| German | English |
|---|---|
| Lineare Führungsschiene | Linear Guide Rail |
| Gleitwagen | Sliding carriage |
| Radialkugellager | radial ball bearing |
| Linearkugellager | linear ball bearing |
| Linearwelle/Linearachse | linear shaft |
| Kugelgewindespindel | ballscrew |
| Kugelumlaufmutter | ball nut |
 |
 |
 |
 |
 |
 |
dd if=FreeBSD-13.0-RELEASE-amd64-memstick.img of=/dev/da0 bs=1M conv=sync
Use a FreeBSD system (old version) on APU:
1. single user mode: press 2
2. fsck -y
3. mount -u /
4. mount -a
5. passwd
6. reboot
# gpart show
=> 34 31277165 ada0 GPT (15G)
34 1024 1 freebsd-boot (512K)
1058 29359104 2 freebsd-ufs (14G)
29360162 1564672 3 freebsd-swap (764M)
30924834 352365 - free - (172M)
=> 1 15728639 da1 MBR (7.5G)
1 66584 1 !239 (33M)
66585 2064080 2 freebsd [active] (1.0G)
2130665 13597975 - free - (6.5G)
=> 0 2064080 da1s2 BSD (1.0G)
0 16 - free - (8.0K)
16 2064064 1 freebsd-ufs (1.0G)
# mount /dev/da1s2a /mnt
# vi /mnt/boot/loader.conf
vfs.mountroot.timeout="10"
kernels_autodetect="NO"
comconsole_speed="115200"
console="comconsole"
[...]
Please choose the appropriate terminal type for your system.
Common console types are:
ansi Standard ANSI terminal
vt100 VT100 or compatible terminal
xterm xterm terminal emulator (or compatible)
cons25w cons25w terminal
Console type [vt100]: vt100
How To Reset Or Recover Root Password On FreeBSD 10
---<<BOOT>>---
Copyright (c) 1992-2021 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 13.0-RELEASE #0 releng/13.0-n244733-ea31abc261f: Fri Apr 9 04:24:09 UTC 2021
root@releng1.nyi.freebsd.org:/usr/obj/usr/src/amd64.amd64/sys/GENERIC amd64
FreeBSD clang version 11.0.1 (git@github.com:llvm/llvm-project.git llvmorg-11.0.1-0-g43ff75f2c3fe)
VT(vga): resolution 640x480
CPU: AMD G-T40E Processor (1000.02-MHz K8-class CPU)
Origin="AuthenticAMD" Id=0x500f20 Family=0x14 Model=0x2 Stepping=0
Features=0x178bfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,MMX,FXSR,SSE,SSE2,HTT>
Features2=0x802209<SSE3,MON,SSSE3,CX16,POPCNT>
AMD Features=0x2e500800<SYSCALL,NX,MMX+,FFXSR,Page1GB,RDTSCP,LM>
AMD Features2=0x35ff<LAHF,CMP,SVM,ExtAPIC,CR8,ABM,SSE4A,MAS,Prefetch,IBS,SKINIT,WDT>
SVM: NP,NRIP,NAsids=8
TSC: P-state invariant, performance statistics
real memory = 4815060992 (4592 MB)
avail memory = 4086845440 (3897 MB)
Event timer "LAPIC" quality 100
ACPI APIC Table: <CORE COREBOOT>
FreeBSD/SMP: Multiprocessor System Detected: 2 CPUs
FreeBSD/SMP: 1 package(s) x 2 core(s)
random: unblocking device.
ioapic0 <Version 2.1> irqs 0-23
Launching APs: 1
Timecounter "TSC" frequency 1000021804 Hz quality 800
KTLS: Initialized 2 threads
random: entropy device external interface
000.000019 [4354] netmap_init netmap: loaded module
[ath_hal] loaded
WARNING: Device "kbd" is Giant locked and may be deleted before FreeBSD 14.0.
kbd0 at kbdmux0
mlx5en: Mellanox Ethernet driver 3.6.0 (December 2020)
nexus0
vtvga0: <VT VGA driver>
cryptosoft0: <software crypto>
aesni0: No AES or SHA support.
acpi0: <CORE COREBOOT>
acpi0: Power Button (fixed)
cpu0: <ACPI CPU> on acpi0
atrtc0: <AT realtime clock> port 0x70-0x71 irq 8 on acpi0
atrtc0: registered as a time-of-day clock, resolution 1.000000s
Event timer "RTC" frequency 32768 Hz quality 0
attimer0: <AT timer> port 0x40-0x43 irq 0 on acpi0
Timecounter "i8254" frequency 1193182 Hz quality 0
Event timer "i8254" frequency 1193182 Hz quality 100
hpet0: <High Precision Event Timer> iomem 0xfed00000-0xfed003ff on acpi0
Timecounter "HPET" frequency 14318180 Hz quality 950
Event timer "HPET" frequency 14318180 Hz quality 550
Event timer "HPET1" frequency 14318180 Hz quality 450
Timecounter "ACPI-fast" frequency 3579545 Hz quality 900
acpi_timer0: <32-bit timer at 3.579545MHz> port 0x808-0x80b on acpi0
apei0: <ACPI Platform Error Interface> on acpi0
pcib0: <ACPI Host-PCI bridge> port 0xcf8-0xcff on acpi0
pci0: <ACPI PCI bus> on pcib0
pcib1: <ACPI PCI-PCI bridge> irq 16 at device 4.0 on pci0
pci1: <ACPI PCI bus> on pcib1
re0: <RealTek 8168/8111 B/C/CP/D/DP/E/F/G PCIe Gigabit Ethernet> port 0x1000-0x10ff mem 0xf7900000-0xf7900fff,0xf7800000-0xf7803fff irq 16 at device 0.0 on pci1
re0: Using 1 MSI-X message
re0: ASPM disabled
re0: Chip rev. 0x2c000000
re0: MAC rev. 0x00200000
miibus0: <MII bus> on re0
rgephy0: <RTL8169S/8110S/8211 1000BASE-T media interface> PHY 1 on miibus0
rgephy0: none, 10baseT, 10baseT-FDX, 10baseT-FDX-flow, 100baseTX, 100baseTX-FDX, 100baseTX-FDX-flow, 1000baseT, 1000baseT-master, 1000baseT-FDX, 1000baseT-FDX-master, 1000baseT-FDX-flow, 1000baseT-FDX-flow-master, auto, auto-flow
