Recent Questions - Server Fault |
- "aureport -x --summary" shows -> /usr/sbin/sshd;61b30d72 (deleted)
- CentOS 7 , OpenVPN Server Radius Plugin
- use "rewrite" and "try_files" together [Nginx]
- Bind not working, what is wrong in my configuration?
- Netplan - Error in network definition: Updated definition changes device type
- Google Compute Engine Debian VM, firewall rules only apply to IPV6
- TCPDUMP Order of Operations: exclude and include
- Mounting EC2 directory with existing data to Fargate container using EFS
- Dnsmasq server does not work when configured as the primary DNS in my router
- Logrotate Fails Without Error
- Windows CLI way to copy to the same directory and only change the case of the filename?
- Centos server can ping IPs - but cannot ping domains
- My EC2 Ubuntu instance has not internet access?
- Zabbix key with comma
- ERROR: (gcloud.app.deploy) Error Response: [13] Flex operation
- Blocking phpmyadmin from internet, allow only from lan in nginx
- XRDP same user multiple session
- Poor write performance with HP ProLiant ML 150 Gen9
- Azure AD SSO for non-azure Linux VMs?
- How to trace cron actions?
- Getting emails with @pps.reinject in the CC recipients
- Remote Desktop to 80% of my servers do no longer work ("User account restriction") from just one of my PCs
- No Response on NGINX when using upstream
- Web app running on tomcat not updating when modified
- Is there a way to limit bandwidth per ip using HTB + a CIDR range in Linux?
- Revoke multiple client certs signed by one CA: only the first one got denied?
- Windows Server 2012 RD Licensing Issuing Multiple Temp Licenses Per Machine
- Is STARTTLS less safe than TLS/SSL?
- persistent SSH connection while connecting to VPN
- Enabling DSA key authentification for SFTP while still keeping password login as optional (Ubuntu 12.04)
"aureport -x --summary" shows -> /usr/sbin/sshd;61b30d72 (deleted) Posted: 31 Dec 2021 05:39 AM PST On one of the machines running Centos i.e. i found something strange by the command aureport -x --summary what does "61b30d72 (deleted)" means rkhunter does not show any warrning or susspect files! i.e. and then !!!all green!!! what 61b30d72 means? |
CentOS 7 , OpenVPN Server Radius Plugin Posted: 31 Dec 2021 04:28 AM PST on my new openvpn server install radius plugin can not read client status it worked on previous installtion, now all things is the same but not working help me please on server log it shows this: RADIUS-PLUGIN: BACKGROUND ACCT: No accounting data was found for user01 |
use "rewrite" and "try_files" together [Nginx] Posted: 31 Dec 2021 04:35 AM PST I removed the ".php" suffix at the end of the PHP files on the Nginx server with the following code, but this time I cannot send some data to the server. Some links on the site are sent with Ajax, and the ".php" extension is not available at the end of these links. E.g; https://panel.example.com/app/controller/ajax/collect For example, when I want to access the "/collect" file that I want to access via Ajax or directly, I get the error "File not found". Because I do "rewrite" with the code below and provide a clean URL. Sample link: https://panel.example.com/[details|cat|profile]/[subPages(productID, username..)] As a result, the above codes are correct and working, but not working at the same time together. How can I run these two codes at the same time? |
Bind not working, what is wrong in my configuration? Posted: 31 Dec 2021 02:57 AM PST Following my previous question Dnsmasq server does not work when configured as the primary DNS in my router where I unsuccessfully set up a DNS server on a vagrant virtual machine, I decided to switch to use bind on an actual physical MacOS machine to make sure everything works. I have installed Bind on MacOS and have the following named.conf And the content of "mysite.com.zone" is as follows: However after Some clarification: MacOS have the IP address 192.168.2.11 in my local network. I have also added 127.0.0.1 in my MacOS Network settings DNS page. I am very new to DNS and am stuck at this point. Any help would be appreciated. |
Netplan - Error in network definition: Updated definition changes device type Posted: 31 Dec 2021 02:52 AM PST I'm trying to set a static ip on Ubuntu. ip a: So my adapter is the 3rd one, wkp1s0. But in my default netplan yaml file, it is just the basic file with epn2s0 as dhcp: true When I change the yaml file to set wkp1s0 to static ip, then run netplan try, it gives: What am I doing wrong? |
