Search Results

Search found 4462 results on 179 pages for 'ssh'.

Page 140/179 | < Previous Page | 136 137 138 139 140 141 142 143 144 145 146 147 | Next Page >

OpenVPN client on Amazon EC2

- by Matt Culbreth

I have an account with an OpenVPN service, and I'd like to get that running on my EC2 instance running Ubuntu 12.04. I have my config file in /etc/openvpn, and it connects fine when I run sudo openvpn --config matt.ovpn. However, I then lose connectivity to the EC2 machine, and I can't SSH back to it until I reboot. Previously I have done things like sudo ip rule add from IP_ADDRESS table 10 and then sudo ip route add default via GATEWAY_IP table 10, but that's not working on EC2. Any ideas? My private IP address right now is 10.209.29.XXX and my gateway is 10.209.29.1.

Read the article
How to deny access to disabled AD accounts via kerberos in pam_krb5?

- by Phil

I have a working AD/Linux/LDAP/KRB5 directory and authentication setup, with one small problem. When an account is disabled, SSH publickey authentication still allows user login. It's clear that kerberos clients can identify a disabled account, as kinit and kpasswd return "Clients credentials have been revoked" with no further password / interaction. Can PAM be configured (with "UsePAM yes" in sshd_config) to disallow logins for disabled accounts, where authentication is done by publickey? This doesn't seem to work: account [default=bad success=ok user_unknown=ignore] pam_krb5.so Please don't introduce winbind in your answer - we don't use it.

Read the article
Logging upload attempt with proftpd

- by Amit Sonnenschein

I have a logging server that i use with external hardware, the idea is that a special hardware is uploading logs about it's operation every few hours and from the server i can do whatever i need to do with the information, the old server was getting a bit too old and i've moved to a new one, i've install lamp,proftpd and ssh (just the same as i had on the old server). now for some reason the logs are not being uploaded and i don't know why. the hardware uses a direct ftp access - i've the proftpd.log and saw that the connection is not being rejected (just to make sure i didn't make a mistake with the user/pass) my problem is that for some reason the upload itself is failing... it might be due to wrong path (as it's hard coded in the hardware) but i can't really know as proftpd wont give me any details.. i've tried to change the loglevel to "debug" thinking it would give me more information but i don't see any change... is there any other way i can make sure proftpd logs EVERTHING ?

Read the article
How to set umask for a folder and it's subfolder?

- by Cyril N.

I'm working on the same directory with some friends and they access it via SSH. I added us in the same group and defined a sticky bit to keep the user:group values the same. But when a user create a file/folder, the Write attribute is not defined for the group, disabling other to write it/on it. How can I define the Umask to add the Write value for groups in the specific directory and it's subfolders ? I tried to find some help before, but I only saw helps for Fedora/CentOs, and I'm using Debian Squeeze. Thanks for your help

Read the article
Why is rsync.exe [cwRsync] trying to open a port when in client mode?

- by hemancuso

I'm trying to use a cygwin compiled version of rsync [the cwrsync package] on Windows and in seemingly whatever configuration I test in there is a request to the user presented by Windows Firewall to allow inbound traffic. If you deny this request, everything works fine - as expected. I'm doing a vanilla push rsync.exe localpath user@remotepath:/absolutepath and it works just fine. I've also attempted this command having deleted ssh from the path and using rsync on local paths - still a firewall prompt. Why is this listen() happening and is there a way I can force the client to not attempt to listen without recompiling and maintaing a patch?

Read the article
Rsync : execute permission required

- by user651488

I'm using rsync between two servers to transfer files. The problem is some files are not transferred. I get this error : rsync: readlink "/var/www/index.html" failed: Permission denied (13) So I check permissions on the server and after make tests, I notice a file is transferred only if it has these permissions : R-W ! If the file have these permissions : R--, Rsync can't download it !? Command: /usr/bin/rsync -avzr -e "/usr/bin/ssh -i /home/replication/thishost-rsync-key" [email protected]:/var/www/index.html ./ Is it a bug with Rsync ? I find any information about this problem. Thanks for your help Debian Etch 2.6.30 Rsync 2.6.9 protocol version 29

Read the article
How does Apache handle port forwarding?

