Search Results

Search found 4906 results on 197 pages for 'ssh tunnel'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 108/197 | < Previous Page | 104 105 106 107 108 109 110 111 112 113 114 115  | Next Page >

  • Routing with VPN and asymmetric communication

    - by Louis
    I'm stumbling on a problem that requires your advice. Keywords : networking, route, openVPN Problem : I have a local network with several physical servers and VMs. These machines have ip's in the range 10.10.x.x. I can access these machines from the Internet with the help of openVPN. These machines can : access each other within the local 10.10.x.x subnet access the Internet via the VPN can themselves be accessed (via SSH) from the Internet via the VPN. There is one machine however that behaves strangely and I don't know why. I can SSH into this machine from anywhere via SSH and I can also PING it from anywhere (including the Internet). However from this machine (i.e. when logged into it) I cannot access the Internet or ping machines outside the local network. In other words it will not go beyond the VPN. My question is why? Here are some technical details: The machine's Network Config (running Debian 6.0.3): allow-hotplug eth0 iface eth0 inet static address 10.10.10.200 netmask 255.255.0.0 network 10.10.10.0 broadcast 10.10.10.255 gateway 10.10.10.200 The machine's Routing : Destination Gateway Genmask Flags MSS Window irtt Iface 127.0.0.1 0.0.0.0 255.255.255.255 UH 0 0 0 lo 10.10.0.0 10.10.10.250 255.255.0.0 UG 0 0 0 eth0 10.10.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth0 0.0.0.0 10.10.10.250 0.0.0.0 UG 0 0 0 eth0 0.0.0.0 10.10.10.200 0.0.0.0 UG 0 0 0 eth0 The VPN's Network Config (running Debian 6.0.3): # This is the local network interface auto eth1 allow-hotplug eth1 iface eth1 inet static address 10.10.10.250 netmask 255.255.0.0 broadcast 10.10.10.255 gateway 10.10.10.250 The VPN's routing table Destination Gateway Genmask Flags MSS Window irtt Iface 10.10.0.0 0.0.0.0 255.255.255.0 U 0 0 0 tun0 private 0.0.0.0 255.255.255.0 U 0 0 0 eth0 10.10.0.0 0.0.0.0 255.255.0.0 U 0 0 0 eth1 0.0.0.0 10.10.10.250 0.0.0.0 UG 0 0 0 eth1 0.0.0.0 private 0.0.0.0 UG 0 0 0 eth0 net.ipv4.ip_forward = 1 on both machines. there are no iptables set anywhere. Thanks in advance for any feedback.

    Read the article

  • Safety concerns on allowing connections to MySQL with no password on localhost?

    - by ÉricO
    In the case of a Linux system, is there any security concern to let MySQL users with standard privileges (that is, not the root users) connect to the database with no password from localhost? I think that enforcing a password even for localhost can add a layer of protection, since, with no password the database access would be compromised if the SSH access is itself compromised. Considering that, would it be less safe to allow no password connection to MySQL than having the same password for SSH and for MySQL? I don't know if that is to be taken into account, but we also use phpMyAdmin to let users administrate their own database. I am asking because I kinda dislike having to put our database passwords unencrypted in the source or configuration files of our applications, where they can easily be leaked unintentionally. Since our servers are configured to run our applications as the Linux user the application belongs to, I was considering allowing no password from localhost as a simple solution. So, would that be a very bad idea or not?

    Read the article

  • Unable to mount Amazon Public Dataset using ec2-create-volume

    - by the0ther
    I am trying to use a Public Dataset with the snapshot id of snap-­e1608d88. I am looking at these instructions, but they do not seem to help. The first suggestion there says I should click on Volumes and create a new volume, set it's size and availability zone, as well as specifying the snapshot id. The problem is, snapshot id is a dropdown, not a text field, and there are over 100 options in the dropdown. Next I installed the ec2 command line tools and tried to run the ec2-create-volume command. For my first attempt I tried ec2-create-volume --snapshot snap-­e1608d88 --availability-zone us-east-1 but that gave output indicating I need to provide a certificate with the --cert switch. Which certficate exactly? I tried my SSH cert at ~/.ssh/id_rsa. No dice. I got the following Java error: "org.codehaus.xfire.fault.XFireFault: General security error;"

    Read the article

  • Manually forcing TCP connection to retry

    - by Vi.
    I have a TCP connection (SSH session to some computer for example) Network suddenly goes down and drops all packets (disconnected cable, out of range). TCP resends packets again and again, retrying with increasing delays. I see the problem and plug the cable back (or restore network somehow). TCP connection finally successfully resends some packet and continues. The problem is that I need to wait for a some timeout on point 5. I want to use my opened SSH session now and not wait for 5-10 seconds until it finds out that connection is working again. How to force all TCP connections to resend data without delays in GNU/Linux?

    Read the article

  • ftp users configuration in OpenSuse 12

    - by chieroz
    I usually work with MacOSX servers but this time I need to set up a ftp service on a OpenSuse 12.2 server and I am a little lost. I am using the remote YAST2 tool via ssh. I created several users who can connect via ssh and/or ftp, so the basic setup is ok. But when connecting via ftp all my users don't have write permissions. The FTP directory for authenticated users is /srv/www/htdocs, which has permissions root:root. The OpenSuse manual say it's bad practice to change these permissions, but my normal users (even the ones in the sudoers list) cannot upload files. So I am stuck: as a workaround I use rsync, but from time to time I just need to establish a working ftp connection. What's the right approach for users permissions in this scenario? Thanks a lot.

    Read the article

  • Manually forcing TCP connection to retry

    - by Vi
    I have a TCP connection (SSH session to some computer for example) Network suddenly goes down and drops all packets (disconnected cable, out of range). TCP resends packets again and again, retrying with increasing delays. I see the problem and plug the cable back (or restore network somehow). TCP connection finally successfully resends some packet and continues. The problem is that I need to wait for a some timeout on point 5. I want to use my opened SSH session now and not wait for 5-10 seconds until it finds out that connection is working again. How to force all TCP connections to resend data without now in GNU/Linux?

    Read the article

  • Monitor Windows Terminal Sessions from Linux/Mac

    - by mhd
    I'm writing some scripts to make remote connections to a Windows 2003 server a bit more user-friendly, and in doing this I want to see who's logged in already. In Windows, I could use qwinsta.exe to do this, even for remote servers. So it is exposed somehow, but I couldn't find a matching command line tool for Unix. Lacking such a tool, I could install an ssh server on the machine and call it remotely, parsing the output or write a small service of my own that would expose this via http, if I don't want full-blown ssh access. Do I have to do this, or is there already a tool for querying terminal services remotely?

    Read the article

  • how to get bash prompt on login

    - by user419534
    When I connect to remote machine uisng ssh, by default it is not on bash prompt. To get bash prompt by default on login I did as below by create .cshrc file in my home directory if ($?prompt) then setenv SHELL /bin/bash exec $SHELL -login endif It works well and I am getting bash shell but I have another file as .bashrc in my home directory which gets executed when i run bash explicitly and I have done lot of customization in this file as per my requirement. Is it possible to get my .bashrc executed somehow from .cshrc or some other way? For example I need to go connect to host B from host A, I do this From A - ssh B this brings host B but not with bash prompt. To get bash prompt I created .cshrc as mentioned above but my above code snippet does not call my .bashrc script.

    Read the article

  • How can a Virtualbox host connect to a guest VM when host wireless is disabled / host Ethernet cable is unplugged?

    - by uloBasEI
    I have a Virtualbox VM running on a computer connected to Internet via an Ethernet cable. The guest has a network adapter attached to a NAT. 2 ports (22 and 80) are forwarded so that the host can access them respectively on localhost:2222 and localhost:8080. When the Ethernet cable is plugged, both machine (host and guest) can access Internet and the host can access the SSH server/Webserver which ports are forwarded. When I unplug the Ethernet cable from the host, the host can not access the SSH server/Webserver of the guest anymore. Same situation with a Laptop connected to Internet via wireless when I disable the wireless adapter or set a wrong WPA key. My question is: is there a workaround for the host to access the guest services even if its Ethernet cable is unplugged / wireless is not available?

