Location: NodeLuckyLab
Date and Time: Wednesday, November 30, 2016, 6:30-8:00 p.m.
Scribe: You
Roll Call: RussellSenior,JasonBergstrom,SteveTree,MatthewKlug,TedBrunner

Agenda

• OpenVPN reconfiguration and (temporary?) relocation, drei is now terminated at the Seattle POP again after terminating in Fremont for several days.

• OpenVPN problem in LEDE, /etc/init.d/network restart kills the openvpn connection (discovered at NodeLuckyLab) ... fix possibly on the way.

• ArchLinux discovery: when pacman -Syu updates the kernel, it removes the old one with modules, meaning modprobing fails until you reboot. it's possible to downgrade with, e.g.: pacman -U /var/cache/pacman/pkg/linux-4.6.2-1-x86_64.pkg.tar.xz to recover the modules, as long as you haven't cleaned the package archive.

• Ssh changes?
• Recap on successful PC Engines group order
• Node notes:

  • NodeFirstUnitarian -- still looking to possibly extend network to nearby balcony

  • NodeUglyMug -- made contact with an owner, collected the router on 11/29. R.I.P. NodeUglyMug

  • NodeWhet -- adding a new AP for node host, reconfiguring from non-traditional configuration.

  • NodeSechzig -- still need to submit an invoice to be reimbursed for node hardware -- Russell

• This is the final meeting of 2016. Regular meetings will return on January 4, 2017. Happy holidays!

• <add your item here>

Notes

• OpenVPN reconfigured, to point to drei, tunnel also now has Seattle IPv6 prefix

  • PTP OpenWrt files has wrong prefix still

  • OpenVPN doesn't recover if rc (/etc/init.d/network) script is run - reboot instead.
  • Two Widgets, one Acton and anything offline will still use the tunnel on Iris.
  • Comcast Business IPv6 addresses have ports filtered inbound.
  • Prefer model with IPv6 publicly routed that could hand off IPv6 addresses to clients.
• No longer want to publish (the single) ssh host key.
  • Instead we would generate the host key at build time, archive them for redeployments.

• Russell has a YubiKey4 with his GPG private key baked in. Runs PGP applet for authentication.

  • Best practice is to sign subkeys for regular use.

• PCEngines order complete, ConnorScott still needs to contribute.

  • 10% savings on order.

• NodeNotes:

  • NodeLuckyLab - no issues noticed, individual (Mitch) captive portal issue?

  • NodeFirstUnitarian - Next door apartment (Harsch properties) can run wire under door, loan Soekris to extend net and provide connectivity.

    • Set up mast away from railing (can't attach to railing).

    • NodeFirstUnitarian - node has issues rebooting cleanly, should schedule work party to replace.

  • NodeUglyMug - changed owners 2 years ago, no interest in PTP, Russell picked up hardware.

  • NodeSmart - plugged in Rainier on 12Mb CenturyLink ADSL2

  • NodeWhet - No drilling holes, APs 1st and 3rd floor, Powerline ethernet connectivity between. All on 3Mb DSL backhaul.

  • NodeSechzig - Need to bill before end of month.

  • NodeCedarHillsCrossing - Another issue with the Integra DSL modem, requiring a power cycle.

[CategoryMeetingNotes]