1 2012-09-25 00:00:41 <kjj_> when you telnet to 8332, you should get one of three results. Either connected, and you can type GET / <CR><CR> for a 401 auth error message, an immediate 403 forbidden message, or connection refused/timed out
2 2012-09-25 00:01:40 <bcb> connection refused
3 2012-09-25 00:01:45 <bcb> so its closed
4 2012-09-25 00:01:47 <kjj_> the first one means it is working. the second one means that your -rpcallowip is wrong, and the third one means that your firewall or routing is wrong, or that bitcoind isn't running on the server
5 2012-09-25 00:02:40 <bcb> my client server api is telling me all tcp ports are open. Let me check that out first
6 2012-09-25 00:02:48 <bcb> client box
7 2012-09-25 00:03:04 <kjj_> I don't know how AWS is routed. it is possible that even if you specify the public IP of the server, the connection might come from the internal IP of the client
8 2012-09-25 00:03:31 <kjj_> you might have better luck searching the forums. I know other people have done this on AWS
9 2012-09-25 00:04:18 <bcb> maybe I'll switch over to the internal ip and try that.
10 2012-09-25 00:04:32 <bcb> sound like all bitcoind configurations are correct.
11 2012-09-25 00:04:34 <bcb> thanks for you help
12 2012-09-25 00:06:08 <bcb> how do I gracefully exit out of a telnet prompt
13 2012-09-25 00:06:18 <kjj_> CTRL-]
14 2012-09-25 00:07:30 <bcb> CTRL (hyphen) (close bracket)?
15 2012-09-25 00:07:43 <kjj_> hold CTRL, then press ]
16 2012-09-25 00:08:00 <kjj_> at the telnet> prompt, type close
17 2012-09-25 00:08:26 <bcb> nice
18 2012-09-25 00:25:05 <bcb> tcp 0 0 ::1:8332 :::* LISTEN 20604/bitcoind
19 2012-09-25 00:25:16 <bcb> what does the one before the 8332 mean?
20 2012-09-25 00:26:54 <bcb> ;;seen kjj_
21 2012-09-25 00:26:54 <gribble> kjj_ was last seen in #bitcoin-dev 18 minutes and 54 seconds ago: <kjj_> at the telnet> prompt, type close
22 2012-09-25 00:27:06 <kjj_> ::1 is ipv6 for localhost
23 2012-09-25 00:27:19 <bcb> so is that running on local host
24 2012-09-25 00:27:29 <bcb> or listening on local host
25 2012-09-25 00:28:16 <bcb> and can and external machine see that
26 2012-09-25 00:28:42 <kjj_> uh, it should. sec
27 2012-09-25 00:28:58 <bcb> which makes my think it's not exposed to external connections
28 2012-09-25 00:29:07 <bcb> I'm able to telnet to all the other open ports
29 2012-09-25 00:29:18 <kjj_> I'm not familiar with the output from your version of netstat
30 2012-09-25 00:30:12 <Dagger2> if it's listening on [::1] then you'll only be able to connect to it from the local machine
31 2012-09-25 00:30:29 <weex> i read about ZeroAccess here a couple days ago, now I'm looking at a machine with it
32 2012-09-25 00:31:36 <bcb> that's Dagger2
33 2012-09-25 00:31:37 <bcb> thanks
34 2012-09-25 00:31:42 <kjj_> that could be it, actually. it should be grabbing ::0 instead of ::1
35 2012-09-25 00:31:47 <kjj_> I think
36 2012-09-25 00:32:57 <Dagger2> :: is any interface. 8332 is the RPC port, so it binds to ::1 by default so that other people can't control your bitcoind
37 2012-09-25 00:33:04 <bcb> Dagger2 i'm trying to get my a remote client to connect by my bitcoin on a server
38 2012-09-25 00:33:11 <bcb> no luck
39 2012-09-25 00:33:13 <bcb> any ideas
40 2012-09-25 00:33:25 <kjj_> yeah, but if you specify -rpcallowip, it binds to any instead of loopback
41 2012-09-25 00:33:43 <kjj_> it is in ThreadRPCServer2 in bitcoinrpc.cpp
42 2012-09-25 00:34:21 <Dagger2> ah, right. can you ask it to listen on ::?
