Search Results

Search found 15209 results on 609 pages for 'configuration'.

Page 456/609 | < Previous Page | 452 453 454 455 456 457 458 459 460 461 462 463  | Next Page >

• sftpd: No available certificate or key corresponds to the SSL cipher suites which are enabled?

  - by Arcturus

  Hello. I'm trying to setup vsftpd on Fedora 12. I need to require use of FTPS, and for now need to use a self-signed SSL certificate. I managed to get the vsftpd service running and to connect as my user. I can list the home directory, but as soon as I try to list another directory, download or upload a file, I get this error: No available certificate or key corresponds to the SSL cipher suites which are enabled. And the xfer log is empty. I've been Googling it for a while now, but still can't understand the problem. Here's how I installed vsftpd: su yum install vsftpd chkconfig vsftpd on service vsftpd start I tried to generate the certificate in two ways. Here's the first one: cd /etc/vsftpd openssl req -x509 -nodes -days 365 -newkey rsa:1024 -keyout vsftpd.pem -out vsftpd.pem Here's the second way: cd /etc/pki/tls/certs make vsftpd.pem Here's my vsftpd configuration: anonymous_enable=NO local_enable=YES write_enable=YES local_umask=022 dirmessage_enable=YES xferlog_enable=YES connect_from_port_20=YES xferlog_file=/var/log/vsftpd.log xferlog_std_format=YES nopriv_user=ftpsecure chroot_local_user=YES chroot_list_enable=YES chroot_list_file=/etc/vsftpd/chroot_list listen=YES pam_service_name=vsftpd userlist_enable=YES tcp_wrappers=YES # SSL settings ssl_enable=YES force_local_data_ssl=YES force_local_logins_ssl=YES rsa_cert_file=/etc/pki/tls/certs/vsftpd.pem allow_anon_ssl=NO ssl_tlsv1=YES ssl_sslv2=NO ssl_sslv3=NO Does anyone know what the problem is and how to solve it?

  Read the article

• pros and cons with server management gui tools to manage linux web servers

  - by ajsie

  i have stumbled upon these GUI tools that could help you manage your linux server through a web interface. ebox, webmin, ispconfig, zivios, ispcp, plesk, cpanel etc. i wonder what the pros and cons are with these solutions. a lot of people is saying that they are not as good as using pure command line (ssh) to manage your server. but i think thats yet another "linux are for advanced users" talk. i agree that a lot of things may only be done with the command line by editing directly in the configuration files. but i don't really want to do that every time and for everything. especially basic configurations these could manage. its like not having phpmyadmin for managing mysql. it would be a pain in the ass right? so if one wants to throw up a web server serving a php site oneself developed and wants all the usual stuff up and running (mysql, phpmyadmin, svn, webdav etc) is these tools the right way to go? and for more advanced features, one just use the terminal like old days. is this a smart way of managing a linux server? and which one would you choose? have you used any of these and could share your thoughts about them?

  Read the article

• Cygwin - Repo with Separate Git/Working Dir Doesn't Work

  - by Kyle Lacy

  Since I've switched to OS X and Vim, I've found it easiest to manage all of my 'dotfiles' (all of my configuration files and miscellaneous scripts) with Git. Having already set up my dotfiles in a repo following this tutorial, I figured it would also be easy enough to migrate all of my settings into my Cygwin setup on my Windows partition. Already having the repo setup on Github, I simply clone'd the repo, and moved all of the files over to my home directory, making it a mirror of my OS X home directory. Unfortunately, I cannot seem to use the actual repo any further within Cygwin. The problem is that I cannot use my dotfiles repo with git within Cygwin. The setup is unique from most normal git repos, in that the working directory and the git directory are in different locations. Specifically, the working directory is $HOME (/Users/kyle on OS X, /home/kyle in Cygwin), and the git repo is $HOME/.dotfiles.git. So, if I wanted to get the status of the repo, for example, I would type the following command (which I alias to reduce typing, of course): git --work-tree=$HOME --git-dir=$HOME/.dotfiles.git status -uno While this works fine on OS X, this refuses to work within Cygwin. Regardless of whether or not I use my alias, or whether or not I substitute $HOME by hand, I get the following git error: fatal: Not a git repository: /home/Kyle/dotfiles/.git/modules/.build/git I don't understand where this error comes from, but the path /home/Kyle/dotfiles was the original location of the git repo when I initially cloned it. Additionally, it's important to note that the repo relies heavily on submodules. If specifics are necessary, the repo in question can be found on GitHub. The commands I ran to setup the repo in Cygwin can also be found within the Readme file.