Google Compute Engine Debian VM, firewall rules only apply to IPV6 Posted: 31 Dec 2021 02:18 AM PST I am using a Debian VM on Google Cloud working as an API provider. I access the API from Android on tcp port 30300 and it works OK. I also access the API from a C++ App running on microcontrollers and it also works OK. Then I decided to also provide the means to access the API from PHP and it is not working. From an external server running Apache the API behaves as if it is not acessible, the API monitor does not show any access at all. Then I moved the PHP script to the same server running the API and just changed the target server from its web address to http://127.0.0.1:30300/alprbr and it works OK. The I checked the Compute Engine firewall rules closely and found the rule only allows for IPV6 and I found no way to allow trafic on the public IP address for IPV4. I don't really know if this is the cause of the problem but seems something to be sorted out before trying something else. Google Cloud Firewall Rule: netstat -an | grep "LISTEN" returns: What Am I doing wrong? Assistance welcome. |
TCPDUMP Order of Operations: exclude and include Posted: 31 Dec 2021 05:03 AM PST Trying to look at multicast traffic so I created a filter to monitor the range, then began to slowly add statements to exclude things not relevant but didnt get expected results. Do you do the opposite when writing, so put narrow excluding statements first then tac on large overarching statements at the end? Failed attempt:
|
Mounting EC2 directory with existing data to Fargate container using EFS Posted: 31 Dec 2021 01:18 AM PST I have an EC2 instance with a huge directory(ex. /large-dir) that containers need to access. Both instance and container share same network and security group. I'm able create and mount an EFS to container as well as add/remove files from the EFS after it is mounted. On the instance there are processes that constantly write to /large-dir, so I cannot rename or move this directory. At the moment I cannot mount EFS on the EC2 instance because that kind of overwrites directory data with EFS data(which is empty) This would be easy if I was setting up from scratch(Initial empty dir on EC2 -> Mount EFS on EC2 -> Start processes that write to dir/efs -> Containers spin up randomly and mount the efs and have access to data on EC2) Is there a way to sync the /large-dir on EC2 with EFS so any modifications are automatically available to the EFS and therefore available to containers that mount it? |
Dnsmasq server does not work when configured as the primary DNS in my router Posted: 31 Dec 2021 01:53 AM PST I have a LAN with IP range 192.168.2.* and the following configuration:
Here is what worked: i. In the MacOS machine's system preference, open "Network" and "Advanced", choose "DNS" tab and add the DNS server ii. Access Here is what did not work: i. Remove all entries from MacOS's system preference ii. Open the router's admin page at 192.168.2.1 and set the Primary DNS address to be 192.168.2.250 iii. Access
I think there's something wrong in my dnsmasq.conf but I could not figure out. The current complete conf is shown as below: The resolv.conf files is as follows: (192.168.1.1 is the original DNS used by the router and I want to forward anything other than mysite.com back to it) The hosts file is as follows: (There is an extra entry but I don't think it matters here) I am pretty much stuck at this point. Any help would be appreciated. |
Posted: 30 Dec 2021 11:56 PM PST Ok, I made a boo-boo. I think Problem: Logrotate fails (or I incorrectly think its dead) and does not provide any error message to explain why: I wanted to automatically restart logrotate using systemd because sometimes it would fail after a reboot. Therefore in my
The above addition kill logrotate service. From there I decided to undo my dirty work and by deleting No luck. Then I decided to investigate the syslog and see if I could find any clues, using: Note: all the times where you see "Succeeded" are from me manually trying to start logrotate. I read in this post on server fault that this can problem can be caused by logrotate trying to access logs outside of the reiteration: From I investigated clamd, but Yields, nothing. Does anyone know why logrotate won't start? |
