• 21:1/100

    From Avon@21:1/101 to All on Sun Feb 7 09:51:56 2021
    Changes to the settings at this HUB have been made, if anyone is having
    issues with their feed please let me know.

    --- Mystic BBS v1.12 A46 2020/08/26 (Windows/32)
    * Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (21:1/101)
  • From Avon@21:1/101 to All on Wed Oct 13 16:49:07 2021
    After much ado I think I have finally sorted IPv6 connectivity to the 1/100 HUB.

    This also means 21:1/101 should be reachable via IPv6 as is 3:770/1

    21:1/10 is still running on a different system an is only IPv4 connected at this time.

    agency.bbs.nz
    ipv6.agency.bbs.nz
    net1.fsxnet.nz

    should all work (I hope)

    --- Mystic BBS v1.12 A47 2021/09/29 (Linux/64)
    * Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (21:1/101)
  • From Warpslide@21:3/110 to Avon on Wed Oct 13 03:56:00 2021
    On 13 Oct 2021, Avon said the following...

    After much ado I think I have finally sorted IPv6 connectivity to the 1/100 HUB.

    Yup, looks reachable now from my end, except for port 24556:

    --------------------- POLL v1.12 A47 2021/09/29 Wed, Oct 13 2021 (loglevel 1) + 2021.10.13 03:51:40 Poll BINKP node via address lookup: 21:1/100
    + 2021.10.13 03:51:40 1-Polling 21:1/100 on slot 1 via BINKP
    + 2021.10.13 03:51:40 1-Connecting to agency.bbs.nz on port 24554
    + 2021.10.13 03:51:41 1-Using address 2001:0470:000D:0123::0200
    + 2021.10.13 03:51:41 1-Connected by IPV6 to 2001:0470:000D:0123::0200
    + 2021.10.13 03:51:46 1-System Agency + Risa HUB
    + 2021.10.13 03:51:46 1-SysOp Paul Hayton
    + 2021.10.13 03:51:46 1-Location Dunedin, New Zealand
    + 2021.10.13 03:51:46 1-Mailer binkd/1.1a-112/Linux binkp/1.1
    + 2021.10.13 03:51:47 1-Authorization failed
    + 2021.10.13 03:51:48 Polled 1 systems

    --------------------- POLL v1.12 A47 2021/09/29 Wed, Oct 13 2021 (loglevel 1) + 2021.10.13 03:52:02 Poll BINKP node via address lookup: 21:1/100
    + 2021.10.13 03:52:02 1-Polling 21:1/100 on slot 1 via BINKP
    + 2021.10.13 03:52:02 1-Connecting to agency.bbs.nz on port 24555
    + 2021.10.13 03:52:03 1-Using address 2001:0470:000D:0123::0200
    + 2021.10.13 03:52:03 1-Connected by IPV6 to 2001:0470:000D:0123::0200
    + 2021.10.13 03:52:09 1-System Agency BBS
    + 2021.10.13 03:52:09 1-Location Dunedin, New Zealand
    + 2021.10.13 03:52:09 1-SysOp Avon
    + 2021.10.13 03:52:09 1-Mailer Mystic/1.12A47 binkp/1.0
    + 2021.10.13 03:52:10 1-Remote Queue: 0 files 0 bytes
    + 2021.10.13 03:52:10 1-Session ended (0 sent, 0 rcvd, 0 skip)
    + 2021.10.13 03:52:10 Polled 1 systems

    --------------------- POLL v1.12 A47 2021/09/29 Wed, Oct 13 2021 (loglevel 1) + 2021.10.13 03:52:21 Poll BINKP node via address lookup: 21:1/100
    + 2021.10.13 03:52:21 1-Polling 21:1/100 on slot 1 via BINKP
    + 2021.10.13 03:52:21 1-Connecting to agency.bbs.nz on port 24556
    + 2021.10.13 03:52:21 1-Using address 2001:0470:000D:0123::0200
    + 2021.10.13 03:52:27 1-Unable to connect
    + 2021.10.13 03:52:28 Polled 1 systems


    Jay

    ... Today is the first day of the rest of the mess.