  Read the article

• How to update-grub on a system running overlayroot?

  - by mikepurvis

  We ship boxes configured with overlayroot, using the following overlayroot.conf: overlayroot=device:dev=/dev/sda6,timeout=20,recurse=0 Which produces the following mount configuration: $ mount overlayroot on / type overlayfs (rw,errors=remount-ro) /dev/sda5 on /media/root-ro type ext3 (ro,relatime,errors=continue,user_xattr,acl,barrier=1,data=ordered) /dev/sda6 on /media/root-rw type ext3 (rw,relatime,errors=continue,user_xattr,acl,barrier=1,data=ordered) /dev/sda1 on /boot type ext3 (rw) As you can see, three key physical partitions: sda1 is /boot, sda5 is a read-only "factory" root, and sda6 is a "user" root which can be wiped at any point to restore the machine to its original factory state. Now, the problem arises when update-grub is run for any reason: $ sudo update-grub [sudo] password for administrator: /usr/sbin/grub-probe: error: cannot find a device for / (is /dev mounted?). Understandable, since / is an overlayfs. The contents of /usr/sbin/update-grub are: #!/bin/sh set -e exec grub-mkconfig -o /boot/grub/grub.cfg "$@" With /usr/sbin/grub-mkconfig being the business part of things. But the actual problem is in /usr/sbin/grub-probe, called by grub-mkconfig, and grub-probe is a binary. So my question is, is there a parameter or whatever which can make grub-probe do the right thing in the face of / being an overlayfs? And secondly, is there a way to hack/patch that in so that the update-grub script just does the right thing? Thanks.

  Read the article

• Destination host unreachable - Windows Server 2008

  - by Doug

  Hi There, I'm working with a windows 2008 domain controller, which I'm having issues connecting to internet resources. A small bit of background, this is a 2008 domain controller that has been added into an existing Win 2k domain, with a goal of replacing the older computers. Both of the older controllers can still access internet resources, and so can all the clients. When I ping Google.ca from the new server, it does resolve to an ip address, but then says "Reply from 192.168.123.20: Destination host unreachable." I'm really at a lost now, I've checked and rechecked my ip configuration, the default gateway is my router, the primary DNS server is the my DC, and the secondary DNS is also my router. The DNS server on the domain has a forwarder added for the router as well. Everything on my local network works just fine, all my internal resources can be resolved. For the time being, I've stopped the Firewall service. I'm not 100% used to Server 2008 yet, but it might be a case of just missing something simple. Thanks for your time.

  Read the article

• Destination host unreachable - Windows Server 2008

  - by Doug

  Hi There, I'm working with a windows 2008 domain controller, which I'm having issues connecting to internet resources. A small bit of background, this is a 2008 domain controller that has been added into an existing Win 2k domain, with a goal of replacing the older computers. Both of the older controllers can still access internet resources, and so can all the clients. When I ping Google.ca from the new server, it does resolve to an ip address, but then says "Reply from 192.168.123.20: Destination host unreachable." I'm really at a lost now, I've checked and rechecked my ip configuration, the default gateway is my router, the primary DNS server is the my DC, and the secondary DNS is also my router. The DNS server on the domain has a forwarder added for the router as well. Everything on my local network works just fine, all my internal resources can be resolved. For the time being, I've stopped the Firewall service. I'm not 100% used to Server 2008 yet, but it might be a case of just missing something simple. Thanks for your time.

  Read the article

• Exchange 2010: Replication Service Still Trying to Replicate Deleted Mailbox Store

  - by ThaKidd

  In advance, thank you for your opinions! I just migrated from Server/Exchange 2003 to Server 2008 SR2 running Exchange 2010. I had an extra mailbox that appeared with some system mailboxes in it. I used the EMS to move those mailboxes over and then deleted the store out of the EMC. Since then every so often I get an Error in Event Viewer. Source: MSExchangeRepl ID: 4098 Error: The Microsoft Exchange Replication service couldn't find a valid configuration for database '5f012f40-3bad-4003-a373-dbc0ffb6736f' on server 'EXCHSERVER'. Error: (nothing after this) I can confirm that the above GUID is the mailbox store of that I deleted. No other Exchange errors occur. How can I tell Exchange Replication to ignore this store? Setup, one Exchange server 2003 transitioned over to 2010. No other Exchange servers. Is there a way to fix this? Do I need to change a setting to stop replication? I plan to add a second Exchange server in the next few days so stopping replication would be a bad thing. Thanks again in advance. Jason

