Am 24.06.21 um 18:51 schrieb Greg Wooledge:
On Thu, Jun 24, 2021 at 06:43:15PM +0200, Markus wrote:
grub-efi-amd64:
Installed: (none)
Candidate: 2.02+dfsg1-20+deb10u3
Version table:
2.02+dfsg1-20+deb10u4 500
500 http://ftp.de.debian.org/debian buster/main amd64 Packages
Can somebody provide either a little more explanation and / or a link to a
(reasonably simple) reference?
https://www.embeddedcomputing.com/technology/security/network-security/secure-flash-the-cure-for-insecurity-in-connected-automotive-and-industrial-applications-part-1
https://www.embeddedco
>> It's entirely too common for obsolete encryption options that are
>> kept for "compatibility" end up being a vector for compromise, and
>> entirely reasonable to remove such options in order to provide the
>> most secure and maintainable tool for the vast majority of users.
> That's the attitude
On Tue, Jul 6, 2021, at 5:43 PM, Rick Thomas wrote:
> On Tue, Jul 6, 2021, at 3:37 PM, rhkra...@gmail.com wrote:
> > I've seen warnings (against hacks) that say (among other things) to enable
> > "secure flash". I've been googling to learn more about that, but I haven't
> > found any good exp
On Tue, Jul 6, 2021, at 3:37 PM, rhkra...@gmail.com wrote:
> I've seen warnings (against hacks) that say (among other things) to enable
> "secure flash". I've been googling to learn more about that, but I haven't
> found any good explanation.
>
> I'm beginning to get hints that it is not so muc
Andrew M.A. Cater composed on 2021-07-06 22:30 (UTC):
> On Tue, Jul 06, 2021 at 04:26:52PM -0400, Felix Miata wrote:
>> I do have the MGA driver xserver-xorg-video-mga dysfunctional on (an AGP)
>> G550 in
>> i686 Bullseye by disabling KMS via nomodeset on, and adding iomem=relaxed
>> to, the
>>
>> If they have buffer overflow-style holes, those should be fixed.
>> Other than that I can't see how they can be less secure than the "none"
>> cipher.
> I guess since the "none" cipher isn't supported in debian's ssh
Good point.
> you will just drop this questionable line of argument?
It jus
On 7/6/21, Ralph Aichinger wrote:
> Hi, everybody, as a bullseye user I am seeing messages like
>
> | Unable to negotiate with 10.0.17.52 port 22: no matching
> | key exchange method found. Their offer: diffie-hellman-group1-sha1
>
> with increasing frequency, especially when trying to ssh into
>
On Tue, 6 Jul 2021, at 23:37, rhkra...@gmail.com wrote:
> I've seen warnings (against hacks) that say (among other things) to enable
> "secure flash". I've been googling to learn more about that, but I haven't
> found any good explanation.
>
> I'm beginning to get hints that it is not so much a
I've seen warnings (against hacks) that say (among other things) to enable
"secure flash". I've been googling to learn more about that, but I haven't
found any good explanation.
I'm beginning to get hints that it is not so much a thing (to be enabled), but
more the (a) process to update the co
On Tue, Jul 06, 2021 at 04:26:52PM -0400, Felix Miata wrote:
> Andrew M.A. Cater composed on 2021-07-06 12:56 (UTC):
>
> > Try installing firmware-misc-nonfree which will pull in
> > firmware-amd-graphics
> > I think.
>
> > I normally install firmware-linux-free firmware-linux-nonfree
> > firmw
I have a slightly different question about this issue.
when open ssh decided that dh keys, for public and global use were somehow
insecure, the ssh tool I use, sshdos, became limited allowing me to reach
shellworld, but not say the Linux shell provided with our office dreamhost
account any lon
On Tue, Jul 06, 2021 at 05:30:27PM -0400, Stefan Monnier wrote:
[...]
> > That's the attitude of authoritarian software: "my software is smarter
> > than you".
>
> I think the reality is a bit more subtle ;-)
>
> In most cases, the real driver is a desire to keep the code simple and
> to ease m
On Tue, Jul 06, 2021 at 04:45:50PM -0400, Michael Stone wrote:
[...]