- by vfclists

I setup a localhost portforwarding configuration in the coLinux .conf file, forwarding port 8090 to port 80 in the VM. When http://localhost:8090 is entered in the browser, I get the correct response from nginx, but with Apache the response get the error /htdocs not found in the log. However if I do a local port forwarding from 8090 to port 80 via SSH Apache responds fine. Is there something about the way Apache handles the port redirection that causes it to fail? PS, For those unfamiliar with coLinux it allows localhost connections to get to the VM by forwarding localhost ports on the Windows host to ports on the VM, as the 10.x.x.x IP it not accessible from the Windows host.

Read the article
Converting an ancient RH8 system to VMware ESXi

- by donatello

I am curious to know what options I have to convert a very old RedHat8 machine to a virtual one on ESXi. Looking at VMware Converter it seems there's an option to login to the RH8 using SSH, and from there it will convert to the ESXi-server. That makes me a bit nervous though, exactly what is happening there? The RH8 machine is slightly critical, and if anything messes up it'll likely result in many hours extra work. :( Another option I thought of was to boot a LiveCD on RH8-system and create a raw "dd dump" of the disk. The similar method is used to restore the image, I boot a LiveCD on the VM in ESXi and use "dd" to write it to disk. Is there any other option I could use? I'm using the cheap version of ESXi, hence I have no access to the Converter BootCD so these rather cumbersome methods is the only I can think of. :)

Read the article
Tunneling HTTPS traffic via a PUTTY/SSL tunnel with SOCKS

- by ripper234

I have configured a SOCKS ssh tunnel to a remote proxy, and set my Firefox to use localhost:<port> as a SOCKS proxy. My intention is to tunnel outgoing HTTP/S connections from my machine via a specific 3rd party server I own (on AWS). In my testing, HTTP UTLs are forwarded properly (e.g. when I access http://jsonip.com/ from my computer I do get the server's IP) However, whenever I try to reach an HTTPS address, I get this error: The proxy server is refusing connections How do I debug/fix it? My PUTTY tunnel config is simply (some random source port number + dynamic checked): P.S. I'm aware I might need to manually accept SSL certificates. The reason I'm doing this is to resolve problems using gmail as an outbound SMTP service.

Read the article
FreeBSD's VPN & Mac OS X IPSecuritas

- by alexus

I need to be able to VPN in to my FreeBSD server from my Mac using IPSecuritas. I was wondering if anyone ever done something, I'm reading VPN over IPsec but that mainly covers if you had 2 nodes with 2 public IP address. My endpoint in IPSecuritas configured with MODE_CFG enabled so it'll have the other node to query my address from it's coming from. SSH is out of question, this is not a VPN solution, people who'd end up using VPN wouldn't know what to do, so I need very simple VPN the one that you get to use almost anywhere, you have a client and you have server, client makes a connection to server and boom, you in...

Read the article
Successful su for user by root in /var/log/auth.log

- by grs

I have this sorts of entries in my /var/log/auth.log: Apr 3 12:32:23 machine_name su[1521]: Successful su for user1 by root Apr 3 12:32:23 machine_name su[1654]: Successful su for user2 by root Apr 3 12:32:24 machine_name su[1772]: Successful su for user3 by root Situation: All users are real accounts in /etc/passwd; None of the users has its own crontab; All of those users are logged in the machine some time ago via SSH or No Machine - time varies from few minutes to few hours; no cron jobs are scheduled to run at that time, anacron is removed; I can see similar entries for other days and other times. The common part is the users are logged in when it appears. It does not appear during login, but some time afterwards. This machine has similar setup with few others but it is the only one where I see these entries. What causes them? Thanks

Read the article
Ethernet port sleeping on PS3 running linux

- by Doug

My lab has a PS3 running Ubuntu Linux 9.04 Server Edition. After a period of a few hours with no use, the Ethernet connection (eth0) seems to go to sleep, causing the connection to be lost. Pinging or trying to SSH into the machine results in no response. The fix I've been using is to access the machine locally and restart it (trying to bring eth0 down then up doesn't seem to correct it). I've tried setting up an hourly cron job that runs on the PS3 and pings another machine just to create network activity, but this doesn't seem to solve the problem either. Update: The solution was to run the above cron job much more frequently: every 10 minutes works.