  Read the article

• Ubuntu software stack to mimic Active Directory auth

  - by WickedGrey

  I'm going to have an Ubuntu 11.10 box in a customer's data center running a custom webapp. The customer will not have ssh access to the box, but will need authentication and authorization to access the webapp. The customer needs to have the option of either pointing the webapp at something that we've installed locally on the machine, or to use an Active Directory server that they have. I plan on using a standard "users belong to groups; groups have sets of permissions; the webapp requires certain permissions to respond" auth setup. What software stack can I install locally that will allow an easy switch to and from an Active Directory server, while keeping the configuration as simple as possible (both for me and the end customer)? I would like to use as much off-the-shelf software for this as possible; I do not want to be in the business of keeping user passwords secure. I could see handling the user/group/permission relationships myself if there is not a good out-of-the-box solution (but that seems highly unlikely). I will accept answers in the form of links to "here is what you need" pages, but not "here is what Kerberos does" unless that page also tells me if it's required for my use case (essentially, I know that AD can speak Kerberos, but I can't tell if I need it to, or if I can just use LDAP, or...).

  Read the article

• Problem with switch dell 6224

  - by Matias

  Hello, we just have upgraded the firmware of a dell 6224 power connect switch and it won't reload. These are the symptons: - I power up the switch having the serial cable connected to it and the switch outputs nothing. The configuration of the serial console is fine: 9600 bds, etc... In fact, before the upgrade, I was connected to the switch through the very same cable. - Reseting the switch with its reset pinhole does not reset the switch: the power and fan lights powers off while I keep pressed the pinhole, but the switch itself does not resets. - When I connect an UTP cable to one of the switches port, the green lights don't flash, but ''mii-tool eth0'' in my laptop shows there is link!! The only thing I see in the output, different from other upgrades I've done, is this line at the end: Erasing Boot Flash.....^^^^Done. Any help or idea will be more than welcome!! Thanks!! console#show version Image Descriptions image1 : image2 : Images currently available on Flash -------------------------------------------------------------------- unit image1 image2 current-active next-active 1 <none> 3.0.0.8 image2 image2 console#boot system image2 Activating image image2 .. console#update bootcode Update bootcode and reset (Y/N)? Updating boot code ... Extracting boot code from image... Erasing Boot Flash.....^^^^Done.

  Read the article

• Subversion gives Error 500 until authenticating with a web browser

  - by Farseeker

  We used to use Collabnet SVN/Apache combo on a Windows server with LDAP authentication, and whilst the performance wasn't brilliant it used to work perfectly. After switching to a fresh Ubuntu 10 install, and setting up an Apache/SVN/LDAP configuration, we have HTTPS access to our repositories, using Active Directory authentication via LDAP. We're now having a very peculiar issue. Whenever a new user accesses a repository, our SVN clients (we have a few depending on the tool, but for arguments sake, let's stick to Tortoise SVN) report "Error 500 - Unknown Response". To get around this, we have to log into the repo using a web browser and navigate 'backwards' until it works E.G: SVN Checkout https://svn.example.local/SVN/MyRepo/MyModule/ - Error 500 (bad) Webbrowse to https://svn.example.local/SVN/MyRepo/MyModule/ - Error 500 (bad) Webbrowse to https://svn.example.local/SVN/MyRepo/ - Error 500 (bad) Webbrowse to https://svn.example.local/SVN/ - Forbidden 403 (correct) Webbrowse to https://svn.example.local/SVN/MyRepo/ - OK 200 (correct) SVN Checkout https://svn.example.local/SVN/MyRepo/MyModule/ - Error 500 (bad) Webbrowse to https://svn.example.local/SVN/MyRepo/MyModule/ - OK 200 (correct) SVN Checkout https://svn.example.local/SVN/MyRepo/MyModule/ - OK 200 (correct) It seems to require authentication up the tree, starting from the svnparentpath up through to the module required. Has anyone seen anything like this before? Any ideas on where to start before I ditch it back to Collabnet's SVN server?

  Read the article

• IMAP proxy as a POP3 hub?

