Search Results

Search found 1054 results on 43 pages for 'the secret imbecile'.

Page 21/43 | < Previous Page | 17 18 19 20 21 22 23 24 25 26 27 28  | Next Page >

  • Bootstrapping in CloudFormation with Autoscale

    - by PapelPincel
    My CloudFormation template creates an autoscale group and bootstrap it with utility script /opt/aws/bin/cfn-init. When I remove the bootstrap part out of my template the, autoscale get created without any problem, but I add it the CloudFormation Stack fails and add line in /var/log/cloud-init.log : Error: AutoScalingGroupName does not specify any metadata The line above appens right after the following command : /opt/aws/bin/cfn-init --verbose --configsets orderedConfig --region us-east-1 --stack AS15 --resource AutoScalingGroupName --access-key XXXXXXXXXXXXX --secret-key XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX Digging a little bit deeper, in cfn-init I added the following lines the point where it exit: from pprint import pprint pprint(vars(detail)) and I get the following trace when running the previous cfn-init command : {'_description': None, '_lastUpdated': datetime.datetime(2012, 7, 12, 14, 52, 42), '_logicalResourceId': u'AutoScalingGroupName', '_metadata': None, '_physicalResourceId': u'AS15-AutoScalingGroupName-HNPOXXXXXXXX', '_resourceStatus': u'CREATE_COMPLETE', '_resourceStatusReason': None, '_resourceType': u'AWS::AutoScaling::AutoScalingGroup', '_stackId': u'arn:aws:cloudformation:us-east-1:XXXXXXXXXXXXX:stack/AS15/XXXXXXXX-cc30-11e1-XXXXXX-XXXXXXXXXX', '_stackName': u'AS15'} As you can see, the metadata field is empty and that's the reason why it fails to create the stack. Is there any known side effects for cfn-init when used with autoscale ?

    Read the article

  • How do you partition a USB Thumb / Flash Drive?

    - by Omar Shahine
    Out of the box, Windows will not allow you to partition a USB Thumb / Flash Drive. How can you do this? In case anyone is wondering Why you would do this? It's interesting in the case of a BitLocker ToGo drive where you can take a large thumbdrive (like 4 or 8 GB) and format a small amount of the drive to be used normally as a Fat32 drive and leave the remaining partition encrypted using BitLocker. This allows you to keep some non secret data on the unencrypted partition(like portable apps).

    Read the article

  • Understanding Asterisk Server features

    - by Arham Ali Qureshi
    I need to ask few question about Asterisk 1) Does ACL mean by Access Control list here ?If yes than how could i use it? >ip show user 6001 * Name : 6001 Secret : <Set> MD5Secret : <Not set> Context : DLPN_Admin Language : AMA flags : Unknown Transfer mode: open MaxCallBR : 384 kbps CallingPres : Presentation Allowed, Not Screened Call limit : 2147483647 Callgroup : 1 Pickupgroup : 1 Callerid : "test" <6001> ACL : No Sess-Timers : Accept Sess-Refresh : uas Sess-Expires : 1800 secs Sess-Min-SE : 90 secs RTP Engine : asterisk Codec Order : (ulaw:20,gsm:20) Auto-Framing: No 2) What is mean by "Require Call Token" in Asterisk Digium GIU on Create new User Panel 3) Is There any command from where i can get users VOICE MAIL password ? 4) What AMI or CLI command set call recording on or off for user ? and if i want that file to be stored on client computer not on server memory what could i do ?

    Read the article

  • Distributing entropy to virtual machines.

    - by Louis
    Dear All, I'm interested in generating secret keys for SSL on virtual machines using true randomness. By true randomness I mean the same level of entropy that can be generated by UNIX's dev/random and entropy gathering daemon (EGD). Is there a "general knowledge" recipe to route entropy from the physical layer to the virtual machines via the hypervisor regardless of the Hypervisor/Guest OS combination? Example: suppose one "hypervises" with VMware VSphere and instantiates Windows Guest OS. Can this hypervisor collect entropy from its peripherals (like dev/random/ would) and distribute it to these guest Windows OS? When considering the big vendors (VMware, Hyper-V, Citrix, etc), do they have entropy pools that gather entropy that can easily be pushed to their respective virtual machines? Louis

    Read the article

  • plesk 9 spamassassin server wide blacklist via cron?

