Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <20130920224751.GB19429@openwall.com>
Date: Sat, 21 Sep 2013 02:47:51 +0400
From: Solar Designer <solar@...nwall.com>
To: owl-users@...ts.openwall.com
Subject: Re: Owl 3.0 and Virtual Machine Setup?

On Thu, Sep 19, 2013 at 04:58:40AM -0400, Jeffrey Walton wrote:
> I don't have bare metal, so I'm concerned about performance: Mac OS X
> running a Linux kernel running an OpenVZ virtual machine (am I reading
> this right: http://openvz.org/Main_Page?). One virtual machine
> stresses this MacBook (8 Cores with 8GB RAM), and two drops it to its
> knees because of disk bottlenecks.

OpenVZ has practically no performance overhead.  It is not a virtual
machine, but is container-based virtualization within the same kernel.
We're always running an OpenVZ-enabled kernel anyway.

> Would you happen to know how to start the dhcp client?

You might be surprised and disappointed, but we do not officially
provide a DHCP client in Owl.  (We do provide a DHCP server, though.)
This is something we've been meaning to change (for use cases such as
yours), by introducing a properly privilege-separated DHCP client, but
haven't gotten around to doing yet.

For now, build of a DHCP client may be enabled in the dhcp.spec file by
changing the 0 to 1 here:

# We do not officially support the DHCP client because it is rather
# complicated, yet it runs entirely as root, which we find an
# unacceptable and unjustified security risk.  If you enable this
# setting, then you're essentially running your own revision of this
# package, and you're on your own with possible vulnerabilities.
%define BUILD_DHCP_CLIENT 0

Of course, for this you need to setup a proper /usr/src/world first,
with the Owl source tree.  The sources are present in there on our ISOs,
but are not automatically copied to an installed system.

> I don't have a network connection at the moment.

Another approach is to configure a static IP address.  This is what I
do when running Owl in QEMU.  Of course, you need to also configure your
VMware accordingly (I am not familiar with this, sorry).

If you can get VMware to "route" a private netblock to the VM, then
you'd be able to assign such IP addresses not only to your Owl "host
system", but also to OpenVZ containers, and to SSH in to them
individually from your Mac.

Alexander

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.