parv: the pages _around_ FreeBSD Journal are somewhat peculiar, in that the start is near the end (the foot).

Try <issue.freebsdfoundation.org/publica…p=1&view=issuelistBrowser&ver=html5>

Title: FreeBSD Journal DE September/October 2022

meka: I got it working, thanks for all of your help :)

i thought that: if out xmit bridge0 recv gre0 matches for a packet, then surely via gre0 must match, right? i am seeing that out xmit bridge0 recv gre0 actually requires a separate rule

is there a simple way to install an older port in the ports tree?

hello how do I change the mirror to a faster oneÉ

I have a computer that can download 1gb per second

and its working at 100 kb per second

its really horrible is there anything I can do

its frustrating i always get bad luck and lose my time

lol

i just lost an hour was hoping to have it up and running in 15 minutes not a huge headache...

Guest706: freshports.org/ports-mgmt/fastest_sites

Title: FreshPorts -- ports-mgmt/fastest_sites: Sort MASTER_SITE_* based upon TCP handshake times

Never tried it, mind you

If I am downloading an ISO I will use aria2c and list a few mirrors and make them all threaded.

I can saturate 5Gbit like that

Another tip: adufray.com/blog/2016/10/24/finding-the-fastest-freebsd-mirror

Title: Finding the Fastest FreeBSD Mirror – adufray.com

Title: A shell script to select the fastest freebsd-update mirror · GitHub

etc...

thank you Erhard

With a Gig connection familiarize yourself with aria2c because it can help you make use of the bandwidth, even with a single server (much to the admin's chagrin of course)

I have it installed at home it`s just teh school computers

Cool.

like right now I am using my computer through the cloud and ssh to be able to go on weechat

freebsd installed

but sort of fed up with these computers it`s just the problem is I am here at school and want to be able to do something

but cant a lot of the time...

they have some weird french canadian keyboard that I don`t know how to hit all the buttons correctly and so many user restrictions

You at McGill?

but they have virtual box and I thought freebsd was the fastest and easiest to install

how did you knowÉ

My son just graduated from there

oh cool in what

Software Engineering

congratulations

to your son

Yeah, he already has a job

i`m at uqam

Ah, close enough

sounds pretty awesome what kind of job I want to be able to get a job

Just walked by there a couple weeks ago

yes exactly one block

one metro station place des arts basically and the next station is mcgill

He is doing software engineeering for work. Already making total of 6 figures US.

unbelievable and I can`t even get a job

Not bad for a puk kid, lol

pretty impressive

What are you studying?

software engineering but I have my Bachelors of Engineering

Nice

I am on the Masters level

Cool

yes it`s not bad but I somehow missed the money tree I guess

I`m planning on doing a project on freebsd for my course

Well, if you are in school it's different

I graduated 12 years ago

For the BS?

And now doing an MS?

Bachelor of Engineering

Oh, I guess that is different

B.Eng. but not an engineer I was a junior engineer and now a candidate for the profession

His is a BS. Software Engineering at McGill is not in the faculty of engineering.

we`re apparently not allowed to write that

LOL. Yeah that is regulated aparently

yes not the same degree

I think mine was harder and more thorough but he probably has a higher gpa than I had of 2.37 and almost 2 degrees worth of credits

I could literally get a Bachelor of Arts as well<

Heh. HIs wasn't amazing, but I think it was over 3.

I had personal problems social and it wasn`t the right school for me

Yeah, stuff happenes

I needed a sheltered environment they didn`t give me that

I wanted to go to mit but I wasn`t going to get a scholarship there so my family was like we can`t afford it

and no need it`s better to get the degree in Canada

Yeah, expensive.

Especially if you live there. MCGill is cheap if you live there. We had to pay wuite a bit

yes so I got through in the end

around 40k US a year

INternational

ouch

Yeah about the samne as a good school here.

Not ivy league, but a good school

But it's more the person anyway.

yes my parents put a trust fund for me I exhausted it in 4 years then I had my grandparents die and inherited money and my aunt grandfather`s sister

And who you know.

and then I got major money from the government

Glad you made it happen without massive debt.

and then my parents helped me a little bit and the costs are generally low

well I had debt but I used my grandfather`s inheritance to pay for it

My parents paid for my school so I wanted to pay for my kid's

like 80000$

Cool

and the government paid me $700 a month for my rent but it was like 1100 and tutors extreme amounts, other costs, school itself, etc..

like a little bit for food $300 a month , etc..