    - by Kqk
    hi, we're running ubuntu 8.04 LTS and plesk 9.2 our simple task is to set up a periodic black list for spamassassin, e.g. using this script .. #!/bin/sh #! Script by AJR to update local spamassassin rules cd /tmp wget -c http://www.stearns.org/sa-blacklist/sa-blacklist.current mv sa-blacklist.current local.cf -f mv local.cf /etc/mail/spamassassin -f rm local.cf -f /etc/init.d/psa-spamassassin restart now, this script runs fine, but plesk doesn't seem to recognize the blacklist in its GUI. which is annoying, especially because plesk itself writes to /etc/mail/spamassassin/local.cf. i wasn't able to find out the secret place, where plesk distinguishes between entries in local.cf added via GUI and command line. any help is appreciated! thanks.

    Read the article

  • ACL in linux-based samba shares

    - by Odin
    If I mount a samba share like this from a linux server using ACL in ext3... mount -t cifs //192.168.0.10/smbshare /mnt/smbshare -o user=root password=secret ...and access the share with linux/smb-user smbuser. I have given smbuser write access to all catalogs, but when I write something to the share the owner becomes root (the user that mountet the share). Is there any possibility to make smbuser the owner of the files/catalogs he creates even if the share is mountet by the root-user? This case is supposed to work on a linux terminal server so many different users access the smb share (mountet by root).

    Read the article

  • Where are the Microsoft downloaded app compat updates stored?

    - by Ian Boyd
    Where are the Microsoft application compatibility update settings stored on a Windows XP, Windows Vista, and Windows 7 computer? Microsoft periodically release application compatibility updates (e.g. KB929427), where they list the shims that should be applied to a program in order to workaround known bugs in the software. Where are these app compat flags stored, and how can i see what shims are being applied? i have a feeling that a recent app compat update included a flag to force a particular piece of software, that we use, to require administrator. Because the task is scheduled to run nightly, and the running user does not have administrative privelages, the task is failing to start. The application is requiring to be elevated. It has the UAC shield overlay. The application has no RT_MANIFEST resource, and the compatibility option Run this program as administrator is disabled (per-user and all users). So all that's left is some secret global setting. i know user-specified compat flags are stored in: HKEY_LOCAL_MACHINE \SOFTWARE \Microsoft \Windows NT \CurrentVersion \AppCompatFlags \Layers

    Read the article

  • How does one launch PhpPgAdmin?

    - by DarenW
    I just installed postgresql, php5 and in particular PhpPgAdmin using Ubuntu's synaptic app. The PHP is running fine, the http server (lighttpd) is working fine, and I can do pg a the command line. The only thing that remains a mystery is PhpPgAdmin - just how does one fire it up to use it? I am clueless about the proper means of starting PhpPgAdmin; it isn't explained anywhere on the site for it. I tried typing phppgadmin at a bash command prompt, and entering "http://phppgsdmin/" and "http://localhost/phppgadmin" as wild guesses in the address bar in a browser - nothing happens. What is the secret? BTW, i'm only serving http on localhost, doing purely private web development.

    Read the article

  • How can I set up OpenVPN to accept more than 60 connections?

    - by Robin
    Greetings! We're using OpenVPN and today hit an unexpected connection limit of 60 - even though max-clients is set to the source code default 1024. Server log: Tue Dec 21 13:49:41 2010 MULTI: new incoming connection would exceed maximum number of clients (60) We're slowly adding new clients to the VPN and expect to hit 200 some time next year, if we can get it working. We're running the server on a Win2003 R2. OpenVPN 2.0.9 Server config as follows: local 192.168.10.211 port 1195 proto tcp dev tun dev-node OpenVPN_Vision ca vision_ca.crt cert vision_server.crt key vision_server.key # This file should be kept secret dh vision_dh1024.pem server 192.168.211.0 255.255.255.0 ifconfig-pool-persist vision_ipp.txt ;server-bridge 10.8.0.4 255.255.255.0 10.8.0.50 10.8.0.100 ;client-to-client keepalive 10 120 comp-lzo ;max-clients 100 # Default in source code is 1024 persist-key persist-tun status openvpn-status-vision.log log vision.log verb 3 I would greatly appreciate any help or input on this one. Thanks! Best regards, Robin

