What is the difference between simple service and daemon service ubuntu e,g smbd
- by Mirage
I am totally confused , what is the difference between
ssh and sshd
samba or smb or smbd
Search Results
Search found 14544 results on 582 pages for 'ssh config'.
Page 189/582 | < Previous Page | 185 186 187 188 189 190 191 192 193 194 195 196 | Next Page >
-
-
ftp users configuration in OpenSuse 12
- by chieroz
I usually work with MacOSX servers but this time I need to set up a ftp service on a OpenSuse 12.2 server and I am a little lost. I am using the remote YAST2 tool via ssh. I created several users who can connect via ssh and/or ftp, so the basic setup is ok. But when connecting via ftp all my users don't have write permissions. The FTP directory for authenticated users is /srv/www/htdocs, which has permissions root:root. The OpenSuse manual say it's bad practice to change these permissions, but my normal users (even the ones in the sudoers list) cannot upload files. So I am stuck: as a workaround I use rsync, but from time to time I just need to establish a working ftp connection. What's the right approach for users permissions in this scenario? Thanks a lot.Read the article
-
Safety concerns on allowing connections to MySQL with no password on localhost?
- by ÉricO
In the case of a Linux system, is there any security concern to let MySQL users with standard privileges (that is, not the root users) connect to the database with no password from localhost? I think that enforcing a password even for localhost can add a layer of protection, since, with no password the database access would be compromised if the SSH access is itself compromised. Considering that, would it be less safe to allow no password connection to MySQL than having the same password for SSH and for MySQL? I don't know if that is to be taken into account, but we also use phpMyAdmin to let users administrate their own database. I am asking because I kinda dislike having to put our database passwords unencrypted in the source or configuration files of our applications, where they can easily be leaked unintentionally. Since our servers are configured to run our applications as the Linux user the application belongs to, I was considering allowing no password from localhost as a simple solution. So, would that be a very bad idea or not?Read the article
-
Unable to mount Amazon Public Dataset using ec2-create-volume
- by the0ther
I am trying to use a Public Dataset with the snapshot id of snap-e1608d88. I am looking at these instructions, but they do not seem to help. The first suggestion there says I should click on Volumes and create a new volume, set it's size and availability zone, as well as specifying the snapshot id. The problem is, snapshot id is a dropdown, not a text field, and there are over 100 options in the dropdown. Next I installed the ec2 command line tools and tried to run the ec2-create-volume command. For my first attempt I tried ec2-create-volume --snapshot snap-e1608d88 --availability-zone us-east-1 but that gave output indicating I need to provide a certificate with the --cert switch. Which certficate exactly? I tried my SSH cert at ~/.ssh/id_rsa. No dice. I got the following Java error: "org.codehaus.xfire.fault.XFireFault: General security error;"Read the article
-
Manually forcing TCP connection to retry
- by Vi.
I have a TCP connection (SSH session to some computer for example) Network suddenly goes down and drops all packets (disconnected cable, out of range). TCP resends packets again and again, retrying with increasing delays. I see the problem and plug the cable back (or restore network somehow). TCP connection finally successfully resends some packet and continues. The problem is that I need to wait for a some timeout on point 5. I want to use my opened SSH session now and not wait for 5-10 seconds until it finds out that connection is working again. How to force all TCP connections to resend data without delays in GNU/Linux?Read the article
-
Accessing SVN repository from CCNet (CruiseControl.net) using an Active Directory user
- by Tr1stan
I have CCNet setup to talk to our SVN repository, which has it's ACLs setup using Active Directory groups. This is working fine, except I'm not happy with having the user name and password of the AD user stored in plain text on the CCNet instance. Is there a way to either encrypt the AD username/password, or get the CCNet service (I've tried running the service as the user and removing the the username/password section of the CCNet/SVN config) to use a domain account outside of the standard config?Read the article
-
Redirect in Application_Error redundant if using customErrors?
- by Ek0nomik
If I have a customErrors section in my Web.config that says to redirect to Error.html, then putting code in the Application_Error method in the Global.asax to redirect to Error.html is redundant is it not? Technically, I could bypass the Web.config by redirecting to a different page in the Application_Error method if I wanted to, but since I don't want to go to a separate page I don't think I need the code.Read the article
-
How to change defaultUrl through in C#?
