Search Results

Search found 4462 results on 179 pages for 'ssh'.

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Page 133/179 | < Previous Page | 129 130 131 132 133 134 135 136 137 138 139 140  | Next Page >

  • firehol (firewall) with bridge: how to filter

    - by Leon
    I have two interfaces: eth0 (public address) and lxcbr0 with 10.0.3.1. I have a LXC guest running with ip 10.0.3.10 This is my firehol config: version 5 trusted_ips=`/usr/local/bin/strip_comments /etc/firehol/trusted_ips` trusted_servers=`/usr/local/bin/strip_comments /etc/firehol/trusted_servers` blacklist full `/usr/local/bin/strip_comments /etc/firehol/blacklist` interface lxcbr0 virtual policy return server "dhcp dns" accept router virtual2internet inface lxcbr0 outface eth0 masquerade route all accept interface any world protection strong #Outgoing these protocols are allowed to everywhere client "smtp pop3 dns ntp mysql icmp" accept #These (incoming) services are available to everyone server "http https smtp ftp imap imaps pop3 pop3s passiveftp" accept #Outgoing, these protocols are only allowed to known servers client "http https webcache ftp ssh pyzor razor" accept dst "${trusted_servers}" On my host I can connect only to "trusted servers" on port 80. In my guest I can connect to port 80 on every host. I assumed that firehol would block that. Is there something I can add/change so that my guest(s) inherit the rules of the eth0 interface?

    Read the article

  • Passing all traffic through Cloudflare

    - by Nick
    I am new to Linux System Administration and I am experimenting with iptables trying to learn how to really lock down a system with them. And one thing a friend of mine recommended was that there was a way to pass all incoming traffic through Cloudflare so even if attackers resolved the server ip they still couldn't (D)dos it directly. This is exactly what they said: "Simply config your servers iptables to only allow incoming connections from CloudFlares IP ranges then set it to allow only your IP/IP range to connect on port 21 (SSH)" Could someone help me on what command I'd need to run for Ubuntu to get this effect?

    Read the article

  • CentOS PAM+LDAP login and host attribute

    - by pianisteg
    My system is CentOS 6.3, openldap is configured well, PAM authorization works fine. But after turning pam_check_host_attr to yes, all LDAP-auths fail with message "Access denied for this host". hostname on the server returns correct value, the same value is listed in user's profile. "pam_check_host_attr no" works fine and allows everyone with correct uid/password a piece of /var/log/secure: Sep 26 05:33:01 ldap sshd[1588]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=my-host user=my-username Sep 26 05:33:01 ldap sshd[1588]: Failed password for my-username from 77.AA.BB.CC port 58528 ssh2 Sep 26 05:33:01 ldap sshd[1589]: fatal: Access denied for user my-username by PAM account configuration Another two servers (CentOS 5.7 Debian) authorizes on this LDAP server correctly. Even with pam_check_host_attr yes! I didn't edit /etc/security/access.conf, it is empty, only default comments. I don't know what to do! How to fix this?

    Read the article

  • How do I Connect a 30yr-old Tandy 1400LT laptop to the internet?

    - by Clemens Bergmann
    Just for the fun of it, I want to get an old Tandy 1400LT laptop: small monochrome display two floppy drives rs-232c connector "printer" connector connect the thing the internet and use it as an ssh terminal. How would I connect it to the internet? The software should be no problem as it is a 386 hardware. There should be a small linux distribution which can be run on it. But how would I phisically connect the hardware? It has no ethernet port. Has someone experience with Serial/Paralel-to-ethernet converters?

    Read the article

  • Hostname problems in CentOS 5.5

    - by spoon16
    I just set up a CentOS 5.5 machine on my local network and attempted to modify the hostname by editing /etc/sysconfig/network file. When I'm logged in locally the change to the hostname is reflected and seems to be working fine. When I open a SSH session via PuTTY from Windows this is what I see at the prompt: [root@? ~]# cat /etc/sysconfig/network NETWORKING=yes NETWORKING_IPV6=yes HOSTNAME=mini.local [root@? ~]# sysctl kernel.hostname kernel.hostname = ? [root@? ~]# hostname ? [root@? ~]# hostname -f hostname: Unknown server error A couple of other symptoms that may be helpful in troubleshooting this problem. I can ping the CentOS box from my Windows machine via IP but not hostname. Also, my Netgear router does not display the hostname when I view the "Connected Devices", I do see the mac address and the proper IP listed though. How can I make it so that the hostname is properly propagated throughout my network?