Windows CLI way to copy to the same directory and only change the case of the filename? Posted: 31 Dec 2021 01:54 AM PST I have Windows 10 pro, with NTFS. I think the filesystem is fully case-sensitive. I can have the file Bill_and_Ted.txt in a directory, and write scripts that won't mistake it for bill_and_ted.txt. Linux WSL apps accessing NTFS directories are fully case-sensitive. But it seems that Windows utilities get confused. So NTFS is probably case sensitive, but perhaps Windows is not. Is it possible in Windows to create two files in the same directory that only differ in ASCII case? For various software development reasons, I would like to have the files Bill_and_Ted.txt and bill_and_ted.txt in the same directory, and then change the content. But so far, Powershell Copy-Item and Windows xcopy refuse to copy to the same directory when the filenames differ only in case. They fail with "File cannot be copied onto itself" Is there a built-in Windows way to copy to the same directory and only change the case of the filename? |
Centos server can ping IPs - but cannot ping domains Posted: 31 Dec 2021 03:36 AM PST I have 3 servers with DigitalOcean (AMS3). Suddenly, three servers at the same time faced the same issue. It seems the servers cannot connect to the outside world. I tried to ping different IP addresses and domains. Here are the results: I searched for a solution on StackOverflow, ServerFault, and DO Community. There were suggestions that the file The contents of other files you may want to see: Any help is appreciated. |
My EC2 Ubuntu instance has not internet access? Posted: 31 Dec 2021 01:24 AM PST So im new to ec2 and aws , i created a account yesterday and opened a ubuntu instance, i can update and upgrade or install new packages but the problem comes when using a api that connects to a game api https://gitlab.com/man90/black-desert-social-rest-api I build and run api on the instance and runs normal. Problem is when calling the api for some reason i get 404 not found response. but when calling api from python i got 404 not found response, so ec2 instance cannot resolve domain or is unrecehable. if i ping the page from ec2 instance works as normal, but for some reason, running api and calling it from python is giving error if i ping the api outside my code from python happens the same, so idk if my code cannot reach api for some reason or api itself cannot reach internet game website. |
Posted: 31 Dec 2021 04:23 AM PST I'm trying to create Zabbix item with key which contains commas, it results with "Too many parameters." error. I don't see any opportunity to get rid off comma in my key. I've already tried many ways of enclosing key or parts of it in quotes, double quotes etc. but nothing worked for me. I don't want to use "Database monitor" item type, I'd like to stay with simple "Zabbix agent". My key is of course I've changed the servername and tablename for the sake of the example, query works like a charm when executed in cmd. Is there a way to escape zabbix item keys? |
ERROR: (gcloud.app.deploy) Error Response: [13] Flex operation Posted: 31 Dec 2021 01:00 AM PST I already checked all the quotas and they seem to be fine. Don't know what cause the error? Please help me solve it. |
Blocking phpmyadmin from internet, allow only from lan in nginx Posted: 31 Dec 2021 05:38 AM PST I'm running 2 websites on a LEMP stack with nginx configured as a reverse proxy server. I have successfully installed phpmyadmin in the root folder of one of my sites root directories. When I go to www.example.com/phpmyadmin, I am able to access phpmyadmin login page on public internet as well as on my lan. What I would like to do is configure nginx to block any traffic to phpmyadmin that doesn't originate from my local area network. Currently I also have a /admin folder in the root of my site, and I HAVE SUCCESSFULLY set up a way to block all traffic to that folder that doesn't originate from my LAN. I figured blocking phpmyadmin from the outside world would be as easy using the same ngninx virtual configuration lines I used to block the /admin/ directory, but just changing the location to /phpmyadmin. However, when doing this, phpmyadmin is still blocked on the local network. Below is my nginx virtual host configuration for example.com. You can see what blocking configurations work and don't work as noted in the comments. Help me fix the #Not working lines. Note: My Server's local ip address is What edits to my virtual host config file must I make to properly restrict phpmyadmin to my LAN in Nginx? |
XRDP same user multiple session Posted: 31 Dec 2021 01:00 AM PST I'm trying to make XRDP work with multiple sessions on my linux mint server. Right now, i can connect only if there are no other session running on the system (I had to disable autologin). I don't know why, but with the Raspberry it just works by default the way I want: when I connect to XRDP, a new session is created for every client. When another client connects to the same server with the same user, a new session is created. I tried to change the It's the first question I post, so I ask you to be really patient with me and ask me the files you may need to understand the situation. I swear I searched all the internet but found nothing that helped. I just know it can be done 'cause my Raspberry does it for some odd reason. Thank you :) |