  - by mailman stan

  Simple scenario, complicated technology: One family receiving mail from five email addresses via POP3 into one Outlook inbox on a single PC. Now we'd like to be able to replicate that single inbox across multiple devices (eg. desktop PC, laptop, netbook, smartphone). If we continue using POP3 as the mail transfer protocol, messages will be downloaded to one device and will not be visible to the others; replies will likewise be isolated on the sending machine. If we switch to IMAP, I understand that we can have multiple devices maintaining a shared view of an inbox hosted at the server end, but what about multiple accounts? I tried changing the account configuration in Outlook to fetch from the mail providers' IMAP service instead of POP3, which does give a shared view across multiple devices but also causes Outlook to create a separate inbox and PST for each account. This is awkward because it means there are five separate folders that need to be checked, and Outlook tools like search filters and rules don't seem to work across accounts. To get what I want (five accounts delivered into one shared mailbox) it seems that I would need some sort of intervening server that collects mail (using POP3) from all our accounts into a single inbox while preserving the original destination addresses, and then serves it up to all our devices using IMAP. Is this workable? Is it a good approach? Is there an easier way?

  Read the article

• System Information (msinfo32.exe) Can't Collect Information

  - by ptanne

  I have Windows XP Pro, service pack 1, IE 6 and 32GB of free space, 75GB total. I have had nothing but trouble after trying to install service pack 2 even though I used System Restore. The installation was incomplete and my computer has never been the same. I attempted to install sp2 four or five times and sp3 once, always with the same result. I've tried reinstalling XP Pro but that didn't fix the problem. My XP Pro disk now has a scratch on it and refuses to work. Dell would not replace it stating that my computer was out of warranty. I'm currently trying Reimage which is supposed to return a computer to the original configuration and replace missing or damaged files. Believe it or not, Ripley, it stops in the middle of the operation and, so far, the Reimage techs haven't been able to figure out why. Of the many problems that I still have is that System Information can't collect information. The Help and Support sections that display system info also don't work. Is there some way that I can fix this? I can't afford to throw my computer away, yet. Thank you for listening, Pam Galvin

  Read the article

• NSclient++ NRPE issues

  - by Kyle

  I have had NSclient++ working with Nagios for a while now. Recently I started testing Nagwin just to see how it would work, out of pure curiosity. I stopped checking a test server with my main Nagios config, set NSclient++ to NRPE mode, and pointed Nagwin at it. It worked great for a few hours then suddenly I started seeing "UNKNOWN: No Handler for that command." I figured it has to be Nagwin's fault since it's so new, I'll just unload NRPElistner.dll and return my server to being monitored by check_NT. However now check_NT doesn't work my main Nagios server returns timeout errors and is unable to connect at all. My Nagwin server can connect to it, the server just doesn't know how to handle the check_NRPE commands even though it did with no changes a few hours earlier. I have been working on this for a day now and am fairly certain it is NSclient++ who is to blame here. My nagwin box has successfully stayed connected to a similar server throughout the night, without any issues. And my main Nagios config is not having any problems at all. I have been able to successfully switch another server between being monitored by nagios and nagwin without any problems by simply loading and unloading the NRPE.dll. I have tried uninstalling NSclient++ and reinstalling with fresh configuration but still receive the errors. As of now the firewall is off on the server, NSclient++ is setup to accept connection from any server, there is no password, I have also turned ssl off, and the NRPE module is loaded. Any Ideas would be appreciated, I am not an advanced Nagios user but I do know my way around it and can easily break it down and set it up again. I also want to add that while in test mode NSclient++ is unable to handle check_NRPE commands there either.

  Read the article

• Automate Windows 7's file sharing and firewall settings

  - by nhinkle

  I am working with my school to customize Windows 7 on some new laptops we are receiving. The laptops come with Windows 7 Professional already installed, and we do not need or want to reimage them. We would however like to customize the installation once it is in place, through a series of scripts. We will also be deploying these scripts to computers which have already been set up. Most of the settings we wish to change can be done easily from the command line or with a registry file. However, there is one thing we keep getting hung up on: networking options. Is there any unattended way to set the Windows 7 networking configuration? We would like to set the following things automatically, which are found under Control Panel > Network and Sharing Center > Advanced sharing settings > Home or Work network: Turn on network discovery Turn on printer and file sharing Turn off public folder sharing Turn on password protected sharing Use user accounts and passwords to connect to other computers We also need to configure the firewall to allow the following exceptions: File and printer sharing Remote assistance Remote desktop Remote scheduled tasks management Remote service management Windows remote management I've looked around, and can't find any way to change these things - I looked into netsh, registry settings, and even used RegMon to watch while I changed the values manually, all to no avail. Google hasn't offered up anything helpful so far. If anyone could provide some insight, I would very much appreciate it. I did find out that much of this is configurable with group policy, but because these computers are in a workgroup, not a domain, I don't know of any way to take advantage of that in an unattended manner.

  Read the article

• Dell Poweredge 2600 RAID Transfer How-to

  - by DCookie

  Help, please! Hardware: Dell Poweredge 2600 PERC 4 SCSI Drives, 1 standalone 3 in a RAID 5 configuration OS: Windows 2000 Server In other words, a fairly old system. Anyway, we are in the process of taking over support for this site. The current tech wants out and is fading from view fast, so we need to solve this problem: The standalone disk (where the OS was) failed. We've replaced the disk, installed the OS, but need to know exactly how to proceed from here. I've never worked with a RAID system before, so I don't want to touch anything without knowing what I'm doing. We are not certain if the site will want us to attempt to recover the array or wait for the old tech to become available. We have replaced the server with a temporary box, and recovered MOST of the data from an online backup service. However, the other tech failed to backup a part of the data and the only copy of it is on this RAID array. Hence, our caution. We have poked minimally around in the boot-up PERC config utility, and it seems to me that that's where we'll need to be to reclaim the array. Another possibility is that there is some Dell software for the RAID controller we need to acquire. Can anyone provide clues as to how to proceed from here? Any help GREATLY appreciated.

  Read the article

• Why can't I ssh into my server using my private key?

  - by user61342

  I just setup my new server as I used to, and this time I can't login using my private key. The server is ubuntu 11.04. And I have setup following ssh key directories. root@myserv: ls -la drwx------ 2 root root 4096 Sep 23 03:40 .ssh And in .ssh directory, I have done chmod 640 authorized_keys Here is the ssh connection tracebacks: OpenSSH_5.9p1, OpenSSL 0.9.8r 8 Feb 2011 debug1: Reading configuration data /etc/ssh_config debug1: /etc/ssh_config line 20: Applying options for * debug1: Connecting to [my.server.ip] [[my.server.ip]] port 22. debug1: Connection established. debug1: identity file /Users/john/.ssh/id_rsa type -1 debug1: identity file /Users/john/.ssh/id_rsa-cert type -1 debug1: identity file /Users/john/.ssh/id_dsa type 1 debug1: identity file /Users/john/.ssh/id_dsa-cert type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.8p1 Debian-1ubuntu3 debug1: match: OpenSSH_5.8p1 Debian-1ubuntu3 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.9 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5 none debug1: kex: client->server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Server host key: RSA ef:b8:8f:b4:fc:a0:57:7d:ce:50:36:17:37:fa:f7:ec debug1: Host '[my.server.ip]' is known and matches the RSA host key. debug1: Found key in /Users/john/.ssh/known_hosts:2 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,password debug1: Next authentication method: publickey debug1: Trying private key: /Users/john/.ssh/id_rsa debug1: Offering RSA public key: /Users/john/.ssh/id_dsa debug1: Authentications that can continue: publickey,password debug1: Next authentication method: password root@[my.server.ip]'s password: Update: I have found the reason but I can't explain it yet. It is caused by uploading the key using rsync -chavz instead of scp, after I used scp to upload my key, the issue is gone. Can someone explain it? Later, I tried rsync -chv, still not working

  Read the article

• Problem with PXE boot

  - by user70523

  Hi, I followed the following link for PXE boot, http://www.howtoforge.com/setting-up-a-pxe-install-server-on-ubuntu-9.10-p3 and I was able to ping the client from the server and also when I booted up the client It is getting the IP address from the server. But later,I got this error PXELinux 3.82 2009-06-09 . . . [other informations] !PXE Entry point found (we hope) at 9D3B:0109 via plan A UNDI code segment at 9D3B len 16C2 UNDI data segment at 933B len A000 Getting cached packet 01 02 03 . . . [other informations] TFTP prefix: Trying to load: pxelinux.cfg/ec5db4c0-74fe-d511-b9e7-3d9235afe5a1 Trying to load: pxelinux.cfg/01-00-17-31-b6-5e-a8 Trying to load: pxelinux.cfg/0A64491E Trying to load: pxelinux.cfg/0A64491 Trying to load: pxelinux.cfg/0A6449 Trying to load: pxelinux.cfg/0A644 Trying to load: pxelinux.cfg/0A64 Trying to load: pxelinux.cfg/0A6 Trying to load: pxelinux.cfg/0A Trying to load: pxelinux.cfg/0 Trying to load: pxelinux.cfg/default Unable to locate configuration file Boot failed: press a key to retry or wait for reset I have put all the files mentioned in the link in tftpboot. Can anyone explain what could be the problem. Thanks in advance

  Read the article

• Cannot connect to my EC2 instance because of "Permission denied (publickey)"

