Search Results

Search found 6397 results on 256 pages for 'ssh agent'.

Page 192/256 | < Previous Page | 188 189 190 191 192 193 194 195 196 197 198 199 | Next Page >

Distributed Nagios Installation

- by kruczkowski

I'm looking for a plug-in or product that will act as a remote probe and perform tests then send back the results to the central Nagios server. Reason for this is that I'd like to monitor internal systems and servers at customers, but don't want to allow all the traffic passing the firewalls. Ideally I'd like a soft-probe that would be installed and then perform the tests and send back the results (via SSH) to the central Nagios installation. Does anyone know of a product or plug-in that would offer such service? If not Nagios, is there any other monitoring system that does such a thing (ideally open-source)?

Read the article
How To Create An FTP User That Has Permission To EVERYTHING

- by Serg

I've spent the last two hours trying to create an FTP user so I can transfer some files over to my Wordpress blog folder. /var/www/sergiotapia.me I'm using vsftpd and Ubuntu 12.04 for my FTP server and I've read tons of documentation, none of which seem to work. I still cannot log in with the FTP user, let alone test if I even have the read/write file permissions. Can a Linux guru here, help me out with a small step by step? I'm comfortable with the terminal and nano, so that's not an issue - I'll SSH into my box. Just tell me what to do and what commands to run. Specifically, this user needs to have read and write access to the /var/ folder and anything within it. I want to have 1 user that can do whatever the heck he wants on my Ubuntu 12.04 VPS machine.

Read the article
Not able to get response back on java code while http get with S60

- by Rishabh

Hi, I am using Net Beans for developing an application on S60. I made one page for user authentication and using .net wcf service to authenticate user. i am able to send data on .net service by HttpGet method but not able to get response back on java page. I have tested it on fiddler with this url its working fine and returning response code 200, but not getting response code by java code. Following code i am using. Is some thing wrong here ? httpConn = (HttpConnection)Connector.open(url); httpConn.setRequestMethod(HttpConnection.GET); httpConn.setRequestProperty("User-Agent", "Profile/MIDP-2.1 Confirguration/CLDC-1.1"); int respCode = httpConn.getResponseCode(); Thanks Rishabh

Read the article
Rsync : execute permission required

- by user651488

I'm using rsync between two servers to transfer files. The problem is some files are not transferred. I get this error : rsync: readlink "/var/www/index.html" failed: Permission denied (13) So I check permissions on the server and after make tests, I notice a file is transferred only if it has these permissions : R-W ! If the file have these permissions : R--, Rsync can't download it !? Command: /usr/bin/rsync -avzr -e "/usr/bin/ssh -i /home/replication/thishost-rsync-key" [email protected]:/var/www/index.html ./ Is it a bug with Rsync ? I find any information about this problem. Thanks for your help Debian Etch 2.6.30 Rsync 2.6.9 protocol version 29

Read the article
How does Apache handle port forwarding?

- by vfclists

I setup a localhost portforwarding configuration in the coLinux .conf file, forwarding port 8090 to port 80 in the VM. When http://localhost:8090 is entered in the browser, I get the correct response from nginx, but with Apache the response get the error /htdocs not found in the log. However if I do a local port forwarding from 8090 to port 80 via SSH Apache responds fine. Is there something about the way Apache handles the port redirection that causes it to fail? PS, For those unfamiliar with coLinux it allows localhost connections to get to the VM by forwarding localhost ports on the Windows host to ports on the VM, as the 10.x.x.x IP it not accessible from the Windows host.

Read the article
Is Rsync like subversion, but for a server?

- by johnlai2004

I'm trying to learn how to use rsync. I want to create daily backs up of my production server. Right now I run the command rsync -azr /var/www/* [email protected]:/var/www Now let's say one day, I want to roll back the /var/www/ directory on my production server to last month's version. How do I tell rsync to retrieve version N? On reading that rsync only copies differences between src and dest, I assumed rsync works like subversion where you commit changes to a destination, and keep track of every version, and with the option to checkout any version at anytime. Is that the way rsync works? It's like subversion but for an entire server? That would be great because then it means I don't have to do full ssh copies for my nightly backups.

