• Cisco How To Use a Third Party SIP Phone (eg. Avaya, 3CX)


    Most relevant config points from my video here. 1.) Create a new End User The most important part is setting the "Digest Credentials", that is the password that the phone will use to authenticate.........
  • Abusive IP ranges blacklist


    Make sure this makes sense for you but I've started to block a lot of commercial Cloud services and easily accessible providers as they are a very high source of abusive traffic. The cost savings for a lot of organizations are huge, as you now have less bandwidth usage and less resource usage from garbage/bot/malicious traffic. This mainly works for when you can be reasonably sure that your audience has no business visiting your service(s) from freely accessible commercial IP ........
  • hostapd example configuration for high speed AC on 5GHz using WPA2


    This example is using RTL8821AU chipset from a TP-Link T2U Plus USB adapter and other similar ones should work the same. Here's how to get this chipset RTL8821AU working in Linux. Here's how to get RTL8812 and RTL8822 working in Linux.........
  • Apache Error Won't start SSL Cert Issue Solution Unable to configure verify locations for client authentication SSL Library Error: 151441510 error:0906D066:PEM routines:PEM_read_bio:bad end line SSL Library Error: 185090057 error:0B084009:x509 certif


    [Wed Nov 01 18:47:08 2023] [error] Unable to configure verify locations for client authentication [Wed Nov 01 18:47:08 2023] [error] SSL Library Error: 151441510 error:0906D066:PEM routines:PEM_read_bio:bad end line [Wed Nov 01 18:47:08 2023] [error] SSL Library Error: 185090057 error:0B084009:x509 certificate routines:X509_load_cert_crl_file:PEM lib It actually gives us a good clue that at last one component of our cert is invalid/improperl........
  • du - VAS Billing Subscriptions Hack/Scam MLPremiumSub Invascom Astromart Issues Complaint


    If you have du, you may want to check your bill, as you can read about a longstanding issue with fraudulent charges showing up and many users claiming they did not subscribe or solicit those offers. These don't normally show up on new accounts, but they seem to target established users and maybe even users they suspect are not watching their phone or bills, while they are on vacation. These charges can frighteningly happen with 0 interaction from the user despite what........
  • When is it time to leave your VPS/VDS Cloud Hosting Provider?


    When Is It Time to Leave Your VPS, VDS, and Dedicated Server Provider? Choosing the right hosting solution—be it Virtu........
  • 2024 Buyer's Guide: How to Choose and Buy the Best VPS/VDS for Your Needs - Tips and Strategies


    In today’s digital landscape, finding a reliable and secure Virtual Private Server (VPS) or Virtual Dedicated Server (VDS) goes beyond just comparing specs and prices. With increasing concerns over data privacy, security breaches, and government surveillance, the wisdom of choosing your VPS/VDS provider based on juri........
  • How To Upgrade Debian 8,9,10 to Debian 12 Bookworm


    Step 1.) Upgrade to Debian 11 first The process to go to Debian 12 is not as smooth as 11, when trying to upgrade from Debian 10. In fact, it doesn't work directly, so you'll first need to follow this guide to update to Debian 11, reboot and come back here if successful. Step 2.) Update sources.list Update your /etc/apt/sources.list like this: deb http://........
  • apache2 httpd apache server will not start [pid 22449:tid 139972160445760] AH00052: child pid 23248 exit signal Aborted (6) solution Mint Debian Ubuntu Redhat


    If you get this error, it is often because you have configured Apache with modules that weren't actually installed. Eg. you try to load the PHPmodule but didn't actually install the apache2 php module, so the server can't start. In general, this error can often be caused by issues with problematic modules and/or Apache being configured for modules that have not actually be installed (eg. libapache2-mod-php) is missing. The above results in this less than obv........
  • How To Setup Python3 in Ubuntu Docker Image for AI Deep Learning


    The issue is that Docker images are stripped down, so many tools and even python3 is missing, so you'll have to build or update the actual image yourself. I assume you have started an image with something like this and that you have the Nvidia Toolkit installed (assuming you are using GPUs). If you're not using nvidia just remove --runtime=nvidia --gpus all. docker run -it --runtime=nvidia --gpus all ubuntu bash These works for most images li........
  • How to install and configure haproxy on Linux Ubuntu Debian


    haproxy is one of the best known and widely used Open Source load balancers out there and a strong competitor to nginx. haproxy is used by many large sites per Wikipedia: HAProxy is used by a number of high-profile websites including GoDaddy, GitHub,........
  • Loaded: masked (Reason: Unit hostapd.service is masked.) Solution in Linux Debian Mint Ubuntu


    If you are getting this error from systemctl "Loaded: masked (Reason: Unit hostapd.service is masked.)" we need to unmask the service. Solution systemctl unmask hostapd Removed /etc/systemd/system/hostapd.service. It's fixed root@routerOS:/var/log# systemctl start hostapd root@routerOS:/var/log# systemctl status hostapd ● hostapd.service - Access point and authentication server for Wi-Fi and Ethern........
  • ssh Too many authentication failures not prompting for password


