed, 31 Jan 2024 03:35:39 -0800 (PST) List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 References: <80d527f-df83-5657-6a2a-262156e08440@puchar.net> In-Reply-To: <80d527f-df83-5657-6a2a-262156e08440@puchar.net> From: Mario Marietto Date: Wed, 31 Jan 2024 12:35:02 +0100 Message-ID: Subject: Re: set : illegal option -o pipefail error while trying to upgrade pkg. To: Wojciech Puchar Cc: FreeBSD Mailing List , freebsd-hackers Content-Type: multipart/alternative; boundary="0000000000003a3be306103c4790" X-Rspamd-Queue-Id: 4TQ0Mx24pJz4RCG X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US] --0000000000003a3be306103c4790 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable What I haven't understood is why you are talking about newer ports when the only thing I do is to update ports using the same FreeBSD version,in this case 10.4. I mean,upgrading ports without upgrading the version of FreeBSD,can't mean to use newer ports,since I don't use a newer version of the OS. On Wed, Jan 31, 2024 at 11:29=E2=80=AFAM Wojciech Puchar wrote: > quick dirty fix is to install bash and link /bin/sh to /usr/local/bin/bas= h > (it may break something) > other - manually compile later /bin/sh and replace. > > the problem is that newer ports needs newer /bin/sh > --=20 Mario. --0000000000003a3be306103c4790 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
What I haven't understood is why you are talking about= newer ports when the only thing I do is to update ports using the same Fre= eBSD version,in this case 10.4. I mean,upgrading ports without upgrading th= e version of FreeBSD,can't mean to use newer ports,since I don't us= e a newer version of the OS.

On Wed, Jan 31, 2024 at 11:29=E2=80=AFAM Wo= jciech Puchar <wojtek@puchar.net> wrote:
qui= ck dirty fix is to install bash and link /bin/sh to /usr/local/bin/bash (it may break something)
other - manually compile later /bin/sh and replace.

the problem is that newer ports needs newer /bin/sh


--
Mario.
--0000000000003a3be306103c4790-- From nobody Wed Jan 31 12:16:35 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TQ1HB1CMBz58Py4; Wed, 31 Jan 2024 12:16:38 +0000 (UTC) (envelope-from jamie@catflap.org) Received: from donotpassgo.dyslexicfish.net (donotpassgo.dyslexicfish.net [IPv6:2001:19f0:7400:8808:123::1]) by mx1.freebsd.org (Postfix) with ESMTP id 4TQ1H950t4z4WgP; Wed, 31 Jan 2024 12:16:37 +0000 (UTC) (envelope-from jamie@catflap.org) Authentication-Results: mx1.freebsd.org; none X-Catflap-Envelope-From: X-Catflap-Envelope-To: freebsd-hackers@FreeBSD.org Received: from donotpassgo.dyslexicfish.net (donotpassgo.dyslexicfish.net [209.250.224.51]) by donotpassgo.dyslexicfish.net (8.14.5/8.14.5) with ESMTP id 40VCGZuT001052; Wed, 31 Jan 2024 12:16:35 GMT (envelope-from jamie@donotpassgo.dyslexicfish.net) Received: (from jamie@localhost) by donotpassgo.dyslexicfish.net (8.14.5/8.14.5/Submit) id 40VCGZSo001051; Wed, 31 Jan 2024 12:16:35 GMT (envelope-from jamie) From: Jamie Landeg-Jones Message-Id: <202401311216.40VCGZSo001051@donotpassgo.dyslexicfish.net> Date: Wed, 31 Jan 2024 12:16:35 +0000 Organization: Dyslexic Fish To: wojtek@puchar.net, marietto2008@gmail.com Cc: freebsd-questions@FreeBSD.org, freebsd-hackers@FreeBSD.org Subject: Re: set : illegal option -o pipefail error while trying to upgrade pkg. References: <80d527f-df83-5657-6a2a-262156e08440@puchar.net> In-Reply-To: User-Agent: Heirloom mailx 12.4 7/29/08 List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.2.7 (donotpassgo.dyslexicfish.net [209.250.224.51]); Wed, 31 Jan 2024 12:16:35 +0000 (GMT) X-Rspamd-Queue-Id: 4TQ1H950t4z4WgP X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:20473, ipnet:2001:19f0:7400::/38, country:US] Mario Marietto wrote: > What I haven't understood is why you are talking about newer ports when the > only thing I do is to update ports using the same FreeBSD version,in this > case 10.4. I mean,upgrading ports without upgrading the version of > FreeBSD,can't mean to use newer ports,since I don't use a newer version of > the OS. The ports infrastucture (under /usr/ports/Mk) now contains scripts that set the "pipefail" option - these scripts are updated when you update the ports tree. I had an old out-of-date box for a while, and used this quick hack to get it to work. You need to run this after you update the ports tree: sed -i.bak '/^[[:space:]]*set [+-]o pipefail/d' /usr/ports/Mk/Scripts/* It removes the references to pipefail. This can mean that some build errors are potentially not trapped, but if that's the case you're likely to notice the failure anyway. Still best to update your system or your /bin/sh though! Cheers, Jamie From nobody Wed Jan 31 14:31:11 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TQ4HC6n2xz58dQJ; Wed, 31 Jan 2024 14:31:51 +0000 (UTC) (envelope-from marietto2008@gmail.com) Received: from mail-ed1-x52b.google.com (mail-ed1-x52b.google.com [IPv6:2a00:1450:4864:20::52b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TQ4HB5x6wz4t5j; Wed, 31 Jan 2024 14:31:50 +0000 (UTC) (envelope-from marietto2008@gmail.com) Authentication-Results: mx1.freebsd.org; none Received: by mail-ed1-x52b.google.com with SMTP id 4fb4d7f45d1cf-55efbaca48bso5030626a12.2; Wed, 31 Jan 2024 06:31:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1706711509; x=1707316309; darn=freebsd.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=eoJG7eRx8UCNhJks2Uuc52pkrPBfBeUlZnKeYHOjVcA=; b=cZnFfuMLnB5BCxOjCXhOiMhFSqy0RC+rRHOU8Xvi4az+yl1vnRus9k4UP+AGXTUcHi QrjK0DU8nCTEL2gaeUEDG34AVRgJuVOGirHCKtfQQ9j6XT/hwHi4cOcSyUdhN5T5rFY5 bg2J/GhHA1Mdy/zmc2TOZGvtQe9N06T5w/NMmnHDrDJmqXBEe9c+8OITjtVA67RanLfK qO+8asOaxTVQ74CYhUvGu3FdPZE5mzhMatPFHmu9W5fiIdzU7MQpbZskf/mFa8xvqeid q5XFV9LeZ+iNbsOYByDcySPn8Q4xMvIOJ7K7XHkghlvHaTxKZXixk90mlE83Mx1akk8X bUow== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706711509; x=1707316309; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=eoJG7eRx8UCNhJks2Uuc52pkrPBfBeUlZnKeYHOjVcA=; b=SnR8XyU+DPVQi2HAMlqUyFSixxiuzzQpgZFc9iDnPY+hE27smtbrCKtZn9nr99JiWg soO/mTTwr+A+j8KKjee2/5Sw3lymOM1W1kLAqiqJIqGXOJ5YHnE7DMUqyuq3/3bEHLtA bGZI6m6ZZ6l93SuKJCO5Owaojkpdgf8+LIdxh2O0curU6XHf03+SRd2WQE7dwhppu7nz Exeva9b9H7/N7NTCsxTMzI58WtOvSI6I/eniZ5/nxcRTzFMXM22JFW1L5pVE4/6D/PGx kMPVYNsPZoOl6CvgJ82plyR17D6zZ4u2OpnWuYi1oIfCL0h3z5iS76dZ2KHixANBPzAp tnKQ== X-Gm-Message-State: AOJu0Yyqk3ADgkqle88Wcs/gTHijzR6Pk7RAQu4dLl9cqKeHKLUOSasi uPpX4aWB4U8kSCH9LnXpQHIB3QtAbgUuh5Y8lz0foEkQ41KVy6gn1sxze4UOD0Y9P39s4txmYEi qhrIpoC/22FU0o8c/gwrQk9HcOAbbw6lk X-Google-Smtp-Source: AGHT+IG+ZRGnnZEtWCecd9klWcDLaN6sJw1IxQBzOogur4r/WvRDoR+jOQ47j/a8QS7IkfWGXlgXkJDXC9sVB5DDcqA= X-Received: by 2002:a17:906:3b19:b0:a35:7192:1f with SMTP id g25-20020a1709063b1900b00a357192001fmr1352702ejf.49.1706711509146; Wed, 31 Jan 2024 06:31:49 -0800 (PST) List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 References: <80d527f-df83-5657-6a2a-262156e08440@puchar.net> <202401311216.40VCGZSo001051@donotpassgo.dyslexicfish.net> In-Reply-To: <202401311216.40VCGZSo001051@donotpassgo.dyslexicfish.net> From: Mario Marietto Date: Wed, 31 Jan 2024 15:31:11 +0100 Message-ID: Subject: Re: set : illegal option -o pipefail error while trying to upgrade pkg. To: Jamie Landeg-Jones Cc: wojtek@puchar.net, freebsd-questions@freebsd.org, freebsd-hackers@freebsd.org Content-Type: multipart/alternative; boundary="0000000000003ca13206103ebd00" X-Rspamd-Queue-Id: 4TQ4HB5x6wz4t5j X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US] --0000000000003ca13206103ebd00 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Jamie, I ran your script and it gave no error message,BUT I still got the error : root@marietto:/usr/ports/ports-mgmt/pkg # make set: illegal option -o pipefail.... ? On Wed, Jan 31, 2024 at 1:16=E2=80=AFPM Jamie Landeg-Jones wrote: > Mario Marietto wrote: > > > What I haven't understood is why you are talking about newer ports when > the > > only thing I do is to update ports using the same FreeBSD version,in th= is > > case 10.4. I mean,upgrading ports without upgrading the version of > > FreeBSD,can't mean to use newer ports,since I don't use a newer version > of > > the OS. > > The ports infrastucture (under /usr/ports/Mk) now contains scripts that s= et > the "pipefail" option - these scripts are updated when you update the por= ts > tree. > > I had an old out-of-date box for a while, and used this quick hack to get > it to work. > > You need to run this after you update the ports tree: > > sed -i.bak '/^[[:space:]]*set [+-]o pipefail/d' /usr/ports/Mk/Scripts/* > > It removes the references to pipefail. This can mean that some build erro= rs > are potentially not trapped, but if that's the case you're likely to noti= ce > the failure anyway. > > Still best to update your system or your /bin/sh though! > > Cheers, Jamie > --=20 Mario. --0000000000003ca13206103ebd00 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Jamie,

I ran your script and= it gave no error message,BUT I still got the error :=C2=A0

<= /div>
root@marietto:/usr/ports/ports-mgmt/pkg # make
set:= illegal option -o pipefail....

?
<= br>
On Wed,= Jan 31, 2024 at 1:16=E2=80=AFPM Jamie Landeg-Jones <jamie@catflap.org> wrote:
Mario Marietto <marietto2008@gmail.com> wrote= :

> What I haven't understood is why you are talking about newer ports= when the
> only thing I do is to update ports using the same FreeBSD version,in t= his
> case 10.4. I mean,upgrading ports without upgrading the version of
> FreeBSD,can't mean to use newer ports,since I don't use a newe= r version of
> the OS.

The ports infrastucture (under /usr/ports/Mk) now contains scripts that set=
the "pipefail" option - these scripts are updated when you update= the ports
tree.

I had an old out-of-date box for a while, and used this quick hack to get it to work.

You need to run this after you update the ports tree:

sed -i.bak '/^[[:space:]]*set [+-]o pipefail/d' /usr/ports/Mk/Scrip= ts/*

It removes the references to pipefail. This can mean that some build errors=
are potentially not trapped, but if that's the case you're likely t= o notice
the failure anyway.

Still best to update your system or your /bin/sh though!

Cheers, Jamie


--
Mario.
--0000000000003ca13206103ebd00-- From nobody Wed Jan 31 14:45:29 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TQ4bj0Zltz58fw0; Wed, 31 Jan 2024 14:46:09 +0000 (UTC) (envelope-from marietto2008@gmail.com) Received: from mail-ed1-x52c.google.com (mail-ed1-x52c.google.com [IPv6:2a00:1450:4864:20::52c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TQ4bg6pjRz3x4y; Wed, 31 Jan 2024 14:46:07 +0000 (UTC) (envelope-from marietto2008@gmail.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20230601 header.b="Msb/dDNC"; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of marietto2008@gmail.com designates 2a00:1450:4864:20::52c as permitted sender) smtp.mailfrom=marietto2008@gmail.com Received: by mail-ed1-x52c.google.com with SMTP id 4fb4d7f45d1cf-55f19a3ca7aso1850199a12.1; Wed, 31 Jan 2024 06:46:07 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1706712366; x=1707317166; darn=freebsd.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=a2HbxWPGtCb3J4yT1cBIValySXAmSIL7eDlOsAGreRM=; b=Msb/dDNCtls/v/wAp4AY4OjJKGU5W+79Zw0cKZ4/sRtIRxXXeIeyruunYYrkpG2ra4 6wdT9AROU8Qr2lp9IxEqKdVFnKkN2L/fHcqyX0xKIyJhW9z1EIOr3h6HEA+u/DRHjN50 Gr4oTFPk+f92wEClgXSEjwV2Dqp7p9jw3NNsA1rN2kGzPffJPrOIUnKJ/TY0dUMAFbw5 ZCN27TmILEAMLVeZGy2Dy3f+xIdK8Qf801yJzHLG7832MLeGu6Ic/MRfAHbjoMWaJ2qG 3zpSeGBoSWk3etK+m/yjZX236Ql/DvOReydBQfeksQtZLJrxavsfo6yG9REo+FWrrVFM DWKg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706712366; x=1707317166; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=a2HbxWPGtCb3J4yT1cBIValySXAmSIL7eDlOsAGreRM=; b=cm/lR1Z/0XeLhQJcxkTSHdDoyENIGP3Y9iA9H2vHgQQfekxBmb21FjLyeXq94ZIAjV SBKbAOKXj1+V85Azs8yH2ehX/3NoqWVXZ3jUVav+YD69/KKq8vQ8XyJ7ZSsAAo6t5CoH hkYXE+CJ2GrUdWoX1Bz09y8OC62VSJYB5D4vHSCVql0AUYQCJdcnBRgqlN0khK75lw3r +GvwCmRkOQ5r6sp0bWQpBsg3d7GMv6o8nSPSmRxGLjrDVqJSjjaDalPchF2K/wv/Olj3 zRjKa0nwHYQWmBIBxTlY1IlP6TexSjAGX8esQYF0zgH8bKNmRXo0Pwbj/aQNIUIXzVIy e5fw== X-Gm-Message-State: AOJu0Yw7KrIj2zZqXDFZdIV7cfzBpvGGWNOHZwd443lLRu6v0d1niAxo 8DmCzc6pfrCqawaCrQ2Ac6i3aFC+pADDzanEcV4yVCJ/m9daVdDJqG5HcN2Kt8gdEe2DRsmq3Er nExcf78AGMMpcvpMmoqCQAjW3T84= X-Google-Smtp-Source: AGHT+IE5gPZ1u2GN3oEnRTl2IzFn8pMeu4vgb5IPz/aTghalsg1Ugj/levpJ2LpKfTC2MGdCuE9FCnUuhQA6Yk6g+mE= X-Received: by 2002:a17:906:254a:b0:a23:5939:759e with SMTP id j10-20020a170906254a00b00a235939759emr1646604ejb.26.1706712366202; Wed, 31 Jan 2024 06:46:06 -0800 (PST) List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 References: <80d527f-df83-5657-6a2a-262156e08440@puchar.net> <202401311216.40VCGZSo001051@donotpassgo.dyslexicfish.net> In-Reply-To: From: Mario Marietto Date: Wed, 31 Jan 2024 15:45:29 +0100 Message-ID: Subject: Re: set : illegal option -o pipefail error while trying to upgrade pkg. To: Jamie Landeg-Jones Cc: wojtek@puchar.net, freebsd-questions@freebsd.org, freebsd-hackers@freebsd.org Content-Type: multipart/alternative; boundary="00000000000052417506103ef0f6" X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.77 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-0.77)[-0.772]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20230601]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36:c]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; TO_DN_SOME(0.00)[]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; ARC_NA(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; RCVD_COUNT_ONE(0.00)[1]; FREEMAIL_ENVFROM(0.00)[gmail.com]; MISSING_XM_UA(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::52c:from]; MLMMJ_DEST(0.00)[freebsd-questions@freebsd.org,freebsd-hackers@freebsd.org]; FROM_EQ_ENVFROM(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_TLS_LAST(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; MID_RHS_MATCH_FROMTLD(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+] X-Rspamd-Queue-Id: 4TQ4bg6pjRz3x4y --00000000000052417506103ef0f6 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Can you tell me where should be stored the references to pipefail ? Maybe I will try to remove them manually. Maybe your command does not work out of the box. On Wed, Jan 31, 2024 at 3:31=E2=80=AFPM Mario Marietto wrote: > Jamie, > > I ran your script and it gave no error message,BUT I still got the error = : > > root@marietto:/usr/ports/ports-mgmt/pkg # make > set: illegal option -o pipefail.... > > ? > > On Wed, Jan 31, 2024 at 1:16=E2=80=AFPM Jamie Landeg-Jones > wrote: > >> Mario Marietto wrote: >> >> > What I haven't understood is why you are talking about newer ports whe= n >> the >> > only thing I do is to update ports using the same FreeBSD version,in >> this >> > case 10.4. I mean,upgrading ports without upgrading the version of >> > FreeBSD,can't mean to use newer ports,since I don't use a newer versio= n >> of >> > the OS. >> >> The ports infrastucture (under /usr/ports/Mk) now contains scripts that >> set >> the "pipefail" option - these scripts are updated when you update the >> ports >> tree. >> >> I had an old out-of-date box for a while, and used this quick hack to ge= t >> it to work. >> >> You need to run this after you update the ports tree: >> >> sed -i.bak '/^[[:space:]]*set [+-]o pipefail/d' /usr/ports/Mk/Scripts/* >> >> It removes the references to pipefail. This can mean that some build >> errors >> are potentially not trapped, but if that's the case you're likely to >> notice >> the failure anyway. >> >> Still best to update your system or your /bin/sh though! >> >> Cheers, Jamie >> > > > -- > Mario. > --=20 Mario. --00000000000052417506103ef0f6 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Can you tell me where should be stored the references to p= ipefail ? Maybe I will try to remove them manually. Maybe your command does= not work out of the box.

On Wed, Jan 31, 2024 at 3:31=E2=80=AFPM Mario= Marietto <marietto2008@gmail.= com> wrote:
Jamie,

I ran your script = and it gave no error message,BUT I still got the error :=C2=A0
root@marietto:/usr/ports/ports-mgmt/pkg # make
s= et: illegal option -o pipefail....

?

On W= ed, Jan 31, 2024 at 1:16=E2=80=AFPM Jamie Landeg-Jones <jamie@catflap.org> wrote:
=
Mario Marietto <= marietto2008@gm= ail.com> wrote:

> What I haven't understood is why you are talking about newer ports= when the
> only thing I do is to update ports using the same FreeBSD version,in t= his
> case 10.4. I mean,upgrading ports without upgrading the version of
> FreeBSD,can't mean to use newer ports,since I don't use a newe= r version of
> the OS.

The ports infrastucture (under /usr/ports/Mk) now contains scripts that set=
the "pipefail" option - these scripts are updated when you update= the ports
tree.

I had an old out-of-date box for a while, and used this quick hack to get it to work.

You need to run this after you update the ports tree:

sed -i.bak '/^[[:space:]]*set [+-]o pipefail/d' /usr/ports/Mk/Scrip= ts/*

It removes the references to pipefail. This can mean that some build errors=
are potentially not trapped, but if that's the case you're likely t= o notice
the failure anyway.

Still best to update your system or your /bin/sh though!

Cheers, Jamie


--
Mario.