    --- Mystic BBS v1.12 A47 2021/09/29 (Raspberry Pi/32)
    * Origin: Northern Realms (21:3/110)
  • From Warpslide@21:3/110 to Avon on Wed Oct 13 04:12:30 2021
    On 13 Oct 2021, Avon said the following...

    This also means 21:1/101 should be reachable via IPv6 as is 3:770/1

    Just tried our connectoin to 3:770/1 as well and it's also working:

    --------------------- POLL v1.12 A47 2021/09/29 Wed, Oct 13 2021 (loglevel 1) + 2021.10.13 04:10:13 Sending to all nodes of session type ALL
    + 2021.10.13 04:10:13 Queued 1 files (305 bytes) for 3:770/1
    + 2021.10.13 04:10:13 1-Polling 3:770/1 on slot 1 via BINKP
    + 2021.10.13 04:10:13 1-Connecting to agency.bbs.nz on port 24554
    + 2021.10.13 04:10:13 1-Using address 2001:0470:000D:0123::0200
    + 2021.10.13 04:10:13 1-Connected by IPV6 to 2001:0470:000D:0123::0200
    + 2021.10.13 04:10:19 1-System Agency + Risa HUB
    + 2021.10.13 04:10:19 1-SysOp Paul Hayton
    + 2021.10.13 04:10:19 1-Location Dunedin, New Zealand
    + 2021.10.13 04:10:19 1-Mailer binkd/1.1a-112/Linux binkp/1.1
    + 2021.10.13 04:10:19 1-Sending: 07d68ce4.pkt (305 bytes)
    + 2021.10.13 04:10:20 1-Session ended (1 sent, 0 rcvd, 0 skip)
    + 2021.10.13 04:10:20 Polled 1 systems


    Jay

    ... Da trouble wit computers is, dey got no sense of humor.

    --- Mystic BBS v1.12 A47 2021/09/29 (Raspberry Pi/32)
    * Origin: Northern Realms (21:3/110)
  • From Oli@21:3/102 to Avon on Wed Oct 13 16:27:06 2021
    Avon wrote (2021-10-13):

    After much ado I think I have finally sorted IPv6 connectivity to the
    1/100 HUB.

    This also means 21:1/101 should be reachable via IPv6 as is 3:770/1

    πŸŽ‰ πŸ€ͺ πŸ₯³

    ---
    * Origin: 1995| Invention of the Cookie. The End. (21:3/102)
  • From Avon@21:1/101 to Warpslide on Thu Oct 14 17:08:55 2021
    On 13 Oct 2021 at 03:56a, Warpslide pondered and said...

    Yup, looks reachable now from my end, except for port 24556:

    Thanks Jay.

    I'll check on this over the coming hours and post again when I think 24556 via IPv6 might be up.

    --- Mystic BBS v1.12 A47 2021/09/29 (Linux/64)
    * Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (21:1/101)
  • From Avon@21:1/101 to Warpslide on Thu Oct 14 17:09:15 2021
    On 13 Oct 2021 at 04:12a, Warpslide pondered and said...

    This also means 21:1/101 should be reachable via IPv6 as is 3:770/1

    Just tried our connectoin to 3:770/1 as well and it's also working:

    --------------------- POLL v1.12 A47 2021/09/29 Wed, Oct 13 2021 (loglevel 1) + 2021.10.13 04:10:13 Sending to all nodes of session type ALL + 2021.10.13 04:10:13 Queued 1 files (305 bytes) for 3:770/1
    + 2021.10.13 04:10:13 1-Polling 3:770/1 on slot 1 via BINKP
    + 2021.10.13 04:10:13 1-Connecting to agency.bbs.nz on port 24554

    coolio, thanks! :)

    --- Mystic BBS v1.12 A47 2021/09/29 (Linux/64)
    * Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (21:1/101)
  • From Avon@21:1/101 to Oli on Thu Oct 14 17:09:28 2021
    On 13 Oct 2021 at 04:27p, Oli pondered and said...