    If you get this error when trying to SSHto a device or machine and you never even got a password prompt: Too many authentication failures This means that either the remote side is configured for key auth only, OR your client side may be attempting to auth using mulitple keys, and that exceeds the amount of attempted authorizations on the remote ssh server. If the issue is trying to auth too many times which ssh defaults to sending the keys to, you ca........
  • Zoom Password Error 'That passcode was incorrect' - Solution Wrong Passcode Wrong Meeting Name


    Have you been given a Zoom password that the meeting owner says is correct but it doesn't work anymore or never works? If the meeting name says "Zoom Meeting" and it's not really named that (which most meetings are not), then the issue is usually that there is an initial password to be able to join, aside from the passcode. It basically means that Zoom has deauthenticated you randomly or maybe after X amount of uses, without clicking on the Join Meeting URL which contains a........
  • How To Startup and Open Remote/Local Folder/Directory in Ubuntu Linux Mint automatically upon login


    Just click on the Start Menu and go to "Startup Applications" Then click on the "Add"Button Now enter the command we need to open the folder/directory automatically using the filemanager For remote SSH host (you need pub key auth for it to open without a pa........
  • How To Create OpenVPN Server for Secure Remote Corporate Access in Linux Debian/Mint/Ubuntu with client public key authentication


    Why choose OpenVPN instead of a firewall appliance? OpenVPN can be a reliable and easy replacement for traditional hardware or just be an additional tool that your company uses so that the firewall can focus on its job rather than acting as a VPNappliance at the same time. When comparing OpenVPN with traditional firewal........
  • ssh-keygen id_rsa private key howto remove the passphrase so no password is required and no encryption is used


    The key is that you need to know the passphrase to do it, if you don't know the password for the key then you can't remove the key since it cannot be decrypted. ssh-keygen is the easiest method and openssl can be used to manually remove the key and output it to a new file, which you can then copy back over top of the encrypted file. After that your public key authentication will work without any password prompt because it is no longer encrypted. Make sure you understand........
  • Ansible Tutorial - Playbook How To Install From Scratch and Deploy LAMP + Wordpress on Remote Server


    1. Let's work from an environment where we can install Ansible on. If you are using an older version of Linux based on Mint 18 or Ubuntu 16, you may want to get the PPA and get the latest version of Ansible that way: sudo apt install gpg sudo add-apt-repository ppa:ansible/ansible sudo apt update........
  • Proxmox Update Error https://enterprise.proxmox.com/debian/pve bullseye InRelease 401 Unauthorized [IP: 144.217.225.162 443]


    Are you getting this error in Proxmox while trying to apt update or install Ceph? apt update Hit:1 http://security.debian.org bullseye-security InRelease Err:2 https://enterprise.proxmox.com/debian/pve bullseye InRelease 401 Unauthorized [IP: 144.217.225.162 443] Hit:3 http://ftp.hk.debian.org/debian bullseye InRelease ........
  • How to install Kubernetes with microk8s and deploy apps on Debian/Mint/Ubuntu Linux


    Kubernetes Easy Beginners Tutorial/Architecture Guide Kubernetes is known as container orchestration and we should start at explaining the container part of it. A Container is what runs the actual application and based on an Image, and are more comparable to something like an LXC Container, Virtuozzo/OpenVZ using the Linux Kernel Namespaces feature. Containers run these images as independent, isolated operating environments under the O........
  • Cisco Howto Configure Console Port/Terminal/Comm Server with Async Cable Setup


    This assumes that you've already installed the relevant HWIC cards eg. Cisco Asynchronous Serial NIM These are essentially cards that you install into your router, once installed you connect an Async cable to one of the ports on the card which normally gives you 8 console cables and are normally labelled 1 through 8. You connect all of the cables to the devices you need (even non-Cisco devices) whether switches, routers or firewalls, they will usually work. The real m........
  • Cisco Router Password Reset Howto Guide Solution Cannot Login /Unknown Enable Password 2600, 2800, 2900, 3900


    It is common that you may get access to undocumented equipment and need to reset the password. This applies to many Cisco routers whether 2600, 2900, 3900 etc... Cisco's Guide says to hit Ctrl +Pause/Break but if it doesn't work on some devices causing people to say "cisco password reset pause break does not work", you can see Cisco's alternative key combinations here:........
  • EFI PXE grub2 Howto guide for Linux EFI PXE Booting on Debian, Mint, Ubuntu, RHEL


    Just a quick note and warning is that if you are testing to see if EFIPXE booting works on a VM, MAKE SURE it actually works. For example Iinitially tested using my Distro's QEMU 2.5+dfsg-5ubuntu10.46 and ovmf BIOS firmware (OVMF supports EFI). However, I found on old versions of QEMU (like 2.5), EFIbooting with GRUB NEVER works so it may appear that you have made a mistake when everything is fine when you boot a physi........
  • Juniper JunOS Command Overview and Howtos Switch, Router, Firewall Tutorial Guide


