Back to Home / #linode / 2018 / 10 / Prev Day | Next Day
#linode IRC Logs for 2018-10-09

---Logopened Tue Oct 09 00:00:17 2018
00:11-!-mteufel [] has quit [Remote host closed the connection]
00:11<linbot>New news from blog: Block Storage Now Available in Tokyo 2 <> || 2018 End of Year Events <> || Linode & Limelight Networks <> || Intel’s L1TF CPU Vulnerabilities & Linode <> |
00:13*Peng_ stares at linbot
00:14<@mcintosh>she's trying!
00:14<@mcintosh>be nice
00:14<@mcintosh>staring is rude :p
00:15-!-mteufel [] has joined #linode
00:15-!-mteufel is "mteufel" on #linode #tor-project #tor-dev
00:16<Unit193>Peng_: I have found Limnoria to be a bad rss client, though newer ones are supposed to repeat less. Rbot is surprisingly good, and of course if one needs an actual client then newsboat is good.
00:28<dwfreed>Unit193: linbot is supybot
00:28<dwfreed>linbot: version
00:28<linbot>dwfreed: The current (running) version of this Supybot is The newest version available online is
00:28<Unit193>So not even remotely good at RSS.
00:29<dwfreed>the blog rss feed changes when the blog server is rebooted
00:33<Woet>but why
00:46<dwfreed>Woet: because wordpress
00:59-!-jogie [] has quit [Quit: ZNC -]
01:00-!-jogie [] has joined #linode
01:00-!-jogie is "jogie" on #ceph #vtluug #linode
01:08-!-eyepulp [] has quit [Remote host closed the connection]
01:32-!-distantorigin [~distantor@] has quit [Remote host closed the connection]
01:56-!-Dreamer3_ [] has joined #linode
01:56-!-Dreamer3_ is "Josh Goebel" on #linode
01:57-!-Dreamer3 [] has quit [Read error: Connection reset by peer]
02:10-!-MeGa [~meg@2a00:d880:6:5f2::2601:141] has quit [Read error: Connection reset by peer]
02:10-!-MeGa [~meg@2a00:d880:6:5f2::2601:141] has joined #linode
02:10-!-MeGa is "Ainishosting network" on #linode
03:15-!-BerlinerPlatz [~root@2a01:7e01::f03c:91ff:fe92:a2e6] has joined #linode
03:15-!-BerlinerPlatz is "root" on #linode
03:16-!-BerlinerPlatz [~root@2a01:7e01::f03c:91ff:fe92:a2e6] has quit []
03:25-!-tc42 [~oftc-webi@] has joined #linode
03:25-!-tc42 is "OFTC WebIRC Client" on #linode
03:26-!-tc42 [~oftc-webi@] has quit [Remote host closed the connection]
04:09-!-VladGh [] has quit [Ping timeout: 480 seconds]
04:22-!-ahmd [~oftc-webi@] has joined #linode
04:22-!-ahmd is "OFTC WebIRC Client" on #linode
04:23-!-ahmd [~oftc-webi@] has quit []
04:28-!-Juan_Tek [~Thunderbi@2a02:1205:34f8:16b0:e0cc:2343:7140:9dcc] has joined #linode
04:28-!-Juan_Tek is "Juan_Tek" on #linode
04:34-!-marshmn [] has joined #linode
04:34-!-marshmn is "Matt Marsh" on #linode
04:37-!-VladGh [] has joined #linode
04:37-!-VladGh is "Vlad" on #linode
04:43-!-Juan_Tek [~Thunderbi@2a02:1205:34f8:16b0:e0cc:2343:7140:9dcc] has quit [Quit: Juan_Tek]
04:43-!-Juan_Tek [~Thunderbi@2a02:1205:34f8:16b0:e0cc:2343:7140:9dcc] has joined #linode
04:43-!-Juan_Tek is "Juan_Tek" on #linode
05:08-!-san [] has joined #linode
05:08-!-san is "OFTC WebIRC Client" on #linode
05:09<san>hi team we have an issue in our server.i already created a ticket in linode dashboard
05:09<san>can i get an immediate support on that
05:10<dwfreed>the best way to reach linode in an emergency is by phone
05:10<dwfreed>skype allows for free calls to US toll free numbers
05:19-!-san [] has quit [Quit: Page closed]
05:24-!-eyepulp [] has joined #linode
05:24-!-eyepulp is "eyepulp" on #linode
05:32-!-eyepulp [] has quit [Ping timeout: 480 seconds]
05:35<Woet>i bet it's an issue they can resolve through ssh
05:41-!-Juan_Tek [~Thunderbi@2a02:1205:34f8:16b0:e0cc:2343:7140:9dcc] has quit [Quit: Juan_Tek]
05:47-!-Ikaros [] has quit [Quit: Shutting down, just as a precaution due to impending severe weather today.]
