Re: I *think* I found the apache2 docs, but it's in .html andIcannotgetfirefox to access it using "file:"+ /path/to/filedir
> On 23 Jun 2022, at 01:46, gene heskett <gheskett@shentel.net> wrote:
>
> On 6/22/22 19:39, Gareth Evans wrote:
>>> On Wed 22 Jun 2022, at 22:42, gene heskett <gheskett@shentel.net> wrote:
>>> On 6/22/22 16:51, Gareth Evans wrote:
>>>> On Wed 22 Jun 2022, at 21:16, gene heskett <gheskett@shentel.net> wrote:
>>>>> On 6/22/22 10:45, Gareth Evans wrote:
>>>>> [and I sniped a few kilobytes of.]
>>>>>
>>>>> I think I've got it, but I did find what may be a bug in mod auth_plain.
>>>>>
>>>>> Its asking for a username and pw, but nothing seems to satisfy it
>>>> I didn't see you had replied before sending my previous message, please ignore.
>>>>
>>>> Can't find anything about mod_auth_plain but if you mean mod_auth_basic this requires usernames/passwords to be set up, not looking at /etc/passwd
>>>>
>>>> https://www.howtogeek.com/devops/how-to-setup-basic-http-authentication-on-apache/
>>>>
>>>> This also has a link to setting up LetsEncrypt.
>>>>
>>>>> , so
>>>>> I disabled it, no man page hat I can find, and now its showing me
>>>>> the directory I want as the root of this server, with one subdir
>>>>> I can click on, and the first file I put there.
>>>>>
>>>>> However I need to compose an explanatory README to go with it as
>>>>> I had to invent my own method of installing it on a u-booting rpi. Its a
>>>>> preempt-rt kernel needed to run the armhf version of linuxcnc from
>>>>> the buildbot. I run the bleeding edge development version on all 4
>>>>> of my machines I've built or rebuilt. I play the part of the caged
>>>>> canary in the coal mine, checking for showstoppers as development
>>>>> is ongoing and has been since the net arrived. Its a NIST project, re-
>>>>> done in gpl and was once on the no export list. See at linuxcnc.org.
>>>>>
>>>>> So the plain text version is working and you should be able to see it at
>>>>> <http:6309/geneslinuxbox.net> (or something like that)
>>>> Yes.
>>> Good, so I'll quit tinkering for today.
>>>>> That file in the armhf subdir is just under 30 megabytes, so if paying
>>>>> for the bandwidth, don't click on it.
>>>>>
>>>>> Making progress, I think, Thanks Gareth.
>>>>>
>>>>> However, if there is a way to implement a OTP so I can keep track of the
>>>>> users,
>>>>> I could use some help with that as long as I don't setup a universal pw
>>>>> the bots
>>>>> can use. What I'd like is a true OTP with a 2 week lifetime. Can that
>>>>> be done?
>>>> I see there are various offerings (web search for "apache otp") but there doesn't seem to be an official offering.
> I haven't done that DDG search, preferring to rely more on the real users experience.
> The idea being that if the bot figures its worth in, and has his master ask for a OTP,
> the 1 or 2 week expiry would eventually run them off. I figure that the botmasters
> patience would be used up and I would get blacklisted, based on TANSTAAFL.
>
> They aren't using much bandwidth now, and despite the weird port #, several of them
> have already started looking at me.
>
> I know of two others working on machines to be run by rpi4's, using my kernel cuz
> the foundation would never approve, but all the other machines are being worked on,
> I think I am the only one on the planet actually doing it. And I did it first with a rpi3b
> but its tongue was dragging on the floor doing it. The rpi4b can run the machine while building
> the next git pull of linuxcnc. A huge difference in the efficiency between that and a wintel box..
>
> With linuxcnc not running, or with it running but F2 toggled off. power draw for the pi,
> interfacing and its lcd monitor is about 22 watts. Those machines running on wintel
> boxes are drawing over 200 watts each with the machine powered down.
>
>> OK, but I mean do the non-robots.txt-compliant bots actually try to submit passwords?
>
> If enough of us do it in self defense, I look for then to grow the code to do it.
> I don't object to them indexing my site, but on a 10 megabit cable connection,
> they use up all my upload bw on a 24/7 basis when they try to mirror it. That in
> my lookup table, is a DDS. So them and the camel that rode in on them can be
> told to go to hell but I won't waste time using flowery words like our senator Bird
> was so famously fond of using. He could tell you to go to hell and do it in such
> flowery language that you looked forward to the trip.
OK. That's not something I can help with from scratch, but I will watch with interest for further discussion.
Best wishes,
G
>> I was wondering why you are interested in OTP/scheduled password regeneration for this use case, and whether a simple (or not so simple) password may be sufficient for bandwidth preservation purposes.
>>
>> Thanks
>> G
>>
>> I think its called netfilter now, so I expect I better find out how to
>> use it.
>>
>> In the meantime, a man page for robots.txt would be nice but I expect
>> DDG can find that..
>>>> Best wishes,
>>>> Gareth
>>> Take care and stay well.
>>>
> Cheers, Gene Heskett.
> --
> "There are four boxes to be used in defense of liberty:
> soap, ballot, jury, and ammo. Please use in that order."
> -Ed Howdershelt (Author, 1940)
> If we desire respect for the law, we must first make the law respectable.
> - Louis D. Brandeis
>
Reply to: