[03:30:06] 6Labs: Delete tool labs project "commonstools" - https://phabricator.wikimedia.org/T99868#1300678 (10Fastily) 3NEW [03:54:02] PROBLEM - Puppet failure on tools-exec-1407 is CRITICAL 60.00% of data above the critical threshold [0.0] [04:19:01] RECOVERY - Puppet failure on tools-exec-1407 is OK Less than 1.00% above the threshold [0.0] [06:18:16] 6Labs, 3ToolLabs-Goals-Q4: Investigate kernel issues on labvirt** hosts - https://phabricator.wikimedia.org/T99738#1300775 (10yuvipanda) Moritz pointed out that labvirt1005 doesn't have any instances running so we could do this there. [06:18:35] 6Labs, 6operations, 3ToolLabs-Goals-Q4: Investigate kernel issues on labvirt** hosts - https://phabricator.wikimedia.org/T99738#1300776 (10yuvipanda) [06:23:09] 6Labs, 6operations, 3ToolLabs-Goals-Q4: Investigate kernel issues on labvirt** hosts - https://phabricator.wikimedia.org/T99738#1300793 (10yuvipanda) (labvirt1005 is empty because of T97521 - it hasn't been repooled yet) [06:44:09] PROBLEM - Puppet failure on tools-submit is CRITICAL 33.33% of data above the critical threshold [0.0] [07:09:13] RECOVERY - Puppet failure on tools-submit is OK Less than 1.00% above the threshold [0.0] [08:27:07] PROBLEM - Puppet failure on tools-exec-1212 is CRITICAL 33.33% of data above the critical threshold [0.0] [08:27:21] PROBLEM - Puppet failure on tools-exec-1216 is CRITICAL 44.44% of data above the critical threshold [0.0] [08:27:23] PROBLEM - Puppet failure on tools-exec-1201 is CRITICAL 40.00% of data above the critical threshold [0.0] [08:27:49] PROBLEM - Puppet failure on tools-exec-1203 is CRITICAL 50.00% of data above the critical threshold [0.0] [08:28:31] PROBLEM - Puppet failure on tools-webgrid-lighttpd-1209 is CRITICAL 30.00% of data above the critical threshold [0.0] [08:28:33] PROBLEM - Puppet failure on tools-webgrid-lighttpd-1207 is CRITICAL 40.00% of data above the critical threshold [0.0] [08:28:40] PROBLEM - Puppet failure on tools-exec-1213 is CRITICAL 40.00% of data above the critical threshold [0.0] [08:30:10] PROBLEM - Puppet failure on tools-webgrid-lighttpd-1208 is CRITICAL 44.44% of data above the critical threshold [0.0] [08:30:17] PROBLEM - Puppet failure on tools-exec-1218 is CRITICAL 55.56% of data above the critical threshold [0.0] [08:30:31] PROBLEM - Puppet failure on tools-exec-wmt is CRITICAL 20.00% of data above the critical threshold [0.0] [08:31:21] PROBLEM - Puppet failure on tools-exec-1211 is CRITICAL 60.00% of data above the critical threshold [0.0] [08:31:21] PROBLEM - Puppet failure on tools-webgrid-lighttpd-1202 is CRITICAL 44.44% of data above the critical threshold [0.0] [08:31:27] PROBLEM - Puppet failure on tools-exec-1206 is CRITICAL 40.00% of data above the critical threshold [0.0] [08:31:36] PROBLEM - Puppet failure on tools-master is CRITICAL 30.00% of data above the critical threshold [0.0] [08:31:50] PROBLEM - Puppet failure on tools-mail is CRITICAL 20.00% of data above the critical threshold [0.0] [08:31:56] PROBLEM - Puppet failure on tools-mailrelay-01 is CRITICAL 30.00% of data above the critical threshold [0.0] [08:32:42] PROBLEM - Puppet failure on tools-webgrid-lighttpd-1205 is CRITICAL 30.00% of data above the critical threshold [0.0] [08:33:08] PROBLEM - Puppet failure on tools-exec-1210 is CRITICAL 44.44% of data above the critical threshold [0.0] [08:33:24] PROBLEM - Puppet failure on tools-webgrid-lighttpd-1201 is CRITICAL 55.56% of data above the critical threshold [0.0] [08:33:42] PROBLEM - Puppet failure on tools-exec-1202 is CRITICAL 40.00% of data above the critical threshold [0.0] [08:34:46] PROBLEM - Puppet failure on tools-exec-1208 is CRITICAL 40.00% of data above the critical threshold [0.0] [08:34:50] PROBLEM - Puppet failure on tools-webgrid-lighttpd-1203 is CRITICAL 20.00% of data above the critical threshold [0.0] [08:38:32] PROBLEM - Puppet failure on tools-exec-1215 is CRITICAL 60.00% of data above the critical threshold [0.0] [08:39:18] PROBLEM - Puppet failure on tools-shadow is CRITICAL 20.00% of data above the critical threshold [0.0] [08:39:58] PROBLEM - Puppet failure on tools-exec-1209 is CRITICAL 50.00% of data above the critical threshold [0.0] [08:40:08] PROBLEM - Puppet failure on tools-exec-1204 is CRITICAL 33.33% of data above the critical threshold [0.0] [08:40:45] PROBLEM - Puppet failure on tools-exec-1207 is CRITICAL 50.00% of data above the critical threshold [0.0] [08:41:17] PROBLEM - Puppet failure on tools-exec-1205 is CRITICAL 22.22% of data above the critical threshold [0.0] [08:41:33] PROBLEM - Puppet failure on tools-webgrid-lighttpd-1206 is CRITICAL 20.00% of data above the critical threshold [0.0] [08:43:01] PROBLEM - Puppet failure on tools-exec-1219 is CRITICAL 20.00% of data above the critical threshold [0.0] [08:43:21] PROBLEM - Puppet failure on tools-webgrid-lighttpd-1210 is CRITICAL 55.56% of data above the critical threshold [0.0] [08:44:21] PROBLEM - Puppet failure on tools-exec-cyberbot is CRITICAL 22.22% of data above the critical threshold [0.0] [08:44:39] PROBLEM - Puppet failure on tools-precise-dev is CRITICAL 40.00% of data above the critical threshold [0.0] [08:45:04] PROBLEM - Puppet failure on tools-exec-1217 is CRITICAL 55.56% of data above the critical threshold [0.0] [08:45:10] PROBLEM - Puppet failure on tools-submit is CRITICAL 55.56% of data above the critical threshold [0.0] [08:46:00] PROBLEM - Puppet failure on tools-exec-1214 is CRITICAL 50.00% of data above the critical threshold [0.0] [08:46:01] PROBLEM - Puppet failure on tools-webgrid-lighttpd-1204 is CRITICAL 60.00% of data above the critical threshold [0.0] [08:55:40] 6Labs: Fix monitor_labs_salt_keys.py to handle the new labs naming scheme - https://phabricator.wikimedia.org/T95481#1300894 (10Andrew) Yes and no. I'm trying to eliminate use of the ec2 ID. So, for example, my instance util-abogott used to have a salt key of 'i-000000ee.eqiad.wmflabs'; now it uses 'i-000000ee.... [08:57:28] 6Labs, 6operations, 3ToolLabs-Goals-Q4: Investigate kernel issues on labvirt** hosts - https://phabricator.wikimedia.org/T99738#1300898 (10Andrew) yep, we can do this on labvirt1005 at any time. We can cold-migrate some test instances there to test the suspend/resume issue. Well, ok, actually, let's make s... [08:58:22] 6Labs, 6operations, 3ToolLabs-Goals-Q4: Investigate kernel issues on labvirt** hosts - https://phabricator.wikimedia.org/T99738#1300899 (10Andrew) And, btw, there's no short-term plan to repool labvirt1005 -- we've always planned to keep a server empty as a backup, and since labvirt1005 was down during the m... [09:37:24] RECOVERY - Puppet failure on tools-exec-1201 is OK Less than 1.00% above the threshold [0.0] [10:11:21] RECOVERY - Puppet failure on tools-exec-1205 is OK Less than 1.00% above the threshold [0.0] [10:12:49] RECOVERY - Puppet failure on tools-exec-1203 is OK Less than 1.00% above the threshold [0.0] [10:21:25] RECOVERY - Puppet failure on tools-exec-1206 is OK Less than 1.00% above the threshold [0.0] [10:30:11] RECOVERY - Puppet failure on tools-exec-1204 is OK Less than 1.00% above the threshold [0.0] [12:04:45] RECOVERY - Puppet failure on tools-exec-1208 is OK Less than 1.00% above the threshold [0.0] [12:05:45] RECOVERY - Puppet failure on tools-exec-1207 is OK Less than 1.00% above the threshold [0.0] [12:11:01] RECOVERY - Puppet failure on tools-exec-1214 is OK Less than 1.00% above the threshold [0.0] [12:12:22] RECOVERY - Puppet failure on tools-exec-1216 is OK Less than 1.00% above the threshold [0.0] [12:13:42] RECOVERY - Puppet failure on tools-exec-1213 is OK Less than 1.00% above the threshold [0.0] [12:16:16] RECOVERY - Puppet failure on tools-exec-1211 is OK Less than 1.00% above the threshold [0.0] [12:17:06] RECOVERY - Puppet failure on tools-exec-1212 is OK Less than 1.00% above the threshold [0.0] [12:18:06] RECOVERY - Puppet failure on tools-exec-1210 is OK Less than 1.00% above the threshold [0.0] [12:23:33] RECOVERY - Puppet failure on tools-exec-1215 is OK Less than 1.00% above the threshold [0.0] [12:25:03] RECOVERY - Puppet failure on tools-exec-1209 is OK Less than 1.00% above the threshold [0.0] [12:30:03] RECOVERY - Puppet failure on tools-exec-1217 is OK Less than 1.00% above the threshold [0.0] [12:32:58] RECOVERY - Puppet failure on tools-exec-1219 is OK Less than 1.00% above the threshold [0.0] [12:40:14] RECOVERY - Puppet failure on tools-exec-1218 is OK Less than 1.00% above the threshold [0.0] [14:30:38] hi [14:30:42] i need some help [14:31:00] I have been trying to setup language tool server on tools labs. [14:31:17] unsuccessfully [14:31:54] Here are some doubts I have : [14:32:08] 1. what is portgrabber and what does it do? [14:32:53] 2. This one is pretty basic, let's say i set the server up, where do I access it? [14:33:12] 3. If it is running as a service, does it have an ip associated with it? [14:33:28] Basically to test if it is running or not, what ip and port do I test? [14:34:03] also, I haven't figured out the tools labs yet. I mean I can set it up and follow the instructions on the wiki, but I don't get how it works. [14:34:15] For instance when say I become [14:34:20] what am I doing exactly [14:35:08] or if i start webservice, what happens? (apart from the toolset being up) [14:35:17] what changes is it making to the system and where? [17:31:11] ankita-ks: what are you trying to do? [17:49:03] PROBLEM - Puppet failure on tools-webgrid-lighttpd-1410 is CRITICAL 25.00% of data above the critical threshold [0.0] [18:02:21] When qstat shows a line with status "Eqw", I assume the "E" stands for "Error", but how to find out what caused the problem? [18:05:42] russblau: try qstat -j jobid [18:05:54] if you have the ID [18:06:07] supposedly that shows an "error reason" [18:06:55] "Eqw means is that the queue is in error state, thats the E, and is in queue wait, thats the qw." [18:07:20] thanks, but output of that isn't very helpful; is the whole grid having problems? [18:08:11] error reason 1: 05/21/2015 17:59:16 [51290:13568]: execvlp(/var/spool/gridengine/execd/tools-webgrid-lighttpd-1201/j [18:11:28] russblau: sorry, i dont know, but it seems like it then [18:17:42] * yuvipanda waves [18:19:03] RECOVERY - Puppet failure on tools-webgrid-lighttpd-1410 is OK Less than 1.00% above the threshold [0.0] [18:20:56] cannot connect to labsdb via mysql workbench [18:21:16] this is the error message: incompatible ssh peer no acceptable hex algorithm [18:21:28] this has worked fine before [18:22:13] russblau: yuvipanda: < shinken-wm> RECOVERY - Puppet failure on tools-webgrid-lighttpd-1410 is OK [18:22:21] ^ that sounds like it might be better now [18:22:54] but not sure about tools-webgrid-lighttpd-1201 vs. tools-webgrid-lighttpd-1410 [18:23:12] hello? [18:23:48] Superyetkin: is it "kex" instead of hex? [18:24:07] yes, sorry [18:24:12] that is indeed a recent change to ssh config for security [18:24:31] would there maybe be a newer version of the software you use? [18:24:40] it sounds a bit outdated [18:25:01] yes, it is an old version because I am on Windows XP SP3 [18:25:13] cannot upgrade my OS for now [18:25:16] Superyetkin: any chance