Read the article
Choosing a Linux distribution

- by Luke Puplett

Dangerous territory with this question so please try to be impartial and instead focus on what to look for when choosing a Linux distribution. I'm completely new to Linux. I thought it'd never happen but I need to have a Linux box to play with and I have a spare fanless Atom PC (32-bit only). I'll be using the machine as a non-commercial hobby server, the trouble is, I don't even know how to compare Linux distributions and why people pick one over another. If anything, I want to have an easy install from USB stick. My question is: what do you look for when choosing a (free?) Linux distribution for a server? If you can, please explain what sorts of things actually differ between one and another without saying which you think is better, just the facts. The way I see it, Linux as a server is just an SSH console and I find it hard to imagine what could be different between one and another.

Read the article
What is a good solution for an adaptive iptables daemon?

- by Matt

I am running a series of web servers and already have a pretty good set of firewall rules set up, however I'm looking for something to monitor the traffic and add rules as needed. I have denyhosts monitoring for bad SSH logins, and that's great - but I'd love something I could apply to the whole machine that would help prevent bute force attacks against my web applications as well, and add rules to block IPs that display evidence of common attacks. I've seen APF, but it looks as though it hasn't been updated in several years. Is it still in use and would it be good for this? Also, what other solutions are out there that would manipulate iptables to behave in some adaptive fashion? I'm running Ubuntu Linux, if that helps.

Read the article
CentOS 6 - iptables preventing web access via port 80

- by bsod99

I'm setting up a new web server with CentOS 6.2 and am not able to connect via the web. Everything looks set up correctly in httpd.conf and Apache is running, so I'm assuming it's an iptables issue. Is there anything in the following which could be causing the issue? # iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT icmp -- anywhere anywhere ACCEPT all -- anywhere anywhere ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh REJECT all -- anywhere anywhere reject-with icmp-host-prohibited ACCEPT tcp -- anywhere anywhere tcp dpt:http Chain FORWARD (policy ACCEPT) target prot opt source destination REJECT all -- anywhere anywhere reject-with icmp-host-prohibited Chain OUTPUT (policy ACCEPT)

Read the article
apache url / filename with special characters

- by Mario Delgado

I have this url: http://domain.com/wp-content/uploads/2012/10/Hvilke-vilkår-følger-med-når-du-bestiller-nyt-bredbånd.png If I ftp/ssh or just browse to that folder (apache index feature), I see the file Hvilke-vilkår-følger-med-når-du-bestiller-nyt-bredbånd.png If I click on the link from the apache index, I can see the file, however, if I copy the URL and try to browse to it directly, I get the error: The requested URL /wp-content/uploads/2012/10/Hvilke-vilkÃ¥r-fÃ¸lger-med-nÃ¥r-du-bestiller-nyt-bredbÃ¥nd.png was not found on this server. Also my error log says: File does not exist: /wp-content/uploads/2012/10/Hvilke-vilk\xc3\xa5r-f\xc3\xb8lger-med-n\xc3\xa5r-du-bestiller-nyt-bredb\xc3\xa5nd.png

Read the article
file copy error from system to cifs mount

- by dwpriest

When coping a file greater than 64kB from an Ubuntu server to a CIFS mounted windows share, most of the data is copied, but it seems the last chunk doesn't get copied. The size doesn't match, and the md5 check sums don't match. I have plenty of file space, but then I use cp, I get the following... cp: closing `cloudBackup/asdf.txt': No space left on device Using rsync, I get the following... rsync: close failed on "/home/fluffy/cloudBackup/.asdf.txt.qrBWe6": No space left on device (28) rsync error: error in file IO (code 11) at receiver.c(752) [receiver=3.0.8] rsync: connection unexpectedly closed (29 bytes received so far) [sender] rsync error: error in rsync protocol data stream (code 12) at io.c(601) [sender=3.0.8] I have full read/write permissions on the mounted share. I can copy via SSH just fine. Any ideas? Thank you

Read the article
Determine which version of linux/unix/darwin I have

- by John

I have root ssh/terminal access to a linux server. How do I determine which version of centos I have? Some people suggested I run the command cat /etc/redhat-release but I got an error saying file not found. In fact, i'm not entirely sure i'm even using CentOS. That's what some suggested it might be. Here's a list of commands I tried that gave me no file or directory error: cat /etc/*release* cat /etc/*version* cat /proc/*version* cat /proc/*release* Here's a list of linux commands that do not exist: lsb_release: command not found wget: command not found yum: command not found

Read the article
Is there a way in CXF to disable the SoapCompressed header for debugging purposes?