43 2012-09-25 00:34:23 <bcb> binds to any what
44 2012-09-25 00:34:36 <bcb> Dagger2 how do I do that
45 2012-09-25 00:35:10 <kjj_> Dagger2: the code looks for the -rpcallowip parameter. if it doesn't find any, it picks loopback for binding RPC, otherwise it picks any (::0)
46 2012-09-25 00:35:38 <bcb> i have the -rpcallowip parameter set
47 2012-09-25 00:35:42 <kjj_> bcb: are you putting these options in your bitcoin.conf, or on the commandline?
48 2012-09-25 00:35:52 <bcb> conf
49 2012-09-25 00:36:14 <Dagger2> ah, I see
50 2012-09-25 00:36:36 <kjj_> are you including the - in the parameters?
51 2012-09-25 00:36:49 <kjj_> because in the conf file, you shouldn't
52 2012-09-25 00:36:55 <bcb> no -
53 2012-09-25 00:37:05 <bcb> paramater=value
54 2012-09-25 00:37:17 <kjj_> ok, so you just have a line like "rpcallowip=x.y.z.a" in there?
55 2012-09-25 00:38:09 <bcb> yes
56 2012-09-25 00:39:31 <kjj_> are you specifying the full path to the conf file on the command line, or is it just using the default?
57 2012-09-25 00:40:42 <bcb> default
58 2012-09-25 00:40:49 <bcb> i'm double checking that now
59 2012-09-25 00:41:25 <kjj_> are you using a script to start it? or just running the bitcoind binary directly?
60 2012-09-25 00:42:05 <bcb> running binary directly bitcoind -daemon
61 2012-09-25 00:43:15 <bcb> ok i have every tcp port on my firewall open
62 2012-09-25 00:43:27 <bcb> i'm able to connect to all running services through telnet
63 2012-09-25 00:43:39 <bcb> except bitcoind
64 2012-09-25 00:43:56 <kjj_> can you shut it down, and try starting it again with either -conf=/path/to/bitcoin.conf or -rpcallowip=x.y.z.a on the command line?
65 2012-09-25 00:44:07 <bcb> ok
66 2012-09-25 00:45:14 <kjj_> my instance is taking forever to shut down. I don't allow remote RPC, and the code looks right, but I want to change mine just to make sure it binds to any instead of loopback
67 2012-09-25 00:48:23 <bcb> success!
68 2012-09-25 00:48:32 <bcb> i tried -conf=/path/to/bitcoin.conf first and that didn't do it
69 2012-09-25 00:49:16 <bcb> then i used -conf=/path/to/bitcoin.conf -rpcallowip=x.y.z.a
70 2012-09-25 00:49:20 <bcb> and that worked
71 2012-09-25 00:49:32 <kjj_> double check the spelling of rpcallowip in your bitcoin.conf
72 2012-09-25 00:51:15 <kjj_> or did you have some kind of list of addresses in that line?
73 2012-09-25 00:52:18 <bcb> spelled correctly
74 2012-09-25 00:52:21 <bcb> only one address
75 2012-09-25 00:52:32 <bcb> does the order of the conf paramaters matter??