Read the article
Using Credentials with network scanners

- by grossmae

I'm testing out both Tenable's Nessus scanner as well as eEye's Retina for scanning network devices. I am trying to supply credentials to get deeper, more accurate results, however there seems to be no difference in the results whether I supply the credentials or not. I've read the documentation and it seems like I've tried all the logical settings in the Credential options. I've submit along with usernames and passwords for many different accounts and types of accounts (both SSH Credentials and Web Application Credentials) on the devices as well as their respective domain names (when applicable). Is there possibly a good test for either (or both) scanners to tell where these credentials are being provided (if at all) and if any of them are successfully getting authentication?

Read the article
How to force rsync to use destination directory as root

- by thepurplepixel

I have a simple script to one-way-sync files/folders within a directory: #!/bin/bash HOST='<hostname>' USER='<username>' DIR='/downloads/' SOURCE='/srv/torrents' rsync -e "ssh -l $USER" --remove-source-files -h -4 -r --stats --progress -i $SOURCE $HOST:$DIR find $SOURCE -type d -empty -prune -exec rmdir -p \{\} \; However, when this rsync operation runs, it creates a folder, torrents in /downloads on the destination machine. How can I force rsync to put all folders & files from /srv/torrents (remote) into /downloads/ (local) instead of creating /downloads/torrents as a separate directory?

Read the article
Is it possible to code on two different computers simultaneously?

- by Muhammad

I want to work with another programmer and I want the source code to be live in real-time on both of our screens. Is this possible on the Mac OS x or Linux? We're going to be using OS X but occasionally we might need to add an Ubuntu computer too. Is there a way I can do this using ssh, any shell based program, or even a good GUI? I thought Coda might be capable of this but it's not really working. Anyone ever do this? I'm not look for a git/svn/or any other version control system. This is more of a live coding session. :)

Read the article
Alternatives to Citrix GoToAssist ?

- by Evan Carroll

Citrix GoToAssist is a really nifty little web application for customer support that allows you to take control of someones OSX, or Windows machine. Essentially, it works likes this: You log in to your management console You get a code You give them a code, and a website (fastsupport.com) They go there and enter in the code They accept the browser applet which installs a program on their computer You have control of their desktop You can see their desktop, configure applications, etc. They can also see when you disconnect. It is really rather nifty, but it doesn't support Linux and it is rather expensive (660$ a year). Does anyone know of any alternatives to this? I'm looking for a solution as simple on the user as this one, that doesn't require firewall configuration or setting up ssh/vnc/rdesktop etc.

Read the article
Determine process using a port, without sudo

- by pat

I'd like to find out which process (in particular, the process id) is using a given port. The one catch is, I don't want to use sudo, nor am I logged in as root. The processes I want this to work for are run by the same user that I want to find the process id - so I would have thought this was simple. Both lsof and netstat won't tell me the process id unless I run them using sudo - they will tell me that the port is being used though. As some extra context - I have various apps all connecting via SSH to a server I manage, and creating reverse port forwards. Once those are set up, my server does some processing using the forwarded port, and then the connection can be killed. If I can map specific ports (each app has their own) to processes, this is a simple script. Any suggestions? This is on an Ubuntu box, by the way - but I'm guessing any solution will be standard across most Linux distros.

Read the article
Private Git repo using Smart HTTP with LDAP authentification

- by ALOToverflow

I've been crawling the interwebz and getting my hands dirty for the last few days, but I can't seem to make it all work together. I managed to get a HTTP repo working with Ubuntu 10.04 over Smart HTTP (pull and push over HTTP) for a single repo. This means that I do the initial setup over SSH to the server (git init --bare) and after that the clients can pull and push to it (git clone http://servername/allgitrepos/repo.git). Unfortunately it's impossible to add a new repo without SSHing to the server and adding it manually) i.e. git push http://servername/allgitrepos/repo2.git (allgitrepos is available for everyone to read-write and execute) would fail talking about git update-server-info (which seems to be a general error message). So far the repository is anonymous, so I would like to authenticate using LDAP and also use the LDAP creds to make the git commit. So, how can I push new repos to the server and how can I use the LDAP creds to make the git commit. Thanks

Read the article
Choosing a Linux distribution

- by Luke Puplett

Dangerous territory with this question so please try to be impartial and instead focus on what to look for when choosing a Linux distribution. I'm completely new to Linux. I thought it'd never happen but I need to have a Linux box to play with and I have a spare fanless Atom PC (32-bit only). I'll be using the machine as a non-commercial hobby server, the trouble is, I don't even know how to compare Linux distributions and why people pick one over another. If anything, I want to have an easy install from USB stick. My question is: what do you look for when choosing a (free?) Linux distribution for a server? If you can, please explain what sorts of things actually differ between one and another without saying which you think is better, just the facts. The way I see it, Linux as a server is just an SSH console and I find it hard to imagine what could be different between one and another.

