Re: tls
by Patrick Dupre
HELLO,
I may have make some progress.
I can SSL/TLS on a local machine but it does not work on a remote.
I get (filezilla):
Disconnected from server
Status: Resolving address of homere
Status: Connecting to 193.49.194.196:21...
Status: Connection attempt failed with "EHOSTUNREACH - No route to host".
Error: Could not connect to server
Status: Waiting to retry...
Status: Resolving address of homere
Status: Connecting to 193.49.194.196:21...
Status: Connection attempt failed with "EHOSTUNREACH - No route to host".
Error: Could not connect to server
ssh works fine. However, I have a possible explaination.
This machine is behind a firewall and to be able to make ssh, I
add to ask to have the ssh port open. Probably, the ftp port is
closed. Should I ask to have it open to use ssl/tls?
Is it port 21? or 990? how can I check the port 22 is open
while the other ones are closed on the firewall (I do not have
admin access to this machine).
Thank.
===========================================================================
Patrick DUPRÉ | | email: pdupre(a)gmx.com
Laboratoire de Physico-Chimie de l'Atmosphère | |
Université du Littoral-Côte d'Opale | |
Tel. (33)-(0)3 28 23 76 12 | | Fax: 03 28 65 82 44
189A, avenue Maurice Schumann | | 59140 Dunkerque, France
===========================================================================
10 years, 9 months
Re: Fedora/Redhat and perfect forward secrecy
by Reindl Harald
Am 09.09.2013 12:55, schrieb Florian Weimer:
> On 09/09/2013 11:58 AM, Andrew Haley wrote:
>> On 09/07/2013 12:52 AM, Gregory Maxwell wrote:
>>> Regardless, I think that argument would be an ignorant one:
>>> Approximately no one runs non-ECDH PFS on the web: it's insanely slow
>>> and it breaks clients.
>>
>> Hmm. Isn't non-ECDH PFS just straight integer (mod N) Diffie-Hellman?
>
> Yes, it is.
>
>> And that's what is insanely slow?
>
> I don't get it, either
google "dhe versus ecdhe performance"
http://vincent.bernat.im/en/blog/2011-ssl-perfect-forward-secrecy.html
>> Let’s focus on the server part. Enabling DHE-RSA-AES128-SHA cipher suite
>> hinders the performance of TLS handshakes by a factor of 3. Using
>> ECDHE-RSA-AES128-SHA instead only adds an overhead of 27%. However, if we
>> use the 64bit optimized version, the cost is only 15%
is that enough to understand why nobody on this world is using DHE and so your
"Current Fedora supports perfect forward secrecy just fine" is *far* away
from the reality?
it does not help much support forward secrecy in a way *nobody* else on this
planet is supporting it and so you repsonse below is uneducated - period
-------- Original-Nachricht --------
Betreff: Re: Fedora/Redhat and perfect forward secrecy
Datum: Mon, 26 Aug 2013 11:07:29 +0200
Von: Florian Weimer <fweimer(a)redhat.com>
An: Development discussions related to Fedora <devel(a)lists.fedoraproject.org>
Kopie (CC): Reindl Harald <h.reindl(a)thelounge.net>, Mailing-List fedora-users <users(a)lists.fedoraproject.org>
On 08/24/2013 11:38 AM, Reindl Harald wrote:
> https://bugzilla.redhat.com/show_bug.cgi?id=319901
>
> looks like Redhat based systems are the only remaining
> which does not support EECDHE which is a shame these
> days in context of PRISM and more and more Ciphers
> are going to be unuseable (BEAST/CRIME weakness)
Current Fedora supports perfect forward secrecy just fine. It's just
that web server operators routinely refuse to offer it. (The situation
is different with mail servers.) Operational benefits look rather
marginal to me. It may discourage interested parties from requesting
server private keys, but even that isn't assured.
10 years, 9 months
Re: Fedora/Redhat and perfect forward secrecy
by Andrew Haley
On 09/07/2013 12:52 AM, Gregory Maxwell wrote:
> Regardless, I think that argument would be an ignorant one:
> Approximately no one runs non-ECDH PFS on the web: it's insanely slow
> and it breaks clients.
Hmm. Isn't non-ECDH PFS just straight integer (mod N) Diffie-Hellman?
And that's what is insanely slow?
Andrew.
10 years, 9 months
Macbook touchpad 2/3 button madness
by Lonni J Friedman
I've got a Macbook Pro 10,1 (retina, 2012 vintage), on which I
recently installed Fedora19. Most everything is working fine, except
the touchpad in X.