76 2012-09-25 00:52:44 <kjj_> shouldn't, no
77 2012-09-25 00:53:16 <bcb> so I have two boxes, one webserver one bitcoind server
78 2012-09-25 00:53:24 <bcb> both are behind separate firewalls
79 2012-09-25 00:54:00 <bcb> I am only allowing the web app connect to the bitcoind
80 2012-09-25 00:54:36 <bcb> web app is not publically addressable and is behind a firewall and a load balancer
81 2012-09-25 00:55:03 <bcb> bitcoin did is not public addressable and only accessable from the web app
82 2012-09-25 00:55:42 <bcb> does that add any security it the bitcoind server is till accessable through the web app
83 2012-09-25 00:56:20 <kjj_> meh. not really. you have to assume that anything that makes it into your webserver can then connect to your bitcoind instance over RPC, just like the webserver could
84 2012-09-25 00:56:34 <kjj_> you might want to look into armory for that
85 2012-09-25 00:56:53 <bcb> I've tried that on windows
86 2012-09-25 00:57:02 <bcb> does it work on linux as well
87 2012-09-25 00:57:34 <kjj_> I think someone was working on a daemon version of armory for just such a reason
88 2012-09-25 00:58:59 <bcb> now if the web app and the bitcoind are connecting on an internal network is there still a need for ssl
89 2012-09-25 00:59:19 <kjj_> depends how internal the network is.
90 2012-09-25 01:00:07 <kjj_> if you mean internal as in, not available to anyone but you, then you don't need SSL. if you mean internal, as in, open to every amazon customer ever, then you still do
91 2012-09-25 01:02:07 <bcb> aws is pci complient on their internal network
92 2012-09-25 01:02:49 <kjj_> I would use SSL on any network that I didn't build myself
93 2012-09-25 01:03:16 <bcb> so is ssl new to 0.7.0?
94 2012-09-25 01:03:45 <kjj_> no, it's been around for a while
95 2012-09-25 01:05:27 <kjj_> at least since 0.3.22-beta (the oldest bitcoind I have lying around on my server)
96 2012-09-25 01:06:45 <bcb> is there a link to instructions for setting up ssl
97 2012-09-25 01:07:18 <kjj_> https://en.bitcoin.it/wiki/Enabling_SSL_on_original_client_daemon
98 2012-09-25 01:25:32 <bcb> for ssl the stream_context_create() with the 'verify_peer' and 'ca_file' options and then call stream_context_set_default() would be updated in the jsonRPCClient file correct
99 2012-09-25 01:30:59 <kjj_> no idea on that.
100 2012-09-25 01:45:26 <bcb> why would bitcoind hand when stopping. Seems to be taking a long time this time around
101 2012-09-25 01:46:06 <kjj_> did you set detachdb=1 ?
102 2012-09-25 01:47:20 <bcb> no
103 2012-09-25 01:47:21 <bcb> should i
104 2012-09-25 01:47:54 <kjj_> it makes shutdown take longer
105 2012-09-25 01:49:03 <bcb> nope its just hanging
106 2012-09-25 01:49:21 <kjj_> what are the last few lines from debug.log?
107 2012-09-25 01:49:38 <bcb> just checking that
108 2012-09-25 01:50:52 <bcb> i started it as daemon
109 2012-09-25 01:50:57 <bcb> it's still running
110 2012-09-25 01:51:02 <bcb> after calling stop
111 2012-09-25 01:53:17 <bcb> i created the server cert and updated the conf with rpcssl=1
112 2012-09-25 01:55:12 <kjj_> when you run stop, it logs a bunch of stuff while shutting down
113 2012-09-25 01:56:05 <bcb> i just killed the process
114 2012-09-25 02:18:22 <MC-Eeepc> what is the current state of anonymizing bitcoin
115 2012-09-25 02:18:43 <kjj_> when you register, just give them a fake email address, you'll be fine
116 2012-09-25 02:19:01 <MC-Eeepc> say i started out with coins purchased from mtgox, and wanted to get enough anonymity to say arrange a hit or something
117 2012-09-25 02:19:13 <kjj_> you'd go to prison, most likely
118 2012-09-25 02:19:25 <MC-Eeepc> is the gold standard still TOR + multiple coinmixes in a row
119 2012-09-25 02:19:52 <kjj_> there are coin mixes that actually mix useful amounts of coins?
120 2012-09-25 02:20:18 <MC-Eeepc> dunno i heard some of them have a fair throughput now
121 2012-09-25 02:21:05 <bcb> kjj_ bitcoind is running but getting error: no response from server when calling getinfo
122 2012-09-25 02:21:16 <bcb> from localhost
123 2012-09-25 02:21:25 <kjj_> did you just start it, or has it been running for a while?