    Enable "cli" mode equivalent in JunOS cli Configure Mode configure So rather than going to the console on a Cisco switch and typing "enable" and then "conf t", the equivalent in JunOS is "cli" and "configure". How Do You Apply Changes You've Made? You can make all kinds of changes to the switch, but remember they are not........
  • How To Get Started on Ubuntu with gpt-2 OpenAI Text Prediction


    apt install software-properties-common add-apt-repository ppa:deadsnakes/ppa apt update apt install python3-pip apt install python3.7 curl gnupg python3.7-dev git ln -s /usr/bin/python3.7 /usr/bin/python3 pip3 install numpy keras_preprocessing curl https://bazel.build/bazel-release.pub.gpg | sudo apt-key add - echo "deb [arch=amd64] http://storage.googleapis.com/bazel-apt stable jdk1.8" | sudo tee /etc/apt/sources.list.d/bazel........
  • Asterisk Does Not Retry When Authentication Fails


    When authentication times out that is one thing, but when it just fails like below Asterisk by default will not re-register until you the admin reload the sip or asterisk server: voipserver*CLI> sip show registry Host dnsmgr Username Refresh State&........
  • using Xvfb on virtual remote ssh server to have X graphical programs work


    The scenario here is that you have some sort of remote headless Linux server but would like to run some programs on them and get graphical access to them. The problem is that the remote server may be an image or VMwithout any virtual GPU and even if so, it is likely without KDE or Gnome, so there's no real way to do this, unless you follow our guide. Install xvfb apt install xvfb Reading package lists... D........
  • ssh Received disconnect from port 22:2: Too many authentication failures


    If you are getting this error it is usually caused by having more than 5 keys in your ".ssh" directory. It is a bit of a bug and this is how it manifests itself. You will find at this point that you are not given any chance to enter a password, or if you are using key based auth that the same thing happens. You'll also find that this is happening with ALLservers you try connecting to. The solution is to move away key pairs from .ssh so that there ar........
  • MySQL 5.7 on Debian and Ubuntu - How To Reset Root Password


    MySQL on Debian versions is configured differently than the native local MySQL plugin so you will be disappointed when your password on the mysql client fails by default. Here is how you reset the MySQL root password the proper and "working way" #first we gracefully stop mysql sudo systemctl stop mysql; #then we forcefully kill any mysqld process just in case sudo killall -9 mysqld mysqld_safe;........
  • MariaDB / MySQL Reset Root Forgotten Password on Centos 7


    mysql reset root password. Oops I can't remember my MySQL root password! [root@centos7test etc]# mysql -u root -p Enter password: ERROR 1045 (28000): Access denied for user 'root'@'localhost' (using password: YES) First we need to stop mariadb: systemctl stop mariadb Now we need to restart it with skip-grant-tables whic........
  • Centos 7 How to install Mysql/Mariadb


    yum -y install mariadb-server systemctl start mariadb mysql_secure_installation Now we need to secure our install and set the MariaDB root password: The lines you need to act on are marked in bold shown with the answer you need. mysql_secure_installation NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB SER........
  • How To Install Asterisk 16 17 on Debian Ubuntu Linux


    Downloading and compiling from source to get the latest version of Asterisk is really simple with this guide. apt install gcc make g++ libedit-dev uuid-dev libjansson-dev apt install libxml2-dev sqlite3 libsqlite3-dev wget http://downloads.asterisk.org/pub/telephony/asterisk/asterisk-16-current.tar.gz tar -zxvf asterisk-16-current.tar.gz cd asterisk-16.6.2/ ./configure If you get this error change y........
  • ImageMagick Convert PDF Not Authorized


    You'll have to edit the policy.xml file to fix this: convert -density 300 output.pdf agreement.jpg convert.im6: not authorized `output.pdf' @ error/constitute.c/ReadImage/454. convert.im6: no images defined `agreement.jpg' @ error/convert.c/ConvertImageCommand/3044. sudo vi /etc/ImageMagick*/policy.xml Change policy domain="coder" rights="no........
  • Linux Mint Mate Customize the Lock screen messages and hide username and real name


    This is a security hole in my opinion and should be plugged by editing the lock screen ui layout: vi /usr/share/mate-screensaver/lock-dialog-default.ui #find these objects and set the visible property to false object class="GtkLabel" id="note-tab-label" object class="GtkLabel" id="auth-username-label> object class="GtkLabel" id="auth-realname-label"........
  • ssh how to verify your host key / avoid MIM attacks


    SSH helps keep us secure in many ways, one of those is the host-key fingerprint which is unique. If you have been connecting to an SSH server that you've made no changes to and suddenly ssh warns that the key doesn't match then you have a problem. But how about connecting to an existing server for the first time on a new machine or client? A lot of new clients calculate it using an SHA256 hash but it is not as easy on your host machine to produce the sam........
  • How to encrypt your SSH private key file id_rsa


    ssh-keygen -p -f /path/to/your/id_rsa Enter new passphrase (empty for no passphrase): After that your rsa private key will be encrypted which is a layer of protection and security in the event that somehow someone acquires your key and tries to access servers that the key is authorized on.........
  • Cisco Unified Communications Manager 12 Install Errors on Proxmox/KVM


    The strange thing is that usually the first install or two will work on any new machine but then it suddenly won't. I had this experience on QEMU 2.13 on a different machine. There is something finicky or buggy about the CUCM installer even when choosing the same virtual hardware specs. qemu-kvm command: /usr/libexec/qemu-kvm -version QEMU PC emulator version 0.12.1 (qemu-kvm-0.12.1.2-2.506.el6_10.1), Copyright (c) 2003-2008 Fabrice Bellard ........
  • letsencrypt certbot error "Unable to find a virtual host listening on port 80 which is currently needed for Certbot to prove to the CA that you control your domain. Please add a virtual host for port 80."


