No cpufreq sub-directory in one of the nodes in our cluster
- by Sharat Chandra
How do you change the governor from Ondemand to something else ?
Search Results
Search found 38064 results on 1523 pages for 'oracle linux'.
Page 638/1523 | < Previous Page | 634 635 636 637 638 639 640 641 642 643 644 645 | Next Page >
-
-
How can I sign my server with an SSL certificate
- by Saif Bechan
I have a dedicated server and I want to use one domain name for default entrance to the system. My system is Apache 2 on CentOS 5.4. Lets says the domain name is mydomain.com. I have also bought an SSL certificate and installed it to work with this default domain. Still when I restart Apache I get the following error message: [Sat May 01 02:21:22 2010] [warn] RSA server certificate is a CA certificate (BasicConstraints: CA == TRUE !?) [Sat May 01 02:21:22 2010] [warn] RSA server certificate CommonName (CN) `mydomain.com' does NOT match server name!? Does anyone have an idea how I can remove this message. I have the server, domain name, and ssl key.Read the article
-
How to configure vmware in this situation?
- by Yousui
Hi guys, Now I'm using a router to connect my computer to the Internet. I installed VMware Workstation 7 on my computer and installed a guest OS which is CentOS 5.3. Now I want to using putty to connect to the guest OS in my host computer, and I need the guest os can access the Internet too. How can I configure my host's network, guest os and my router? I have little knowledge about network, can you guys give me a step by step direction or something similar? Great thanks!Read the article
-
How to copy directories using debugfs?
- by STM
The debugfs manpage gives the impression that the command 'rdump . .' will recursively copy all files found on the specified filesystem from the debugfs cwd to the native filesystem's cwd. Instead I seem to receive a syntax error, and no copy is initiated? These are the commands I run: cd /path/to/transfer/destination debugfs /dev/sda1 -R rdump . . My task is to copy the entire contents of a clean yet unmountable USB storage device to its host machine's HD. The host machine does not support the inode size used by the USB device's filesystem (256) and its software is not upgradeable, so my intention was to use debugfs to transfer the files. If anyone has any other suggestions for this task I'd be grateful.Read the article
-
extract recipient addresses from mailer-daemon messages
- by Frank Peixoto
I need generate and email to a mailing list administrator a list of email addresses that have generated a bounceback message, to allow him to clean up the mailing list. A separate mailbox will be dedicated to receiving those messages, so I need to extract the recipients that have bounced. What's the easiest way to extract those from the mail file for that special mailbox?Read the article
-
Whats after the iPAD?? check out the new Augmented Reality Glasses
- by Stephen Slade
Everyone loves their new iPad! The rich features, portability, plethora of apps and ease of use make this the new clipboard on the factory floor or electronic notebook for meetings. But how many business people walk into an hours meeting and really start typing notes on their PC?..yes some do, but for the general business public there are new technologies coming down the road. The iPad is the latest holla-hoop; and the next gen device I feel is the Augmented Reality Glasses. Your glasses will be your screen, have an earpiece, be wireless enabled, your smart watch be your electronics and maybe your belt can be an extended battery pack. I'm anxious to test one of these. The TELEGRAPH writes: "Android software is believed to power the gadget, enabling similar features to its smartphone and tablets. A 3G /4G data connection, motion sensors and GPS navigation are believed to be included in the device's capabilities. The augmented-reality glasses are the culmination of a two-year initiative called Project Glass, developed in the clandestine Google X lab, ..in Mountain View, ...The New York Times suggested they could cost between $250-$500 " http://www.telegraph.co.uk/technology/news/9187547/Google-unveils-augmented-reality-glasses.htmlRead the article
-
Why /home folder is missing from my backup archive created by tar?