124 2012-09-25 02:21:35 <bcb> is't been running for a wile
125 2012-09-25 02:21:41 <kjj_> and did you add a second rpcallowip= line for 127.0.0.1?
126 2012-09-25 02:21:46 <bcb> no
127 2012-09-25 02:22:06 <bcb> so i have to kill
128 2012-09-25 02:22:14 <bcb> it won't respond to stop
129 2012-09-25 02:22:25 <kjj_> you can probably issue the stop command from the other server
130 2012-09-25 02:22:39 <kjj_> but SIGTERM should trigger an orderly shutdown too
131 2012-09-25 02:23:09 <bcb> error: no response from server on local host
132 2012-09-25 02:23:16 <bcb> when issueing stop
133 2012-09-25 02:24:19 <kjj_> MC-Eeepc: I have an idea for making spend-side mixers. not sure if it'll work, or if it'll help
134 2012-09-25 02:24:55 <MC-Eeepc> ?
135 2012-09-25 02:25:07 <kjj_> bcb: if you only have the one rpcallowip line, you'll need to stop it from that IP, not from localhost
136 2012-09-25 02:25:42 <kjj_> MC-Eeepc: current mixers suck, and as far as I can tell, they don't work very well
137 2012-09-25 02:26:17 <MC-Eeepc> oh
138 2012-09-25 02:27:11 <MC-Eeepc> what about p2p mixing
139 2012-09-25 02:27:41 <kjj_> that's sorta where I want to go
140 2012-09-25 02:28:03 <MC-Eeepc> its possible?
141 2012-09-25 02:28:31 <kjj_> but using ANYONECANPAY to build multi-input/multi-output transactions doesn't appear to actually preserve your privacy
142 2012-09-25 02:29:00 <kjj_> except when actually spending
143 2012-09-25 02:31:05 <kjj_> say there was a service that could collect a bunch of outputs all around the same size, it then builds the outputs that it collected, and hands it back out as a ANYONECANPAY transaction
144 2012-09-25 02:31:36 <kjj_> then, each client can verify that their outputs are in there, and sign their input. when the mixer has enough inputs to pay for the transaction, it releases it
145 2012-09-25 02:32:57 <MC-Eeepc> who is the mixer though
146 2012-09-25 02:33:26 <kjj_> at first, it would be whoever is running the software
147 2012-09-25 02:33:55 <kjj_> but later, if the idea actually works, we could potentially make it ad hoc and built into the network (don't tell the devs that I want to embed this function into the client)
148 2012-09-25 02:34:29 <MC-Eeepc> couldnt randon people just steal it all
149 2012-09-25 02:34:38 <kjj_> nope.
150 2012-09-25 02:34:58 <kjj_> that's the problem with the current mixers, those guys COULD steal everything
151 2012-09-25 02:35:18 <MC-Eeepc> right
152 2012-09-25 02:35:25 <kjj_> in the p2p mixer idea, no one signs their input unless they see their desired spend in the output that they are signing
153 2012-09-25 02:37:00 <MC-Eeepc> so are you saying that bitcoin could be anonymous by default, if you leave your coins sitting around for a while
154 2012-09-25 02:37:57 <kjj_> no, but this could help a bit
155 2012-09-25 02:38:32 <kjj_> I'm not sure that it is possible to make the software smarter than a determined tracker
156 2012-09-25 02:56:12 <bcb> kjj_: is there a cmd to run so you cans view the default parameters running on your bitcoind server
157 2012-09-25 03:57:01 <MC-Eeepc> it seems like the finney attack is going to become really rather bothersome in future, am i reading this right
158 2012-09-25 04:04:34 <jgarzik> MC-Eeepc: why? anyone with mining power isn't going to bother stealing coffee and candy. and anyone selling items with more value than coffee does the sane thing and requires confirmations.