The problem that I'm having is when I attempt to use two or three
fingers on the touchpad to simulate a right or middle (button) click
of a mouse. Sometimes it works fine. Other times, it doesn't work at
all (clicking with 2 or 3 fingers on the touchpad does nothing). Most
frustrating is when the two & three finger clicks are inverted
completely. In other words, I will put two fingers on the touchpad,
click, and see behavior as if I had placed 3 fingers on the touchpad.
Or I'll place three fingers on the touchpad, click, and see behavior
as if I had placed just 2 fingers on the touchpad. I'm not able to
find any obvious pattern or means of predicting which behavior I'm
going to get at any given time.
I'm not new to using a Macbook with Linux (I had a 2010 vintage
macbook where this same multi-finger touch/click functionality worked
perfectly 100% of the time with Fedora 14-16). I'm fairly confident
that this isn't user error, and something is definitely either
misconfigured or badly broken. There's nothing weird about my hand, I
don't have unusually small or large fingers. I don't have any other
part of my hand or any other part of my body (other hand, palm, etc)
resting on the touchpad. I'm using XFCE, however I've verified that
the same problem reproduces with other window managers, and also
reproduces if I create a brand new user from scratch for testing
purposes.
I'm hoping that this is some bizarre synaptics driver quirk that can
be worked around by tweaking some synclient settings, but I'm not sure
which. I did notice that I seem to be defaulting to unusually high
values for FingerLow & FingerHigh (70 & 75 respectively), as compared
to other older versions of Fedora (25 & 30 respectively), but when I
tried using those lower values, it didn't seem to make any difference.
All the other values appear identical to older Fedora versions:
#####
Parameter settings:
LeftEdge = -3898
RightEdge = 4428
TopEdge = 434
BottomEdge = 6146
FingerLow = 70
FingerHigh = 75
MaxTapTime = 180
MaxTapMove = 535
MaxDoubleTapTime = 180
SingleTapTimeout = 180
ClickTime = 100
EmulateMidButtonTime = 0
EmulateTwoFingerMinZ = 283
EmulateTwoFingerMinW = 7
VertScrollDelta = 243
HorizScrollDelta = 243
VertEdgeScroll = 0
HorizEdgeScroll = 0
CornerCoasting = 0
VertTwoFingerScroll = 1
HorizTwoFingerScroll = 0
MinSpeed = 1
MaxSpeed = 1.75
AccelFactor = 0.0164447
TouchpadOff = 0
LockedDrags = 0
LockedDragTimeout = 5000
RTCornerButton = 0
RBCornerButton = 0
LTCornerButton = 0
LBCornerButton = 0
TapButton1 = 0
TapButton2 = 0
TapButton3 = 0
ClickFinger1 = 1
ClickFinger2 = 3
ClickFinger3 = 2
CircularScrolling = 0
CircScrollDelta = 0.1
CircScrollTrigger = 0
PalmDetect = 0
PalmMinWidth = 10
PalmMinZ = 200
CoastingSpeed = 20
CoastingFriction = 50
PressureMotionMinZ = 30
PressureMotionMaxZ = 160
PressureMotionMinFactor = 1
PressureMotionMaxFactor = 1
GrabEventDevice = 1
TapAndDragGesture = 1
AreaLeftEdge = 0
AreaRightEdge = 0
AreaTopEdge = 0
AreaBottomEdge = 0
HorizHysteresis = 40
VertHysteresis = 27
ClickPad = 1
RightButtonAreaLeft = 0
RightButtonAreaRight = 0
RightButtonAreaTop = 0
RightButtonAreaBottom = 0
MiddleButtonAreaLeft = 0
MiddleButtonAreaRight = 0
MiddleButtonAreaTop = 0
MiddleButtonAreaBottom = 0
#####
Any ideas & suggestions are appreciated.
thanks!
10 years, 9 months
Freedesktop.org vs. LibreOffice.org
by Jonathan Ryshpan
What is the connection, if any, between Freedesktop.org and
LibreOffice.org? I have found a small bug in Libre Office Calc and have
reported it to the Freedesktop bugzilla, where it is languishing.
Should it have been submitted to LibreOffice instead? Would it be
extremely rude to submit it to both places?
Thanks - jon
10 years, 9 months
convert wmv files
by g
greets,
what is needed to convert .wmv file to mp4 or what ever?
tia.
--
peace out.
in a world with out fences, who needs gates.
sl6.3 linux
tc.hago.
g
.
10 years, 9 months
fedora19 and samsung syncmaster 2493hm
by Walter Cazzola
Dear Fedora Expert,
I've just reinstalled my old desktop with Fedora 19 and I've several
troubles to fix right now.
