« Previous day | Index | Today | Next day » Channels | Search | Join
All times shown according to UTC.
Time | Nick | Message |
---|---|---|
00:27 | walterbender <walterbender!~chatzilla![]() |
|
01:34 | walterbender has quit IRC | |
02:28 | walterbender <walterbender!~chatzilla![]() |
|
02:41 | walterbender has quit IRC | |
05:15 | meeting | * alsroot_away nick cambiado a alsroot |
12:27 | car|0s <car|0s!~carlos![]() |
|
12:37 | m_anish_afk has quit IRC | |
12:37 | bernie has quit IRC | |
12:53 | m_anish_afk <m_anish_afk!~anish![]() |
|
12:53 | bernie <bernie!~bernie![]() |
|
12:55 | rralcala <rralcala!~rralcala![]() |
|
13:03 | rralcala has left #olpc-paraguay | |
13:08 | walterbender <walterbender!~chatzilla![]() |
|
14:47 | m_anish_afk is now known as m_anish | |
15:09 | rralcala <rralcala!~rralcala![]() |
|
17:04 | jasg <jasg!~jorge![]() |
|
17:05 | jasg has quit IRC | |
17:17 | satellit_ is now known as satellit_afk | |
17:46 | meeting | * alsroot nick cambiado a alsroot_away |
17:47 | * alsroot_away nick cambiado a alsroot | |
17:50 | aldo <aldo!~Paraguay![]() |
|
17:50 | aldo has quit IRC | |
18:00 | car|0s has quit IRC | |
18:01 | aldoa <aldoa!~Paraguay![]() |
|
18:17 | car|0s <car|0s!~carlos![]() |
|
18:30 | aldoa has quit IRC | |
20:56 | bernie | m_anish: suburashi! |
20:57 | m_anish | bernie, ?? |
20:57 | bernie | m_anish: ask tch |
20:57 | m_anish | bernie, ok |
20:57 | car|0s has quit IRC | |
20:57 | m_anish | bernie, happy new yr! |
20:58 | bernie | m_anish: arigato gozai mas |
20:59 | m_anish: whenever you want, please replace the updater patch in dextrose and rebuild the sugar rpm | |
20:59 | m_anish: so you learn the full procedure :) | |
21:00 | m_anish | bernie, okay :) |
21:01 | bernie, i'm guessing this is anime "arigato gozai mas" . translate.google.com, sadly, doesn't detect anime | |
21:01 | translate.anime.org is needed | |
21:04 | rralcala has left #olpc-paraguay | |
21:06 | m_anish | bernie, translate.carlos.py was here, thanks ;-) |
21:06 | yw | |
21:06 | bernie | haha |
21:06 | m_anish: it means "thank you very much"... but I think it's normal japanese. only, romanji-zied | |
21:07 | romanji == our alphabet | |
21:07 | m_anish | bernie, k :) |
21:08 | bernie, know of any trick that allows me to unlock xo's in less than 24 hrs? | |
21:09 | bernie | m_anish: you should get admin access to the machine that generates keys for laptops |
21:10 | m_anish | bernie, ok, rralcala says that there is a key server in the office, that just died bec. of a fan problem |
21:10 | bernie | m_anish: http://wiki.paraguayeduca.org/[…]aas_documentation |
21:10 | m_anish: damn... on what machine was it running? | |
21:10 | m_anish: is carlos in the office? | |
21:10 | m_anish | bernie, i'm alone atm, everyone has left |
21:11 | bernie, i don't remember the exact name, sounded something like punto(??) :-) | |
21:11 | bernie | m_anish: it was here: http://a.paraguayeduca.org/ |
21:11 | m_anish: the machines are: paofila, robbie, buho, mothership, amnesia | |
21:12 | m_anish | bernie, anyway, it won't be fixed today, i'll fill in the uuid and s.nos. on http://activation.laptop.org/devkey/post/ |
21:15 | walterbender has quit IRC | |
21:17 | bernie | m_anish: if you give me the S# and UUID of the machine, I could generate a key for you on the fly using the OLPC activation server |
