Search Results

Search found 9446 results on 378 pages for 'ssh keys'.

Page 249/378 | < Previous Page | 245 246 247 248 249 250 251 252 253 254 255 256 | Next Page >

SSL certificate: unable to get local issuer certificate

- by celwell

I'm running Debian (Lenny). When I run this: curl --ssl https://www.google.com I get this error: curl: (60) SSL certificate problem: unable to get local issuer certificate More details here: http://curl.haxx.se/docs/sslcerts.html curl performs SSL certificate verification by default, using a "bundle" of Certificate Authority (CA) public keys (CA certs). If the default bundle file isn't adequate, you can specify an alternate file using the --cacert option. If this HTTPS server uses a certificate signed by a CA represented in the bundle, the certificate verification probably failed due to a problem with the certificate (it might be expired, or the name might not match the domain name in the URL). If you'd like to turn off curl's verification of the certificate, use the -k (or --insecure) option.

Read the article
OpenVPN Bridge on pfsense: once LAN pings clients, connectivity breaks

- by Lucas Kauffman

So I'm using a pfsense openvpn to bridge my LAN segment so VPN users can access the servers. The problem I'm having now is that I can establish a connection, I can ping the LAN server from the VPN, but as soon as I ping the client from the LAN server, there is no connectivity anymore between both parties. So: connect from the VPN client to the LAN = works ping the LAN from the VPN client = works access server from the VPN (ssh, ftp,...) = works ping client from server = doesn't work ping LAN from the VPN client = doesn't work anymore My bridge has em1 and ovpns1 bridged. I noted with tcpdump that ICMP is reaching the bridge between LAN and the VPN segment. But it's not put onto the em1 interface for some reason. My pfsense is running on an ESXi host with th vSwitch port enabled in promiscious mode. Firewall rules allow in and outbound traffic regardless origin or destination.

Read the article
Problems to connect Java visualVM to a EC2-instance

- by kasten

I'm trying to profile a AWS EC2 instance via visualVM. The instance is in a securitygroup which allows all connections and i'm runing jstatd with a grant codebase "file:${java.home}/../lib/tools.jar" { permission java.security.AllPermission; }; policy on it. When i try to connect from my local machine with visulVM nothing happens. When i use jps i get the following response $ jps -l -m -v rmi://ec2-xxx-xxx-xxx-xxx.compute-1.amazonaws.com Error communicating with remote host: Connection refused to host: xxx.xxx.xxx.xxx; nested exception is: java.net.ConnectException: Connection timed out But i can ssh into the instance and use jps locally. Has anyone a pointer in which direction i can debug further?

Read the article
Empty /var/log after running cron bash script

- by Ortix92

I wrote a little bash script and all of a sudden my /var/log folder is completely empty except for the log I created for the bash script. This is the script I'm running every hour with cron: #!/bin/bash STL_DIR=/path/to/some/folder/i/hid LOGFILE=/var/log/stl_upload.log now=`date` echo "----------Start of Transmission----------" 2>&1 | tee -a $LOGFILE echo "Starting transfer at $now" 2>&1 | tee -a $LOGFILE rsync -av -e ssh $STL_DIR [email protected]:/users/path/folder 2>&1 | tee -a $LOGFILE echo "----------End of transmission----------" 2>&1 | tee -a $LOGFILE printf "\n" 2>&1 | tee -a $LOGFILE I want to be clear that I'm not 100% certain this is related to the empty logs folder. So if anyone could give me a pointer as to what could be going on about the reason why my log folder is empty, that'd be great.

Read the article
Migrate wireless settings from xp to windows 7

- by Tgr

I'm trying to migrate the settings of my old machine (Win XP Professional) to the new one (Win 7 Professional) and I would like to keep my saved passwords for various wireless networks. How can I export them from XP and import in Win7? A few things that are mentioned a lot in chat groups but don't work: netsh can export/import wlan profiles on Vista/Win7, but not on XP; the Wireless Network Setup Wizard can only export settings for networks created by me; the best method I found was via http://www.nirsoft.net/utils/wireless_wep_key_faq.html which can list hex keys, but cannot load them nor save them in a useful format; I would rather not copy them one-by-one by hand.