Budgeting is a good life skill

so between that, a student loan, a tiny bit of side income, and parents support I was more or less covered

knick knack side income in different ways...

Cool.

and I didn`t do anything that was too extremely lavish in any way I just went to school, did some sports like tennis, skiing would be expensive but I had it very inexpensive with no hotels

rollerblading , I worked at a gym so that was free with swimming, etc..

they gave me a rate that it would cost me maybe $500 a year... yoga teacher training was an expense , car was not expensive

they robbed me at one place for $2000 another place didn`t really rob me at all so I paid $1000+ but I got my money`s worth

heh

then never found a job in the field really

didn`t really make any money worked hard though

cause like I made some money from Amazon but then they stole it all from me, giving me credit card debt and taxes owing so that shouldn`t count as making anything...

so then I got a good scholarship to go back to school

it somehow doesn`t feel like it`s worth it but I think it is I`m probably getting more exerting myself like crazy here then I would sitting at home playing on freebsd I suppose

Sweet. I gotta hit the hay. Good luck on everything. Have a good one.

thanks good night

e

How can I get unabridged thread names from procstat -t ?

hi, can recordsize property be set on a zvol? would it be usable to the guest OS

Ltning, have you tried libxo?

(There's no other way obvious to me.)

does zfs compression still work if the zfs was set to encrypted at initial setup?

afaik zfs should first do compression and then encryption so it should work

ok so it's done on a block-by-block basis and not at the outset

i guess that on install, if encryption is selected, then what happens is the flag is set but it doesn't happen till it's written to?

(just trying to wrap my head around it)

f451: I have ZFS with GELI encryption and ZFS compression. That way GELI is "under" ZFS. With ZFS native encryption, I'm almost sure it's compression first, encryption later (I didn't read the code, so don't trust me on this)

cgit.freebsd.org/src/commit/?id=460ed6106cf0 neat!

Title: src - FreeBSD source tree

meka: tyvm

f451: zvols use volblocksize iirc

see zfsprops(7)

yeah that is neat ;)

what the context is, is bhyve

the compression context is the host zvol

the encryption one, the guest

zfs in-line compression happens at a record level, not at a block level

and it'll only happen if it can compress by at least 12.5% (at least with lz4, which is the default)

was going to go with zstd

plus it needs to save at least one sector size of diskspace, otherwise it also doesn't help

the lz4 early abort doesn't exist for zstd (not in a release, yet - but it might be in head; i watched a presentation about it being developed the other day)

aha

Title: Refining OpenZFS Compression by Rich Ercolani - YouTube

compression in my context is the lesser value

also, you should be aware of docs.google.com/spreadsheets/d/1OfR…DGK6swwBZXgXwdCPKgp4SbPZwTexCg/view

the guest will be a nextcloud in a datacentre so encryption is important

Title: OpenZFS open encryption bugs (public RO) - Google Sheets

oog

remember that encryption (both GELI and ZFS in-line encryption) is only useful at-rest, so typically when the server is powered off

not the guest only?

well, that depends i guess

what im trying to guard against is the host getting broken into and someone accessing the guest vm data

if you've got a bhyve guest and encryption is used inside the hypervisor guest, it'll theoretically be at-rest (although depending on how your key invalidation works, a sufficiently motivated attacker could do host persistence and still access it

GELI does proper key invalidation if memory serves

was about to say

also within the nextcloud itself, there is an addon available that encrypts the live data and ties that key to auth credentials i think

hmm

i'm not sure i'd put my trust in that

so geli is the way to go it seems

no - it doesn't encrypt the filemames funnily enough

what the threat model is, is protection from gaining of unauthorised access

GELI works at a different level; once something is encrypted with GELI and the key hasn't been used to unlock it, it just looks like a block of random data

GBDE more so

one is newer than the other isn't it

GELI is newer

big scary notice for gbde on the man page!

