From hjb at pro-linux.de Tue Jan 1 16:28:12 2019 From: hjb at pro-linux.de (Hans-Joachim Baader) Date: Tue, 1 Jan 2019 17:28:12 +0100 Subject: [Box Backup] Object too big error on 32 bit client In-Reply-To: References: <20181230170746.qt463sugbvl2brqn@toba.hjbaader.home> <20181230230859.ysb65g7xobb6hlr2@toba.hjbaader.home> Message-ID: <20190101162812.dsgmzeb7oxd3a6xa@toba.hjbaader.home> Hi Chris, happy new year to all! > If the file cannot be restored correctly on any client, then it seems that > the file data is corrupt. Since individual blocks are encrypted separately, > it seems that one block was probably corrupted before being encrypted, > perhaps due to bad memory or a cosmic ray bit flip on the client being > backed up. (It should not be possible that it was damaged after encryption, > including on the server, as a different error would occur on decryption). I suspect this is what happened. Unfortunately I don't have ECC RAM in the server. > Do you have any old versions of this file on the store, and can they be > restored successfully? Yep, I had numerous old versions. But they all show the same error. > You can delete the file from the server with the bbackupquery delete > command, and try the restore again, and it should succeed this time > (hopefully!). I have done this, so that it got backed up again last night. Now it seems to be clean. I no longer see this error. If further testing finds something new, I let you know. Thank you! Regards, Hans-Joachim Hans-Joachim Baader - Pro-Linux.de Poppelfeld 9, D-76646 Bruchsal Gesch?ftsf?hrer/Herausgeber * CEO/Editor Fon +49 07257-930142 * Mobil 0170-6500228 -- Pro-Linux - Germany's largest volunteer Linux support site Support Pro-Linux: https://www.pro-linux.de/user/index50.html https://www.pro-linux.de/ Public Key ID 2DBC923E3DDBDDEA -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 195 bytes Desc: not available URL: From dlewis at mtu.edu Sun Jan 6 03:22:26 2019 From: dlewis at mtu.edu (Derek Lewis) Date: Sat, 5 Jan 2019 19:22:26 -0800 Subject: [Box Backup] Change list subscription Message-ID: <2CC7E0FC-01F4-4703-BFC8-05C43EB6B9D8@mtu.edu> I want to change my list subscription and password, is there a new page for managing subscriptions? Derek Sent from my iPhone From james at netinertia.co.uk Sun Jan 6 19:52:22 2019 From: james at netinertia.co.uk (James O'Gorman) Date: Sun, 6 Jan 2019 19:52:22 +0000 Subject: [Box Backup] Change list subscription In-Reply-To: <2CC7E0FC-01F4-4703-BFC8-05C43EB6B9D8@mtu.edu> References: <2CC7E0FC-01F4-4703-BFC8-05C43EB6B9D8@mtu.edu> Message-ID: <20190106195222.GD891@netinertia.co.uk> Hello Derek, On Sat 05 Jan 2019 at 19:22 -0800, Derek Lewis wrote: > I want to change my list subscription and password, is there a new page for managing subscriptions? It's at the bottom of every post to the list: > Derek > > Sent from my iPhone > _______________________________________________ > Boxbackup mailing list > Boxbackup at boxbackup.org > http://lists.boxbackup.org/mailman/listinfo/boxbackup Let me know if you need any help updating your account. Regards, James From dlewis at mtu.edu Sun Jan 6 23:55:29 2019 From: dlewis at mtu.edu (Derek Lewis) Date: Sun, 6 Jan 2019 15:55:29 -0800 Subject: [Box Backup] Change list subscription In-Reply-To: <20190106195222.GD891@netinertia.co.uk> References: <2CC7E0FC-01F4-4703-BFC8-05C43EB6B9D8@mtu.edu> <20190106195222.GD891@netinertia.co.uk> Message-ID: I have tried that link, and I can?t get a connection to the server. Sent from my iPhone > On Jan 6, 2019, at 11:52 AM, James O'Gorman wrote: > > Hello Derek, > >> On Sat 05 Jan 2019 at 19:22 -0800, Derek Lewis wrote: >> I want to change my list subscription and password, is there a new page for managing subscriptions? > > It's at the bottom of every post to the list: > >> Derek >> >> Sent from my iPhone >> _______________________________________________ >> Boxbackup mailing list >> Boxbackup at boxbackup.org >> http://lists.boxbackup.org/mailman/listinfo/boxbackup > > Let me know if you need any help updating your account. > > Regards, > > James > _______________________________________________ > Boxbackup mailing list > Boxbackup at boxbackup.org > http://lists.boxbackup.org/mailman/listinfo/boxbackup From siretart at gmail.com Mon Jan 7 00:02:33 2019 From: siretart at gmail.com (Reinhard Tartler) Date: Sun, 6 Jan 2019 19:02:33 -0500 Subject: [Box Backup] Debian now requires 2048bit RSA keys Message-ID: Hi Chris, Can you please have a look athttps:// bugs.debian.org/cgi-bin/bugreport.cgi?bug=907135 ? I figure that fixing the tests would be straight-forward, but doesn't this also require some additional changes in the boxbackup scripts that generate the keys? Also, I'm concerned that a boxbackup server that is upgraded to a system that requires 2048 bit keys would prevent older clients from working. What can we do to avoid this issue? -- regards, Reinhard -------------- next part -------------- An HTML attachment was scrubbed... URL: From james at netinertia.co.uk Mon Jan 7 20:31:40 2019 From: james at netinertia.co.uk (James O'Gorman) Date: Mon, 7 Jan 2019 20:31:40 +0000 Subject: [Box Backup] Change list subscription In-Reply-To: References: <2CC7E0FC-01F4-4703-BFC8-05C43EB6B9D8@mtu.edu> <20190106195222.GD891@netinertia.co.uk> Message-ID: <20190107203140.GE891@netinertia.co.uk> Hi Derek, On Sun 06 Jan 2019 at 15:55 -0800, Derek Lewis wrote: > I have tried that link, and I can?t get a connection to the server. It works just fine for me. Have you tried from another device or network? Perhaps there is something in the way blocking it. If you're able to provide a traceroute or something that would help. James From chris+google at qwirx.com Mon Jan 7 21:56:52 2019 From: chris+google at qwirx.com (Chris Wilson) Date: Mon, 7 Jan 2019 21:56:52 +0000 Subject: [Box Backup] Debian now requires 2048bit RSA keys In-Reply-To: References: Message-ID: Hi Reinhard, If I make the workaround suggested on this thread (change SECLEVEL to 1 in /etc/ssl/openssl.cnf) then test/basicserver passes again. This is at least a good start, so that users who don't want to replace their certificates have a workaround. I think I'll need to modify the CA scripts that generate certificates so that they produce 2048-bit keys that do not need this workaround, and document it or catch and improve the error message. Thanks, Chris. On Mon, 7 Jan 2019 at 00:03, Reinhard Tartler wrote: > Hi Chris, > > Can you please have a look athttps:// > bugs.debian.org/cgi-bin/bugreport.cgi?bug=907135 ? > > I figure that fixing the tests would be straight-forward, but doesn't this > also require some additional changes in the boxbackup scripts that generate > the keys? Also, I'm concerned that a boxbackup server that is upgraded to a > system that requires 2048 bit keys would prevent older clients from working. > > What can we do to avoid this issue? > > -- > regards, > Reinhard > _______________________________________________ > Boxbackup mailing list > Boxbackup at boxbackup.org > http://lists.boxbackup.org/mailman/listinfo/boxbackup > -------------- next part -------------- An HTML attachment was scrubbed... URL: From siretart at gmail.com Mon Jan 7 22:44:45 2019 From: siretart at gmail.com (Reinhard Tartler) Date: Mon, 7 Jan 2019 17:44:45 -0500 Subject: [Box Backup] Debian now requires 2048bit RSA keys In-Reply-To: References: Message-ID: Hi Chris, Thanks for looking into this. Please let me know when you're updated the CA scripts to use better certificates. I think this would even warrant a new upstream release, but that's up to you. I'd be happy to integrate that change with a note in the NEWS file and changelog into the next upload. Best Rt On Mon, Jan 7, 2019, 16:58 Chris Wilson Hi Reinhard, > > If I make the workaround suggested on this thread > (change > SECLEVEL to 1 in /etc/ssl/openssl.cnf) then test/basicserver passes again. > This is at least a good