Go to advanced search

by davep
Thu Dec 28, 2017 9:26 am
Forum: Raspbian
Topic: Apache on Raspbian Stretch
Replies: 1
Views: 1080

Re: Apache on Raspbian Stretch

This is still the case, btw.
by davep
Sat Apr 15, 2017 3:06 pm
Forum: Raspbian
Topic: Raspbian Jessie (64bit) for RPi3?
Replies: 145
Views: 133978

Re: Raspbian Jessie (64bit) for RPi3?

As a bit of an aside, there is a 64-bit OpenBSD OS available for the Pi 3 https://www.openbsd.org/arm64.html

http://undeadly.org/cgi?action=article& ... &mode=flat
by davep
Fri Jan 27, 2017 8:08 pm
Forum: Raspbian
Topic: Apache on Raspbian Stretch
Replies: 1
Views: 1080

Apache on Raspbian Stretch

Does anyone know why Stretch ships with OpenSSL version 1.1.0c but the latest Apache 2.4.25 on Stretch is compiled against OpenSSL version 1.0.2j? This means I can't use chacha20 without manually compiling apache. Any ideas why this is the case in Stretch? pi@passphrase ~ $ apache2 -v Server version...
by davep
Sat May 14, 2016 9:16 pm
Forum: Raspbian
Topic: Problem with networking after upgrade Jessie
Replies: 3
Views: 2117

Re: Problem with networking after upgrade Jessie

Didn't find a solution to the problem, eventually installed NetworkManager as recommended here . Avishay I installed it too, but after hours of grindingly slow updates it was more expedient to get my public-facing RPi online via a fixed DHCP address. I'll look into NetworkManager and the other alte...
by davep
Sat May 14, 2016 10:38 am
Forum: Raspbian
Topic: Problem with networking after upgrade Jessie
Replies: 3
Views: 2117

Re: Problem with networking after upgrade Jessie

I got the same problem yesterday with two Pis. One didn't have dhcp enabled so I had to enable it and then set it so that the DHCP server would give it its old address. Both were already jessie but got the problem after an update/upgrade. The other one was a wifi access point and is totally hosed at...
by davep
Sun Mar 06, 2016 1:08 pm
Forum: Raspbian
Topic: STICKY: How to upgrade a Wheezy image to Jessie (both defunct and replaced versions of Raspbian)
Replies: 88
Views: 227315

Re: How to upgrade a Wheezy image to Jessie

What a horrible but educational experience that was! If you want another interesting educational experience you could convert it to a systemd service. I found https://bbs.archlinux.org/viewtopic.php?id=154846 while googling for 'hostapd systemd' Is that syntax possible using Debian rather than arch...
by davep
Sun Mar 06, 2016 11:46 am
Forum: Raspbian
Topic: STICKY: How to upgrade a Wheezy image to Jessie (both defunct and replaced versions of Raspbian)
Replies: 88
Views: 227315

Re: How to upgrade a Wheezy image to Jessie

I decided to upgrade a Jenkins CI cum wifi bridge access point to Jessie last night. The wifi persistently failed to work (even though I went through all the settings and they worked). It also worked when I launched hostapd manually. This helped me to whittle down to systemd, which tries to parallel...
by davep
Tue Mar 01, 2016 6:41 pm
Forum: General discussion
Topic: The OPENSSL installation appears to be missing or broken.
Replies: 7
Views: 4417

Re: The OPENSSL installation appears to be missing or broken

For info... The problem was because Apache was compiled against an older version of OpenSSL. I ended up appending the DH parameters to the end of the main key (so didn't need to download the latest OpenSSL). Now it has 4096 bit DH params, it takes nearly 4 seconds to create a session :o https://pen...
by davep
Sat Feb 06, 2016 6:47 pm
Forum: Raspbian
Topic: Time is not updating automatically
Replies: 1
Views: 467

Re: Time is not updating automatically

by davep
Tue Feb 02, 2016 11:52 am
Forum: General discussion
Topic: The OPENSSL installation appears to be missing or broken.
Replies: 7
Views: 4417

Re: The OPENSSL installation appears to be missing or broken

For info... The problem was because Apache was compiled against an older version of OpenSSL. I ended up appending the DH parameters to the end of the main key (so didn't need to download the latest OpenSSL). Now it has 4096 bit DH params, it takes nearly 4 seconds to create a session :o https://penf...
by davep
Sat Jan 30, 2016 8:41 pm
Forum: General discussion
Topic: The OPENSSL installation appears to be missing or broken.
Replies: 7
Views: 4417

Re: The OPENSSL installation appears to be missing or broken

http://archive.raspbian.org/raspbian/dists/stretch/ appears to have OpenSSL v1.0.2e-1. Could I take the source from there for Jessie or even somehow alter my apt sources so that I can apt-get install openssl from there (or is that a horrible idea)? Is stretch stable? Could I just replace jessie with...
by davep
Sat Jan 30, 2016 7:42 pm
Forum: General discussion
Topic: The OPENSSL installation appears to be missing or broken.
Replies: 7
Views: 4417

Re: The OPENSSL installation appears to be missing or broken

I'm trying to use Apache 2.4.10 with strong SSL security. For this, I am using a 4096 bit RSA certificate and have created my own 4096 Diffie Helmann modulus (to avoid using the one that is supplied by default with Apache). However, Apache needs a flavour of OpenSSL 1.0.2 for this to work using the:...
by davep
Wed May 20, 2015 8:38 pm
Forum: Troubleshooting
Topic: B+ Broken MicroSD reader
Replies: 124
Views: 36389