    Read the article

  • PHPMyAdmin running very slow over internet but fine locally

    - by columbo
    I connect to PHPMyAdmin remotely on a Centos server using my local PC via Firefox. Usually it's fine but today it's really slow (2 minutes to load a page), sometimes timing out. Other connections to the server are fine. The SSH command line is as fast as ever as is the GNOME dekstop over SSH. In fact on the GNOME desktop I can run PHPMyAdmin locally from its browser and it's as quick as ever (which is a solution to the problem of course). I've checked the various log files and seen nothing unusual, I've logged into the MySQL command line and the database is running fine without any slowing what so ever. So it just seems to be slow when I access PHPMyAdmin on the server from the browser on my remote PC (I've tried IE and Firefox, both are slow). Has anyone experienced this or have any ideas what the issue could be. Connecting via CLI through tunnel works OK - problem is in phpMyAdmin for sure. Cheers

    Read the article

  • Set up Ubuntu in Virtualbox to have static ip

    - by Don H
    I frequently work in different locations, and need to have a virtualbox version of Ubuntu server running locally. While I was at home getting it set up, I was able to ssh into the server using the locally allocated IP address. However, now that I'm elsewhere, ifconfig is still showing the old 10.0.x.x ip address, but instead of being in the 10.0.x.x space, my laptop's ip starts with 192.168.x.x With that in mind, if there a straightforward way to set up the virtual box Ubuntu server in such a way that I can just connect using "ssh servername" regardless of it's ip address?

    Read the article

  • MySQL - complete server migration (Ubuntu) [closed]

    - by Mr A
    Possible Duplicate: How to copy and move mysql database Dump all databases with SSH access I'm setting up a new dev machine, and I have the old one sitting right next to me. I'd like to do an exact copy of all MySQL structures and data from the old machine to the new. Nothing fancy needs to happen (it's a dev machine). No replication. I don't care about "downtimes" etc. Is there a super simple way to do this? For example, I have SSH on the old server, can I just use Nautilus, do a connect to server, and then transfer a folder over, replacing another folder with it and be done? It's the same version of MySQL on both sides. Same version of Ubuntu. Same in most respects.

    Read the article

  • What else can I do to secure my Linux server?

    - by eric01
    I want to put a web application on my Linux server: I will first explain to you what the web app will do and then I will tell you what I did so far to secure my brand new Linux system. The app will be a classified ads website (like gumtree.co.uk) where users can sell their items, upload images, send to and receive emails from the admin. It will use SSL for some pages. I will need SSH. So far, what I did to secure my stock Ubuntu (latest version) is the following: NOTE: I probably did some things that will prevent the application from doing all its tasks, so please let me know of that. My machine's sole purpose will be hosting the website. (I put numbers as bullet points so you can refer to them more easily) 1) Firewall I installed Uncomplicated Firewall. Deny IN & OUT by default Rules: Allow IN & OUT: HTTP, IMAP, POP3, SMTP, SSH, UDP port 53 (DNS), UDP port 123 (SNTP), SSL, port 443 (the ones I didn't allow were FTP, NFS, Samba, VNC, CUPS) When I install MySQL & Apache, I will open up Port 3306 IN & OUT. 2) Secure the partition in /etc/fstab, I added the following line at the end: tmpfs /dev/shm tmpfs defaults,rw 0 0 Then in console: mount -o remount /dev/shm 3) Secure the kernel In the file /etc/sysctl.conf, there are a few different filters to uncomment. I didn't know which one was relevant to web app hosting. Which one should I activate? They are the following: A) Turn on Source Address Verification in all interfaces to prevent spoofing attacks B) Uncomment the next line to enable packet forwarding for IPv4 C) Uncomment the next line to enable packet forwarding for IPv6 D) Do no accept ICMP redirects (we are not a router) E) Accept ICMP redirects only for gateways listed in our default gateway list F) Do not send ICMP redirects G) Do not accept IP source route packets (we are not a router) H) Log Martian Packets 4) Configure the passwd file Replace "sh" by "false" for all accounts except user account and root. I also did it for the account called sshd. I am not sure whether it will prevent SSH connection (which I want to use) or if it's something else. 5) Configure the shadow file In the console: passwd -l to lock all accounts except user account. 6) Install rkhunter and chkrootkit 7) Install Bum Disabled those services: "High performance mail server", "unreadable (kerneloops)","unreadable (speech-dispatcher)","Restores DNS" (should this one stay on?) 8) Install Apparmor_profiles 9) Install clamav & freshclam (antivirus and update) What did I do wrong and what should I do more to secure this Linux machine? Thanks a lot in advance

    Read the article

  • How to access vm inside a vm via VNC?