--
Mario.
--00000000000052417506103ef0f6-- From nobody Wed Jan 31 18:52:38 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TQB4t0gMBz584TY; Wed, 31 Jan 2024 18:53:18 +0000 (UTC) (envelope-from marietto2008@gmail.com) Received: from mail-ej1-x632.google.com (mail-ej1-x632.google.com [IPv6:2a00:1450:4864:20::632]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TQB4s2bfNz4SvZ; Wed, 31 Jan 2024 18:53:17 +0000 (UTC) (envelope-from marietto2008@gmail.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20230601 header.b=Eg9MN5iR; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of marietto2008@gmail.com designates 2a00:1450:4864:20::632 as permitted sender) smtp.mailfrom=marietto2008@gmail.com Received: by mail-ej1-x632.google.com with SMTP id a640c23a62f3a-a36597a3104so5460866b.2; Wed, 31 Jan 2024 10:53:17 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1706727195; x=1707331995; darn=freebsd.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=s5hM4rhwevdxS0Ck8quXu0LRO2DJlbt4/acZMtTbmYk=; b=Eg9MN5iRaH8z2DINngDddaN0wbakW5FfiaZ0rb6O7WrChUnCA9OxRf8b1QGtf2Sxlt udi/VRgelBo0DtgVdGe+DSI72hW59Vl5d1quGL0PbAyf77UuV1wj4Vfk0GmP/WLpHidd 6HP8pO4FK1I/c2Asm3fBhVPQP33di2ItI5CrVdNhx/ogqc6qXw2mFBRuc+CEPqWt9bDy wPZGIE1NLRpybdxQFCFC8zEyQ7IDBYr2zaBEmbgZ6+CpoLX4HIKQe8YqA5ij9su0xTyT tGs5U/BuqaIQOD5i8nHziZhfGSj242H0eebiYNWBHAigIJELc8AdL7Zk2Ekek7Qi88mp 416A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706727195; x=1707331995; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=s5hM4rhwevdxS0Ck8quXu0LRO2DJlbt4/acZMtTbmYk=; b=f461Vp99KVlSqe+3J7PDbhAD0150b1+ka36KSD9qsv2DSopHt/iVdKQ8PnYwzivhE/ EuEm9bwfofF0BrMR8BrQ+otVCD5SI+xddl6zAyodP29x2G+xQCRMdsBnzhOkeh/fne1t npfRi2+P7nEudvxuC8QoLaL/540brfWxFrZVBGZwk3vl+X7DOZzgMbLGp4Ghh32bykpL deheiwTtli4JNzRsQshS+efGiI1KACe3UhPs61EKU90UpgOrpgqygOQSZlxFTeU1DTCj UJYgT7obsmUQTzUz6UAnoIUrERAQC6M/enBnWZpGv0AFeQlp4N6U7nd27vHrgxEgrCzr Ymvw== X-Gm-Message-State: AOJu0YzbsR/qxtU+kOf3o3O4kgSxpJ4FbLJhjmCjsizJ0TT4zlDE+axF 0VWhSGCZM9UtZ0MD/p2B3DiumeD3XKzcpkGQOn3DFs2T3acmCxYXP50li7XZlNiGBt//4vEmI3z EYUkE3rywQlh5kJVdfipWr9HZ9Rk= X-Google-Smtp-Source: AGHT+IHZZn5zkOmanmtabVZq2VzNjToI+FzLT+Qxm5QMSugVMRCEGTlxhKbpx0o60rJPADdsDt7p3HjBJu/XBvgVerA= X-Received: by 2002:a17:906:4154:b0:a36:70ce:31ba with SMTP id l20-20020a170906415400b00a3670ce31bamr1605444ejk.5.1706727195267; Wed, 31 Jan 2024 10:53:15 -0800 (PST) List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 References: <80d527f-df83-5657-6a2a-262156e08440@puchar.net> <202401311216.40VCGZSo001051@donotpassgo.dyslexicfish.net> In-Reply-To: From: Mario Marietto Date: Wed, 31 Jan 2024 19:52:38 +0100 Message-ID: Subject: Re: set : illegal option -o pipefail error while trying to upgrade pkg. To: Jamie Landeg-Jones Cc: wojtek@puchar.net, freebsd-questions@freebsd.org, freebsd-hackers@freebsd.org Content-Type: multipart/alternative; boundary="00000000000033d78606104264fd" X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.22 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; NEURAL_HAM_SHORT(-0.22)[-0.222]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20230601]; R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; TO_DN_SOME(0.00)[]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US]; ARC_NA(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; RCVD_COUNT_ONE(0.00)[1]; FREEMAIL_ENVFROM(0.00)[gmail.com]; MISSING_XM_UA(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::632:from]; MLMMJ_DEST(0.00)[freebsd-questions@freebsd.org,freebsd-hackers@freebsd.org]; FROM_EQ_ENVFROM(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[4]; TO_MATCH_ENVRCPT_SOME(0.00)[]; RCVD_TLS_LAST(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; MID_RHS_MATCH_FROMTLD(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+] X-Rspamd-Queue-Id: 4TQB4s2bfNz4SvZ --00000000000033d78606104264fd Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Jamie. Your script didn't work,but I get your idea and I've backed up the directory /mnt/da0p2/usr/ports/Mk/Scripts to /mnt/da0p2/usr/ports/Mk/Scripts-old ; then I have upgraded the ports tree with the commands : # portsnap fetch extract # portsnap fetch update At this point I have renamed the directory Scripts-old to Scripts and I tried to compile a port. This is what happened : Invoked as: ./configure --prefix=3D/usr/local Tclsh: /usr/ports/ports-mgmt/pkg/work/pkg-1.20.9/jimsh0 Failed: cc -O2 -pipe -Wno-error -fstack-protector-strong -fno-strict-aliasing -c conftest__.c -o conftest__.o cc: error: unknown argument: '-fstack-protector-strong' =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D The failed code was: #include int main(void) { return 0; } =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D On Wed, Jan 31, 2024 at 3:45=E2=80=AFPM Mario Marietto wrote: > Can you tell me where should be stored the references to pipefail ? Maybe > I will try to remove them manually. Maybe your command does not work out = of > the box. > > On Wed, Jan 31, 2024 at 3:31=E2=80=AFPM Mario Marietto > wrote: > >> Jamie, >> >> I ran your script and it gave no error message,BUT I still got the error >> : >> >> root@marietto:/usr/ports/ports-mgmt/pkg # make >> set: illegal option -o pipefail.... >> >> ? >> >> On Wed, Jan 31, 2024 at 1:16=E2=80=AFPM Jamie Landeg-Jones >> wrote: >> >>> Mario Marietto wrote: >>> >>> > What I haven't understood is why you are talking about newer ports >>> when the >>> > only thing I do is to update ports using the same FreeBSD version,in >>> this >>> > case 10.4. I mean,upgrading ports without upgrading the version of >>> > FreeBSD,can't mean to use newer ports,since I don't use a newer >>> version of >>> > the OS. >>> >>> The ports infrastucture (under /usr/ports/Mk) now contains scripts that >>> set >>> the "pipefail" option - these scripts are updated when you update the >>> ports >>> tree. >>> >>> I had an old out-of-date box for a while, and used this quick hack to g= et >>> it to work. >>> >>> You need to run this after you update the ports tree: >>> >>> sed -i.bak '/^[[:space:]]*set [+-]o pipefail/d' /usr/ports/Mk/Scripts/* >>> >>> It removes the references to pipefail. This can mean that some build >>> errors >>> are potentially not trapped, but if that's the case you're likely to >>> notice >>> the failure anyway. >>> >>> Still best to update your system or your /bin/sh though! >>> >>> Cheers, Jamie >>> >> >> >> -- >> Mario. >> > > > -- > Mario. > --=20 Mario. --00000000000033d78606104264fd Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Jamie. Your script didn't work,but I get your ide= a and I've backed up the directory /mnt/da0p2/usr/ports/Mk/Scripts to /= mnt/da0p2/usr/ports/Mk/Scripts-old ; then I have upgraded the ports tree wi= th the commands :

# = portsnap fetch extract
# portsnap fetch update
=

At this point = I have renamed the directory Scripts-old to Scripts and I tried to compile = a port. This is what happened :

Invoked as: ./conf= igure --prefix=3D/usr/local
Tclsh: /usr/ports/ports-mgmt/pkg/work/pkg-1.= 20.9/jimsh0
Failed: cc -O2 -pipe -Wno-error -fstack-protector-strong -fn= o-strict-aliasing -c conftest__.c -o conftest__.o
cc: error: unknown arg= ument: '-fstack-protector-strong'
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D
The failed code was:
#include <stdlib.h>
int main(voi= d) {

return 0;
}
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D

On Wed, Jan 31, 2024 at 3:45=E2=80=AFPM Mario Marietto <marietto2008@gmail.com> wrote:
=
Can you = tell me where should be stored the references to pipefail ? Maybe I will tr= y to remove them manually. Maybe your command does not work out of the box.=

On Wed, Jan 31, 2024 at 3:31=E2=80=AFPM Mario Marietto <marietto2008@gmail.com= > wrote:
Jamie,

I ran your script and it = gave no error message,BUT I still got the error :=C2=A0

root@marietto:/usr/ports/ports-mgmt/pkg # make
set: ill= egal option -o pipefail....

?

<= div class=3D"gmail_quote">
On Wed, Jan= 31, 2024 at 1:16=E2=80=AFPM Jamie Landeg-Jones <jamie@catflap.org> wrote:
<= blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-l= eft:1px solid rgb(204,204,204);padding-left:1ex">Mario Marietto <marietto2008@gmail.com= > wrote:

> What I haven't understood is why you are talking about newer ports= when the
> only thing I do is to update ports using the same FreeBSD version,in t= his
> case 10.4. I mean,upgrading ports without upgrading the version of
> FreeBSD,can't mean to use newer ports,since I don't use a newe= r version of
> the OS.

The ports infrastucture (under /usr/ports/Mk) now contains scripts that set=
the "pipefail" option - these scripts are updated when you update= the ports
tree.

I had an old out-of-date box for a while, and used this quick hack to get it to work.

You need to run this after you update the ports tree:

sed -i.bak '/^[[:space:]]*set [+-]o pipefail/d' /usr/ports/Mk/Scrip= ts/*

It removes the references to pipefail. This can mean that some build errors=
are potentially not trapped, but if that's the case you're likely t= o notice
the failure anyway.

Still best to update your system or your /bin/sh though!

Cheers, Jamie


--
Mario.


--
Mario.


