sshcommand="ssh -N -R 20000:localhost:22 email@example.com"
result=`ps aux|grep $sshcommand"|grep -v grep`
if [ -z "$result" ]; then
echo "we are going to connect"
echo "we are already connected"
This is a handy script you can use and then add it to cron.
So say you are behind a typical NAT/LAN setup whether at home, work or while travelling. What if you have a computer or server that you need to connect to from the outside?
Yes you could use a VPN but a quick and dirty, temporary and secure way is to use SSH's Reverse Tunneling Proxy feature.
On the remote ssh server host you need the GatewayPorts option enabled in sshd_config (be........
debug1: Local connections to LOCALHOST:18006 forwarded to remote address 192.168.1.93:8006
debug1: Local forwarding listening on 127.0.0.1 port 18006.
debug1: channel 0: new [port listener]
debug1: Local forwarding listening on ::1 port 18006.
bind: Cannot assign requested address
What we are seeing is that we can't listen on an IPV6 address of ::1. We need to tell SSH to stop using IPV6 so we'll edit ssh_config to take care of this issue........
Jan 30 17:16:10 localhost sshd: error: Failed to allocate internet-domain X11 display socket.
The solution for me on the server side was the following in sshd_config:
*Remember to restart sshd and also reconnect from the client side.
Ihad all the normal X11 settings on the server but it just stopped........
mytop is one of my favorite tools and it is fairly simple aside from a few caveats and issues that persist to this day.
To install it on Centos:
yum -y install centos
umask are the default permissions that are applied when a file or directory are created. To see this in action simply just "touch filename" or "mkdir somedir" and you'll see what default permissions are applied.
The first thing Ialways tell people you should know is to NEVER change the defaults unless you are making them more restrictive. But they work well and if you change the defaults you could end up creating a file without permission to read........
Ihave a directory structure which the primary user needs full access on but wanted a user to access only a specific directory within the main directory (so they could write in there only and nowhere else).
Here's what Idid:
[root@compevo8001 dllnow]# ls -alh
drwxrwxr-x 2 someuser software 4.0K Oct 19 2017 ExpireYMD-2017-11-20
drwxrwxr-x 2 someuser software 4.0K Nov 19 2017 ExpireYMD-20........
[root@localhost:~] vmkping -I vmk1 10.0.2.69
PING 10.0.2.69 (10.0.2.69): 56 data bytes
sendto() failed (Host is down)
vsphere distributed switch vmotion not working
[root@localhost:~] esxcfg-route -l
Network Netmask Gateway Interface&........
The folder contents could not be displayed
Backend currently unmounting
drwx------ 10 userhere group 260 Aug 23 19:40 ..
?????????? ? ? ? ? ? sftp:host=192.168.8.80,user=adhoc
ls: cannot access 'sftp:host=192.168.8.80,user=adoc': Input/output error
$ ps aux|grep fuse
BootModuleConfig.sh echo host-ind nfcd........
[root@thetor2017 conf]# service httpd restart
Stopping httpd: [ OK ]
Starting httpd: WARNING: MaxClients of 3000 exceeds ServerLimit value of 300 servers,
lowering MaxClients to 300. To increase........
Server Side Config
1.) First install nfs-utils
yum -y install nfs-utils
2.) Configure nfs share
Create a directory for your NFS share
Create your NFS share in /etc/exports
echo "/datastore 10.220.101.0/24(rw,sync,no_root_squash)" >> /etc/exports
systemctl restart nfs........
I had this error in an unsupported CPUon VMWare 6.7 and apparently this sometimes works especially on older VMWare versions like 6.5 5.5 etc (but in my case it did not).
To make sure it proceed when you see "Loading VMWare"
Then add "ignoreHeadless=TRUE"
See an example below:........
#mount the VCSA DVD
mount /dev/sr0 /mnt/cd
#alternatively you could mount the iso directly
mount -o loop vcsa.iso /your/mount/path
#for this purpose we are using the CLI installer on Linux
#no it's not going to be that easy you can't just run vcsa-deploy like that you need to use a template or configured .json file
Usage: vcsa-deploy [-h] [--version] [--supported-deploymen........
The main issue is it looks like Java is not configured to accept the invalid ssl cert that is coming from the download location.
Exception in thread "main" java.lang.RuntimeException: javax.net.ssl.SSLException: java.security.ProviderException: java.security.InvalidKeyException: EC parameters error
This is most likely to happen on a normal GUI system like Ubuntu or Linux Mint. If you or the user is meant to have sudo / root privileges it is as simple as editing the following files:
Now assume your username is "iamtheuser"
Find the above lines and add a comma and "ia........