- by Konstantin Pereyaslov
So I'm doing full backup of my VPS using the following command (as root, of course): tar czvf 20120604.tar.gz / Everything seems to be fine, all files seem to appear in the list. The size of archive is 6 Gb and gunzipped version is 11 Gb which includes /home, because I totally have 11 Gb of data on VPS. But when I try actually to unpack archive, or open it using mc or WinRAR, there's no /home folder. And WinRAR tells 20120604.tar.gz - TAR+GZIP archive, unpacked size 894 841 346 bytes. It can't be WinRAR's bug, because when I type tar xzvf 20120604.tar.gz, /home folder isn't unpacked either. Why is /home folder missing from my archive? And what can I do to include it there? tar --version outputs the following: tar (GNU tar) 1.15.1Read the article
-
repair partition table
- by m.sr
Hallo. I've just overwritten my partition table of my system's hard disk. i made a cfdisk on the wrong device (/dev/sda instead of /dev/sdd), deleted all partitions, made one new primary spanning over the whole device, set its type to 07 (NTFS) and hit write. So here i am with my system running. Until i reboot, i hope/guess nothing will change - meaning: all my data is accessible (I'm currently making a dd-backup of the whole device and plan to make a .tar.gz-backup of the most important data later). I also backed up /proc/partitions, /proc/diskstats (even though i guess this is more about throughput and stuff like this ...) and /sys/block/sda/sda?/{start,size}. Some further things i know: 4 primary partitions 1st partition: ~100Mb, ext3, /boot 2nd partition: ~100Mb, "Win7 Boot Partition", ntfs(?) 3rd partition: ~20...30GB, Win7, ntfs 4th partition: ~20...30GB, luks-encrypted device The luks- de crypted device is a LVM-PV The /, /home & swap-partitions are all LVs on the (VG on the) above noted PV So my questions: What is the simplest way to just write the kernels partition table to the disk? What is the simplest way to take the above mentioned (and perhaps other I don't know of ...) data and generate the partition table? Are there any problems to take care of regarding to luks and/or lvm? Is there any data I should backup before rebooting (meanig stuff from kernel [ /sys/..., /proc/...] and so on, which could help me regenerate the partition table)? Thanks a lot! P.S.: debian sid, Kernel 2.6.34-1-amd64 from debian-experimental, 80GB Intel SSDRead the article
-
phpmyadmin port change?
- by Rajat
How do i change my default phpmyadmin port to 443 or 9999? Is it possible or do I have use port 80 only? If possible, then how do I change share the same? Apache is listening on port 9999 for sure. However, going to URL http://<webserver>:9999/phpmyadmin/ Will give following error (with Firefox browser) An error occurred during a connection to webserver:9999. SSL received a record that exceeded the maximum permissible length. (Error code: ssl_error_rx_record_too_long) Anyone has any clue what is going on?Read the article
-
snmptt not translating traps, even with translate_log_trap_oid=1
- by mbrownnyc
I am having some trouble configuring snmptt to properly translate snmp traps. The following is a problem: /etc/snmp/snmptt.conf reflects: EVENT fgFmTrapIfChange .1.3.6.1.4.1.12356.101.6.0.1004 "Status Events" Critical FORMAT $* EXEC /usr/local/nagios/libexec/eventhandlers/submit_check_result $r "snmp_traps" 2 "$O: $+*" "$*" SDESC Trap is sent to the managing FortiManager if an interface IP is changed Variables: 1: fnSysSerial 2: ifName 3: fgManIfIp 4: fgManIfMask EDESC when a trap is received, /var/log/messages reflects: Sep 6 12:07:32 SNMPMANAGERHOST snmptrapd[15385]: 2012-09-06 12:07:32 <UNKNOWN> [UDP: [192.168.100.2]:162->[192.168.100.31]]: #012.1.3.6.1.2.1.1.3.0 = Timeticks: (707253943) 81 days, 20:35:39.43 #011.1.3.6.1.6.3.1.1.4.1.0 = OID: .1.3.6.1.4.1.12356.101.6.0.1004 #011.1.3.6.1.4.1.12356.100.1.1.1.0 = STRING: FGTNNNNNNNNN #011.1.3.6.1.2.1.31.1.1.1.1.10 = STRING: internal4 #011.1.3.6.1.4.1.12356.101.6.2.1.0 = IpAddress: 192.168.65.100 #011.1.3.6.1.4.1.12356.101.6.2.2.0 = IpAddress: 255.255.255.0 Sep 6 12:07:37 SNMPMANAGERHOST icinga: EXTERNAL COMMAND: PROCESS_SERVICE_CHECK_RESULT; 192.168.100.2; snmp_traps; 2; enterprises.12356.101.6.0.1004: enterprises.12356.100.1.1.1.0:FGTNNNNNNNNN ifName.10:internal4 enterprises.12356.101.6.2.1.0:192.168.65.100 enterprises.12356.101.6.2.2.0:255.255.255.0 Since the icinga entry reflects the EXEC, it's obvious there is no translations occurring by snmptt. I have verified that translate_log_trap_oid and net_snmp_perl_enable is enabled in snmptt.ini When using --debug=1 to start snmptt, I see the following in the --debugfile: ********** Net-SNMP version 5.05 Perl module enabled ********** The main NET-SNMP version is reported as NET-SNMP version: 5.5. What else can be done to verify that snmptt is configured properly to translate traps? I have run snmptt-net-snmp-test to verify whatever net-snmp-perl version I have installed properly supports translations. The output indicates it does. /root/snmptt_1.3/snmptt-net-snmp-test --best_guess=2 SNMPTT Net-SNMP Test v1.0 (c) 2003 Alex Burger http://snmptt.sourceforge.net MIBS:RFC1213-MIB best_guess: 2 Testing translateObj ******************** Testing: .1.3.6.1.2.1.1.1, long_names=disabled, include_module=disabled Test passed. Result: sysDescr Testing: .1.3.6.1.2.1.1.1, long_names=disabled, include_module=enabled Test passed. Result: RFC1213-MIB::sysDescr Testing: .1.3.6.1.2.1.1.1, long_names=enabled, include_module=disabled Test passed. Result: .iso.org.dod.internet.mgmt.mib-2.system.sysDescr Testing: .1.3.6.1.2.1.1.1, long_names=enabled, include_module=enabled Test passed. Result: RFC1213-MIB::.iso.org.dod.internet.mgmt.mib-2.system.sysDescr Testing: sysDescr, long_names=disabled, include_module=disabled Test passed. Result: .1.3.6.1.2.1.1.1 Testing: RFC1213-MIB::sysDescr, long_names=disabled, include_module=disabled Test passed. Result: .1.3.6.1.2.1.1.1 Testing: system.sysDescr, long_names=disabled, include_module=disabled Test passed. Result: .1.3.6.1.2.1.1.1 Testing: RFC1213-MIB::system.sysDescr, long_names=disabled, include_module=disabled Test passed. Result: .1.3.6.1.2.1.1.1 Testing: .iso.org.dod.internet.mgmt.mib-2.system.sysDescr, long_names=disabled, include_module=disabled Test passed. Result: .1.3.6.1.2.1.1.1 Testing getType *************** Testing: .1.3.6.1.2.1.4.1 Test passed. Result: INTEGER Testing: ipForwarding Test passed. Result: INTEGER Testing Description ******************* Test passed. Result: ------------------------------------------------- The indication of whether this entity is acting as an IP gateway in respect to the forwarding of datagrams received by, but not addressed to, this entity. IP gateways forward datagrams. IP hosts do not (except those source-routed via the host). Note that for some managed nodes, this object may take on only a subset of the values possible. Accordingly, it is appropriate for an agent to return a `badValue' response if a management station attempts to change this object to an inappropriate value. ------------------------------------------------- I have manually gone through the MIB with the definition that's not resolving, and verified that it is properly linking back to the proper resolved definition. It is: FORTINET-FORTIGATE-MIB.txt contains: fgFmTrapIfChange NOTIFICATION-TYPE OBJECTS { fnSysSerial, ifName, fgManIfIp, fgManIfMask } STATUS current DESCRIPTION "Trap is sent to the managing FortiManager if an interface IP is changed" ::= { fgFmTrapPrefix 1004 } fgFmTrapPrefix OBJECT IDENTIFIER ::= { fgMgmt 0 } fgMgmt OBJECT IDENTIFIER ::= { fnFortiGateMib 6 } fnFortiGateMib ::= { fortinet 101 } IMPORTS FnBoolState, FnIndex, fnAdminEntry, fnSysSerial, fortinet FROM FORTINET-CORE-MIB fortinet MODULE-IDENTITY ::= { enterprises 12356 } LOOKS GOOD!!!!! 1.3.6.1.4.1.12356.101.6.0.1004 I've exhausted all the documentation and even posted fruitlessly in the snmptt-users mailing list. I can not prove it is the MIB. Why would snmptt fail to translate traps? Thanks, MattRead the article