- by kingdom manga
I got 2 folder, one is "Lectures" where only lecture can login, and another is "Students" where only students can login. and i use role-based authorization. but the problem is i only can assign one value for defaultUrl in web.config, if i assign it to "~/Lectures/Default.aspx" and this make lecture can login without any problem, but when student login, the student will stuck at login page, so any idea to change defaultUrl in web.config through C#???Read the article
-
ASA 5540 v8.4(3) vpn to ASA 5505 v8.2(5), tunnel up but I cant ping from 5505 to IP on other side
- by user223833
I am having problems pinging from a 5505(remote) to IP 10.160.70.10 in the network behind the 5540(HQ side). 5505 inside IP: 10.56.0.1 Out: 71.43.109.226 5540 Inside: 10.1.0.8 out: 64.129.214.27 I Can ping from 5540 to 5505 inside 10.56.0.1. I also ran ASDM packet tracer in both directions, it is ok from 5540 to 5505, but drops the packet from 5505 to 5540. It gets through the ACL and dies at the NAT. Here is the 5505 config, I am sure it is something simple I am missing. ASA Version 8.2(5) ! hostname ASA-CITYSOUTHDEPOT domain-name rngint.net names ! interface Ethernet0/0 switchport access vlan 2 ! interface Ethernet0/1 ! interface Ethernet0/2 ! interface Ethernet0/3 ! interface Ethernet0/4 ! interface Ethernet0/5 ! interface Ethernet0/6 ! interface Ethernet0/7 ! interface Vlan1 nameif inside security-level 100 ip address 10.56.0.1 255.255.0.0 ! interface Vlan2 nameif outside security-level 0 ip address 71.43.109.226 255.255.255.252 ! banner motd ***ASA-CITYSOUTHDEPOT*** banner asdm CITY SOUTH DEPOT ASA5505 ftp mode passive clock timezone EST -5 clock summer-time EDT recurring dns server-group DefaultDNS domain-name rngint.net access-list outside_1_cryptomap extended permit ip host 71.43.109.226 host 10.1.0.125 access-list outside_1_cryptomap extended permit ip 10.56.0.0 255.255.0.0 10.0.0.0 255.0.0.0 access-list outside_1_cryptomap extended permit ip 10.56.0.0 255.255.0.0 10.106.70.0 255.255.255.0 access-list outside_1_cryptomap extended permit ip 10.56.0.0 255.255.0.0 10.106.130.0 255.255.255.0 access-list outside_1_cryptomap extended permit ip host 71.43.109.226 host 10.160.70.10 access-list inside_nat0_outbound extended permit ip host 71.43.109.226 host 10.1.0.125 access-list inside_nat0_outbound extended permit ip 10.56.0.0 255.255.0.0 10.0.0.0 255.0.0.0 access-list inside_nat0_outbound extended permit ip 10.56.0.0 255.255.0.0 10.106.130.0 255.255.255.0 access-list inside_nat0_outbound extended permit ip 10.56.0.0 255.255.0.0 10.106.70.0 255.255.255.0 access-list inside_nat0_outbound extended permit ip host 71.43.109.226 10.106.70.0 255.255.255.0 pager lines 24 logging enable logging buffer-size 25000 logging buffered informational logging asdm warnings mtu inside 1500 mtu outside 1500 icmp unreachable rate-limit 1 burst-size 1 icmp permit any inside no asdm history enable arp timeout 14400 global (outside) 1 interface nat (inside) 0 access-list inside_nat0_outbound nat (inside) 1 0.0.0.0 0.0.0.0 route outside 0.0.0.0 0.0.0.0 71.43.109.225 1 timeout xlate 3:00:00 timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02 timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00 timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00 timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute timeout tcp-proxy-reassembly 0:01:00 timeout floating-conn 0:00:00 dynamic-access-policy-record DfltAccessPolicy aaa-server TACACS+ protocol tacacs+ aaa-server TACACS+ (inside) host 10.106.70.36 key ***** aaa authentication http console LOCAL aaa authentication ssh console LOCAL aaa authorization exec authentication-server http server enable http 192.168.1.0 255.255.255.0 inside http 10.0.0.0 255.0.0.0 inside http 0.0.0.0 0.0.0.0 outside snmp-server host inside 10.106.70.7 community ***** no snmp-server location no snmp-server contact snmp-server community ***** snmp-server enable traps snmp authentication linkup linkdown coldstart crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac crypto ipsec security-association lifetime seconds 28800 crypto ipsec security-association lifetime kilobytes 4608000 crypto map outside_map 1 match address outside_1_cryptomap