    πŸŽ‰ πŸ€ͺ πŸ₯³

    ???

    --- Mystic BBS v1.12 A47 2021/09/29 (Linux/64)
    * Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (21:1/101)
  • From deon@21:2/116 to Avon on Thu Oct 14 16:31:04 2021
    Re: Re: 21:1/100
    By: Avon to Oli on Thu Oct 14 2021 05:09 pm

    ¨ ¨ ¨

    ???

    I'm assuming you are seeing question marks or strange characters.

    In a UTF-8 terminal, they are icons :)


    ...λξεο
    --- SBBSecho 3.14-Linux
    * Origin: I'm playing with ANSI+videotex - wanna play too? (21:2/116)
  • From Oli@21:3/102 to Avon on Thu Oct 14 10:00:28 2021
    Avon wrote (2021-10-14):

    On 13 Oct 2021 at 04:27p, Oli pondered and said...

    πŸŽ‰ πŸ€ͺ πŸ₯³

    ???

    it's emojiish for exciting / very good / time to celebrate / party on

    ---
    * Origin: 1995| Invention of the Cookie. The End. (21:3/102)
  • From Avon@21:1/101 to deon on Thu Oct 14 22:05:27 2021
    On 14 Oct 2021 at 04:31p, deon pondered and said...

    I'm assuming you are seeing question marks or strange characters.

    In a UTF-8 terminal, they are icons :)

    figured it must be something like that.. yep it looks funny on my screen

    --- Mystic BBS v1.12 A47 2021/09/29 (Linux/64)
    * Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (21:1/101)
  • From Avon@21:1/101 to Oli on Thu Oct 14 22:06:53 2021
    On 14 Oct 2021 at 10:00a, Oli pondered and said...

    it's emojiish for exciting / very good / time to celebrate / party on

    thanks sir.. indeed!

    now to try and get the secure stuff working on 24553 .. not yet sure how ;-)

    --- Mystic BBS v1.12 A47 2021/09/29 (Linux/64)
    * Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (21:1/101)
  • From Oli@21:3/102 to Avon on Thu Oct 14 11:14:42 2021
    Avon wrote (2021-10-14):

    On 14 Oct 2021 at 10:00a, Oli pondered and said...

    it's emojiish for exciting / very good / time to celebrate / party
    on

    thanks sir.. indeed!

    now to try and get the secure stuff working on 24553 .. not yet sure how ;-)

    nginx!

    ---
    * Origin: 1995| Invention of the Cookie. The End. (21:3/102)
  • From Oli@21:3/102 to Avon on Thu Oct 14 11:41:46 2021
    Avon wrote (2021-10-14):

    On 14 Oct 2021 at 10:00a, Oli pondered and said...

    it's emojiish for exciting / very good / time to celebrate / party
    on

    thanks sir.. indeed!

    now to try and get the secure stuff working on 24553 .. not yet sure how ;-)

    # apt-get install nginx

    then add the following to /etc/nginx.conf

    stream {
    server {
    listen 24553 ssl;
    listen [::]:24553 ssl;
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_certificate /srv/certs/fidonet-rsa.key;
    ssl_certificate_key /srv/certs/fidonet-rsa.crt;
    ssl_certificate /srv/certs/fidonet-ed25519.key;
    ssl_certificate_key /srv/certs/fidonet-ed25519.crt;
    proxy_pass 127.0.0.1:24554;
    }
    }

    You also need to create a cert (can be self-signed). Of course you can put the certs in any path you like.

    ecdsa cert:
    $ openssl genpkey -algorithm ed25519 > fidonet-ed25519.key
    $ openssl req -new -x509 -nodes -days 1200 -key fidonet-ed25519.key -out fidonet-ed25519.crt -text -subj "/CN=localhost"

    rsa cert:
    openssl req -new -newkey rsa -days 1200 -nodes -x509 -keyout fidonet-rsa.key -out fidonet-rsa.crt -text -subj "/CN=localhost"

    Alternatively use a letsencrypt cert.

    restart nginx:

    $ systemctl restart nginx

    ---
    * Origin: 1995| Invention of the Cookie. The End. (21:3/102)
  • From Warpslide@21:3/110 to deon on Thu Oct 14 07:05:27 2021
    On 14 Oct 2021, deon said the following...