- by Don Branson

I'm watching CXF service traffic using DonsProxy, and the CXF client sends an HTTP header "SoapCompressed": HttpHeadSubscriber starting... Sender is CLIENT at 127.0.0.1:2680 Packet ID:0-1 POST /yada/yada HTTP/1.1 Content-Type: text/xml; charset=UTF-8 SoapCompressed: true Accept-Encoding: gzip,gzip;q=1.0, identity; q=0.5, *;q=0 SOAPAction: "" Accept: */* User-Agent: Apache CXF 2.2 Cache-Control: no-cache Pragma: no-cache Host: localhost:9090 Connection: keep-alive Transfer-Encoding: chunked I'd like to turn SoapCompressed off in my dev environment so that I can see the SOAP on the wire. I've searched Google and grepped the CXF source code, but don't see anything in the docs or code that reference this. Any idea how to make the client send "SoapCompressed: off" instead, without routing it through Apache HTTPD or the like? Is there a way to configure it at the CXF client, in other words?

Read the article
linux: selective sudo access for a particular command

- by bguiz

Hi, Is it possible to grant a particular user sudo access for one particular command only? Thanks -- More info: We farm out lengthy optimisation runs to each other's boxes over ssh. These runs take hours, sometimes days. The shutdown command can only be run in sudo. Being conscious of my environmental footprint, I would like to give the initiator(s) of these runs sudo access to the shutdown command on my box, without sudo access for everything else - so that they may shutdown my machine when they no longer need it. I am aware that I can schedule a shutdown before I leave my box, but I am looking for a better solution.

Read the article
Looking for new hosting company

- by Charles Chadwick

I am currently looking for a new hosting company for my business. We are a design and development company and have been recommending WestHost to our clients for the last several years. However due to some changes they have implemented in the last year, we have decided to start referring people elsewhere. Most of our clients need affordable Linux hosting with the basics. SSH is also a definite must and 24/7 support (preferably phone, as well as email/ticket system) that won't cost extra. An easy to use and understand control panel would be nice as well. I have heard good things about HostGator, and am wondering if anyone has experience with them. The prices seem right and they have everything we need. We are also thinking of purchasing a dedicated server with them for a specific project that's going to require one. I don't know if I am asking this in the right place, if this is not welcome here please let me know.

Read the article
private subnet nat (openvpn / racoon)

- by Jonas Schnelli

I have a openvpn subnet 10.8.0.0/24 running one server and one client (laptop). openvpn works fine. Browsing the web over openvpn from the laptop works also fine. Now on the server there is a private subnet with 10.7.8.128/28. The subnet is set up with racoon (IPSEC s2s vpn). The s2s vpn allows me to access the subnet 10.3.5.0/24 at the other s2s vpn end. Works all fine when I'm connected with ssh to my server. From my laptop i can ping 10.7.8.129 (the servers ipsec local ip) but i cannot reach the net 10.3.5.0/24. I tried to add a static route on my laptop 10.3.5.0/24 over gw 10.7.8.129 with no success. Any ideas how i do setup the nat / routing? Thanks

Read the article
Red Hat 5.4 slow processing

- by yucefrizk

I'm running Red Hat Linux 5.4 on HP DL580 server with 16 processors and 64 GB of RAM. I'm connecting to the server remotely through SSH. after entering the password, it takes time to return the command line, if I click ctrl+c during this time, I'll have the command line prompt but not the correct bash prompt (I have to run bash to pass to my correct prompt). I tried to install Apache on the server, ./configure took 4 hours to finish instead of 1 or two minutes, Oracle installation same behavior. Server Disks are mirrored using RAID controller. any idea what could be the reason of this slowness?

Read the article
apache httpd cannot browse through browser

- by nuttynibbles

i've setup apache and php on a virtual machine. everything works fine in the virtual machine. im able to execute php files and run up phpmyadmin connecting to mysql. on my host machine, im able ping and ssh into the remote machines. however, im unable to browse the php files on the host browser using the ip address. in my httpd.conf, im listening to port 80. i enabled the ServerName 192.168.75.102:80 am i missing some settings? port settings maybe?