    ./certbot-auto --apache certonly Saving debug log to /var/log/letsencrypt/letsencrypt.log Plugins selected: Authenticator apache, Installer apache No names were found in your configuration files. Please enter in your domain name(s) (comma and/or space separated) (Enter 'c' to cancel): yourdomain.com Obtaining a new certificate Performing the following challenges: http-01 challenge for yourdomain.com Cleaning........
  • Proxmox Breaks Storage/LVM Backing If Killing QEMU-IMG


    I tried to stop a qemu-img copy or clone and it broke everything. It was fine to "stop" it from the GUI but a process still persisted so I killed the relevant qemu-img and the kernel went crazy. It also may not have helped that I tried to lvremove a different volume (an unused disk). But either way it breaks LVM (you cannot even run lvdisplay) so a reboot is necessary. Jan 17 06:45:21 testserver kernel: [ 5680.439337] systemd-udevd D 0&nbs........
  • Debian 9 SSH root password authentication failure password not working problem / solution


    In Debian a lot of times SSH disables the root user to login by password by default. This means you will get an authentication failure as if you typed in the wrong password. The logs also indicate the password is wrong but what is often the case is in the config file Check /etc/ssh/sshd_config cat /etc/ssh/sshd_config|grep -i permitrootlogin Make sure it says: PermitRootLogin yes If not change it and restart SSH........
  • Linux wlan0 check all wireless clients


    iw dev wlan0 station dump This is very useful because it is helpful if you are running something like hostapd and need to see the signal strength and negotiated connection speed. Station ff:ff:ff:ff:ff:ff (on wlan0) inactive time: 16309 ms rx bytes: 25451 rx packets: 325 tx bytes: 44381 tx packets: 159 tx retries: 0 tx failed: 0 signal: -72 [-72] dBm signal avg: -72 [-72] dBm........
  • How Does Cisco CUCM (Cisco Unified Communication Manager) Work?


    Cisco's CUCM (Cisco Unified Communication Manager) is a system that combines voice, video, data and mobile products into a single unified management suite. At its core, the CUCMis like a "Super PBX" that controls the flow of all communications through an organization even single or multiple site deployments. Cisco's CUCMmakes communication more effective and simple through centralized management and unification of communications resources.........
  • systemd management using systemctl and journalctl to check systemd logs


    systemd is like the service manager for your Centos and other modern Linux distributions (including Debian/Mint/Ubuntu) allows you to enable services, stop them, restart them, check their status and even reboot your system. The key commands or arguments you will use with systemctl are the following: Unit Commands: list-units [PATTERN...] List loaded units &nbs........
  • Firefox An error occurred during a connection to some-ip-or-domain. SSL peer reports incorrect Message Authentication Code. Error code: SSL_ERROR_BAD_MAC_ALERT Solution


    An error occurred during a connection to some-ip-or-domain. SSL peer reports incorrect Message Authentication Code. Error code: SSL_ERROR_BAD_MAC_ALERT The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem. **Solution** Go to about:config........
  • VMWare ESXi 6.7 SSH/PowerShell CLI Commands


    [root@localhost:~] BootModuleConfig.sh echo host-ind nfcd........
  • VMWare 6.7 VCSA VSphere ESXi Management SSO Install Guide on Linux using the CLI


    #mount the VCSA DVD mount /dev/sr0 /mnt/cd #alternatively you could mount the iso directly mount -o loop vcsa.iso /your/mount/path #for this purpose we are using the CLI installer on Linux cd /mnt/cd/vcsa-cli-installer/lin64 #no it's not going to be that easy you can't just run vcsa-deploy like that you need to use a template or configured .json file ./vcsa-deploy Usage: vcsa-deploy [-h] [--version] [--supported-deploymen........
  • OpenVPN auth-user-pass-verify ENV script error


    Starting with newer versions of OpenVPN Ibelieve 2.2+ you need to have "script-security 3" set or you can't execute a third party script. Prior to that you could also use the auth-user-pass-verify like this: auth-user-pass-verify ./validate.pl "$username $password $ip" via-env Options error: the --auth-user-pass-verify directive should have at most 2 parameters. To pass a list of arguments as one of the paramete........
  • postfix errors fatal: no SASL authentication mechanisms /usr/libexec/postfix/smtpd: bad command startup -- throttling solution


    Jul 3 22:12:17mailserver postfix/smtpd[6195]: fatal: no SASL authentication mechanisms Jul 3 22:12:18mailserver postfix/master[4881]: warning: process /usr/libexec/postfix/smtpd pid 6195 exit status 1 Jul 3 22:12:18mailserver postfix/master[4881]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling This only ever happens in my experience when the authentication method is actually Dovecot. Usually the problem........
  • Prevent SSH Bruteforce and Hacks By Disabling Password Authentication


    One simple way to keep your server public but almost impossible to hack via SSHis to disable password authentication over SSH. This means the only way in is via your own private key that only you should have. Edit your /etc/ssh/sshd.conf file Set this option PasswordAuthentication no Restart your SSH server. service sshd restart ........
  • error: Could not locate RPC credentials. No authentication cookie could be found, and no rpcpassword is set in the configuration file Bitcoin Litecoin Error


    error: Could not locate RPC credentials. No authentication cookie could be found, and no rpcpassword is set in the configuration file This is usually because the .cookie file cannot be read by the user you are running Litecoin or Bitcoin client/daemon as. You can adjust the permissions of the file so that the user or group they are apart of has read permissions. ........
  • How To Create Apache htpasswd file


    This just simply outputs what you need a username and password that can be used to authenticate from .htaccess htpasswd -nb user password user:Gnb6uE9Lp4gt2 If you want to write it straight to a file htpasswd -cb /tmp/somefile.pw user password How To Use This In .htaccess AuthUserFile /tmp/somefile.pw AuthName GetLost!! AuthType B........
  • Authentication refused: bad ownership or modes for directory /home/user SSH Public Key Authentication Failed Solution


    First of all I got this error after accidentally messing up my usergroup by using usermod -G user group When I would login using SSHkeys it would fail: sshd[2020]: Authentication refused: bad ownership or modes for directory /home/one No worries, the fix is simple! chmod g-w /home/use........
  • l2tp ipsec VPN Error Sep 12 18:16:25 vps pluto[7299]: ERROR: asynchronous network error report on eth0 (sport=500) for message to 192.5.6.2 port 20640, complainant 192.5.6.2: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated


    Sep 12 18:16:25 vps pluto[7299]: ERROR: asynchronous network error report on eth0 (sport=500) for message to 192.5.6.2 port 20640, complainant 192.5.6.2: Connection refused [errno 111, origin ICMP type 3 code 3 (not authenticated)] Some say changing the "leftprotoport=17/%any" will fix this but I have not found this to be the case. Essentially it means at least one end is blocking the ipsec packets. Sometimes the %any allows an alt........
  • Disable SSH Password Authentication to Increase Security and Harden SSH Linux Unix Server Ubuntu Mint Centos Debian


    Just a note before you do this you should have a sure, guaranteed way into the system such as local, KVMor preferably publickey making bruteforce SSH absolutely impossible since there is no password to bruteforce and even if someone knew the password they wouldn't be able to login except from the local console (presumably you should make sure no one unauthorized has physical access). 1. Edit /etc/ssh/sshd_config Find the section like this:........
  • Linux Mint USB Kernel Tainted and Locked Port/Dev File


    Essentially a program I was running for mining did not terminate properly with Ctrl+C it is listed as defunct and cannot be killed, kernel is tainted and normal tricks to disable the port are impossible the dev and sys entries for the device cannot be browsed or interacted with in any form without a lockup of the request. The only solution is to reboot due to the kernel taint as far as I can find so far. [1130246.811056] INFO: task minerd:21861 blocked for more th........
  • imagemagick pdf convert error solution - **** Warning: can't process font stream, loading font by the name. Can't find CMap Identity-UTF16-H building a CIDDecoding resource. Warning: falling back to Identity ordering **** Error reading a conte


    **** Warning: can't process font stream, loading font by the name. Can't find CMap Identity-UTF16-H building a CIDDecoding resource. Warning: falling back to Identity ordering **** Error reading a content stream. The page may be incomplete. **** File did not complete the page properly and may be damaged. **** This file had errors that were repaired or ignored. ****........
  • ecryptfs errors


    ecryptfs-mount-private Enter your login passphrase: Inserted auth tok with sig [ee16d84] "into the user session keyring mount: No such file or directory" [ 156.118113] ecryptfs_mount: kern_path() failed [ 156.118431] Reading sb failed; rc = [-2] [ 164.233055] traps: mate-notificati[3472] trap int3 ip:7f43d7002c13 sp:7fff162c6600 error:0 [ 166.017061] ecryptfs_mount: kern_path() failed........
  • ENOM TRANSFER passwords do not match - solution


    The "passwords do not match" implies or makes it appear that your auth code is wrong but actually you have to click "View additional settings" and then see there are 2 password fields to manage the domain once it is transferred (the password is typed twice for confirmation). Simply fill out a password twice or remove the first password fields contents and all will be well.........
  • sshd[10470]: Authentication refused: bad ownership or modes for directory /root


    This can be a case of bad permissions or modes as the error says. Normally one would assume permissions but often a script may change ownership of /root to something else. This was the case half the time I've encountered this. So in short make sure ownership is correct chown -R root.root /root........
  • ioncube loader install howto on PHP/Centos


