From a9a56853a27e1dbce3c48af327b0adff0e4c38e0 Mon Sep 17 00:00:00 2001 From: Micah Anderson Date: Wed, 18 Jun 2008 23:33:18 -0400 Subject: add george system changelog --- doc/george/changelog | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) create mode 100644 doc/george/changelog (limited to 'doc/george') diff --git a/doc/george/changelog b/doc/george/changelog new file mode 100644 index 0000000..2442061 --- /dev/null +++ b/doc/george/changelog @@ -0,0 +1,19 @@ +****************************************************************************** +* * +* george system log * +* * +****************************************************************************** +* Please add new entries in reverse chronological order whenever you make * +* changes to this system * +****************************************************************************** + + +2008-06-18 - micah + * debootstrap'd debian etch install + * installed /etc/apt/sources.list with local proxy sources for etch, + testing, unstable, backports and volatile + * configured /etc/apt/preferences and apt.conf.d/local-conf to + pin etch, but make testing, sid and backports available + * added backports.org apt-key + * installed openssh-server and openssh-client packages + * added dkg, jrollins, mjgoins ssh public_keys to /root/.ssh/authorized_keys -- cgit v1.2.3 From fadd814ce4351c3869e49d91b31aa5b2efc68a01 Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Wed, 18 Jun 2008 23:58:01 -0400 Subject: update george changelog --- doc/george/changelog | 3 +++ 1 file changed, 3 insertions(+) (limited to 'doc/george') diff --git a/doc/george/changelog b/doc/george/changelog index 2442061..5d35355 100644 --- a/doc/george/changelog +++ b/doc/george/changelog @@ -7,6 +7,9 @@ * changes to this system * ****************************************************************************** +2008-06-18 - jrollins + * installed less, emacs; + * aptitude update && aptitude dist-upgrade 2008-06-18 - micah * debootstrap'd debian etch install -- cgit v1.2.3 From e158221fd47d035fa3a7a8cd715327714d40d32a Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Thu, 19 Jun 2008 00:17:38 -0400 Subject: added policy docs about george.riseup.net --- doc/george/policy | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 doc/george/policy (limited to 'doc/george') diff --git a/doc/george/policy b/doc/george/policy new file mode 100644 index 0000000..6da08e9 --- /dev/null +++ b/doc/george/policy @@ -0,0 +1,32 @@ +Policy for maintaining george.riseup.net +---------------------------------------- + +Riseup graciously provided the MonkeySphere project with a vserver for +testing and public documentation. This is known as george.riseup.net, +for those who are curious about the MonkeySphere. + +george will be maintained as a debian lenny machine, with minimal +packages from experimental as needed for installing and running what +we build elsewhere. + +george will host 3 public-facing services: an ssh daemon on port 22, +an http service on port 80, and an OpenPGP keyserver (the HKP +protocol) on port 11371. + +Administration of george is a shared responsibility across the core +members of the MonkeySphere development team. Administrators will log +changes in their git repositories, in doc/george/changelog (a peer of +this policy file). + +monkeysphere packages installed on george will use unique, tagged +version numbers so we know what we're running. + +We will try to keep the installation as minimal as possible while +still allowing for comfortable day-to-day administration. + + +Outstanding questions: + +Who should have superuser access? + +Who should get regular user accounts? -- cgit v1.2.3 From 70ee9836c30c3264660010156944d3b76e9300b2 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Thu, 19 Jun 2008 01:12:30 -0400 Subject: more notes on work on george. --- doc/george/changelog | 16 ++++++++++++++++ doc/george/policy | 1 + 2 files changed, 17 insertions(+) (limited to 'doc/george') diff --git a/doc/george/changelog b/doc/george/changelog index 5d35355..8eebe4b 100644 --- a/doc/george/changelog +++ b/doc/george/changelog @@ -7,6 +7,22 @@ * changes to this system * ****************************************************************************** +2008-06-19 - dkg + * removed etch sources, switched "testing" to "lenny", added + lenny/updates, removed all contrib and non-free. + + * removed testing pin in /etc/apt/preferences + * ran the upgrade + + * reset emacs22 to emacs22-nox (avoiding dependencies) + + * removed sysklog and klogd because of errors restarting klogd. + Installed syslog-ng in their stead, which still gives errors + related to /proc/kmsg unreadability, but the install completes :/ + + * added experimental, juggled pinning: + experimental: 1, unstable: 2 + 2008-06-18 - jrollins * installed less, emacs; * aptitude update && aptitude dist-upgrade diff --git a/doc/george/policy b/doc/george/policy index 6da08e9..a17a310 100644 --- a/doc/george/policy +++ b/doc/george/policy @@ -24,6 +24,7 @@ version numbers so we know what we're running. We will try to keep the installation as minimal as possible while still allowing for comfortable day-to-day administration. +We will use aptitude for package management where possible. Outstanding questions: -- cgit v1.2.3 From d8dd7e109a119ed66e7a32777f0de34ce69c0928 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Thu, 19 Jun 2008 03:04:58 -0400 Subject: added description of steps needed to get host key published for george.riseup.net. --- doc/george/host-key-publication | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 doc/george/host-key-publication (limited to 'doc/george') diff --git a/doc/george/host-key-publication b/doc/george/host-key-publication new file mode 100644 index 0000000..03e2510 --- /dev/null +++ b/doc/george/host-key-publication @@ -0,0 +1,28 @@ +2008-06-19 02:34:57-0400 +------------------------ + +Adding george's host key to the monkeysphere was more complicated than +it needed to be. + +As the server admin, i did (accepting the defaults where possible): + + monkeysphere-server gen-key + KEYID=$(GNUPGHOME=/etc/monkeysphere/gnupg gpg --with-colons --list-key =ssh://$(hostname --fqdn) | grep ^pub: | cut -f5 -d:) + (umask 077 && GNUPGHOME=/etc/monkeysphere/gnupg gpg --export-secret-key $KEYID | openpgp2ssh $KEYID >/etc/monkeysphere/ssh_host_rsa_key) + # modify /etc/ssh/sshd_config to remove old host keys lines, and + # add new line: HostKey /etc/monkeysphere/ssh_host_rsa_key + /etc/init.d/ssh restart + + KEYSERVER=george.riseup.net monkeysphere-server publish-key + # (needed to publish by hand here because of reasonable sanity checks) + monkeysphere-server show-fingerprint + + # then from a remote host: + gpg --keyserver george.riseup.net --search =ssh://george.riseup.net + gpg --fingerprint --sign-key =ssh://george.riseup.net + KEYID=$(gpg --with-colons --list-key =ssh://george.riseup.net | grep ^pub: | cut -f5 -d:) + gpg --keyserver george.riseup.net --send "$KEYID" + gpg --keyserver george.riseup.net --send "$MYGPGID" + + +How could this have been streamlined? -- cgit v1.2.3 From a5066c3a37a84bf47e1e1d6ff8ad755ad5fa9414 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Thu, 19 Jun 2008 03:17:01 -0400 Subject: added more documentation about george, and more TODO notes. --- doc/TODO | 25 +++++++++++++++++++++++-- doc/george/changelog | 14 ++++++++++++-- doc/george/user-id-configuration | 21 +++++++++++++++++++++ 3 files changed, 56 insertions(+), 4 deletions(-) create mode 100644 doc/george/user-id-configuration (limited to 'doc/george') diff --git a/doc/TODO b/doc/TODO index 3538fbf..e2fce0e 100644 --- a/doc/TODO +++ b/doc/TODO @@ -8,12 +8,33 @@ Detail advantages of monkeysphere: detail the race conditions in ssh, Determine how openssh handles multiple processes writing to known_hosts/authorized_keys files (lockfile, atomic appends?) -Handle unknown hosts in such a way that they're not always removed - from known_hosts file. Ask user to lsign the host key? +Handle unverified monkeysphere hosts in such a way that they're not + always removed from known_hosts file. Ask user to lsign the host + key? Handle multiple hostnames (multiple user IDs?) when generating host keys with gen-key. +Work out the details (and