you can upgrade? the old ciphers are kind of insecure [18:25:25] hmm [18:26:01] well, it's hard to find a balance between supporting all clients and a secure config [18:26:18] XP is really end of life [18:26:31] according to Microsoft, yes [18:26:35] for me, a huge NO [18:26:41] this is my work computer [18:26:48] just saying there are going to be more of these problems [18:27:14] I am using MySQL Workbench 5.2.46 [18:27:15] do you have any settings in the app that can influence the ciphers used ? [18:27:35] and XP SP3 does not support newer versions, as far as I know [18:28:05] I do not know the innerworking of the software [18:29:16] Betacommand : I am trying to run an http server on tools labs. : http://wiki.languagetool.org/http-server [18:29:54] Superyetkin: if you are looking to just run sql queries - try quarry.wmflabs.org [18:30:20] no, I have a local database on labs [18:30:38] Superyetkin: it's similar to this bug http://bugs.mysql.com/bug.php?id=51405 just newer.. looking [18:31:04] I was using the labs for the needs of trwiki [18:31:09] I am a tool developer [18:31:16] Superyetkin: I'm getting the same error with debian and mysql workbench 6.3.3.0: https://dpaste.de/vWv0 [18:31:19] http://tools.wmflabs.org/superyetkin/index.html [18:31:47] https://bugs.mysql.com/bug.php?id=74658 seems to be recent enough [18:32:21] i have the same problem "ssh_dispatch_run_fatal: no matching MAC found" can sb. post me the list of supported MACs [18:32:30] sitic: thank you, that's it [18:33:11] no solution for me? [18:33:23] Merlissimo: on jessie or trusty: [18:33:26] MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@openssh.com,hmac-sha2- [18:33:28] this is frustrating... [18:33:29] 512,hmac-sha2-256,umac-128@openssh.com [18:33:39] on precise: MACs hmac-sha2-512,hmac-sha2-256 [18:35:11] here are the relevant changes: [18:35:21] https://gerrit.wikimedia.org/r/#/c/185329 [18:35:39] https://gerrit.wikimedia.org/r/#/c/185321/ [18:36:20] Superyetkin: not an easy one unless mysql workbench fixes it or we have to revert it for everything [18:37:09] why on earth can you apply such disastrous changes without informing anyone? [18:37:34] thx mutante [18:37:34] I am watcing the wikimedia lists and cannot se any notification at all [18:37:38] this is really bad [18:38:45] WHO needed this change? [18:38:53] WHO applied it? [18:38:57] WHO discussed it? [18:39:03] Superyetkin: http://stribika.github.io/2015/01/04/secure-secure-shell.html [18:39:04] WHERE is the community? [18:39:17] really frsutrating... [18:39:25] lost hours [18:39:50] it was in code review for a long time and reviewed by several peers [18:39:50] this is not the right way to do it [18:40:07] Superyetkin: it's really hard to achieve both goals at the same time, security and supporting all clients that exist [18:40:33] it's an improvement for most , unfortunately it affects a few [18:40:42] we are definitely discussing this and can open a bug [18:41:16] bad, man [18:41:37] this is not what Wikimedia is tring to achieve... [18:41:48] I am an active sysop and tool developer on trwiki [18:42:05] I am devoting a reasonable time for the project, [18:42:46] and one day, I come back and see what? CANNOT connect to the database I had been using for months... [18:42:50] really frustrating [18:43:03] i understand, but there must be some kind of balance, we cant just support any client until the end of time, it would make it very insecure [18:43:27] we are not just ignoring it [18:43:34] I am not expecting for you to support ALL clients [18:44:41] ok, thanks for the explanation [18:44:51] I will try to live with this hard fact [18:45:04] do not ever rely one anybody... [18:45:10] THANKS [18:45:25] Superyetkin: maybe