--
Mario.
--00000000000033d78606104264fd-- From nobody Wed Jan 31 19:30:55 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TQBwp67Fcz587nB for ; Wed, 31 Jan 2024 19:31:22 +0000 (UTC) (envelope-from jfadams1963@proton.me) Received: from mail-40133.protonmail.ch (mail-40133.protonmail.ch [185.70.40.133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "protonmail.com", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TQBwp42fCz4Zhc for ; Wed, 31 Jan 2024 19:31:22 +0000 (UTC) (envelope-from jfadams1963@proton.me) Authentication-Results: mx1.freebsd.org; none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=proton.me; s=protonmail; t=1706729478; x=1706988678; bh=9Y1ovmuMZhngxEsI2WbmzDcJ0v1XnmcrEECSM3esCIE=; h=Date:To:From:Cc:Subject:Message-ID:In-Reply-To:References: Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID:BIMI-Selector; b=k1YgmDsTM/L4KJ90UJx5oC2ZjM0grYc3bv5m88zJUsbATCTXjawpxUOhF6CQY0UeB AujlFDb+J0dbFMlOQ/B52q6wqKDyt799nWLmVn7f3JONZt2ZubKE82SBsLpX+jbnip eTkjGi8oJXETSRmJFfWAvoBGRkUEe2ufngQVyAGzPPzPCXXeP06dm0kV+13oUXmnqG IwJAUszFdfBvkX98XiduF/DfvxKTNWlpuBlaruOFE+8yRl0HYTpsq+tNnRkjwWo7U9 x7+PgFysUJKfv5qSlkUbBGNQ2+ratEdCPwJjAqN6D989iUAnayWH3SdBLvdLqMnIJ7 GKw1GZAj41Ouw== Date: Wed, 31 Jan 2024 19:30:55 +0000 To: Dave Cottlehuber From: Jonathan Adams Cc: Paul M Foster , freebsd-questions Subject: Re: Unable to git clone ports collection Message-ID: In-Reply-To: References: <20240131061508.5nttnygaqrwvm6xi@yosemite.mars.lan> Feedback-ID: 80741059:user:proton List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: multipart/signed; protocol="application/pgp-signature"; micalg=pgp-sha512; boundary="------65b44f7a1b774d7502c6d894c1774375a0f665a813965513cce4266be4604d42"; charset=utf-8 X-Rspamd-Queue-Id: 4TQBwp42fCz4Zhc X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:62371, ipnet:185.70.40.0/24, country:CH] This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------65b44f7a1b774d7502c6d894c1774375a0f665a813965513cce4266be4604d42 Content-Type: multipart/mixed;boundary=---------------------fd7e4532990fb837e0fc89aa18c513f5 -----------------------fd7e4532990fb837e0fc89aa18c513f5 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain;charset=utf-8 On Wednesday, January 31st, 2024 at 2:48 AM, Dave Cottlehuber wrote: > On Wed, 31 Jan 2024, at 06:15, Paul M Foster wrote: > = > > git clone -v https://git.freebsd.org/ports.git /usr/ports > So I'm guessing either temporary glitch, or your local mirror > isn't happy? > NB I think the internal git url is https://cgit.freebsd.org/ports.git (a= t least I > need that to commit & push my changes back via ssh), but the one you use= d seems > entirely legit to me. Hi Dave, hi Paul, Just wanted to confirm that the URL Paul originally tried is OK from the= Eastern US; entirely legit. Paul, are things working yet for you? -=C2=A0Jonathan ____________________________________________ "Before Turing, things were done to numbers. After Turing, numbers began doing things" - George Dyson -----------------------fd7e4532990fb837e0fc89aa18c513f5-- --------65b44f7a1b774d7502c6d894c1774375a0f665a813965513cce4266be4604d42 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: ProtonMail wnUEARYKACcFgmW6n84JkI6O/sbt8r3IFiEEcBGzOO9wDbcpT/10jo7+xu3y vcgAAFWGAQDbYWzpP7hspBXrJv5SUamftQQj8t0yCD6IrDwQ4DVzfAD/ZhpB mffSYNHh/ZzdIUtr1OBzPMFyP8nnMU1gYD0yVg0= =P+Ct -----END PGP SIGNATURE----- --------65b44f7a1b774d7502c6d894c1774375a0f665a813965513cce4266be4604d42-- From nobody Wed Jan 31 20:40:56 2024 X-Original-To: questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TQDT86927z58FgJ; Wed, 31 Jan 2024 20:41:00 +0000 (UTC) (envelope-from paulf@quillandmouse.com) Received: from silver.cherry.relay.mailchannels.net (silver.cherry.relay.mailchannels.net [23.83.223.166]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TQDT7625Kz4kHL; Wed, 31 Jan 2024 20:40:59 +0000 (UTC) (envelope-from paulf@quillandmouse.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=quillandmouse.com header.s=dreamhost header.b=ou8YZdzR; arc=pass ("mailchannels.net:s=arc-2022:i=1"); dmarc=none; spf=pass (mx1.freebsd.org: domain of paulf@quillandmouse.com designates 23.83.223.166 as permitted sender) smtp.mailfrom=paulf@quillandmouse.com X-Sender-Id: dreamhost|x-authsender|paulf@quillandmouse.com Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id D6158802854; Wed, 31 Jan 2024 20:40:57 +0000 (UTC) Received: from pdx1-sub0-mail-a239.dreamhost.com (unknown [127.0.0.6]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id 7AAF0803038; Wed, 31 Jan 2024 20:40:57 +0000 (UTC) ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1706733657; a=rsa-sha256; cv=none; b=FPEQgBvSV4uWtttCLYA/rxK3GtyVpNUDEoGaXWhekJfamOEgKaOjT5svFAGjHxkBddhbtt /vINFdZyDbCRtgercC1VUtMcSQHf9aCRFQe1SqQQwi8GXm+hH5qJbI+3zkNJP89jxNXw+O UpKjMNuU3LwkkeELIHBBWdzuykzg47CkTUslh4qULUd1NiXKHfJ1jYuz9TlhC74s0uLUH1 knQFszYnXIbnb60hoYSqWdCZFPS75ZzGxfXXlLxgqwXUz/7Gbll4On3uu3FL94A5NrNppU sZBIFw55LZgjAG19x4ljdzf0NqnKzWLcYHhFOoI+3KhwwPkqQY/W9SRhQAqdaQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1706733657; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:in-reply-to:in-reply-to: references:references:dkim-signature; bh=jrwNfxKvoeMwh6MtjxobAKEDBv0YZ/TyJIFR1lxB6PQ=; b=r3HRRlGwKpbRD3nb++iX/8p4EO8dXcEpMf5RVlKSNdN7TW+g4+BT71Glm2ObFDhR6N12zH R+7LcnDJRah67S/XUkEoNWBDyCtmpxrr4QvZfijS4P3iDlCbULok/C4lBsdoKJORnDCF5K FldJRhoVzYGQ1SGP2JEyz/4/IWk43sHJCpdDKZS/1Kb37/Dc30jX0dlBb6RgxVx/Bj3LYa Vi2PzsD0Q4bc6NdSfFZtyopZdGqVRfwTOfz1c8hnwzLaRf9wORSrFy7xfLvuqwfxvOl3LG 9hUApKSjnhBhcmbu03DcytlK3dusuFi2VJNVWkeBtuJXTDt74yMqsoBrH9fsZQ== ARC-Authentication-Results: i=1; rspamd-55b4bfd7cb-42fg5; auth=pass smtp.auth=dreamhost smtp.mailfrom=paulf@quillandmouse.com X-Sender-Id: dreamhost|x-authsender|paulf@quillandmouse.com X-MC-Relay: Neutral X-MailChannels-SenderId: dreamhost|x-authsender|paulf@quillandmouse.com X-MailChannels-Auth-Id: dreamhost X-Company-Inform: 3d3a5ff91b56325d_1706733657726_199493761 X-MC-Loop-Signature: 1706733657725:3272006980 X-MC-Ingress-Time: 1706733657725 Received: from pdx1-sub0-mail-a239.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.109.86.237 (trex/6.9.2); Wed, 31 Jan 2024 20:40:57 +0000 Received: from yosemite.mars.lan (unknown [47.205.190.127]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: paulf@quillandmouse.com) by pdx1-sub0-mail-a239.dreamhost.com (Postfix) with ESMTPSA id 4TQDT522vczJX; Wed, 31 Jan 2024 12:40:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quillandmouse.com; s=dreamhost; t=1706733657; bh=jrwNfxKvoeMwh6MtjxobAKEDBv0YZ/TyJIFR1lxB6PQ=; h=Date:From:To:Subject:Reply-To:Content-Type; b=ou8YZdzRHmTR7H3rJQVW62pWufEcdm9ZCHjWRkN+8hF6f6mVRaXwc5IPsIZNNRtPO wyhLFHf3KbyPKIr4UnWWQcVYnBQ79SBCUzuTi295L+vHlUyo4sgT6a3QKLf/HIgDYq Te0cNErTLc7wZVHYJ/qb7BykQ51cD0igA7GgvjgxUf4OwJ4kUbe1b/gbAk94z1erua tJpC8MnZdX09kyTzJJsQHQ+qjm/Yf8YfBzU3oDKZmq9afc/+I2PYEJAOZuloMR7LPT 2REZAJxlW4DKLCCQ4UaR6nKapqrpLitUQEOMhB8TdQ8+MskQDUCeDa063f3+KEbZ/4 y7dF+PshO92tw== Received: from paulf by yosemite.mars.lan with local (Exim 4.96) (envelope-from ) id 1rVHOC-009NPa-0l; Wed, 31 Jan 2024 15:40:56 -0500 Date: Wed, 31 Jan 2024 15:40:56 -0500 From: Paul M Foster To: questions@freebsd.org, freebsd-questions@freebsd.org Subject: Re: Unable to git clone ports collection Message-ID: <20240131204056.32mljmoueipnudaa@yosemite.mars.lan> Reply-To: paulf@quillandmouse.com Mail-Followup-To: questions@freebsd.org, freebsd-questions@freebsd.org References: <20240131061508.5nttnygaqrwvm6xi@yosemite.mars.lan> List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.60 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; ARC_ALLOW(-1.00)[mailchannels.net:s=arc-2022:i=1]; NEURAL_HAM_SHORT(-1.00)[-1.000]; R_SPF_ALLOW(-0.20)[+ip4:23.83.208.0/20]; R_DKIM_ALLOW(-0.20)[quillandmouse.com:s=dreamhost]; RWL_MAILSPIKE_GOOD(-0.10)[23.83.223.166:from]; MIME_GOOD(-0.10)[text/plain]; RCVD_VIA_SMTP_AUTH(0.00)[]; ASN(0.00)[asn:63213, ipnet:23.83.223.0/24, country:CA]; MIME_TRACE(0.00)[0:+]; MISSING_XM_UA(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[23.83.223.166:from]; DMARC_NA(0.00)[quillandmouse.com]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; TO_DN_NONE(0.00)[]; REPLYTO_ADDR_EQ_FROM(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; HAS_REPLYTO(0.00)[paulf@quillandmouse.com]; TO_MATCH_ENVRCPT_ALL(0.00)[]; RCVD_COUNT_FIVE(0.00)[5]; RCVD_TLS_LAST(0.00)[]; MLMMJ_DEST(0.00)[freebsd-questions@freebsd.org,questions@freebsd.org]; DKIM_TRACE(0.00)[quillandmouse.com:+] X-Rspamd-Queue-Id: 4TQDT7625Kz4kHL On Wed, Jan 31, 2024 at 02:46:03AM -0500, Karl Vogel wrote: > On Wed, Jan 31, 2024 at 01:15:26AM -0500, Paul M Foster wrote: > > > I'm following the docs at docs.freebsd.org. There's a line which dictates: > > git clone https://git.freebsd.org/ports.git /usr/ports > > This results in a redirection error. > > Try doing it in two steps: download to a scratch directory, then copy > to /usr/ports. Fair warning -- it might take a bit of time: > > me% mkdir /tmp/ports > me% cd /tmp/ports > > me% git clone https://git.freebsd.org/ports.git > Cloning into 'ports'... > remote: Enumerating objects: 6084351, done. > remote: Counting objects: 100% (962/962), done. > remote: Compressing objects: 100% (144/144), done. > Receiving objects: 0% (40191/6084351), 12.20 MiB | 627.00 KiB/s > ... > Nope. That didn't work. Same error. Paul -- Paul M. Foster Personal Blog: http://noferblatz.com Company Site: http://quillandmouse.com Software Projects: https://gitlab.com/paulmfoster From nobody Wed Jan 31 20:40:56 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TQDT86927z58FgJ; Wed, 31 Jan 2024 20:41:00 +0000 (UTC) (envelope-from paulf@quillandmouse.com) Received: from silver.cherry.relay.mailchannels.net (silver.cherry.relay.mailchannels.net [23.83.223.166]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TQDT7625Kz4kHL; Wed, 31 Jan 2024 20:40:59 +0000 (UTC) (envelope-from paulf@quillandmouse.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=quillandmouse.com header.s=dreamhost header.b=ou8YZdzR; arc=pass ("mailchannels.net:s=arc-2022:i=1"); dmarc=none; spf=pass (mx1.freebsd.org: domain of paulf@quillandmouse.com designates 23.83.223.166 as permitted sender) smtp.mailfrom=paulf@quillandmouse.com X-Sender-Id: dreamhost|x-authsender|paulf@quillandmouse.com Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id D6158802854; Wed, 31 Jan 2024 20:40:57 +0000 (UTC) Received: from pdx1-sub0-mail-a239.dreamhost.com (unknown [127.0.0.6]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id 7AAF0803038; Wed, 31 Jan 2024 20:40:57 +0000 (UTC) ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1706733657; a=rsa-sha256; cv=none; b=FPEQgBvSV4uWtttCLYA/rxK3GtyVpNUDEoGaXWhekJfamOEgKaOjT5svFAGjHxkBddhbtt /vINFdZyDbCRtgercC1VUtMcSQHf9aCRFQe1SqQQwi8GXm+hH5qJbI+3zkNJP89jxNXw+O UpKjMNuU3LwkkeELIHBBWdzuykzg47CkTUslh4qULUd1NiXKHfJ1jYuz9TlhC74s0uLUH1 knQFszYnXIbnb60hoYSqWdCZFPS75ZzGxfXXlLxgqwXUz/7Gbll4On3uu3FL94A5NrNppU sZBIFw55LZgjAG19x4ljdzf0NqnKzWLcYHhFOoI+3KhwwPkqQY/W9SRhQAqdaQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1706733657; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:in-reply-to:in-reply-to: references:references:dkim-signature; bh=jrwNfxKvoeMwh6MtjxobAKEDBv0YZ/TyJIFR1lxB6PQ=; b=r3HRRlGwKpbRD3nb++iX/8p4EO8dXcEpMf5RVlKSNdN7TW+g4+BT71Glm2ObFDhR6N12zH R+7LcnDJRah67S/XUkEoNWBDyCtmpxrr4QvZfijS4P3iDlCbULok/C4lBsdoKJORnDCF5K FldJRhoVzYGQ1SGP2JEyz/4/IWk43sHJCpdDKZS/1Kb37/Dc30jX0dlBb6RgxVx/Bj3LYa Vi2PzsD0Q4bc6NdSfFZtyopZdGqVRfwTOfz1c8hnwzLaRf9wORSrFy7xfLvuqwfxvOl3LG 9hUApKSjnhBhcmbu03DcytlK3dusuFi2VJNVWkeBtuJXTDt74yMqsoBrH9fsZQ== ARC-Authentication-Results: i=1; rspamd-55b4bfd7cb-42fg5; auth=pass smtp.auth=dreamhost smtp.mailfrom=paulf@quillandmouse.com X-Sender-Id: dreamhost|x-authsender|paulf@quillandmouse.com X-MC-Relay: Neutral X-MailChannels-SenderId: dreamhost|x-authsender|paulf@quillandmouse.com X-MailChannels-Auth-Id: dreamhost X-Company-Inform: 3d3a5ff91b56325d_1706733657726_199493761 X-MC-Loop-Signature: 1706733657725:3272006980 X-MC-Ingress-Time: 1706733657725 Received: from pdx1-sub0-mail-a239.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.109.86.237 (trex/6.9.2); Wed, 31 Jan 2024 20:40:57 +0000 Received: from yosemite.mars.lan (unknown [47.205.190.127]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: paulf@quillandmouse.com) by pdx1-sub0-mail-a239.dreamhost.com (Postfix) with ESMTPSA id 4TQDT522vczJX; Wed, 31 Jan 2024 12:40:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quillandmouse.com; s=dreamhost; t=1706733657; bh=jrwNfxKvoeMwh6MtjxobAKEDBv0YZ/TyJIFR1lxB6PQ=; h=Date:From:To:Subject:Reply-To:Content-Type; b=ou8YZdzRHmTR7H3rJQVW62pWufEcdm9ZCHjWRkN+8hF6f6mVRaXwc5IPsIZNNRtPO wyhLFHf3KbyPKIr4UnWWQcVYnBQ79SBCUzuTi295L+vHlUyo4sgT6a3QKLf/HIgDYq Te0cNErTLc7wZVHYJ/qb7BykQ51cD0igA7GgvjgxUf4OwJ4kUbe1b/gbAk94z1erua tJpC8MnZdX09kyTzJJsQHQ+qjm/Yf8YfBzU3oDKZmq9afc/+I2PYEJAOZuloMR7LPT 2REZAJxlW4DKLCCQ4UaR6nKapqrpLitUQEOMhB8TdQ8+MskQDUCeDa063f3+KEbZ/4 y7dF+PshO92tw== Received: from paulf by yosemite.mars.lan with local (Exim 4.96) (envelope-from ) id 1rVHOC-009NPa-0l; Wed, 31 Jan 2024 15:40:56 -0500 Date: Wed, 31 Jan 2024 15:40:56 -0500 From: Paul M Foster To: questions@freebsd.org, freebsd-questions@freebsd.org Subject: Re: Unable to git clone ports collection Message-ID: <20240131204056.32mljmoueipnudaa@yosemite.mars.lan> Reply-To: paulf@quillandmouse.com Mail-Followup-To: questions@freebsd.org, freebsd-questions@freebsd.org References: <20240131061508.5nttnygaqrwvm6xi@yosemite.mars.lan> List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.60 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; ARC_ALLOW(-1.00)[mailchannels.net:s=arc-2022:i=1]; NEURAL_HAM_SHORT(-1.00)[-1.000]; R_SPF_ALLOW(-0.20)[+ip4:23.83.208.0/20]; R_DKIM_ALLOW(-0.20)[quillandmouse.com:s=dreamhost]; RWL_MAILSPIKE_GOOD(-0.10)[23.83.223.166:from]; MIME_GOOD(-0.10)[text/plain]; RCVD_VIA_SMTP_AUTH(0.00)[]; ASN(0.00)[asn:63213, ipnet:23.83.223.0/24, country:CA]; MIME_TRACE(0.00)[0:+]; MISSING_XM_UA(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[23.83.223.166:from]; DMARC_NA(0.00)[quillandmouse.com]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_TWO(0.00)[2]; TO_DN_NONE(0.00)[]; REPLYTO_ADDR_EQ_FROM(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; HAS_REPLYTO(0.00)[paulf@quillandmouse.com]; TO_MATCH_ENVRCPT_ALL(0.00)[]; RCVD_COUNT_FIVE(0.00)[5]; RCVD_TLS_LAST(0.00)[]; MLMMJ_DEST(0.00)[freebsd-questions@freebsd.org,questions@freebsd.org]; DKIM_TRACE(0.00)[quillandmouse.com:+] X-Rspamd-Queue-Id: 4TQDT7625Kz4kHL On Wed, Jan 31, 2024 at 02:46:03AM -0500, Karl Vogel wrote: > On Wed, Jan 31, 2024 at 01:15:26AM -0500, Paul M Foster wrote: > > > I'm following the docs at docs.freebsd.org. There's a line which dictates: > > git clone https://git.freebsd.org/ports.git /usr/ports > > This results in a redirection error. > > Try doing it in two steps: download to a scratch directory, then copy > to /usr/ports. Fair warning -- it might take a bit of time: > > me% mkdir /tmp/ports > me% cd /tmp/ports > > me% git clone https://git.freebsd.org/ports.git > Cloning into 'ports'... > remote: Enumerating objects: 6084351, done. > remote: Counting objects: 100% (962/962), done. > remote: Compressing objects: 100% (144/144), done. > Receiving objects: 0% (40191/6084351), 12.20 MiB | 627.00 KiB/s > ... > Nope. That didn't work. Same error. Paul -- Paul M. Foster Personal Blog: http://noferblatz.com Company Site: http://quillandmouse.com Software Projects: https://gitlab.com/paulmfoster From nobody Wed Jan 31 23:08:22 2024 X-Original-To: questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TQHlq4lXMz58VVl; Wed, 31 Jan 2024 23:08:55 +0000 (UTC) (envelope-from hawei@free.fr) Received: from smtp5-g21.free.fr (smtp5-g21.free.fr [IPv6:2a01:e0c:1:1599::14]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TQHlq2cznz46lr; Wed, 31 Jan 2024 23:08:55 +0000 (UTC) (envelope-from hawei@free.fr) Authentication-Results: mx1.freebsd.org; none Received: from localhost.mail (unknown [IPv6:2a02:8428:32a3:9701:e401:82a6:c2b1:3352]) (Authenticated sender: hawei@free.fr) by smtp5-g21.free.fr (Postfix) with ESMTPSA id 3F7475FFC0; Thu, 1 Feb 2024 00:08:50 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=free.fr; s=smtp-20201208; t=1706742532; bh=n0Uhb40BBbao93M7T6t739q0h1vvbNinJt8qPAGQ9iw=; h=Date:From:To:In-Reply-To:References:Subject:From; b=pOlJqKfvf8sKixBKKm0jLt+32w85JRbNDDhyZ/SJDiTjezFK4w3Yqr4RQ13UZyLfo vX1J/2jEXMAnExkysVRk98YFprbsMV2kGNZ4rV4l9mpCQEIVAPaXThsOukupPjzrk1 4fKTGbnpIhYOIi4wN1IAoFsS8Pzc6xaBRbtpln/wJQBAt/DDsliAo0Q2xLrkO/EboF DJCK8H+HjWzGska21bcIf3F61LDaPlO0fo7wC1yOqV+XQZAqRBDeqQjEVmO+rIbxE9 FxnBphgT14cfKFGw4xxc3LDxfL3nRFEMvjU5ire8TK/UKggc9k+vwTY9n9fp3KEA/T 8pgZqvRYb6Tsg== Date: Thu, 1 Feb 2024 00:08:22 +0100 From: Harald Weis To: questions@freebsd.org, freebsd-questions@freebsd.org, paulf@quillandmouse.com Message-ID: In-Reply-To: <20240131204056.32mljmoueipnudaa@yosemite.mars.lan> References: <20240131204056.32mljmoueipnudaa@yosemite.mars.lan> Subject: Re: Unable to git clone ports collection List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="65bad301_4a831f12_28aa" X-Rspamd-Queue-Id: 4TQHlq2cznz46lr X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:12322, ipnet:2a01:e00::/26, country:FR] --65bad301_4a831f12_28aa Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Unsubscribe me please -- Harald Weis Le 31 janvier 2024 =C3=A0 21:40:56, Paul M =46oster (paulf=40quillandmous= e.com (mailto:paulf=40quillandmouse.com)) a =C3=A9crit: > On Wed, Jan 31, 2024 at 02:46:03AM -0500, Karl Vogel wrote: > > > On Wed, Jan 31, 2024 at 01:15:26AM -0500, Paul M =46oster wrote: > > > > > I'm following the docs at docs.freebsd.org. There's a line which di= ctates: > > > git clone https://git.freebsd.org/ports.git /usr/ports > > > This results in a redirection error. > > > > Try doing it in two steps: download to a scratch directory, then copy= > > to /usr/ports. =46air warning -- it might take a bit of time: > > > > me% mkdir /tmp/ports > > me% cd /tmp/ports > > > > me% git clone https://git.freebsd.org/ports.git > > Cloning into 'ports'... > > remote: Enumerating objects: 6084351, done. > > remote: Counting objects: 100% (962/962), done. > > remote: Compressing objects: 100% (144/144), done. > > Receiving objects: 0% (40191/6084351), 12.20 MiB =7C 627.00 KiB/s > > ... > > > > Nope. That didn't work. Same error. > > Paul > > -- > Paul M. =46oster > Personal Blog: http://noferblatz.com > Company Site: http://quillandmouse.com > Software Projects: https://gitlab.com/paulmfoster > --65bad301_4a831f12_28aa Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Unsubscribe me please 

-- 
Harald Weis

Le 31 janvier 2024 =C3= =A0 21:40:56, Paul M =46oster (paulf=40quillandmouse.com) a =C3=A9crit:

On Wed,= Jan 31, 2024 at 02:46:03AM -0500, Karl Vogel wrote:

On Wed, Jan 31, 2024 at 01:15:26AM -050= 0, Paul M =46oster wrote:

I'm following the docs at docs.freebsd.= org. There's a line which dictates:
git clone https://git.freebsd.org/ports.git /usr/ports
This results in a redirection error.

Try doing it in two steps: download to a scratch directory, then copy=
to /usr/ports. =46air warning -- it might take a bit of time:

me% mkdir /tmp/ports
me% cd /tmp/ports

me% git clone https://git.freebsd.org/ports.git
Cloning into 'ports'...
remote: Enumerating objects: 6084351, done.
remote: Counting objects: 100% (962/962), done.
remote: Compressing objects: 100% (144/144), done.
Receiving objects: 0% (40191/6084351), 12.20 MiB =7C 627.00 KiB/s
...


Nope. That didn't work. Same error.

Paul

-- =20
Paul M. =46oster
Personal Blog: http://noferblatz.com
Company Site: http://quillandmouse.com
Software Projects: https://gitlab.com/paulmfoster

--65bad301_4a831f12_28aa-- From nobody Wed Jan 31 23:08:22 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TQHlq4lXMz58VVl; Wed, 31 Jan 2024 23:08:55 +0000 (UTC) (envelope-from hawei@free.fr) Received: from smtp5-g21.free.fr (smtp5-g21.free.fr [IPv6:2a01:e0c:1:1599::14]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TQHlq2cznz46lr; Wed, 31 Jan 2024 23:08:55 +0000 (UTC) (envelope-from hawei@free.fr) Authentication-Results: mx1.freebsd.org; none Received: from localhost.mail (unknown [IPv6:2a02:8428:32a3:9701:e401:82a6:c2b1:3352]) (Authenticated sender: hawei@free.fr) by smtp5-g21.free.fr (Postfix) with ESMTPSA id 3F7475FFC0; Thu, 1 Feb 2024 00:08:50 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=free.fr; s=smtp-20201208; t=1706742532; bh=n0Uhb40BBbao93M7T6t739q0h1vvbNinJt8qPAGQ9iw=; h=Date:From:To:In-Reply-To:References:Subject:From; b=pOlJqKfvf8sKixBKKm0jLt+32w85JRbNDDhyZ/SJDiTjezFK4w3Yqr4RQ13UZyLfo vX1J/2jEXMAnExkysVRk98YFprbsMV2kGNZ4rV4l9mpCQEIVAPaXThsOukupPjzrk1 4fKTGbnpIhYOIi4wN1IAoFsS8Pzc6xaBRbtpln/wJQBAt/DDsliAo0Q2xLrkO/EboF DJCK8H+HjWzGska21bcIf3F61LDaPlO0fo7wC1yOqV+XQZAqRBDeqQjEVmO+rIbxE9 FxnBphgT14cfKFGw4xxc3LDxfL3nRFEMvjU5ire8TK/UKggc9k+vwTY9n9fp3KEA/T 8pgZqvRYb6Tsg== Date: Thu, 1 Feb 2024 00:08:22 +0100 From: Harald Weis To: questions@freebsd.org, freebsd-questions@freebsd.org, paulf@quillandmouse.com Message-ID: In-Reply-To: <20240131204056.32mljmoueipnudaa@yosemite.mars.lan> References: <20240131204056.32mljmoueipnudaa@yosemite.mars.lan> Subject: Re: Unable to git clone ports collection List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="65bad301_4a831f12_28aa" X-Rspamd-Queue-Id: 4TQHlq2cznz46lr X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:12322, ipnet:2a01:e00::/26, country:FR] --65bad301_4a831f12_28aa Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Unsubscribe me please -- Harald Weis Le 31 janvier 2024 =C3=A0 21:40:56, Paul M =46oster (paulf=40quillandmous= e.com (mailto:paulf=40quillandmouse.com)) a =C3=A9crit: > On Wed, Jan 31, 2024 at 02:46:03AM -0500, Karl Vogel wrote: > > > On Wed, Jan 31, 2024 at 01:15:26AM -0500, Paul M =46oster wrote: > > > > > I'm following the docs at docs.freebsd.org. There's a line which di= ctates: > > > git clone https://git.freebsd.org/ports.git /usr/ports > > > This results in a redirection error. > > > > Try doing it in two steps: download to a scratch directory, then copy= > > to /usr/ports. =46air warning -- it might take a bit of time: > > > > me% mkdir /tmp/ports > > me% cd /tmp/ports > > > > me% git clone https://git.freebsd.org/ports.git > > Cloning into 'ports'... > > remote: Enumerating objects: 6084351, done. > > remote: Counting objects: 100% (962/962), done. > > remote: Compressing objects: 100% (144/144), done. > > Receiving objects: 0% (40191/6084351), 12.20 MiB =7C 627.00 KiB/s > > ... > > > > Nope. That didn't work. Same error. > > Paul > > -- > Paul M. =46oster > Personal Blog: http://noferblatz.com > Company Site: http://quillandmouse.com > Software Projects: https://gitlab.com/paulmfoster > --65bad301_4a831f12_28aa Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Unsubscribe me please 

-- 
Harald Weis

Le 31 janvier 2024 =C3= =A0 21:40:56, Paul M =46oster (paulf=40quillandmouse.com) a =C3=A9crit:

On Wed,= Jan 31, 2024 at 02:46:03AM -0500, Karl Vogel wrote:

On Wed, Jan 31, 2024 at 01:15:26AM -050= 0, Paul M =46oster wrote:

I'm following the docs at docs.freebsd.= org. There's a line which dictates:
git clone https://git.freebsd.org/ports.git /usr/ports
This results in a redirection error.

Try doing it in two steps: download to a scratch directory, then copy=
to /usr/ports. =46air warning -- it might take a bit of time:

me% mkdir /tmp/ports
me% cd /tmp/ports

me% git clone https://git.freebsd.org/ports.git
Cloning into 'ports'...
remote: Enumerating objects: 6084351, done.
remote: Counting objects: 100% (962/962), done.
remote: Compressing objects: 100% (144/144), done.
Receiving objects: 0% (40191/6084351), 12.20 MiB =7C 627.00 KiB/s
...


Nope. That didn't work. Same error.