re0: Using defaults for TSO: 65518/35/2048
re0: Ethernet address: 00:0d:b9:35:88:b4
re0: netmap queues/slots: TX 1/256, RX 1/256
pcib2: <ACPI PCI-PCI bridge> irq 17 at device 5.0 on pci0
pci2: <ACPI PCI bus> on pcib2
re1: <RealTek 8168/8111 B/C/CP/D/DP/E/F/G PCIe Gigabit Ethernet> port 0x2000-0x20ff mem 0xf7b00000-0xf7b00fff,0xf7a00000-0xf7a03fff irq 17 at device 0.0 on pci2
re1: Using 1 MSI-X message
re1: ASPM disabled
re1: Chip rev. 0x2c000000
re1: MAC rev. 0x00200000
miibus1: <MII bus> on re1
rgephy1: <RTL8169S/8110S/8211 1000BASE-T media interface> PHY 1 on miibus1
rgephy1: none, 10baseT, 10baseT-FDX, 10baseT-FDX-flow, 100baseTX, 100baseTX-FDX, 100baseTX-FDX-flow, 1000baseT, 1000baseT-master, 1000baseT-FDX, 1000baseT-FDX-master, 1000baseT-FDX-flow, 1000baseT-FDX-flow-master, auto, auto-flow
re1: Using defaults for TSO: 65518/35/2048
re1: Ethernet address: 00:0d:b9:35:88:b5
re1: netmap queues/slots: TX 1/256, RX 1/256
pcib3: <ACPI PCI-PCI bridge> irq 18 at device 6.0 on pci0
pci3: <ACPI PCI bus> on pcib3
re2: <RealTek 8168/8111 B/C/CP/D/DP/E/F/G PCIe Gigabit Ethernet> port 0x3000-0x30ff mem 0xf7d00000-0xf7d00fff,0xf7c00000-0xf7c03fff irq 18 at device 0.0 on pci3
re2: Using 1 MSI-X message
re2: ASPM disabled
re2: Chip rev. 0x2c000000
re2: MAC rev. 0x00200000
miibus2: <MII bus> on re2
rgephy2: <RTL8169S/8110S/8211 1000BASE-T media interface> PHY 1 on miibus2
rgephy2: none, 10baseT, 10baseT-FDX, 10baseT-FDX-flow, 100baseTX, 100baseTX-FDX, 100baseTX-FDX-flow, 1000baseT, 1000baseT-master, 1000baseT-FDX, 1000baseT-FDX-master, 1000baseT-FDX-flow, 1000baseT-FDX-flow-master, auto, auto-flow
re2: Using defaults for TSO: 65518/35/2048
re2: Ethernet address: 00:0d:b9:35:88:b6
re2: netmap queues/slots: TX 1/256, RX 1/256
pcib4: <ACPI PCI-PCI bridge> irq 19 at device 7.0 on pci0
pci4: <ACPI PCI bus> on pcib4
ath0: <Atheros 9280> at device 0.0 on pci4
[ath] enabling AN_TOP2_FIXUP
ath0: [HT] enabling HT modes
ath0: [HT] 1 stream STBC receive enabled
ath0: [HT] 1 stream STBC transmit enabled
ath0: [HT] 2 RX streams; 2 TX streams
ath0: AR9280 mac 128.2 RF5133 phy 13.0
ath0: 2GHz radio: 0x0000; 5GHz radio: 0x00c0
ahci0: <AMD SB7x0/SB8x0/SB9x0 AHCI SATA controller> port 0x4010-0x4017,0x4020-0x4023,0x4018-0x401f,0x4024-0x4027,0x4000-0x400f mem 0xf7f04000-0xf7f043ff irq 19 at device 17.0 on pci0
ahci0: AHCI v1.20 with 6 6Gbps ports, Port Multiplier supported
ahci0: quirks=0x22000<ATI_PMP_BUG,1MSI>
ahcich0: <AHCI channel> at channel 0 on ahci0
ahcich1: <AHCI channel> at channel 1 on ahci0
ahcich2: <AHCI channel> at channel 2 on ahci0
ahcich3: <AHCI channel> at channel 3 on ahci0
ahcich4: <AHCI channel> at channel 4 on ahci0
ahcich5: <AHCI channel> at channel 5 on ahci0
ohci0: <AMD SB7x0/SB8x0/SB9x0 USB controller> mem 0xf7f00000-0xf7f00fff irq 18 at device 18.0 on pci0
usbus0 on ohci0
usbus0: 12Mbps Full Speed USB v1.0
ehci0: <AMD SB7x0/SB8x0/SB9x0 USB 2.0 controller> mem 0xf7f04400-0xf7f044ff irq 17 at device 18.2 on pci0
usbus1: EHCI version 1.0
usbus1 on ehci0
usbus1: 480Mbps High Speed USB v2.0
ohci1: <AMD SB7x0/SB8x0/SB9x0 USB controller> mem 0xf7f01000-0xf7f01fff irq 18 at device 19.0 on pci0
usbus2 on ohci1
usbus2: 12Mbps Full Speed USB v1.0
ehci1: <AMD SB7x0/SB8x0/SB9x0 USB 2.0 controller> mem 0xf7f04500-0xf7f045ff irq 17 at device 19.2 on pci0
usbus3: EHCI version 1.0
usbus3 on ehci1
usbus3: 480Mbps High Speed USB v2.0
isab0: <PCI-ISA bridge> at device 20.3 on pci0
isa0: <ISA bus> on isab0
pcib5: <ACPI PCI-PCI bridge> at device 20.4 on pci0
pci5: <ACPI PCI bus> on pcib5
ohci2: <AMD SB7x0/SB8x0/SB9x0 USB controller> mem 0xf7f02000-0xf7f02fff irq 18 at device 20.5 on pci0
usbus4 on ohci2
usbus4: 12Mbps Full Speed USB v1.0
pcib6: <ACPI PCI-PCI bridge> at device 21.0 on pci0
pci6: <ACPI PCI bus> on pcib6
ohci3: <AMD SB7x0/SB8x0/SB9x0 USB controller> mem 0xf7f03000-0xf7f03fff at device 22.0 on pci0
usbus5 on ohci3
usbus5: 12Mbps Full Speed USB v1.0
ehci2: <AMD SB7x0/SB8x0/SB9x0 USB 2.0 controller> mem 0xf7f04600-0xf7f046ff at device 22.2 on pci0
usbus6: EHCI version 1.0
usbus6 on ehci2
usbus6: 480Mbps High Speed USB v2.0
acpi_button0: <Power Button> on acpi0
orm0: <ISA Option ROM> at iomem 0xee800-0xeffff pnpid ORM0000 on isa0
uart0: <16550 or compatible> at port 0x3f8 irq 4 flags 0x10 on isa0
uart0: console (115200,n,8,1)
uart0: non-PNP ISA device will be removed from GENERIC in FreeBSD 14.
uart1: <16550 or compatible> at port 0x2f8 irq 3 on isa0
uart1: non-PNP ISA device will be removed from GENERIC in FreeBSD 14.