  - by Burak

  In AWS console, I saw that my key pair was deleted. I created a new one with the same name. Then I tried to connect with ssh -v -i sohoKey.pem ec2-user@******.compute-1.amazonaws.com Here's the output: macs-MacBook-Air:~ mac$ ssh -v -i sohoKey.pem ec2-user@******.compute-1.amazonaws.com OpenSSH_5.6p1, OpenSSL 0.9.8r 8 Feb 2011 debug1: Reading configuration data /etc/ssh_config debug1: Applying options for * debug1: Connecting to ********.compute-1.amazonaws.com [*****] port 22. debug1: Connection established. debug1: identity file sohoKey.pem type -1 debug1: identity file sohoKey.pem-cert type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3 debug1: match: OpenSSH_5.3 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_5.6 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server->client aes128-ctr hmac-md5 none debug1: kex: client->server aes128-ctr hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP debug1: SSH2_MSG_KEX_DH_GEX_INIT sent debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY debug1: Host '*******.compute-1.amazonaws.com' is known and matches the RSA host key. debug1: Found key in /Users/mac/.ssh/known_hosts:3 debug1: ssh_rsa_verify: signature correct debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: Roaming not allowed by server debug1: SSH2_MSG_SERVICE_REQUEST sent debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey debug1: Next authentication method: publickey debug1: Offering RSA public key: sohoKey.pem debug1: Authentications that can continue: publickey debug1: Trying private key: sohoKey.pem debug1: read PEM private key done: type RSA debug1: Authentications that can continue: publickey debug1: No more authentication methods to try. Permission denied (publickey). Update: I detached my old EBS and attached to the new instance. Now, how can I mount it?

  Read the article

• How does SELinux affect the /home directory?

  - by Matt Solnit

  Hi everyone. I'm migrating a CentOS 5.3 system from MySQL to PostgreSQL. The way our machine is set up is that the biggest disk partition is mounted to /home. This is out of my control and is managed by the hosting provider. Anyway, we obviously want the database files to be on /home for this reason. With MySQL, we did the following: Edited my.cnf and changed the datadir setting to /home/mysql Added a new "File type" policy record (I hope I'm using the right terminology) to set /home/mysql(/.*)? to mysqld_db_t Ran restorecon -R /home/mysql to assign the labels and everything was good. With PostgreSQL, however, I did the following: Edited /etc/init.d/postgresql and changed the PGDATA and PGLOG variables to /home/pgsql/data and /home/pgsql/pgstartup.log, respectively Added a new policy record to set /home/pgsql/pgstartup.log to postgresql_log_t Added a new policy record to set /home/pgsql/data(/.*)? to postgresql_db_t Ran restorecon -R /home/pgsql to assign the labels At this point, I still cannot start PostgreSQL. pgstartup.log says: # cat pgstartup.log postmaster cannot access the server configuration file "/home/pgsql/data/postgresql.conf": Permission denied The weird thing is that I don't see any messages related to this in /var/log/messages or /var/log/secure, but if I turn off SElinux, then everything works. I made sure all the permissions are correct (600 for files and 700 for directories), as well as the ownership (postgres:postgres). Can anyone tell me what I am doing wrong? I'm using the Yum repository from commandprompt.com, version 8.3.7. EDIT: The reason my question specifically mentions the /home directory is that if I go through all these steps for any other directory, e.g. /var/lib/pgsql2 or /usr/local/pgsql, then it works as expected.

  Read the article

• ssh_exchange_identification: Connection closed by remote host

  - by Charlie Epps

  First: $ ssh-keygen -t dsa -P '' -f ~/.ssh/id_dsa $ cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys Connecting to SSH servers gives this message: $ ssh -vvv localhost OpenSSH_5.3p1, OpenSSL 0.9.8m 25 Feb 2010 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug2: ssh_connect: needpriv 0 debug1: Connecting to localhost [127.0.0.1] port 22. debug1: Connection established. debug1: identity file /home/charlie/.ssh/identity type -1 debug1: identity file /home/charlie/.ssh/id_rsa type -1 debug3: Not a RSA1 key file /home/charlie/.ssh/id_dsa. debug2: key_type_from_name: unknown key type '-----BEGIN' debug3: key_read: missing keytype debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug3: key_read: missing whitespace debug2: key_type_from_name: unknown key type '-----END' debug3: key_read: missing keytype debug1: identity file /home/charlie/.ssh/id_dsa type 2 ssh_exchange_identification: Connection closed by remote host My /etc/hosts.allow is as following: sshd: ALLOW /etc/hosts.deny is as following: ALL: ALL: DENY I have changed my /etc/ssh/sshd_conf as following: ListenAddress 0.0.0.0 Protocol 2 # HostKey for protocol version 1 #HostKey /etc/ssh/ssh_host_key # HostKeys for protocol version 2 HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_dsa_key RSAAuthentication yes PubkeyAuthentication yes #AuthorizedKeysFile .ssh/authorized_keys PasswordAuthentication no