Paul

-- =20
Paul M. =46oster
Personal Blog: http://noferblatz.com
Company Site: http://quillandmouse.com
Software Projects: https://gitlab.com/paulmfoster

--65bad301_4a831f12_28aa-- From nobody Thu Feb 1 01:32:19 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TQLxM5NlHz58jYX for ; Thu, 1 Feb 2024 01:32:23 +0000 (UTC) (envelope-from paulf@quillandmouse.com) Received: from shrimp.cherry.relay.mailchannels.net (shrimp.cherry.relay.mailchannels.net [23.83.223.164]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TQLxL3P6Jz4TKN for ; Thu, 1 Feb 2024 01:32:22 +0000 (UTC) (envelope-from paulf@quillandmouse.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=quillandmouse.com header.s=dreamhost header.b=sD+NCb+5; arc=pass ("mailchannels.net:s=arc-2022:i=1"); dmarc=none; spf=pass (mx1.freebsd.org: domain of paulf@quillandmouse.com designates 23.83.223.164 as permitted sender) smtp.mailfrom=paulf@quillandmouse.com X-Sender-Id: dreamhost|x-authsender|paulf@quillandmouse.com Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id EF9A0841219 for ; Thu, 1 Feb 2024 01:32:20 +0000 (UTC) Received: from pdx1-sub0-mail-a208.dreamhost.com (unknown [127.0.0.6]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id 96351841DD3 for ; Thu, 1 Feb 2024 01:32:20 +0000 (UTC) ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1706751140; a=rsa-sha256; cv=none; b=PKVs7ZTS7Cvb0kVTcoi33rKrpy8To7cqYrMlo74zwdDW71Y0Ymt3KoPiUuU3FTGH3gujtJ EOYKyVdDSfbpm0HEuC6EREq5uKUnkgmKBn5J9SgCr8TCcK7utUTzoZIPWjK0fmyqTK3MFV M/hk3V/DpvHjKCCQ4yBz9fYH2VnSzb4o/yPEFNVvz1tJl0W2eZGz47iRaOT0TSR4vTvlP3 nGgXgjEVb6ru5deyMUOi3T5aYI4IvUjAFpUdo9DLmT1hNjXMsAvgiWqh1DaX96YFR8VjDU VZY6cjyTpErdgNQD2HNxdCeoJfdi/Xpt6bdgZix4AfQhFKnRxIQRnitkxPbnZQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1706751140; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=iFjZ0JHWjJ8y42BtGzDnMW3rGusd916RRY1DZeBDSxg=; b=lWzHImhBPq02lk/voDOxVIQ7WC1TOoEX5kaj9lnETPt8pfdfAxhK6tYwNGreCE2jqC+/Sh 7l0XEcx58XQi5RkwSGevEN9xJvWAMpZ3R3B54XHrVwUrvf2fbd1Uny/3RpDyqAMOuM9QMG EzRYk4pHCaLWI2wFLXYFQhejaCO5mqtOd98gGInSUx/w1zTdra6sVUGW+CQFxjmTWMdQNX pScFW8vLOlamD/RxEE8oNuXU27y7lGwkU+kzjdSKW/c4d5LTjQ4Gzx3sscmsSdkQ3/Tahe op3vFrofz70zo1BOzrCNFwVOSF9962eAlLMXrFUnjnWVnwIv/Rv77+6huiCN6g== ARC-Authentication-Results: i=1; rspamd-6bdc45795d-2rsbd; auth=pass smtp.auth=dreamhost smtp.mailfrom=paulf@quillandmouse.com X-Sender-Id: dreamhost|x-authsender|paulf@quillandmouse.com X-MC-Relay: Neutral X-MailChannels-SenderId: dreamhost|x-authsender|paulf@quillandmouse.com X-MailChannels-Auth-Id: dreamhost X-Troubled-Company: 132ea35e48b8ca22_1706751140825_1951036874 X-MC-Loop-Signature: 1706751140825:1116022566 X-MC-Ingress-Time: 1706751140825 Received: from pdx1-sub0-mail-a208.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.100.214.50 (trex/6.9.2); Thu, 01 Feb 2024 01:32:20 +0000 Received: from yosemite.mars.lan (unknown [47.205.190.127]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: paulf@quillandmouse.com) by pdx1-sub0-mail-a208.dreamhost.com (Postfix) with ESMTPSA id 4TQLxJ306nz6x for ; Wed, 31 Jan 2024 17:32:20 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quillandmouse.com; s=dreamhost; t=1706751140; bh=iFjZ0JHWjJ8y42BtGzDnMW3rGusd916RRY1DZeBDSxg=; h=Date:From:To:Subject:Reply-To:Content-Type: Content-Transfer-Encoding; b=sD+NCb+5ARvdfD5TMZuZbVJb2rUoXOvBfFxtYajd9k3LdXF64V8y60FipjgtpgPLX CHJGmvFR1/1yrAd/mPi10w1up6O07/s5lqNudqy93bjlU8mYZZiTjyHrQ95KgDhgDq UXNjj4QNfxAsaFYyGRHXbX7u7wrNmL7F4Zgz+6tCsJbMEqUkOtgLqkDLhBY/9Nxj9J T0EVZ+n5po4JngJgwtgnKrIYE4hnw4i8SbfYY2EB0kipZ82AeEub5x7NxCyiaXDTvx v8rQ9nTm2BbhyJ74Kp0G++WMuWjUflMXmgkg55UUtjC+YW3fS1t3Rnv5kt0yARiQfN HG9LpRs2LsYrQ== Received: from paulf by yosemite.mars.lan with local (Exim 4.96) (envelope-from ) id 1rVLwB-00AL18-06 for freebsd-questions@freebsd.org; Wed, 31 Jan 2024 20:32:19 -0500 Date: Wed, 31 Jan 2024 20:32:19 -0500 From: Paul M Foster To: freebsd-questions Subject: Re: Unable to git clone ports collection Message-ID: <20240201013219.dthr2iyomowho76n@yosemite.mars.lan> Reply-To: paulf@quillandmouse.com Mail-Followup-To: freebsd-questions References: <20240131061508.5nttnygaqrwvm6xi@yosemite.mars.lan> List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.60 / 15.00]; ARC_ALLOW(-1.00)[mailchannels.net:s=arc-2022:i=1]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; R_SPF_ALLOW(-0.20)[+ip4:23.83.208.0/20]; R_DKIM_ALLOW(-0.20)[quillandmouse.com:s=dreamhost]; MIME_GOOD(-0.10)[text/plain]; RWL_MAILSPIKE_GOOD(-0.10)[23.83.223.164:from]; TO_MATCH_ENVRCPT_ALL(0.00)[]; TO_DN_ALL(0.00)[]; RCVD_TLS_LAST(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; DMARC_NA(0.00)[quillandmouse.com]; MIME_TRACE(0.00)[0:+]; DKIM_TRACE(0.00)[quillandmouse.com:+]; ASN(0.00)[asn:63213, ipnet:23.83.223.0/24, country:CA]; RCVD_IN_DNSWL_NONE(0.00)[23.83.223.164:from]; REPLYTO_ADDR_EQ_FROM(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; MISSING_XM_UA(0.00)[]; RCVD_COUNT_FIVE(0.00)[5]; MLMMJ_DEST(0.00)[freebsd-questions@freebsd.org]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; RCVD_VIA_SMTP_AUTH(0.00)[]; HAS_REPLYTO(0.00)[paulf@quillandmouse.com] X-Rspamd-Queue-Id: 4TQLxL3P6Jz4TKN On Wed, Jan 31, 2024 at 07:48:36AM +0000, Dave Cottlehuber wrote: > On Wed, 31 Jan 2024, at 06:15, Paul M Foster wrote: > > Folks: > > > > I'm following the docs at docs.freebsd.org. There's a line which dictates: > > > > git clone https://git.freebsd.org/ports.git /usr/ports > > > > This results in a redirection error. The error: > > > > Cloning into '/usr/ports' > > fatal: unable to update url base from redirection: > > asked for: > > https://git.freebsd.org/ports.git/info/refs?service=git-upload-pack > > redirect: https://cgit.freebsd.org/ports > > > > Nothing is downloaded at /usr/ports and in fact the directory doesn't > > exist. > > On a fresh server, this seems to work just fine (here in EU at least) > and that's the same URL I use for fetching daily from ports tree. > > > git clone -v https://git.freebsd.org/ports.git /tmp/ports > Cloning into '/tmp/ports'... > POST git-upload-pack (175 bytes) > POST git-upload-pack (gzip 7002 to 3523 bytes) > remote: Enumerating objects: 6084351, done. > remote: Counting objects: 100% (936/936), done. > remote: Compressing objects: 100% (120/120), done. > ^C⏎ > > So I'm guessing either temporary glitch, or your local mirror > isn't happy? > > re-try with: > > env GIT_CURL_VERBOSE=1 GIT_TRACE=1 git clone -v \ > https://git.freebsd.org/ports.git /usr/ports > > and report back anything interesting. Oh well, that's weird. With your exact steps, it appears to be working (download of this code takes a looooong time, so it's not finished yet). Lots of gibberish, but then it started downloading. How could simply adding a verbose parameter make that kind of change? Paul -- Paul M. Foster Personal Blog: http://noferblatz.com Company Site: http://quillandmouse.com Software Projects: https://gitlab.com/paulmfoster From nobody Thu Feb 1 11:41:52 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TQcSl38qcz58T0c; Thu, 1 Feb 2024 11:41:59 +0000 (UTC) (envelope-from jamie@catflap.org) Received: from donotpassgo.dyslexicfish.net (donotpassgo.dyslexicfish.net [IPv6:2001:19f0:7400:8808:123::1]) by mx1.freebsd.org (Postfix) with ESMTP id 4TQcSl0ZXCz4Fcl; Thu, 1 Feb 2024 11:41:58 +0000 (UTC) (envelope-from jamie@catflap.org) Authentication-Results: mx1.freebsd.org; none X-Catflap-Envelope-From: Received: from donotpassgo.dyslexicfish.net (donotpassgo.dyslexicfish.net [209.250.224.51]) by donotpassgo.dyslexicfish.net (8.14.5/8.14.5) with ESMTP id 411Bfqar057811; Thu, 1 Feb 2024 11:41:52 GMT (envelope-from jamie@donotpassgo.dyslexicfish.net) Received: (from jamie@localhost) by donotpassgo.dyslexicfish.net (8.14.5/8.14.5/Submit) id 411Bfq9W057810; Thu, 1 Feb 2024 11:41:52 GMT (envelope-from jamie) From: Jamie Landeg-Jones Message-Id: <202402011141.411Bfq9W057810@donotpassgo.dyslexicfish.net> Date: Thu, 01 Feb 2024 11:41:52 +0000 Organization: Dyslexic Fish To: marietto2008@gmail.com, jamie@catflap.org Cc: wojtek@puchar.net, freebsd-questions@freebsd.org, freebsd-hackers@freebsd.org Subject: Re: set : illegal option -o pipefail error while trying to upgrade pkg. References: <80d527f-df83-5657-6a2a-262156e08440@puchar.net> <202401311216.40VCGZSo001051@donotpassgo.dyslexicfish.net> In-Reply-To: User-Agent: Heirloom mailx 12.4 7/29/08 List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.2.7 (donotpassgo.dyslexicfish.net [209.250.224.51]); Thu, 01 Feb 2024 11:41:52 +0000 (GMT) X-Rspamd-Queue-Id: 4TQcSl0ZXCz4Fcl X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:20473, ipnet:2001:19f0:7400::/38, country:US] Mario Marietto wrote: > Can you tell me where should be stored the references to pipefail ? Maybe I > will try to remove them manually. Maybe your command does not work out of > the box. I juat tested it on an old 11.1 box and it worked. The various files are the ones listed in the command, under /usr/ports/Mk/Scripts - there are about 22 that contain mentions of pipefail, though not all will be relevent to your particilar cases. Yes, you can manually just delete the "set +o pipefail" and "set -o pipefail" commands as you find them, not forgetting the caveat mentioned in the previous mail that you may miss some errors that may occur during building. From nobody Thu Feb 1 12:07:49 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TQd3K1pNZz58W9b; Thu, 1 Feb 2024 12:08:29 +0000 (UTC) (envelope-from marietto2008@gmail.com) Received: from mail-ej1-x635.google.com (mail-ej1-x635.google.com [IPv6:2a00:1450:4864:20::635]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TQd3J74Qrz4KdV; Thu, 1 Feb 2024 12:08:28 +0000 (UTC) (envelope-from marietto2008@gmail.com) Authentication-Results: mx1.freebsd.org; none Received: by mail-ej1-x635.google.com with SMTP id a640c23a62f3a-a29c4bbb2f4so93984666b.1; Thu, 01 Feb 2024 04:08:28 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1706789307; x=1707394107; darn=freebsd.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=QCeb6GvWnqzD7N77n8QHgYwhIoz8TiUmAwTeizfWkmA=; b=OEnamUYPpfMnP4viwgvgN6T3l3/ArGccWo3hEOLU/gi/8ufeT7UMznM9DQjCIllV+A fTsmgfMKOk2SIIWhmttyQiAhPgk0V89UykCntOpqKP7+pi2FRYgV66Y08fwWkxWuIAdZ ykIbfgxix5VK/uwYBx0+4msMFMGzJGZ685euL0Kh6uUOEEqDgDh85f2Rkedmh12kIO+R m3DChwmTWWzLJbhtj9Xn6+hgigwAeRuo2hKPDhloC1a5E21jpxRlv2vXxQxBrWGYmjsC yt01U+zdbZJ5hUm99++PKqr1oZwlp+eLOJVSlO3uKKs5drnKClu+UYyTyP29Oc6mDfYI ufpQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706789307; x=1707394107; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=QCeb6GvWnqzD7N77n8QHgYwhIoz8TiUmAwTeizfWkmA=; b=tSAf1uKek+x4+cP+A+7YzquVc0f22vzGZeKLFzzGqtfzH3nFiMdf4ZDZ7hxbWhzmVP uXw0k4IxbdQYV8zpBxAOJXe/oJwpfIaaT1hrjFY4k7Cqq7cYfP90xwNU0pHWN4ggcmfT n+YfIa/d9C9bu0lPmxCGuZA6cZVmU3FHVvJBGmM4FJmjXLTnQ2UNlOiq1KclP+Cs8b/r SewvLDQdVIy4MWsArY6wtrxNhK6sk8Kukx4lpeNMjjQkGAiYRfQZN1LucF9rzu5FnlMu D1sLyMIi+rGRVmcYpKNCjsrIrK4oua2tix2ezOdEaRoXjMCU6dm0RQ6FUFVa3vkQzPQD VnHg== X-Gm-Message-State: AOJu0YwK5R/iFNV+qK3UXEJVdM8PjxStj5c0MUyYAOIutPJkqe/sXVtu 8N+IBE3sKydZVyLjCdGbfno6pIMoZYEdqBwCPkyMdoPXWJyq1pAlQarTdJyaQczC/WX00cMkeKJ PX8cEjAD/srWuu38R1VdmN4jqEXueVGHY X-Google-Smtp-Source: AGHT+IGMetaR9cu9qWIZj5VPBHupg5T7VFeLpwzCBZjnUZaGBVkcyhhjSnzCZFTV7BaHp1V9CjhTfYCQlFDqorvNCew= X-Received: by 2002:a17:906:c457:b0:a36:71c1:468c with SMTP id ck23-20020a170906c45700b00a3671c1468cmr3192547ejb.62.1706789306523; Thu, 01 Feb 2024 04:08:26 -0800 (PST) List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 References: <80d527f-df83-5657-6a2a-262156e08440@puchar.net> <202401311216.40VCGZSo001051@donotpassgo.dyslexicfish.net> <202402011141.411Bfq9W057810@donotpassgo.dyslexicfish.net> In-Reply-To: <202402011141.411Bfq9W057810@donotpassgo.dyslexicfish.net> From: Mario Marietto Date: Thu, 1 Feb 2024 13:07:49 +0100 Message-ID: Subject: Re: set : illegal option -o pipefail error while trying to upgrade pkg. To: Jamie Landeg-Jones Cc: wojtek@puchar.net, freebsd-questions@freebsd.org, freebsd-hackers@freebsd.org Content-Type: multipart/alternative; boundary="000000000000526765061050daf8" X-Rspamd-Queue-Id: 4TQd3J74Qrz4KdV X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US] --000000000000526765061050daf8 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hello Jamie, thanks. I don't know if you read my last email,but I have cut the problem at the root,by using the old version of the Mk Scripts,to be sure that it didn't have the pipefail parameter. I did like this because your script probably didn't remove some of those references and I got the same error. Unfortunately,when I tried to upgrade the port "pkg" to 1.20.9 I got a compilation error. I'm not able to upgrade the whole system until I'm not able to upgrade it. The error that I need to fix is : Invoked as: ./configure --prefix=3D/usr/local Tclsh: /usr/ports/ports-mgmt/pkg/work/pkg-1.20.9/jimsh0 Failed: cc -O2 -pipe -Wno-error -fstack-protector-strong -fno-strict-aliasing -c conftest__.c -o conftest__.o cc: error: unknown argument: '-fstack-protector-strong' =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D The failed code was: #include int main(void) { return 0; } =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D On Thu, Feb 1, 2024 at 12:42=E2=80=AFPM Jamie Landeg-Jones wrote: > Mario Marietto wrote: > > > Can you tell me where should be stored the references to pipefail ? > Maybe I > > will try to remove them manually. Maybe your command does not work out = of > > the box. > > I juat tested it on an old 11.1 box and it worked. The various files are > the > ones listed in the command, under /usr/ports/Mk/Scripts - there are about > 22 > that contain mentions of pipefail, though not all will be relevent to you= r > particilar cases. > > Yes, you can manually just delete the "set +o pipefail" and "set -o > pipefail" > commands as you find them, not forgetting the caveat mentioned in the > previous mail that you may miss some errors that may occur during buildin= g. > --=20 Mario. --000000000000526765061050daf8 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Hello=C2=A0Jamie,

thanks. I = don't know if you read my last email,but I have cut the problem at the = root,by using the old version of the Mk Scripts,to be sure that it didn'= ;t have the pipefail parameter. I did like this because your script probabl= y didn't remove some of those references and I got the same error. Unfo= rtunately,when I tried to upgrade the port "pkg" to 1.20.9 I got = a compilation error. I'm not able to upgrade the whole system until I&#= 39;m not able to upgrade it. The error that I need to fix is :
Invoked as: ./configure --prefix=3D/usr/local
Tclsh: /usr/p= orts/ports-mgmt/pkg/work/pkg-1.20.9/jimsh0
Failed: cc -O2 -pipe -Wno-err= or -fstack-protector-strong -fno-strict-aliasing -c conftest__.c -o conftes= t__.o
cc: error: unknown argument: '-fstack-protector-strong'=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
The failed code was:
#include &= lt;stdlib.h>
int main(void) {

return 0;
}
=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D

On Thu, Feb 1, 2024 at 12:42=E2=80=AFPM Jamie= Landeg-Jones <ja= mie@catflap.org> wrote:
Mario Marietto <marietto2008@gmail.com> wrote:

> Can you tell me where should be stored the references to pipefail ? Ma= ybe I
> will try to remove them manually. Maybe your command does not work out= of
> the box.

I juat tested it on an old 11.1 box and it worked. The various files are th= e
ones listed in the command, under /usr/ports/Mk/Scripts - there are about 2= 2
that contain mentions of pipefail, though not all will be relevent to your<= br> particilar cases.