start, so that users who don't want to replace > their certificates have a workaround. I think I'll need to modify the CA > scripts that generate certificates so that they produce 2048-bit keys that > do not need this workaround, and document it or catch and improve the error > message. > > Thanks, Chris. > > On Mon, 7 Jan 2019 at 00:03, Reinhard Tartler wrote: > >> Hi Chris, >> >> Can you please have a look athttps:// >> bugs.debian.org/cgi-bin/bugreport.cgi?bug=907135 ? >> >> I figure that fixing the tests would be straight-forward, but doesn't >> this also require some additional changes in the boxbackup scripts that >> generate the keys? Also, I'm concerned that a boxbackup server that is >> upgraded to a system that requires 2048 bit keys would prevent older >> clients from working. >> >> What can we do to avoid this issue? >> >> -- >> regards, >> Reinhard >> _______________________________________________ >> Boxbackup mailing list >> Boxbackup at boxbackup.org >> http://lists.boxbackup.org/mailman/listinfo/boxbackup >> > _______________________________________________ > Boxbackup mailing list > Boxbackup at boxbackup.org > http://lists.boxbackup.org/mailman/listinfo/boxbackup > -------------- next part -------------- An HTML attachment was scrubbed... URL: From chris+google at qwirx.com Tue Jan 8 23:14:38 2019 From: chris+google at qwirx.com (Chris Wilson) Date: Tue, 8 Jan 2019 23:14:38 +0000 Subject: [Box Backup] Debian now requires 2048bit RSA keys In-Reply-To: References: Message-ID: Hi Reinhard, I am not planning to make specific releases any more, as the master branch should always be of release quality. I agree that we should encourage people and package maintainers to update to the latest version when it contains the fix for this issue. I've started writing some documentation on the issue and its resolution here . Thanks, Chris. On Mon, 7 Jan 2019 at 22:45, Reinhard Tartler wrote: > Hi Chris, > > Thanks for looking into this. Please let me know when you're updated the > CA scripts to use better certificates. I think this would even warrant a > new upstream release, but that's up to you. I'd be happy to integrate that > change with a note in the NEWS file and changelog into the next upload. > > Best > Rt > > On Mon, Jan 7, 2019, 16:58 Chris Wilson >> Hi Reinhard, >> >> If I make the workaround suggested on this thread >> (change >> SECLEVEL to 1 in /etc/ssl/openssl.cnf) then test/basicserver passes again. >> This is at least a good start, so that users who don't want to replace >> their certificates have a workaround. I think I'll need to modify the CA >> scripts that generate certificates so that they produce 2048-bit keys that >> do not need this workaround, and document it or catch and improve the error >> message. >> >> Thanks, Chris. >> >> On Mon, 7 Jan 2019 at 00:03, Reinhard Tartler wrote: >> >>> Hi Chris, >>> >>> Can you please have a look athttps:// >>> bugs.debian.org/cgi-bin/bugreport.cgi?bug=907135 ? >>> >>> I figure that fixing the tests would be straight-forward, but doesn't >>> this also require some additional changes in the boxbackup scripts that >>> generate the keys? Also, I'm concerned that a boxbackup server that is >>> upgraded to a system that requires 2048 bit keys would prevent older >>> clients from working. >>> >>> What can we do to avoid this issue? >>> >>> -- >>> regards, >>> Reinhard >>> _______________________________________________ >>> Boxbackup mailing list >>> Boxbackup at boxbackup.org >>> http://lists.boxbackup.org/mailman/listinfo/boxbackup >>> >> _______________________________________________ >> Boxbackup mailing list >> Boxbackup at boxbackup.org >> http://lists.boxbackup.org/mailman/listinfo/boxbackup >> > _______________________________________________ > Boxbackup mailing list > Boxbackup at boxbackup.org > http://lists.boxbackup.org/mailman/listinfo/boxbackup > -------------- next part -------------- An HTML attachment was scrubbed... URL: