Search Results

Search found 9696 results on 388 pages for 'proxy authentication'.

Page 279/388 | < Previous Page | 275 276 277 278 279 280 281 282 283 284 285 286 | Next Page >

Squid3 not working. Access denied.

- by Nitish

I installed SQUID3 on a Linux machine with two ethernet interfaces (eth0 and eth1). I used the default settings in the squid.conf file and uncommented the two lines acl localnet src 192.168.0.0/16 and http_access allow localnet. eth0 is connected to a router, which provides Internet access. It is assigned an IP 192.168.1.2 by the router. I manually configured eth1 to have an IP address 192.168.5.1. It is connected to a switch. Systems having IP addresses 192.168.5.x are connected to this switch. I ran these two commands for NAT: iptables -t nat -A PREROUTING -i eth1 -p tcp -m tcp --dport 80 -j DNAT --to-destination 192.168.5.1:3128 iptables -t nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3128 But when I try to access internet from a system having IP 192.168.5.2 through the proxy I get an error that says "Access denied". What is wrong with my configuration?

Read the article
SSH Tunnel doesn't work in China

- by Martin

Last year I was working in China for a few months. I never bothered setting up a real VPN, but just created a SSH tunnel, and changed my browsers proxy settings to connect through it. Everything worked great (except flash of course) but that was fine. However, now I'm back in China but I'm having problems with this approach. I do the same thing as last time, and according to https://ipcheckit.com/ my IP address is indeed the IP of my (private) server in the US, and I'm logging in to my server using a fingerprint I created long before going to China so no MITM should be possible. Furthermore the certificate from ipcheckit.com is from GeoTrust - so everything should be OK However, I still can't access sites which are blocked in China. Any idea how this could be possible?

Read the article
Domain controller in cloud, how do we set up local BDC

- by brian b

We have a domain controller (exchange box) hosted at our hosting provider. We need to set up a local domain controller so we do a VPN and local authentication tasks. I can make the PDC accept all connections from our Office IP. How do I get the office router to correctly allow two way communications between the PDC (cloud) and the local DC. Is there a list of ports I need to pass through to the local DC? Thanks! "PDC" and "BDC" used for clarity--I know that the concept is obsolete.

Read the article
Building intranet search

- by gmkv

At work, we have lots of information squirreled away in many different sites -- wikis, product docs, ticketing system, etc -- many of which require authentication. I'm very interested in having a single way to search all our various silos, and in my spare time have looked at Nutch, Grub, Django + Haystack, etc. None of these is a complete solution a la Google Mini or Google Search Appliance. Has anybody built a basic intranet search engine out of a mixture of these tools? Would you have recommendations about how to go about it? I like Django, and Haystack seems to be a mildly popular search solution for it, but I'd need to wire up a crawler that can support crawling authenticated sites to it.

Read the article
Exchange stops working after changing System Time

- by L.M

I am currently in a situation where the system time of my windows machine differs 6 hours from the actual local time. I tried chaning the system time of my windows machine 6 hours back to match the actual local time. The issue is, when the system time is changed, Exchange stops working as it wont start anymore. When i change the time back Exchange works again. Here is the error that it shows when im trying to open the management console after changing the system time. The Follwing error occured while attempting to connect to the specified server "servername". The attempt to connect to http://servername/PowerShell using "Kerberos" authentication failed: Connecting to remote server failed with the following error message: Access is denied. For more information, see the about_remote_troubleshooting Help topic. Any Solutions to this problem?

Read the article
Linux- passwordless ssh from system (root) script

- by redmoskito

What's the easiest way to have a system script (running as root) execute remote commands over ssh? I've written some scripts that execute commands remotely via ssh, and they work great when I run them as myself, as I've set up ssh-agent and keys for passwordless login. I'd like to call these when my laptop docks and undocks. I've been successful at running arbitrary scripts when docking/undocking, but since the ACPI event scripts run as root, trying to run my ssh script fails during authentication. I tried using sudo with the -u and -i flags to simulate running the script as my user, e.g.: sudo -u redmoskito -i /home/redmoskito/bin/remote_command which successfully finds my private key and tries to use it, but the ssh-agent credentials are still missing, so it still needs my passphrase.

Read the article
Can I use the same machine as a client and server for SSH?

- by achraf

For development tests, I need to setup an SFTP server. So I want to know if it's possible to use the same machine as the client and the server. I tried and I keep getting this error: > Permission denied (publickey). > Connection closed and by running ssh -v agharroud@localhost i get : > OpenSSH_3.8.1p1,OpenSSL 0.9.7d 17 Mar > debug1: Reading configuration data /etc/ssh_config > debug1: Connecting to localhost [127.0.0.1] port 22. > debug1: Connection established. > debug1: identity file /home/agharroud/.ssh/identity type -1 > debug1: identity file /home/agharroud/.ssh/id_rsa type 1 > debug1: identity file /home/agharroud/.ssh/id_dsa type -1 > debug1: Remote protocol version 2.0, remote software version OpenSSH_3.8.1p1 > debug1: match: OpenSSH_3.8.1p1 pat OpenSSH* > debug1: Enabling compatibility mode for protocol 2.0 > debug1: Local version string SSH-2.0-OpenSSH_3.8.1p1 > debug1: SSH2_MSG_KEXINIT sent > debug1: SSH2_MSG_KEXINIT received > debug1: kex:server->client aes128-cbc hmac-md5 none > debug1: kex: client->server aes128-cbc hmac-md5 none > debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent > debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP > debug1: SSH2_MSG_KEX_DH_GEX_INIT sent > debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY > debug1: Host 'localhost' is known and matches the RSA host key. > debug1: Found key in /home/agharroud/.ssh/known_hosts:1 > debug1: ssh_rsa_verify: signature correct > debug1: SSH2_MSG_NEWKEYS sent > debug1: expecting SSH2_MSG_NEWKEYS > debug1: SSH2_MSG_NEWKEYS received > debug1: SSH2_MSG_SERVICE_REQUEST sent > debug1: SSH2_MSG_SERVICE_ACCEPT > received > > ****USAGE WARNING**** > > This is a private computer system. This computer system, including all > related equipment, networks, and network devices (specifically > including Internet access) are provided only for authorized use. This > computer system may be monitored for all lawful purposes, including to > ensure that its use is authorized, for management of the system, to > facilitate protection against unauthorized access, and to verify > security procedures, survivability, and operational security. Monitoring > includes active attacks by authorized entities to test or verify the > security of this system. During monitoring, information may be > examined, recorded, copied and used for authorized purposes. All > information, including personal information, placed or sent over this > system may be monitored. > > Use of this computer system, authorized or unauthorized, > constitutes consent to monitoring of this system. Unauthorized use may > subject you to criminal prosecution. Evidence of unauthorized use collected > during monitoring may be used for administrative, criminal, or other > adverse action. Use of this system constitutes consent to monitoring for > these purposes. > > debug1: Authentications that can continue: publickey > debug1: Next authentication method: publickey > debug1: Trying private key:/home/agharroud/.ssh/identity > debug1: Offering public key:/home/agharroud/.ssh/id_rsa > debug1:Authentications that can continue:publickey > debug1: Trying private key:/home/agharroud/.ssh/id_dsa > debug1: No more authentication methods to try. > Permission denied (publickey). Any ideas about the problem ? thanks !

Read the article
How failover should work in IIS cluster with Application Request Routing?

- by username

I have set up several servers with IIS and connected them to the load balancer - server with installed IIS Application Request Routing. I have created a server farm and added two servers. Then I stopped IIS on the first server and tried to open my web site. It returned me an error: 502 - Web server received an invalid response while acting as a gateway or proxy server. But if instead of stopping IIS I shut down the first server, I'm getting a response from the next server which is online. The question is, what the expected behaviour should be for failover with ARR, should it switch me to the next server if IIS is stopped and server is online?

Read the article
Problem with the hosts file under windows 7

- by martani_net

I updated some entries in the hosts file "C:\WINDOWS\System32\drivers\etc" to make google for example point to 127.0.0.1 # Additionally, comments (such as these) may be inserted on individual # lines or following the machine name denoted by a '#' symbol. # # For example: # # 102.54.94.97 rhino.acme.com # source server # 38.25.63.10 x.acme.com # x client host 127.0.0.1 localhost ::1 localhost 127.0.0.1 google.com This works fine under windows Vista, but not under Widows 7. When I type google, it goes directly to Google's website. For info, I am not using a proxy server. I think there are some temporary DNS settings that must be flushed, but I don't know how, anyone knows how to fix this? Thank you.

Read the article
What is your approach to draw a representation of your network ?

- by Kartoch

Hello, I'm looking to the community to see how people are drawing their networks, i.e. using symbols to represent complex topology. You can have hardware approach, where every hardware unit are represented. You can also have "entity" approach, where each "service" is shown. Both are interesting but it is difficult to have both on the same schema (but this is needed, especially using virtualization environment). Furthermore, it is difficult to have complex informations on such representation. For instance security parameters (encrypted link, need for authentication) or specific details (protocol type, ports, encapsulation). So my question is: where your are drawing a representation of your network, what is your approach ? Are you using methodology and/or specific softwares ? What is your recommendations for information to put (or not) ? How to deal with the complexity when the network becomes large and/or you want to put a lot of information on it ? Examples and links to good references will be appreciated.

Read the article
AD Local Admins without password sharing

- by Cocoabean

My team is building out an Active Directory environment in a small grad school with support for general computer labs, and staff/faculty machine and account management. We have a team of student consultants that are hired to do general help desk work. As of now we have a local admin account on every machine. It has the same password and all of us know it. I know it's not best practice and I want to avoid this with the new setup. We want to have local admin accounts in case there are network issues that prevent AD authentication, but we do not want this account to be generic with a shared password. Is there a way we can get each machine to cache the necessary information to authenticate a group of local admins so that if AD is somehow inaccessible, student consultants can still login with their AD admin accounts?

Read the article
Tool to allow Kerberos Authenticated users to modify Firewall settings

- by Lars Hanke

I run a firewall on a central router. Recently, several users want to use Skype. Since firewalling Skype virtually means to switch the firewall off, I consider to allow users to temporarily punch holes for their system. Since the users have no accounts on the router, I consider using Kerberos for authentication and authorization. The router is a Debian Squeeze box, with minimal configuration, i.e. no web-server, database or similar gimmicks. Does anyone know an existing solution, which could be used for that purpose? Or does anybody know easy to use and well documented frameworks in say Perl, Python, C, C++, ... making the set-up of a Kerberos authenticated Client and Server application really simple?

Read the article
Serving a default image with nginx

- by ustun

I have the following configuration in nginx: location /static/ { root /srv/kose/; expires 2w; access_log off; } location / { proxy_pass http://127.0.0.1:8089; } If a file is not found in /static/, I want to serve a default image, and not proxy_pass to 8089. Currently, it looks for the file in the root for static, if it cannot find it, it tries the proxy. I have tried the following, but it doesn't work. How can I tell nginx to serve the default image? I have also tried try_files to no avail. location /static/ { root /srv/kose/; expires 2w; access_log off; error_page 404 /srv/static/defaultimage.jpg; } location / { proxy_pass http://127.0.0.1:8089; }

Read the article
close ssh sessions

- by egor7

I'm using ~/.ssh/config for logging to the internal.local corporate server: Host internal.local ProxyCommand ssh -e none corporate.proxy nc %h %p But after closing session (typing exit), my sshd session on server stays still active (I see it through different connection). Hot do I close session or change my config in the appropriate way, to eleminate hang sessions? First check from the second, root session: ps -fu user_name user_name 861 855 0 16:58:16 pts/3 0:00 -bash user_name 855 854 0 16:58:13 ? 0:00 /usr/lib/ssh/sshd After logging out: user_name 855 854 0 16:58:13 ? 0:00 /usr/lib/ssh/sshd Just after scp files to/from the internal.local a new scp sessions still hangs on the server.