Timecounters tick every 1.000 msec
Trying to mount root from ufs:/dev/ada0a [rw]...
ugen5.1: <ATI OHCI root HUB> at usbus5
ugen6.1: <ATI EHCI root HUB> at usbus6
uhub0 on usbus5
uhub1 on usbus6
uhub0: <ATI OHCI root HUB, class 9/0, rev 1.00/1.00, addr 1> on usbus5
uhub1: <ATI EHCI root HUB, class 9/0, rev 2.00/1.00, addr 1> on usbus6
ugen3.1: <ATI EHCI root HUB> at usbus3
ugen4.1: <ATI OHCI root HUB> at usbus4
uhub2 on usbus3
uhub3 on usbus4
uhub2: <ATI EHCI root HUB, class 9/0, rev 2.00/1.00, addr 1> on usbus3
uhub3: <ATI OHCI root HUB, class 9/0, rev 1.00/1.00, addr 1> on usbus4
ugen1.1: <ATI EHCI root HUB> at usbus1
ugen2.1: <ATI OHCI root HUB> at usbus2
uhub4 on usbus1
uhub4: <ATI EHCI root HUB, class 9/0, rev 2.00/1.00, addr 1> on usbus1
Root mount waiting for:uhub5 CAM usbus0 on usbus2
usbus1 usbus2uhub5: <ATI OHCI root HUB, class 9/0, rev 1.00/1.00, addr 1> on usbus2
usbus3 usbus4ugen0.1: <ATI OHCI root HUB> at usbus0
usbus5 usbus6
uhub6ada0 at ahcich0 bus 0 scbus0 target 0 lun 0
ada0: <SB mSATA SSD S9FM01.8> ACS-3 ATA SATA 3.x device
ada0: Serial Number DDDF074704EE00609569
ada0: 600.000MB/s transfers (SATA 3.x, UDMA6, PIO 8192bytes)
ada0: Command Queueing enabled
ada0: 14318MB (29323728 512 byte sectors)
on usbus0
uhub6: <ATI OHCI root HUB, class 9/0, rev 1.00/1.00, addr 1> on usbus0
uhub3: 2 ports with 2 removable, self powered
uhub0: 4 ports with 4 removable, self powered
uhub5: 5 ports with 5 removable, self powered
uhub6: 5 ports with 5 removable, self powered
Root mount waiting for: usbus1 usbus3 usbus6
uhub1: 4 ports with 4 removable, self powered
uhub2: 5 ports with 5 removable, self powered
uhub4: 5 ports with 5 removable, self powered
ugen6.2: <Generic Flash Card Reader/Writer> at usbus6
umass0 on uhub1
umass0: <Generic Flash Card Reader/Writer, class 0/0, rev 2.01/1.00, addr 2> on usbus6
umass0: SCSI over Bulk-Only; quirks = 0x4001
umass0:6:0: Attached to scbus6
Root mount waiting for: CAM
da0 at umass-sim0 bus 0 scbus6 target 0 lun 0
da0: <Multiple Card Reader 1.00> Removable Direct Access SPC-2 SCSI device
da0: Serial Number 058F63666485
da0: 40.000MB/s transfers
da0: Attempt to query device size failed: NOT READY, Medium not present
da0: quirks=0x2<NO_6_BYTE>
mountroot: waiting for device /dev/ada0a...
Setting hostuuid: e200cc64-e8ce-11eb-bbfd-000db93588b4.
Setting hostid: 0x9649dd3c.
Starting file system checks:
/dev/ada0a: FILE SYSTEM CLEAN; SKIPPING CHECKS
/dev/ada0a: clean, 2807402 free (682 frags, 350840 blocks, 0.0% fragmentation)
Mounting local filesystems:.
ELF ldconfig path: /lib /usr/lib /usr/lib/compat
32-bit compatibility ldconfig path: /usr/lib32
Setting hostname: router.
Setting up harvesting: [UMA],[FS_ATIME],SWI,INTERRUPT,NET_NG,[NET_ETHER],NET_TUN,MOUSE,KEYBOARD,ATTACH,CACHED
Feeding entropy: .
Autoloading module: intpm.ko
intsmb0: <AMD SB600/7xx/8xx/9xx SMBus Controller> at device 20.0 on pci0
smbus0: <System Management Bus> on intsmb0
lo0: link state changed to UP
re0: link state changed to DOWN
Starting Network: lo0 re0 re1 re2.
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> metric 0 mtu 16384
options=680003<RXCSUM,TXCSUM,LINKSTATE,RXCSUM_IPV6,TXCSUM_IPV6>
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
inet 127.0.0.1 netmask 0xff000000
groups: lo
nd6 options=21<PERFORMNUD,AUTO_LINre1: link state changed to DOWN
KLOCAL>
re0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_Hre2: link state changed to DOWN
WTAGGING,VLAN_HWCSUM,WOL_MAGIC,LINKSTATE>
ether 00:0d:b9:35:88:b4
inet 192.168.0.1 netmask 0xffffff00 broadcast 192.168.0.255
media: Ethernet autoselect (none)
status: no carrier
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
re1: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,LINKSTATE>
ether 00:0d:b9:35:88:b5
media: Ethernet autoselect (10baseT/UTP <half-duplex>)
status: no carrier
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
re2: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,LINKSTATE>
ether 00:0d:b9:35:88:b6
media: Ethernet autoselect (10baseT/UTP <half-duplex>)
status: no carrier
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
Starting devd.
Starting Network: re1.
re1: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,LINKSTATE>
ether 00:0d:b9:35:88:b5
media: Ethernet autoselect (10baseT/UTP <half-duplex>)
status: no carrier
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
Starting Network: re2.
re2: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
options=8209b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,WOL_MAGIC,LINKSTATE>
ether 00:0d:b9:35:88:b6
media: Ethernet autoselect (10baseT/UTP <half-duplex>)
status: no carrier
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
Autoloading module: intpm.ko
add host 127.0.0.1: gateway lo0 fib 0: route already in table
add host ::1: gateway lo0 fib 0: route already in table
add net fe80::: gateway ::1
add net ff02::: gateway ::1
add net ::ffff:0.0.0.0: gateway ::1
add net ::0.0.0.0: gateway ::1
Clearing /tmp (X related).