Read the article
X-ming, Ubuntu apps - getting the Ubuntu style/theme to load

- by user5402

I am running X-ming on Windows 7 and using putty to ssh into an Ubuntu system. On the Ubuntu system I use the command: $ gnome-terminal & to display a terminal back on the Windows box. When I do this I don't get the standard Ubuntu style, i.e. dark purple background, Mono font, solid cursor (which I've configured in the Gnome Control Center.) Instead I get a very plain style - white background, blinking cursor, very small font. However, if I run gnome-control-center and then click on, say, the Keyboard icon, the terminal window will be reconfigured with the Ubuntu style with my customizations (e.g. block cursor vs. blinking cursor.) Just starting one of the control applets seems to trigger this style change. My question is: How can I trigger this style change more directly - without having to launch the Gnome Control center and launching one of the configuration applets?

Read the article
kinit gives me a Kerberos ticket, but no AFS token

- by Tomas Lycken

I'm trying to setup access to my university's IT environment from my laptop running Ubuntu 12.04, by (mostly) following the IT-department's guides on AFS and Kerberos. I can get AFS working well enough so that I can navigate to my home folder (located in the nada.kth.se cell of AFS), and I can get Kerberos working well enough to forward tickets and authenticate me when I connect with ssh. However, I don't seem to get any AFS tokens locally, on my machine, so I can't just go to /afs/nada.kth.se/.../folder/file.txt on my machine and edit it. I can't even stand in /afs/nada.kth.se/.../folder and run ls without getting Permission denied errors. Why doesn't kinit -f [email protected] give me an AFS token? What do I need to do to get one?

Read the article
What tangible security are gained by blocking all but a few outgoing ports in a firewall

- by Frankie Dintino

Our current hardware firewall allows for blocking incoming and outgoing ports. We have two possibilities: Block certain troublesome ports (unsecured smtp, bittorrent, etc.) Block all but a few approved ports (http, https, ssh, imap-ssl, etc.) I see several downsides with option 2. Occasionally web servers are hosted on non-standard ports and we would have to deal with the resulting issues. Also, there is nothing preventing a malicious or unwanted service from being hosted on port 80, for instance. What are are the upsides?

Read the article
Reset user passwd when you don't know it

- by warren

I have a small problem. I have shared keys setup on my domain, so I never type my password to login anymore. I've forgotten my password now. This is a problem because only my user can sudo. Password authentication for root has been disabled, so without my password, I cannot do maintenance on my web server. Is there a way to reset my password as my [now only] key-authenticated user? Specifically, can this be done on CentOS 4?

Read the article
How to FTP via CLI? [closed]

- by Ryan

So I have a Debian machine and I want to transfer data on here to a Windows based FTP account. I've managed to open up firewalling for outbound FTP on the Debian source, but have never used FTP via CLI before. Does anyone know how I can go about transferring data? I am starting to get really confused with what to transfer from where. If I ssh to the Debian machine and then connect to the Windows FTP account, then try put and get commands, it never seems to recognise the path of the source files on the Debian machine.