Read the article
RHEL 6.5 and LDAP

- by zuboje

I am trying to connect our Active directory server to brand new RHEL 6.5 server. I want to authenticate users using AD credentials, but I want to restrict that only certain users can login, I don't want to allow anybody from AD to connect to it. I would like to use something like this: CN=linuxtest,OU=SecurityGroups,DC=mydomain,DC=local but I am not sure how would I setup OU and CN. I use sssd for authentication and my id_provider = ad. I wanted to use id_provider = ldap, but that did not work at all and RHEL customer service told me to setup this way. But I want to have a little bit more control who can do what. I know I can use this to restrict simple_allow_users = user1, user2, but I have 400+ users, I really don't want to go and type them all. Question is how would I setup OU or CN for my search?

Read the article
Ubuntu 9.10 Dowload Speed Very Slow

- by Don

I'm running Ubuntu 9.10 desktop and I'm new to the Linux world, so bear with me. I'm on a corporate network of 3 T1s shared across 50-60 users. I typically get about 300 KB/sec for downloads, but for whatever reason, the Linux box will start out in that range, then drop to less than 1KB/Sec sometimes. Doesn't seen to matter where I'm downloading from. Right now I'm trying to get Eclipse for PHP and it's running at 3-6KB/sec. Getting the updates for the system will also drop to very slow rates. Our IT person has set up the machine to get the same 10.0.0.x address when it starts, and moved this IP to bypass our Proxy/Firewall going out, so that shouldn't be the issue. Can anyone recommend something I can try to better diagnose the problem. Again, I'm new to the Linux world and the hardware/OS setup side in general (coming form more of a coding background). Thanks for any advice.

Read the article
Cannot access internal website after being connected to other network

- by Dandroid

I have a client who claim they cannot access their internal website when they have e.g. been out traveling. They have to reset their browser settings every time to be able to get access again. As they live on another continent and timezone it's hard for me to run live tests with them to see what changes in their browser settings. My first guess would be it's some sort of Proxy related issue, but I want to know if there could be other reasons for this? It's not the LAN itself, that we are sure of. It's browser specific only. Edit It's worth mentioning that it only happens when they turn off/restart their computers.

Read the article
debian installation without internet connection

- by Gobliins

Hi i want to install some Debian distributions (Grip, Crush, Lenny...) for arm / armel architectures. www.emdebian.org/ i refer to this guide www.aurel32.net/info/debian_arm_qemu.php The Problem i have is that i dont have internet connection with My Linux VM or Qemu i am behind a Proxy. I want to know is there a way where i can dl all the needed files and save them to disk that i don´t need an i.c. during the installation? I am working under Windows now. my regards

Read the article
rsync not using forwarded ssh credentials

- by Mat

I have a situation where I would like to rsync some files from a remote server to a server in my office. The source server requires key-based authentication and I have an appropriate key set up on my desktop machine. If I ssh into the local server and then ssh to the remote server, ssh agent forwarding works correctly. However, when I try to rsync over ssh I get permission denied. So, Desktop -- Local server -- Remote server. When ssh'd onto the local server ssh user@remote works, but rsync -avPe ssh user@remote:/src /dest does not - Permission denied (publickey).