-
compare file timestamp in bash
- by endroix
How do I compare the timestamp of two files? I tried this but it doesn't work: file1time=`stat -c %Y fil1.txt` file2time=`stat -c %Y file2.txt` if[$file1time -gt $file2time]; then doSomething fi ThanksRead the article
-
"No route to host" with ssl but not with telnet
- by Clemens Bergmann
I have a strange problem with connecting to a https site from one of my servers. When I type: telnet puppet 8140 I am presented with a standard telnet console and can talk to the Server as always: Connected to athena.hidden.tld. Escape character is '^]'. GET / HTTP/1.1 <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>400 Bad Request</title> </head><body> <h1>Bad Request</h1> <p>Your browser sent a request that this server could not understand.<br /> Reason: You're speaking plain HTTP to an SSL-enabled server port.<br /> Instead use the HTTPS scheme to access this URL, please.<br /> <blockquote>Hint: <a href="https://athena.hidden.tld:8140/"><b>https://athena.hidden.tld:8140/</b></a></blockquote></p> <hr> <address>Apache/2.2.16 (Debian) Server at athena.hidden.tld Port 8140</address> </body></html> Connection closed by foreign host. But when I try to connect to the same host and port with ssl: openssl s_client -connect puppet:8140 It is not working connect: No route to host connect:errno=113 I am confused. At first it sounded like a firewall problem but this could not be, could it? Because this would also prevent the telnet connection. As Firewall I am using ferm on both servers. The systems are debian squeeze vm-boxes. [edit 1] Even when I try to connect directly with the IP address: openssl s_client -connect 198.51.100.1:8140 #address exchanged connect: No route to host connect:errno=113 Bringing down the firewalls on both hosts with service ferm stop is also not helping. But when I do openssl s_client -connect localhost:8140 on the server machine it is connecting fine. [edit 2] if I connect to the IP with telnet it also is not working. telnet 198.51.100.1 8140 Trying 198.51.100.1... telnet: Unable to connect to remote host: No route to host The confusion might come from IPv6. I have IPv6 on all my hosts. It seems that telnet uses IPv6 by default and this works. For example: telnet -6 puppet 8140 works but telnet -4 puppet 8140 does not work. So there seems to be a problem with the IPv4 route. openssl seems to only (or by default) use IPv4 and therefore fails but telnet uses IPv6 and succeeds.Read the article
-
How can I invoke a function in bash shell script
- by sufery
!/bin/bash one_func(){ echo 'abcd' } echo $(one_func) echo one_func the end I just wonder the distinction calling the function between $(one_function) and one_function in bash shell script. When I set the variable "PS1" in ~/.bashrc, I can't invoke the function by one_func e: export PS1="\n[\e[31m]\$(one_func)" it work export PS1="\n[\e[31m]one_func" it doesn't workRead the article
-
Announcement: New Tutorial - Using ADF Faces and ADF Controller with OEPE
- by Juan Camilo Ruiz
We are happy to announce the publication of our newest tutorial, that explores some of the latest features added in our OEPE 12c release for ADF Development. The tutorial walks you through the creation of an ADF application that uses the ADF Faces Rich Client components, in combination with the ADF Controler, ADF Model and JPA. By developing this tutorial you will work and understand various features added into OEPE 12c that are specific to ADF development such as: ADF taskflow editor Visual pageDefinition editor ADF integration with AppXRay Navigation across artifacts such as pages, pageDefinition, managed beans, etc. Property inspector for ADF Faces components. Stay tunned for more and exciting tutorials that explore this and much more OEPE features. And of course your feedback is always welcome!Read the article
-
Bridging Network Devices with Multiple IPs
- by Andy
I have a small server with a single NIC that I am trying to get a bridge functioning on so that I can run KVM. On this NIC I have a couple IPs statically assigned to it: eth0 = 192.168.1.1 eth0:1 = 192.168.1.2 eth0:2 = 192.168.1.3 eth0:3 -> Assign the bridge to this I am attempting to set up a bridge using the following instructions: sudo brctl addbr br0 sudo brctl addif br0 eth0:3 sudo ifconfig br0 192.168.1.120 netmask 255.255.255.0 up sudo route add -net 192.168.1.0 netmask 255.255.255.0 br0 sudo route add default gw 192.168.1.1 br0 sudo tunctl -b -u root -t tap0 > /dev/null sudo ifconfig tap0 up sudo brctl addif br0 tap0 However, when I do the second command: sudo brctl addif br0 eth0:3 It puts the ENTIRE eth0 device into promiscuous mode. This knocks the server offline and inaccessible by anything other than locally. Is there a way to bridge JUST eth0:3 to br0 and not put the entire device into promiscuous mode?Read the article
-
Apache - how to serve from a directory inside home folder, whereas home folder doesn't has any publi
- by Vikrant Chaudhary
Hi, I'm using Apache2 for completely local development purposes. I'm trying to make DocumentRoot to be /home/vikrant/www/ whereas permissions of /home/vikrant/ are 700. I'm getting 403 Forbidden when DocumentRoot is /home/vikrant/www/ however It Works! when DocumentRoot is /var/www/. I've even changed permissions of /home/vikrant/www/ to 777 and changed owner and group to www-data. Is it possible to serve from home directory whereas home directory doesn't has public permissions? If yes, then how?Read the article
-
Neuberger Berman Defines CRM Strategy In Asset Management
- by michael.seback
Neuberger Berman Defines Front Office Strategy for the New Firm Neuberger Berman is a majority employee-owned independent asset management firm with a heritage dating back to 1939. It provides a range of investment options, wealth planning services, and advice to meet individual needs. It also offers a broad range of financial capabilities and specializes in developing innovative and customized investment solutions for institutions. ... "The Insight team's analysis was critical to helping us assess the strengths and weaknesses of our Siebel implementation. It helped us to come up with our strategic plan for using customer relationship management and business intelligence capabilities." - Roxana Feldmann, Senior Vice President Technology ...Read more.Read the article
-
How to recover broken MJPEG AVI file after a camera crash
- by Jam K
I was recording a video when my KODAK EASYSHARE M531 Digital Camera fell to the ground and turned off. When i turned it on nothing happened to the camera but the video file is somehow broken. Obviously the camera did not have time to convert and close it properly. $file myvid.avi myvid.AVI: data where it should be: another_vid.AVI: RIFF (little-endian) data, AVI, 640 x 480, ~30 fps, video: Motion JPEG, audio: uLaw (stereo, 12000 Hz)` I would like to fix my video which I believe needs to be converted to AVI. Any idea? VLC does not play the file and returns: could not determine type of streamRead the article
-
Windows clients not using NTP server provided via DHCP
- by gencha
I have a network consisting mostly of Windows Vista and 7 clients and an Ubuntu server. The server provides both the DHCP and NTP services through dhcp3-server and openntpd. In my dhcpd.conf, the subnet is declared as follows: subnet 10.10.10.0 netmask 255.255.255.0 { range 10.10.10.10 10.10.10.200; option broadcast-address 10.10.10.255; option routers 10.10.10.1; option ntp-servers 10.10.10.1; } The clients don't seem to be using the NTP server though. When I capture the network traffic with Wireshark during the DHCP process, I also see no mention of the NTP option in the DHCP offer message. I am not quite sure if the clients would have to specifically request that option to receive it or if I have to make another configuration to offer the option.Read the article
-
Running multiple sites on a LAMP with secure isolation
- by David C.