Re: B+ Broken MicroSD reader

davep wrote:Same problem on my Pi 2 out of the box.
A small piece of printer paper doubled over seems to have done the trick. Not impressed though.
by davep
Wed May 20, 2015 8:34 pm
Forum: Troubleshooting
Topic: B+ Broken MicroSD reader
Replies: 124
Views: 36389

Re: B+ Broken MicroSD reader

Same problem on my Pi 2 out of the box.
by davep
Thu May 07, 2015 6:53 pm
Forum: Raspbian
Topic: How to perform a MITM attack on your average Raspbian user
Replies: 30
Views: 4576

Re: How to perform a MITM attack on your average Raspbian us

Please note, this issue was reported to the Foundation and the people behind Raspbian on the day it was reported. Nothing was swept under the carpet. Please don't confuse a locked or edited post for a lack of action elsewhere, as can be seen by a same day fix for the problem or part of. I'm just wo...
by davep
Thu May 07, 2015 6:07 pm
Forum: Raspbian
Topic: How to perform a MITM attack on your average Raspbian user
Replies: 30
Views: 4576

Re: How to perform a MITM attack on your average Raspbian us

OK, I've found the issue and apparently it was fixed in Raspbian netinstaller v1.0.7 If the issue was indeed in the netinstaller, I would appreciate it if someone could fill me in on it (privately if needed). Issue #64 was fixed as a result of this post by ShiftPlusOne , which was 'triggered' by a ...
by davep
Thu May 07, 2015 4:27 pm
Forum: Raspbian
Topic: How to perform a MITM attack on your average Raspbian user
Replies: 30
Views: 4576

Re: How to perform a MITM attack on your average Raspbian us

As the fix appears to be in the netinstaller, to be sure you have the correct GPG key for an existing Raspbian installation, run sudo apt-key list And check you have the correct public key: pub 2048R/7FA3303E 2012-06-17 uid Raspberry Pi Archive Signing Key (if I understood this correctly...)
by davep
Thu May 07, 2015 3:51 pm
Forum: Raspbian
Topic: How to perform a MITM attack on your average Raspbian user
Replies: 30
Views: 4576

Re: How to perform a MITM attack on your average Raspbian us

OK, I've found the issue and apparently it was fixed in Raspbian netinstaller v1.0.7 https://github.com/debian-pi/raspbian-ua-netinst/issues/64 But if that's the case, why is the OP suggesting it's still an issue? Edit: It was fixed on the same day he posted which would explain why he could still re...
by davep
Thu May 07, 2015 3:30 pm
Forum: Raspbian
Topic: How to perform a MITM attack on your average Raspbian user
Replies: 30
Views: 4576

Re: How to perform a MITM attack on your average Raspbian us

I do believe that the warranted response would have been for us all to become physically taken aback and once we locked ourselves off of the floor, to begin a series of bows and ooooo's +/- an ahhhhhh or two. We've got out lope. Chill brother. Import song (why_can't_we_be_friends) as wcwbf I do bel...
by davep
Thu May 07, 2015 2:50 pm
Forum: Raspbian
Topic: How to perform a MITM attack on your average Raspbian user
Replies: 30
Views: 4576

Re: How to perform a MITM attack on your average Raspbian us

[Mod: Link deleted. Please don't posts links that actively encourage this sort of behaviour. The point you have raised here has been reported on, not swept under the table. ] I would prefer this information be posted so we have an idea what we are facing. It's not "encouraging" the behaviour, as I'...
by davep
Tue Apr 08, 2014 11:16 pm
Forum: Advanced users
Topic: Heartbleed openssl vulnerability
Replies: 58
Views: 21008

Re: Heartbleed openssl vulnerability

Stupid question: how to exchange your ssl key and request a new certificate? Shouldn't this be offered as an option during the upgrade on the package? I use Citadel Server for email and used their guide http://www.citadel.org/doku.php/faq:systemadmin:how_to_install_a_certificate_signed_by_a_recogni...
by davep
Tue Apr 08, 2014 7:22 pm
Forum: Advanced users
Topic: Heartbleed openssl vulnerability
Replies: 58
Views: 21008

Re: Heartbleed openssl vulnerability

It just updated for me to 1.0.1e-2+rvt+deb7u5
by davep
Tue Apr 08, 2014 7:22 pm
Forum: Raspbian
Topic: Security Bug in Raspbian OpenSSL version
Replies: 49
Views: 14187

Re: Security Bug in Raspbian OpenSSL version

It worked!

1.0.1e-2+rvt+deb7u5
by davep
Tue Apr 08, 2014 5:18 pm
Forum: Raspbian
Topic: Security Bug in Raspbian OpenSSL version
Replies: 49
Views: 14187

Re: Security Bug in Raspbian OpenSSL version

You compile it, there are many documents on how to compile stuff, but if I were to compile it I would just compile a newer version rather than use -DOPENSSL_NO_HEARTBEATS. That said, I would rather see the issue fixed and included in the repositories. Wow, thanks for expending your precious time te...
by davep
Tue Apr 08, 2014 5:11 pm
Forum: Advanced users
Topic: Heartbleed openssl vulnerability
Replies: 58
Views: 21008

Re: Heartbleed openssl vulnerability

jsebean wrote:OpenSSH is not OpenSSL.
Oops :oops: I had assumed there was a common library or something.

Go to advanced search