Read the article
cisco vpn and on demand routing

- by Chris Lively

We need to connect to a partner via a Cisco VPN from one of our internal servers. This server is already configured for demand dial routing to a different partner, using windows RRAS. The partner provided us the group authentication credentials and the regular logon credentials. Basically, I need to configure it so that when this server needs to access a specific host it will automatically establish the vpn connection and route that specific traffic to them. How can I do this? I've installed the Cisco VPN Client (5.0.07.0440) on the server and I can open it up and connect. However, I'm stuck on how to configure this to automatically happen.

Read the article
ConfigurationErrorsException when serving images via UNC on IIS6

- by Mark Richman

I have a virtual directory in my web app which connects to a Samba share via UNC. I can browse the files via Windows Explorer without issue, but my web app throws a yellow screen with the following message: Description: An error occurred during the processing of a configuration file required to service this request. Please review the specific error details below and modify your configuration file appropriately. Parser Error Message: An error occurred loading a configuration file: Could not find file '\cluster\cms\qa-images\120400\web.config'. What makes no sense to me is why it's looking for a web.config in that location. I know it's not an authentication issue because the virtual directory can serve images from its root (i.e. \cluster\cms\qa-images\test.jpg serves as http://myserver/upload/test.jpg just fine).

Read the article
Gmail/Facebook/Hotmail not opening in Firefox/IE on Windows 7 Home

- by singlepoint

Hi, I am unable to open Gmail/Facebook/Hotmail on Firefox/IE on Widows 7 Home. I just unboxed a brand new hp laptop with Norton Security Suite running inside. I get following error message on Firefox. Please help. The connection has timed out The server at www.google.com is taking too long to respond. * The site could be temporarily unavailable or too busy. Try again in a few moments. * If you are unable to load any pages, check your computer's network connection. * If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the Web

Read the article
LDAP loginShell on platforms with different paths

- by neoice

I'm using LDAP to deal with users and authentication across my network. I'm now adding FreeBSD hosts and have hit a problem with login shells. on Linux, shells tend to be in /bin/$shellname, so setting my login shell in LDAP to /bin/zsh works perfectly. on FreeBSD, /bin/zsh doesnt exist, I need to use /usr/local/bin/zsh. is there a solution to this? I imagine I might be able to make some sort of login-shell.sh script that LDAP passes out as the "shell" and then use the script to determine the actual shell for the user, but I'm not a fan of that idea. I'm using Debian and FreeBSD, both with a standard OpenLDAP/PAM/nss setup. edit: it looks like using /bin/sh and adding an exec $shell to .profile would "work", but that doesnt scale very well.

Read the article
How can an RSA key be placed in a "non-folder"?

- by Phil

I lack a lot of knowledge regarding the subject so please excuse me if my question is very ignorant. I just started out with RSA key authentication to my test-server. It did not work at the beginning and I tried and tried and re-tried to no avail. Then I realised, I was creating "mkdir ~/.ssh" and then "mkdir ~/.ssh/authorized_keys" before placing the id_rsa.pub into the latter folder, which did not work. My question is: How can id_rsa.pub be placed in "authorized_keys", which is not created by "mkdir" therefore not a folder? Thank you.

Read the article
WIndows Hosted Network

- by Nandakumar V

I have created a hosted network in my windows7 system. The netsh wlan show hostednetwork command gives the output Hosted network settings ----------------------- Mode : Allowed SSID name : "rambo" Max number of clients : 100 Authentication : WPA2-Personal Cipher : CCMP Hosted network status --------------------- Status : Started BSSID : xx:xx:xx:xx:xx:xx Radio type : 802.11n Channel : 11 Number of clients : 1 xx:xx:xx:xx:xx:xx Authenticated But I have forgot the password for this connection and after some googling I found the command netsh wlan refresh hostednetwork YourNewNetworkPassword. But on executing this command it get the error C:\Users\user>netsh wlan refresh hostednetwork rambo123 Invalid value "rambo123" for command option "data". Usage: refresh hostednetwork [data=]key I have no idea what is wrong with this command.

Read the article

< Previous Page | 275 276 277 278 279 280 281 282 283 284 285 286 | Next Page >