    Read the article

  • kinit gives me a Kerberos ticket, but no AFS token

    - by Tomas Lycken
    I'm trying to setup access to my university's IT environment from my laptop running Ubuntu 12.04, by (mostly) following the IT-department's guides on AFS and Kerberos. I can get AFS working well enough so that I can navigate to my home folder (located in the nada.kth.se cell of AFS), and I can get Kerberos working well enough to forward tickets and authenticate me when I connect with ssh. However, I don't seem to get any AFS tokens locally, on my machine, so I can't just go to /afs/nada.kth.se/.../folder/file.txt on my machine and edit it. I can't even stand in /afs/nada.kth.se/.../folder and run ls without getting Permission denied errors. Why doesn't kinit -f [email protected] give me an AFS token? What do I need to do to get one?

    Read the article

  • How to transfer files between a remote Linux machine and a local Windows machine?

    - by Lazer
    I need to transfer files/folders between a remote machine running Linux and my local machine running Windows XP. I usually access the remote machine through ssh, and sometimes use VNC sessions. What is the easiest way to transfer a file from the remote machine to my local machine and vice versa? I think ftp should be the solution. Is there a better way? If ftp is a good option, how do I initiate the transfer? Do I need to setup ftp servers on both the machines and then transfer? What exactly needs to be done?

    Read the article

  • bash script - spawn, send, interact - commands not found error

    - by Sandeepan Nath
    I my shell script, I am trying to remove password prompt for scp command (as given in http://stackoverflow.com/questions/459182/using-expect-to-pass-a-password-to-ssh/459225#459225) and this is what I have so far :- #!/usr/bin/expect spawn scp $DESTINATION_PATH/exam.tar $SSH_CREDENTIALS':/'$PROJECT_INSTALLATION_PATH expect "password:" send $sshPassword"\n"; interact On running the script, I am getting errors spawn: command not found send: command not found interact: command not found I was also getting error expect: command not found also, then I realised the path to expect was not correct and expect was not installed at all. So, I did yum install expect, corrected the path and the error was gone. But not able to remove the other 3 errors still.

    Read the article

  • How do I use a virtualbox guest machine as a gateway?

    - by Igor Zinov'yev
    I have a certain problem. I am working on an Ubuntu machine, but I have to use a windows 2003 server guest to connect to a Stonegate VPN to be able to manage our client's website. I have already asked if I could connect to a Stonegate VPN in Ubuntu, but so far got no answer. And I couldn't connect to it using network manager's strongswan plugin. So I want to use my guest Win2003 as a gateway to be able to SSH to the remote server. Is that possible? Thank you very much in advance, if this is possible in any way, it will save me a lot of trouble!

    Read the article

  • Windows Server 2012 Essentials - Trying to setup "Anywhere Access" but the "Computer Access" list for users is blank

    - by tetranz
    I have a new installation of Windows Server 2012 Essentials and I'm trying to setup "Anywhere Access" for both VPN and remote desktop. The basic setup is all working. Shared folders is working but remote desktop has no computers available. On the server, if I edit a user with the Essentials Dashboard and go to "Computer access", the list is empty. The desktop computers have been joined to the domain. I can see them in AD under "Computers". I think our mistake was that we didn't use the connector tool to join the domain. We moved from a previous domain and went to Computer / Properties, changed the domain and started with a new profile. Is there something I can do now to make these desktops available for remote desktop? I can access a desktop directly no problem by going directly to it with the RDP client on port 3389. I do that from the outside world through an SSH tunnel.