    Read the article

  • DDNS Not Creating Journal (Dhcpd and Named)

    - by user130094
    * EDIT 1 * After monkeying with additional debug logging I see some log entries of interest. 27-Jul-2012 23:45:26.537 general: error: zone example.lan/IN/internal: journal rollforward failed: no more 27-Jul-2012 23:45:26.537 general: error: zone example.lan/IN/internal: not loaded due to errors. ^^^ If I can remedy the above messages I think I'll be good to go ^^^ * EDIT 2 * Grasping at straws I touched a forward and a reverse zone journal file and restarted named. Boom! Works. Despite documentation stating the files are created automatically and what I have seen before... dunno why but that did the trick. Also re-checked perms on the dir the files live in. As certain as I was, they were correct with named having rw. CentOS 6 (final) dhcpd 4.1.1-P1 named BIND 9.8.2rc1-RedHat-9.8.2-0.10.rc1.el6 Basic DHCP and DNS functionality are in place on 192.168.111.2. Clients are assigned addresses as intended and can resolve local DNS names as well as Internet names. My problem is that named's zone journal files are not created. chroot: /var/named/chroot I tried placing the zone files in various directories (/var/named/data, /var/named, /var/named/dynamic - no matter which dir with named owning and wide open perms I now get nowhere). Along the way I, at one point, got a permission denied when named tried to create the journal. Resolved the issue by: chown --recursive named:named /var/named chmod --recursive 777 /var/named The journal was then created and here's where things fell apart. I attempted to tame permissions to something more sane and broke it. Once changed and having restarted named it threw an error indicating the journal was out of sync (or something to that affect)... didn't matter since this is a new setup so I deleted it and now it is not recreated. Now though I see no errors in /var/log/messages, my chrooted /var/log/named.log, or chrooted /var/log/named.debug. I increased the debug level with 'rndc trace' - no love. Increased trace to 10, still nothing. SELinux is disabled... [root@server temp]# sestatus SELinux status: disabled dhcpd.conf... allow client-updates; ddns-update-style interim; subnet 192.168.111.0 netmask 255.255.255.224 { ... key dhcpudpate { algorithm hmac-md5; secret LDJMdPdEZED+/nN/AGO9ZA==; } zone example.lan. { primary 192.168.111.2; key dhcpudpate; } } named.conf... key dhcpudpate { algorithm hmac-md5; secret "LDJMdPdEZED+/nN/AGO9ZA=="; }; zone "example.lan" { type master; file "/var/named/dynamic/example.lan.db"; allow-transfer { none; }; allow-update { key dhcpudpate; }; notify false; check-names ignore; }; The following shows /var/log/named.log output of named starting up - no errors. 27-Jul-2012 21:33:39.349 general: info: zone 111.168.192.in-addr.arpa/IN/internal: loaded serial 2012072601 27-Jul-2012 21:33:39.349 general: info: zone example.lan/IN/internal: loaded serial 2012072501 27-Jul-2012 21:33:39.350 general: info: zone example2.lan/IN/internal: loaded serial 2012072501 27-Jul-2012 21:33:39.350 general: info: zone example3.lan/IN/internal: loaded serial 2012072601 27-Jul-2012 21:33:39.350 general: info: zone example4.lan/IN/internal: loaded serial 2012072501 27-Jul-2012 21:33:39.351 general: info: zone example5.lan/IN/internal: loaded serial 2012072501 27-Jul-2012 21:33:39.351 general: info: managed-keys-zone ./IN/internal: loaded serial 0 27-Jul-2012 21:33:39.351 general: info: zone example.lan/IN/external: loaded serial 2012072501 27-Jul-2012 21:33:39.352 general: info: zone example1.lan/IN/external: loaded serial 2012072501 27-Jul-2012 21:33:39.352 general: info: zone example2.lan/IN/external: loaded serial 2012072501 27-Jul-2012 21:33:39.352 general: info: zone example3.lan/IN/external: loaded serial 2012072501 27-Jul-2012 21:33:39.353 general: info: managed-keys-zone ./IN/external: loaded serial 0 27-Jul-2012 21:33:39.353 general: notice: running 27-Jul-2012 21:34:03.825 general: info: received control channel command 'trace 10' 27-Jul-2012 21:34:03.825 general: info: debug level is now 10 ...and /var/log/messages for a named start... Jul 27 23:02:04 server named[9124]: ---------------------------------------------------- Jul 27 23:02:04 server named[9124]: BIND 9 is maintained by Internet Systems Consortium, Jul 27 23:02:04 server named[9124]: Inc. (ISC), a non-profit 501(c)(3) public-benefit Jul 27 23:02:04 server named[9124]: corporation. Support and training for BIND 9 are Jul 27 23:02:04 server named[9124]: available at https://www.isc.org/support Jul 27 23:02:04 server named[9124]: ---------------------------------------------------- Jul 27 23:02:04 server named[9124]: adjusted limit on open files from 4096 to 1048576 Jul 27 23:02:04 server named[9124]: found 2 CPUs, using 2 worker threads Jul 27 23:02:04 server named[9124]: using up to 4096 sockets Jul 27 23:02:04 server named[9124]: loading configuration from '/etc/named.conf' Jul 27 23:02:04 server named[9124]: using default UDP/IPv4 port range: [1024, 65535] Jul 27 23:02:04 server named[9124]: using default UDP/IPv6 port range: [1024, 65535] Jul 27 23:02:04 server named[9124]: listening on IPv4 interface eth0, 192.168.111.2#53 Jul 27 23:02:04 server named[9124]: generating session key for dynamic DNS Jul 27 23:02:04 server named[9124]: sizing zone task pool based on 12 zones Jul 27 23:02:04 server named[9124]: set up managed keys zone for view internal, file 'dynamic/3bed2cb3a3acf7b6a8ef408420cc682d5520e26976d354254f528c965612054f.mkeys' Jul 27 23:02:04 server named[9124]: set up managed keys zone for view external, file 'dynamic/3c4623849a49a53911c4a3e48d8cead8a1858960bccdea7a1b978d73ec2f06d7.mkeys' Jul 27 23:02:04 server named[9124]: command channel listening on 127.0.0.1#953 What can I do to troubleshoot this further? It almost seems as though dhcpd is not triggering the update. Maybe I should troubleshoot here and, if so, how? Many thanks.

    Read the article

  • Varnish VCL not allowing two separate IP addresses as backends

    - by Peter Griffin
    Every time I attempt to add an extra back end into our VCL file, it's fails. Here is the DAEMON_OPTS we are running off: DAEMON_OPTS="-a :80 \ -T localhost:6082 \ -f /etc/varnish/custom.vcl \ -u varnish -g varnish \ -S /etc/varnish/secret \ -s malloc,10G" And here is the offending backend(s) backend default { .host = "114.123.456.789"; .port = "8080"; } backend alt { .host = "203.123.456.789"; .port = "80"; } Any Ideas ? Gut feeling is it might need the backends to be set somewhere, but I'm not sure where.

    Read the article

  • Limited access to Amazon S3 buckets

    - by Tomas Markauskas
    Is it possible to somehow limit the access to an Amazon S3 account. I don't really like the idea of distributing my secret access key to all of my applications, that want to access just a single bucket on my account. If someone gains access to one of the applications, I could loose all my data stored on S3. One way I was thinking to do it would be creating a second S3 account and give it access to just one bucket of the main account, but it's not really a great solution. Another nice thing for me would be to give the secondary account only write (but not modify/delete) and read access. That way I could upload backups or other files and be sure, that they won't get lost.

    Read the article

  • What port should I use for my reverse proxy to Apache 2 from nginx?

    - by meder
    I have nginx setup as the defacto port 80. I want to setup django+mod_wsgi on Apache2. I'm worried if I leave Apache2 as 80 it will cause a conflict. Is it better to avoid the headache and change Apache to a different port? server { listen 80; server_name work.domain.org; access_log /www/work.domain.org/log/access.log; error_log /www/work.domain.org/log/error.log; location / { proxy_pass http://127.0.0.1:8080/; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Magic-Header "secret"; client_max_body_size 10m; } }

    Read the article

  • What hash should be used to ensure file integrity?