Read the article
Understanding connection tracking in iptables

- by Matt

I'm after some clarification of the state/connection tracking in iptables. What is the difference between these rules? iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT Is connection tracking turned on when a packet is first matched containing -m state --state BLA , or is connection tracking always on? Can/Should connection state be used for fast matching like below? e.g. suppose this is some sort of router/firewall (no nat). # Default DROP policy iptables -P INPUT DROP iptables -P OUTPUT DROP iptables -P FORWARD DROP # Drop invalid iptables -A FORWARD -m state --state INVALID -j DROP # Accept established,related connections iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT # Allow ssh through, track connection iptables -A FORWARD -p tcp --syn --dport 22 -m state --state NEW -j ACCEPT

Read the article
Solutions for exporting a remote desktop app (display and audio)

- by Richard

I'm looking for a solution that will allow me to export a desktop app running on a server to a client machine. The server is ideally Linux, the desktop is Windows (+Mac for icing on the cake). The export should be encrypted and I need to support multiple clients from one server. I only want to export an individual app, not a whole desktop, and ideally am looking for open source solutions. The obvious, cheapest, simplest choice is to use X tunnelled over ssh (e.g using Xming on the desktop) but X doesn't support audio. What are the alternatives? Or is there a way to support audio using X or in parallel to X? Thanks

Read the article
Remote X-windows between new RHEL5 and old Solaris 8

- by joshxdr

I have a very small lab network with three boxes: a modern x86-based RHEL3 box, an x86-based RHEL5 box, and a 1998-vintage SPARC Ultra5 with Solaris 8. I can use ssh -X to run a program on the RHEL5 box and view the windows on the RHEL3 box. I believe this uses xauth and magic cookies?? I have followed the X-Windows HOWTO to set up xauth on the Solaris box, but so far no dice. I would like to be able to use the X-windows server on the RHEL3 box with a client program on the Solaris box (program running on Solaris host, windows appearing at Linux host). Is there a trick to this, or have I made a mistake following the instructions for setting up xauth and magic cookie?

Read the article
backuppc - how to backup remote (over the internet) clients?

- by Scott

I am testing out backuppc, which works great so far backing up windows clients on a LAN via SMB (no backup client/agent required). However I have quite a few laptops and desktops that are in various remote locations - some of which move around. I need some way to have that remote computer create an outgoing connection for backup purposes (Windows XP/7). I know backuppc supports smb, rsync and 'tar', but I believe these are all connections going from the server TO the client. SO, I either need a way to vpn the client on a timed basis, or it would be a lot better if the client could some how connect to the server (ssh?) and initiate it's own backup somehow (rsync?). Of course this all needs to be pre-installed by me and require no maintenance by the end user, no dialogs on their side. What do you think?

Read the article
Determine which version of linux/unix/darwin I have

- by John

I have root ssh/terminal access to a linux server. How do I determine which version of centos I have? Some people suggested I run the command cat /etc/redhat-release but I got an error saying file not found. In fact, i'm not entirely sure i'm even using CentOS. That's what some suggested it might be. Here's a list of commands I tried that gave me no file or directory error: cat /etc/*release* cat /etc/*version* cat /proc/*version* cat /proc/*release* Here's a list of linux commands that do not exist: lsb_release: command not found wget: command not found yum: command not found

Read the article
virtualbox and nginx server_name

- by Ivan

I'm trying to configure gitlab running in an Ubuntu 12.04 guest with Windows7 host. I can ssh the guest using port-forwarding and access the nginx server using port redirection (8888 in host is 80 in guest, so localhost:8888 in host gets to the nginx server in the guest), but the server_name in nginx configuration file is giving me trouble. What is the correct listen and server_name that nginx would accept? The guest has the NAT interface at 10.0.2.15 and Host-Only interface at 192.168.56.101, static. Thanks!

Read the article

< Previous Page | 136 137 138 139 140 141 142 143 144 145 146 147 | Next Page >