> This is ridiculous [...]
Let's simply agree to differ.
Cheers
- t
signature.asc
Description: Digital signature
"Juan R. de Silva" writes:
> There is a difference in suggested by your link approach and my
> requirements. I have reasons to avoid re-installation of my existing
> Windows 10. The suggested procedure based on fresh install of Windows 10
> from from the media created by Microsoft Media Creati
>> I think the first reaction should be to report it as a bug, so that the
>> old cipher is re-added. I think the same argument in favor of including
>> the "none" cipher should apply to including old deprecated ciphers.
> The old ciphers are generally removed for a reason: because they are hugely
On Tue, 06 Jul 2021 22:17:22 +0300, Anssi Saari wrote:
> "Juan R. de Silva" writes:
>
>> Do you guys think it is actually feasible? Anybody can suggest
>> something easier, smarter? It's a lot of work to do... :-(
>
> Why do you think this would be a problem? I intend to do this on my
> desktop
On Tue, Jul 06, 2021 at 10:18:44PM +0200, to...@tuxteam.de wrote:
On Tue, Jul 06, 2021 at 02:11:21PM -0400, Michael Stone wrote:
[...]
It's entirely too common for obsolete encryption options that are
kept for "compatibility" end up being a vector for compromise, and
entirely reasonable to rem
Andrew M.A. Cater composed on 2021-07-06 12:56 (UTC):
> Try installing firmware-misc-nonfree which will pull in firmware-amd-graphics
> I think.
> I normally install firmware-linux-free firmware-linux-nonfree
> firmware-misc-nonfree - that covers all bases.
> The AMD firmware is not in the stan
On Tue, Jul 06, 2021 at 02:11:21PM -0400, Michael Stone wrote:
[...]
> It's entirely too common for obsolete encryption options that are
> kept for "compatibility" end up being a vector for compromise, and
> entirely reasonable to remove such options in order to provide the
> most secure and main
> Like you, I have been using CLI options to the ssh command to adjust the
> necessary algorithms if I need something "insecure".
You should be able to set that option for a specific (set of) hosts in
.ssh/config so you don't have to repeat it on the CLI every time.
> My thought is that once that
On Tue, Jul 06, 2021 at 03:20:43PM -0400, Stefan Monnier wrote:
If they have buffer overflow-style holes, those should be fixed.
Other than that I can't see how they can be less secure than the "none" cipher.
I guess since the "none" cipher isn't supported in debian's ssh
Good point.
you wil
"Juan R. de Silva" writes:
> Do you guys think it is actually feasible? Anybody can suggest something
> easier, smarter? It's a lot of work to do... :-(
Why do you think this would be a problem? I intend to do this on my
desktop system at some point. I thought I'd just get a new SSD and make
th
On Tue, Jul 06, 2021 at 02:16:53PM -0400, Roberto C. Sánchez wrote:
Of course, the real answer is to not purchase products with "secure"
management that can't be upgraded when it becomes "insecure" management.
Sadly, this is not always possible. There are times where someone else
decides what
On Tue, Jul 06, 2021 at 02:11:21PM -0400, Michael Stone wrote:
>
> If you want ancient crypto options, just run an ancient binary. They're very
> easy to find in archive.debian.org.
>
Thankfully, Debian makes this sort of thing about as painless as it can
be.
> Of course, the real answer is to n
On Tue, Jul 06, 2021 at 08:05:11PM +0200, to...@tuxteam.de wrote:
On Tue, Jul 06, 2021 at 01:43:07PM -0400, Michael Stone wrote:
On Tue, Jul 06, 2021 at 01:02:49PM -0400, Stefan Monnier wrote:
>>>I think the first reaction should be to report it as a bug, so that the
>>>old cipher is re-added.
On Tue, Jul 06, 2021 at 01:43:07PM -0400, Michael Stone wrote:
> On Tue, Jul 06, 2021 at 01:02:49PM -0400, Stefan Monnier wrote:
> >>>I think the first reaction should be to report it as a bug, so that the
> >>>old cipher is re-added. I think the same argument in favor of including
> >>>the "none"
On Tue, Jul 06, 2021 at 01:02:49PM -0400, Stefan Monnier wrote:
I think the first reaction should be to report it as a bug, so that the
old cipher is re-added. I think the same argument in favor of including
the "none" cipher should apply to including old deprecated ciphers.