The most annoying is that it doesn't recognize my Samsung Syncmaster
2493HM with the result of a lower resolution (it should be "full hd" but
it is more or less "HD ready") and a wrong dpi aspect ratio with the
effect that image borders go out of the visible part of the screen.
I've googled around but I didn't found something really usefull. Most
are related to manually configure it in xorg configurration file but
seems that I don't have xorg anymore.
Do you know how to solve it?
Thank you in advance
Walter
--
10 years, 9 months
problems in installing Fedora 19
by Walter Cazzola
Dear Fedora experts,
I was going to install the new Fedora 19 on a old desktop computer but
it hangs after "starting Live Fedora" message. I have tried both x64 and
x32 version without any luck.
My computer is an Intel(R) Core(TM)2 Duo CPU E8200 @ 2.66GHz with 2
cores and probably 64bit. 4Gb of RAM and 1Tb of disk. The graphic card
is a nVidia GeForce 9600 GT
Right now the pc is running a old mandriva installation so the hw was
supported at that time.
Any suggestion?
Many thanks in advance.
Walter
--
10 years, 9 months
Re: tls
by Patrick Dupre
> ----- Original Message -----
> From: Mike Wright
> Sent: 09/07/13 08:11 PM
> To: Community support for Fedora users
> Subject: Re: tls
>
> 09/07/2013 11:07 AM, Patrick Dupre wrote:
> > HELLO,
> >
> > I may have make some progress.
> > I can SSL/TLS on a local machine but it does not work on a remote.
> > I get (filezilla):
> > Disconnected from server
> > Status: Resolving address of homere
> > Status: Connecting to 193.49.194.196:21...
> > Status: Connection attempt failed with "EHOSTUNREACH - No route to host".
> > Error: Could not connect to server
> > Status: Waiting to retry...
> > Status: Resolving address of homere
> > Status: Connecting to 193.49.194.196:21...
> > Status: Connection attempt failed with "EHOSTUNREACH - No route to host".
> > Error: Could not connect to server
> >
> >
> > ssh works fine. However, I have a possible explaination.
> > This machine is behind a firewall and to be able to make ssh, I
> > add to ask to have the ssh port open. Probably, the ftp port is
> > closed. Should I ask to have it open to use ssl/tls?
> > Is it port 21? or 990? how can I check the port 22 is open
> > while the other ones are closed on the firewall (I do not have
> > admin access to this machine).
> >
>
> Maybe you could use "tcpdump" in order to see which ports are used while
> making a connection on the local machine. That may show which ports
> need to be opened on the firewall.
>
Does it help?
21:10:02.902287 IP sophocle.60380 > Homere.ftp: Flags [S], seq 505285150, win 14600, options [mss 1460,sackOK,TS val 42253104 ecr 0,nop,wscale 7], length 0
21:10:02.988377 IP 193.51.250.170 > sophocle: ICMP host Homere unreachable - admin prohibited filter, length 36
21:10:02.988795 IP sophocle.55174 > ns1.bouygtel.net.domain: 415+ PTR? 170.250.51.193.in-addr.arpa. (45)
21:10:03.048518 IP ns1.bouygtel.net.domain > sophocle.55174: 415 NXDomain 0/1/0 (106)
21:10:07.995654 IP sophocle.60381 > Homere.ftp: Flags [S], seq 245048817, win 14600, options [mss 1460,sackOK,TS val 42258197 ecr 0,nop,wscale 7], length 0
21:10:08.998299 IP sophocle.60381 > Homere.ftp: Flags [S], seq 245048817, win 14600, options [mss 1460,sackOK,TS val 42259200 ecr 0,nop,wscale 7], length 0
21:10:09.068427 IP 193.51.250.170 > sophocle: ICMP host Homere unreachable - admin prohibited filter, length 36
> --
> users mailing list
> users(a)lists.fedoraproject.org
> To unsubscribe or change subscription options:
> https://admin.fedoraproject.org/mailman/listinfo/users
> Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
> Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
> Have a question? Ask away: http://ask.fedoraproject.org
===========================================================================
Patrick DUPRÉ | | email: pdupre(a)gmx.com
Laboratoire de Physico-Chimie de l'Atmosphère | |
Université du Littoral-Côte d'Opale | |
Tel. (33)-(0)3 28 23 76 12 | | Fax: 03 28 65 82 44
189A, avenue Maurice Schumann | | 59140 Dunkerque, France
===========================================================================
10 years, 9 months