One or more of the WHMCS database tables appear to be either missing or corrupted. Please check and repair.
This error can be misleading especially if you know you are using a known good backup or restoration of the WHMCS database. The error can also be that the user lacks permissions to read and write to the database.
To check to this in MySQL shell:
GRANT read,write to dbusername@localhost on dbna........
Internal Server Error
The server encountered an internal error or misconfiguration and was unable to complete your request.
Please contact the server administrator, root@localhost and inform them of the time the error occurred, and anything you might have done that may have caused the error.
More information about this error may be available in the server error log.
Apache/2.2.15 (CentOS) Server at testdomain.com Port 80........
It is simple the user just needs to be given the "LOCK TABLES" privilege.
As root run this command:
GRANT LOCK TABLES ON yourdatabase.* TO yourmysqluser@localhost;........
GRANT SELECT, LOCK TABLES ON *.* TO yourmysqluser@localhost;
All you need to do a full MySQL dump on all databases is the SELECT and LOCK TABLES privileges. This way you don't have to use the mysql root user. Data could be compromised this way but at least no harm from manipulation, changes or deletion are possible by locking down the privileges to the minimum for a full MySQL dump and backup.........
So I have a domain "testdomain.com".
Inside test domain.com's root is the following .htaccess:
Options +FollowSymLinks -Indexes
ErrorDocument 403 /launch/index.html
Deny From All
Allow From 192.168.1.2
When you visit anything other than root things work fine. Eg. if you visit http://testdomain.com/somedirfile.html
It will show the right error in /launch/........
I've never seen this before in all of my years. Ihave some very old CDs and DVDs 12-15 years old that seem not to work in this BD-R/DVD-R/CD-R Asus drive.
The discs are fine actually and ironically they even work fine on a normal LG USB based BD-R drive!
Here are the errors in Linux:
[2914936.884924] attempt to access beyond end of device
[2914936.884927] loop1: rw=0, want=730424, limit=688384
[2914954.556873] attempt to........
Some of the cheaper or newer SSL suppliers will require this to work properly (otherwise you may be prompted that the cert is invalid when it's not the case but it will certainly scare off your users!).
In the Apache vhost conf for the domain here is what you add:
Here is a full example of an SSL Vhost config in Apache using a CA Certificate file
When running cudaminer once it tries to initialize the card the entire screen freezes. The computer itself is still running but the Xorg is done for, you cannot even switch to another console window and must reboot (even an mdm or Xorg restart does not help).
At first cudaminer will give you these errors:
...retry after 15 seconds
GPU #0: Geforce 210 with compute ca........
*Update so this doesn't work it must be something to do with the path of nfs or something else but the installer fails with "Installer crashed" at the end whereas with the CD/USB it works.
This assumes you've already installed and configured a separate PXE/DHCP server somewhere else and your /tftpboot directory is setup.
This is for Linux Mint 18.1 but generally applies to most versions although you may have tro change things like "casper"........
Error while connecting to MYSQL: (XID 4ea7s9) Access denied for user 'root'@'localhost' (using password: YES) at /usr/local/cpanel/Cpanel/Mysql.pm line 181
This error occurs because the /root/.my.cnf has the wrong/outdated password for MySQL root user. Simply edit /root/.my.cnf with the correct user. This normally happens if you update outside of cPanel.........
Change Host="192.168.5.99" with the remote IP allowed(this is of course more secure but also cumbersome if your IP changes). You could also have a single layer of protection that specifies the IP via firewall or both (of course both are far mor secure).
UPDATE user SET Host="192.168.5.99" where Host="localhost"
or for any/wildcard
UPDATE user SET Host="%" where Host="localhost&qu........
iptables -t nat -A OUTPUT -m addrtype --src-type LOCAL --dst-type LOCAL -p tcp --dport 3306 -j DNAT --to-destination ip.ip.ip.ip
iptables -t nat -A POSTROUTING -m addrtype --src-type LOCAL --dst-type UNICAST -j MASQUERADE
sysctl -w net.ipv4.conf.all.route_localnet=1
Make sure you substitute "ip.ip.ip.ip" for your real public IP and also the "--dport 3306" for the port you want to forward.
Finally run the sysctl command and........