Read the article
Resolve Wrong IP from Domain Name only on certain networks

- by Godric Seer

I host a personal website on an old desktop that is LAMP based. There are several strange things about this problem so I will break it down into steps. Since I have a dynamic IP, I use no-ip to make sure I have a working domain name at all times. I use the automatic update client, but logged in and checked and my no-ip domain has the proper IP tied to it. Here is a link to the homepage through the no-ip domain for reference. Also, I do a ping and a traceroute on the no-ip domain and get: [eckertzs@localhost ~]$ ping -c 1 endradil.noip.me PING endradil.noip.me (65.24.215.99) 56(84) bytes of data. 64 bytes from endradil.noip.me (65.24.215.99): icmp_seq=1 ttl=64 time=2.23 ms --- endradil.noip.me ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 104ms rtt min/avg/max/mdev = 2.233/2.233/2.233/0.000 ms [eckertzs@localhost ~]$ traceroute endradil.noip.me traceroute to endradil.noip.me (65.24.215.99), 30 hops max, 60 byte packets 1 . (192.168.2.1) 1.755 ms 5.409 ms 5.380 ms 2 endradil.noip.me (65.24.215.99) 6.297 ms 9.543 ms 10.324 ms Using this domain, I can connect to my webserver without issue or interruption(the https is required to avoid a redirect serverside, but it works). I also have a domain I have bought on GoDaddy where I have a CNAME record forwarding the www subdomain to my no-ip domain. CNAME Record Host: www Points to: endradil.noip.me TTL: 1 hour For the past several weeks, I never had an issue using the GoDaddy domain to connect (ssh or https). As of the past few days, however, the GoDaddy domain has only worked intermittently, for a few minutes at a time and then will go down for hours at a time. I get server not found errors most of the time. Also, if I happen to be using the GoDaddy domain for an ssh connection, the connection will freeze. I have run online tests of the DNS and have seen that the website is visible by external servers and resolved to the correct IP. I also contacted GoDaddy support but they had no issues connecting to the website, and therefore did not see any issues. My personal computers (Windows desktop, linux laptop, android phone) all fail to connect when on my personal wifi. If I disconnect my phone from the wifi and use my AT&T wireless data, it can connect with both domains without issue. When I attempt to use Google webmaster tools to crawl the site using the GoDaddy domain, Google can not find the site. From my linux laptop, I have found some interesting results when I ping or traceroute the domain. The results from these: [eckertzs@localhost ~]$ ping -c 1 www.endradil.com PING www.endradil.com.Belkin (198.105.244.228) 56(84) bytes of data. --- www.endradil.com.Belkin ping statistics --- 1 packets transmitted, 0 received, 100% packet loss, time 10000ms [eckertzs@localhost ~]$ traceroute www.endradil.com traceroute to www.endradil.com (198.105.244.228), 30 hops max, 60 byte packets 1 . (192.168.2.1) 1.918 ms 2.806 ms 2.772 ms 2 cpe-65-24-208-1.insight.res.rr.com (65.24.208.1) 29.247 ms 29.654 ms 30.094 ms 3 cpe-69-23-24-117.new.res.rr.com (69.23.24.117) 15.597 ms 23.218 ms 23.581 ms 4 agg24.clmcohib01r.midwest.rr.com (65.29.1.52) 30.581 ms 30.556 ms 31.192 ms 5 be27.clevohek01r.midwest.rr.com (65.29.1.38) 30.580 ms 31.062 ms 31.038 ms 6 bu-ether25.atlngamq47w-bcr01.tbone.rr.com (107.14.19.38) 37.863 ms 68.844 ms 43.773 ms 7 107.14.17.178 (107.14.17.178) 51.866 ms 51.019 ms 50.989 ms 8 ae0.pr1.dca10.tbone.rr.com (107.14.17.200) 48.467 ms ae-4-0.a0.lax91.tbone.rr.com (66.109.1.113) 49.912 ms * 9 v413.core1.ash1.he.net (209.51.175.33) 60.270 ms 50.842 ms 50.819 ms 10 100ge5-1.core1.nyc4.he.net (184.105.223.166) 55.597 ms 56.045 ms 56.020 ms 11 xerocole-inc.10gigabitethernet12-4.core1.nyc4.he.net (216.66.41.242) 56.001 ms 55.969 ms 55.992 ms 12 * * * both show the incorrect IP. Also, the traceroute timesout on hops 12 through 255 (output truncated above). The traceroute using site24x7 works and shows reasonable results when run from their california server. From another linux box on a different network but in the same city as me (10 miles away), I still get timeout for traceroute, however the IP resolves correctly for the domain. From this I believe that the DNS result is incorrectly cached in either my router/modem or perhaps even at my ISP level. My question is, first, how do I find out exactly what is wrong, and second, how do I resolve it.

Read the article
"Sticky button" configuration under X11/Ubuntu?

- by John Whitley

Is there a configuration or app that will enable Sticky-keys like functionality for a pointer button under X11? (On Ubuntu 9.10, FWIW.) To be clear, I'd like a single tap (down/up events) to be treated as a down event, and a following tap to be treated as an up event. Context: I have a trackball with a fourth button that I've mapped to act as horizontal/vertical scroll. This works great. It'd be even better if I didn't have to hold the button down when scrolling.

Read the article
Issues with SSL key on CentOS

- by yummm

When trying to install a SSL key on my centos server, apache refuses to restart and I see the following errors in my log. [Tue Mar 16 22:32:58 2010] [error] Init: Private key not found [Tue Mar 16 22:32:58 2010] [error] SSL Library Error: 218710120 error:0D094068:asn1 encoding routines:d2i_ASN1_SET:bad tag [Tue Mar 16 22:32:58 2010] [error] SSL Library Error: 218529960 error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag [Tue Mar 16 22:32:58 2010] [error] SSL Library Error: 218595386 error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error [Tue Mar 16 22:32:58 2010] [error] SSL Library Error: 218734605 error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib What exactly does this mean? Is my SSL key bad? If so, what is the correct way to upload the key to the server? I just opened the crt file in notepad and copied the data out and saved it over ssh.