Creating and/or trimming log files.
Updating motd:.
Updating /var/run/os-release done.
Starting syslogd.
No core dumps found.
Mounting late filesystems:.
Starting sendmail_submit.
Starting sendmail_msp_queue.
Performing sanity check on sshd configuration.
Starting sshd.
Configuring vt: keymap blanktime.
Starting cron.
Starting background file system checks in 60 seconds.
Mon Jul 19 22:23
FreeBSD/amd64 (router) (ttyu0)
# vi /etc/motd.template # service motd restart
# vi /etc/wpa_supplicant.conf
network={
ssid="BACHI.NET"
psk="<PASSWORD>"
}
# vi /etc/rc.conf
wlans_ath0="wlan0"
ifconfig_wlan0="WPA SYNCDHCP"
# service netif restart
Stopping Network: lo0 re0 re1 re2.
[...]
Created wlan(4) interfaces: wlan0.
Starting wpa_supplicant.
Jul 20 09:46:34 router wpa_supplicant[1350]: ioctl[SIOCS80211, op=20, val=0, arg_len=7]: Invalid argument
Starting dhclient.
wlan0: no link .............. giving up
/etc/rc.d/dhclient: WARNING: failed to start dhclient
Starting Network: lo0 re0 re1 re2 wlan0.
[...]
wlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
ether 04:f0:21:0c:2b:a6
groups: wlan
ssid "" channel 165 (5825 MHz 11a)
regdomain FCC country US ecm authmode WPA1+WPA2/802.11i privacy MIXED
deftxkey UNDEF txpower 23 bmiss 7 mcastrate 6 mgmtrate 6 scanvalid 60
wme burst roaming MANUAL bintval 0
parent interface: ath0
media: IEEE 802.11 Wireless Ethernet autoselect (autoselect)
status: no carrier
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
$ ifconfig wlan create wlandev ath0 up
$ wpa_supplicant -B -i wlan0 -c /etc/wpa_supplicant.conf
# ifconfig wlan0 up list scan
SSID/MESH ID BSSID CHAN RATE S:N INT CAPS
Mrvica 5c:dc:96:97:fb:30 1 54M -80:-96 100 EP RSN BSSLOAD HTCAP WPS WME
LOBModem.speed b8:ec:a3:d6:73:1d 48 54M -85:-96 100 EP HTCAP VHTCAP VHTOPMODE VHTPWRENV WME ATH RSN WPS
LOBModem b8:ec:a3:d6:73:1c 5 54M -77:-96 100 EPS HTCAP VHTCAP VHTOPMODE WME ATH RSN WPS
apk-66626 18:d6:c7:cc:3d:90 1 54M -84:-96 100 EP HTCAP WPA RSN WME BSSLOAD
UPC Wi-Free e6:57:40:fe:5d:93 6 54M -85:-96 100 EPS RSN HTCAP WME
Mrvica 5c:dc:96:97:fb:35 36 54M -88:-96 100 EP RSN BSSLOAD HTCAP VHTCAP VHTOPMODE VHTPWRENV WPS WME
UPC1185780 e4:57:40:fe:5d:c3 6 54M -84:-96 100 EPS RSN HTCAP WME WPS
UPC736594E ac:22:05:2e:9a:ca 44 54M -88:-96 100 EPS RSN HTCAP VHTCAP VHTOPMODE VHTPWRENV WPA WME WPS
Demiri 2.4 GhZ e8:df:70:73:09:0a 4 54M -83:-96 100 EPS BSSLOAD HTCAP VHTCAP VHTOPMODE WME ATH WPS RSN
0x000000000000 6a:6c:9a:62:dc:41 11 54M -90:-96 100 EP RSN BSSLOAD HTCAP WME
BACHI.NET not in the list...
Linux:
# sudo iwlist scan
wlp2s0 Scan completed :
Cell 01 - Address: E8:DE:27:90:22:15
Channel:12
Frequency:2.467 GHz (Channel 12)
Quality=58/70 Signal level=-52 dBm
Encryption key:on
ESSID:"BACHI.NET"
Bit Rates:1 Mb/s; 2 Mb/s; 5.5 Mb/s; 11 Mb/s; 9 Mb/s
18 Mb/s; 36 Mb/s; 54 Mb/s
Bit Rates:6 Mb/s; 12 Mb/s; 24 Mb/s; 48 Mb/s
Mode:Master
Extra:tsf=00000035e90e7b2b
Extra: Last beacon: 156ms ago
IE: IEEE 802.11i/WPA2 Version 1
Group Cipher : CCMP
Pairwise Ciphers (1) : CCMP
Authentication Suites (1) : PSK
# ifconfig wlan0 list regdomain
:regdomain FCC country US anywhere ecm
Channel 1 : 2412 MHz 11b Channel 9 : 2452 MHz 11g
[...]
So the regdomain has to be changed!!
From: regdomain FCC country US ecm authmode WPA1+WPA2/802.11i privacy MIXED
To: regdomain ETSI country CH ecm authmode WPA1+WPA2/802.11i
# vi /etc/regdomain.xml
<country id="CH">
<isocc>756</isocc> <name>Switzerland</name> <rd ref="etsi"/>
</country>
# vi /etc/rc.conf
create_args_wlan0="country CH regdomain etsi ssid BACHI.NET"
wlans_ath0="wlan0"
ifconfig_wlan0="WPA SYNCDHCP"
# vi /etc/wpa_supplicant.conf
network={
ssid="BACHI.NET"
scan_ssid=1
proto=WPA RSN
key_mgmt=WPA-PSK
pairwise=CCMP
psk="<PASSWORD>"
}
Jul 20 10:25:29 router wpa_supplicant[3265]: Failed to add supported operating classes IE
# ifconfig wlan0 up list scan
SSID/MESH ID BSSID CHAN RATE S:N INT CAPS
UPC736594E ac:22:05:2e:9a:d9 1 54M -80:-96 100 EP APCHANREP APCHANREP WPA RSN WPS HTCAP WME BSSLOAD
Mrvica 5c:dc:96:97:fb:30 1 54M -72:-96 100 EP RSN BSSLOAD HTCAP WPS WME
UPC Wi-Free e6:57:40:fe:5d:93 6 54M -73:-96 100 EPS RSN HTCAP WME
UPC1185780 e4:57:40:fe:5d:c3 6 54M -74:-96 100 EPS RSN HTCAP WME WPS
LOBModem.speed b8:ec:a3:d6:73:1d 48 54M -86:-96 100 EP HTCAP VHTCAP VHTOPMODE VHTPWRENV WME ATH RSN WPS
LOBModem b8:ec:a3:d6:73:1c 5 54M -80:-96 100 EPS HTCAP VHTCAP VHTOPMODE WME ATH RSN WPS
Drucker a0:04:60:e0:3e:fc 8 54M -79:-96 100 EP RSN HTCAP WPS WME
BACHI.NET e8:de:27:90:22:15 12 54M -76:-96 100 EP HTCAP RSN WME BSSLOAD WPS
# service netif restart
Stopping wpa_supplicant.