describe a full use case) for assigning a + REVOKER during monkeysphere-server gen_key -- how is this set? How + do we export it so it's available when a second-party revocation is + needed? + +Actually enable server hostkey publication. + +Streamline host key generation, publication, verification. See + doc/george/host-key-publication for what dkg went through on + 2008-06-19 + +Streamline authorized_user_ids setup (including question of where + authorized_user_ids files should go). See + doc/george/user-id-configuration for what dkg went through on + 2008-06-19 + +Ensure that authorized_user_ids are under as tight control as ssh + expects from authorized_keys: we don't want monkeysphere to be a + weak link in the filesystem. + Make sure alternate ports are handled for known_hosts. Script to import private key into ssh agent. diff --git a/doc/george/changelog b/doc/george/changelog index 8eebe4b..afea2d0 100644 --- a/doc/george/changelog +++ b/doc/george/changelog @@ -20,8 +20,18 @@ Installed syslog-ng in their stead, which still gives errors related to /proc/kmsg unreadability, but the install completes :/ - * added experimental, juggled pinning: - experimental: 1, unstable: 2 + * added experimental + * juggled pinning: experimental: 1, unstable: 2 + * added mathopd onak, tweaked /etc/mathopd.conf and /etc/onak.conf + + * installed monkeysphere v0.1-1, changed host key, published + them via the local keyserver (see host-key-publication) + + * added local unprivileged user accounts for everyone listed in + /usr/share/doc/monkeysphere/copyright + + * configured authorized_user_ids for every user account based on + my best guess at their OpenPGP User ID. 2008-06-18 - jrollins * installed less, emacs; diff --git a/doc/george/user-id-configuration b/doc/george/user-id-configuration new file mode 100644 index 0000000..d95279d --- /dev/null +++ b/doc/george/user-id-configuration @@ -0,0 +1,21 @@ +2008-06-19 03:00:58-0400 +------------------------ + +setting up authorized_user_id configuration on george was also more +cumbersome than it needs to be. Here's what i (dkg) did: + + GNUPGHOME=/etc/monkeysphere/gnupg gpg --keyserver subkeys.pgp.net --search dkg@fifthhorseman.net + GNUPGHOME=/etc/monkeysphere/gnupg gpg --fingerprint dkg@fifthhorseman.net + +set up the authorized_user_ids (why are these in /etc/ and not in +people's home directories?) + +echo 'Daniel Kahn Gillmor ' > /etc/monkeysphere/authorized_user_ids/dkg +echo 'Jameson Rollins ' > /etc/monkeysphere/authorized_user_ids/jrollins +echo 'Micah Anderson ' > /etc/monkeysphere/authorized_user_ids/micah +echo 'Matthew Goins ' > /etc/monkeysphere/authorized_user_ids/mjgoins +echo 'Ross Glover ' > /etc/monkeysphere/authorized_user_ids/ross +echo 'Jamie McClelland ' > /etc/monkeysphere/authorized_user_ids/jamie +echo 'mike castleman ' > /etc/monkeysphere/authorized_user_ids/mlcastle +echo 'Elliot Winard ' > /etc/monkeysphere/authorized_user_ids/enw +echo 'Greg Lyle ' > /etc/monkeysphere/authorized_user_ids/greg -- cgit v1.2.3 From 86e9e0e3fd03db1770857990882d955954a5265b Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Thu, 19 Jun 2008 04:00:42 -0400 Subject: re-worked documentation and raised issues in TODO about end user authentication. --- doc/TODO | 26 +++++++++++++++++++ doc/george/user-id-configuration | 56 +++++++++++++++++++++++++++++----------- 2 files changed, 67 insertions(+), 15 deletions(-) (limited to 'doc/george') diff --git a/doc/TODO b/doc/TODO index e2fce0e..5cd9be9 100644 --- a/doc/TODO +++ b/doc/TODO @@ -35,6 +35,32 @@ Ensure that authorized_user_ids are under as tight control as ssh expects from authorized_keys: we don't want monkeysphere to be a weak link in the filesystem. +What happens when there are no entries in the authorized_user_ids file + for a user? /var/cache/monkeysphere/authorized_keys/$USER.tmp + seems like it gets created and then left there. + +What happens when a user account has no corresponding + /etc/monkeysphere/authorized_user_ids/$USER file? What gets placed + in /var/cache/monkeysphere/authorized_keys/$USER? It looks + currently untouched, which could mean bad