gmane.linux.gentoo.user

Re: Buying a low-cost printer for Linux

Paul Hartman — 2008-12-04T04:53:52

It's not an ink-jet but I got an HP LaserJet 1020 for $80 on NewEgg a year ago and it works fine in Linux with CUPS using the foo2zjs driver. I think Googling is probably your best chance of finding out what works and what doesn't. Also going with older models will probably be cheaper and easier to find info about. On NewEgg what I have found useful is to use their review search to look for the word "linux" within the reviews of an item to see if anyone else has already tried it on the penguin. :) Good luck, Paul

Re: Buying a low-cost printer for Linux

Mark Knecht — 2008-12-04T04:29:29

On Wed, Dec 3, 2008 at 8:16 PM, Volker Armin Hemmann tu-clausthal.de> wrote: I'll have to write them and get some answers. Can I run it on multiple machines using a singe license. None of my printers were in their supported list so do they support them or not? They should be able to answer those sorts of questions. However, their list of supported devices is still much smaller than the Open Source list so it begs the same question... Even though they have support for a nice set of printers, which of those printers can be purchased new today through normal retail channels? Thanks for the idea. I'd not heard of them. Cheers, Mark

Re: Buying a low-cost printer for Linux

Volker Armin Hemmann — 2008-12-04T04:16:03

forget the 'opensource' printers, and buy a turboprint licence. It rocks. It really does.

Buying a low-cost printer for Linux

Mark Knecht — 2008-12-04T03:44:27

Does anyone have a good way of figuring out what printers that you can actually buy in the retail market place actually have support in Linux? I sure don't. Over the past 10 years I've gone the route of looking at the ads, finding printers in the right price range and then looking at http://www.linuxprinting.org to determine if there is any support. Invariably what comes up is that printer life in the retail chain is so short that whatever Fry's is selling is too new so Cups doesn't have support, and by the time Cups does have support the printer is no longer for sale. No better shopping through NewEgg or Amazon, etc. as I run into the same problem... What's a guy to do? My folks need a new unit. (I guess!) It's not working anymore as it's always been an unsupported model as far as I can tell. It's a Canon MP310. I had it working a year ago with the MP150 driver but it no longer works with recent Cups releases so either it broke or it's truly unsupported now. I may have to go back to some old Cups release

Re: audacious 1.5 not playing

Michael George — 2008-12-04T02:30:26

I am able to play mp3's regardless of the format detection. However, OGG files aren't playing. If I tell it to detect the formats on demand, I can add ogg files to the playlist, but they still will not play. The only way the ogg files play is if I tell it to determine the file type by the file extension. In 1.4 it was able to determine the file type even if it didn't have an .ogg extension...

Re: Curious pattern in log files from ssh...

Simon — 2008-12-03T20:49:46

I noticed the same thing on my host several weeks ago. I strongly suggest removing root access to your ssh, root is probably being tried by more than 50% of all login attempts... the other trials are semi-intelligent random usernames (ie, users that might really well exists, like 'apache' etc... but other usernames which may not like 'albert'). If your username is not part of the list of attempts, then it won't be tried much, and I once found out that if your password is alphanumeric with lower and upper cases, the hacker as a worst chance of finding your password in (26*2+10)^8(chars long) = 62^8 = 2.18e14 steps or 218 millions of millions of steps. This is assuming they try the correct username each time! The other thing you should do is place ssh on another port, very high. IIRC, port numbers are 16bits and can go as high as 65k... you could use 22xxx where xxx is a random favorite number for example. Since it is very unlikely that the attacker is targeting you specifically, changing the p

Re: emerge --update pulling inenlightenment-0.16.9999.050

Willie Wong — 2008-12-04T00:42:34

On Thu, Dec 04, 2008 at 12:58:28AM +0530, Penguin Lover Rajat Vig squawked: Okay, a better question then is: how does know that the 9999 ebuilds should be live, and that default it should be snap? I am completely puzzled by the ebuilds. In other words, is it hardcoded somethere in portage that all 9999 version numbers automatically trigger that variable above to be live? Or is there some configuration somewhere? Also, is this what all that fuss about EAPI is about? The enlightenment ebuilds in the tree looks quite different from the ones in the overlay. Thanks, W

Re: Curious pattern in log files from ssh...

Steve — 2008-12-04T00:39:38

Eeew... especially as this would apply to all connections - even the ones where I have a DSA key. I might be able to cope with this if it only applied to my initial connection, from which I could grab a copy of the DSA key. Fair enough - but I've still not found an option for sharing/using shared block lists for bot-nets.

Re: confusing depclean output

Allan Gottlieb — 2008-12-04T00:30:19

Did you try emerge --update --newuse --deep --with-bdeps=y world as hinted at by the above msg? allan

Re: Curious pattern in log files from ssh...

Dmitry S. Makovey — 2008-12-04T00:07:19

nope. just start connection. wait a minute. cancel. start another one. wait a minute. cancel. start new one - voila! :) well. Nobody but you knows your requiremens and specifics - we're just listing options. It's up to you to either take 'em or leave 'em ;)

Re: Curious pattern in log files from ssh...