    Read the article

  • using Linux vncviewer

    - by Darkoni
    Hi ! when i am connecting to VNC server using wine on linux $ wine vncviewer.exe i have to enter: VNC Server: 1.1.1.21 Proxy/Reapeter: 195.29.18.33:1234 and then, when i connect, on top there is txt: 1.1.1.21:5900 (195.29.18.33:1234) mine question is: how to connect using vncviewer ? what to put in VNC_VIA_CMD ? $ export xlocalPort=1234 $ export xremoteHost=1.1.1.21 $ export xremotePort=5900 $ export xgateway=195.29.18.33 $ export VNC_VIA_CMD="/usr/bin/ssh -f -L $xlocalPort:$xremoteHost:$xremotePort $xgateway sleep 20" $ vncviewer $xremoteHost -via $xgateway and i get error: unable connect to socket: Connection refused (111) i was trying to help myself with page http://www.tightvnc.com/vncviewer.1.php Please help, couse i need to use "native" linux vncviewer installed by $ yum install tigervnc tigervnc.i686 0:1.0.90-0.13.20100420svn4030.fc13 Thnx

    Read the article

  • Ghosting context menu clicks in WinXP

    - by Swish
    Let me preface by saying I have a lot of windows open most of the time, although not resource intensive ones, just browsers, ssh sessions, a music player, FTP client, Notepad++, IM clkients, etc. Anyway, I get a lot of weird visual "ghosting" type effects. For example when right-clicking and then selecting an option from a context menu the selected item will remain in view until I right click somewhere on the desktop. Same thing happens when selecting items from the File, Edit, etc. menu in various programs. I'm assuming this is just a result of a less than high quality video card (NVIDIA GeForce FX 5200), all the other hardware in the machine is newer higher quality, that specific video card was added after the fact for multiple monitors. I have looked all over the web for solutions and have increased the number of GDI handles for Windows, reduced the hardware accelaration on the card, etc. Any suggestions other than replace the card?

    Read the article

  • Why are there tons of PHP processes open on my server?

    - by fiftyeight
    Today I saw that a website of mine isn't working so I ssh'd to the server and executed ps -eF. I see about 200 PHP processes that are running all for 4 hours. Apache is built with mpm event and mod fcgid. I killed all the PHP processes and now it's running fine, why does this happen? is this expected behavior? I don't really understand how processes how Apache keeps track of the number of PHP processes and their process IDs, so it would be nice if someone can also give some reference when I can read about this. Also, I used the "ab" command (Apache Benchmark) to see if this happens all the time, so I ran it about 4-5 times with 30 concurrent requests and again there are like 150 PHP processes running, when I keep running "ab" now it doesn't spawn more processes and the website is still working. Please shed some light on this! Thank you :)

    Read the article

  • X-ming, Ubuntu apps - getting the Ubuntu style/theme to load

    - by user5402
    I am running X-ming on Windows 7 and using putty to ssh into an Ubuntu system. On the Ubuntu system I use the command: $ gnome-terminal & to display a terminal back on the Windows box. When I do this I don't get the standard Ubuntu style, i.e. dark purple background, Mono font, solid cursor (which I've configured in the Gnome Control Center.) Instead I get a very plain style - white background, blinking cursor, very small font. However, if I run gnome-control-center and then click on, say, the Keyboard icon, the terminal window will be reconfigured with the Ubuntu style with my customizations (e.g. block cursor vs. blinking cursor.) Just starting one of the control applets seems to trigger this style change. My question is: How can I trigger this style change more directly - without having to launch the Gnome Control center and launching one of the configuration applets?

    Read the article

  • Steps to take when technical staff leave

    - by Tom O'Connor
    How do you handle the departure process when privileged or technical staff resign / get fired? Do you have a checklist of things to do to ensure the continuing operation / security of the company's infrastructure? I'm trying to come up with a nice canonical list of things that my colleagues should do when I leave (I resigned a week ago, so I've got a month to tidy up and GTFO). So far I've got: Escort them off the premises Delete their email Inbox (set all mail to forward to a catch-all) Delete their SSH keys on server(s) Delete their mysql user account(s) ... So, what's next. What have I forgotten to mention, or might be similarly useful? (endnote: Why is this off-topic? I'm a systems administrator, and this concerns continuing business security, this is definitely on-topic.)