06:12-!-hirukami [~oftc-webi@] has joined #linode
06:12-!-hirukami is "OFTC WebIRC Client" on #linode
06:15<hirukami>problem with CVE-2018-5391 or FragmentSmack is fixed in kernel 4.18.8 ?
06:23-!-hirukami [~oftc-webi@] has quit [Quit: Page closed]
06:43-!-Juan_Tek [~Thunderbi@2a02:1205:34f8:16b0:6142:9408:6854:7d6] has joined #linode
06:43-!-Juan_Tek is "Juan_Tek" on #linode
08:00-!-Daedolon [] has joined #linode
08:00-!-Daedolon is "Daedolon" on #linode
08:19-!-Redentor [] has joined #linode
08:19-!-Redentor is "Armando" on #linode #debian-next #debian-mx #debian-es #debian
08:20-!-Juan_Tek [~Thunderbi@2a02:1205:34f8:16b0:6142:9408:6854:7d6] has quit [Quit: Juan_Tek]
08:33-!-ntox [~textual@] has joined #linode
08:33-!-ntox is "Textual User" on #linode #ovirt
08:43-!-ntox [~textual@] has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
08:44-!-ntox [~textual@] has joined #linode
08:44-!-ntox is "Textual User" on #ovirt #linode
08:49-!-purrdeta [] has joined #linode
08:49-!-purrdeta is "Alex" on #linode #Corsair
08:56-!-shibu [] has joined #linode
08:56-!-shibu is "OFTC WebIRC Client" on #linode
08:57<shibu>Do you offer VPN and private network?
08:58<grawity>Linode offers Linux servers. If you want to set up some VPN software on yours for any purpose, that's up to you
09:00<shibu>ok thanks
09:00-!-shibu [] has quit []
09:06-!-anomie [] has joined #linode
09:06-!-anomie is "Anomie" on #linode
09:07-!-Redentor [] has quit [Quit: Leaving]
09:10-!-kyhwana [~kyhwana@] has quit [Ping timeout: 480 seconds]
09:19-!-kyhwana [~kyhwana@] has joined #linode
09:19-!-kyhwana is "kyhwana" on #otr #linode
09:33-!-kyhwana [~kyhwana@] has quit [Remote host closed the connection]
09:34-!-kyhwana [~kyhwana@] has joined #linode
09:34-!-kyhwana is "kyhwana" on #otr #linode
09:36-!-eyepulp [] has joined #linode
09:36-!-eyepulp is "eyepulp" on #linode
09:47<linbot>New news from community: Storage (not showing properly?) <>
09:53-!-kt [~oftc-webi@] has joined #linode
09:53-!-kt is "OFTC WebIRC Client" on #linode
09:54-!-kt [~oftc-webi@] has quit []
09:54-!-kt is "OFTC WebIRC Client" on #linode
09:54-!-kt [~oftc-webi@] has joined #linode
09:55-!-kt [~oftc-webi@] has quit []
10:05-!-ntox [~textual@] has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
10:09-!-ntox [~textual@] has joined #linode
10:09-!-ntox is "Textual User" on #linode #ovirt
10:10-!-ntox [~textual@] has quit []
10:19-!-ntox [~textual@] has joined #linode
10:19-!-ntox is "Textual User" on #linode #ovirt
10:40-!-Redentor [] has joined #linode
10:40-!-Redentor is "Armando" on #linode #debian-next #debian-mx #debian-es #debian
10:41-!-xxh9 [] has joined #linode
10:41-!-xxh9 is "Chris R" on #linode
10:48-!-Max [] has joined #linode
10:48-!-Max is "OFTC WebIRC Client" on #linode
10:48-!-Max is now known as Guest102
11:08-!-Guest102 [] has quit [Quit: Page closed]
11:32-!-relidy [] has quit [Remote host closed the connection]
11:35-!-relidy [] has joined #linode
11:35-!-relidy is "Relidy" on #linode
11:45-!-ntox [~textual@] has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
12:03<phlux>Do people really use Linodes for VPNs? Kind of defeats the purpose doesn't it?
12:03<relidy>Depends on thepurpose of the VPN
12:03<relidy>I use one on a Linode
12:04<phlux>I take it not for anonymity?