Waiting for PIDS: 3265Jul 20 10:27:29 router wpa_supplicant[3265]: ioctl[SIOCS80211, op=20, val=0, arg_len=7]: Can't assign requested address
Stopping Network: lo0 re0 re1 re2 wlan0.
[...]
wlan0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
ether 04:f0:21:0c:2b:a6
groups: wlan
ssid "" channel 12 (2467 MHz 11g ht/20)
regdomain ETSI country CH ecm authmode OPEN privacy OFF txpower 30
bmiss 7 scanvalid 60 protmode CTS ampdulimit 64k ampdudensity 8
shortgi -ldpc -uapsd wme burst
parent interface: ath0
media: IEEE 802.11 Wireless Ethernet autoselect (autoselect)
status: no carrier
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
Destroyed wlan(4) interfaces: wlan0.
Created wlan(4) interfaces: wlan0.
Starting wpa_supplicant.
Jul 20 10:27:30 router wpa_supplicant[3659]: ioctl[SIOCS80211, op=20, val=0, arg_len=7]: Invalid argument
Starting dhclient.
wlan0: no link ........Jul 20 10:27:30 router syslogd: last message repeated 1 times
Jul 20 10:27:36 router wpa_supplicant[3660]: Failed to add supported operating classes IE
got link
DHCPDISCOVER on wlan0 to 255.255.255.255 port 67 interval 6
Jul 20 10:27:37 router dhclient[3678]: send_packet: No buffer space available
DHCPDISCOVER on wlan0 to 255.255.255.255 port 67 interval 16
DHCPOFFER from 10.0.0.1
DHCPREQUEST on wlan0 to 255.255.255.255 port 67
DHCPACK from 10.0.0.1
bound to 10.0.0.201 -- renewal in 300 seconds.
Starting Network: lo0 re0 re1 re2 wlan0.
[...]
wlan0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
ether 04:f0:21:0c:2b:a6
inet 10.0.0.201 netmask 0xff000000 broadcast 10.255.255.255
groups: wlan
ssid BACHI.NET channel 12 (2467 MHz 11g ht/20) bssid e8:de:27:90:22:15
regdomain ETSI country CH ecm authmode WPA2/802.11i privacy ON
deftxkey UNDEF AES-CCM 3:128-bit txpower 30 bmiss 7 scanvalid 60
protmode CTS ampdulimit 64k ampdudensity 4 shortgi -ldpc -uapsd wme
burst roaming MANUAL
parent interface: ath0
media: IEEE 802.11 Wireless Ethernet MCS mode 11ng
status: associated
nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
Atheros AR9280 WIFI not working (wrong regdomain!)
What is the correct Regdomain code?
FreeBSD WLAN und der Ländercode
Chapter 32. Advanced Networking
Kapitel 31. Weiterführende Netzwerkthemen
# pkg install bash The package management tool is not yet installed on your system. Do you want to fetch and install it now? [y/N]: y Bootstrapping pkg from pkg+http://pkg.FreeBSD.org/FreeBSD:13:amd64/quarterly, please wait... Verifying signature with trusted certificate pkg.freebsd.org.2013102301... done Installing pkg-1.16.3... Extracting pkg-1.16.3: 100% Updating FreeBSD repository catalogue... Fetching meta.conf: 100% 163 B 0.2kB/s 00:01 Fetching packagesite.txz: 100% 6 MiB 1.7MB/s 00:04 Processing entries: 100% FreeBSD repository update completed. 30722 packages processed. All repositories are up to date. Updating database digests format: 100%
# pkg install bash
The following 4 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
bash: 5.1.8
gettext-runtime: 0.21
indexinfo: 0.3.1
readline: 8.1.1
Number of packages to be installed: 4
The process will require 11 MiB more space.
2 MiB to be downloaded.
Proceed with this action? [y/N]: y
[1/4] Fetching bash-5.1.8.txz: 100% 1 MiB 1.5MB/s 00:01
[2/4] Fetching indexinfo-0.3.1.txz: 100% 6 KiB 5.7kB/s 00:01
[3/4] Fetching readline-8.1.1.txz: 100% 361 KiB 369.2kB/s 00:01
[4/4] Fetching gettext-runtime-0.21.txz: 100% 166 KiB 169.9kB/s 00:01
Checking integrity... done (0 conflicting)
[1/4] Installing indexinfo-0.3.1...
[1/4] Extracting indexinfo-0.3.1: 100%
[2/4] Installing readline-8.1.1...
[2/4] Extracting readline-8.1.1: 100%
[3/4] Installing gettext-runtime-0.21...
[3/4] Extracting gettext-runtime-0.21: 100%
[4/4] Installing bash-5.1.8...
[4/4] Extracting bash-5.1.8: 100%
# pw user mod andreas -s /usr/local/bin/bash
# pw user mod root -s /usr/local/bin/bash
Bridging
Bridge ethernet and wifi
How do I create a network bridge between WLAN and Ethernet on FreeBSD?