i think gbde prob more suitable for a shell account where eg you have a dir with all yr credentians in that you want to keep secret

s/credentians/credentials/g

ok - think i know how to proceed

debdrup: tyvm

gbdes real advantage is that it's made for an adverserial environment where, as long as you can access the system before you're subject to rubberhose cryptoanalysis, you can use `gbde nuke` to provably get rid of it

err, `gbde destroy`

papers.freebsd.org/2003/phk-gbde-paper and papers.freebsd.org/2003/phk-gbde-slides are worth re ading

Title: GBDE - GEOM Based Disk Encryption :: FreeBSD Presentations and Papers

thanks

the environment this is for isn't adversarial like that

for what it's worth, i used gbde for my buttcoin wallet back when that waste of electricity was possible to mine on a regular cpu, and then proceeded to forget the keyphrase, and i haven't been able to recover the key, even after talking with phk :P

it's to protect against casual cracking/what if php/nginx/mysql/postgres breaks

ahhh

sorry to hear that

eh, it's whatever

you might be a theoretical millionaire

xkcdpasswd is your friend

meh

the password had some 280 bits of entropy, so there's almost no way of remembering it no matter what

V_PauAmma_V: Yeah, and just like with various other tools, output is truncated before it's even handed to libxo.

(yes, it's pretty stupid, but apparently much harder to fix than one might think)

debdrup: xkcdpass -d . -C random -n 10

Charsetsize: 84

ShannonEntropyBits: 400.36

and how's that supposed to help me if i forget the password?

that's a horse already bolted context

i mean in future ;)

i'm not interested in destroying the world by wasting electricity like that

yup

ive never been into it

might be ameliorated using solar in a sunny climate

make a fortune in the desert ;)

the reason i posted the xkcd thing was that 10 words with dots and capitals have 400 bits of entropy and it surprised me, just 10 words

it's supposed to be random unrelated words though. and good luck remembering 10 unrelated random words easily

4 or 5 words is more likely

i think if one can devise a silly story (the sillier and therefore the more rememberable) that links all the words in the order they should be in, then one would be able to remember them easier than expected

i mean actors memorise whole screeds of text

yes but the words are not meant to be linked to each other in anyway as that reduces the keyspace. if you do a story where a horse goes into a stable and make the words horsewalksstable an algorithm could work that out far more quickly than the horsebatterystaple

People memorize Pi to I-don't-know-how-many decimals.

it'll probably put you off ever changing the passphrase too

10 completely random words sounds doable.

the linking doesn't have to be logical in the understood sense. it just needs to be internally logical, in your mind. you get to choose the logic

i do have a 64 character wifi password, because that mitigates brute force, that's made out of about 7 words and I can remember that to be honest. so maybe it's not so bad

Memorizing pi means you're doing it regularly. I forgot the wallet passphrase because I didn't use it for several years.

You're applying technical solutions to a problem that isn't technical in nature.

hi guys, does bsd have a concept of a tmp file (discard on close) that will use ram as much as possible and only write to disk if low on ram?

try `man 5 tmpfs` maybe?

tmpfs looks plausible - thanks

hi, anyone can help me with zpool import?

zpool import Segmentation fault (core dumped)

just zpool import (without name) and I got seg fault

anybody?

lisu are you sure your kernel and userland bits are from the same build?

jafa, (gman999): note tmpfs will at most use swap, depending on what you want mmap, memfd_open and shm_open are options

yes, tmpfs hungry

tsoome: init6 does the job, TY.

:)

another question: can I mount btrfs under fbsd?

I just intalled fresh fbsd on baremetal and I need to transfer files from zfs to btrfs disk.