  Read the article

• Throttling Postfix memory

  - by teddybeard

  I have a VPS on 1and1 similar to this configuration (512MB, burst up to 2GB). I run a web service where I crawl the web and notify my users through email and sms when a certain online data feed changes. When I send the emails out, I just have PHP loop through the recipients list and send the emails out using the mail() function. Whenever I try to send a large volume of these messages out, my server starts acting funny. I can't even run an 'ls' sometimes because the shell tells me it 'cannot allocate memory'. The shell is unusable and yet my website is being served up fine. Mail.err contains: Nov 14 17:30:09 s15351477 postfix/smtp[26000]: fatal: inet_addr_local[getifaddrs]: getifaddrs: Cannot allocate memory Nov 14 17:30:09 s15351477 postfix/sendmail[25999]: fatal: username(1000): unable to execute /usr/sbin/postdrop -r: Success Nov 14 18:29:14 s15351477 postfix/smtp[9911]: fatal: inet_addr_local[getifaddrs]: getifaddrs: Cannot allocate memory Nov 14 18:29:14 s15351477 postfix/sendmail[9910]: fatal: username(1000): unable to execute /usr/sbin/postdrop -r: Success Also, if relevant, my bean counters are: Version: 2.5 uid resource held maxheld barrier limit failcnt 53907331: kmemsize 20779422 21041560 31457280 34603008 2989403 lockedpages 0 0 512 512 0 privvmpages 81488 82498 524288 576716 94640 shmpages 2831 2831 32768 32768 0 dummy 0 0 9223372036854775807 9223372036854775807 0 numproc 90 91 128 128 6603 physpages 32692 33531 2147483647 2147483647 0 vmguarpages 0 0 131072 2147483647 0 oomguarpages 32942 33781 9223372036854775807 2147483647 0 numtcpsock 22 23 720 720 0 numflock 27 28 376 413 0 numpty 1 1 32 32 0 numsiginfo 0 1 512 512 0 tcpsndbuf 425888 441064 3440640 5406720 0 tcprcvbuf 369200 376832 3440640 5406720 0 othersockbuf 268000 268464 2252160 4194304 0 dgramrcvbuf 0 8472 524288 576716 0 numothersock 180 182 720 720 0 dcachesize 952146 966231 5242880 5767168 0 numfile 3609 3683 8192 8192 0 dummy 0 0 0 0 0 dummy 0 0 0 0 0 dummy 0 0 0 0 0 numiptent 25 25 200 205 0 Is there some way I can throttle postfix to keep it from swamping the system like this? Also wondering: why does email use so many resources, these emails are just short text?

  Read the article

• How to scope access to a service to set of users, using OpenLDAP, and only OUs

  - by JDS

  Okay, here goes. Solving this will solve several problems for me (as I can reapply this knowledge to several extant, similar problems), but luckily I have a very specific, concise problem to describe. Enough preamble. Our hosting partner is setting up VPN access for us and is connecting it to our LDAP server. They are using Cisco VPN, the docs on setting this up are here: http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00808c3c45.shtml#maintask1 Specifically, note the screenshot in (5), under "ASDM" Now, I do NOT want to provide access to all of our users. I only want to provide access to our IT group. But I do not see a configuration option for LDAP groups on that web reference for the Cisco VPN. We are using: OpenLDAP 2.4 Static groups (i.e. "Group has the following members...") Single user OU, "ou=users,dc=mycompany,dc=com" Is it possible to provide an alias of some kind in OpenLDAP that creates another OU, "itusers", say, and lets me alias the members of that OU somehow? Something like: "cn=Jeff Silverman,ou=itusers,dc=mycompany,dc=com" is an alias for "cn=Jeff Silverman,ou=users,dc=mycompany,dc=com" And is NOT a separate, unique user account. Alternatively, should I just create a separate OU and manage it separately? It is a pain, but only 12-15 users will have to be managed that way, with two separate user accounts. But I hate this option - messy, unmanageable, unscalable. You know what I mean. I am open to any options. I've searched and read all over but I can't quite find an directly analagous example. I can't possibly be the only one who's had this problem! Thanks!