Yes, you can manually just delete the "set +o pipefail" and "= ;set -o pipefail"
commands as you find them, not forgetting the caveat mentioned in the
previous mail that you may miss some errors that may occur during building.=


--
Mario.
--000000000000526765061050daf8-- From nobody Thu Feb 1 12:13:58 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TQd9g41byz58WjS; Thu, 1 Feb 2024 12:13:59 +0000 (UTC) (envelope-from jamie@catflap.org) Received: from donotpassgo.dyslexicfish.net (donotpassgo.dyslexicfish.net [IPv6:2001:19f0:7400:8808:123::1]) by mx1.freebsd.org (Postfix) with ESMTP id 4TQd9g2c9bz4N8T; Thu, 1 Feb 2024 12:13:59 +0000 (UTC) (envelope-from jamie@catflap.org) Authentication-Results: mx1.freebsd.org; none X-Catflap-Envelope-From: Received: from donotpassgo.dyslexicfish.net (donotpassgo.dyslexicfish.net [209.250.224.51]) by donotpassgo.dyslexicfish.net (8.14.5/8.14.5) with ESMTP id 411CDwIq064567; Thu, 1 Feb 2024 12:13:58 GMT (envelope-from jamie@donotpassgo.dyslexicfish.net) Received: (from jamie@localhost) by donotpassgo.dyslexicfish.net (8.14.5/8.14.5/Submit) id 411CDwKw064566; Thu, 1 Feb 2024 12:13:58 GMT (envelope-from jamie) From: Jamie Landeg-Jones Message-Id: <202402011213.411CDwKw064566@donotpassgo.dyslexicfish.net> Date: Thu, 01 Feb 2024 12:13:58 +0000 Organization: Dyslexic Fish To: marietto2008@gmail.com, jamie@catflap.org Cc: wojtek@puchar.net, freebsd-questions@freebsd.org, freebsd-hackers@freebsd.org Subject: Re: set : illegal option -o pipefail error while trying to upgrade pkg. References: <80d527f-df83-5657-6a2a-262156e08440@puchar.net> <202401311216.40VCGZSo001051@donotpassgo.dyslexicfish.net> In-Reply-To: User-Agent: Heirloom mailx 12.4 7/29/08 List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.2.7 (donotpassgo.dyslexicfish.net [209.250.224.51]); Thu, 01 Feb 2024 12:13:59 +0000 (GMT) X-Rspamd-Queue-Id: 4TQd9g2c9bz4N8T X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:20473, ipnet:2001:19f0:7400::/38, country:US] Mario Marietto wrote: > Jamie. Your script didn't work,but I get your idea and I've backed up the > directory /mnt/da0p2/usr/ports/Mk/Scripts to > /mnt/da0p2/usr/ports/Mk/Scripts-old ; then I have upgraded the ports tree > with the commands : > > # portsnap fetch extract > # portsnap fetch update > > At this point I have renamed the directory Scripts-old to Scripts and I > tried to compile a port. This is what happened : > > Invoked as: ./configure --prefix=/usr/local > Tclsh: /usr/ports/ports-mgmt/pkg/work/pkg-1.20.9/jimsh0 > Failed: cc -O2 -pipe -Wno-error -fstack-protector-strong > -fno-strict-aliasing -c conftest__.c -o conftest__.o > cc: error: unknown argument: '-fstack-protector-strong' > ============ > The failed code was: > #include > int main(void) { > > return 0; > } > ============ Ah ok, so you've got around the pipefail issue. This is a different issue. stack-protection got added to the clang compiler long after the freebsd version you are using. I think you can disable this by adding SSP_CFLAGS="" to your make command line, e.g. make SSP_CFLAGS="" But then, you're likely to get build errors due to the old version of "make" on that system, so unless you know how to remove the problem in the makefile, you'll need a more recent version of "make" too... From nobody Thu Feb 1 13:23:46 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TQfkn5sjzz58dws; Thu, 1 Feb 2024 13:24:17 +0000 (UTC) (envelope-from hawei@free.fr) Received: from smtp6-g21.free.fr (smtp6-g21.free.fr [IPv6:2a01:e0c:1:1599::15]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TQfkn3bWqz4YyZ; Thu, 1 Feb 2024 13:24:17 +0000 (UTC) (envelope-from hawei@free.fr) Authentication-Results: mx1.freebsd.org; none Received: from localhost.mail (unknown [IPv6:2a02:8428:32a3:9701:bc22:80bb:ca90:d900]) (Authenticated sender: hawei@free.fr) by smtp6-g21.free.fr (Postfix) with ESMTPSA id 9B325780375; Thu, 1 Feb 2024 14:24:09 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=free.fr; s=smtp-20201208; t=1706793854; bh=dY+s2pSS61lAlOUPxtL8y5whpg8dNzj+bMR/bwTmHRc=; h=Date:From:To:Cc:In-Reply-To:References:Subject:From; b=k5H/9AunbRvywn/ix5PrHxhbDlSesszztcYF/TIvICMcsnl9w4iyLxC71frIr3VF4 vSy/NoRD5Lp4Z96ZRhcYWS9OrA9i0dw2VkA1MuhHgH3RSE8Utu81IaBsIEcSWXtybj 5d0jXW4zBeZrGU4LEZ6eo4djODBMxPYIV1E9FlaIlOTQJv84Sr8zIwc759xcrHxEvy P+gbEu7IiegIfrAeDnVzq34qRXX493ovj8cvo3z22MfNht3DH9sdHIGxwLk4vSl49W Pa+67DoU/lycMGVZFTLuOJ1qrjCrX98BemkHAnAkVnL0qKMXM4KBGHgkRZxPUev8Zt eJsVkgPTnOiyQ== Date: Thu, 1 Feb 2024 14:23:46 +0100 From: Harald Weis To: Mario Marietto , Jamie Landeg-Jones Cc: wojtek@puchar.net, freebsd-hackers@freebsd.org, freebsd-questions@freebsd.org Message-ID: In-Reply-To: References: Subject: Re: set : illegal option -o pipefail error while trying to upgrade pkg. List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: multipart/alternative; boundary="65bb9b79_66ac593_2a10" X-Rspamd-Queue-Id: 4TQfkn3bWqz4YyZ X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:12322, ipnet:2a01:e00::/26, country:FR] --65bb9b79_66ac593_2a10 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Please unsubscribe me -- Harald Weis Le 1 f=C3=A9vrier 2024 =C3=A0 13:07:49, Mario Marietto (marietto2008=40gm= ail.com (mailto:marietto2008=40gmail.com)) a =C3=A9crit: > Hello Jamie, > > thanks. I don't know if you read my last email,but I have cut the probl= em at the root,by using the old version of the Mk Scripts,to be sure that= it didn't have the pipefail parameter. I did like this because your scri= pt probably didn't remove some of those references and I got the same err= or. Unfortunately,when I tried to upgrade the port =22pkg=22 to 1.20.9 I = got a compilation error. I'm not able to upgrade the whole system until I= 'm not able to upgrade it. The error that I need to fix is : > > Invoked as: ./configure --prefix=3D/usr/local > Tclsh: /usr/ports/ports-mgmt/pkg/work/pkg-1.20.9/jimsh0 > =46ailed: cc -O2 -pipe -Wno-error -fstack-protector-strong -fno-strict-= aliasing -c conftest=5F=5F.c -o conftest=5F=5F.o > cc: error: unknown argument: '-fstack-protector-strong' > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > The failed code was: > =23include > int main(void) =7B > > return 0; > =7D > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > On Thu, =46eb 1, 2024 at 12:42=E2=80=AFPM Jamie Landeg-Jones wrote: > > Mario Marietto wrote: > > > > > Can you tell me where should be stored the references to pipefail =3F= Maybe I > > > will try to remove them manually. Maybe your command does not work = out of > > > the box. > > > > I juat tested it on an old 11.1 box and it worked. The various files = are the > > ones listed in the command, under /usr/ports/Mk/Scripts - there are a= bout 22 > > that contain mentions of pipefail, though not all will be relevent to= your > > particilar cases. > > > > Yes, you can manually just delete the =22set +o pipefail=22 and =22se= t -o pipefail=22 > > commands as you find them, not forgetting the caveat mentioned in the= > > previous mail that you may miss some errors that may occur during bui= lding. > > > -- > Mario. --65bb9b79_66ac593_2a10 Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Please unsubscribe me

-- 
Harald Weis

Le 1 f=C3=A9vrier 2024 =C3=A0= 13:07:49, Mario Marietto (marietto2008=40gmail.com) a =C3=A9crit:

Hello Jamie,

thanks. I don't know if you read my last email,but I have cut the problem at the root,by using the old version of the Mk Scripts,to be sure that it didn't have the pipefail parameter. I did like this because your script probably didn't remove some of those references and I got the same error. Unfortunately,when I tried to upgrade the port =22pkg=22 to 1.20.9 I got a compilation error. I'm not able to upgrade the whole system until I'm not able to upgrade it. The error that I need to fix is :

Invoked as: ./configure --prefix=3D/usr/local
Tclsh: /usr/ports/ports-mgmt/pkg/work/pkg-1.20.9/jimsh0
=46ailed: cc -O2 -pipe -Wno-error -fstack-protector-strong -fno-strict-aliasing -c conftest=5F=5F.c -o conftest=5F=5F.o
cc: error: unknown argument: '-fstack-protector-strong'
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
The failed code was:
=23include <stdlib.h>
int main(void) =7B

return 0;
=7D
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D

On Thu, =46eb 1, 2024 at = 12:42=E2=80=AFPM Jamie Landeg-Jones <jamie=40catflap.org> wrote:
Mario Marietto <marietto2008=40gmail.com> wrote:

> Can you tell me where should be stored the references to pipefail =3F Maybe I
> will try to remove them manually. Maybe your command does not work out of
> the box.

I juat tested it on an old 11.1 box and it worked. The various files are the
ones listed in the command, under /usr/ports/Mk/Scripts - there are about 22
that contain mentions of pipefail, though not all will be relevent to your
particilar cases.

Yes, you can manually just delete the =22set +o pipefail=22 and =22set -o= pipefail=22
commands as you find them, not forgetting the caveat mentioned in the
previous mail that you may miss some errors that may occur during building.


--
Mario.
--65bb9b79_66ac593_2a10-- From nobody Sat Feb 3 14:48:51 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TRwWW75Xsz59WbJ for ; Sat, 3 Feb 2024 14:48:55 +0000 (UTC) (envelope-from paulf@quillandmouse.com) Received: from shrimp.cherry.relay.mailchannels.net (shrimp.cherry.relay.mailchannels.net [23.83.223.164]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TRwWW0KKwz49Xq for ; Sat, 3 Feb 2024 14:48:54 +0000 (UTC) (envelope-from paulf@quillandmouse.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=quillandmouse.com header.s=dreamhost header.b=XSMiFsh4; arc=pass ("mailchannels.net:s=arc-2022:i=1"); dmarc=none; spf=pass (mx1.freebsd.org: domain of paulf@quillandmouse.com designates 23.83.223.164 as permitted sender) smtp.mailfrom=paulf@quillandmouse.com X-Sender-Id: dreamhost|x-authsender|paulf@quillandmouse.com Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id 10C0DC1DA7 for ; Sat, 3 Feb 2024 14:48:53 +0000 (UTC) Received: from pdx1-sub0-mail-a236.dreamhost.com (unknown [127.0.0.6]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id AD16CC2242 for ; Sat, 3 Feb 2024 14:48:52 +0000 (UTC) ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1706971732; a=rsa-sha256; cv=none; b=CVNaPcFb1xEWrd2dMxTQNMolJumF3InpXf+LOBH7SzRdu7TbahLGr1hsIt5R3jssc4hAdG 7IQGk/lE3+oQxQTZmhasKnZyw1Nu+h9Bo9pZ5mHCHO86F6HIupj8BW4OGEZiMXsx3EOWjp 3hnhCIyjD0KZ7qdZb15WYdxsMhICIdt0Hmg6g1sCcKYUVx6ATZ05n2gfLfnaRswNbb1/x/ 2XUzssGdB+T8KFiMoGpfeEGcLumoDUSpvB5ge8qPzi4lgBi/GDpU1me1EYKsijd5eaLuCl mOSCSpq9vpINSbSj8YcUQ6N+2hTyKczUBOEko8hzZIbiwegcnmKDYTxw69uLBQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1706971732; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type:dkim-signature; bh=9Ws/rN0zmL4I073adByGVmv8YhONoKmGd2ap81kGO4I=; b=0hQvFLcisnrFrEfCTf9ODURI0nbtzQ4xvVihcKcbf4fvQ8JHcDD56WY6rbo1syNPH9zMy6 f5MnDlCI8uEm8T9uOoCT37j9XJisQ7s88uweRGUH3a+eMnWGfr8+2jMYuXpEIwAKA5jChB Qo1Z79i7v76zU89gIgHaVu4KnrE1WM/yAb6L6LOO/SnmA1ZnrkwjdszN1tjjZek11LMCgR 7OcoQ+NW30rfC9YipBc5JWtGW1CS3EUk9qg4lXnTiuwHKKXDO+qTvZ2D2l4eLtPxM1pjYR S8yXVIfANSH1j0lRoHFepVeds4l92U59jluJZMgqiPaR24w0PEmHIHE+odMRSw== ARC-Authentication-Results: i=1; rspamd-6bdc45795d-f94f7; auth=pass smtp.auth=dreamhost smtp.mailfrom=paulf@quillandmouse.com X-Sender-Id: dreamhost|x-authsender|paulf@quillandmouse.com X-MC-Relay: Neutral X-MailChannels-SenderId: dreamhost|x-authsender|paulf@quillandmouse.com X-MailChannels-Auth-Id: dreamhost X-Inform-Trail: 594478be5860793d_1706971732919_2936639256 X-MC-Loop-Signature: 1706971732918:2002854789 X-MC-Ingress-Time: 1706971732918 Received: from pdx1-sub0-mail-a236.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.123.181.231 (trex/6.9.2); Sat, 03 Feb 2024 14:48:52 +0000 Received: from yosemite.mars.lan (unknown [47.205.190.127]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: paulf@quillandmouse.com) by pdx1-sub0-mail-a236.dreamhost.com (Postfix) with ESMTPSA id 4TRwWS3zqLz46 for ; Sat, 3 Feb 2024 06:48:52 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quillandmouse.com; s=dreamhost; t=1706971732; bh=9Ws/rN0zmL4I073adByGVmv8YhONoKmGd2ap81kGO4I=; h=Date:From:To:Subject:Reply-To:Content-Type; b=XSMiFsh4UdWgZJGumDBfVLXFmHTAeIf3A0iFdNo6Q1nGEfnnWWARaS2G5lvCMufiZ LcFuTX4H4ZqJRRo5dtHpNPoydUNCrzLh3P+Rv2Cfqhgt6v3BX9l4eA3UOSNMu8H1N9 KAnYd82yPjnduVPM+MLGNgzjEfODACQYhblMxZ+haJ9BRHj2IiChcakEWHJCdRF7ci gK2tAKS9L/+/MyxaRq34URuzTy6RSnnvKiUcyK+gelf0hrlVlvIdwZ9TaLWjDpyAL9 tin0NMLZz5sbbKlXWCmMDVx/XPaxYJDFrUVjeV7+9iz5E2n3qZRZmdqHWfk5Bi1rXa kJ7eVdGuQHCdw== Received: from paulf by yosemite.mars.lan with local (Exim 4.96) (envelope-from ) id 1rWHK7-006YhM-0k for freebsd-questions@freebsd.org; Sat, 03 Feb 2024 09:48:51 -0500 Date: Sat, 3 Feb 2024 09:48:51 -0500 From: Paul M Foster To: freebsd-questions@freebsd.org Subject: Installing/running X11 Message-ID: <20240203144851.d47zguvjtisjdsz4@yosemite.mars.lan> Reply-To: paulf@quillandmouse.com Mail-Followup-To: freebsd-questions@freebsd.org List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.60 / 15.00]; ARC_ALLOW(-1.00)[mailchannels.net:s=arc-2022:i=1]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; R_SPF_ALLOW(-0.20)[+ip4:23.83.208.0/20]; R_DKIM_ALLOW(-0.20)[quillandmouse.com:s=dreamhost]; MIME_GOOD(-0.10)[text/plain]; RWL_MAILSPIKE_GOOD(-0.10)[23.83.223.164:from]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DKIM_TRACE(0.00)[quillandmouse.com:+]; DMARC_NA(0.00)[quillandmouse.com]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; MISSING_XM_UA(0.00)[]; FROM_HAS_DN(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[23.83.223.164:from]; RCVD_COUNT_FIVE(0.00)[5]; REPLYTO_ADDR_EQ_FROM(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; ASN(0.00)[asn:63213, ipnet:23.83.223.0/24, country:CA]; TO_DN_NONE(0.00)[]; MLMMJ_DEST(0.00)[freebsd-questions@freebsd.org]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; RCVD_VIA_SMTP_AUTH(0.00)[]; HAS_REPLYTO(0.00)[paulf@quillandmouse.com] X-Rspamd-Queue-Id: 4TRwWW0KKwz49Xq Folks: For context, I have a fresh install of version 14. I've made myself part of the wheel and video groups. I've installed drm-kmod, xdm, xf86-video-intel, xfce, xorg and xterm. I've added hald_enable="YES", dbus_enable="YES" and kld_list="i915kms" to /etc/rc.conf. At this point, advice diverges significantly. Some sites say I should be able to just run startx and all will be fine. Some want you to run xorg -configure. Some want you to hack X11 config files. What I can tell you is that X won't start with startx. For one thing, it outputs these errors: (EE) Fatal server error: (EE) no screens found(EE) (EE) Also, for what it's worth, service dbus start works. But service hald start doesn't. The error is: hald does not exist in /etc/rc.d or the local startup directories (/usr/local/etc/rc.d), or is not executable. I have no idea how to proceed. Paul -- Paul M. Foster Personal Blog: http://noferblatz.com Company Site: http://quillandmouse.com Software Projects: https://gitlab.com/paulmfoster From nobody Sat Feb 3 15:17:53 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TRx9J27g4z59Yyq for ; Sat, 3 Feb 2024 15:18:12 +0000 (UTC) (envelope-from michaelsprivate@gmail.com) Received: from mail-lj1-x22e.google.com (mail-lj1-x22e.google.com [IPv6:2a00:1450:4864:20::22e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TRx9G5xn6z4GLZ for ; Sat, 3 Feb 2024 15:18:10 +0000 (UTC) (envelope-from michaelsprivate@gmail.com) Authentication-Results: mx1.freebsd.org; none Received: by mail-lj1-x22e.google.com with SMTP id 38308e7fff4ca-2d09bdddfc9so4699741fa.2 for ; Sat, 03 Feb 2024 07:18:10 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1706973487; x=1707578287; darn=freebsd.org; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :from:to:cc:subject:date:message-id:reply-to; bh=VPcFWdH9Ri3PPDWzeg/n19ZEGJRhI5uBgav/jy2esS4=; b=QfrSXcE20GJ2i3cLpH2CTULaSRlam+XnXMSIq2qkoVsUJhd3o9iJyyrVga+2GO+RNI 69N0Z8BCPY0wBvEPKuNz96iTdLel+nLY5ebsRRusH39tCJe9iEEYUc4N5Gtq3KlGWp2x BDa6SXN3jHSetoitpi5nY3egu0QhSU80rL0ueRxGeRib0iSX6dCkRsJBpnARq7JsgnS7 7xtVkrCbW6gUqj8hnAhGS+WylnP5y5w5pfo76SGNB8Yv1Z5TCNPYpBvDqiXHyLHjFwAu wVQfQeEd4FDkm/9toV4T5cn5/YXaiAnc3BX3kLQDRZaCOXZwx0bmw682sIDhx/OyPHhp m3hQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706973487; x=1707578287; h=to:subject:message-id:date:from:in-reply-to:references:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=VPcFWdH9Ri3PPDWzeg/n19ZEGJRhI5uBgav/jy2esS4=; b=F4jxjkwA1LCbB+zIgoay2jwjoi0eEkMx3bMnUOKh72b/HQRXlesZyLqX1VkWlH6T/m NRMk3dA32cv4By4ipZNMsFi3TcCglSr5hVC8v2w5uMfzfFBiocSgvWruUX/Zp+o5k6KH REIFD4xsh5kex6VgjvxgSRqnGdudRTft5JpINi+uAa1N9NGKHq/E3CYdHKCoOpMbQgMC OHG+AjGETFHkYkkioSxaGD45/iRtF9be0wAUd4M7vxeMUqrcrycULycJyMl1+PKr/9QT 8aZcSSaDCrTAxAw2arcfszT1efUvOvTOUCrkGmAiesIiGkkz3YuDS1EMs22nSbDENVty nC1Q== X-Gm-Message-State: AOJu0Yxy/ZBEwufjBEPgLE4IGetoHpZJDc5oxOkBifNYD39j6PYvrt2S zdGzdZj3QTlaI9/JaX6m4kVn9O5f62ttxXFWH83KDsq91mZ8hJesoRsp3rd08VE9E23nFnREOTx dbCRKOMqi8LPb+PtdYl/LvQArIiJGrWnzm60= X-Google-Smtp-Source: AGHT+IFbyiNAQCV1MoCMz6I78rTEuZfogu6j90bY7Stin0iRJTTfZ63pt0NsbwFvztPx5ltzfk75X+OU87F/J9pO0Ss= X-Received: by 2002:a2e:920b:0:b0:2d0:89fe:df8d with SMTP id k11-20020a2e920b000000b002d089fedf8dmr2595125ljg.14.1706973486515; Sat, 03 Feb 2024 07:18:06 -0800 (PST) List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 References: <20240203144851.d47zguvjtisjdsz4@yosemite.mars.lan> In-Reply-To: <20240203144851.d47zguvjtisjdsz4@yosemite.mars.lan> From: Michael Schuster Date: Sat, 3 Feb 2024 16:17:53 +0100 Message-ID: Subject: Re: Installing/running X11 To: paulf@quillandmouse.com, freeBSD Mailing List Content-Type: multipart/alternative; boundary="0000000000004e083706107bbc6e" X-Rspamd-Queue-Id: 4TRx9G5xn6z4GLZ X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US] --0000000000004e083706107bbc6e Content-Type: text/plain; charset="UTF-8" On Sat, Feb 3, 2024, 15:49 Paul M Foster wrote: > Folks: > > For context, I have a fresh install of version 14. Perhaps those of us who actually know their way around graphics (not me, I'm afraid) can be of more help if you add such information like - which HW is this? - has X11 ever worked on gjis HW (if so, under which OS)? - have you checked syslog for anything interesting? HTH Michael I've made myself part of > the wheel and video groups. I've installed drm-kmod, xdm, xf86-video-intel, > xfce, xorg and xterm. I've added hald_enable="YES", dbus_enable="YES" and > kld_list="i915kms" to /etc/rc.conf. > > At this point, advice diverges significantly. Some sites say I should be > able to just run startx and all will be fine. Some want you to run xorg > -configure. Some want you to hack X11 config files. > > What I can tell you is that X won't start with startx. For one thing, it > outputs these errors: > > (EE) > Fatal server error: > (EE) no screens found(EE) > (EE) > > Also, for what it's worth, service dbus start works. But service hald start > doesn't. The error is: > > hald does not exist in /etc/rc.d or the local startup directories > (/usr/local/etc/rc.d), or is not executable. > > I have no idea how to proceed. > > Paul > > -- > Paul M. Foster > Personal Blog: http://noferblatz.com > Company Site: http://quillandmouse.com > Software Projects: https://gitlab.com/paulmfoster > > --0000000000004e083706107bbc6e Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable


On Sat, Feb 3, 2024, 15:49 Paul M Foster <paulf@quillandmouse.com> wrote:<= br>
Folks:

For context, I have a fresh install of version 14.
=

Perhaps those of us who actua= lly know their way around graphics (not me, I'm afraid) can be of more = help if you add such information like
- which HW is = this?=C2=A0
- has X11 ever worked on gjis HW (if so,= under which OS)?=C2=A0
- have you checked syslog fo= r anything interesting?=C2=A0

HTH=C2=A0
Michael=C2=A0

I've made myself part of
the wheel and video groups. I've installed drm-kmod, xdm, xf86-video-in= tel,
xfce, xorg and xterm. I've added hald_enable=3D"YES", dbus_en= able=3D"YES" and
kld_list=3D"i915kms" to /etc/rc.conf.