you could just give us a little time? we are talking about it [18:45:36] also going to open a bug [18:45:55] opening a bug will not help [18:46:05] this needs to be reverted [18:46:19] I am only one of those developers affected [18:46:28] you cannot know the real impact of it [18:46:30] never [18:46:50] not without a bug, right [18:46:55] it's a security enhancement that's meant to help protect you/us. there was unpredicted fallout with ancient/broken clients that are apparently common [18:47:07] why don't you relax, have a drink, and let us discuss the fallout for a few minutes :P [18:47:28] bblack, you are not right [18:47:50] man, this is a serious issue [18:48:02] so is everything we do, all day, every day [18:48:02] and I can see therei is no community consensus behind that [18:48:17] if we got community consensus on every patch, we'd never get anything done. [18:48:45] you MUST seek community consensus for this type of things [18:48:46] relax, we'll sort things out. filling a screen with ranting doesn't help. we're Aware [18:49:09] relaxed than ever now [18:49:19] but this is not good news... [18:49:52] at least, there should have been a notification somewhere [18:50:06] this was working last week [18:50:09] oh my god... [18:59:13] Superyetkin: can you check if putty works? [19:02:17] yes, putty works fine [19:03:20] alright, so it's basically just old versions of mysqlbench that are problematic [19:03:53] that is a huge problem [19:04:09] you cannot force people to upgrade! [19:04:16] alright, so calm down [19:04:28] freaking out isn't going to have you help people [19:04:41] man, watch your words [19:04:46] what? [19:05:03] I just mentioned a serious issue here [19:05:15] so, do not take it for granted [19:05:24] that is important [19:05:27] understand? [19:06:01] We're looking at a broader scope here. We have very few users reporting about clients broken by this change, which upgrades security for many many other clients. This was a broad change that runs through all of our production access, etc. [19:06:02] I am just telling you a system working last week is BROKEN now [19:06:05] understand that? [19:06:32] Superyetkin: you need to be calmer and more respectful if you want to be helped. We are working on a way to restore access [19:06:37] the broken case is the vast minority. the reason it's broken is primarily that the client in question is ancient, and there is a workaround using putty for a more up-to-date tunnel implementation. [19:06:39] also, this probably wasn't working last week [19:06:47] Superyetkin: are you sure this has been broken for only a week? [19:06:57] bblack: mutante that change was merged a longer time ago, not last week [19:07:14] panda, this WAS working last week [19:07:19] the mac/kex changes were just today [19:07:31] aaah, I see [19:07:35] so this isn't the ciphersuite changes [19:07:39] right [19:07:42] fair enough [19:08:09] no easy workaround for this [19:08:15] putty does not help me at all [19:08:17] now we just need to find a windows machine to document the putty workaround [19:08:29] I prefer Workbench for its GUI [19:08:48] without that, no way to actually visualize and design smart queries [19:09:23] putty works, so what? [19:09:27] well, I think someone's putting together an email on the putty workaround [19:09:31] it is irrelevant [19:09:32] no, you can use putty to setup an ssh tunnel [19:09:36] the idea is you can use putty as the tunnel access for the workbench GUI [19:09:37] and then point mysql workbench to it [19:09:51] without pagent? [19:09:52] http://realprogrammers.com/how_to/set_up_an_ssh_tunnel_with_putty.html [19:09:56] be more specific [19:10:08] ^ that, plus some specific instructions on modifying your