Poor write performance with HP ProLiant ML 150 Gen9 Posted: 31 Dec 2021 04:53 AM PST Transferring large files from one drive (USB or SATA to RAID) in my HP ProLiant ML150 Gen9 is slow. At the beginning we were thinking about the B140i controller - a pseudo-raid controller without any memory cache. This is the original B140i performance and the improvement after upgrading to smart array p440/4gbFWC. Raid configuration is RAID 10 with 4 x SSD 500GB drives on both cases. Although improved, the problem was still present: When transferring large files, speed drops dramatically after a couple of minutes, from 400 MB /S and remains at 6-7 MB/s till the end of the transfer: I tried without success:
This is perfomance while copying a file from P440/4GB volume to the same volume: Now machine is running 3 VM with only 18% of free memory. Older tests was done without any VM running. |
Azure AD SSO for non-azure Linux VMs? Posted: 31 Dec 2021 01:08 AM PST I currently have a VPS hosting for two servers with Ubuntu outside Azure network and a free azure AD plan. I see this option here: https://docs.microsoft.com/en-us/azure/virtual-machines/linux/login-using-aad but it is only for azure VMs, so can I use azure ad for hosts outside of azure? |
Posted: 31 Dec 2021 12:46 AM PST I know that there are some cron jobs (run every minute) scheduled in my Ubuntu. How do I track what's running them, when the cron files ( |
Getting emails with @pps.reinject in the CC recipients Posted: 31 Dec 2021 04:04 AM PST This is an example: We are using Office365 to send out our email, but this is usually when we get emails back from clients. And this is not only for one client. We use Outlook 2016 on the Desktop. From a Google search I found Proofpoint Protection Server. But that does not really explain much... Any idea what could be wrong? And on which side? |
Posted: 31 Dec 2021 05:05 AM PST I came into work last week, checked my first ticket (easy to fix one), RDP'd into the server needed for this and the login did not work. After clicking 'connect' I got the "Unable to Log You on Because of an Account Restriction" message. Checked another server (all machines are 2008R2/2012R2), the same message. No, I do not habe an empty password, not using network auth, my clint is Windows 10 (1607). Here is what I did:
Any Ideas where to look for this? It is haunting me into my sleep :-( Updates: Surely I checked the local policies on the server(s). any changes would have surprised me - there are a lot of servers. Also checked the clients GPO, nothing. |
No Response on NGINX when using upstream Posted: 31 Dec 2021 05:05 AM PST I'm trying to load balance a web application through nginx, It works fine for all will my web application calls a service with sub-path. for example it works but not for My nginx.conf my web application calls a service with additional subpath like /luna/sales fails to return response. What am i missing here? It works if i remove one of my host server from upstream, But when I add second host on upstream it fails to return response. Is my rewrite rule wrong or my configurations as whole is wrong? |
Web app running on tomcat not updating when modified Posted: 31 Dec 2021 12:02 AM PST I'm modifiying a web app coded by another guy with AngularJS. This app is fed by csv data files and is running fine in the first place. However, when I'm trying to change some data in the csv files, every part of the app that relies on data taken from those .csv gets broken. I first suspected this problem to be related to the fact Excel was recognizing the .csv files as SYLK files when I tried to modify them. However, when I tried to replace the new .csv by the old ones, it didn't change anything. Even more, removing the whole app overall and putting the old one in place instead didn't change anything to the problem. So now, I'm suspecting there is some cache problem with the Tomcat server (8.0 under windows) I'm running the app on. I tried deleting the localhost folder in work/Catalina from the Tomcat installation folder as suggested in another question on Serverfault, but it doesn't change anything either (neither Under IE, nor Chrome). The only way I can go back to a working app is reboot my computer, but obviously I don't want to reboot each time I'm doing a modification. Any idea to what could be causing the problem? |