Four layer-2 addresses in 802.11 frame header
pf and bridge(4)
Not Related (AP-Mode)
Routing between bridged interfaces
FreeBSD WiFi and Ethernet Bridging and Aggregation
freebsd: wired and wireless router with transparent bridge
# ifconfig bridge create
bridge0
# ifconfig bridge0
bridge0: flags=8802<BROADCAST,SIMPLEX,MULTICAST> metric 0 mtu 1500
ether 96:3d:4b:f1:79:7a
id 00:00:00:00:00:00 priority 32768 hellotime 2 fwddelay 15
maxage 20 holdcnt 6 proto rstp maxaddr 100 timeout 1200
root id 00:00:00:00:00:00 priority 0 ifcost 0 port 0
# ifconfig bridge0 addm fxp0 addm fxp1 up
# ifconfig fxp0 up
# ifconfig fxp1 up
# ifconfig bridge0 inet 192.168.0.1/24
oder
cloned_interfaces="bridge0"
ifconfig_bridge0="addm fxp0 addm fxp1 up"
ifconfig_fxp0="up"
ifconfig_fxp1="up"
Löschen
# ifconfig bridge0 deletem fxp0
# ifconfig bridge0 destroy
# sysctl net.link.bridge.pfil_member=1 net.link.bridge.pfil_bridge=1 net.link.bridge.pfil_onlyip=1
net.link.bridge.pfil_member: 0 -> 1
net.link.bridge.pfil_bridge: 0 -> 1
net.link.bridge.pfil_onlyip: 0 -> 1
# sysctl net.link.bridge.pfil_member=0 net.link.bridge.pfil_bridge=0 net.link.bridge.pfil_onlyip=0
net.link.bridge.pfil_member: 1 -> 0
net.link.bridge.pfil_bridge: 1 -> 0
net.link.bridge.pfil_onlyip: 1 -> 0
# tcpdump -i bridge0 arp or port bootps
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on bridge0, link-type EN10MB (Ethernet), capture size 262144 bytes
10:39:46.825905 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from f4:6d:04:9a:35:90 (oui Unknown), length 300
10:39:47.373132 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from f4:6d:04:9a:35:90 (oui Unknown), length 300
10:39:50.699967 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from f4:6d:04:9a:35:90 (oui Unknown), length 300
10:39:51.131570 ARP, Request who-has 10.0.0.1 tell 169.254.27.2, length 46
10:39:51.894754 ARP, Request who-has 10.0.0.1 tell 169.254.27.2, length 46
# tcpdump -i wlan0 arp or port bootps
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on wlan0, link-type EN10MB (Ethernet), capture size 262144 bytes
10:40:31.225506 ARP, Request who-has 10.0.0.1 tell 169.254.27.2, length 46
10:40:31.477946 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from f4:6d:04:9a:35:90 (oui Unknown), length 300
10:40:31.890022 ARP, Request who-has 10.0.0.1 tell 169.254.27.2, length 46
10:40:32.886135 ARP, Request who-has 10.0.0.1 tell 169.254.27.2, length 46
# pkg install isc-dhcp44-server
Updating FreeBSD repository catalogue...
Fetching packagesite.txz: 100% 6 MiB 824.4kB/s 00:08
Processing entries: 100%
FreeBSD repository update completed. 30726 packages processed.
All repositories are up to date.
The following 1 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
isc-dhcp44-server: 4.4.2P1_1
Number of packages to be installed: 1
The process will require 6 MiB more space.
1 MiB to be downloaded.
Proceed with this action? [y/N]: y
[1/1] Fetching isc-dhcp44-server-4.4.2P1_1.txz: 100% 1 MiB 371.0kB/s 00:04
Checking integrity... done (0 conflicting)
[1/1] Installing isc-dhcp44-server-4.4.2P1_1...
===> Creating groups.
Creating group 'dhcpd' with gid '136'.
===> Creating users
Creating user 'dhcpd' with uid '136'.
[1/1] Extracting isc-dhcp44-server-4.4.2P1_1: 100%
=====
Message from isc-dhcp44-server-4.4.2P1_1:
--
**** To setup dhcpd, please edit /usr/local/etc/dhcpd.conf.
**** This port installs the dhcp daemon, but doesn't invoke dhcpd by default.
If you want to invoke dhcpd at startup, add these lines to /etc/rc.conf:
dhcpd_enable="YES" # dhcpd enabled?
dhcpd_flags="-q" # command option(s)
dhcpd_conf="/usr/local/etc/dhcpd.conf" # configuration file
dhcpd_ifaces="" # ethernet interface(s)
dhcpd_withumask="022" # file creation mask
**** If compiled with paranoia support (the default), the following rc.conf
options are also supported:
dhcpd_chuser_enable="YES" # runs w/o privileges?
dhcpd_withuser="dhcpd" # user name to run as
dhcpd_withgroup="dhcpd" # group name to run as
dhcpd_chroot_enable="YES" # runs chrooted?
dhcpd_devfs_enable="YES" # use devfs if available?
dhcpd_rootdir="/var/db/dhcpd" # directory to run in
dhcpd_includedir="<some_dir>" # directory with config-
files to include
**** WARNING: never edit the chrooted or jailed dhcpd.conf file but
/usr/local/etc/dhcpd.conf instead which is always copied where
needed upon startup.
commit https://reviews.freebsd.org/rP554893 makes all ports not working anymore…
Can’t make any ports – “set: Illegal option -o pipefail”
# make
set: Illegal option -o pipefail
===> Options unchanged
You may use the following build options:
WITH_BIG_CONCURRENCY_PATCH_CONCURRENCY_LIMIT=NUMBER
(default NUMBER=)
set this to a value reasonable for
your system if you use the patch
/!\ ERROR: /!\
Ports Collection support for your FreeBSD version has ended, and no ports are
guaranteed to build on this system. Please upgrade to a supported release.
No support will be provided if you silence this message by defining
ALLOW_UNSUPPORTED_SYSTEM.
*** Error code 1
Stop.
make[1]: stopped in /usr/ports/mail/qmail-tls
*** Error code 1
Stop.
make: stopped in /usr/ports/mail/qmail-tls
Update to 12.2
s/qmail
qmail-ldap, by André Oppermann (LinkedIn, Xing)
Life With qmail-ldap
qmail
qmail-tls: Secure, reliable, and fast MTA for UNIX systems with TLS support
$ pkg info netqmail-tls
netqmail-tls-1.06.20110119_1
Name : netqmail-tls
Version : 1.06.20110119_1
Installed on : Fri Dec 11 10:59:23 2015 CET
Origin : mail/qmail-tls
Architecture : freebsd:10:x86:64
Prefix : /var/qmail
Categories : mail
Licenses :
Maintainer : erdgeist@erdgeist.org
WWW : http://inoa.net/qmail-tls/
Comment : Secure, reliable, and fast MTA for UNIX systems with TLS support
Options :
BIG_CONCURRENCY_PATCH: off
BIG_TODO_PATCH : on
BLOCKEXEC_PATCH: on
DISCBOUNCES_PATCH: off
DNS_CNAME : on
DOCS : on
EXTTODO_PATCH : off
LOCALTIME_PATCH: off
MAILDIRQUOTA_PATCH: off
OUTGOINGIP_PATCH: on
QEXTRA : off
QMTPC_PATCH : off
RCDLINK : off
SMTP_AUTH_PATCH: off
SPF_PATCH : off
TLS_DEBUG : off
Annotations :
Flat size : 1.06MiB
Description :
What is is: [excerpt taken from tls patch]
Frederik Vermeulen <qmail-tls at inoa.net> 20021228
http://inoa.net/qmail/qmail-1.03-tls.patch
This patch implements RFC2487 in qmail. This means you can
get SSL or TLS encrypted and authenticated SMTP between
the MTAs and between MTA and an MUA like Netscape4.5 TM.
The code is considered experimental.
WWW: http://inoa.net/qmail-tls/
# tail /var/log/qmail/current | tai64nlocal 2021-07-09 16:13:31.006863500 status: local 1/10 remote 0/20 2021-07-09 16:13:31.020170500 delivery 47043: success: did_0+0+1/ 2021-07-09 16:13:31.020288500 status: local 0/10 remote 0/20 2021-07-09 16:13:31.020361500 end msg 963489 2021-07-09 16:37:34.013898500 new msg 963470 2021-07-09 16:37:34.013922500 info msg 963470: bytes 2686 from <XXX> qp 17787 uid 89 2021-07-09 16:37:34.398681500 starting delivery 47044: msg 963470 to remote XXX@hotmail.com 2021-07-09 16:37:34.398686500 status: local 0/10 remote 1/20 2021-07-09 16:37:35.411841500 delivery 47044: deferral: TLS_connect_failed;_connected_to_104.47.73.161./ 2021-07-09 16:37:35.411846500 status: local 0/10 remote 0/20 2021-07-09 16:44:15.431323500 starting delivery 47045: msg 963470 to remote XXX@hotmail.com 2021-07-09 16:44:15.431328500 status: local 0/10 remote 1/20 2021-07-09 16:44:15.841424500 delivery 47045: deferral: TLS_connect_failed;_connected_to_104.47.17.161./ 2021-07-09 16:44:15.841460500 status: local 0/10 remote 0/20 2021-07-09 17:04:15.098384500 starting delivery 47047: msg 963470 to remote XXX@hotmail.com 2021-07-09 17:04:15.098390500 status: local 0/10 remote 1/20 2021-07-09 17:04:15.289859500 delivery 47047: deferral: TLS_connect_failed;_connected_to_104.47.10.33./ 2021-07-09 17:04:15.289889500 status: local 0/10 remote 0/20
smtp-auth + qmail-tls + forcetls patch for qmail, May 8, 2020
Patching qmail, June 19, 2021
SMTP and Transport Layer Security (TLS) [Tutorial]
TLS connect failed
SSL/TLS connection issue troubleshooting test tools
Can’t establish a TLS connection to a remote mail server in Exchange Online or Exchange Server
TLS negotiating failed
Office 365 to enforce TLS 1.2 per October 15, 2020
Checking security protocols and ciphers on your Exchange servers
Rehash: How to Fix the SSL/TLS Handshake Failed Error
SSL/TLS connection issue troubleshooting guide
SSL/TLS connection issue troubleshooting test tools
SMTP MTA STS (Strict Transport Security)
MTA-STS gestaltet Mail-Versand und -Empfang sicherer
STARTTLS: MTA-STS
E-Mail-Verschlüsselung austesten
When was TLS 1.2 support added to OpenSSL?
# openssl version OpenSSL 1.0.1p-freebsd 9 Jul 2015
From ns3.te-clan.ch
$ openssl s_client -host mail.te-clan.ch -port 25 -starttls smtp
CONNECTED(00000003)
ehlo test
depth=0 C = CH, ST = ZH, L = Winterthur, O = tE-clan Server, CN = Andreas Bachmann, emailAddress = bachi@te-clan.ch
verify error:num=18:self signed certificate
verify return:1
depth=0 C = CH, ST = ZH, L = Winterthur, O = tE-clan Server, CN = Andreas Bachmann, emailAddress = bachi@te-clan.ch
verify return:1
---
Certificate chain
0 s:C = CH, ST = ZH, L = Winterthur, O = tE-clan Server, CN = Andreas Bachmann, emailAddress = bachi@te-clan.ch
i:C = CH, ST = ZH, L = Winterthur, O = tE-clan Server, CN = Andreas Bachmann, emailAddress = bachi@te-clan.ch
---
Server certificate
-----BEGIN CERTIFICATE-----
[...]
-----END CERTIFICATE-----
subject=C = CH, ST = ZH, L = Winterthur, O = tE-clan Server, CN = Andreas Bachmann, emailAddress = bachi@te-clan.ch
issuer=C = CH, ST = ZH, L = Winterthur, O = tE-clan Server, CN = Andreas Bachmann, emailAddress = bachi@te-clan.ch
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA
Server Temp Key: DH, 1024 bits
---
SSL handshake has read 1600 bytes and written 542 bytes
Verification error: self signed certificate
---
New, TLSv1.2, Cipher is DHE-RSA-AES256-GCM-SHA384
Server public key is 1024 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : DHE-RSA-AES256-GCM-SHA384
Session-ID: [...]
Session-ID-ctx:
Master-Key: [...]
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 300 (seconds)
TLS session ticket:
0000 - 0b f4 09 ef 02 07 df bc-b9 fa bd d0 f6 21 af 69 .............!.i
0010 - [...]
00a0 - ff 5d 6f 73 8d 1b 75 59-bf dd 9b a6 d8 b2 01 71 .]os..uY.......q
Start Time: 1625840075
Timeout : 7200 (sec)
Verify return code: 18 (self signed certificate)
Extended master secret: no
---
250 8BITMIME
250-ns2.te-clan.ch250-AUTH LOGIN PLAIN CRAM-MD5
250-PIPELINING
250 8BITMIME
read:errno=0
From ns3.te-clan.ch
$ openssl s_client -host 104.47.74.33 -port 25 -starttls smtp
CONNECTED(00000003)
depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA
verify return:1
depth=1 C = US, O = DigiCert Inc, CN = DigiCert Cloud Services CA-1
verify return:1
depth=0 C = US, ST = Washington, L = Redmond, O = Microsoft Corporation, CN = mail.protection.outlook.com
verify return:1
---
Certificate chain
0 s:C = US, ST = Washington, L = Redmond, O = Microsoft Corporation, CN = mail.protection.outlook.com
i:C = US, O = DigiCert Inc, CN = DigiCert Cloud Services CA-1
1 s:C = US, O = DigiCert Inc, CN = DigiCert Cloud Services CA-1
i:C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA
---
Server certificate
-----BEGIN CERTIFICATE-----
[...]