    - by Corey Ogburn
    It's no secret that large files offered up for download often are coupled with their MD5 or SHA-1 hash so that after you download you can verify the file's integrity. Are these still the best algorithms to use for this? Obviously these are very popular hashes that potential downloaders would have easy access to. Ignoring that factor, what hashes have the best properties for being used for this? For example, bcrypt would be horrible for this. It's designed to be slow. That would suck to use on your 7.4 GB dual layer OS ISO you just downloaded when a 12 letter password might take up to a second with the right parameters.

    Read the article

  • OpenVPN route missing

    - by dajuric
    I can connect to an OpenVPN server from Windows without any problems. But when I try to connect from Ubuntu 12.04 (start OpenVPN) I receive the following: OpenVPN needs a gateway parameter for a --route option and no default was specified by either --route-gateway or --ifconfig options SERVER IP: 161.53.X.X internal network: 10.0.0.0 / 8 What I need to do ? client configuration: client dev tap proto udp remote 161.53.X.X 1194 resolv-retry infinite nobind ca ca.crt cert client.crt key client.key ns-cert-type server comp-lzo verb 3 server conf: local 161.53.X.X port 1194 proto udp dev tap dev-node OpenVPN ca ca.crt cert server.crt key server.key # This file should be kept secret dh dh1024.pem # DHCP leases addresses to clients server-bridge # Push routes to the client to allow it # to reach other private subnets behind # the server. Remember that these # private subnets will also need # to know to route the OpenVPN client # address pool (10.8.0.0/255.255.255.0) # back to the OpenVPN server. push "route 10.0.0.1 255.255.0.0" client-to-client duplicate-cn keepalive 10 120 comp-lzo verb 6

    Read the article

  • Forgot password to development database

    - by ninja08
    I've created a database using terminal while following along with a tutorial. Although I had a lot of trouble getting the databases to install. Now after finally getting it to work I changed a few things, actually just the name of the database using the rake command to just "next". The password should be 'secret password'. How can I change the password or find out what it is or change it? It doesn't seem to be edited my databases.yml file with the password, especially since it still just says 'root' as username with now password in there.

    Read the article

  • How to allow password protected start-stop-daemon functionality?

    - by Mahmoud Abdelkader
    I would like to use Ubuntu's start-stop-daemon to start my application, but the application protects some sensitive information, so I have a mechanism where the application prompts for a password that's then used to generate a hashkey, which is used as the secret key for a symmetric encryption (AES) to encrypt and decrypt things from a database. I'd like to daemonize this application and have it run from start-stop-daemon, so that sudo service appname stop and sudo service appname start would work, but, I'm not sure how to go about doing this with the added complexity of a password prompt. Is there something that supports this or do I have to program it from scratch? I figured I should ask first before re-inventing the wheel. Thanks in advance.

    Read the article

  • Auto login CISCO VPN client on linux [closed]

    - by user70704
    Hi, I have installed Cisco vpn client on my linux system (Fedora core 8). After login, every time, i need to run the following command VPNC to connect the VPN server. VPNC command request the input data from the user, IPSec gateway : IPSec ID: IPSec Secret: Username: Password: So, my requirement is, can i connect the VPN server through any single command?. I feel so lazy to enter the above requirements at every time. I want to connect the VPN Server on boot startup. I was try using expect script, but i can't. Thanks in advance.

    Read the article

  • Elevate the weight of browsing history in Google Chrome's autocomplete

    - by maayank
    Google Chrome has the feature of auto-completing web addresses while you type them in the address bar. Alas, it gives absurdly more weight to Google's own auto-suggest v.s. my own browsing history, which seems a bit foolish - if I regularly (i.e. twice a week) check a certain website with the keywords "foo bar ponies" in its url, it is reasonable to expect that I will want to visit that site again and not other sites. While a bit subjective, to the very least I would expect such URLs to be in the list Chrome suggests, even if not at the top. Is there some plugin/secret option that alters the default behavior?

    Read the article

  • What is your company's stance on Developers using Laptops?