    Disclaimer, before starting this I do not like ioncube, it is great to protect your source code, but a big pain to setup this extension since it has to be done manually. Further, fi you do a PHPupdate ioncube may no longer work, causing important sites or services to not work (I wish authors would take another approach). 1.) Download from here:https://www.ioncube.com/loaders.php 2.) Extract the contents and co........
  • heartbeat cross talk


    I do not understand why heartbeat would try to communicate with another system not considered part of the node: heartbeat: [8280]: WARN: string2msg_ll: node [otherbox.com] failed authentication ........
  • openvpn 2.3.10-1.el6 issues auth-env does not work correctly for auth-user-pass-verify


    openvpn 2.3.10-1.el6 issues in the .conf auth-user-pass-verify "passwordcheck $username $password $untrusted_ip" via-env auth-env does not work correctly in OpenVPN 2.3: Sat Apr 23 02:30:22 2016 - $username - $untrusted_ip - login failure But OpenVPN 2.2 does work as expected. It could be that the specified script automatically receive........
  • Linux Mint/Ubuntu/Debian Window Controls Missing Solution


    If Linux Mint 17 or other has no window buttons/controls you can do the following from terminal: marco --replace& Sometimes it can be fixed if you go to your themes/appearance and choose a new one but in the case like mine where Compiz is installed but not running/working then that fix will not work and will require the marco command above. What if you can't type in a terminal Window? If you close........
  • Linux Mint/Ubuntu/Debian Dual NICs networks problem when enabling and disabling one device


    The Scenario You have dual NICs and you disable NIC1 which uses 192.168.1.1 as its gateway. With NIC2 you enable it/connect it to another network which also has the gateway 192.168.1.1 Everything will work fine at this point. When switching back to NIC1 even with NIC2 disabled and even unplugged, the OS basically can't pick up the new/updated ARP entry of the old device for 192.168.1.1 and perhaps thinks it is a security risk or spoof of some sorts and blocks i........
  • initial Main Mode message received on 192.168.5.94:500 but no connection has been authorized with policy=PSK


    If you are getting this error from Pluto/IPSEC it is almost always due to a routing or NAT issue.........
  • Firefox errors Unable to generate public/private key pair. (Error code: sec_error_keygen_fail)


    Your firefox is out of date if you get errors like below: Secure Connection Failed ........
  • Error code: ssl_error_rx_record_too_long


    An error occurred during a connection to site.com. SSL received a record that exceeded the maximum permissible length. (Error code: ssl_error_rx_record_too_long) The page you are trying to view cannot be shown because the authenticity of the received data could not be verified. Please contact the website owners to inform them of this problem. When the above happens in our experience it is a misconfiguration of........
  • The redirect URI in the request: urn:ietf:wg:oauth:2.0:oob can only be used by a Client ID for native application. It is not allowed for the 'WEB' client type.


    You need to set your application type as "Desktop" even though this would sound counterintuitive.........
  • dir2slideshow Centos rpm requirements


    yum -y install dvdauthor ffmpeg mjpegtools sox bc rpm -ivh dvd-slideshow-0.8.4-2.noarch.rpm Preparing... ########################################### [100%] 1:dvd-slideshow ########################################### [100%] /usr/bin/dir2slideshow: line 553: bc: command not f........
  • Postfix Errors & Solutions "unprivileged": bad value: "???" - bad transport type:


    Aug 25 16:43:24 evohostingtor postfix/master[19471]: fatal: /etc/postfix/master.cf: line 24: field "unprivileged": bad value: "???" Solution: I had the wrong thick dashes when c&ping (just retype them with your keyboard) Aug 25 16:47:10 mailbox postfix/master[24498]: fatal: /etc/postfix/master.cf: line 25: bad transport type: syslog_name=postfix/auth-cleanup auth-cleanup unix n - - - 0 cleanup #-o syslog_name=postfix/........
  • Postfix how to secure outgoing authenticated e-mails for privacy and hide the IP address, mailer and other things


    The most common solution is to use the /etc/postfix/header_checks but this is a big problem. Why is header_checks a problem? Because it does it to all mail whether incoming or outgoing and whether authenticated or not. We of course want as much header information for incoming as we can get for many reasons but many organizations want to secure and make their mail clients as secure as possible. I adapted this solution to the client's custom config, they are configur........
  • Asterisk iptables block bruteforce attacks howto with fail2ban


    yum -y install fail2ban vi /etc/fail2ban/jail.conf [asterisk-tcp] enabled = true filter = asterisk action = iptables-multiport[name=asterisk-tcp, port="5060,5061", protocol=tcp] sendmail-whois[name=Asterisk, dest=you@example.com, sender=fail2ban@example.com] logpath = /var/log/asterisk/messages maxret........
  • MySQL DELETE all but specific items or records howto


    DELETE FROM `wp_comments` WHERE NOT comment_author_email IN ('user@hotmail.com','another@hotmail.com') The above is an example of specific records you type out, but you could also base it on a subquery.........
  • Delete all comments from wordpress (in case of extreme SPAM)