workbench config to use that tunnel endpoint, basically. [19:10:17] but none of us have XP to test/write the specific instructions out [19:10:32] what needs to be done exactly? [19:10:38] and a lot of us are in flights or getting on flights, and most of our windows documentation is historically from volunteers [19:11:30] hmm [19:11:39] anyway I'm filing a bug [19:12:07] do you know how the putty can be configured to allow that? [19:13:50] 6Labs: Document PuTTY based tunneling workaround for accessing labsdb via ancient MySQLBench versions - https://phabricator.wikimedia.org/T99942#1302301 (10yuvipanda) 3NEW [19:13:56] ^ there we go [19:14:06] Superyetkin: there's a link in that bug, same link bblack pasted a while ago [19:14:44] basically you want to set up the tunnel as documented there, then not use the SSH Tunnel stuff in MySQLBench, instead have it connect directly to localhost:3306, which is the local end of the PuTTY tunnel. [19:15:01] (not use the built-in tunnel stuff in mysqlbench, I mean) [19:16:35] use pagent anyway? [19:16:58] 6Labs: Document PuTTY based tunneling workaround for accessing labsdb via older MySQLBench versions - https://phabricator.wikimedia.org/T99942#1302319 (10yuvipanda) [19:19:06] I am also using WinSCP [19:19:20] any chance we can use the SSH config for that? [19:19:28] Coren: on the ubuntu versioning, the ~ sorts before everything else -- I think so one can do 1.4~rc1 etc [19:20:00] valhallasw: are you on Windows? :) [19:20:04] yuvipanda: yes [19:20:30] Superyetkin: is having ssh issues on windows, do you think you can help? (https://phabricator.wikimedia.org/T99942) [19:20:57] valhallasw: ^ [19:21:23] gotta run, packing and then have to trek all the way to the airport [19:21:43] yuvipanda: I think your suggestions there are sane? [19:21:45] what is your destination? [19:21:59] upgrade mysql workbench, if that doesn't work, hit mysql workbench with a hammer and tunnel manually with putty [19:22:39] I think you have to go with the putty tunnel, I think even the latest mysql binary releases for windows still use an outdated paramiko (which is the bundled ssh tunnel implementation) [19:22:50] at least, that's how the bug reports read for mysql users complaining. [19:22:55] if it's paramiko, it might be possible to upgrade it manually [19:23:38] this was the relevant upstream mysql bug: https://bugs.mysql.com/bug.php?id=74658 [19:23:42] 'create an oracle account' [19:23:46] *look of disapproval* [19:24:01] oh wait, there's a skip registration button [19:27:28] 6Labs: Document PuTTY based tunneling workaround for accessing labsdb via older MySQLBench versions - https://phabricator.wikimedia.org/T99942#1302377 (10valhallasw) Apparently an issue with older Paramiko versions. Possible workaround: - download a more recent paramiko, e.g. https://github.com/paramiko/parami... [19:33:13] just mailed labs-l with details re: sshd [19:37:53] mutante: err, shouldn't https://gerrit.wikimedia.org/r/#/c/199936/ come with a change to make sure bastions can still do agent forwarding? [19:38:02] 10Tool-Labs: (Some) Precise grid jobs seem to be failing - https://phabricator.wikimedia.org/T99946#1302404 (10scfc) 3NEW [19:39:25] valhallasw: ideally no, everybody would just use ProxyCommand for everything [19:40:06] mutante: that's not realistic for multi-hop situations [19:40:22] but those could be solved by HBA instead [19:40:28] valhallasw: there is the keyholder thing [19:40:42] ehm.. wait [19:41:14] 08:57 < ori> for scap, there is an ssh-agent on tin armed with a deploy key that is owned by root, and an ssh-agent-proxy instance that is g+rw for deployers and which allows deployers to use the deployment key [19:41:18] 08:57 < ori> it has worked