Hi everybody, I have been administering a few LAMP servers with 2-5 sites on each of them. These are basically owned by the same user/client so there are no security issues except from attacks through vulnerable deamons or scripts. I am builing my own server and would like to start hosting multiple sites. My first concern is... ISOLATION. How can I avoid that a c99 script could deface all the virtual hosts? Also, should I prevent that c99 to be able to write/read the other sites' directories? (It is easy to "cat" a config.php from another site and then get into the mysql database) My server is a VPS with 512M burstable to 1G. Among the free hosting managers, is there any small one which works for my VPS? (which maybe is compatible with the security approach I would like to have) Currently I am not planning to host over 10 sites but I would not accept that a client/hacker could navigate into unwanted directories or, worse, run malicious scripts. FTP management would be fine. I don't want to complicate things with SSH isolation. What is the best practice in this case? Basically, what do hosting companies do to sleep well? :) Thanks very much! DavidRead the article
-
A Year of Upheaval for Procurement Professionals-New Report & Webinar
- by DanAshton
2013 will see significant changes in priorities and initiatives among procurement professionals as they balance the needs of their enterprises with efforts to add capabilities for long-term procurement success. In response, procurement managers will expand their organization’s spend influence via supplier relationship management, sourcing, and category management. These findings are part of the new report, “2013 Procurement Key Issues: Going Deeper and Broader to Deliver Borderless Procurement Services,” by the Hackett Group. The authors say that compared to similar studies over the last five years, 2013 is registering the greatest year-over-year changes in priorities for both procurement performance and capability issues. Three Important PrioritiesThe survey found that procurement professionals are focusing their attention in three key areas. Cost reduction. Controlling expenses is always a high priority, but with 90 percent of the respondents now placing this at the top of their performance concerns, the Hackett analysts say this “clearly shows that, for better or worse, cost reduction is king” in 2013. Technology innovation. Innovation has shot up significantly in the priority rankings and is now tied with spend influence for second among procurement professionals. Sixty-five percent of the survey participants said pursuing game-changing innovation and technology is a top procurement initiative. Managing supply risk. This area registered a sharp rise in importance because of its role in protecting profits, Hackett says. Supplier compliance with performance milestones and regulatory requirements is receiving particular attention, with an emphasis on efficient management of cross-functional workflows. “These processes create headaches for suppliers and buyers alike, and can detract from strategic value creation when participants are bogged down in processing paper and spreadsheets,” the report explains. For more insights into the current state of the procurement industry, download the full report, “2013 Procurement Key Issues: Going Deeper and Broader to Deliver Borderless Procurement Services” and watch a Webcast featuring Global Procurement Advisory Practice Leader for The Hackett Group, Chis Sawchuk, and Managing Supervisor of Supply Chain Processes and Systems for Ameren, Chris Nelms.Read the article
-
Password protect with apache2.conf works on files, but not on ports
- by Camran
I have changed the apache2.conf so that my website requires authentication. This works fine when typing the adress like this: www.domain.com or my_ip/ Problem is, I have Solr, which admin interface is on port 8983, so this: www.domain.com:8983/ does not require authorization. How can I add this port to also be authorized? ThanksRead the article
-
Hosting websites in our Workplace custom-built datacentre
- by i.h4d35