-----END CERTIFICATE-----
subject=C = US, ST = Washington, L = Redmond, O = Microsoft Corporation, CN = mail.protection.outlook.com
issuer=C = US, O = DigiCert Inc, CN = DigiCert Cloud Services CA-1
---
No client certificate CA names sent
Client Certificate Types: RSA sign, DSA sign, ECDSA sign
Requested Signature Algorithms: RSA+SHA256:RSA+SHA384:RSA+SHA1:ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA1:DSA+SHA1:RSA+SHA512:ECDSA+SHA512
Shared Requested Signature Algorithms: RSA+SHA256:RSA+SHA384:RSA+SHA1:ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA1:DSA+SHA1:RSA+SHA512:ECDSA+SHA512
Peer signing digest: SHA256
Peer signature type: RSA
Server Temp Key: ECDH, P-384, 384 bits
---
SSL handshake has read 3852 bytes and written 519 bytes
Verification: OK
---
New, TLSv1.2, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID: [...]
Session-ID-ctx:
Master-Key: [...]
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1625840474
Timeout : 7200 (sec)
Verify return code: 0 (ok)
Extended master secret: yes
---
250 SMTPUTF8
From ns2.te-clan.ch
$ openssl s_client -host 104.47.74.33 -port 25 -starttls smtp
CONNECTED(00000003)
depth=2 C = US, O = DigiCert Inc, OU = www.digicert.com, CN = DigiCert Global Root CA
verify return:1
depth=1 C = US, O = DigiCert Inc, CN = DigiCert Cloud Services CA-1
verify return:1
depth=0 C = US, ST = Washington, L = Redmond, O = Microsoft Corporation, CN = mail.protection.outlook.com
verify return:1
---
Certificate chain
0 s:/C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=mail.protection.outlook.com
i:/C=US/O=DigiCert Inc/CN=DigiCert Cloud Services CA-1
1 s:/C=US/O=DigiCert Inc/CN=DigiCert Cloud Services CA-1
i:/C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert Global Root CA
---
Server certificate
-----BEGIN CERTIFICATE-----
[...]
-----END CERTIFICATE-----
subject=/C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=mail.protection.outlook.com
issuer=/C=US/O=DigiCert Inc/CN=DigiCert Cloud Services CA-1
---
No client certificate CA names sent
---
SSL handshake has read 3847 bytes and written 502 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1.2
Cipher : ECDHE-RSA-AES256-GCM-SHA384
Session-ID: [...]
Session-ID-ctx:
Master-Key: [...]
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1625840680
Timeout : 300 (sec)
Verify return code: 0 (ok)
---
250 SMTPUTF8
When used with HTTP, TLS wraps the entire plain-text communication channel to form HTTPS. Some other protocols start off as plaintext, but then they upgrade to encryption. If you want to test such a protocol, you’ll have to tell OpenSSL which protocol it is so that it can upgrade on your behalf. Provide the protocol information using the -starttls switch. For example:
$ openssl s_client -connect gmail-smtp-in.l.google.com:25 -starttls smtp
At the time of writing, the supported protocols in recent OpenSSL releases are smtp, pop3, imap, ftp, xmpp, xmpp-server, irc, postgres, mysql, lmtp, nntp, sieve, and ldap. There is less choice with OpenSSL 1.0.2g: smtp, pop3, imap, ftp, and xmpp.
Some protocols require the client to provide their names. For example, for SMTP, OpenSSL will use mail.example.com by default, but you can specify the correct value with the -name switch. If you’re testing XMPP, you may need to specify the correct server name; you can do this with the -xmpphost switch.
Linked: Erwin Hoffmann
github.com/wavemechanics/sqmail-port
Installing s/qmail
FreeBSD Port: qmail-spamcontrol-1.03.2731_2
IndiMail is a Secure, Reliable, Efficient Messaging Platform which provides you everything needed in a modern messaging server – ESMTP, IMAP, POP3, QMTP, QMQP and many other features. IndiMail gives you speeds that are faster than most MTAs. The flexibility provided by IndiMail’s authentication methods allow any IMAP/POP3 server to be used with IndiMail. IndiMail is built for speed and flexibility. You can download the source or use the binary RPM generated by openSUSE Build Service.
IndiMail
IndiMail
github.com/mbhangui/indimail-mta
github.com/rbsec/sslscan
sslscan Fast SSL port scanner
C:\Users\andreas\Downloads\sslscan-win-2.0.10>sslscan.exe --starttls-smtp mail.xyz.abc:25 Version: 2.0.10 Windows 64-bit (Mingw) OpenSSL 1.1.1e-dev xx XXX xxxx Connected to x.x.x.x Testing SSL server mail.xyz.abc on port 25 using SNI name mail.xyz.abc SSL/TLS Protocols: SSLv2 enabled SSLv3 disabled TLSv1.0 enabled TLSv1.1 enabled TLSv1.2 enabled TLSv1.3 disabled TLS Fallback SCSV: Connection failed - unable to determine TLS Fallback SCSV support TLS renegotiation: Session renegotiation not supported TLS Compression: Compression disabled Heartbleed: TLSv1.2 not vulnerable to heartbleed TLSv1.1 not vulnerable to heartbleed TLSv1.0 not vulnerable to heartbleed Supported Server Cipher(s): Preferred TLSv1.2 56 bits TLS_RSA_WITH_DES_CBC_SHA Preferred TLSv1.1 56 bits TLS_RSA_WITH_DES_CBC_SHA Preferred TLSv1.1 56 bits TLS_DHE_RSA_WITH_DES_CBC_SHA Preferred TLSv1.0 256 bits DHE-RSA-AES256-SHA DHE 1024 bits Accepted TLSv1.0 56 bits TLS_RSA_WITH_DES_CBC_SHA SSL Certificate: Signature Algorithm: sha1WithRSAEncryption RSA Key Strength: 1024 Subject: Andreas Bachmann Issuer: Andreas Bachmann Not valid before: Apr 22 11:27:56 2019 GMT Not valid after: Apr 20 11:27:56 2024 GMT
 |
 |
 |
 |
ESP32 Series
32-bit MCU & 2.4 GHz Wi-Fi & Bluetooth/Bluetooth LE