things for such a user. + +Consider the default permissions for + /var/cache/monkeysphere/authorized_keys/* (and indeed the whole + directory path leading up to that) + +What should happen when an admin does + "monkeysphere-server update-users not_an_existent_user"? + currently, it adds + /etc/monkeysphere/authorized_user_ids/not_an_existent_user, which + seems rather wrong. + +is /var/cache/monkeysphere/authorized_keys/$USER.tmp guaranteed to + avoid collisions? Why not use a real mktemp file? + +As an administrator, how do i reverse the effect of a + "monkeysphere-server trust-keys" that i later decide i should not + have run? + Make sure alternate ports are handled for known_hosts. Script to import private key into ssh agent. diff --git a/doc/george/user-id-configuration b/doc/george/user-id-configuration index d95279d..d42bfbd 100644 --- a/doc/george/user-id-configuration +++ b/doc/george/user-id-configuration @@ -4,18 +4,44 @@ setting up authorized_user_id configuration on george was also more cumbersome than it needs to be. Here's what i (dkg) did: - GNUPGHOME=/etc/monkeysphere/gnupg gpg --keyserver subkeys.pgp.net --search dkg@fifthhorseman.net - GNUPGHOME=/etc/monkeysphere/gnupg gpg --fingerprint dkg@fifthhorseman.net - -set up the authorized_user_ids (why are these in /etc/ and not in -people's home directories?) - -echo 'Daniel Kahn Gillmor ' > /etc/monkeysphere/authorized_user_ids/dkg -echo 'Jameson Rollins ' > /etc/monkeysphere/authorized_user_ids/jrollins -echo 'Micah Anderson ' > /etc/monkeysphere/authorized_user_ids/micah -echo 'Matthew Goins ' > /etc/monkeysphere/authorized_user_ids/mjgoins -echo 'Ross Glover ' > /etc/monkeysphere/authorized_user_ids/ross -echo 'Jamie McClelland ' > /etc/monkeysphere/authorized_user_ids/jamie -echo 'mike castleman ' > /etc/monkeysphere/authorized_user_ids/mlcastle -echo 'Elliot Winard ' > /etc/monkeysphere/authorized_user_ids/enw -echo 'Greg Lyle ' > /etc/monkeysphere/authorized_user_ids/greg +monkeysphere-server trust-keys 0EE5BE979282D80B9F7540F1CCD2ED94D21739E9 + +monkeysphere-server update-user-userids dkg 'Daniel Kahn Gillmor ' +monkeysphere-server update-user-userids jrollins 'Jameson Rollins ' +monkeysphere-server update-user-userids micah 'Micah Anderson ' +monkeysphere-server update-user-userids mjgoins 'Matthew Goins ' +monkeysphere-server update-user-userids ross 'Ross Glover ' +monkeysphere-server update-user-userids jamie 'Jamie McClelland ' +monkeysphere-server update-user-userids mlcastle 'mike castleman ' +monkeysphere-server update-user-userids enw 'Elliot Winard ' +monkeysphere-server update-user-userids greg 'Greg Lyle ' + + +then i added a scheduled: + + monkeysphere-server update-users + +to run hourly via /etc/crontab + +and made sure that root's keys were working with a temporary symlink +(see TODO about that business) + +and then modified /etc/ssh/sshd_config with: + + AuthorizedKeysFile /var/cache/monkeysphere/authorized_keys/%u + + +Some outstanding questions: + + * why are the authorized_user_ids stored in /etc/ and not in people's + home directories? + + * why are authorized_user_ids managed with a special sub-command of + monkeysphere-server, instead of just being hand-managed files, the + way that authorized_keys are in stock openssh? + + * Should we ship a scheduled monkeysphere-server update-users cron + job automatically? + + * why was i not prompted to confirm the trust-keys line, which seems + like the most delicate/sensitive line of all of them? -- cgit v1.2.3 From 0e7b7f17fd635486371798a513067ba747dd47dc Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Thu, 19 Jun 2008 04:10:55 -0400 Subject: documented cronjob, and referred to user-id-configuration. --- doc/george/changelog | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'doc/george') diff --git a/doc/george/changelog b/doc/george/changelog index afea2d0..381fa0f 100644 --- a/doc/george/changelog +++ b/doc/george/changelog @@ -31,7 +31,11 @@ /usr/share/doc/monkeysphere/copyright * configured authorized_user_ids for every user account based on - my best guess at their OpenPGP User ID. + my best guess at their