Core Dev?

Discussion:

Core Dev?

Ahmad Bilal

2018-12-04 00:17:20 UTC

Can anyone tell me,
Is Antoine Jacoutot a core openbsd developer?

And this is his account (not a impersonator?)
https://github.com/ajacoutot/aws-openbsd

Should I take it as a official way of running OpenBSD on AWS?

Sent with ProtonMail Secure Email.

Luis Coronado

2018-12-04 01:18:56 UTC

Permalink

What do you mean the “official way of running OpenBSD on AWS”?

-luis

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Can anyone tell me,
Is Antoine Jacoutot a core openbsd developer?
And this is his account (not a impersonator?)
https://github.com/ajacoutot/aws-openbsd
Should I take it as a official way of running OpenBSD on AWS?
Sent with ProtonMail Secure Email.
-----BEGIN PGP SIGNATURE-----
Version: ProtonMail
Comment: https://protonmail.com
wsBcBAEBCAAQBQJcBceOCRD3irc5ItUgGgAAngIIAJVEZINkE1Md0/OGKeOQ
FX9BLNsAvLsmKZUEHIV4XnyM2kGe2kK/1uxfbboYD7oK6qnekVIDxRB4KjXz
xjhdRzlRkqS50DKFgmVT5z2FN34nDgdLRq3K+vO24jpYAWVYrrrgLsZkqpHp
YfNpOU1pMraiVWKWxEm1K8sqrIraunJoXU1DeBwsRveIm9W8lQhrakOK5w/A
LP7NegSZljctRmTvLDkSwkgdR9mH18y/DFAjj+TlA3oLNB+EkKGRgBxuEddb
BgoAU+9+PSgpoAUGXeWGlp/Q0caUP7lM/VlovbBJF8l+1uEZtc1euwtw8fo/
+cxZXDiMzDbouZAvSqG/60E=
=5R2I
-----END PGP SIGNATURE-----

Consus

2018-12-04 01:21:14 UTC

Permalink

Post by Ahmad Bilal
Can anyone tell me,
Is Antoine Jacoutot a core openbsd developer?
And this is his account (not a impersonator?)
https://github.com/ajacoutot/aws-openbsd
Should I take it as a official way of running OpenBSD on AWS?
Running whatever is in this repo will propably end up destroying a kitten factory.

So probably not :)

Vijay Sankar

2018-12-04 02:40:50 UTC

Permalink

Well, (sorry if this is too much information) my kid started using
OpenBSD at a very young age due to Antoine's gCompris package 10 or more
years ago. Also, there is the very useful subscription for stable
packages at mtier.org. So unless Theo de Raadt or Antoine Jacoutot say
otherwise, I would think he is a core developer.

--
Vijay Sankar
ForeTell Technologies Limited
***@foretell.ca

Ahmad Bilal

2018-12-04 06:47:55 UTC

Permalink

Well I wrote to Theo earlier, but still haven't received a reply from him on this (Its been 4 days).

Does anyone has any suggestions for me? I want OpenBSD due to reliability and security issues. AWS is the leader in hosting market. It is only natural to expect at least a FAQ or HOW-TO from openbsd team on this topic.

Through my earlier email on this list, I found out about Antoine's github, but I'm not sure how reliable he is. It is another thing, that I don't know how to run shell script on EC2, to do what he suggests.

This is a dilemma :/

@Vijay: No need to be sorry. Its cool man. Thanks for the info.

Sent with ProtonMail Secure Email.

âââââââ Original Message âââââââ

Post by Vijay Sankar
Well, (sorry if this is too much information) my kid started using
OpenBSD at a very young age due to Antoine's gCompris package 10 or more
years ago. Also, there is the very useful subscription for stable
packages at mtier.org. So unless Theo de Raadt or Antoine Jacoutot say
otherwise, I would think he is a core developer.

--
Vijay Sankar
ForeTell Technologies Limited

Peter J. Philipp

2018-12-04 07:49:31 UTC

Permalink

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Well I wrote to Theo earlier, but still haven't received a reply from him on this (Its been 4 days).
Does anyone has any suggestions for me? I want OpenBSD due to reliability and security issues. AWS is the leader in hosting market. It is only natural to expect at least a FAQ or HOW-TO from openbsd team on this topic.
Through my earlier email on this list, I found out about Antoine's github, but I'm not sure how reliable he is. It is another thing, that I don't know how to run shell script on EC2, to do what he suggests.
This is a dilemma :/
@Vijay: No need to be sorry. Its cool man. Thanks for the info.