very well [19:41:31] typical situation: someone is logged in to tools-login and needs to connect to tools-exec-something to read a log file. Blocking forwarding means they need to open a new putty, configure the right proxy command, log in, etc [19:41:40] instead of typing 'ssh tools-exec-1201' [19:42:53] forwarding to tools-login is scary [19:43:12] it's also the only thing that works [19:43:22] so many opportunities for a local priv exploit to harvest agents [19:44:47] valhallasw: so i just type "ssh instancename" for that and jump via the bastion with ProxyCommand. i believe the equivalent is plink.exe ? [19:45:02] http://fixunix.com/ssh/74073-putty-proxycommand.html [19:45:06] there is no equivalent on windows [19:45:08] yes, you can do it [19:45:09] it's a PITA [19:45:24] and you can't do a simple "do this for all hosts that end with .eqiad" [19:46:14] *nod*, point taken. at least would need good docs for windows users what to do [19:46:16] and if it requires plink, that categorizes as 'impossible' rather than 'a pita' [19:46:56] cygwin .. but i get it [19:47:11] cygwin also borders on impossible :P [19:47:17] it's not a realistic solution [19:47:27] 10Tool-Labs: (Some) Precise grid jobs seem to be failing - https://phabricator.wikimedia.org/T99946#1302428 (10yuvipanda) Related to the gridengine upgrade @coren did on precise hosts earlier? [19:47:30] https://www.ibm.com/developerworks/community/blogs/Dougclectica/entry/ssh_key_authentication_with_putty_part_2_tunneling_with_plink12?lang=en [19:48:16] yes. and you have to do that again for *every host you want to connect to* [19:49:33] at least only once since you can save a profile [19:50:32] but yea, not planning to merge it soon [20:10:03] PROBLEM - Puppet failure on tools-webgrid-lighttpd-1410 is CRITICAL 30.00% of data above the critical threshold [0.0] [20:40:02] RECOVERY - Puppet failure on tools-webgrid-lighttpd-1410 is OK Less than 1.00% above the threshold [0.0] [22:16:47] I can't get into my account on Labs [22:17:14] My client says Key exchanged failed. [22:18:38] Hello? [22:20:02] Coren, ^ [22:21:11] legoktm, ^ [22:21:18] Cyberpower678: could be you're using an ancient SSH client [22:21:32] Umm no. I got in this morning. [22:22:13] valhallasw, ^ [22:23:13] Cyberpower678: dunno, could be related to https://gerrit.wikimedia.org/r/#/c/185321/ [22:23:42] what client are you using? [22:23:47] Smart FTP [22:23:52] My solution to everything. [22:25:29] valhallasw, ^ [22:25:40] Cyberpower678: putty is working for me, so I'm inclined to say it's smartftp. I don't have time to look at it now, though, as it's half past midnight [22:25:56] Cyberpower678: https://lists.wikimedia.org/pipermail/labs-l/2015-May/003730.html [22:26:12] sorry about that, yea, that is a recent change [22:26:27] Cyberpower678: Try to see if smartftp can generate verbose logs, and check those for more detailed info [22:27:29] /facedesk I'm really starting to hate labs. [22:28:02] I think smartFTP uses NIST [22:30:54] I'm about 3 clicks away from placing a retired banner on my userpage. [22:40:38] needs help with the first 2 clicks? :D [22:41:51] Labs is supposed to make a volunteer's life easier when providing tools and bots, not have them jumpt through hoops and loops to do what they could've done 10 times as fast on toolserver. [22:44:33] valhallasw, SmartFTP does the following key exchange methods [22:44:35] Key Exchange Methods [22:44:35] �diffie-hellman-group-exchange-sha256 [22:44:35] �diffie-hellman-group-exchange-sha1 [22:44:35] �diffie-hellman-group14-sha1 [22:44:35] �diffie-hellman-group1-sha1 [22:44:36] �ecdh-sha2-nistp256 [22:44:38] �ecdh-sha2-nistp384 [22:44:40] �ecdh-sha2-nistp521 [22:44:42] �curve25519-sha256@libssh.org