I finally figured out how to have a bhyve linux guest with audio on host, now I can stream widevine drm content without linuxulator :o

jafa: check out mdmfs(8)

lisu: unless you already have lots of data locked in a btrfs there are no good reasons to mount btrfs into freebsd

but there is the fusefs-lkl package that may include what you're looking for

it basically runs a stripped down linux kernel in userspace as fuse server

but it's based on a fairly old kernel

Title: FreshPorts -- sysutils/fusefs-lkl: Full-featured Linux BTRFS, Ext4, XFS as a FUSE module

yep, I readed this. thx. So ... freebsd is not so universal.

for now I got installed openzfs on manjaro, works well, this will do the job.

linux doesn't support ufs, so it's not universal either - and ufs is both actively developed and dates back to 1980

true,

nfs is the filesystem du jour for transferring between unix-likes, and linux doesn't support that properly either (no NFSv4 ACL support, and nothing is planned)

beside, as I got freebsd on ma laptop, Im will try to use this for my daily.

that's a good start :)

freebsd is very well documented, but for example, I want to manage few wifi networks via gui... and networkmgr is compiling for 20 minutes...

the ghostbsd wifi manager? I think it is just a python script, what could it be compiling?

fbsd is similar to linux i've used to, but have own way to do simple things realy strange

I dont know... just folowing: freshports.org/net-mgmt/networkmgr

Title: FreshPorts -- net-mgmt/networkmgr: FreeBSD/GhostBSD network connection manager

im installing from ports

now python 3.8 is building

ah, yeah Python sounds like a likely culprit

ports is kind of overkill for a newish user, but could be a good learning experience too

ports is nothing fancy, just another way to install

one good-kept secret is `bsdconfig networking` (surprised I didn't see it mentioned in the handbook), it's a simple tui-based wifi manager

I believe it is similar to the network selection that happens during system install, if not the same exact thing

Heh, didn't know about net/realtek-re-kmod.

question is, why are you building p orts instead of using packages?

so far so good, I got netmgr, but no wifi ...

installing from ports make error 1.... python got problem with somethink like pycairo/py3cairo.h... so... I got it from pkg.

works

now wifi drivers...

bsdconfig wireless -> very nice

I was annoyed that the 13.1 installer couldn't detect any networks, but if I dropped into a terminal afterwards and set it up manually it was fine

yeah, not sure why bsdconfig was removed from the handbook, it used to be mentioned in the installation section

I found it on an obscure fbsd user wiki page

init 6... and we will see what ive done ;)

nice, detecting wifi network, but cannot connect

lisu: can't connect in what sense? dhclient issues? Can you ping the gateway?

it looks like link connected, but dhcpdiscover gives time out, no dhcpoffers received...

strange, I got at least 3 wifi clients connected

is it an unprotected network?

I had an issue in a coffee shop a while back, although I think that bug was patched

this is wpa2-psk aes home network

lisu: might it be, that you have limited the number of clients that may connect the dhcp server (disconnect another deviece first) or that the Mac adresses is not allowed in the dhcp server?

probably typoed key

this is not a limit of my access point client, belive me.

key_mgmt=wpa-psk or wpa-psk2 ?

wrong way

I think wifi & driver issues would be solved in a week if we just donated coffee shop gift cards and laptops to all the devs :D

belive me... they will drink this coffee, and ...drink... and drink, and they say: this is more complicated than we think... ;)

just kidding

wlan0 ..... no link giving up.

i know

init 6

it will help ;)

nope

1 character missed in wpa_supplicant, but still somethink is strange about that wifi driver

but i must admite: freebsd is quite fast on my obsolete hardware

attaching without anything else when you have the wrong key is normal

you dont get to actually be on the network, but your client will try to transmit with that key anyways

failed to reach wpa_supplicant: wpa_cli(8) ping failed

what the hack?

I think, I know what is going on.... antenas in this laptop are disconnected... I forgot. Wifi works now. I was searching in software, but hardware wasnt right.

OK, have a nice day/night whatever. Thx for tips.

bye

ROTFL ;-)

that's why every troubleshooting guide ever starts with "did you check the power?" :)

it's hard to fix a hardware issue in software

best distro OS to use on a NAS?

TrueNAS

(which is modified FreeBSD)

FreeBSD

(which is unmodified FreeBSD)

;-)

cut out the middle man ;)

Dunno, TrueNAS makes it very convenient, esp if you want a backup box. You can do it all manually yourself of course.

I used to do it myself, but really been liking TrueNAS lately.

dkeav, can i use it on a sinology?

no that i know of

Synology has its own OS.

It's decent.

dkeav, what do you think of OpenMediaVault?

never heard of it