At this point, advice diverges significantly. Some sites say I should be able to just run startx and all will be fine. Some want you to run xorg
-configure. Some want you to hack X11 config files.

What I can tell you is that X won't start with startx. For one thing, i= t
outputs these errors:

(EE)
Fatal server error:
(EE) no screens found(EE)
(EE)

Also, for what it's worth, service dbus start works. But service hald s= tart
doesn't. The error is:

hald does not exist in /etc/rc.d or the local startup directories
(/usr/local/etc/rc.d), or is not executable.

I have no idea how to proceed.

Paul

--
Paul M. Foster
Personal Blog: http://noferblatz.com
Company Site: http://quillandmouse.com
Software Projects: https://gitlab.com/paulmfoster

--0000000000004e083706107bbc6e-- From nobody Sat Feb 3 16:01:43 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TRy7q0j6kz59dL6 for ; Sat, 3 Feb 2024 16:01:59 +0000 (UTC) (envelope-from alex@alexburke.ca) Received: from out-173.mta1.migadu.com (out-173.mta1.migadu.com [IPv6:2001:41d0:203:375::ad]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TRy7p5kVYz4MbX for ; Sat, 3 Feb 2024 16:01:58 +0000 (UTC) (envelope-from alex@alexburke.ca) Authentication-Results: mx1.freebsd.org; none Message-ID: DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alexburke.ca; s=key1; t=1706976109; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=TY6UGL9UroTJgvj5BCli40YY8KXKvirlESRh2KjcIUA=; b=NSpbLp1RMj3baoVynaxo4Fo98PPV7j+FZXkljyBWN5jpg5+Q7I8RLJUqf1GQT/UIo/8DbP ythR6Ma+j33bsC1S5//DD8nufbwbPUeCwpiMn+j4RUDeLWDNkEdxn5E02zW9cyz5fi+uHm m1n91yOC90/cOrITfMSZ2qqKoR1GJhY= Date: Sat, 3 Feb 2024 17:01:43 +0100 List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Subject: Re: Installing/running X11 Content-Language: fr, es-ES, ca, en-CA To: paulf@quillandmouse.com References: <20240203144851.d47zguvjtisjdsz4@yosemite.mars.lan> X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. From: Alexander Burke Cc: freebsd-questions@freebsd.org In-Reply-To: <20240203144851.d47zguvjtisjdsz4@yosemite.mars.lan> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Migadu-Flow: FLOW_OUT X-Rspamd-Queue-Id: 4TRy7p5kVYz4MbX X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:16276, ipnet:2001:41d0::/32, country:FR] Hi Paul, Forgive me if I'm mistaken, but I'm starting to get the feeling that you might not have paid as much attention to the wealth of documentation on FreeBSD as perhaps you could have. There's nothing wrong with just diving in, but a bit of guidance in unfamiliar waters is never a bad thing! The most general/basic advice is here; in this case, jump to step 9: https://freebsdfoundation.org/setting-up-a-desktop-environment-from-scratch/ Going up a notch in detail is the excellent FreeBSD Handbook. The Desktop section has separate subsections for the KDE, GNOME, XFCE, MATE, Cinnamon, and LXQT desktop environments. Look around for reviews and screenshots and pick one; they are listed here in approximate descending order of popularity: https://docs.freebsd.org/en/books/handbook/desktop/ I also cannot speak highly enough of vermaden's fabulous blog, which has generally been my first or second port of call when I had questions before I turned to the mailing lists. Here's his page collating all of his entries regarding setting up a FreeBSD desktop: https://vermaden.wordpress.com/freebsd-desktop/  (scroll down past the screenshots) There's also the FreeBSD Forums, which are very searchable: https://forums.freebsd.org/ Given your level of experience, I recommend sticking to packages, and not touching the port system. You can explore the various packages which exist at Freshports: https://www.freshports.org/ Important to remember is that packages are simply precompiled ports. They're a lot easier to deal with than ports. Cheers, Alex On 2024-02-03 15:48, Paul M Foster wrote: > Folks: > > For context, I have a fresh install of version 14. I've made myself part of > the wheel and video groups. I've installed drm-kmod, xdm, xf86-video-intel, > xfce, xorg and xterm. I've added hald_enable="YES", dbus_enable="YES" and > kld_list="i915kms" to /etc/rc.conf. > > At this point, advice diverges significantly. Some sites say I should be > able to just run startx and all will be fine. Some want you to run xorg > -configure. Some want you to hack X11 config files. > > What I can tell you is that X won't start with startx. For one thing, it > outputs these errors: > > (EE) > Fatal server error: > (EE) no screens found(EE) > (EE) > > Also, for what it's worth, service dbus start works. But service hald start > doesn't. The error is: > > hald does not exist in /etc/rc.d or the local startup directories > (/usr/local/etc/rc.d), or is not executable. > > I have no idea how to proceed. > > Paul > From nobody Sat Feb 3 16:15:41 2024 X-Original-To: questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TRyRk531jz59fY1 for ; Sat, 3 Feb 2024 16:15:46 +0000 (UTC) (envelope-from trkellers@gmail.com) Received: from mail-qk1-x733.google.com (mail-qk1-x733.google.com [IPv6:2607:f8b0:4864:20::733]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TRyRj2TkYz4RtC for ; Sat, 3 Feb 2024 16:15:45 +0000 (UTC) (envelope-from trkellers@gmail.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20230601 header.b=BiGEvI7W; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of trkellers@gmail.com designates 2607:f8b0:4864:20::733 as permitted sender) smtp.mailfrom=trkellers@gmail.com Received: by mail-qk1-x733.google.com with SMTP id af79cd13be357-7853e4d3cddso49240285a.1 for ; Sat, 03 Feb 2024 08:15:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1706976943; x=1707581743; darn=freebsd.org; h=content-transfer-encoding:in-reply-to:from:references:to :content-language:subject:user-agent:mime-version:date:message-id :from:to:cc:subject:date:message-id:reply-to; bh=3sFB5dQkTlgPYU2VbP2HfgNtXgUq9ktoRIBkz8eYQXQ=; b=BiGEvI7WmGwjDw83bhIL6IJ3SeFix92uXS954a8ydB2vcbbM4qbH1iL7Siok6Tho1I jNaoYdaaIZkHDgIUBrdeykt8pXurulXS8tqPKk8K8ssS1h0oqDDfErVaUmf1z4vz+UaI RSBXvUZyA+rFnrYgcWLbI1BxNq+KguoLA3JpzW3Tq/yaXb67jdvDlIPnIISrU2tLUB6O y+EdJB8ag0wNoNMxE3jz79EfYqzydwCHMe2rZMrbKnpTOeDlWd0v3I8b/CQHicrVomxd 12aJ0DIfs+idgyVg0Qu1Q83ZxyX1Wyh1vCUvTTb9zesxzanXlCKPSqSyI9RwB1ZnexDx hzvw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706976943; x=1707581743; h=content-transfer-encoding:in-reply-to:from:references:to :content-language:subject:user-agent:mime-version:date:message-id :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=3sFB5dQkTlgPYU2VbP2HfgNtXgUq9ktoRIBkz8eYQXQ=; b=KrAx2sqA2CylLn57vJjz4tDxcUpL0i6mWh1jNZbvoe/xPzPFhJqzUsccpN/YAhy3Y1 QOXLkZ7SSFhAwe9uFYCc8iZ9LFkJnwzvArgvcj1RPBrP61sb0mJlz1UN9R3/3dchtWBK Y4/uhF62+HOzqMQvM44lxxKpgwUY9sJuEgHZkcor2jf7AZ/3JAyhJiZvS4tewYHsl6Hd hgyq6nYrElqiJVaWc7ebcGA7EzZl87jJ8s1oTe/NONYXY+OrMkNscZdq8wUMmLjNXvSZ buRWlc+vNghnJtMj2QvFaM3Wz7WaWfTK6u15quQUGL/zugGQyaBESWa/+Dxy8JzY+yPd kzDQ== X-Gm-Message-State: AOJu0Yxlfry6cjDF8N9oW1kGOesvgrR5reuCfIMVBO5WqZ8tqL5ybSKt BpOXPE0CnY70OhQAw83arDpOAH0i6pS7y/Yt4rVYC4rlf0w1FA5BS/HMDSaV X-Google-Smtp-Source: AGHT+IGomMMR2saKcW1CXnJf6FU9zSqx6J00ALPkX84wpQknN3vOGkQ/IwS2SzAq6/+wPyODYlIn9w== X-Received: by 2002:ad4:4351:0:b0:68c:66f4:2368 with SMTP id q17-20020ad44351000000b0068c66f42368mr9052325qvs.1.1706976942842; Sat, 03 Feb 2024 08:15:42 -0800 (PST) Received: from [192.168.254.154] ([50.123.163.179]) by smtp.gmail.com with ESMTPSA id lv7-20020a056214578700b0068691ce0e74sm1931753qvb.0.2024.02.03.08.15.42 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Sat, 03 Feb 2024 08:15:42 -0800 (PST) Message-ID: Date: Sat, 3 Feb 2024 11:15:41 -0500 List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: Installing/running X11 Content-Language: en-US To: questions@freebsd.org References: <20240203144851.d47zguvjtisjdsz4@yosemite.mars.lan> From: TIM KELLERS In-Reply-To: Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Spamd-Bar: - X-Spamd-Result: default: False [-1.79 / 15.00]; NEURAL_HAM_SHORT(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-0.996]; NEURAL_SPAM_MEDIUM(0.90)[0.896]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36:c]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20230601]; MIME_HTML_ONLY(0.20)[]; XM_UA_NO_VERSION(0.01)[]; RCVD_TLS_LAST(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; MIME_TRACE(0.00)[0:~]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ARC_NA(0.00)[]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; FREEMAIL_FROM(0.00)[gmail.com]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; TO_DN_NONE(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; FROM_EQ_ENVFROM(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::733:from]; PREVIOUSLY_DELIVERED(0.00)[questions@freebsd.org]; MID_RHS_MATCH_FROM(0.00)[]; MLMMJ_DEST(0.00)[questions@freebsd.org]; RCVD_VIA_SMTP_AUTH(0.00)[]; FROM_HAS_DN(0.00)[] X-Rspamd-Queue-Id: 4TRyRj2TkYz4RtC

If you just want to get an X system up and running without initially getting buried in all of the extensive FreeBSD documentation, try using the port at: /usr/ports/sysutils/desktop-installer.

From the description:

"Desktop-installer is a post-install script to assist in setting up a FreeBSD
desktop system using any of the mainstream desktop systems.  It automatically
installs essential software and configures subsystems such as dbus, CUPS, etc.
for typical use."

You don't have to use it to install the sometimes weighty full desktop environments.  You can use it to install/configure a very basic X environment (think TWM).  It is script and menu driven and it works well enough to install a working desktop environment even on FreeBSD-CURRENT.

I'm a ports user mainly and while desktop-installer uses packages to do its installation, I found that looking at the edits that are made to rc.conf, and packages that are installed are very instructive to how the X system is configured on FreeBSD.

I learned a great deal about how X works in FreeBSD by using this installer, then deleting the packages, seeing what broke and what worked and reinstalling what I wanted to have from ports.  It will work without diving that deep (or crazy) into desktop magic on FreeBSD.

Tim


On 2/3/24 11:01 AM, Alexander Burke wrote:
Hi Paul,

Forgive me if I'm mistaken, but I'm starting to get the feeling that you might not have paid as much attention to the wealth of documentation on FreeBSD as perhaps you could have. There's nothing wrong with just diving in, but a bit of guidance in unfamiliar waters is never a bad thing!

The most general/basic advice is here; in this case, jump to step 9:
https://freebsdfoundation.org/setting-up-a-desktop-environment-from-scratch/

Going up a notch in detail is the excellent FreeBSD Handbook. The Desktop section has separate subsections for the KDE, GNOME, XFCE, MATE, Cinnamon, and LXQT desktop environments. Look around for reviews and screenshots and pick one; they are listed here in approximate descending order of popularity:
https://docs.freebsd.org/en/books/handbook/desktop/

I also cannot speak highly enough of vermaden's fabulous blog, which has generally been my first or second port of call when I had questions before I turned to the mailing lists. Here's his page collating all of his entries regarding setting up a FreeBSD desktop:
https://vermaden.wordpress.com/freebsd-desktop/  (scroll down past the screenshots)

There's also the FreeBSD Forums, which are very searchable:
https://forums.freebsd.org/

Given your level of experience, I recommend sticking to packages, and not touching the port system. You can explore the various packages which exist at Freshports:
https://www.freshports.org/

Important to remember is that packages are simply precompiled ports. They're a lot easier to deal with than ports.

Cheers,
Alex

On 2024-02-03 15:48, Paul M Foster wrote:
Folks:

For context, I have a fresh install of version 14. I've made myself part of
the wheel and video groups. I've installed drm-kmod, xdm, xf86-video-intel,
xfce, xorg and xterm. I've added hald_enable="YES", dbus_enable="YES" and
kld_list="i915kms" to /etc/rc.conf.

At this point, advice diverges significantly. Some sites say I should be
able to just run startx and all will be fine. Some want you to run xorg
-configure. Some want you to hack X11 config files.

What I can tell you is that X won't start with startx. For one thing, it
outputs these errors:

(EE)
Fatal server error:
(EE) no screens found(EE)
(EE)

Also, for what it's worth, service dbus start works. But service hald start
doesn't. The error is:

hald does not exist in /etc/rc.d or the local startup directories
(/usr/local/etc/rc.d), or is not executable.

I have no idea how to proceed.

Paul


From nobody Sat Feb 3 16:30:00 2024 X-Original-To: questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TRynR1sKQz59gfP for ; Sat, 3 Feb 2024 16:31:07 +0000 (UTC) (envelope-from alex@alexburke.ca) Received: from out-183.mta0.migadu.com (out-183.mta0.migadu.com [91.218.175.183]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TRynQ5X78z4VQP for ; Sat, 3 Feb 2024 16:31:06 +0000 (UTC) (envelope-from alex@alexburke.ca) Authentication-Results: mx1.freebsd.org; none Content-Type: multipart/alternative; boundary="------------mqyWBmsmiRxYrUdH1YNXXsH5" DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alexburke.ca; s=key1; t=1706977858; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=U4VtPYBaL4ONp1f5GtKVqW1m0UI0wGuqhE80KI4xp5g=; b=nN/2tqwuN0ZTUl+LMgmG9RPHAP/YBnDWYRicTvKb96h4kdy+PVQL9ZBOcZQ1445o+ylSfR Ft64otJSilJOLPSEukzJ7QRpZD8ZYjvnSdMt1GoqHqK+n/DisaVc7wchSnVP48RlhUssyB 42JCT6drZ2EyaKt5VGetO1VY+s1CRS8= Message-ID: <3ccf51e0-2ee5-4ecb-a89c-9cab86fceba7@alexburke.ca> Date: Sat, 3 Feb 2024 16:30:00 +0000 List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Subject: Re: Installing/running X11 To: TIM KELLERS References: <20240203144851.d47zguvjtisjdsz4@yosemite.mars.lan> Cc: questions@freebsd.org X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. From: Alexander Burke In-Reply-To: X-Migadu-Flow: FLOW_OUT X-Rspamd-Queue-Id: 4TRynQ5X78z4VQP X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:202172, ipnet:91.218.175.0/24, country:CH] This is a multi-part message in MIME format. --------------mqyWBmsmiRxYrUdH1YNXXsH5 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Hi Tim, That's an excellent idea! I agree that the documentation can be overwhelming at first, but if you focus on one area of need at a time, there's a lot of wisdom to be had. Paul, to go this route, just "sudo pkg install desktop-installer". That said, the man page is probably worth reading before you pull the trigger: https://man.freebsd.org/cgi/man.cgi?query=desktop-installer&sektion=1&manpath=freebsd-ports Cheers, Alex On 2024-02-03 17:15, TIM KELLERS wrote: > > If you just want to get an X system up and running without initially > getting buried in all of the extensive FreeBSD documentation, try > using the port at: /usr/ports/sysutils/desktop-installer. > > From the description: > > "Desktop-installer is a post-install script to assist in setting up a > FreeBSD > desktop system using any of the mainstream desktop systems.  It > automatically > installs essential software and configures subsystems such as dbus, > CUPS, etc. > for typical use." > > You don't have to use it to install the sometimes weighty full desktop > environments.  You can use it to install/configure a very basic X > environment (think TWM).  It is script and menu driven and it works > well enough to install a working desktop environment even on > FreeBSD-CURRENT. > > I'm a ports user mainly and while desktop-installer uses packages to > do its installation, I found that looking at the edits that are made > to rc.conf, and packages that are installed are very instructive to > how the X system is configured on FreeBSD. > > I learned a great deal about how X works in FreeBSD by using this > installer, then deleting the packages, seeing what broke and what > worked and reinstalling what I wanted to have from ports.  It will > work without diving that deep (or crazy) into desktop magic on FreeBSD. > > Tim > > > On 2/3/24 11:01 AM, Alexander Burke wrote: >> Hi Paul, >> >> Forgive me if I'm mistaken, but I'm starting to get the feeling that >> you might not have paid as much attention to the wealth of >> documentation on FreeBSD as perhaps you could have. There's nothing >> wrong with just diving in, but a bit of guidance in unfamiliar waters >> is never a bad thing! >> >> The most general/basic advice is here; in this case, jump to step 9: >> https://freebsdfoundation.org/setting-up-a-desktop-environment-from-scratch/ >> >> >> Going up a notch in detail is the excellent FreeBSD Handbook. The >> Desktop section has separate subsections for the KDE, GNOME, XFCE, >> MATE, Cinnamon, and LXQT desktop environments. Look around for >> reviews and screenshots and pick one; they are listed here in >> approximate descending order of popularity: >> https://docs.freebsd.org/en/books/handbook/desktop/ >> >> I also cannot speak highly enough of vermaden's fabulous blog, which >> has generally been my first or second port of call when I had >> questions before I turned to the mailing lists. Here's his page >> collating all of his entries regarding setting up a FreeBSD desktop: >> https://vermaden.wordpress.com/freebsd-desktop/ (scroll down past the >> screenshots) >> >> There's also the FreeBSD Forums, which are very searchable: >> https://forums.freebsd.org/ >> >> Given your level of experience, I recommend sticking to packages, and >> not touching the port system. You can explore the various packages >> which exist at Freshports: >> https://www.freshports.org/ >> >> Important to remember is that packages are simply precompiled ports. >> They're a lot easier to deal with than ports. >> >> Cheers, >> Alex >> >> On 2024-02-03 15:48, Paul M Foster wrote: >>> Folks: >>> >>> For context, I have a fresh install of version 14. I've made myself >>> part of >>> the wheel and video groups. I've installed drm-kmod, xdm, >>> xf86-video-intel, >>> xfce, xorg and xterm. I've added hald_enable="YES", >>> dbus_enable="YES" and >>> kld_list="i915kms" to /etc/rc.conf. >>> >>> At this point, advice diverges significantly. Some sites say I >>> should be >>> able to just run startx and all will be fine. Some want you to run xorg >>> -configure. Some want you to hack X11 config files. >>> >>> What I can tell you is that X won't start with startx. For one >>> thing, it >>> outputs these errors: >>> >>> (EE) >>> Fatal server error: >>> (EE) no screens found(EE) >>> (EE) >>> >>> Also, for what it's worth, service dbus start works. But service >>> hald start >>> doesn't. The error is: >>> >>> hald does not exist in /etc/rc.d or the local startup directories >>> (/usr/local/etc/rc.d), or is not executable. >>> >>> I have no idea how to proceed. >>> >>> Paul >>> >> --------------mqyWBmsmiRxYrUdH1YNXXsH5 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 8bit

Hi Tim,

That's an excellent idea! I agree that the documentation can be overwhelming at first, but if you focus on one area of need at a time, there's a lot of wisdom to be had.