    Read the article

  • How to secure Firefox traffic (+DNS) through SOCKS proxy under Ubuntu 10.04?

    - by Maarx
    I'm using Ubuntu 10.04, and starting a SOCKS proxy with 'ssh -D', and setting Ubuntu to use it with "System - Preferences - Network Proxy". Firefox uses the proxy, and the proxy's IP appears when I visit a site like http://www.whatismyip.com/. My question is, is Firefox resolving DNS requests through this proxy? Is my web-browsing truly secure? (That is, until I exit the other end of the proxy. I know it's insecure after that.) (And I've verified the keys, I'm not being man-in-the-middled) (And--screw it. You know what I mean. Is it resolving DNS requests through the proxy?) I don't know how I would go about verifying such a thing for myself. Using additional hardware such as another debugging proxy is not an option. If Firefox isn't resolving my DNS requests through the SOCKS proxy, how do I go about fixing it?

    Read the article

  • What is the best OS for a server hosting a simple Ruby on Rails based pastebin

    - by Koning Baard XIV
    I have created a simple pastebin in Ruby on Rails and Python. I want to host it in an intranet and it will have like about 1000 users. I want to use one Apache server with a cluster of Mongrel servers. The server itself is a 2 GHz Intel Centrino with 2 GB RAM. What do you think is the best OS to host this? I thought about Damn Small Linux or a custom LFS system. Ubuntu servers come with loads of stuff I don't need. Maybe there are some better OSes? It must be capable of: Running Apache Running Ruby Running Python Running Mongrel with Ruby on Rails SSH Can anyone reccomend me one? Thanks. PS: I am not going to run Windows Server or Mac OS X Server (Mac's are expensive).

    Read the article

  • Empty /var/log after running cron bash script

    - by Ortix92
    I wrote a little bash script and all of a sudden my /var/log folder is completely empty except for the log I created for the bash script. This is the script I'm running every hour with cron: #!/bin/bash STL_DIR=/path/to/some/folder/i/hid LOGFILE=/var/log/stl_upload.log now=`date` echo "----------Start of Transmission----------" 2>&1 | tee -a $LOGFILE echo "Starting transfer at $now" 2>&1 | tee -a $LOGFILE rsync -av -e ssh $STL_DIR [email protected]:/users/path/folder 2>&1 | tee -a $LOGFILE echo "----------End of transmission----------" 2>&1 | tee -a $LOGFILE printf "\n" 2>&1 | tee -a $LOGFILE I want to be clear that I'm not 100% certain this is related to the empty logs folder. So if anyone could give me a pointer as to what could be going on about the reason why my log folder is empty, that'd be great.

    Read the article

  • Problems to connect Java visualVM to a EC2-instance

    - by kasten
    I'm trying to profile a AWS EC2 instance via visualVM. The instance is in a securitygroup which allows all connections and i'm runing jstatd with a grant codebase "file:${java.home}/../lib/tools.jar" { permission java.security.AllPermission; }; policy on it. When i try to connect from my local machine with visulVM nothing happens. When i use jps i get the following response $ jps -l -m -v rmi://ec2-xxx-xxx-xxx-xxx.compute-1.amazonaws.com Error communicating with remote host: Connection refused to host: xxx.xxx.xxx.xxx; nested exception is: java.net.ConnectException: Connection timed out But i can ssh into the instance and use jps locally. Has anyone a pointer in which direction i can debug further?

    Read the article

  • OpenVPN Bridge on pfsense: once LAN pings clients, connectivity breaks

    - by Lucas Kauffman
    So I'm using a pfsense openvpn to bridge my LAN segment so VPN users can access the servers. The problem I'm having now is that I can establish a connection, I can ping the LAN server from the VPN, but as soon as I ping the client from the LAN server, there is no connectivity anymore between both parties. So: connect from the VPN client to the LAN = works ping the LAN from the VPN client = works access server from the VPN (ssh, ftp,...) = works ping client from server = doesn't work ping LAN from the VPN client = doesn't work anymore My bridge has em1 and ovpns1 bridged. I noted with tcpdump that ICMP is reaching the bridge between LAN and the VPN segment. But it's not put onto the em1 interface for some reason. My pfsense is running on an ESXi host with th vSwitch port enabled in promiscious mode. Firewall rules allow in and outbound traffic regardless origin or destination.