Is there a way to limit bandwidth per ip using HTB + a CIDR range in Linux? Posted: 31 Dec 2021 12:02 AM PST I can create rules to limit a entire subnet or to limit individual ip addresses with tc and htb. I am looking to use CIDR ranges to keep things somewhat elegant. The machines in question are all running CentOS 7. I have been attempting to use tc + htb to accomplish this, but I am open to other tools if there is a better method. My goal is to limit by a CIDR range and assign individual limits per source ip address. For example, set global limit for 192.168.1.0/24 to 100Mb/s and each source ip within 192.168.1.0/24 has a individual upload limit of 10Mb/s that may not be exceeded. Here is a working example of what I am doing for each ip(looking to simplify procedure if possible): These steps only need to be performed once: It may be that there is no elegant way to do this, but any tips / advice would be greatly appreciated. I have looked through several guides online such as http://lartc.org. Thank you. |
Revoke multiple client certs signed by one CA: only the first one got denied? Posted: 31 Dec 2021 04:04 AM PST
Server config: client config: Using In my case, I wrote a script to append to that file but only the first one got denied, all other one can still connect. Using So, the question is: does Related: |
Windows Server 2012 RD Licensing Issuing Multiple Temp Licenses Per Machine Posted: 31 Dec 2021 02:08 AM PST I have just setup a Windows Server 2012 RDS environment with Per Device CALs. Looking at RD Licensing Manager it is handing out multiple temp CALS per machine and multiple permanent CALS per machine. At this rate I will run out of licenses very shortly. I understand that it would issue a temp license until the second logon, but why would it issue multiple licenses to the same machine? |
Is STARTTLS less safe than TLS/SSL? Posted: 31 Dec 2021 02:32 AM PST In Thunderbird (and I assume in many other clients, too) I have the option to choose between "SSL/TLS" and "STARTTLS". As far as I understand it, "STARTTLS" means in simple words "encrypt if both ends support TLS, otherwise don't encrypt the transfer". And "SSL/TLS" means in simple words "always encrypt or don't connect at all". Is this correct? Or in other words: Is STARTTLS less secure than SSL/TLS, because it can fallback to plaintext without notifying me? |
persistent SSH connection while connecting to VPN Posted: 31 Dec 2021 03:42 AM PST I have a Linux machine on the intranet which I can only access via SSH, this machine needs to connect to a VPN using openconnect however when I do that I get disconnected from the SSH since the intranet's IP is no longer valid. I can reconnect to it from within the VPN using the IP it got assigned but that IP changes everytime the VPN is connected, I don't have control over any othe networks only this machine. is there a way to keep the SSH connection alive while connecting to the VPN? thanks. openconnect requires a --script argument which takes a script to configure routing, without it the connection succeeds but no names are resolved and the intranet's IP remains valid. I'm currently using Ubuntu's default /etc/vpnc/vpnc-script (pasted here) I'm good with shell scripting but I know very little about networking, if I have to modify that I'll need some reference about what or how to change it. |
Posted: 31 Dec 2021 02:08 AM PST I have a server running Ubuntu 12.04 Server. I want to be able to use SFTP on the command line with a DSA key, so I don't have to type the password into the terminal. Is this possible to do on the same server... i.e I want to SFTP to localhost (to test some PHP code before running it live). But I still want to allow password login by other clients if they want to. I don't want the certificate to be forced, but I don't want it to ask for the password if the certificate is passed or whatever. I have the following options enabled in ssh_config: The following files with shown permissions are in /root/.ssh/ I copied the key into authorized keys with: And when I cat authorized keys, it has added the key. So, when I try to connect to sftp with Have I missed something obvious? Or will it not work connecting locally? Thanks |
You are subscribed to email updates from Recent Questions - Server Fault. To stop receiving these emails, you may unsubscribe now. | Email delivery powered by Google |
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States |
No comments:
Post a Comment