Paul, to go this route, just "sudo pkg install desktop-installer". That said, the man page is probably worth reading before you pull the trigger:
https://man.freebsd.org/cgi/man.cgi?query=desktop-installer&sektion=1&manpath=freebsd-ports

Cheers,
Alex


On 2024-02-03 17:15, TIM KELLERS wrote:

If you just want to get an X system up and running without initially getting buried in all of the extensive FreeBSD documentation, try using the port at: /usr/ports/sysutils/desktop-installer.

From the description:

"Desktop-installer is a post-install script to assist in setting up a FreeBSD
desktop system using any of the mainstream desktop systems.  It automatically
installs essential software and configures subsystems such as dbus, CUPS, etc.
for typical use."

You don't have to use it to install the sometimes weighty full desktop environments.  You can use it to install/configure a very basic X environment (think TWM).  It is script and menu driven and it works well enough to install a working desktop environment even on FreeBSD-CURRENT.

I'm a ports user mainly and while desktop-installer uses packages to do its installation, I found that looking at the edits that are made to rc.conf, and packages that are installed are very instructive to how the X system is configured on FreeBSD.

I learned a great deal about how X works in FreeBSD by using this installer, then deleting the packages, seeing what broke and what worked and reinstalling what I wanted to have from ports.  It will work without diving that deep (or crazy) into desktop magic on FreeBSD.

Tim


On 2/3/24 11:01 AM, Alexander Burke wrote:
Hi Paul,

Forgive me if I'm mistaken, but I'm starting to get the feeling that you might not have paid as much attention to the wealth of documentation on FreeBSD as perhaps you could have. There's nothing wrong with just diving in, but a bit of guidance in unfamiliar waters is never a bad thing!

The most general/basic advice is here; in this case, jump to step 9:
https://freebsdfoundation.org/setting-up-a-desktop-environment-from-scratch/

Going up a notch in detail is the excellent FreeBSD Handbook. The Desktop section has separate subsections for the KDE, GNOME, XFCE, MATE, Cinnamon, and LXQT desktop environments. Look around for reviews and screenshots and pick one; they are listed here in approximate descending order of popularity:
https://docs.freebsd.org/en/books/handbook/desktop/

I also cannot speak highly enough of vermaden's fabulous blog, which has generally been my first or second port of call when I had questions before I turned to the mailing lists. Here's his page collating all of his entries regarding setting up a FreeBSD desktop:
https://vermaden.wordpress.com/freebsd-desktop/  (scroll down past the screenshots)

There's also the FreeBSD Forums, which are very searchable:
https://forums.freebsd.org/

Given your level of experience, I recommend sticking to packages, and not touching the port system. You can explore the various packages which exist at Freshports:
https://www.freshports.org/

Important to remember is that packages are simply precompiled ports. They're a lot easier to deal with than ports.

Cheers,
Alex

On 2024-02-03 15:48, Paul M Foster wrote:
Folks:

For context, I have a fresh install of version 14. I've made myself part of
the wheel and video groups. I've installed drm-kmod, xdm, xf86-video-intel,
xfce, xorg and xterm. I've added hald_enable="YES", dbus_enable="YES" and
kld_list="i915kms" to /etc/rc.conf.

At this point, advice diverges significantly. Some sites say I should be
able to just run startx and all will be fine. Some want you to run xorg
-configure. Some want you to hack X11 config files.

What I can tell you is that X won't start with startx. For one thing, it
outputs these errors:

(EE)
Fatal server error:
(EE) no screens found(EE)
(EE)

Also, for what it's worth, service dbus start works. But service hald start
doesn't. The error is:

hald does not exist in /etc/rc.d or the local startup directories
(/usr/local/etc/rc.d), or is not executable.

I have no idea how to proceed.