    Read the article

  • OpenLDAP PAM authen does not support SSHA on FreeBSD10

    - by suker200
    OpenLDAP PAM authen does not support SSHA? Hi everyone, Now, I lost one day to figure out, the reason my FreeBSD10 can not authenticate SSH user via LDAP because pam_ldap and nss_ldap do not support SSHA password when OpenLDAP support SSHA method. I have checked /usr/local/etc/ldap.conf, they just have these pam_password methods: clear, crypt, nds, racf, ad, exop. So, If I switch to CRYPT, I can authenticate successfully. So, IMHO, I will be very appreciative for any point or suggestion from everyone to make my FreeBSD10 PAM support SSHA, is there any way or can not? Infor: Ldap Server (389 DS - Centos) - Ldap client (FreeBSD10) what I have got: authen via Ldap between Centos - Centos (Okie). Centos (Ldap Server) - FreeBSD failed (work if I using crypt) Thank and BR Suker200

    Read the article

  • Repartition Ubuntu by command line?

    - by DisgruntledGoat
    On my server the filesystem includes these partitions: Filesystem Size Used Avail Use% Mounted on /dev/sda6 4.6G 929M 3.5G 21% / /dev/sda5 76M 20M 53M 27% /boot /dev/sda8 449G 199M 426G 1% /home /dev/sda7 4.6G 4.4G 0 100% /var (Output from df -ah) I'm storing the web sites and databases under /var and as you can see it's got full. The /home folder just has basic user directories and nothing else so I'd like to repartition the server so that /dev/sda8 is about 5GB, with the rest going to dev/sda7. What's the easiest way to do this via command line (i.e. SSH)?

    Read the article

  • Simple web-frontend for remote svn administration?

    - by Stefan Lasiewski
    We run a SVN repository. Some of our more advanced users need to be able to perform some SVN administration without relying on the system administrator. They need to be able to do things like create SVN repositories, delete SVN repositories,, and perform commands like 'svnadmin dump' and 'svnadmin load'. We'd like to avoid SSH access on these FreeBSD machines, and would rather provide a service interface through a Web UI. I'm looking for a simple script (or a small number of scripts) which use Perl or PHP. I found svnadmin or svnadmin.pl, but was hoping to find something with a larger user community or which has been recommended by others. It looks like Trac allows SVN administration, but comes with may more features then we need.