    - by can.
    For some reasons I installed virtual machines inside a virtual machine, like this: A( B( C )) where A is the physical machine, B is a vm and the network type is NAT. And C is also a virtual machine and the network type is bridged. The OSes are Ubuntu 12.04 and the hypervisors are kvm. I can access B via VNC and via ssh from A, but for C I can't use ssh because C has no IP address at the start. And I assume I can only access C via VNC. I tried something like(on A): iptables -t nat -A PREROUTING -d $ip-of-A -p tcp --dport 6500 -j DNAT --to-destination $ip-of-B:5900 (I referred to this) But it doesn't work. And I'm reading the man pages of iptables and hope someone could help :)

    Read the article

  • Fix X11 forwarding on OSX

    - by Such
    I am looking for a way to fix/debug a X11 forwarding session on OSX. Here is my situation: From my mac I connect to a Ubuntu workstation with ssh -X (tried ssh -Y as well). X11 forwarding works perfectly with firefox for instance, X11/Quartz is started automatically on OSX and firefox is displayed. X11 forwarding does not work with bat (Bacula graphical console): X11 is started but no window is displayed. There are no errors (/private/var/log/system.log). When I try doing the same from another Ubuntu workstation, it works perfectly for both firefox and bat. I guess the problem is on OSX side then. I tried switching some options in X11 but nothing works. Would you have any idea on how to move forward? Thanks!

    Read the article

  • BASH_ENV ignored on solaris?

    - by Peeter Joot
    In my .bash_profile, executed for both my interactive and non-interactive logins are BASH_ENV=$HOME/.myinteractivestuff export BASH_ENV doing this for bash on Linux works fine, but on Solaris is not sourced: bash --version GNU bash, version 3.00.16(1)-release (sparc-sun-solaris2.10) Curiously, if I invoke screen within my login shell, BASH_ENV is then read. Are any restrictions on when $BASH_ENV is respected on Solaris? In my case I'm logging in with ssh using putty, but also tried unix to unix ssh, and telnet and see the same. Note that I know that my BASH_ENV variable assignment is being executed since I can echo this variable after login without any trouble (ie: ruling out the obvious possibility that my .bash_profile is also not being read).

    Read the article

  • ESX Firewall Command Troubles

    - by John
    Hi, I am working on creating some firewall rules to stop some of the SSH brute-force attacks that we have seen recently on our ESX server hosts. I have tried the following rules from the CLI to first block all SSH traffic and then allow the two ranges that I am interested in: esxcfg-firewall --ipruleAdd 0.0.0.0/0,22,tcp,REJECT,"Block_SSH" esxcfg-firewall --ipruleAdd 11.130.0.0/16,22,tcp,ACCEPT,"Allow_PUBLIC_SSH" esxcfg-firewall --ipruleAdd 10.130.0.0/16,22,tcp,ACCEPT,"Allow_PRIVATE_SSH" However, these rules are not working as intended. I know that if you do not enter the block rule first, then the allow rule will not be processed. We are now having the issue where the first entered allow rule is being ignored such that the block rule works and the last entered allow rule works. I was curious if anyone had any ideas on how I could allow a few different ranges of IP's with the esxcfg-firewall --ipruleAdd command? I am at a loss and am having a hard time locating examples or further documentation about this. Thanks in advance for your help with this.

    Read the article

  • I overwrote a large file with a blank one on a linux server. Can I recover the existing file?

    - by user39234
    I came back to my machine, tried saving a file over ssh onto my linux server (CentOS). It failed. I wasn't interested in keeping any changes I had made so I closed my editor and reopened the file (over ssh). The save attempt wiped the file. I have made loads of changes to it since I last uploaded to revision control. Seeing as it has just wiped the file I assume the data is still there. It's just a text file (php), is there any way of recovering it?