21:17 | m_anish: reubencaron (also lurking in this channel) can also do it | |
21:18 | m_anish | bernie, hmm, wait then... i only have limited no. of chargers :) |
21:18 | bernie | m_anish: if you need sysadmin support and carlos is not around, try pinging me. I still have root everywhere. |
21:19 | m_anish | k |
21:19 | bernie | m_anish: the fastest way to collect the U# and S# is through a collection stick |
21:19 | m_anish: I recommend preparing one and keeping it always handy. | |
21:20 | m_anish: if you need to share the same key for collection, activation and other functions, you can rename the olpc directory to "oloc.act" so you can quickly restore it when needed | |
21:20 | m_anish: working with the XOs involves a lot of USB stick juggling. make sure you have always 2-3 usb sticks with you! if not, ask [scs] to buy some | |
21:21 | m_anish | bernie, i have one with me |
21:21 | bernie | m_anish: another tip from your predecessor: buy only very fast sticks! you'll have to reflash laptops hundeds of times, it's frustrating to wait several minutes every time |
21:21 | [scs]: ^^^ | |
21:21 | m_anish | bernie, k |
21:22 | bernie | m_anish: amnesia seems to be dead |
21:22 | m_anish: is carlos around? | |
21:22 | m_anish | bernie, are you aware of a particular model that worked very well |
21:22 | bernie, nopes, just me and mosquitoes :) | |
21:23 | bernie | m_anish: hmm, the best usb stick I have is a black kingston, but the chips vary with time. benchmarking a copy of a large file to the stick is the only way to know |
21:23 | m_anish | bernie, hmm ok |
21:24 | bernie | m_anish: here, two shell functions for your ~/.bashrc that will come handy when you transfer builds to the usb sticks: |
21:24 | putzd() { [ -d $1 ] && rm -f $1/os*.{img,crc,zd} && cp os*.zd $1/ && cp os*.zsp.fs.zip $1/fs.zip; umount $1; } | |
21:24 | putimg() { [ -d $1 ] && rm -f $1/os*.{img,crc,zd} && cp os*.crc $1/ && cp os*.img $1/ && cp os*.img.fs.zip $1/fs.zip; umount $1; } | |
21:24 | m_anish: use them like so: | |
21:24 | cd build/output | |
21:25 | putzd /media/MYUSBSTICK | |
21:25 | m_anish | bernie, thanks |
21:25 | bernie, arigato gozai mas :) | |
21:41 | bernie, the usb drive went bust :(((( | |
21:41 | trying another | |
21:45 | bernie | m_anish: haha, they do die |
21:46 | m_anish: never buy bad quality ones for heavy-duty use | |
21:46 | m_anish | 6) SHC83702029 64CE02A9-652B-44BF-BFFD-B3DB72A080F3 20110103T214113Z |
21:46 | 5) SHC837020F6 A7CEB427-D354-46A0-BE25-A99350A682EB 20110103T213949Z | |
21:48 | damn, one of the laptops screwed up the laptops.dat file | |
21:48 | i have 6 with me atm | |
21:49 | 4) SHC83701C05 4F6A898C-0395-4E84-9BBC-2AFF614F2F83 20110103T215140Z | |
21:51 | 3) SHC838007CC 37AA2487-CA77-488A-AFF1-A0310CEFCAA7 20110103T215258Z | |
21:52 | 2) SHC83800770 10F1667B-164E-484F-B2C4-988FC8ED1125 20110103T215652Z | |
21:54 | 1) <not working> | |
21:54 | bernie, ^^ that's all the uuid's and sno.s | |
21:56 | bernie, did you know that pendrives often contain burnt out or not working chips.. If a manufacturer is making three different models say 2 GB, 4GB and 8 GB. all of the pendrives would be exactly the same, just that some of the chips in the 4 GB and 2GB ones would be purposefully disabled or not working | |
21:58 | bernie, same is the case with processors, your intel dual core pussy and quad core extreme could possibly be the exact same chips, but for a few pins pulled up/down or some burnt fuse data :) | |