I'm faced with unique learning opportunity at work at the moment. Due to the slowdown (amongst other reasons), the powers that be at my office have decided to abandon our shared hosting providers (both shared and dedicated hosting) and have decided to host the websites at our office's datacentre. We're running 7 websites, wherein the average unique hits per day at the moment is about 900. We have 2 servers set aside for this - one is a DELL POWER EDGE 1850 (Intel Xeon 3 GHZ*2, 4GB RAM, 73GB HDD and the other is an HP DL 380 G3 (Intel Xeon 2.8 GHz, 6 GB RAM, 73 GB HDD) a) I would like to know the pros and cons of going ahead with this project.All the sites will be hosted on a single IP. In all probability, the OS is going to be CentOS. b) Do you think I should consider Virtualization into this equation (KVM/Xen)? I was thinking in terms of separate instances of the DB server and the frontend though I do not know if this is the best way to go. c) Should I be trying to use cloud stacks like OpenStack and try to make it look like websites hosted on some sort of Public Cloud? (something that I checked out here). Here is something else I came across, which looks similar to what needs to be done at our office. About the websites - Of the 7 websites, 4 are basic static websites which basically gives a whole lot of information about a few local institutions. The remaining 3 are local product-based websites developed in PHP wherein end user can view products and order them online. I am trying to take this as a learning experience wherein I can learn to build something from scratch and save the company a little something in the process. The migration needs to be completed by Easter so I guess it gives us some time (or am I being overly optimistic??). I am confused here and would appreciate all the help I can get. Thanks in advance.Read the article
-
Upgraded from fc10 to fc12 now I have eth0_rename, how do I get back to plain old eth0?
- by shank
I upgraded from Fedora 10 to Fedora 12. Unfortunately, my ethernet interface eth0 is now named eth0_rename. I'd like to get back to having it named plain old eth0. I googled a bit but the solution of removing the eth0 entry from /etc/udev/rules.d/70-persistent-net.rules seems to have no effect (I restarted the network service but didn't reboot). The interface works just fine although I could see a script or two having a problem with the format. So, it's more of an inconvenience thing than anything else. Any ideas? Thanks.Read the article
-
SSHing thru an HTTP proxy
- by Siler
Typical scenario: I'm trying to SSH thru a corporate HTTP proxy to a remote machine using corkscrew, and I get: ssh_exchange_identification: Connection closed by remote host Obviously, there's a lot of reasons this might be happening - the proxy might not allow this, the remote box might not be running sshd, etc. So, I tried to tunnel manually via telnet: $ telnet proxy.evilcorporation.com 82 Trying XX.XX.XX.XX... Connected to proxy.evilcorporation.com. Escape character is '^]'. CONNECT myremotehost.com:22 HTTP/1.1 HTTP/1.1 200 Connection established So, unless I'm mistaken... it looks like the connection is working. So, why then, doesn't it work via corkscrew? ssh -vvv [email protected] -p 22 -o "ProxyCommand corkscrew proxy.evilcorporation.com 82 myremotehost.com 22" OpenSSH_6.6, OpenSSL 1.0.1f 6 Jan 2014 debug1: Reading configuration data /etc/ssh/ssh_config debug1: /etc/ssh/ssh_config line 19: Applying options for * debug1: Executing proxy command: exec corkscrew proxy.evilcorporation.com 82 myremotehost.com 22 debug1: permanently_set_uid: 0/0 debug1: permanently_drop_suid: 0 debug1: identity file /root/.ssh/id_rsa type -1 debug1: identity file /root/.ssh/id_rsa-cert type -1 debug1: identity file /root/.ssh/id_dsa type -1 debug1: identity file /root/.ssh/id_dsa-cert type -1 debug1: identity file /root/.ssh/id_ecdsa type -1 debug1: identity file /root/.ssh/id_ecdsa-cert type -1 debug1: identity file /root/.ssh/id_ed25519 type -1 debug1: identity file /root/.ssh/id_ed25519-cert type -1 debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_6.6p1 Ubuntu-2ubuntu1 ssh_exchange_identification: Connection closed by remote hostRead the article