    Read the article

  • Make services not start automatically after reboot (as they require access to an encrypted partition)

    - by Binary255
    Hi, I use Ubuntu Server 10.04. I more or less only want the server to be accessible over SSH after a reboot. I will then login and mount the encrypted partition myself, after which I start the services which uses it. How would I go about setting something like that up? (My first idea was to have everything except /boot in an encrypted LVM, but I never got logging in through SSH and mounting the LVM to work. Initramfs was a bit too complicated for me. Otherwise I think this would have been the best solution.)

    Read the article

  • Workaround broken sudo?

    - by perreal
    I managed to break sudo by deleting the libc.so.6 sym-link in /lib. I copied the actual file and created a symbolic link with the same name under my home directory by using LD_PRELOAD=/lib/libc-2.11.3.so. At this point, all binaries linking libc are working through preload except sudo. For sudo, I need to write (and don't know why): $ /lib/ld-linux-x86-64.so.2 --library-path . /usr/bin/sudo but this gives me: $ sudo: must be setuid root Checking the permissions: $ ls -l /usr/bin/sudo $ -rwsr-xr-x 2 root root 166120 So the setuid bit is actually set. Question: I need to create a symbolic link named /lib/libc.so.6 through my active ssh connection without using sudo, or, make sudo work somehow. I don't have the root password and I can't connect through ssh anymore. Is there any other way I can get authorization?

    Read the article

  • is there a linux equivalent of iTerm(mac) sending command to multiple tabs functionality?

    - by jabbertalker
    in iTerm, you can send a command to execute simultaneously on a set of already opened tabs. Is there a way to do this in linux (with gnome-terminal preferably)? for instance, supposed that I had 10 tabs already ssh'd into [email protected] and sudoed to root and wanted to send a command to run on all 10 tabs. The goal of this is to be able to stay within a set of tabs and command them, rather than having to use expect scripts to ssh and elevate and run commands. Basically, like how you could do in iTerm.

    Read the article

  • Amazon EC2 IPSEC

    - by John Qualis
    I have configured a ubuntu 12.04 64-bit server machine on Amazon AWS to act as a strongswan IPSEC server. I want to connect to it from my MAC OSX Lion's inbuilt IPSEC client. The OSX machine is in my home network. I log into the AWS machine using a ssh to ubuntu@public-ip and I provide the private RSA key in form of .pem file which I downloaded when the machine instance was created. The ssh connection works file but the IPSEC connection fails. What credentials/configurations should I provide for an IPSEC connection from my OSX client to AWS ubuntu server? My OSX machine is behind an ISP provided modem/router. Appreciate any help and thanks in advance

    Read the article

  • Unable to connect to vrde virtualbox VM remotely

    - by b1ackjosh
    So I've remotely created my first headless using ssh. Now I'm attempting to connect to this VM using RDP so I can install Ubuntu Server, but I cannot get connected at all. When starting the VM everything appears fine: $ vboxheadless -s WebTesting Oracle VM VirtualBox Headless Interface 4.0.16 (C) 2008-2012 Oracle Corporation All rights reserved. VRDE server is listening on port 4455. And showvminfo shows: VRDE: enabled (Address 0.0.0.0, Ports 4455, MultiConn: off, ReuseSingleConn: off, Authentication type: null) However I'm still prompted with the "enter your credentials" screen every time I attempt to connect. From reading the documentation null shouldn't prompt me with this screen at all... Any help with this is greatly appreciated. P.S. I am using ssh tunneling in putty to tunnel in to my network.

    Read the article

  • Automatic Server Management

    - by Radoslav
    I try to find any kind of automatic management services. What I mean: I purchase dedicated server. Login SSH and install any kind of Daemon. Control security, tune LAMP stack, monitoring etc. from dashboard. Never touch SSH and login in to the server. Pay every month for this service. I already find few providers, but they support only EC2 cloud servers. If you can suggest me anything for dedicated machines? If not- I need to hire anyone for 5h Administrator and 715h "Box-Watcher" every month :|

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 104 105 106 107 108 109 110 111 112 113 114 115  | Next Page >