22:32 | bernie | wow, you want to unlock 6 laptops? |
22:33 | m_anish: for testing, it would be better if you could keep a few of them locked | |
22:33 | m_anish: are you able to run signed builds already? | |
22:33 | m_anish: i'll grant you all the permissions you need | |
22:33 | m_anish: but first I need to make sure that you have a decently secure workstation | |
22:34 | m_anish | bernie, okay, how about unlocking 2? I have one unlocked at the beertarium |
22:34 | bernie | m_anish: 6 & 5 ok? |
22:34 | m_anish | bernie, signed builds? i think they already run dxo-1-py |
22:35 | bernie, yep | |
22:35 | bernie | m_anish: if the builds you make are signed, then you can load them without unlocking the laptops |
22:36 | m_anish | bernie, they aren't signed, i can look up as to how to make signed builds |
22:36 | reubencaron_ <reubencaron_!~reubencar![]() |
|
22:36 | reubencaron has quit IRC | |
22:38 | bernie | m_anish: ok, first I'll send you the developer keysd |
22:38 | m_anish: do you have a gpg key? | |
22:39 | m_anish | bernie, i have gpg key on my other os, (on a different partition) |
22:39 | bernie | m_anish: can you copy the keyring over? |
22:39 | m_anish | bernie, lemme check |
22:40 | bernie | m_anish: (as a tip, if you boot multiple linux distros on your laptop, you could share the home by putting it in a separate partition |
22:40 | m_anish: or by simply symlinking it from the other distro | |
22:40 | m_anish | bernie, good idea, but that's currently not the case |
22:41 | bernie | m_anish: I used to run 3 distros on the same laptop, with the same exact settings ;-) |
22:41 | m_anish | bernie, what if the the other different os'es are ubuntu and fedora, they might screw each other up |
22:41 | bernie | m_anish: if they use similar versions of the desktop you use, there's no problem |
22:42 | m_anish: running older software with settings created by newer versions causes issues | |
22:42 | m_anish: plus, there are a couple of differences, such as thunderbird using a different dot-file to store its profile... | |
22:42 | m_anish: minor stuff. it mostly works | |
22:42 | m_anish | bernie, i remember uploading my gpg key to a keyserver |
22:42 | bernie, ok | |
22:43 | bernie | m_anish: yes, I can see _2_ keys for you on the keyservers |
22:43 | m_anish: (they sync with each other, did you know?) | |
22:43 | m_anish | bernie, i had no idea |
22:44 | bernie | m_anish: but if you don't have the private key, I cannot use it to encrypt an email to you |
22:44 | m_anish: ok, I have a better idea: I'll send you the file on robbie :-) | |
22:44 | m_anish | bernie, wait a moment, let me searc |
22:45 | bernie | m_anish: scp robbie:~bernie/develop.sig /media/USBSTICK/security/ |
22:46 | m_anish | bernie, great! |
22:47 | bernie, i can't seem to access robbie :( | |
22:50 | anish![]() ![]() |
|
22:50 | Permission denied (publickey,gssapi-with-mic). | |
22:50 | anish![]() ![]() |
|
22:50 | ssh: Could not resolve hostname robbie: Name or service not known | |
22:52 | bernie, okay , i found my private key | |
22:52 | bernie, how should i send it? | |
22:53 | bernie | m_anish: the private key should not be sent to anyone |
22:53 | m_anish | bernie, yeah, that's what i thought |
22:53 | :) | |