  Read the article

• Apache2 Virtual Host with ScriptAlias returning 403

  - by sissonb

  I am trying to reference my libs directory which is a sibling directory to my DocumentRoot. I am using the following ScriptAlias to try to accomplish this. ScriptAlias /libs/ "../libs" But when I go to example.com/libs/ I get a the following error Forbidden You don't have permission to access /libs/ on this server I am able to view the libs directory using the following configuration so I don't think it's a file permission error. <VirtualHost *> ServerName example.com ServerAlias www.example.com DocumentRoot C:/www/libs <VirtualHost *> More relevant httpd.cong setting below <Directory /> Options FollowSymLinks AllowOverride None Order deny,allow Deny from all </Directory> <Directory "C:/www"> Options Indexes FollowSymLinks AllowOverride None Order Deny,Allow Deny from none Allow from all </Directory> NameVirtualHost * <VirtualHost *> ServerName example.com ServerAlias www.example.com DocumentRoot C:/www/example ScriptAlias /libs/ "../libs" <Directory "C:/www/libs"> Options Indexes FollowSymLinks AllowOverride None Options +ExecCGI Order Deny,Allow Deny from none Allow from all </Directory> </VirtualHost>

  Read the article

• Giving Select Windows Domain Users Symbolic Link Privilege

  - by fp0n

  I would like to setup select users on our domain to have the ability to create symbolic links on local NTFS drives and network shares without needing to run as Administrator, as part of an application with will call the CreateSymbolicLink() API directly. The default configuration for our users is to be Administrator of their computer and I think I am fighting UAC to make the privileges work the way that I want because of that. I found this link on MSDN: http://social.msdn.microsoft.com/Forums/en-SG/windowssdk/thread/fa504848-a5ea-4e84-99b7-0eb4e469cbef which describes the interaction between the SeCreateSymbolicLinkPrivilege, UAC and a domain but really does not have a solution. Here's the three options I've come up with: 1) Create a new group, give the SeCreateSymbolicLinkPrivilege to the group and assign users to the group 2) Give each individual user (2 now, more later) the privilege 3) Give the privilege to the default User group which opens it up to all Users 4) Change config so Users are not Admins by default (probably would work but not likely) Based on my testing, only 3 works for me and that is the least desirable but I've only got a local server to test with, not a domain. I need to recommend to the admin how to set this up and also have something that we can easily explain to other users of our application that are on their own domain or not on a domain. The other option seems to be to create a Service that runs with a SYSTEM account that creates the links for the application but I'd rather not go that route. Thanks.

  Read the article

• Boot ISO image from GRUB4DOS on EFI machines

  - by Vladimir Tikhomirov

  I failed with loading ISO image (non-distro) from GRUB2 from USB stick, but found the way how I can boot the GRUB4DOS and then load the image from there. However, it doesn't work all the time and the questions is WHY it doesn't? Environment and loading process: We need to have EFI machine, USB stick, booting ISO, GRUB2 and GRUB4DOS. Last 3 on USB stick. Boot: USB - EFI loader - GRUB2 - GRUB4DOS - ISO image Configuration files To boot GRUB4DOS I use this from grub.cfg: menuentry "image.iso" { linux /syslinux/grub.exe --config-file="/menu.lst" } My menu.lst is here: timeout 20 default 0 title image.iso find --set-root --ignore-floppies --ignore-cd //image.iso map --heads=0 --sectors-per-track=0 //image.iso (hd32) map --hook chainloader (hd32) This works perfectly with Legacy machines. However, when I come to GRUB4DOS, I don't see the menu with image.iso, I see only GRUB command line. That means that my menu.lst didn't load. Why is it like this? Background and ideas I have an idea that GRUB4DOS doesn't recognize my USB stick as a device. I tried the command find and got (hd0,0), (hd0,1), (hd0,2), (rd). When I tried to set root to any of these devices I don't see fat file system, how it was with Legacy machines. The root device is (hd0,0), which has ntfs file system which should be partition with Windows. EFI machines support only GRUB2, so I can't boot GRUB4DOS straight away. Please, don't suggest anything like this, because my image doesn't have kernel. You can imagine that you load HDAT2 or Hiren's boot cd, for example. menuentry "Blancco Blancco5.iso" { set isofile="/image.iso" loopback loop $isofile set root=(loop) linux /isolinux/vmlinuz isofile=$isofile splash quiet initrd /isolinux/initrd }

  Read the article

< Previous Page | 452 453 454 455 456 457 458 459 460 461 462 463  | Next Page >