crypto map outside_map 1 set pfs group1 crypto map outside_map 1 set peer 64.129.214.27 crypto map outside_map 1 set transform-set ESP-3DES-SHA crypto map outside_map interface outside crypto isakmp enable outside crypto isakmp policy 1 authentication pre-share encryption des hash md5 group 2 lifetime 86400 telnet timeout 5 ssh 10.0.0.0 255.0.0.0 inside ssh 0.0.0.0 0.0.0.0 outside ssh timeout 5 console timeout 0 management-access inside dhcpd auto_config outside ! dhcpd address 10.56.0.100-10.56.0.121 inside dhcpd dns 10.1.0.125 interface inside dhcpd auto_config outside interface inside ! dhcprelay server 10.1.0.125 outside dhcprelay enable inside dhcprelay setroute inside dhcprelay timeout 60 threat-detection basic-threat threat-detection statistics access-list no threat-detection statistics tcp-intercept tftp-server inside 10.1.1.25 CITYSOUTHDEPOT-ASA-Confg webvpn tunnel-group 64.129.214.27 type ipsec-l2l tunnel-group 64.129.214.27 ipsec-attributes pre-shared-key ***** ! ! prompt hostname contextRead the article
-
Is possible overwriting a Doctrine model in Symfony?
- by user248959
Hi, is possible overwriting a Doctrine model in Symfony? I'm trying no change a "notnull" property, but i can get it.. In 'plugins/sfDoctrineGuardPlugin/config/doctrine/schema.yml': sfGuardUser: actAs: [Timestampable] columns: id: type: integer(4) primary: true autoincrement: true username: type: string(128) notnull: true unique: true #... And in 'config/doctrine/schema.yml': sfGuardUser: columns: username: type: string(128) notnull: false unique: true Then "build-all-reload" but it doesn't change.. Any idea? JaviRead the article
-
creating jar file for java application
- by KItis
Hi all i have created a java application which uses data from its config folder and , it also uses third party jar files those are located in lib folder, could anyone tell me how to create jar file for this project with the content stored in config file and lib folder. i tried creating jar using eclipse export functionality. when i run this jar file, it says it can not find the third party libraries that i have used for this project and configuration file. thanks in advance for any helpRead the article
-
Monitor Windows Terminal Sessions from Linux/Mac
- by mhd
I'm writing some scripts to make remote connections to a Windows 2003 server a bit more user-friendly, and in doing this I want to see who's logged in already. In Windows, I could use qwinsta.exe to do this, even for remote servers. So it is exposed somehow, but I couldn't find a matching command line tool for Unix. Lacking such a tool, I could install an ssh server on the machine and call it remotely, parsing the output or write a small service of my own that would expose this via http, if I don't want full-blown ssh access. Do I have to do this, or is there already a tool for querying terminal services remotely?Read the article
-
Manually forcing TCP connection to retry
- by Vi
I have a TCP connection (SSH session to some computer for example) Network suddenly goes down and drops all packets (disconnected cable, out of range). TCP resends packets again and again, retrying with increasing delays. I see the problem and plug the cable back (or restore network somehow). TCP connection finally successfully resends some packet and continues. The problem is that I need to wait for a some timeout on point 5. I want to use my opened SSH session now and not wait for 5-10 seconds until it finds out that connection is working again. How to force all TCP connections to resend data without now in GNU/Linux?Read the article
-
Connect to MySQL in Ruby using NetBeans
- by Varun
I've downloaded the "dbd-mysql-0.4.4.zip" and linked it to my project. While I try to run a demo code from NetBeans the very first line require "dbi" gives me an error. Is there a different way to do it? I also tried jruby setup.rb config --with=dbi,dbd_mysql from the command prompt and it gave me the following error: config: unknown option --with=dbi,dbd_mysql Try 'ruby setup.rb --help' for detailed usage. Any suggestions please?Read the article
-
How can a Virtualbox host connect to a guest VM when host wireless is disabled / host Ethernet cable is unplugged?