22:53 | bernie | m_anish: tell me the key ID (which is the last 8 digits of the fingerprint) |
22:53 | m_anish | bernie, ok |
22:54 | bernie | m_anish: gpg --list-key anish |
22:54 | m_anish: robbie.paraguayeduca.org prolly | |
22:58 | m_anish | bernie, damn, i need to log into my other acc... |
22:58 | wait a moment | |
22:59 | m_anish is now known as m_anish_afk | |
23:00 | bernie | m_anish_afk: you could have mounted the other part to retrieve the file! |
23:02 | m_anish_ <m_anish_!~anishmang![]() |
|
23:02 | m_anish_ | bernie, pub 2048R/C70D9569 2010-04-13 |
23:02 | uid Anish Mangal (Ubuntu Launchpad Key) <anishmangal2002![]() |
|
23:02 | sub 2048R/24BB25F7 2010-04-13 | |
23:03 | bernie, is that what you were looking for | |
23:03 | bernie, | |
23:03 | ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAsGEs1wx/C0R2wZAmcV/cAQNEq4SPBYur91kHgHDUnBkIMemku2pw6TLopvwwnwWDhcPsBso1/SVsXuSqzZSQVdqUxG3hD1iEStBmp7fFT9zlLH11YX22c5fDQpB1XL+QrhxQ0ZvtU7C2CTOyJsC9O/Lhi8BNGy9bNHM/gbayQj/AvDuD84z+Hpa6aRmqI6nx4hzLJFrY6jw+2fPhFkqMUxOBS4AJj0sZ6yxX51v6+b4qK5WQ4Iqsg7J7uua6IOMJa5C2f0T+xRvCWn4Cf7KevXUW3WAjfaf0wX2VJFXvtyCJckChPCoAVrOQPf91tyu1aLl8e1m0+Kipb4jWFHPGOQ== anish![]() |
|
23:04 | could you add this to my auth keys in my acc. on robbie, username is manish | |
23:07 | bernie, leaving for home | |
23:09 | bernie | m_anish_: ok that's it |
23:10 | m_anish_: key added | |
23:10 | m_anish_: you also have root on robbie, did you know? | |
23:11 | m_anish_: ping me when you're at the kbd, I have further instructions for you :) | |
23:11 | m_anish_ has quit IRC | |
23:31 | m_anish_afk is now known as m_anish | |
23:32 | m_anish | bernie, at the keybd :) |
23:33 | bernie, able to log into robbie :), | |
23:34 | meeting | * alsroot nick cambiado a alsroot_away |
23:49 | bernie | m_anish: ok, so you have the developer keys sitting in my home |
23:49 | m_anish: do you know how to use them? | |
23:49 | m_anish | bernie, yes, thanks! |
23:50 | bernie | m_anish: ok, now I'd like to give you the deployment keys so you can sign your own builds |
23:50 | m_anish: but first I'd like to ask you a few security related questions to make sure the keys are stored in a safe place | |
23:51 | m_anish | bernie, ok |
23:55 | bernie | m_anish: first, do you have a secure password for your account? or just 12346? |
23:55 | m_anish | bernie, its pretty secure, has [a-z, A-Z, 0-9,] and a few special chars |
23:56 | bernie | m_anish: k |
23:56 | m_anish: is your ssh key also password protected? | |
23:57 | m_anish | yes, that's a different password, but strong |
23:57 | bernie | m_anish: on both fedora and ubuntu, you can get the ssh keys unlocked automatically on login if they have the same password of the account, so it's not incovenient |
23:57 | m_anish: ok, same for gpg, I guess? | |
23:57 | m_anish | bernie, i have different passwd, but i only have to inter it once |
23:57 | bernie, yep | |
23:58 | bernie | m_anish: so I'll send you an encrypted email with the deployment keys. when you receive it, unpack the file somewhere in your home, then delete the archive. |
23:58 | m_anish: you can keep the email, since it's encrypted anyway | |
23:59 | m_anish: if your email client supports gpg, you'll be able to decrypt the email by typing the password of your gpg private key | |
23:59 | m_anish | bernie, okay |
« Previous day | Index | Today | Next day » Channels | Search | Join