    *Note this will delete all comments indiscriminately. DELETE FROM `wp_comments` To delete all but save specific comments based on "author e-mail use the following". Add more e-mails below in the same format if you have more. DELETE FROM `wp_comments` WHERE NOT comment_author_email IN ('user@hotmail.com','another@hotmail.com')........
  • LSI MegaRAID Adventures, Guide and HowTo


    LSi Megaraid At first it was configured as a RAID 0, then I deleted the Virtual Disk Group. I thought both drives would be shown and detected in Linux as sda and sdb but it actually shows nothing. To make them work you have to hit Ctrl+R before the system boots (when prompted) and create a Virtual Disk Group. In my case I created each one as RAID 0 (with a single drive only) as I just wanted JBOD but there is no such option or default in these Dell Pe........
  • pxe-32 tftp open timeout


    pxe-32 tftp open timeout The solution was to enable tftp in xinetd with "chkconfig tftp on". See the troubleshooting below: chkconfig --list NetworkManager 0:off 1:off 2:off 3:off 4:off 5:off 6:off acpid 0:off&n........
  • SSH Can't Login/Hang


    Client Log OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to 192.168.1.253 [192.168.1.253] port 22. debug1: Connection established. debug1: permanently_set_uid: 0/0 debug1: identity file /root/.ssh/identity type -1 debug1: identity file /root/.ssh/id_rsa type 1 debug1: identity file /root/.ssh/id_d........
  • Directadmin Log File Locations


    This is a handy link and list of all the relevant Directadmin log files and related servers. http://help.directadmin.com/item.php?id=11 DirectAdmin: /var/log/directadmin/error.log /var/log/directadmin/errortaskq.log /var/log/directadmin/system.log /var/log/directadmin/security.log Apache:........
  • How to log all PHP based E-mails for abuse


    Step #1 - Create Wrapper Script vi /usr/local/bin/phpsendmail #!/usr/bin/php ........
  • Setup PXE Boot using Centos and dhcpd, tftp and syslinux


    This is something I often setup for clients because it's very helpful for people in datacenters, this allows custom OS installs on demand, you can customize it more by using kickstart etc.. but here's a base I use before customizing more: This little script below will install everything you need to get booting by PXE Linux. It also assumes you set a local IP (be sure not to overwrite your existing IP) on eth0:0 (note the :0) as 192.168.1.10 and it........
  • Disable SELinux How To Tutorial Solution


    Here is a quick script that works on most Centos versions to disable the virus/SELinux from blocking basic functionality. The first echo 0 statement disables SELinux instantly but it will still be enabled on reboot. The second line disables it permanently. #!/bin/bash #disable SELinux Immediately echo 0 > /selinux/enforce #disable SELinux Permanently sed -i 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config........
  • Linux/Centos how to block SSH bruteforce/dictionary attacks automatically with denyhosts


    A lot of people become nervous (and understandably so) when checking their auth or security logs, in Centos /var/log/secure and see dozens, hundreds of even thousands of attempted logins to various services, especially SSH. Of course you could manually block these people/IPs but no one has time to read the logs like that, what if some program or script could do it for you? This is what denyhosts does for you, it checks the logs and based on a certain number of failed SSH attem........
  • MySQL Authentication fails after Upgrade to Version 5.5


    ERROR 1045 (28000): Access denied for user 'contentmanager'@'localhost' (using password: YES) For fun I thought I'd reset the password: GRANT ALL ON thecontent.* TO contentmanager IDENTIFIED by 'dfdfsdfdsfsdfsd'; ERROR 1470 (HY000): String 'contentmanager' is too long for user name (should be no longer than 16) This is ridiculous that this new version has some bizarre 16 character username limit and not only that but i........
  • SSH error slow login debug1: An invalid name was supplied Cannot determine realm for numeric host address - Solution


    debug1: An invalid name was supplied Cannot determine realm for numeric host address debug1: Local version string SSH-2.0-OpenSSH_4.3p2 Debian-9etch3 debug1: An invalid name was supplied Cannot determine realm for numeric host address debug1: An invalid name was supplied A parameter was malformed Validation error Solution, disable auth from the ssh client (this is a client side error)........
  • LOG: MAIN PANIC failed to expand condition "${if eq {$authenticated_id}{}{0}{${if eq {$sender_address}{$local_part@$domain}{0}{${if match{$received_protocol}{N^e?smtps?a$N}{${perl{checkbx_autowhitelist}{$authenticated_id}}}{${if eq{$received_prot


    I experienced this with CPanel's Exim after an auto-update (a Google of this error produces lots of complaints with few clear solutions). In this case I'll put the solution at the top. Run /scripts/buildeximconf to rebuild the Exim config and it should be fine after that. mail -vs "from test" user@dest.com < .bash_history LOG: MAIN cwd=/root 4 args: send-mail -i -v user@dest.com LOG: MAIN &........
  • vino crashed/stopped working, restart vino manually without rebooting