Steve — 2008-12-03T23:55:45

Erm - surely I either need to set up my client to port-knock... which is a faff I'd rather avoid... in order to use the technique. Port knocking would be especially infuriating from trusted clients where I'd like to use standard software like WinSCP; Putty; Symbian Putty - etc. While I recognise port knocking as a valuable strategy in some circumstances, it seems a very bad fit for my needs. GEO-IP blocking would be fairly good... if I could limit this to password authentication only - as would blacklisting known bot-net participants. While these exotic ideas are interesting - a better way to identify malicious hosts is, by far, my preferred solution.

Re: Curious pattern in log files from ssh...

Dmitry S. Makovey — 2008-12-03T23:46:21

oh no, not rejected - dropped ;) let them go through pains of timing out without knowing if anything is actually listening on the other side ;)

confusing depclean output

Michael P. Soulier — 2008-12-03T23:32:24

msoulier< at >anton:~$ emerge --pretend --depclean *** WARNING *** Depclean may break link level dependencies. Thus, it is *** WARNING *** recommended to use a tool such as `revdep-rebuild` (from *** WARNING *** app-portage/gentoolkit) in order to detect such breakage. *** WARNING *** *** WARNING *** Also study the list of packages to be cleaned for any obvious *** WARNING *** mistakes. Packages that are part of the world set will always *** WARNING *** be kept. They can be manually added to this set with *** WARNING *** `emerge --noreplace `. Packages that are listed in *** WARNING *** package.provided (see portage(5)) will be removed by *** WARNING *** depclean, even if they are part of the world set. *** WARNING *** *** WARNING *** As a safety measure, depclean will not remove any packages *** WARNING *** unless *all* required dependencies have been resolved. As a *** WARNING *** consequence, it is often necessary to run *** WARNING *** `emerge --update --newuse --deep world` prior

Re: Curious pattern in log files from ssh...

Paul Hartman — 2008-12-03T23:21:24

I think using Dmitry's idea of rejecting the first 2 connections, but then allowing it as normal on the third attempt would satisfy your requirements for being on the normal port, allowing all IPs and requiring no special setup on the client end (other than knowing they have to to retry twice). Of course, this is assuming the botnet stops after rejected connections...

Re: Automounting of USB drives

Iain Buchanan — 2008-12-03T23:19:50

How about the gnome-volume-manager? (If you use Gnome)...

Re: Curious pattern in log files from ssh...

Steve — 2008-12-03T22:55:23

All good ideas - except selling the blacklist... I'd be happiest to share my blacklist for free... my objective is to minimise exposure to botnets - rather than to accept another level of complexity with legitimate use.

RE: Curious pattern in log files from ssh...

Adam Carter — 2008-12-03T22:54:14

Fail2ban is iptables based. From the website it now appears to have a map feature so if say you notice most of the attacks coming from China, and none of you ssh useres are in China, you could perhaps block the entire country with http://people.netfilter.org/~peejix/geoip/howto/geoip-HOWTO.html

Re: mp3/ogg editing

Paul Hartman — 2008-12-03T22:26:29

Hi, I don't think there is an ebuild, but you can try Mpcut: http://minnie.tuhs.org/Programs/Mpcut/

Re: Curious pattern in log files from ssh...

Dmitry S. Makovey — 2008-12-03T22:11:30

get yourself some portable linux device capable of either USB, ethernet or wifi connection (OpenMoko, Nokia NXXX, etc.) plug your keys there - and voila, you've got yourelf both secure terminal and key storage in one box. I would be highly suspicious initiating SSH connection with my servers from untrusted box (which is any box not built and maintained by me ;) ) as there is a chance of keylogger (no matter how friendly owner of spoken box is - you don't know if he wasn't hacked and you have no time for even casual checking). You can use variation of port-knocking and reverse your strategy based on the pattern: 1. drop first connection from specified IP and record it in "first_try" table 2. drop second connection from specified IP and record it in "second_try" table 3. if IP is in both first_try and second_try - allow it to attempt authentication but only with the keys. (removing it from *_try tables and possibly recording it in whitelist) 4. if IP fails X number of attempts within specified ti

Re: mp3/ogg editing

Liviu Andronic — 2008-12-03T21:54:13

There is media-sound/mp3splt-gtk [1], but it's for splitting only: "a GTK+ based utility to split mp3 and ogg files without decoding." Never managed to get it working, though. I would suggest that you raise the question on a more specialised ML, for example the Audacity ML. Perhaps they'd suggest an alternative, or even be willing to implement this.. Liviu [1] http://gentoo-portage.com/media-sound/mp3splt-gtk On 11/29/08, meino.cramer< at >gmx.de gmx.de> wrote:

Re: Curious pattern in log files from ssh...

Steve — 2008-12-03T21:47:46

Thanks for all the replies so far... I'll reply once to these... (Oh, and when I said "ports" in my original post, I meant "addresses" - my typing fingers just ignored my brain...) I'm against a 'novel port' approach - as I am against port-knocking (for my server) because these may prove challenging for the environments from which I may want to log on. I want to retain a 'standard' service to make it easiest for me to connect to my server from a remote site without requiring reconfiguration of firewalls etc. I have, in the past, used DSA only keys - but this was frustrating on several occasions when I wanted access to my server and didn't have my SSH keys available to me... I almost always connect using a key pair rather than a password - but the password option is very useful to allow me to get hold of my SSH keys in the first place in some environments. If I found a distributed attack on a valid user name, for example, I'd consider this a critical change - however inconvenient. I previously used denyh