159 2012-09-25 04:06:28 <MC-Eeepc> rent mining power
160 2012-09-25 04:10:02 <MC-Eeepc> do you just have to wait 1 conf to defeat a finney
161 2012-09-25 04:11:07 <jgarzik> more than 1 confirmation
162 2012-09-25 06:49:15 <epscy> kjj_: in a lot of cases just creating enough uncertainty and doubt might be good enough, instead of true anonymity
163 2012-09-25 07:08:53 <ffunenga> Hello to all developers, I've been developing an idea. Check it and tell me what you think: https://github.com/ffunenga/dbex/blob/master/dbex.pdf?raw=true
164 2012-09-25 09:16:57 <Impaler> Hello
165 2012-09-25 11:45:18 <robocoin> �ACTION is away: keeps him self from trolling�
166 2012-09-25 12:20:53 <phantomcircuit> there's something wrong with the initial blockchain download
167 2012-09-25 12:21:10 <phantomcircuit> connecting to a known good peer i still end up with orphan block warnings in the log
168 2012-09-25 12:23:00 <gmaxwell> phantomcircuit: What I've observed that causes that is that you start the initial download.. but during it, a block happens on the network, so you start pulling from the other end from the peer that told you about that block, and thus the orphans.
169 2012-09-25 12:23:50 <phantomcircuit> gmaxwell, hmm maybe
170 2012-09-25 12:24:24 <TD> i had that problem with bitcoinj. block chain download is just an infuriatingly subtle thing to get right
171 2012-09-25 12:24:29 <TD> (i think i got it fixed)
172 2012-09-25 12:28:48 <robocoin> �ACTION is back (gone 00:43:31)�
173 2012-09-25 12:34:46 <grondilu> Is there an online blockexplorer for testnet?
174 2012-09-25 12:35:21 <gmaxwell> http://blockexplorer.com/testnet/
175 2012-09-25 12:35:42 <grondilu> �ACTION should have guessed that�
176 2012-09-25 12:35:45 <gmaxwell> Though other than index by address you can get all (?) of the block explorer information out of the reference client itself now.
177 2012-09-25 12:36:37 <grondilu> I guess. But I can not run both the testnet and the main network on the same host, can I?
178 2012-09-25 12:36:51 <sipa> sure you can
179 2012-09-25 12:37:08 <sipa> you do need to set a different rpc port for both, though
180 2012-09-25 12:37:25 <grondilu> ok. Good to know.
181 2012-09-25 12:37:47 <kjj_> in the next release, it should set different ports automatically
182 2012-09-25 13:16:06 <helo> i bet the goal is for it to function as a 100% drop-in replacement for normal bitcoind
183 2012-09-25 13:16:51 <gmaxwell> goal for what?
184 2012-09-25 13:17:09 <helo> wow, i just replied to a really old message heh
185 2012-09-25 13:17:29 <helo> " in the next release, [bitcoind -testnet] should set different ports automatically"
186 2012-09-25 13:18:05 <kjj_> heh. not that old
187 2012-09-25 13:18:13 <kjj_> but yeah, https://github.com/bitcoin/bitcoin/pull/1862
188 2012-09-25 13:19:32 <gmaxwell> helo: there are usually so many other things you have to change to work with testnet (e.g. different addresses) that the rpc port isn't a hurdle.
189 2012-09-25 13:20:01 <gmaxwell> the rpc port being the same makes it so people think you can't run two at once... and it's probably one reason we have less testnet usage than I'd like.
190 2012-09-25 13:20:16 <helo> �ACTION pats kjj_ on the back�
191 2012-09-25 13:20:26 <kjj_> well, using that patch, as long as you don't specify -noirc, it starts up just as easy as the mainnet client
192 2012-09-25 13:20:47 <kjj_> it already stashes stuff into a different directory
193 2012-09-25 13:20:53 <gmaxwell> kjj_: not sure why anyone would be specifying noirc.