12:04<phlux>Fair enough
12:04<nate>unless you think linode hands over customer information at every request from any nobody, still fairly easy to likely use one for general anonymous usages
12:04<@mcintosh>!point nate
12:04<linbot>mcintosh: Point given to nate. (2)
12:05<nate>I feel like I had more than that once upon a time :P
12:05<nate>or maybe it's on my old nick lo
12:05<relidy>!point nate
12:05<linbot>relidy: Point given to nate. (3)
12:05<phlux>Yeah, I'm not saying Linode hands over customer data
12:07<phlux>I just use a VPN service that my name isn't tied to anywhere
12:07<LouWestin>Even Tor doesn’t guarantee anonymity.
12:08<nate>phlux: That you hope isn't anyways, you don't necessarily know what that VPN service you use is collecting that could be used :P
12:13-!-stephenplatz [~steve@2601:602:8500:50cf:6088:5c1a:f3ca:2ff9] has joined #linode
12:13-!-stephenplatz is "realname" on #linode
12:15-!-h_1 [~oftc-webi@] has joined #linode
12:15-!-h_1 is "OFTC WebIRC Client" on #linode
12:16-!-h_1 [~oftc-webi@] has quit []
12:21<synfinatic>i use my linode+vpn when i'm on public wifi/etc
12:25<relidy>That's precisely why I originally set my personal one up. It's also handy to punch through firewalls when doing client-to-client stuff (like talking to a storage machine at home from my phone on the road).
12:28-!-marshmn [] has quit [Ping timeout: 480 seconds]
12:29-!-montigny34 [~oftc-webi@] has joined #linode
12:29-!-montigny34 is "OFTC WebIRC Client" on #linode
12:29<montigny34>could somebody guide me in the right direction on how to call ModSueExec for php on centos?
12:30<montigny34>it's loaded but I can't seem to figure out what i need to do in order to change a certain virtual hosts user
12:40-!-montigny34 [~oftc-webi@] has quit [Quit: Page closed]
12:50-!-ChasedSpade [] has quit []
12:50-!-Centrixx [] has joined #linode
12:50-!-Centrixx is "Chris Tyrrel" on #linode
12:50-!-Centrixx is now known as ChasedSpade
13:04-!-ntox [~textual@] has joined #linode
13:04-!-ntox is "Textual User" on #linode #ovirt
13:07-!-stephenplatz [~steve@2601:602:8500:50cf:6088:5c1a:f3ca:2ff9] has quit [Ping timeout: 480 seconds]
13:08<linbot>New news from community: How can i add additional IP addreses <>
13:14-!-stephenplatz [~steve@2601:602:8500:50cf:6088:5c1a:f3ca:2ff9] has joined #linode
13:14-!-stephenplatz is "realname" on #linode
13:25-!-marshmn [] has joined #linode
13:25-!-marshmn is "Matt Marsh" on #linode
13:26-!-fstd_ [] has joined #linode
13:26-!-fstd_ is "fstd" on #gentoo #linuxfs #oftc #vserver #linode #debian #kernelnewbies
13:33-!-fstd [] has quit [Ping timeout: 480 seconds]
14:34-!-bumbleVole [~bumbleVol@] has joined #linode
14:34-!-bumbleVole is "bumbleVole" on #linode
15:00-!-marshmn [] has quit [Ping timeout: 480 seconds]
15:33-!-xtrWrithe [] has joined #linode
15:33-!-xtrWrithe is "xtrWrithe" on #tor-south #linode #qemu
15:39-!-marshmn [] has joined #linode
15:39-!-marshmn is "Matt Marsh" on #linode
15:42-!-xtrWrithe [] has quit [Quit: WeeChat 2.0.1]
15:53*DrJ is proud atm
15:53<DrJ>I finally got Qualys to give me an A+ for SSL on all my sites
15:54<millisa>!point DrJ
15:54<linbot>millisa: Point given to drj. (4)
15:54<DrJ>was tough because I was stuck at an A and it wouldn't tell me what I needed to do
15:54<DrJ>turned out I needed to enable HSTS
15:54<millisa>which one was it? (last time I worked through it was either the caa or hsts I think that was eating my +)
15:55<DrJ>I had CAA on all of them
15:55<millisa>same frustration as you, I couldn't tell what I needed to push it over
15:55<DrJ>it was HSTS
15:58<DrJ>I found out what it was by clickin on another site in the recent best that had an A+
15:58<DrJ>it hadd a green bar at the top giving it props for HSTS so I tried that and it worked
15:59<millisa>better than my blind man & rubix cube approach
16:02-!-stephenplatz [~steve@2601:602:8500:50cf:6088:5c1a:f3ca:2ff9] has quit [Ping timeout: 480 seconds]
16:10<LouWestin>DrJ: Are you using lets encrypt or a commercial cert?