The old ciphers are
On Tuesday, 6 July 2021 11:45:10 BST you wrote:
> Thanks for the reply
>
> > Machine HP Proliant ML150 with 5GB RAM and currently a single HDD. I
>
> normally
>
> > use a netinst CD created locally from the jigdo image (amd64).
> > I have tried to install both basic bullseye rc1 and bullseye rc2
On Tue, Jul 06, 2021 at 12:05:41PM -0400, Stefan Monnier wrote:
> > Like you, I have been using CLI options to the ssh command to adjust the
> > necessary algorithms if I need something "insecure".
>
> You should be able to set that option for a specific (set of) hosts in
> .ssh/config so you don'
On 2021-07-06 12:18, Dan Ritter wrote:
mick crane wrote:
hello,
recently got 4K monitor, I struggle to read the tiny text in bullseye
xfce4
desktop.
I see how to increase size of desktop items but the panel text and pop
up
menu text are tiny.
Also the tabs in brave browser and browser menu s
Hello,
easier is use boot-repair-disk live iso with Gparted for removing disk
partition and grub repair tools. link to download https://sourceforge.net/
projects/boot-repair-cd/
signature.asc
Description: application/pgp-keys
On Tue, 6 Jul 2021 at 23:17, Gunnar Gervin wrote:
> grub rescue>
Try reading this:
https://www.gnu.org/software/grub/manual/grub/html_node/GRUB-only-offers-a-rescue-shell.html#GRUB-only-offers-a-rescue-shell
> Tried to remove all 7 partitions in grub rescue>
Why are you trying to remove partit
Hi.
My computer is in
grub rescue>
Crisis mode.
Busybox (ash) commands only option to recover the machine w/Debian "Buster"
i386mac32b.
Tried to remove all 7 partitions in grub rescue>
(hd0,gpt1 to hd0,gpt7)
4 partitions in ext2, 3 unknown), with Bash, but no success.
Which(in exact form)commands
Hello,
On Tue, Jul 06, 2021 at 02:34:30PM +0300, IL Ka wrote:
> > I use a 32bit OS
Is the hardware capable of 64-bit? If so then it should be possible
to install an amd64 kernel and e2fsprogs without completely
converting your system to amd64.
https://wiki.debian.org/CrossGrading
(Stop afte
On Tue, Jul 06, 2021 at 11:45:10AM +0100, Chris Bell wrote:
> Thanks for the reply
>
> > Machine HP Proliant ML150 with 5GB RAM and currently a single HDD. I
> normally
> > use a netinst CD created locally from the jigdo image (amd64).
> > I have tried to install both basic bullseye rc1 and bull
On Tue, Jul 06, 2021 at 10:40:00AM +0200, Ralph Aichinger wrote:
> Hi, everybody, as a bullseye user I am seeing messages like
>
> | Unable to negotiate with 10.0.17.52 port 22: no matching
> | key exchange method found. Their offer: diffie-hellman-group1-sha1
>
> with increasing frequency, esp
On 2021-07-06 12:47, Andrei POPESCU wrote:
On Ma, 06 iul 21, 12:36:31, mick crane wrote:
On 2021-07-06 12:18, Dan Ritter wrote:
> mick crane wrote:
> > hello,
> > recently got 4K monitor, I struggle to read the tiny text in
> > bullseye xfce4
> > desktop.
> > I see how to increase size of deskto
On Ma, 06 iul 21, 12:36:31, mick crane wrote:
> On 2021-07-06 12:18, Dan Ritter wrote:
> > mick crane wrote:
> > > hello,
> > > recently got 4K monitor, I struggle to read the tiny text in
> > > bullseye xfce4
> > > desktop.
> > > I see how to increase size of desktop items but the panel text and
>
On 2021-07-06 12:18, Dan Ritter wrote:
mick crane wrote:
hello,
recently got 4K monitor, I struggle to read the tiny text in bullseye
xfce4
desktop.