Paul


--------------mqyWBmsmiRxYrUdH1YNXXsH5-- From nobody Sat Feb 3 16:45:41 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TRz6K33DBz59hZt for ; Sat, 3 Feb 2024 16:45:45 +0000 (UTC) (envelope-from paulf@quillandmouse.com) Received: from rusty.tulip.relay.mailchannels.net (rusty.tulip.relay.mailchannels.net [23.83.218.252]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TRz6J2Xvtz4XYS for ; Sat, 3 Feb 2024 16:45:44 +0000 (UTC) (envelope-from paulf@quillandmouse.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=quillandmouse.com header.s=dreamhost header.b=qi8geOnp; arc=pass ("mailchannels.net:s=arc-2022:i=1"); dmarc=none; spf=pass (mx1.freebsd.org: domain of paulf@quillandmouse.com designates 23.83.218.252 as permitted sender) smtp.mailfrom=paulf@quillandmouse.com X-Sender-Id: dreamhost|x-authsender|paulf@quillandmouse.com Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id E35734C3AAA for ; Sat, 3 Feb 2024 16:45:42 +0000 (UTC) Received: from pdx1-sub0-mail-a252.dreamhost.com (unknown [127.0.0.6]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id 9281D4C3A47 for ; Sat, 3 Feb 2024 16:45:42 +0000 (UTC) ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1706978742; a=rsa-sha256; cv=none; b=BtzJdUyIQk55vcCOG/iEb3tbItzPURsQ0Zm0h1J2p9hc3WCaRoi3+hb/Io86sMVhL74R/8 fIf2tNI4czG/pbG8QIqbfDDzAW3wobNPNpE8XwRv592gqmhLpBkSx7We8ap9thWzx8JguP mg07Ayvxl/noDncHZYDcCVxX8JwPGRfcVpEeTozPMDbJdo7SHWid+00uWsEDfDv99NpCmj +k62FvVYC7/1no4gCCMT8dPYkXndA7U8/5PwPkegJN5ffLcYR3xXlu86NJwSMqHhTmcHBP aL/cHHedQFhSy8hrvyyGq61mQvUyYI8LHKBb5epSRW2lC1MEiXIFkNV3vGAj2w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1706978742; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=Fh7sxw5Dh1fBll5flVulp4vpMUrqdsIoXmqbDy5JhjA=; b=NSqCJ1UF3HXQDcTaP7Hu2CEmJJHnS4iHlwJ3PgQCH436NKP2XSFfEvBeI1t+1ahGnqj2+s YzJ43w/4GF/WCphc5GhvD8M2FHuAcJc7F8hr0YWJ2TW8iOCzWCxU1zerGdorhg4HtrK3TC DZkwDyyhkj+XILUxXr38xgWrPZIGbTWF1bQbOC8hTBL+VRpXMFn0zZwz8Z0+IF3XH/wwV2 VNVXe5/kF5hJYf7DZYUODYB3m0IruI5ZPLu01N6IeQHnNdjM6SDNLtLoEM4Vzu6KgLBOgT HxZIEAcuqfnxFhh2QktS9bvYFfFwlLzhlxBRWC17dHPcHIiAo8TwT4ug9/eVfA== ARC-Authentication-Results: i=1; rspamd-55b4bfd7cb-lqvvl; auth=pass smtp.auth=dreamhost smtp.mailfrom=paulf@quillandmouse.com X-Sender-Id: dreamhost|x-authsender|paulf@quillandmouse.com X-MC-Relay: Neutral X-MailChannels-SenderId: dreamhost|x-authsender|paulf@quillandmouse.com X-MailChannels-Auth-Id: dreamhost X-Troubled-Gusty: 670fad131a42318c_1706978742818_920145378 X-MC-Loop-Signature: 1706978742818:492540358 X-MC-Ingress-Time: 1706978742818 Received: from pdx1-sub0-mail-a252.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.100.20.149 (trex/6.9.2); Sat, 03 Feb 2024 16:45:42 +0000 Received: from yosemite.mars.lan (unknown [47.205.190.127]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: paulf@quillandmouse.com) by pdx1-sub0-mail-a252.dreamhost.com (Postfix) with ESMTPSA id 4TRz6G2pfbz4B for ; Sat, 3 Feb 2024 08:45:42 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quillandmouse.com; s=dreamhost; t=1706978742; bh=Fh7sxw5Dh1fBll5flVulp4vpMUrqdsIoXmqbDy5JhjA=; h=Date:From:To:Subject:Content-Type:Content-Transfer-Encoding; b=qi8geOnpkP3eOIOXG2o4W360yhMDwJrLQakRdiHRG6TQstMMO7QQVEbLu9RfW6iC7 hTPYNxWCj9amWg/at1eV6Q0bz1K2KdJgmWaRJBFF5bDTCzA2HEl5+8BZ2N6V8VTjW2 8p1LmP4izP5lLyATu4k5bR+OaKTgaypFVqy0VBNP4t7LgDivsUn9kp1qIr7R1lawZy OvGFJIB59mm85TDXVjcjeyh9HSWMecIaecQy6N22xrCbQwSBk1j3BkcMEaa3gOVB5N MHb9t2h5Kam9eEYJxn5tGA+/4yHa1eWg7xaUyNBFo/PomrJnMh5UmTfqJC5OWvOLB+ nhUBu7mIaXVwg== Received: from paulf by yosemite.mars.lan with local (Exim 4.96) (envelope-from ) id 1rWJ9B-006wxD-0w for freebsd-questions@freebsd.org; Sat, 03 Feb 2024 11:45:41 -0500 Date: Sat, 3 Feb 2024 11:45:41 -0500 From: Paul M Foster To: freebsd-questions@freebsd.org Subject: Re: Installing/running X11 Message-ID: <20240203164541.nibx4olun3jz66rn@yosemite.mars.lan> Mail-Followup-To: freebsd-questions@freebsd.org References: <20240203144851.d47zguvjtisjdsz4@yosemite.mars.lan> List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.70 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; ARC_ALLOW(-1.00)[mailchannels.net:s=arc-2022:i=1]; NEURAL_HAM_SHORT(-1.00)[-1.000]; RWL_MAILSPIKE_VERYGOOD(-0.20)[23.83.218.252:from]; R_DKIM_ALLOW(-0.20)[quillandmouse.com:s=dreamhost]; R_SPF_ALLOW(-0.20)[+ip4:23.83.208.0/20]; MIME_GOOD(-0.10)[text/plain]; RCVD_VIA_SMTP_AUTH(0.00)[]; ASN(0.00)[asn:63213, ipnet:23.83.216.0/22, country:CA]; MISSING_XM_UA(0.00)[]; RCPT_COUNT_ONE(0.00)[1]; MIME_TRACE(0.00)[0:+]; DMARC_NA(0.00)[quillandmouse.com]; FROM_HAS_DN(0.00)[]; MLMMJ_DEST(0.00)[freebsd-questions@freebsd.org]; RCVD_COUNT_FIVE(0.00)[5]; FROM_EQ_ENVFROM(0.00)[]; RCVD_IN_DNSWL_NONE(0.00)[23.83.218.252:from]; TO_DN_NONE(0.00)[]; RCVD_TLS_LAST(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; TO_MATCH_ENVRCPT_ALL(0.00)[]; DKIM_TRACE(0.00)[quillandmouse.com:+] X-Rspamd-Queue-Id: 4TRz6J2Xvtz4XYS On Sat, Feb 03, 2024 at 05:01:43PM +0100, Alexander Burke wrote: > Hi Paul, > > Forgive me if I'm mistaken, but I'm starting to get the feeling that you > might not have paid as much attention to the wealth of documentation on > FreeBSD as perhaps you could have. There's nothing wrong with just diving > in, but a bit of guidance in unfamiliar waters is never a bad thing! > > The most general/basic advice is here; in this case, jump to step 9: > https://freebsdfoundation.org/setting-up-a-desktop-environment-from-scratch/ Step 9: pkg install xorg This is weak at *best*. Obviously, I did this. And according to almost *every* other advisor I've read, there are more packages which need to be installed, as I indicated in my original message. > > Going up a notch in detail is the excellent FreeBSD Handbook. The Desktop > section has separate subsections for the KDE, GNOME, XFCE, MATE, Cinnamon, > and LXQT desktop environments. Look around for reviews and screenshots and > pick one; they are listed here in approximate descending order of > popularity: > https://docs.freebsd.org/en/books/handbook/desktop/ And of course, this was the first place I looked, since the handbook *should* be the definitive guide. Needless to say, despite following the advice there, X is not starting properly for me. > > I also cannot speak highly enough of vermaden's fabulous blog, which has > generally been my first or second port of call when I had questions before I > turned to the mailing lists. Here's his page collating all of his entries > regarding setting up a FreeBSD desktop: > https://vermaden.wordpress.com/freebsd-desktop/ (scroll down past the > screenshots) > Been there, too. Vermaden is the one who details hacking the X11 configs manually, unlike everyone else. And according to every other source, this really shouldn't be necessary. I don't want to go there unless I have to. > There's also the FreeBSD Forums, which are very searchable: > https://forums.freebsd.org/ This could take a while... > > Given your level of experience, I recommend sticking to packages, and not > touching the port system. You can explore the various packages which exist > at Freshports: > https://www.freshports.org/ > > Important to remember is that packages are simply precompiled ports. They're > a lot easier to deal with than ports. > Perhaps you underestimate my level of experience. I've been running Linux exclusively since 1996. And I'm aware of the difference between packages and ports. That's in the manual, early on. Paul -- Paul M. Foster Personal Blog: http://noferblatz.com Company Site: http://quillandmouse.com Software Projects: https://gitlab.com/paulmfoster From nobody Sat Feb 3 17:00:52 2024 X-Original-To: questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TRzRq3QQSz59jZ0 for ; Sat, 3 Feb 2024 17:00:55 +0000 (UTC) (envelope-from ml@netfence.it) Received: from soth.netfence.it (mailserver.netfence.it [78.134.96.152]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "mailserver.netfence.it", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TRzRp1tQNz4ZBw for ; Sat, 3 Feb 2024 17:00:54 +0000 (UTC) (envelope-from ml@netfence.it) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=netfence.it header.s=202401 header.b=xrjHwcoH; dmarc=pass (policy=none) header.from=netfence.it; spf=pass (mx1.freebsd.org: domain of ml@netfence.it designates 78.134.96.152 as permitted sender) smtp.mailfrom=ml@netfence.it Received: from [10.1.2.18] (alamar.local.netfence.it [10.1.2.18]) (authenticated bits=0) by soth.netfence.it (8.17.2/8.17.1) with ESMTPSA id 413H0q7Z047472 (version=TLSv1.3 cipher=TLS_AES_128_GCM_SHA256 bits=128 verify=NO) for ; Sat, 3 Feb 2024 18:00:52 +0100 (CET) (envelope-from ml@netfence.it) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=netfence.it; s=202401; t=1706979652; bh=uyeocTW6Zz1lYPWBKC39iBh3UVeIzEji4n/XRdtkr2E=; h=Date:Subject:To:References:From:In-Reply-To; b=xrjHwcoHXTeBV7HzehInH5u4DxcAzXAGIvFzYnR4sCiXRmW9eaKvPn7hRNyn98bfX 2ogLHud1c9M5bLPKE5ln7AH/nFoZQJMxtJDysyaezpWCzk5xUQmWCMon6Brmwvd/tM 19GwN7tscY62ZnY3akmAyoTweojvZUBKA2QV4EPQ= X-Authentication-Warning: soth.netfence.it: Host alamar.local.netfence.it [10.1.2.18] claimed to be [10.1.2.18] Message-ID: Date: Sat, 3 Feb 2024 18:00:52 +0100 List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: Installing/running X11 Content-Language: en-US To: questions@freebsd.org References: <20240203144851.d47zguvjtisjdsz4@yosemite.mars.lan> From: Andrea Venturoli In-Reply-To: <20240203144851.d47zguvjtisjdsz4@yosemite.mars.lan> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.99 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; DMARC_POLICY_ALLOW(-0.50)[netfence.it,none]; R_SPF_ALLOW(-0.20)[+ip4:78.134.96.152]; R_DKIM_ALLOW(-0.20)[netfence.it:s=202401]; MIME_GOOD(-0.10)[text/plain]; XM_UA_NO_VERSION(0.01)[]; RCPT_COUNT_ONE(0.00)[1]; ASN(0.00)[asn:35612, ipnet:78.134.0.0/17, country:IT]; RCVD_VIA_SMTP_AUTH(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_COUNT_ONE(0.00)[1]; RCVD_TLS_ALL(0.00)[]; MLMMJ_DEST(0.00)[questions@freebsd.org]; ARC_NA(0.00)[]; FROM_HAS_DN(0.00)[]; HAS_XAW(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[questions@freebsd.org]; DKIM_TRACE(0.00)[netfence.it:+] X-Rspamd-Queue-Id: 4TRzRp1tQNz4ZBw On 2/3/24 15:48, Paul M Foster wrote: I don't consider myself an expert, but... > the wheel and video groups. I've installed drm-kmod, xdm, xf86-video-intel, xf86-video-intel might not be necessary; I suggest you try without and only install it if that does not work. > I've added hald_enable="YES" HAL was removed in 2021 as it had "been abandonned upstream long ago". > kld_list="i915kms" to /etc/rc.conf. Do you see the screen changing resolution when that module is loaded (with no X around)? FWIW I have kld_list="/boot/modules/i915kms.ko" Does that make any difference? > At this point, advice diverges significantly. Some sites say I should be > able to just run startx and all will be fine. Some want you to run xorg > -configure. Some want you to hack X11 config files. AFAIK you should first try without any config and resort to them, in very specific cases, if default does not work. > What I can tell you is that X won't start with startx. For one thing, it > outputs these errors: > > (EE) > Fatal server error: > (EE) no screens found(EE) > (EE) Anything more detailed in /var/log/Xorg.0.log? > I have no idea how to proceed. As others have pointed out already, it would be useful to know which hardware is this. bye av. From nobody Sat Feb 3 17:07:00 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TRzbM0fjbz59kMm for ; Sat, 3 Feb 2024 17:07:27 +0000 (UTC) (envelope-from alex@alexburke.ca) Received: from out-185.mta1.migadu.com (out-185.mta1.migadu.com [IPv6:2001:41d0:203:375::b9]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4TRzbL5R1Kz4bck for ; Sat, 3 Feb 2024 17:07:26 +0000 (UTC) (envelope-from alex@alexburke.ca) Authentication-Results: mx1.freebsd.org; none Message-ID: DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=alexburke.ca; s=key1; t=1706980037; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=OkjgE6A638QtuR2KI6fTLD7xrssHHO3NeotD73C6x+o=; b=LknCBoqQyzZKi5PYD9nLY27D0kcNbDFYMQixuAboA1XDeeonwN2JR5zrb4gF+hiu5yXE4R 9cFo7vj/SYBUTVjKIVhioFuSrBAq3pIxgifZxU7FviOB1Xk7ye6LrF4orSYWRUju91eYEa lU3TrwIvVyur32RmmNWbrc8b/THa3jk= Date: Sat, 3 Feb 2024 17:07:00 +0000 List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Subject: Re: Installing/running X11 To: freebsd-questions@freebsd.org References: <20240203144851.d47zguvjtisjdsz4@yosemite.mars.lan> <20240203164541.nibx4olun3jz66rn@yosemite.mars.lan> Cc: paulf@quillandmouse.com X-Report-Abuse: Please report any abuse attempt to abuse@migadu.com and include these headers. From: Alexander Burke In-Reply-To: <20240203164541.nibx4olun3jz66rn@yosemite.mars.lan> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Migadu-Flow: FLOW_OUT X-Rspamd-Queue-Id: 4TRzbL5R1Kz4bck X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:16276, ipnet:2001:41d0::/32, country:FR] Hi Paul, > Step 9: pkg install xorg > > This is weak at *best*. Obviously, I did this. And according to almost > *every* other advisor I've read, there are more packages which need to be > installed, as I indicated in my original message. There are twelve steps on that page. Maybe keep reading before hitting Reply? > Perhaps you underestimate my level of experience. My apologies; I should have said "given your level of experience with FreeBSD". > I've been running Linux exclusively since 1996. Coming from someone who didn't know about `ssh -vvv` and/or how to parse its output (or look up re how to do so), this is... quite a surprise. I won't take up any more of your time. Enjoy the rest of your weekend! Cheers, Alex On 2024-02-03 17:45, Paul M Foster wrote: > On Sat, Feb 03, 2024 at 05:01:43PM +0100, Alexander Burke wrote: > >> Hi Paul, >> >> Forgive me if I'm mistaken, but I'm starting to get the feeling that you >> might not have paid as much attention to the wealth of documentation on >> FreeBSD as perhaps you could have. There's nothing wrong with just diving >> in, but a bit of guidance in unfamiliar waters is never a bad thing! >> >> The most general/basic advice is here; in this case, jump to step 9: >> https://freebsdfoundation.org/setting-up-a-desktop-environment-from-scratch/ > > Step 9: pkg install xorg > > This is weak at *best*. Obviously, I did this. And according to almost > *every* other advisor I've read, there are more packages which need to be > installed, as I indicated in my original message. > >> >> Going up a notch in detail is the excellent FreeBSD Handbook. The Desktop >> section has separate subsections for the KDE, GNOME, XFCE, MATE, Cinnamon, >> and LXQT desktop environments. Look around for reviews and screenshots and >> pick one; they are listed here in approximate descending order of >> popularity: >> https://docs.freebsd.org/en/books/handbook/desktop/ > > And of course, this was the first place I looked, since the handbook > *should* be the definitive guide. Needless to say, despite following the > advice there, X is not starting properly for me. > >> >> I also cannot speak highly enough of vermaden's fabulous blog, which has >> generally been my first or second port of call when I had questions before I >> turned to the mailing lists. Here's his page collating all of his entries >> regarding setting up a FreeBSD desktop: >> https://vermaden.wordpress.com/freebsd-desktop/  (scroll down past the >> screenshots) >> > > Been there, too. Vermaden is the one who details hacking the X11 configs > manually, unlike everyone else. And according to every other source, this > really shouldn't be necessary. I don't want to go there unless I have to. > >> There's also the FreeBSD Forums, which are very searchable: >> https://forums.freebsd.org/ > > This could take a while... > >> >> Given your level of experience, I recommend sticking to packages, and not >> touching the port system. You can explore the various packages which exist >> at Freshports: >> https://www.freshports.org/ >> >> Important to remember is that packages are simply precompiled ports. They're >> a lot easier to deal with than ports. >> > > Perhaps you underestimate my level of experience. I've been running Linux > exclusively since 1996. And I'm aware of the difference between packages > and ports. That's in the manual, early on. > > Paul > From nobody Sun Feb 4 01:10:43 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TSBK64FCqz58qS1 for ; Sun, 4 Feb 2024 01:10:50 +0000 (UTC) (envelope-from grog@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TSBK63f89z4Zqy; Sun, 4 Feb 2024 01:10:50 +0000 (UTC) (envelope-from grog@freebsd.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1707009050; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=35Njp53YyPu7fbGF2Q8NNU6C4ToVoKINHwBpMzeR6jk=; b=tIS7F4vSl3iS7nSvZ74yJ1f8RqmnXcBC9YLqNweHPMj0lWeFwvJo3RIbVzCA/63ok5+TvI 5umGH57iIV3JPUz7o/1ekP5SvzxzkCZOGUCBvqjy0N2JVMnicPzUbFbgao//jouh8AVLV2 wSpLL2375R8+s/NeDOF6N8tszUfQepl3iCfXy7j8yn/5TaAukFRrxBaRX1xKUeqCEhwjO3 xDTqJmgZA7Mzbk1tPSGFWvi/lvJwFZI6Ok99vD9olgEKIvDTZwuxsQ3Tp46jQAqKRtLw64 ckXMKVX9IeQu3X0KL5u6sgaPpP0IvYaJHWJbyDS/P8ICvOE6t0AuCYtIXGtkCw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1707009050; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=35Njp53YyPu7fbGF2Q8NNU6C4ToVoKINHwBpMzeR6jk=; b=IbE5iaxBt7OYJ0Ar+tB7opvaQ89ZzzyEKRJYKKnrFr3mKNGmlpv0laPoJYVwkQoXt63/2q FnMkJrBrZ3NKWF+Qu/o5s2iwqVPR3xyvR0eD2By9gKqugt4r+XgW6VygDks5eVhrpoIWBl TFABfYdPFGxU1tQbgCuM0IcZrtwycK+h3qM5F5vhpmMiECZCxfly09pKcJ/xJMrgzsaiwx 3Mn2NR1am86/ImpFYDRt0erjZ0xseao+MlvAm+LX5kLmRD4R3YJGQU/KH+xF4kNBZxMsmv /5LJ2Im2VqlD3RzTIQP5JI19b8bif241sfBX3ypXO+inHQFUDD5o45s8eNz4hw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1707009050; a=rsa-sha256; cv=none; b=Be269vb/UjEsKnRZJHFGGiVttAT42RCgvOygIBbBZSaD1CKVHE/fKNUxUYPwS73S0YtGkC +kOSWRgqSpsbfR+rAIuw2YRBIcAccNpTNM5gTgUpu6pHDzcjsje5qb86DNWBNRk1u6s5Wp IDLQYgWRF9Bblk1OqgT2tjgdigJ/teHSKE3SF0meXcGTau+sUjPMTCgSdBJMLjZhSapdgI 5RVREisGRwBhcYb5pi2eVORg7MzaFSd9yjML9UgC3euRjT628x+CAVLPZMRFBx7/BiTA9T QrtEYiRyiOxhnTLDN1OaFE6Vjy9uofDkA5qyecK7nPzB8lTvaipzwfQcWRbIIg== Received: from hydra.lemis.com (121-200-11-253.79c80b.mel.nbn.aussiebb.net [121.200.11.253]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) (Authenticated sender: grog/mail) by smtp.freebsd.org (Postfix) with ESMTPSA id 4TSBK51qG9zKJr; Sun, 4 Feb 2024 01:10:48 +0000 (UTC) (envelope-from grog@freebsd.org) Date: Sun, 4 Feb 2024 12:10:43 +1100 From: Greg 'groggy' Lehey To: Paul M Foster Cc: freebsd-questions@freebsd.org Subject: Re: Installing/running X11 Message-ID: References: <20240203144851.d47zguvjtisjdsz4@yosemite.mars.lan> List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="hi1lhbPtuqpqGGrz" Content-Disposition: inline In-Reply-To: <20240203144851.d47zguvjtisjdsz4@yosemite.mars.lan> Organization: The FreeBSD Project Phone: +61-3-5309-0418 Mobile: +61-490-494-038. Use only as instructed. WWW-Home-Page: https://www.FreeBSD X-PGP-Fingerprint: 9A1B 8202 BCCE B846 F92F 09AC 22E6 F290 507A 4223 --hi1lhbPtuqpqGGrz Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Saturday, 3 February 2024 at 9:48:51 -0500, Paul M Foster wrote: > Folks: > > For context, I have a fresh install of version 14. I've made myself part of > the wheel and video groups. I've installed drm-kmod, xdm, xf86-video-intel, > xfce, xorg and xterm. I've added hald_enable="YES", dbus_enable="YES" and > kld_list="i915kms" to /etc/rc.conf. > > At this point, advice diverges significantly. Some sites say I should be > able to just run startx and all will be fine. Some want you to run xorg > -configure. Some want you to hack X11 config files. X has been around for a long time, and installation has changed. In the latest versions, all those steps *should* be unnecessary. I've forgotten the details, but IIRC it's a good idea to install dbus for some clients, including web browsers, but it shouldn't be necessary for starting X. My newly installed system doesn't have hald, and Xorg -configure (not xorg, which doesn't exist) hasn't worked properly for years. Hacking config files has also changed dramatically over the years, and I'm not sure that all drivers respect the semantics. I don't know what i915kms is, though it suggests it has something to do with the Intel 915 chipsets. But looking through my system, it seems to have gone out with FreeBSD re1ease 12. Where did you get this information from? If it's in the official FreeBSD documentation, we need to fix it. Also, does kldstat show anything with a similar name? This is probably not the cause of your problem, though. > What I can tell you is that X won't start with startx. For one thing, it > outputs these errors: > > (EE) > Fatal server error: > (EE) no screens found(EE) > (EE) It outputs more than that, including a reference to the log file that contains the real reason for not starting. in this case almost certainly /var/log/Xorg.0.log. Look in particular for references to config files (there shouldn't be one in the situation you describe) and any lines starting with (WW) (warning) or (EE) (error). If that doesn't help you identify the problem, report what you find. > Also, for what it's worth, service dbus start works. But service hald start > doesn't. The error is: > > hald does not exist in /etc/rc.d or the local startup directories > (/usr/local/etc/rc.d), or is not executable. > > I have no idea how to proceed. If you want to install hald (and can find a reason to do so), you will have to install the package. But this isn't relevant to your real problem. Greg -- When replying to this message, please copy the original recipients. If you don't, I may ignore the reply or reply to the original recipients. For more information, see http://www.lemis.com/questions.html Sent from my desktop computer. See complete headers for address and phone numbers. This message is digitally signed. If your Microsoft mail program reports problems, please read http://lemis.com/broken-MUA.php --hi1lhbPtuqpqGGrz Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iF0EARECAB0WIQSaG4ICvM64RvkvCawi5vKQUHpCIwUCZb7kDgAKCRAi5vKQUHpC I7wwAKCHpLideriJO5g0sP7sExH/8QVdDQCcD12vaDY6o79SNwzrKlzvgKYPkas= =fCEk -----END PGP SIGNATURE----- --hi1lhbPtuqpqGGrz-- From nobody Sun Feb 4 01:15:16 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TSBQP5h0xz58rF4 for ; Sun, 4 Feb 2024 01:15:25 +0000 (UTC) (envelope-from lexi@le-fay.org) Received: from thyme.eden.le-Fay.ORG (THYME.EDEN.LE-FAY.ORG [81.187.47.194]) by mx1.freebsd.org (Postfix) with ESMTP id 4TSBQP1cnFz4c9g; Sun, 4 Feb 2024 01:15:25 +0000 (UTC) (envelope-from lexi@le-fay.org) Authentication-Results: mx1.freebsd.org; none Received: from iris.eden.le-Fay.ORG (IRIS.EDEN.LE-FAY.ORG [IPv6:2001:8b0:aab5:106::18]) by thyme.eden.le-Fay.ORG (Postfix) with ESMTP id EDDB32A893; Sun, 4 Feb 2024 01:15:16 +0000 (GMT) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=le-fay.org; s=thyme; t=1707009316; bh=aRqTwh7AEGyVPwoJL6wiuRt6+y2vNmIQSB5v7tMHgOI=; h=Date:From:To:Cc:Subject:References:In-Reply-To; b=llBfMtWXw05LgddU+1vTmwfdqH+Gp/0HJQ6Nt3uc3SOQRumusMNMGhuxZ/9Mm27mJ +E6fTz+aZ3TcaZmjlWwu12S/uK3ISRYEYTazf8mbsqGzi8rzOWfOJw5uunIgbbj+gJ bfwRrGx+uyXSAKiGEC4gUBCSmQtTSAmcRmqAdw4I= Received: from ilythia.eden.le-fay.org (ILYTHIA.EDEN.LE-FAY.ORG [IPv6:2001:8b0:aab5:104:3::101]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by iris.eden.le-Fay.ORG (Postfix) with ESMTPSA id D82B08C80; Sun, 4 Feb 2024 01:15:16 +0000 (GMT) Date: Sun, 4 Feb 2024 01:15:16 +0000 From: Lexi Winter To: Greg 'groggy' Lehey Cc: Paul M Foster , freebsd-questions@freebsd.org Subject: Re: Installing/running X11 Message-ID: Mail-Followup-To: Greg 'groggy' Lehey , Paul M Foster , freebsd-questions@freebsd.org References: <20240203144851.d47zguvjtisjdsz4@yosemite.mars.lan> List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="G7Y0RFAXonNV9qIs" Content-Disposition: inline In-Reply-To: X-Rspamd-Queue-Id: 4TSBQP1cnFz4c9g X-Spamd-Bar: ---- X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:20712, ipnet:81.187.0.0/16, country:GB] --G7Y0RFAXonNV9qIs Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Greg 'groggy' Lehey: > I don't know what i915kms is, though it suggests it has something to > do with the Intel 915 chipsets. i915kms.ko is the (ported) Linux KMS/DRI driver for most/all Intel integrated GPUs. i don't know if these are all 'i915' devices, but that's what the module is called. it comes from the graphics/drm-*-kmod ports and it's correct to install it when running X on a system with Intel integrated GPU. --G7Y0RFAXonNV9qIs Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQGzBAABCAAdFiEEuwt6MaPcv/+Mo+ftDHqbqZ41x5kFAmW+5SEACgkQDHqbqZ41 x5ncJgwAlekMfy2GCHttwbLq0etnfL/RK7HdIXo8m+IjbGouvfSEXGtCyq1w7PH1 0xwRklA2NYSnrZVSPmhb34PfKLUIKfAjto3WjyqNTcZpXiwV9SdPzXMbV73AqvD7 Itz/egxqUUEvO4Z+R6L5+D6WwBWAx3qPC2/or7wFBtB+Q+RZP9xHxNz0Y6EXwyzC hikwHvckAbI9DelDd3K6MNlHXOJNjZBz/eOraRIC89OMlMdy0jm45D8I95xxsg7P uKVIXjWCGxrn7JOSxLKZ/NJ/zsbIce7EJq3bM2i1u2dnDV+ptqV34TNTl5VmxxMz CebMtxtWv3VIOTnSNE0DH6oX3smMrURXs2TVvudWIwcIjMzcHAprObyueh+7enuA IcHVeI8RJR3Cnwzty+UQk6HbJfQ0rt5LfTCGWOIhL/j9kSIGf42Ta6Htgh2rPp3W 1cblNqJIfVTLjGw6rpe/y9c0s5KGe434l3NBTHg6xYtuDM5vHH1HKcsgkSreERN8 Q73jjZlm =Qd7O -----END PGP SIGNATURE----- --G7Y0RFAXonNV9qIs-- From nobody Sun Feb 4 08:24:22 2024 X-Original-To: freebsd-questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4TSMxN6qMRz59KFL for ; Sun, 4 Feb 2024 08:24:24 +0000 (UTC) (envelope-from grarpamp@gmail.com) Received: from mail-ua1-x92f.google.com (mail-ua1-x92f.google.com [IPv6:2607:f8b0:4864:20::92f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1D4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4TSMxM5zNmz41YZ for ; Sun, 4 Feb 2024 08:24:23 +0000 (UTC) (envelope-from grarpamp@gmail.com) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20230601 header.b=knxe4Z+J; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of grarpamp@gmail.com designates 2607:f8b0:4864:20::92f as permitted sender) smtp.mailfrom=grarpamp@gmail.com Received: by mail-ua1-x92f.google.com with SMTP id a1e0cc1a2514c-7d5c2502ea2so1344772241.1 for ; Sun, 04 Feb 2024 00:24:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1707035063; x=1707639863; darn=freebsd.org; h=to:subject:message-id:date:from:references:in-reply-to:mime-version :from:to:cc:subject:date:message-id:reply-to; bh=jCRzz7+Xqd3sM5I8kBEgSy82IGE/2l5M+k0mte1VKl4=; b=knxe4Z+JMZDF9dmjz4583McMlPYO8ouEQhAkEg3UnRE3VEOtnHtEHjwpOc5rZ5RvoD r9pGtOwzLJkxI5AAoflKVUym6LfX6biinZevv5P4+Bwsfx0KOaXpPKiVppN/Ks1diBnq U7mmTMgaWxbnRY2GI2eWJ67w4Iwps9ldR8oDCs99nN4pqDDlZivb+XOo788Y3NjgKbxI 5ESwAFEf5aKhNrQFMO/enrchdzl3PdzUnuyVYqd83px75TqT3ooYqBG93eJU/oVRjqw5 uJUiAxOPZPQv/2o1LJzIEwm/Ml65gd7ss6ZDndTE5IP5PHTWLnKomTt5t+AIfYhyFhvR t0EQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1707035063; x=1707639863; h=to:subject:message-id:date:from:references:in-reply-to:mime-version :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=jCRzz7+Xqd3sM5I8kBEgSy82IGE/2l5M+k0mte1VKl4=; b=fdqppnGrbdvb0GkRkZl1G4aLpwuDDIhFHAmKSCdVR9fK1W5MG/w6OnsoQd57k40Xdh 6qMppuQECNYrP5uuDzrt8wJIkqu8E5t1Ns0R44xzzR++HVEOoJBXA+Aw7c+LoyDrlK+C NbNXwP/szJICp0K7T+k1Ten4UnFKYNfPxYXRdXkN7mMq72iOOfKEvLirtmj8Nziq6/29 UVnnMXimWDZsDBSSU5B5i7yN3zRWhzeuGUbwdIRdw3b5AB0WtO3pkEsCeQnrjoR1X/vA 95+C7ioHpYjo9g/jt1g8DQ0evJFG5e3a1jRJmtiP5sj+HHLt6Q5mrM+QSCzROQiTV3vF WZuQ== X-Gm-Message-State: AOJu0YzW3j6e0CDwC6fQBRgnAPdR4+3U4dC7OKb8GVQOkXen7VtEF1FG APWC0iEaflPET7Wq3txw/b9+JY93jCewWDILompusMtUrFpPH/h1BySIthjCLxZR2pz1mG2e35s xVocM4gRTeoCZ6F7hCWDsvSD8D0R8IefDZCb2Haic X-Google-Smtp-Source: AGHT+IENODefcQ0A67UEtcJyXkS7dDuoIaxkDFXX662NMirqZClosM+fM9KexHit2WUgYyC0iJ3gmYfjVOO5NngJiYg= X-Received: by 2002:a05:6102:40b:b0:46d:2786:433d with SMTP id d11-20020a056102040b00b0046d2786433dmr189095vsq.25.1707035062730; Sun, 04 Feb 2024 00:24:22 -0800 (PST) List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org MIME-Version: 1.0 Received: by 2002:a05:612c:ee2:b0:44d:39d2:b0ad with HTTP; Sun, 4 Feb 2024 00:24:22 -0800 (PST) In-Reply-To: <20240203144851.d47zguvjtisjdsz4@yosemite.mars.lan> References: <20240203144851.d47zguvjtisjdsz4@yosemite.mars.lan> From: grarpamp Date: Sun, 4 Feb 2024 03:24:22 -0500 Message-ID: Subject: Re: Installing/running X11 To: freebsd-questions@freebsd.org Content-Type: text/plain; charset="UTF-8" X-Spamd-Bar: --- X-Spamd-Result: default: False [-4.00 / 15.00]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-1.00)[-1.000]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20230601]; MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; ARC_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; RCPT_COUNT_ONE(0.00)[1]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; FREEMAIL_FROM(0.00)[gmail.com]; FROM_HAS_DN(0.00)[]; MISSING_XM_UA(0.00)[]; FREEMAIL_ENVFROM(0.00)[gmail.com]; TO_DN_NONE(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; FROM_EQ_ENVFROM(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; MLMMJ_DEST(0.00)[freebsd-questions@freebsd.org]; MID_RHS_MATCH_FROMTLD(0.00)[]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::92f:from] X-Rspamd-Queue-Id: 4TSMxM5zNmz41YZ On 2/3/24, Paul M Foster wrote: > X won't start https://docs.freebsd.org/en/books/handbook/x11/ Identify the GPU. After the correct kernel module files for that are physically installed on disk, the simplest functional configless X test is: # from video group, or as root Xorg & # as unpriviledged user xterm -display :0 & # press through the alt-F[keys] and ctrl-alt-F[keys] # till you find all the screens, then twm -display :0 & firefox --display=:0 & Xorg can trigger autoload of the necessary modules, kldstat before and after will show that. Nothing else is needed for this test, nor to test firefox and many other apps. None of xdm, xfce, hald, or dbus are needed for this test. Without the below, nobody will know what actual video bits the box needs, so they can't say anything about drm-kmod, xf86-video-intel, or i915kms. If it doesn't work, you'll need to post... - grep '^CPU' /var/run/dmesg.boot - uname -vmpKU - GPU part number - pciconf -lv | egrep -B3 -A1 display - dmesg -a # sanitized - kldstat - output from Xorg - /var/log/Xorg.0.log