16:12-!-syam [] has joined #linode
16:12-!-syam is "OFTC WebIRC Client" on #linode
16:12-!-syam [] has quit []
16:13-!-Ryon [] has quit [Remote host closed the connection]
16:13<DrJ>why do you ask LouWestin?
16:16<DrJ>Linode gets an A+ :)
16:16<DrJ>that's without a CAA record too...
16:16<DrJ>Linode staff here should get on that
16:17<millisa>it might be a conscious choice
16:17<millisa>it was talked about in here a month or two ago
16:17<millisa>something about being a valid name and maybe someone wanting to get a cert for it?
16:17<DrJ>ah, yea that makes sense
16:18<LouWestin>DrJ: just wondering since I use let’s encrypt too and I’m getting an A right now.
16:18<DrJ>Do you have HSTS enabled LouWestin?
16:19<DrJ>that appears to be a requirement for the A+
16:19<LouWestin>Ehh... I don’t remember. I need to retest and see.
16:19<DrJ>obviously CAA is not required millisa, or linode wouldn't have an A+
16:23<nate>Louis6321: link your domain/test, it's most likely your protocol support and/or ciphers giving an A
16:24<LouWestin>Ok. Here my result
16:25<nate>For example I think support of TLS 1.0 will get you just an A these days
16:25<nate>Yeah, note the "TLS 1.0" being yellow, that + all the considered-weak ciphers are where you're prob getting penalized
16:26<LouWestin>Ok. Still not too bad though.
16:26<nate>Honestly if you're not trying to support pretty legacy stuff, >= TLS 1.2 w/ purely ECDHE is largely broadly covered these days
16:28<LouWestin>Yeah, no there’s nothing I need to support legacy wise. Like.. Internet Explorer 6 or something.
16:32-!-Ryon [~rohara@2604:a880:800:a1::3bf:e001] has joined #linode
16:32-!-Ryon is "Ryan" on #linode
16:51-!-marshmn [] has quit [Ping timeout: 480 seconds]
16:52-!-ntox [~textual@] has quit [Remote host closed the connection]
16:59-!-stephenplatz [~steve@2601:602:8500:50cf:6088:5c1a:f3ca:2ff9] has joined #linode
16:59-!-stephenplatz is "realname" on #linode
17:00-!-xxh9 [] has quit [Quit: Leaving.]
17:01-!-anomie [] has quit [Quit: Leaving]
17:06-!-stephenplatz [~steve@2601:602:8500:50cf:6088:5c1a:f3ca:2ff9] has quit [Quit: Leaving]
17:13<DrJ>LouWestin: You don't have HSTS enabled
17:13<DrJ>that will probably get you over the hump as it did for me
17:13<DrJ>diable TLS 1.0 as well
17:19<LouWestin>Ok thanks
17:20<DrJ>get my PM LouWestin?
17:20<DrJ>we are running the exact same versions of debian and apache so I sent you the config I used
17:22<DrJ>LouWestin: anyone using IE 6 these days is going to be use to not being able to reach most sites by now (haha)
17:22<DrJ>in fact, if they can the site itself is broken :)
17:23<DrJ>last thing I would ever want to hear is "your site works great in IE 6!"
17:25<LouWestin>That was way back maybe ten years ago
17:26<rsdehart>I was supporting ie 6 8 years ago and that was pushing it
17:30<LouWestin>It was the website designers nightmare and goal to be IE6 compliant
17:32<Abi12>r u curl compliant?
17:33<LouWestin>I have no idea
17:33<LouWestin>Ok lol
17:34<LouWestin> I think it PHP curl
17:34-!-Redentor [] has quit [Remote host closed the connection]
17:50-!-internat [] has quit [Ping timeout: 480 seconds]
18:19-!-bumbleVole [~bumbleVol@] has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
18:41-!-internat [] has joined #linode
18:41-!-internat is "Nathan" on #linux #tardigans @#binfenv #linode
18:48-!-JP_ [~oftc-webi@] has joined #linode
18:48-!-JP_ is "OFTC WebIRC Client" on #linode
18:55<LouWestin>DrJ: Let's Encrypt added two Apache config files. The one that is linked to the Vhosts file has the cipher list.