OpenPGP User ID (see + user-id-configuration). + + * set up a cronjob (in /etc/crontab) to run "monkeysphere-server + update-users" at 26 minutes past the hour. 2008-06-18 - jrollins * installed less, emacs; -- cgit v1.2.3 From 2e817838052450ec7a8942f24c5190e51bbd31d0 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Thu, 19 Jun 2008 12:02:33 -0400 Subject: documenting addition of apt repo on george. --- doc/george/changelog | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'doc/george') diff --git a/doc/george/changelog b/doc/george/changelog index 381fa0f..55d46bc 100644 --- a/doc/george/changelog +++ b/doc/george/changelog @@ -7,6 +7,13 @@ * changes to this system * ****************************************************************************** +2008-06-19 - dkg + * installed rsync (for maintaining a public apt repo) + + * configured mathopd to listen on port 80, serving /srv/www as / + and /srv/apt as /debian. We've got nothing in /srv/www at the + moment, though. + 2008-06-19 - dkg * removed etch sources, switched "testing" to "lenny", added lenny/updates, removed all contrib and non-free. -- cgit v1.2.3 From f95798d4fd83cb227b69c136b16b592d997303c6 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Thu, 19 Jun 2008 12:20:08 -0400 Subject: documenting george debugging steps. --- doc/george/changelog | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'doc/george') diff --git a/doc/george/changelog b/doc/george/changelog index 55d46bc..6dc3a29 100644 --- a/doc/george/changelog +++ b/doc/george/changelog @@ -13,6 +13,11 @@ * configured mathopd to listen on port 80, serving /srv/www as / and /srv/apt as /debian. We've got nothing in /srv/www at the moment, though. + + * installed lsof and psmisc as sysadmin utilities. sorry for the + bloat! + + * installed strace to try to figure out why onak is segfaulting. 2008-06-19 - dkg * removed etch sources, switched "testing" to "lenny", added -- cgit v1.2.3 From 7019354a75ca19ffd2e10f2e2b3dc89b480156bd Mon Sep 17 00:00:00 2001 From: Jameson Graef Rollins Date: Thu, 19 Jun 2008 18:09:41 -0400 Subject: Better handling of unknown users in server update-users. Updated TODO file. --- debian/changelog | 3 ++- doc/TODO | 21 +++------------------ doc/george/user-id-configuration | 7 ------- src/common | 13 ++++++++++--- src/monkeysphere-server | 10 ++++++++-- 5 files changed, 23 insertions(+), 31 deletions(-) (limited to 'doc/george') diff --git a/debian/changelog b/debian/changelog index 726f262..bd12e1a 100644 --- a/debian/changelog +++ b/debian/changelog @@ -9,8 +9,9 @@ monkeysphere (0.2-1) UNRELEASED; urgency=low /etc/monkeysphere/authorized_user_ids. * Remove {update,remove}-userids functions, since we decided they weren't useful enough to be worth maintaining. + * Better handling of unknown users in server update-users - -- Jameson Graef Rollins Thu, 19 Jun 2008 16:56:32 -0400 + -- Jameson Graef Rollins Thu, 19 Jun 2008 18:08:57 -0400 monkeysphere (0.1-1) experimental; urgency=low diff --git a/doc/TODO b/doc/TODO index 5cd9be9..a82f031 100644 --- a/doc/TODO +++ b/doc/TODO @@ -26,37 +26,22 @@ Streamline host key generation, publication, verification. See doc/george/host-key-publication for what dkg went through on 2008-06-19 -Streamline authorized_user_ids setup (including question of where - authorized_user_ids files should go). See - doc/george/user-id-configuration for what dkg went through on - 2008-06-19 - Ensure that authorized_user_ids are under as tight control as ssh expects from authorized_keys: we don't want monkeysphere to be a weak link in the filesystem. -What happens when there are no entries in the authorized_user_ids file - for a user? /var/cache/monkeysphere/authorized_keys/$USER.tmp - seems like it gets created and then left there. - What happens when a user account has no corresponding /etc/monkeysphere/authorized_user_ids/$USER file? What gets placed in /var/cache/monkeysphere/authorized_keys/$USER? It looks currently untouched, which could mean bad things for such a user. + - if authorized_user_ids is empty, then the user's authorized_keys + file will be also, unless the user-controlled