- by uloBasEI
I have a Virtualbox VM running on a computer connected to Internet via an Ethernet cable. The guest has a network adapter attached to a NAT. 2 ports (22 and 80) are forwarded so that the host can access them respectively on localhost:2222 and localhost:8080. When the Ethernet cable is plugged, both machine (host and guest) can access Internet and the host can access the SSH server/Webserver which ports are forwarded. When I unplug the Ethernet cable from the host, the host can not access the SSH server/Webserver of the guest anymore. Same situation with a Laptop connected to Internet via wireless when I disable the wireless adapter or set a wrong WPA key. My question is: is there a workaround for the host to access the guest services even if its Ethernet cable is unplugged / wireless is not available?Read the article
-
how to get bash prompt on login
- by user419534
When I connect to remote machine uisng ssh, by default it is not on bash prompt. To get bash prompt by default on login I did as below by create .cshrc file in my home directory if ($?prompt) then setenv SHELL /bin/bash exec $SHELL -login endif It works well and I am getting bash shell but I have another file as .bashrc in my home directory which gets executed when i run bash explicitly and I have done lot of customization in this file as per my requirement. Is it possible to get my .bashrc executed somehow from .cshrc or some other way? For example I need to go connect to host B from host A, I do this From A - ssh B this brings host B but not with bash prompt. To get bash prompt I created .cshrc as mentioned above but my above code snippet does not call my .bashrc script.Read the article
-
You do not have sufficient permissions to access this page.
- by WmasterJ
I recently set up a local copy of Wordpress, added some content and created a child theme. Then I moved it to my webserver, changed the config file, changed the "localhost" occurences in my SQL file to my online URL. I also changed my database prefix from what I had locally on all tables and in the config file. Everything works well on the outside. But then as I log-in is get the: You do not have sufficient permissions to access this page.Read the article
-
Set up Ubuntu in Virtualbox to have static ip
- by Don H
I frequently work in different locations, and need to have a virtualbox version of Ubuntu server running locally. While I was at home getting it set up, I was able to ssh into the server using the locally allocated IP address. However, now that I'm elsewhere, ifconfig is still showing the old 10.0.x.x ip address, but instead of being in the 10.0.x.x space, my laptop's ip starts with 192.168.x.x With that in mind, if there a straightforward way to set up the virtual box Ubuntu server in such a way that I can just connect using "ssh servername" regardless of it's ip address?Read the article
-
PHPMyAdmin running very slow over internet but fine locally
- by columbo
I connect to PHPMyAdmin remotely on a Centos server using my local PC via Firefox. Usually it's fine but today it's really slow (2 minutes to load a page), sometimes timing out. Other connections to the server are fine. The SSH command line is as fast as ever as is the GNOME dekstop over SSH. In fact on the GNOME desktop I can run PHPMyAdmin locally from its browser and it's as quick as ever (which is a solution to the problem of course). I've checked the various log files and seen nothing unusual, I've logged into the MySQL command line and the database is running fine without any slowing what so ever. So it just seems to be slow when I access PHPMyAdmin on the server from the browser on my remote PC (I've tried IE and Firefox, both are slow). Has anyone experienced this or have any ideas what the issue could be. Connecting via CLI through tunnel works OK - problem is in phpMyAdmin for sure. CheersRead the article
-
MySQL - complete server migration (Ubuntu) [closed]
- by Mr A
Possible Duplicate: How to copy and move mysql database Dump all databases with SSH access I'm setting up a new dev machine, and I have the old one sitting right next to me. I'd like to do an exact copy of all MySQL structures and data from the old machine to the new. Nothing fancy needs to happen (it's a dev machine). No replication. I don't care about "downtimes" etc. Is there a super simple way to do this? For example, I have SSH on the old server, can I just use Nautilus, do a connect to server, and then transfer a folder over, replacing another folder with it and be done? It's the same version of MySQL on both sides. Same version of Ubuntu. Same in most respects.Read the article
-
What else can I do to secure my Linux server?