Stopping httpd: [ OK ]
Starting httpd: [Wed Jun 29 19:29:44 2016] [warn] _default_ VirtualHost overlap on port 80, the first has precedence
[Wed Jun 29 19:29:44 2016] [warn] _default_ VirtualHost overlap on........
Here is the scenario you or a client have a remote machine that was installed as a standard/default minimal Centos 6.x machine on a single disk with LVM for whatever reason. Often many people do not know how to install it to a RAID array so it is common to have this problem and why reinstall if you don't need to? In some cases on a remote system you can't easily reinstall without physical or KVM access.
So in this case you add a second physical or disk or already ha........
[Tue Jun 23 02:05:52 2015] [error] Unable to configure RSA server private key
[Tue Jun 23 02:05:52 2015] [error] SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch
The above is an accurate description of what is wrong.
In our case the client made a simple mistake of thinking the localhost.crt and localhost.key (default key locations for Apache SSL in Centos) were in the same directory but they we........
The most common solution is to use the /etc/postfix/header_checks but this is a big problem.
Why is header_checks a problem? Because it does it to all mail whether incoming or outgoing and whether authenticated or not. We of course want as much header information for incoming as we can get for many reasons but many organizations want to secure and make their mail clients as secure as possible.
I adapted this solution to the client's custom config, they are configur........
ssh -L 5905:localhost:5900 firstname.lastname@example.org
The "-L" means to create a port forward to a port on your server.
The 5905 means the port on your computer that will be used to access the port 5900 on the remote server.
localhost is the IP that you use to access the port forward (you can change it to 0.0.0.0 which will be all IPs on your system/computer but localhost is good for security and privacy unless a whole network of people need access).........
I just realized I have some blank users which I deleted butI can still login to this dummy account without a password for some reason.
mysql -u -p
Welcome to the MySQL monitor. Commands end with ; or g.
Your MySQL connection id is 5
Server version: 5.1.69 Source distribution
Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation an........
At first it was configured as a RAID 0, then I deleted the Virtual Disk Group.
I thought both drives would be shown and detected in Linux as sda and sdb but it actually shows nothing.
To make them work you have to hit Ctrl+R before the system boots (when prompted) and create a Virtual Disk Group. In my case I created each one as RAID 0 (with a single drive only) as I just wanted JBOD but there is no such option or default in these Dell Pe........
Change the following from "Listen 443" to something like below
Then find the SSLVirtual Host Context and edit like below (to your new listening port)
## SSL Virtual Host Context
# Disabling symbolic-links is recommended to prevent assorted security risks
The key is "bind-address", set that to 127.0.0.1 and no one from outside the server can connect.........
mysqldump: Couldn't execute 'show create table `general_log`': SHOW command denied to user 'user'@'localhost' for table 'general_log' (1142)
One of my clients almost found out the hard way, here is an unlikely situation that happened.
1.) Years ago the client had another VPS to which they backed up a BLOG nightly to an .sql file, what they forgot is that the file also contained all databases (they used the --all-databases option but forgot). So imagi........
-bash-3.1# shutdown -rn now
Connection to localhost closed by remote host.
Connection to localhost closed.
Sometimes I work with embedded systems/custom kernels without any of the fancy init scripts and other common Linux basics that most would expect. This means that often the "reboot" command (which uses an init script) will never work, not only that but it will hang the server and a manual power cycle or reboo........
ERROR 1045 (28000): Access denied for user 'contentmanager'@'localhost' (using password: YES)
For fun I thought I'd reset the password:
GRANT ALL ON thecontent.* TO contentmanager IDENTIFIED by 'dfdfsdfdsfsdfsd';
ERROR 1470 (HY000): String 'contentmanager' is too long for user name (should be no longer than 16)
This is ridiculous that this new version has some bizarre 16 character username limit and not only that but i........
PDOException: SQLSTATE  Access denied for user 'db_user'@'localhost' to database 'dbname' in lock_may_be_available() (line
167 of /home/user/public_html/includes/lock.inc).
The username and password were correct but some reason CPanel added the user with no permissions! Edit the user's permissions to include "All" from Cpanel or MySQL and that is the solution.........
mod_status is a great way to track down the source of high CPU usage and to find what vhost/script is the cause of it.
It gives you a live view of bandwith usage, CPU usage, and memory usage broken down by domain/vhost and script/URI.
Deny from all
telnet localhost 80
Connected to localhost).
Escape character is '^]'.
A lot of people don't know that "^" means the Control Key, so many times you can't force quite telnet without knowing that (Ctrl + C won't always work).
*Just use Ctrl + ]
Ihope this saves some time and frustration from some people.........