Read the article
Ubuntu server - Problem of routing

- by Max

Hi, I have setup a Ubuntu server with Ubuntu Enterprise Cloud. The server is connected to a private LAN with DHCP and Internet access (via a gateway). At first, the server was working fine. It can ping the internet. It can also ping other machine inside LAN. The problem happened after i let the machine idle for more than 1 hour. When I want to use the machine again, I can't ping the internet anymore. I can only ping the machine inside LAN. I try to ping the server from another machine and it's working. Then, i ssh into that server from another machine, and I found that I can ping the internet from that server. It seems that there are some problems in the routing table of this server. Can anyone help me on this? Thank you. Max

Read the article
How can I perform a controlled shutdown of a virtualbox guest using VBoxManage?

- by Bryan

I'm currently testing Ubuntu 10.04, and have install the VirtualBox software. I have also installed Ubuntu 10.04 as a VirtualBox guest running on the host system. I've installed the VirtualBox Utils into the guest OS, as follows: sudo apt-get install virtualbox-ose-guest-utils What I want to be able to do is to initiate a controlled shutdown of the guest, from the host system using the VBoxManage command. I first tried this command: VBoxManage controlvm guest poweroff which worked, but didn't initiate a controlled shutdown, it effectively pulls the plug on the guest. I've since found that this command should do the trick: VBoxManage controlvm guest acpipowerbutton but this doesn't appear to do anything. Can anyone tell me what I'm doing wrong? p.s. I don't want to use SSH & Certificates to do this, as I'm also going to be running Windows guests, and I want the solution to work for all guests.

Read the article
iproute2 premptive route creation, i think....

- by Bryan Hunt

Firstly: I know could do this the easy way with SSH but I want to learn how to route. I want to route packets back through the same tun0 interface from which they came into my system. I can do it for single routes. This works: sudo ip route add 74.52.23.120 metric 2 via 10.8.0.1 But i'd have to add them manually for each request that came down the pipe I've taken the blue pill and followed the http://lartc.org/howto/lartc.netfilter.html: Netfilter & iproute - marking packets tutorial But it's oriented towards redirecting OUTGOING packets based upon markers What I want is for a packet that comes in via tun0 not to be dropped which is what's happening right now, running scappy or suchlike to receive packets it doesn't seem to be receiving anything. Watching in wireshark I see the initial SYN packets coming in on the tun0 interface but that's as far as it gets without a static route as shown above. Am I nuts?

Read the article
What is the fastest way to reload history commands begin with certain characters in linux?

- by gerry

In Dos we can input the first several characters to filter command history and find proper one rapidly. But how to do the same thing in Linux ? for example when I am testing a local server: cd sudo /etc/init.d/vsftpd start wget ... ls emacs ... sudo /etc/init.d/vsftpd restart sudo /etc/init.d/vsftpd stop ... In Dos you can easily type sudo and switch among the three commands beginning with it using arrow keys. But in Linux, is below command the best we can do ? historty | grep sudo I don't like it, because history can easily become a mess, and it also need mouse action.

Read the article
rsync for coping file

- by vinayrks

I am migrating my old server to new server . I used this server for hosting website . first I tried sftp but due to huge number of files and connection time out , it simply didn't work . then I tried rsync .rsync working good , but only problem I am facing it updating file very nicely & fastly but do not copy new files please help me . because still i need to transfer lots of file. I am using this command : rsync -anv -e ssh oldserver:/path/ /path

Read the article
rc.local is not executed on bootup ubuntu

- by Alexander

Im on Ubuntu 10.04. I want to execute script on system boot. I added it to rc.local. If I execute rc.local manually it works fine. If I boot system in recovery mode(2nd string in boot menu) it also works fine. But if I boot normally it is not executed. However i added sleep 20 to my script and there is a pause at the end of boot process, but nothing more is executed. Thanks I think, it soesnt depend on contents of the script but anyway #!/bin/sh -e sleep 20 sudo service ssh start su -c 'service pgsql start' postgres sudo svnserve -d su -c 'hamachi start' root su -c 'hamachi login' root exit 0

Read the article
Citrix ICA Client on Mac shift key doesn't work as expected

- by brianegge

When I'm connected to a Windows XP computer from my Mac OS X 10.6 using the Citrix ICA Client, it seems that the shift key only works for the first letter typed after pressing shift. In order to type multiple uppercase letters, like ICA, I must either press caps lock, or press and release shift before each character. I've tried switching between standard and enhanced keyboard, as well as the 'Send Special Keys Unchanged' option, but none of these seem to affect the issue. The problem doesn't occur when I switch from the Citrix window to a regular Mac window.