authorized_keys file + is added. I believe this is expected, correct behavior. Consider the default permissions for /var/cache/monkeysphere/authorized_keys/* (and indeed the whole directory path leading up to that) -What should happen when an admin does - "monkeysphere-server update-users not_an_existent_user"? - currently, it adds - /etc/monkeysphere/authorized_user_ids/not_an_existent_user, which - seems rather wrong. - -is /var/cache/monkeysphere/authorized_keys/$USER.tmp guaranteed to - avoid collisions? Why not use a real mktemp file? - As an administrator, how do i reverse the effect of a "monkeysphere-server trust-keys" that i later decide i should not have run? diff --git a/doc/george/user-id-configuration b/doc/george/user-id-configuration index d42bfbd..9a7f4d2 100644 --- a/doc/george/user-id-configuration +++ b/doc/george/user-id-configuration @@ -33,13 +33,6 @@ and then modified /etc/ssh/sshd_config with: Some outstanding questions: - * why are the authorized_user_ids stored in /etc/ and not in people's - home directories? - - * why are authorized_user_ids managed with a special sub-command of - monkeysphere-server, instead of just being hand-managed files, the - way that authorized_keys are in stock openssh? - * Should we ship a scheduled monkeysphere-server update-users cron job automatically? diff --git a/src/common b/src/common index 00ee7b0..e98f1bc 100644 --- a/src/common +++ b/src/common @@ -18,10 +18,17 @@ ETC="/etc/monkeysphere" export ETC CACHE="/var/cache/monkeysphere" export CACHE +ERR=0 +export ERR ######################################################################## ### UTILITY FUNCTIONS +error() { + log "$1" + ERR=${2:-'1'} +} + failure() { echo "$1" >&2 exit ${2:-'1'} @@ -29,12 +36,12 @@ failure() { # write output to stderr log() { - echo -n "ms: " 1>&2 - echo "$@" 1>&2 + echo -n "ms: " >&2 + echo "$@" >&2 } loge() { - echo "$@" 1>&2 + echo "$@" >&2 } # cut out all comments(#) and blank lines from standard input diff --git a/src/monkeysphere-server b/src/monkeysphere-server index 154c146..a9a9aed 100755 --- a/src/monkeysphere-server +++ b/src/monkeysphere-server @@ -162,6 +162,12 @@ case $COMMAND in for uname in $unames ; do MODE="authorized_keys" + # check all specified users exist + if ! getent passwd | cut -d: -f1 | grep -q "^${uname}$" ; then + error "----- unknown user '$uname' -----" + continue + fi + # set authorized_user_ids variable, # translate ssh-style path variables authorizedUserIDs=$(translate_ssh_variables "$uname" "$AUTHORIZED_USER_IDS") @@ -201,8 +207,6 @@ case $COMMAND in log "authorized_keys file updated." done - - log "----- done. -----" ;; 'gen-key'|'g') @@ -237,3 +241,5 @@ case $COMMAND in Type '$PGRM help' for usage." ;; esac + +exit "$ERR" -- cgit v1.2.3 From c6a958a369c58ec78f380fc739d75ff465b61c6a Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Fri, 20 Jun 2008 14:00:42 -0400 Subject: touched /etc/environment on george. --- doc/george/changelog | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'doc/george') diff --git a/doc/george/changelog b/doc/george/changelog index 6dc3a29..9992aae 100644 --- a/doc/george/changelog +++ b/doc/george/changelog @@ -7,6 +7,10 @@ * changes to this system * ****************************************************************************** +2008-06-20 - dkg + * touched /etc/environment to get rid of some spurious auth.log + entries. + 2008-06-19 - dkg * installed rsync (for maintaining a public apt repo) -- cgit v1.2.3 From 9efdaab59edb2ff4454082f6a36c9dc0d90b8885 Mon Sep 17 00:00:00 2001 From: Daniel Kahn Gillmor Date: Fri, 20 Jun 2008 14:04:28 -0400 Subject: bumped up ssh logging on george. --- doc/george/changelog | 1 + 1 file changed, 1 insertion(+) (limited to 'doc/george') diff --git a/doc/george/changelog b/doc/george/changelog index 9992aae..c157cec 100644 --- a/doc/george/changelog +++ b/doc/george/changelog @@ -10,6 +10,7 @@ 2008-06-20 - dkg * touched /etc/environment to get rid of some spurious auth.log entries. + * turned up sshd's LogLevel from INFO to DEBUG 2008-06-19 - dkg * installed rsync (for maintaining a public apt repo) -- cgit v1.2.3