194 2012-09-25 13:21:18 <kjj_> heh. I had it in my conf from long ago. the colo that hosts my box doesn't like IRC traffic
195 2012-09-25 13:21:38 <kjj_> I just didn't take it out when it changed to disabled by default
196 2012-09-25 13:23:37 <gmaxwell> Fair enough.
197 2012-09-25 13:24:10 <kjj_> I'd actually like to see some jumpstart nodes built in, just for that reason
198 2012-09-25 13:25:35 <gmaxwell> kjj_: for testnet? meh. The fact that it depends on IRC was a useful test. IRC ought to actually work unless/until we remove it. :P
199 2012-09-25 13:26:15 <kjj_> heh. I mean for people that aren't allowed to connect to IRC servers
200 2012-09-25 13:27:37 <kjj_> The TOS at my colo actually disallows IRC entirely, but I used to work there, so they overlook the snort reports for my box sometimes.
201 2012-09-25 13:28:03 <gmaxwell> kjj_: I know. But the fact that it didn't have it allowed us to discover that the IRC support was actually broken.
202 2012-09-25 13:28:37 <kjj_> heh
203 2012-09-25 13:31:03 <epscy> what's going on in bitcoin dev land now
204 2012-09-25 13:31:07 <epscy> working on 0.8?
205 2012-09-25 13:31:53 <kjj_> I think the biggest thing going on right now is the database backend swap
206 2012-09-25 13:32:19 <epscy> from what to what?
207 2012-09-25 13:32:25 <kjj_> BDB to leveldb
208 2012-09-25 13:32:35 <epscy> is there a page on the wiki about upcoming bitcoin dev stuff?
209 2012-09-25 13:32:42 <epscy> kinda like a future changelog
210 2012-09-25 13:33:08 <gmaxwell> epscy: no, and the reason for that is because the only real test for what will be in the future is running code.
211 2012-09-25 13:33:11 <epscy> what are the advantages of leveldb
212 2012-09-25 13:33:23 <kjj_> you can read the pull discussions if you want.
213 2012-09-25 13:33:24 <epscy> gmaxwell: i see
214 2012-09-25 13:33:27 <kjj_> https://github.com/bitcoin/bitcoin/pulls
215 2012-09-25 13:33:30 <gmaxwell> epscy: it's faster and more space efficient. Maybe less fragile; though we don't know that yet.
216 2012-09-25 13:33:39 <epscy> cool
217 2012-09-25 13:33:45 <gmaxwell> epscy: we can't merge something that doesn't exist. :)
218 2012-09-25 13:34:08 <gmaxwell> There are varrious wishlists of varrious credibility; but until people sit down and code it; it's not very meaningful.
219 2012-09-25 13:34:17 <epscy> i see
220 2012-09-25 13:36:56 <epscy> hmm the oldest open pull request is 4 days
221 2012-09-25 13:37:09 <epscy> so this seems like it is for relatively minor things
222 2012-09-25 13:37:34 <gmaxwell> Because relatively minor things are ready now.
223 2012-09-25 13:37:49 <gmaxwell> ones like https://github.com/bitcoin/bitcoin/pull/1677 are not minor, however.
224 2012-09-25 13:37:58 <kjj_> they aren't sorted by last update, they are sorted by creation
225 2012-09-25 13:38:49 <gmaxwell> You can clicky clicky to change the sort order..
226 2012-09-25 13:38:58 <epscy> yeah
227 2012-09-25 13:39:00 <gmaxwell> though the update sort isn't so useful because of the pulltester bot.
228 2012-09-25 13:41:19 <epscy> heh, a pull request was closed whilst i was reading it
229 2012-09-25 13:41:37 <kjj_> OMG! What did you do?
230 2012-09-25 13:42:17 <epscy> oh maybe not
231 2012-09-25 13:42:40 <epscy> still interesting
232 2012-09-25 13:44:16 <UukGoblin> yeah github does that
233 2012-09-25 13:44:36 <UukGoblin> worse yet, my mate was commenting on a pull-request while I closed it