Read the article
How to secure Firefox traffic (+DNS) through SOCKS proxy under Ubuntu 10.04?

- by Maarx

I'm using Ubuntu 10.04, and starting a SOCKS proxy with 'ssh -D', and setting Ubuntu to use it with "System - Preferences - Network Proxy". Firefox uses the proxy, and the proxy's IP appears when I visit a site like http://www.whatismyip.com/. My question is, is Firefox resolving DNS requests through this proxy? Is my web-browsing truly secure? (That is, until I exit the other end of the proxy. I know it's insecure after that.) (And I've verified the keys, I'm not being man-in-the-middled) (And--screw it. You know what I mean. Is it resolving DNS requests through the proxy?) I don't know how I would go about verifying such a thing for myself. Using additional hardware such as another debugging proxy is not an option. If Firefox isn't resolving my DNS requests through the SOCKS proxy, how do I go about fixing it?

Read the article
How to prevent unison syncronize file when file process uploading

- by user134600

I use CentOS 5.8 Final. My situation is I running unison with cron where script below : */1 * * * * /usr/bin/unison /dev/null 2&1 and default profile like below : root = /var/www root = ssh://web02.example.com//var/www auto=true batch=true confirmbigdel=true fastcheck=true group=true owner=true prefer=newer silent=true times=true So in every minutes will syncronized www folder . My problem are : I upload file with size bigger than 10 MB to www from client with user1 permission where www folder is user1 owner. file in processing uploading then unison running in that minute and suddenly file upload owner changed to root:root When I editing file in www folder then I save when unison running, file owner changed to root:root where should be user1:user1 Is there anyone know about this problem?

Read the article
Gitosis on Mac OS X (Snow Leopard)

- by Shyam

Hi, I have a Snow Leopard box, where I have gitosis installed (Warning: noob alert), added a git user and I am able to remotely login to the machine with ssh. Locally, I can 'clone' my created repositories, as I can 'clone' the gitosis-admin too. Works perfect. I clone these using the 'git' user. git clone git@my-remote-machine:reponame.git remotely logged in, what doesn't work: git clone git@localhost:reponame.git However on that same remote machine where the repositories live, I can't clone from the localhost. It asks for a password, which wasn't created as far as I know. What am I doing wrong? Thank you for your replies!

Read the article
Export SSL Cert from IIS and import into GlassFish keystore

- by Tim H

What I need: I have an existing SSL certificate installed on IIS 6. On the same machine, I have GlassFish installed and would like to share the same certificate since they both share the same hostname, and they use different ports: IIS uses 443 and GlassFish uses 8181. Why I need it: Reuse existing SSL certs from IIS to GlassFish. I imagine that this is possible. I am able to install an SSL cert into GlassFish's keystore, and then import the same exact cert into IIS. I just want to go the other way - imagine having an SSL cert on IIS being used for months, and now I want to enable SSL on GlassFish. What I have done: Created a keystore with an alias: server.hostname.com Imported intermediate CA certs associated with the existing SSL Cert Imported the existing SSL cert with the same alias: server.hostname.com, but the keytool won’t allow this, as it is not associated: keytool error: java.lang.Exception: Public keys in reply and keystore don't match Why? Using a different alias causes the cert to not be trusted in the CA chain.

Read the article
rsync for copying file

- by vinayrks

I am migrating my old server to new server . I used this server for hosting website . first I tried sftp but due to huge number of files and connection time out , it simply didn't work . then I tried rsync .rsync working good , but only problem I am facing it updating file very nicely & fastly but do not copy new files please help me . because still i need to transfer lots of file. I am using this command : rsync -anv -e ssh oldserver:/path/ /path

Read the article

< Previous Page | 245 246 247 248 249 250 251 252 253 254 255 256 | Next Page >