You need to enable the httpd daemon with monit to actually view the status and control, it's not only for the web interface since the httpd is theONLY way of controlling monit and viewing the status.
monit monitor all will also reinstate disabled services if they've timed out too much. Just restarting the service will do nothing to re-monitor a service that monit has stopped monitoring due to too many failures.
*Also note that /etc/monit.conf i........
Centos 5 Postfix and SPAMASSASSIN Tutorial
yum install spamassassin
chkconfig spamassassin on
#rewrite_header Subject [SPAM]
#5 is the least restrictive (means only the most obvious SPAM is caught. 0 is obviously the most restrictive/sensitive and would have lots of false positives
The first thing you need to remember is not to check from the same host/server itself. This is a silly mistake I made, the reason is that many mailservers and especially postfix are configured to allow relaying from the localhost/same host. If you do that you'll get a false positive.
*Make sure you test from another host/system than the mail server itself!
telnet yourmailserverhost.com 25
220 Courier (FreeBS........
Which one does the OS care about? blkid says the UUID is "787f1fa4-b010-4d77-a010-795b42884f56" while md insists its UUID is "4d96dd3b:deb5d555:7adb93cb:ce9182d9"
When in doubt, do we assume the OS takes the one from blkid?
/dev/md0: UUID="787f1fa4-b010-4d77-a010-795b42884f56" TYPE="ext3"
[root@localhost ~]# mdadm -D /dev/md0
Version : 0.90
This was unbelievable how much the Xen kernel slows things down, keep in mind both tests were done on the hostnode, one was with the Openvz-Xen hybrid kernel and the other was just OpenVZ. You can see the performance difference is nearly 300% better when not using the Xen kernel.
OpenVZ-Xen Kernel Test Results (I was wondering what was wrong/so slow with my Core i5!)
# # # # # #&n........
Apr 30 17:07:07 localhost kernel: [12265558.582378] r8169: eth0: link up
Apr 30 17:07:07 localhost NetworkManager: (eth0): carrier now ON (device state 1)
Apr 30 17:07:08 localhost kernel: [12265559.237961] r8169: eth0: link down
Apr 30 17:07:08 localhost NetworkManager: (eth0): carrier now OFF (device state 1)
Apr 30 17:07:11 localhost NetworkManager: (eth0): carrier now ON (device state 1)
This drive is clearly on the way out, the Kernel knows it but I'm surprised that SMART is not concerned. I didn't blame Seagate for their past issues until now. This hard drive has hardly been used and has not even been powered on for a year according to SMART.
Home page is http://smartmontools.sourceforge.net/
=== START OF INFORMATION SECTION ===
Model Family: Seagate Barracuda 7200.11
CREATE Database/Granting PrivilegesCREATE your first database
[code:1:0668cd8e74]CREATE database myfirstdb;
CREATE a user for your first database
This one creates the user 'sqladmin' and gives them 'usage' on your new database 'myfirstdb'
[code:1:0668cd8e74]mysql> GRANT usage on myfirstdb.* to sqladmin@localhost;
Query OK, 0 rows affected (0.00 sec)[/code:1:0668........
Updated to Version 3.8 and can't loginSSHD accepts my password but then hangs at "Last login: Wed Sep 13 21:30:02 2006 from"
This occurred during a yum update after upgrading my release, installing the new kernel and rebooting.
I got kicked out of sshd after seeing the following during yum update:
telnet 100 % done 85/476
tux 100 % done 86/476
ntsysv 100 % done 87/476
rpmdb-redhat 94 % done 88/476........
Good Linux Security Tutorialhttp://www.freeos.com/articles/2829/2/13/........
Great FreeBSD Security DOS tutorialhttp://www.onlamp.com/pub/a/bsd/2004/06/24/anti_dos.html........
RAID1 using Gmirror Tutorialhttp://www.onlamp.com/pub/a/bsd/2005/11/10/FreeBSD_Basics.html........
Load Balancing Tutorialhttp://redundancy.redundancy.org/fbsd_lb.html........
When trying to even cd or ls the mounted OCFS2 partition it crashes. Ithink this is a combination of VMWare Server's problem and the way I mounted and symlinked to it.
More than anything this shows the problem and lack of forsight with VMWare, but also that OCFS2 is easily crashed if you do strange things.
Output of /var/log/messages for OCFS2
Apr 10 15:57:45 localhost kernel: [84331.691258] Modules linked in: vmnet vmci vmmon ocfs2_stac........