Read the article
Ethernet port sleeping on PS3 running linux

- by Doug

My lab has a PS3 running Ubuntu Linux 9.04 Server Edition. After a period of a few hours with no use, the Ethernet connection (eth0) seems to go to sleep, causing the connection to be lost. Pinging or trying to SSH into the machine results in no response. The fix I've been using is to access the machine locally and restart it (trying to bring eth0 down then up doesn't seem to correct it). I've tried setting up an hourly cron job that runs on the PS3 and pings another machine just to create network activity, but this doesn't seem to solve the problem either. Update: The solution was to run the above cron job much more frequently: every 10 minutes works.

Read the article
Start Daemonised GNU Screen from script a allow calling script to end

- by tez

I have a script on an embedded device that calls screen to start if a user logs in via a ssh session... #!/bin/sh SCREENRUNNING=`pgrep SCREEN` if [ -z "$SCREENRUNNING" ]; then echo "Screen not running so let's start the Master session sleep 2 screen -dmS Master sleep 2 screen -x root/Master else echo "Screen is already running let's connect to existing session" sleep 2 screen -x root/Master fi However this keeps the calling script active till the screen session exits,even if it's detached. What I want to do is have the calling script finish and exit while the screen session stays active. I've tried daemonising the screen -x lines and adding an & to the end of the screen -x lines neither of which work properly. Ideas?

Read the article
Using Credentials with network scanners

- by grossmae

I'm testing out both Tenable's Nessus scanner as well as eEye's Retina for scanning network devices. I am trying to supply credentials to get deeper, more accurate results, however there seems to be no difference in the results whether I supply the credentials or not. I've read the documentation and it seems like I've tried all the logical settings in the Credential options. I've submit along with usernames and passwords for many different accounts and types of accounts (both SSH Credentials and Web Application Credentials) on the devices as well as their respective domain names (when applicable). Is there possibly a good test for either (or both) scanners to tell where these credentials are being provided (if at all) and if any of them are successfully getting authentication?

Read the article
Converting an ancient RH8 system to VMware ESXi

- by donatello

I am curious to know what options I have to convert a very old RedHat8 machine to a virtual one on ESXi. Looking at VMware Converter it seems there's an option to login to the RH8 using SSH, and from there it will convert to the ESXi-server. That makes me a bit nervous though, exactly what is happening there? The RH8 machine is slightly critical, and if anything messes up it'll likely result in many hours extra work. :( Another option I thought of was to boot a LiveCD on RH8-system and create a raw "dd dump" of the disk. The similar method is used to restore the image, I boot a LiveCD on the VM in ESXi and use "dd" to write it to disk. Is there any other option I could use? I'm using the cheap version of ESXi, hence I have no access to the Converter BootCD so these rather cumbersome methods is the only I can think of. :)