    Re: Re: 21:1/100
    By: Avon to Oli on Thu Oct 14 2021 05:09 pm

    ¨ ¨ ¨

    ???

    I'm assuming you are seeing question marks or strange characters.

    Yup, in Mystic it looks like trying to BBS over a modem during a lightning storm... ;)

    https://ibb.co/k170Cwr


    Jay

    ... Honeymoon - the morning after the knot before.

    --- Mystic BBS v1.12 A47 2021/09/29 (Raspberry Pi/32)
    * Origin: Northern Realms (21:3/110)
  • From Oli@21:3/102 to Warpslide on Thu Oct 14 13:14:21 2021
    Warpslide wrote (2021-10-14):


    _ _ _

    ???

    I'm assuming you are seeing question marks or strange characters.

    Yup, in Mystic it looks like trying to BBS over a modem during a
    lightning storm... ;)

    https://ibb.co/k170Cwr

    Looks like UTF-8 displayed as CP437. Doesn't Mystic have any UTF-8 support?

    ---
    * Origin: 1995| Invention of the Cookie. The End. (21:3/102)
  • From Avon@21:1/101 to Warpslide on Fri Oct 15 19:09:53 2021
    On 13 Oct 2021 at 03:56a, Warpslide pondered and said...

    On 13 Oct 2021, Avon said the following...

    After much ado I think I have finally sorted IPv6 connectivity to the 1/100 HUB.

    Yup, looks reachable now from my end, except for port 24556:

    Hi Jay

    Can you test 24556 IPv6 please. I think this is now sorted.

    --- Mystic BBS v1.12 A47 2021/09/29 (Linux/64)
    * Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (21:1/101)
  • From Avon@21:1/101 to Oli on Fri Oct 15 19:24:49 2021

    On 14 Oct 2021 at 11:41a, Oli pondered and said...

    now to try and get the secure stuff working on 24553 .. not yet sure h ;-)

    # apt-get install nginx

    done this bit.

    then add the following to /etc/nginx.conf

    stream {
    server {
    listen 24553 ssl;
    listen [::]:24553 ssl;
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_certificate /srv/certs/fidonet-rsa.key;
    ssl_certificate_key /srv/certs/fidonet-rsa.crt;
    ssl_certificate /srv/certs/fidonet-ed25519.key;
    ssl_certificate_key /srv/certs/fidonet-ed25519.crt;
    proxy_pass 127.0.0.1:24554;
    }
    }

    OK done, but commented out for now while I sort the certs.

    Question, what is /srv dir for? This sort of stuff?

    You also need to create a cert (can be self-signed). Of course you can
    put the certs in any path you like.

    OK, so not /srv necessarily?

    ecdsa cert:
    $ openssl genpkey -algorithm ed25519 > fidonet-ed25519.key
    $ openssl req -new -x509 -nodes -days 1200 -key fidonet-ed25519.key -out fidonet-ed25519.crt -text -subj "/CN=localhost"

    rsa cert:
    openssl req -new -newkey rsa -days 1200 -nodes -x509 -keyout fidonet-rsa.key -out fidonet-rsa.crt -text -subj "/CN=localhost"

    I know little about this (yet) but am I correct to assume a Lets Encrypt cert would be better / more well known? Not sure I am stating this correctly.

    Why for the self signed stuff 1200 days? If I created self signed stuff how could anyone trust it compared to something like Lets Encrypt that is third party?

    Alternatively use a letsencrypt cert.