    Read the article

  • Resolve Wrong IP from Domain Name only on certain networks

    - by Godric Seer
    I host a personal website on an old desktop that is LAMP based. There are several strange things about this problem so I will break it down into steps. Since I have a dynamic IP, I use no-ip to make sure I have a working domain name at all times. I use the automatic update client, but logged in and checked and my no-ip domain has the proper IP tied to it. Here is a link to the homepage through the no-ip domain for reference. Also, I do a ping and a traceroute on the no-ip domain and get: [eckertzs@localhost ~]$ ping -c 1 endradil.noip.me PING endradil.noip.me (65.24.215.99) 56(84) bytes of data. 64 bytes from endradil.noip.me (65.24.215.99): icmp_seq=1 ttl=64 time=2.23 ms --- endradil.noip.me ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 104ms rtt min/avg/max/mdev = 2.233/2.233/2.233/0.000 ms [eckertzs@localhost ~]$ traceroute endradil.noip.me traceroute to endradil.noip.me (65.24.215.99), 30 hops max, 60 byte packets 1 . (192.168.2.1) 1.755 ms 5.409 ms 5.380 ms 2 endradil.noip.me (65.24.215.99) 6.297 ms 9.543 ms 10.324 ms Using this domain, I can connect to my webserver without issue or interruption(the https is required to avoid a redirect serverside, but it works). I also have a domain I have bought on GoDaddy where I have a CNAME record forwarding the www subdomain to my no-ip domain. CNAME Record Host: www Points to: endradil.noip.me TTL: 1 hour For the past several weeks, I never had an issue using the GoDaddy domain to connect (ssh or https). As of the past few days, however, the GoDaddy domain has only worked intermittently, for a few minutes at a time and then will go down for hours at a time. I get server not found errors most of the time. Also, if I happen to be using the GoDaddy domain for an ssh connection, the connection will freeze. I have run online tests of the DNS and have seen that the website is visible by external servers and resolved to the correct IP. I also contacted GoDaddy support but they had no issues connecting to the website, and therefore did not see any issues. My personal computers (Windows desktop, linux laptop, android phone) all fail to connect when on my personal wifi. If I disconnect my phone from the wifi and use my AT&T wireless data, it can connect with both domains without issue. When I attempt to use Google webmaster tools to crawl the site using the GoDaddy domain, Google can not find the site. From my linux laptop, I have found some interesting results when I ping or traceroute the domain. The results from these: [eckertzs@localhost ~]$ ping -c 1 www.endradil.com PING www.endradil.com.Belkin (198.105.244.228) 56(84) bytes of data. --- www.endradil.com.Belkin ping statistics --- 1 packets transmitted, 0 received, 100% packet loss, time 10000ms [eckertzs@localhost ~]$ traceroute www.endradil.com traceroute to www.endradil.com (198.105.244.228), 30 hops max, 60 byte packets 1 . (192.168.2.1) 1.918 ms 2.806 ms 2.772 ms 2 cpe-65-24-208-1.insight.res.rr.com (65.24.208.1) 29.247 ms 29.654 ms 30.094 ms 3 cpe-69-23-24-117.new.res.rr.com (69.23.24.117) 15.597 ms 23.218 ms 23.581 ms 4 agg24.clmcohib01r.midwest.rr.com (65.29.1.52) 30.581 ms 30.556 ms 31.192 ms 5 be27.clevohek01r.midwest.rr.com (65.29.1.38) 30.580 ms 31.062 ms 31.038 ms 6 bu-ether25.atlngamq47w-bcr01.tbone.rr.com (107.14.19.38) 37.863 ms 68.844 ms 43.773 ms 7 107.14.17.178 (107.14.17.178) 51.866 ms 51.019 ms 50.989 ms 8 ae0.pr1.dca10.tbone.rr.com (107.14.17.200) 48.467 ms ae-4-0.a0.lax91.tbone.rr.com (66.109.1.113) 49.912 ms * 9 v413.core1.ash1.he.net (209.51.175.33) 60.270 ms 50.842 ms 50.819 ms 10 100ge5-1.core1.nyc4.he.net (184.105.223.166) 55.597 ms 56.045 ms 56.020 ms 11 xerocole-inc.10gigabitethernet12-4.core1.nyc4.he.net (216.66.41.242) 56.001 ms 55.969 ms 55.992 ms 12 * * * both show the incorrect IP. Also, the traceroute timesout on hops 12 through 255 (output truncated above). The traceroute using site24x7 works and shows reasonable results when run from their california server. From another linux box on a different network but in the same city as me (10 miles away), I still get timeout for traceroute, however the IP resolves correctly for the domain. From this I believe that the DNS result is incorrectly cached in either my router/modem or perhaps even at my ISP level. My question is, first, how do I find out exactly what is wrong, and second, how do I resolve it.

    Read the article

  • $RYSNC_PASSWORD not being read/responded-to correctly (Snow Leopard)

    - by warren
    Ignoring the security issues, I have the following script that synchronizes my music library from my MacBook Pro (running Snow Leopard) to the file store (CentOS 4) on my network: rsync -rav --progress --partial -e "ssh" ~/Music/iTunes/* user@scramasax:~/music/iTunes-scissor:~ When I try to use either a password provided on the command-line (), in a password file (--password-file), or in the environment variable RSYNC_PASSWORD, the login still goes interactive, requiring me to type my password again. I will be moving to pre-shared keys on my network, but in situations where that is not possible, such as rsync'ing files to a webserver, being able to successfully embed the password in the script would be very helpful.

    Read the article

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

< Previous Page | 129 130 131 132 133 134 135 136 137 138 139 140  | Next Page >