I see how to increase size of desktop items but the panel text and pop
up
menu text are tiny.
Also the tabs in brave browser and browser menu s
> I use a 32bit OS
>
> 32-bit OS can't use more than 4GB. 32-bit app can use even lower amount of
memory. This is why 50GB swap file didn't help.
Hi,
Reiner Buehl wrote.
> I would like to fix the filesystem
> so that I can then use more intelligent recovery methods that do not need to
> copy every file.
Maybe the old workaround proposed by Ted T'so in
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=614082
would be worth a try.
Bug rep
On Tue, Jul 06, 2021 at 02:04:09PM +0300, Andrei POPESCU wrote:
> On Ma, 06 iul 21, 07:03:38, David wrote:
> > The first question from Jeremy, the value of
> > /proc/sys/net/ipv4/ip_forward is 0, connecting to the thin client via
> > putty and using nano as an editor, it tells me I can't alter this
mick crane wrote:
> hello,
> recently got 4K monitor, I struggle to read the tiny text in bullseye xfce4
> desktop.
> I see how to increase size of desktop items but the panel text and pop up
> menu text are tiny.
> Also the tabs in brave browser and browser menu settings.
> I have looked but unab
Thanks for the reply
> Machine HP Proliant ML150 with 5GB RAM and currently a single HDD. I
normally
> use a netinst CD created locally from the jigdo image (amd64).
> I have tried to install both basic bullseye rc1 and bullseye rc2 with SSH
> server several times over the last few days, using
On Ma, 06 iul 21, 07:03:38, David wrote:
>
> The first question from Jeremy, the value of
> /proc/sys/net/ipv4/ip_forward is 0, connecting to the thin client via
> putty and using nano as an editor, it tells me I can't alter this
> value, I am logged in as root.
Because it's a special file and an
On 2021-07-05 21:12:01 +0100, Joe wrote:
> It's not a big issue. My public FQDN and PTR have no relationship at
> all with any email domain I use, and I've never had mail refused for
> that reason, over more than fifteen years. I also use a single HELO, and
> that only matches one domain. Again, no
On Mon, 5 Jul 2021 at 02:46, Stella Ashburne wrote:
> > Sent: Sunday, July 04, 2021 at 12:01 PM
> > From: "David"
> > As I mentioned, I do not know GPT and UEFI systems.
> It's off-topic; I am curious why you do not use GPT/UEFI/Secure Boot?
> Secure Boot has been supported since Debian Buster.
On Tue, Jul 06, 2021 at 10:40:00AM +0200, Ralph Aichinger wrote:
> Hi, everybody, as a bullseye user I am seeing messages like
>
> | Unable to negotiate with 10.0.17.52 port 22: no matching
> | key exchange method found. Their offer: diffie-hellman-group1-sha1
>
> with increasing frequency, esp
Hi, I would like to use apt-cacher-ng to cache the updates from
enterprise.proxmox.com. One thing about this repo is that they have two
different kinds, the http one and the https one, the http one is
non-enterprise and open to all, but the https one is closed and needs a
subscription with a us
Hi, everybody, as a bullseye user I am seeing messages like
| Unable to negotiate with 10.0.17.52 port 22: no matching
| key exchange method found. Their offer: diffie-hellman-group1-sha1
with increasing frequency, especially when trying to ssh into
proprietary, obsolete stuff. Above comes from
hello,
recently got 4K monitor, I struggle to read the tiny text in bullseye
xfce4 desktop.
I see how to increase size of desktop items but the panel text and pop
up menu text are tiny.
Also the tabs in brave browser and browser menu settings.
I have looked but unable to find where to change th
On 7/6/21 12:42 AM, John Hasler wrote:
ellanios82 writes:
It's a pretty common requirement, as at one time it was the second best spam
defence (after accepting mail only for named users). Not so good now that many
ISPs are providing some kind of PTR record.
- juz sayin' : someone else wrote
/ and /home are fine on the system. The data on the affected filesystem is
a collection of data from different remote sites, so it could be restored
but that would take a lot of time. That's why I would like to fix the
filesystem so that I can then use more intelligent recovery methods that do
not
54 matches
Mail list logo