Hi Ahmad,

OpenBSD has in the past always provided a list of developers at the end of
the Release announcement. Please see here:

https://marc.info/?l=openbsd-announce&m=153987110101242&w=2

I see Antoine on the list. I don't know if there is a distinction between
a "core developer" and a developer, they both have @openbsd.org addresses.

Another thing you could do is hunt down commit messages in the CVS. I've
been an openbsd user for quite a long time and meeting OpenBSD devs was
sometimes surprising because I'd never dreamed that I'd run across one.

Best Regards,
-peter

Andreas Kusalananda Kähäri

2018-12-04 08:08:57 UTC

Permalink

-----BEGIN PGP SIGNED MESSAGE-----

[cut]

Post by Vijay Sankar
--
Vijay Sankar
ForeTell Technologies Limited

[cut]

An OpenBSD developer may do other things related to OpenBSD, including
developing projects that are using OpenBSD, or that are for running
OpenBSD in various settings. This does not automatically mean that
these projects are "endorsed by OpenBSD" or 100% supported. This is a
good thing, as it would otherwise severely restrict what other public
projects an OpenBSD could be working on.

Cheers,

--
Andreas Kusalananda Kähäri,
National Bioinformatics Infrastructure Sweden (NBIS),
Uppsala University, Sweden.

Janne Johansson

2018-12-04 09:52:32 UTC

Permalink

Post by Ahmad Bilal
Does anyone has any suggestions for me? I want OpenBSD due to reliability and security issues. AWS is the leader in hosting market. It is only natural to expect at least a FAQ or HOW-TO from openbsd team on this topic.

One possibility is to read up on how you create AMIs (obsd ones at
that) and make one for yourself. You are not forced to consume someone
elses AMI.

--
May the most significant bit of your life be positive.

Nick Holland

2018-12-04 13:36:04 UTC

Permalink

This post might be inappropriate. Click to display it.

Bodie

2018-12-04 18:07:03 UTC

Permalink

LOL good one ;-) So strong about security and then leaving machine in
AWS

Through my earlier email on this list, I found out about Antoine's
github, but I'm not sure how reliable he is. It is another thing, that
I don't know how to run shell script on EC2, to do what he suggests.
This is a dilemma :/
@Vijay: No need to be sorry. Its cool man. Thanks for the info.
Sent with ProtonMail Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Tuesday, December 4, 2018 8:10 AM, Vijay Sankar

--
Vijay Sankar
ForeTell Technologies Limited

Ahmad Bilal

2018-12-05 03:06:39 UTC

Permalink

@Solene: What does that have anything to do with my questions? I'm sorry if I'm missing something obvious. Please be kind to point it out for me.

@Nick: If you are saying that AWS is that bad, please provide some reasonable proof of it. What are my options otherwise? I'm not in US (rather I'm in India), so my options are quite limited.

Btw Yes, in regards to Cloud hosting, I'm aware of those drawbacks. I do not plan to keep it in the long term. Thanks for the advice btw.

@trondd: Thank you. Indeed this was my thought as well, that security is not a product, but a continuous process. Btw, your advice is well worded, I appreciate it very much.

@Bodie: Its a joy to have been of amusement to you :P

But on a serious note, as I have said to Nick above, if it is really that bad, please prove it to a short extent at least. Any alternative you may have in mind, would be well appreciated as well.

Sent with ProtonMail Secure Email.

âââââââ Original Message âââââââ

Post by Bodie

LOL good one ;-) So strong about security and then leaving machine in
AWS

Through my earlier email on this list, I found out about Antoine's
github, but I'm not sure how reliable he is. It is another thing, that
I don't know how to run shell script on EC2, to do what he suggests.
This is a dilemma :/
@Vijay: No need to be sorry. Its cool man. Thanks for the info.
Sent with ProtonMail Secure Email.
âââââââ Original Message âââââââ
On Tuesday, December 4, 2018 8:10 AM, Vijay Sankar

--
Vijay Sankar
ForeTell Technologies Limited

Theo de Raadt

2018-12-05 06:21:09 UTC

Permalink

Why are all of you wasting your own time chatting with Ahmad??