    - by codepunk
    I am a developer and my company is moving towards a "no laptop" policy in fear of them being lost or stolen and source code being compromised. Now I don't work for NASA, the military or anything labeled Top Secret but our code is very important to our business nonetheless (as all source code would be). I'll be honest, I disagree with this policy against laptops and wanted to see what others think. I'd like to know: What is your team/company's stance on laptops Your company's size and/or field (small, medium or large, Fortune 500, etc). Whether you've had to take any extra precautions (signing any additional legal, ensure your hard drive is encrypted, etc). Thanks!

    Read the article

  • Prevent member of administrator group loging in via Remote Desktop

    - by Chris J
    In order to support some build processes on our Server 2003 development servers, we require a common user account that has administrative privs. Unfortuantly, this also means that anyone that knows the password can also gain admin privs on a server. Assume that trying to keep the password secret is a failed exercise. Developers that need admin privs already have admin privs so should be able to log in as themselves. So the question is a simple one: is there anything I can configure to prevent people (ab)using the account to gain administrator on servers they shouldn't have administrator on? I'm aware that devs could disable anything that is put in place, but that's then down to process and auditing to track and manage. I don't mind where or how: it can be via the local security policy, group policy, a batch file executed in the user's profile, or something else.

    Read the article

  • How to get full write permission on my second drive after dual boot?

    - by Shaul
    I had a WinXP installation on my hard drive. Then I bought a 2nd drive and installed Win7. Dual boot working fine. But when I'm in the Win7 environment, it appears that I don't have full admin permission on the "D" drive (that's the drive with WinXP). Even though the user I'm logged in as has admin permissions, I have to run my apps with administrator privileges in order to get write access to the D drive. This is not the case when I do stuff on the C drive. I could just get into running those apps that access the D drive in admin mode, but that seems like overkill. Is there some secret switch I can flip so that my D drive acts like my C drive, security-wise?

    Read the article

  • configure HTTPS server on a cisco router

    - by Sara
    For the past week I was trying to configure an HTTPS server on a cisco 2900 router, I've used the following commands and assigned a username and password to privilege 15 however, when Im trying to access a given ip it requires a username and password however when I insert the username and password I configured it does not allow me to enter and i'm not sure where the problem is. Router(config)# ip http secure-server Router(config)# ip http authentication local These were the commands i used for the https server and also I used the following to assign the username and password Router(config)#username name privilege 15 secret 0 password where 'name' and 'password' represent the username and password respectively I'm trying to access the 192.168.14.1 interface on the router and the username and password i created are not authorized to enter (I got the commands from a cisco router manual)

    Read the article

  • Managing service passwords with Puppet

    - by Jeff Ferland
    I'm setting up my Bacula configuration in Puppet. One thing I want to do is ensure that each password field is different. My current thought is to hash the hostname with a secret value that would ensure each file daemon has a unique password and that password can be written to both the director configuration and the file server. I definitely don't want to use one universal password as that would permit anybody who might compromise one machine to get access to any machine through Bacula. Is there another way to do this other than using a hash function to generate the passwords? Clarification: This is NOT about user accounts for services. This is about the authentication tokens (to use another term) in the client / server files. Example snippet: Director { # define myself Name = <%= hostname $>-dir QueryFile = "/etc/bacula/scripts/query.sql" WorkingDirectory = "/var/lib/bacula" PidDirectory = "/var/run/bacula" Maximum Concurrent Jobs = 3 Password = "<%= somePasswordFunction =>" # Console password Messages = Daemon }

    Read the article

  • What is the formula for HughesNet FAP calculation?

    - by JohnFx
    I am somewhat frustrated with the only FAP monitor I have found on the net and discovered because it relies on a running count of bandwidth usage which (1) requires a service in the background; and (2) Tends to get inaccurate over time. Given that there is a diagnostics page on the firmware of the modem that tells the exact usage per hour, I was planning on writing a more accurate version with a better UI. However, it appears that HughesNet keeps the exact formula for calculating whether you are in FAP a secret. I have no idea why they wouldn't be more forthcoming with this information. Wondering if anyone out in SU-land had done some trial and error testing to reverse engineer the formula or had some inside knowledge to share.

    Read the article

< Previous Page | 17 18 19 20 21 22 23 24 25 26 27 28  | Next Page >