- by eric01
I want to put a web application on my Linux server: I will first explain to you what the web app will do and then I will tell you what I did so far to secure my brand new Linux system. The app will be a classified ads website (like gumtree.co.uk) where users can sell their items, upload images, send to and receive emails from the admin. It will use SSL for some pages. I will need SSH. So far, what I did to secure my stock Ubuntu (latest version) is the following: NOTE: I probably did some things that will prevent the application from doing all its tasks, so please let me know of that. My machine's sole purpose will be hosting the website. (I put numbers as bullet points so you can refer to them more easily) 1) Firewall I installed Uncomplicated Firewall. Deny IN & OUT by default Rules: Allow IN & OUT: HTTP, IMAP, POP3, SMTP, SSH, UDP port 53 (DNS), UDP port 123 (SNTP), SSL, port 443 (the ones I didn't allow were FTP, NFS, Samba, VNC, CUPS) When I install MySQL & Apache, I will open up Port 3306 IN & OUT. 2) Secure the partition in /etc/fstab, I added the following line at the end: tmpfs /dev/shm tmpfs defaults,rw 0 0 Then in console: mount -o remount /dev/shm 3) Secure the kernel In the file /etc/sysctl.conf, there are a few different filters to uncomment. I didn't know which one was relevant to web app hosting. Which one should I activate? They are the following: A) Turn on Source Address Verification in all interfaces to prevent spoofing attacks B) Uncomment the next line to enable packet forwarding for IPv4 C) Uncomment the next line to enable packet forwarding for IPv6 D) Do no accept ICMP redirects (we are not a router) E) Accept ICMP redirects only for gateways listed in our default gateway list F) Do not send ICMP redirects G) Do not accept IP source route packets (we are not a router) H) Log Martian Packets 4) Configure the passwd file Replace "sh" by "false" for all accounts except user account and root. I also did it for the account called sshd. I am not sure whether it will prevent SSH connection (which I want to use) or if it's something else. 5) Configure the shadow file In the console: passwd -l to lock all accounts except user account. 6) Install rkhunter and chkrootkit 7) Install Bum Disabled those services: "High performance mail server", "unreadable (kerneloops)","unreadable (speech-dispatcher)","Restores DNS" (should this one stay on?) 8) Install Apparmor_profiles 9) Install clamav & freshclam (antivirus and update) What did I do wrong and what should I do more to secure this Linux machine? Thanks a lot in advanceRead the article
-
How to access vm inside a vm via VNC?
- by can.
For some reasons I installed virtual machines inside a virtual machine, like this: A( B( C )) where A is the physical machine, B is a vm and the network type is NAT. And C is also a virtual machine and the network type is bridged. The OSes are Ubuntu 12.04 and the hypervisors are kvm. I can access B via VNC and via ssh from A, but for C I can't use ssh because C has no IP address at the start. And I assume I can only access C via VNC. I tried something like(on A): iptables -t nat -A PREROUTING -d $ip-of-A -p tcp --dport 6500 -j DNAT --to-destination $ip-of-B:5900 (I referred to this) But it doesn't work. And I'm reading the man pages of iptables and hope someone could help :)Read the article
-
Fix X11 forwarding on OSX
- by Such
I am looking for a way to fix/debug a X11 forwarding session on OSX. Here is my situation: From my mac I connect to a Ubuntu workstation with ssh -X (tried ssh -Y as well). X11 forwarding works perfectly with firefox for instance, X11/Quartz is started automatically on OSX and firefox is displayed. X11 forwarding does not work with bat (Bacula graphical console): X11 is started but no window is displayed. There are no errors (/private/var/log/system.log). When I try doing the same from another Ubuntu workstation, it works perfectly for both firefox and bat. I guess the problem is on OSX side then. I tried switching some options in X11 but nothing works. Would you have any idea on how to move forward? Thanks!Read the article
-
db4o getting history of container
- by jacklondon
var config = Db4oEmbedded.NewConfiguration (); using (var container = Db4oEmbedded.OpenFile (config, FILE)) { var foo = new Foo ("Test"); container.Store (foo); foo.Name = "NewName"; container.Store (foo); } Any way to resolve the history of container for foo in the format below? Foo created with values "Test" Foo Foo's property "Test" changed to "NewName"Read the article
-
BASH_ENV ignored on solaris?
- by Peeter Joot
In my .bash_profile, executed for both my interactive and non-interactive logins are BASH_ENV=$HOME/.myinteractivestuff export BASH_ENV doing this for bash on Linux works fine, but on Solaris is not sourced: bash --version GNU bash, version 3.00.16(1)-release (sparc-sun-solaris2.10) Curiously, if I invoke screen within my login shell, BASH_ENV is then read. Are any restrictions on when $BASH_ENV is respected on Solaris? In my case I'm logging in with ssh using putty, but also tried unix to unix ssh, and telnet and see the same. Note that I know that my BASH_ENV variable assignment is being executed since I can echo this variable after login without any trouble (ie: ruling out the obvious possibility that my .bash_profile is also not being read).Read the article