Read the article
OpenVPN (HideMyAss) client on Ubuntu: Route only HTTP traffic

- by Andersmith

I want to use HideMyAss VPN (hidemyass.com) on Ubuntu Linux to route only HTTP (ports 80 & 443) traffic to the HideMyAss VPN server, and leave all the other traffic (MySQL, SSH, etc.) alone. I'm running Ubuntu on AWS EC2 instances. The problem is that when I try and run the default HMA script, I suddenly can't SSH into the Ubuntu instance anymore and have to reboot it from the AWS console. I suspect the Ubuntu instance will also have trouble connecting to the RDS MySQL database, but haven't confirmed it. HMA uses OpenVPN like this: sudo openvpn client.cfg The client configuration file (client.cfg) looks like this: ############################################## # Sample client-side OpenVPN 2.0 config file # # for connecting to multi-client server. # # # # This configuration can be used by multiple # # clients, however each client should have # # its own cert and key files. # # # # On Windows, you might want to rename this # # file so it has a .ovpn extension # ############################################## # Specify that we are a client and that we # will be pulling certain config file directives # from the server. client auth-user-pass #management-query-passwords #management-hold # Disable management port for debugging port issues #management 127.0.0.1 13010 ping 5 ping-exit 30 # Use the same setting as you are using on # the server. # On most systems, the VPN will not function # unless you partially or fully disable # the firewall for the TUN/TAP interface. #;dev tap dev tun # Windows needs the TAP-Win32 adapter name # from the Network Connections panel # if you have more than one. On XP SP2, # you may need to disable the firewall # for the TAP adapter. ;dev-node MyTap # Are we connecting to a TCP or # UDP server? Use the same setting as # on the server. proto tcp ;proto udp # The hostname/IP and port of the server. # You can have multiple remote entries # to load balance between the servers. # All VPN Servers are added at the very end ;remote my-server-2 1194 # Choose a random host from the remote # list for load-balancing. Otherwise # try hosts in the order specified. # We order the hosts according to number of connections. # So no need to randomize the list # remote-random # Keep trying indefinitely to resolve the # host name of the OpenVPN server. Very useful # on machines which are not permanently connected # to the internet such as laptops. resolv-retry infinite # Most clients don't need to bind to # a specific local port number. nobind # Downgrade privileges after initialization (non-Windows only) ;user nobody ;group nobody # Try to preserve some state across restarts. persist-key persist-tun # If you are connecting through an # HTTP proxy to reach the actual OpenVPN # server, put the proxy server/IP and # port number here. See the man page # if your proxy server requires # authentication. ;http-proxy-retry # retry on connection failures ;http-proxy [proxy server] [proxy port #] # Wireless networks often produce a lot # of duplicate packets. Set this flag # to silence duplicate packet warnings. ;mute-replay-warnings # SSL/TLS parms. # See the server config file for more # description. It's best to use # a separate .crt/.key file pair # for each client. A single ca # file can be used for all clients. ca ./keys/ca.crt cert ./keys/hmauser.crt key ./keys/hmauser.key # Verify server certificate by checking # that the certicate has the nsCertType # field set to "server". This is an # important precaution to protect against # a potential attack discussed here: # http://openvpn.net/howto.html#mitm # # To use this feature, you will need to generate # your server certificates with the nsCertType # field set to "server". The build-key-server # script in the easy-rsa folder will do this. ;ns-cert-type server # If a tls-auth key is used on the server # then every client must also have the key. ;tls-auth ta.key 1 # Select a cryptographic cipher. # If the cipher option is used on the server # then you must also specify it here. ;cipher x # Enable compression on the VPN link. # Don't enable this unless it is also # enabled in the server config file. #comp-lzo # Set log file verbosity. verb 3 # Silence repeating messages ;mute 20 # Detect proxy auto matically #auto-proxy # Need this for Vista connection issue route-metric 1 # Get rid of the cached password warning #auth-nocache #show-net-up #dhcp-renew #dhcp-release #route-delay 0 120 # added to prevent MITM attack ns-cert-type server # # Remote servers added dynamically by the master server # DO NOT CHANGE below this line # remote-random remote 173.242.116.200 443 # 0 remote 38.121.77.74 443 # 0 # etc... remote 67.23.177.5 443 # 0 remote 46.19.136.130 443 # 0 remote 173.254.207.2 443 # 0 # END

Read the article
Understanding connection tracking in iptables

- by Matt

I'm after some clarification of the state/connection tracking in iptables. What is the difference between these rules? iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -m conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT Is connection tracking turned on when a packet is first matched containing -m state --state BLA , or is connection tracking always on? Can/Should connection state be used for fast matching like below? e.g. suppose this is some sort of router/firewall (no nat). # Default DROP policy iptables -P INPUT DROP iptables -P OUTPUT DROP iptables -P FORWARD DROP # Drop invalid iptables -A FORWARD -m state --state INVALID -j DROP # Accept established,related connections iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT # Allow ssh through, track connection iptables -A FORWARD -p tcp --syn --dport 22 -m state --state NEW -j ACCEPT

Read the article
scp -q isn't quiet between different hosts

- by pythonic metaphor

So scp -q file host:file and scp -q host:file file are both quiet, i.e. don't give the progress meter. But when I run scp -q host1:file host2:file, I still get the progress meter as well as a Connection to host1 closed. message. The progress meter can be gotten rid of by redirected stdout to /dev/null (although I'd rather not have to), but the connection closed messages comes on stderr, which I definitely want to keep in case there's a real error. How can I make scp quiet? Do I have to run ssh host1 "scp -q file host2:file"?

Read the article

< Previous Page | 188 189 190 191 192 193 194 195 196 197 198 199 | Next Page >