    Something I'm thinking (will wait until I hear from you) may be the better way to go? Also something I have not ever done but would like to learn how etc. :)

    restart nginx:

    $ systemctl restart nginx


    OK will hold off that until I sort the certs.

    Will I also need to have something configured in BinkD to talk to nginx?

    I'd better read the nginx man.

    --- Mystic BBS v1.12 A47 2021/09/29 (Linux/64)
    * Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (21:1/101)
  • From Oli@21:3/102 to Avon on Fri Oct 15 08:12:05 2021
    Avon wrote (2021-10-15):

    then add the following to /etc/nginx.conf

    stream {
    server {
    listen 24553 ssl;
    listen [::]:24553 ssl;
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_certificate /srv/certs/fidonet-rsa.key;
    ssl_certificate_key /srv/certs/fidonet-rsa.crt;
    ssl_certificate /srv/certs/fidonet-ed25519.key;
    ssl_certificate_key /srv/certs/fidonet-ed25519.crt;
    proxy_pass 127.0.0.1:24554;
    }
    }

    OK done, but commented out for now while I sort the certs.

    Without TLS it would look like this (for testing purposes):

    stream {
    server {
    listen 24553;
    listen [::]:24553;
    proxy_pass 127.0.0.1:24554;
    }
    }

    Question, what is /srv dir for? This sort of stuff?

    You also need to create a cert (can be self-signed). Of course you
    can put the certs in any path you like.

    OK, so not /srv necessarily?

    This was just the path were I put my certs. You could use /etc/nginx/certs or /etc/ssl ...

    I know little about this (yet) but am I correct to assume a Lets Encrypt cert would be better / more well known? Not sure I am stating this correctly.

    Yes and no. AFAIK none of the Fidonet mailers check if it's Letsencrypt or self-signed.

    Why for the self signed stuff 1200 days?

    No particular reason.

    If I created self signed stuff
    how could anyone trust it compared to something like Lets Encrypt that is third party?

    TOFU, trust on first use. It's also not that important, if you make CRAM-MD5 and CRYPT mandatory, because the password is not transmitted in cleartext and CRYPT is kind of authentication of the remote site.

    Alternatively use a letsencrypt cert.

    Something I'm thinking (will wait until I hear from you) may be the
    better way to go? Also something I have not ever done but would like to learn how etc. :)

    There is nothing wrong with using letsencrypt, if you want to. Self-signed also will work fine. Just choose one and don't overthink it ... ;P

    I will write more later why I prefer self-signed certs.

    restart nginx:

    $ systemctl restart nginx


    OK will hold off that until I sort the certs.

    $ nginx -t
    is also very helpful for testing the config (it doesn't start nginx).

    Will I also need to have something configured in BinkD to talk to nginx?

    No. nginx talks to binkd. Or do you mean to make a poll from binkd to another TLS node?

    I'd better read the nginx man.

    and maybe disable the default http server by deleting /etc/nginx/sites-enabled/default, which is just a symlink to /etc/nginx/sites-available/default.

    ---
    * Origin: 1995| Invention of the Cookie. The End. (21:3/102)
  • From Warpslide@21:3/110 to Avon on Fri Oct 15 06:24:00 2021
    On 15 Oct 2021, Avon said the following...

    Can you test 24556 IPv6 please. I think this is now sorted.

    --------------------- POLL v1.12 A47 2021/09/29 Fri, Oct 15 2021 (loglevel 1) + 2021.10.15 06:16:56 Poll BINKP node via address lookup: 21:1/100
    + 2021.10.15 06:16:56 1-Polling 21:1/100 on slot 1 via BINKP
    + 2021.10.15 06:16:56 1-Connecting to agency.bbs.nz on port 24556
    + 2021.10.15 06:16:56 1-Using address 2001:0470:000D:0123::0200
    + 2021.10.15 06:16:56 1-Connected by IPV6 to 2001:0470:000D:0123::0200
    + 2021.10.15 06:17:03 1-System Agency + Risa HUB
    + 2021.10.15 06:17:03 1-SysOp Paul Hayton
    + 2021.10.15 06:17:03 1-Location Dunedin, New Zealand
    + 2021.10.15 06:17:03 1-Mailer binkd/1.1a-112/Linux binkp/1.1
    + 2021.10.15 06:17:03 1-Authorization failed
    + 2021.10.15 06:17:03 Polled 1 systems