Ahmad Bilal

2018-12-05 10:21:28 UTC

Permalink

Sent with ProtonMail Secure Email.

âââââââ Original Message âââââââ

Woah! Where did that come from?
Isn't this a bit too much? Perhaps you could have just ignored it Theo?
Is it really necessary to point someone out this way? That too in a open community?
'Perhaps' I'm a guy who asked a silly question in the room (who hasn't). But that is no reason to tell everyone to stop talking to the new guy, is it?
I think each of them is capable of thinking for themselves, and made the choice of replying by there own will.
And for the record, I appreciate their efforts.
Sent from ProtonMail mobile
-------- Original Message --------

Post by Theo de Raadt
Why are all of you wasting your own time chatting with Ahmad??

Gilles Chehade

2018-12-04 08:09:40 UTC

Permalink

Well, (sorry if this is too much information) my kid started using OpenBSD
at a very young age due to Antoine's gCompris package 10 or more years ago.
Also, there is the very useful subscription for stable packages at
mtier.org. So unless Theo de Raadt or Antoine Jacoutot say otherwise, I
would think he is a core developer.

Being a core developer, whatever that means, does not mean that anything
you write automatically becomes officialy supported by OpenBSD.

That being said you should ask ajacoutot@ because he is a core developer
whatever that means :-)

--
Vijay Sankar
ForeTell Technologies Limited

--
Gilles Chehade @poolpOrg

https://www.poolp.org tip me: https://paypal.me/poolpOrg

Ahmad Bilal

2018-12-04 09:52:09 UTC

Permalink

Thanks guys. I did see a reference of his name here and there. I just wanted to make sure (and thus asked it here).

I'm sorry, if I have caused any confusion. But my concern is similar to what Andreas said.

I basically want to know if what he has on his github (regarding using openBSD on AWS) is endorsed by the OpenBSD officially?

Or in a 'semi' sense at least i.e., similar to being not well verified/tested/stable etc but works.

@Gilles: I will ask him.

Marc Espie

2018-12-04 10:44:33 UTC

Permalink

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Thanks guys. I did see a reference of his name here and there. I just wanted to make sure (and thus asked it here).

You're probably a *very* occasional user of OpenBSD.

(note that Antoine is the 2nd most prolific contributor to OpenBSD in terms
of # of commits)

Ahmad Bilal

2018-12-04 11:50:48 UTC

Permalink

@Janne: Read up where? Link please (if you are referring to anything except that github)

@Marc: Thanks for the information, but based on what you said, what would you consider as 'official' then? Just curious.

And no, I'm not on OpenBSD at all 'yet'. I was basically on CentOS for a long time. Then recently shifted to FreeBSD, and I'm considering to use OpenBSD now (and for foreseeable future)

Solene Rapenne

2018-12-04 12:57:57 UTC

Permalink

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
@Janne: Read up where? Link please (if you are referring to anything except that github)
@Marc: Thanks for the information, but based on what you said, what would you consider as 'official' then? Just curious.
And no, I'm not on OpenBSD at all 'yet'. I was basically on CentOS for a long time. Then recently shifted to FreeBSD, and I'm considering to use OpenBSD now (and for foreseeable future)

Everything on the official CVS repository is obviously official

http://cvsweb.openbsd.org/cgi-bin/cvsweb/

trondd

2018-12-04 15:13:45 UTC

Permalink

Post by Ahmad Bilal
@Marc: Thanks for the information, but based on what you said, what would
you consider as 'official' then? Just curious.

Let go of this concept. These are your systems. You're the only
official. If you want to build an AMI for AWS, you have to understand how
that process works then looking at Antoine's scripts to see if that is
what they do is trivial. If you want security, you have to know what that
means. "Offical" or not is irrelivant. You can't avoid your own due
diligence by passing that responsibility onto some imagined authority.