18:56<LouWestin>and going back through your notes
18:59-!-JP_ [~oftc-webi@] has quit [Quit: Page closed]
19:43-!-Redentor [] has joined #linode
19:43-!-Redentor is "Armando" on #linode #debian-next #debian-mx #debian-es #debian
19:50<LouWestin>Ok, got TLSv1.2 switched over. Just gotta figure why Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains;" is causing a failure error
19:51<LouWestin>Maybe it's in the wrong place
19:51<LouWestin>meaning how the files are linked together
20:06-!-Ikaros [] has joined #linode
20:06-!-Ikaros is "Ikaros" on #linode
20:13<LouWestin>Wait... I didn't read DrJ 's prescription correctly. Run a2enmod headers... Ok, error gone and Qualys give the site an A+ rating now!
20:16<Abi12>nuuu I got a B :(
20:17<LouWestin>Abi12: Maybe you need to add TLS ciphers?
20:21<Abi12>LouWestin: weak DH exchange, and and no Forward Secrecy
20:22<Ikaros>Needs to be moar like mine, heh
20:23<LouWestin>Abi12: Are you using lets encrypt or a commercial cert?
20:23<LouWestin>I just had to tweak the ciphers and add HSTS to boost it up
20:24<Ikaros>LouWestin can you get more green on your results though? :P
20:24<Abi12>lets encrypt. Yeah. I'm working on it right now though. Generating a stronger DHE param.
20:26<LouWestin>Ikaros: If I can get the Key Exchange and Cipher strength up to 100 from 90 then I'll full green. ;-)
20:28<Ikaros>LouWestin: <- That hostname serves as my "file host" site, I pretty much put screenshots and other random crap up on there, usually media clips or game-related screenshots.
20:53<LouWestin>I just wanted A+ for bragging rights lol.
20:53<LouWestin>and Ikaros nice!
20:59<LouWestin>Abi12: Ok, here's my pastebin
21:00<LouWestin>that's the options-ssl-apache.conf file in /etc/letsencrypt/
21:06-!-Dreamer3_ [] has quit [Quit: ZNC 1.7.1 -]
21:06-!-Dreamer3 [] has joined #linode
21:06-!-Dreamer3 is "Josh Goebel" on #linode
21:07-!-Redentor [] has quit [Remote host closed the connection]
21:08<Ikaros>LouWestin: Support-wise I started off secure-but-broad, I made adjustments to the TLS parameters over time as needed, usually for security reasons, but sometimes also it was to experiment with brand new settings/features.
21:11<LouWestin>Ikaros: Ok nice.
21:11-!-Cajs [Cajs@] has quit [Quit: YourBNC - (]
21:12<Ikaros>Oh the days at making Apache freak 'cause the underlying SSL library was like "lulz nowai"
21:13-!-Cajs [Cajs@2a0a:54c1:6:108::1:1] has joined #linode
21:13-!-Cajs is "Cajs" on #linode
21:14<LouWestin>I’m fairly new to the SSL arena. (Things they don’t teach in school)
21:15<LouWestin>The moment where I learn that I really don’t know too much about the stuff. lol
21:33-!-xrdxyt [] has quit [Ping timeout: 480 seconds]
21:59-!-Daedolon [] has quit [Quit: Good luck, Material Defender.]
22:13-!-exhpqv [~Sam.Spade@] has joined #linode
22:13-!-exhpqv is "Sam Spade" on #linode #debian
22:44-!-Dreamer3 [] has quit [Quit: ZNC 1.7.1 -]
22:44-!-Dreamer3 [] has joined #linode
22:44-!-Dreamer3 is "Josh Goebel" on #linode
22:51-!-bumbleVole [] has joined #linode
22:51-!-bumbleVole is "bumbleVole" on #linode
23:01<Abi12>LouWestin: I run lighttpd.
23:02<Abi12>I added the cipher list and also generated a dhparam.pem file and had it bumped up to an A.
23:06<LouWestin>On line 12-13 is the HSTS support that DrJ mentioned which got him to A+. I also had to run a2enmod headers and restart apache2 which then got it up to A+
23:30-!-trippeh [] has quit [Quit: Boot to the head.]
23:37-!-trippeh [] has joined #linode
23:37-!-trippeh is "Andre Tomt" on #munin #linode
23:58-!-poxifide [] has joined #linode
23:58-!-poxifide is "" on #oftc #linode #bitlbee
23:58-!-deathspawn [] has quit [Remote host closed the connection]
23:58-!-poxifide is now known as deathspawn
---Logclosed Wed Oct 10 00:00:19 2018