    It works! Here's some fireworks to celibate! :)

    .''.
    .''. *''* :_\/_: .
    :_\/_: . .:.*_\/_* : /\ : .'.:.'.
    .''.: /\ : _\(/_ ':'* /\ * : '..'. -=:o:=-
    :_\/_:'.:::. /)\*''* .|.* '.\'/.'_\(/_'.':'.'
    : /\ : ::::: '*_\/_* | | -= o =- /)\ ' *
    '..' ':::' * /\ * |'| .'/.\'. '._____
    * __*..* | | : |. |' .---"|
    _* .-' '-. | | .--'| || | _| |
    .-'| _.| | || '-__ | | | || |
    |' | |. | || | | | | || |
    ___| '-' ' "" '-' '-.' '` |____ jgs~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


    Jay

    ... Gravity doesn`t exist: the earth sucks.

    --- Mystic BBS v1.12 A47 2021/09/29 (Raspberry Pi/32)
    * Origin: Northern Realms (21:3/110)
  • From Avon@21:1/101 to Warpslide on Sun Oct 17 09:58:08 2021
    On 15 Oct 2021 at 06:24a, Warpslide pondered and said...

    It works! Here's some fireworks to celibate! :)

    Thanks and nice ACSII too :)

    --- Mystic BBS v1.12 A47 2021/09/29 (Linux/64)
    * Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (21:1/101)
  • From Avon@21:1/101 to Oli on Sun Oct 17 15:00:15 2021
    On 15 Oct 2021 at 08:12a, Oli pondered and said...

    OK will hold off that until I sort the certs.

    $ nginx -t
    is also very helpful for testing the config (it doesn't start nginx).

    Have sent you a netmail. The certs don't seem to be trusted.

    --- Mystic BBS v1.12 A47 2021/09/29 (Linux/64)
    * Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (21:1/101)
  • From Oli@21:3/102 to Avon on Sun Oct 17 07:27:57 2021
    Avon wrote (2021-10-17):

    On 15 Oct 2021 at 08:12a, Oli pondered and said...

    OK will hold off that until I sort the certs.

    $ nginx -t
    is also very helpful for testing the config (it doesn't start
    nginx).

    Have sent you a netmail. The certs don't seem to be trusted.

    The example configuration was wrong, I swapped key and crt files.

    wrong, this cannot work:
    ssl_certificate /srv/certs/fidonet-rsa.key;
    ssl_certificate_key /srv/certs/fidonet-rsa.crt;
    ssl_certificate /srv/certs/fidonet-ed25519.key;
    ssl_certificate_key /srv/certs/fidonet-ed25519.crt;


    should be:
    ssl_certificate /srv/certs/fidonet-rsa.crt;
    ssl_certificate_key /srv/certs/fidonet-rsa.key;
    ssl_certificate /srv/certs/fidonet-ed25519.crt;
    ssl_certificate_key /srv/certs/fidonet-ed25519.key;

    ---
    * Origin: 1995| Invention of the Cookie. The End. (21:3/102)
  • From Avon@21:1/101 to Oli on Mon Oct 18 21:01:23 2021
    On 17 Oct 2021 at 07:27a, Oli pondered and said...

    Have sent you a netmail. The certs don't seem to be trusted.

    The example configuration was wrong, I swapped key and crt files.

    thanks, will circle back to this soon, just been doing some NET admin tonight, pruning nodes that have been inactive.

    --- Mystic BBS v1.12 A47 2021/09/29 (Linux/64)
    * Origin: Agency BBS | Dunedin, New Zealand | agency.bbs.nz (21:1/101)