Post by Ahmad Bilal
And no, I'm not on OpenBSD at all 'yet'. I was basically on CentOS for a
long time. Then recently shifted to FreeBSD, and I'm considering to use
OpenBSD now (and for foreseeable future)

If you're new to OpenBSD, that's great. But that means you shouldn't be
running anything mission critical on OpenBSD if you don't know much about
it yet. In which case, experiment. Run whatever looks reasonably like it
might be good and see what it does. If it makes a mess, blow it away and
start over. Read the man pages for the commands a script runs. Ask
specific questions if it gets down in the weeds and you can't figure out
what something is doing. There is absolutly no difference in what's
"official" or not. Stuff works, and is good, or it isn't. You have to
learn the difference.

Philip Guenther

2018-12-05 03:29:31 UTC

Permalink

This post might be inappropriate. Click to display it.

Marc Espie

2018-12-05 11:11:35 UTC

Permalink

Post by Philip Guenther

Post by Marc Espie
(note that Antoine is the 2nd most prolific contributor to OpenBSD in terms
of # of commits)

Sure, Marc, but that's just because Antoine is such a high caliber mole
that 22 years and 22k commits in order to backdoor AWS systems that were
_clearly_ going to happen is completely believable.

Hush, this is going to make the headlines on lwn or phoronix or the register.

;)

Ahmad Bilal

2018-12-05 14:30:50 UTC

Permalink

On a second thought, I will just leave this matter here, before it unnecessarily escalates into a fireball.

In the end, I will just clear a few things please:

- I genuinely didn't knew much about the structure of openBSD community/team or how loved Antoine is by everyone around here in general. Nice to know it now.

- I honestly didn't intend to call him (Antoine) or anyone else for the record, bad in anyway. I think my homework was lacking, that is the issue here. But please don't bash me, for not knowing who Antoine is. You know I could still be actually Antoine himself in disguise doing a public opinion bath for himself :P (although I think, that is unbelievable at this point :D )

- I will read up about the AMIs and will then look at Antoine's github then (as someone suggested), thank you. I tried talking to him, and yes he seems like the nice guy everyone made him out to be.

- About AWS: It was not my first choice, nor did I call it a fortress anywhere. I knew about the drawbacks of the cloud, and I did heard about past breaches at AWS. In India, due to payment-option issues, a lot of services are still not available. Even AWS was not, until sometime ago, when they set-up a dedicated subsidiary to meet the regulatory requirements here. So given that my options are limited to begin with,.. in order to scratch one more out, I have to think twice.

When Nick and others pointed out that the situation is very bad (akin to using Windows Xp today), I understood that I needed to review my opinion of AWS 'properly'. But before I go on to do that, it is reasonable to ask the people who know about it that if they have some nice starting pointers.

- On that account, I will still welcome any suggestions regarding where to host my first openBSD machine securely. But please email me privately. It would be very kind of you (and helpful!).

- Finally, I came here (to openBSD mailing lists) with a good opinion of what you guys (and gals) have created and continue to maintain. And I still continue to think good about everyone here. Thanks for the help everyone, and my apologies, if the slight silly nature of my query was not even enough for a chuckle.

Peace or Salaam to everyone.

Ahmad

Marc Espie

2018-12-05 15:20:27 UTC

Permalink

Post by Ahmad Bilal
- I honestly didn't intend to call him (Antoine) or anyone else for the record, bad in anyway. I think my homework was lacking, that is the issue here. But please don't bash me, for not knowing who Antoine is. You know I could still be actually Antoine himself in disguise doing a public opinion bath for himself :P (although I think, that is unbelievable at this point :D )

Even though Antoine has some past as an actor, there's no way he would
write English in the same style that you do.

There's something about having worked with someone for years, you can
actually identify them with near certainty in their writings, and it takes
a lot of skill to disguise your penmanship.

Marc Espie

2018-12-04 10:42:57 UTC

Permalink

There are lots of misconceptions in that email.

There is no core team in OpenBSD. Only developers. Most with commit
access.

Antoine is a long-time OpenBSD developer. He wrote a lot of things.
Most of them in cooperation with other people, because he's really good
at working with others.

This appears to by Antoine's github account, yes.

This work is separate from the OpenBSD project.

It's likely it might work.

It isn't official in any capacity.