    The normal solution would be as follows: export DISPLAY=:0.0 /usr/lib/vino/vino-server & But what happens if that doesn't work? I haven't been able to find much documentation about how to find the list of displays and how their numbering works in Xorg. Sometimes you'll get this error when trying to restart vino: Cannot open display: For some reason my display is not on 0.0........
  • encrypt bash scripts to hide source code


    http://www.datsi.fi.upm.es/~frosal/ SHC is a program written by the author above that does just that, it's a great little tool to have. Some have said it isn't exactly encrypting the code but just making it hard to read by obfuscating the code. There was also a good discussion about that here:........
  • Enable SPAMASSASSIN on Postfix in 5 minutes


    Centos 5 Postfix and SPAMASSASSIN Tutorial yum install spamassassin chkconfig spamassassin on vi /etc/mail/spamassassin/local.cf ############## #required_hits 5 #report_safe 0 #rewrite_header Subject [SPAM] #5 is the least restrictive (means only the most obvious SPAM is caught. 0 is obviously the most restrictive/sensitive and would have lots of false positives require........
  • Thunderbird/MBOX to IMAP/Maildir migration done easy with mb2md


    Convert MBOX Mail files into Maildir using Linux *You need perl an the TimeDate module Get the free Perl script mb2md from the project/author's site: wget http://batleth.sapienti-sat.org/projects/mb2md/mb2md-3.20.pl.gz gunzip mb2md-3.20.pl.gz #remember you need timedate or you'll get this error: ./mb2md-3.20.pl Can't locate........
  • sshd[9217]: Authentication refused: bad ownership or modes for file /root/.ssh/authorized_keys


    sshd[9217]: Authentication refused: bad ownership or modes for file /root/.ssh/authorized_keys I made sure the entire .ssh subdir is owned by the user root (this is root's account); chown -R root.root .ssh chmod 600 .ssh/authorized_keys but it still doesn't work and gives me the same message sshd[7339]: Authentication refused: bad ownership or modes for directory /root chmod 700 /root........
  • Postfix Enable SSL/TLS with your certificate


    Create Cert & Key: openssl req -new -x509 -nodes -days 1530 -out server.crt -keyout server.key mkdir /etc/mailssl chmod 700 /etc/mailssl cp server.* /etc/mailssl Postfix SSL config Edit /etc/postfix/main.cf: #SSL stuff smtpd_tls_cert_file = /etc/mailssl/server.crt smtpd_tls_key_file = /etc/mailssl/server.key To make smtps w........
  • named/bind cannot find zone file, load zone files without specifying full directory path/loading master file genuine.com.zone: file not found


    genuine.com/IN: loading master file genuine.com.zone: file not found _default/genuine.com/IN: file not found I always found it silly that no one really talks about this and apparently many like me and even control panels like Plesk were still using hard paths. I always thought "why can't I just specify the name of the zone file and have bind find it". Surely the default search path must be /var/named or somewhere else but there is no such thing.........
  • Installing Webmin & Enabling SSL


    Webmin Setup Centos 5: wget http://downloads.sourceforge.net/project/webadmin/webmin/1.530/webmin-1.530-1.noarch.rpm?r=http%3A%2F%2Fwww.webmin.com%2Fstandard.html&ts=1294339690&use_mirror=surfnet [1] 24229 [2] 24230 [root@host ~]# --2011-01-06 21:48:20-- http://downloads.sourceforge.net/project/webadmin/webmin/1.530/webmin-1.530-1.noarch.rpm?r=http%3A%2F%2Fwww.webmin.com%2Fstandard.html Resolving downloads.sourceforge.net... 216.34.181.........
  • yum in Centos 5/Xen halts and exits suddenly


    yum exits in the middle The problem is this VPS seems to be an OpenVZ template from HyperVM. The only way to make it work was to disable i386 packages since this was an x64 kernel. That shouldn't be necessary but it was the only way to make yum stop quitting after the first package or two. I couldn't find any issue by checking the logs either. echo y|yum install vim-minimal telnet expect jwhois net-tools slocate iptables elinks gawk L........
  • Linux Burn MP3 CD On the Fly using


    I finally decided to look into some utils that did this, and the first one I found is "mp3burn". It is unbelievable simple and perfect. *2017-11 update and mp3burn is still available in standard repos such as Ubuntu 14/16 so this is a current and working project. Just install the package and it gets all required libraries to convert and then burn's on the fly. And you won't believe how simple it is. I just want to a directory that had the MP3's I wanted t........
  • FUSE/Curlftpfs mount ftp account as drive partition in Linux


    This is a great way to use your ftp server space, for example on your web hosting account (althoughI believe many hosts don't allow storage like this), but if you have a VPS/Dedicated Server etc.., this would be perfect. Imagine how easy it is to work with an ftp account that you can just mount as a normal partition or directory in Linux, it would be great for backups etc.. Name curlftpfs - mount a ftp host as a local directory Synopsis........
  • SSH Automatic/Passwordless Logon - Setup Public Key Encryption In Single Command


    This is a very simple solution, but most guides out there make you login twice (once to scp the key) and once to put the key in authorized_keys. There's no need for that. If you don't already have a ~/.ssh/id_rsa.pub just type "ssh-keygen -t rsa" and keep hitting enter until it's done :) Just use this code to easily enable passwordless login with SSHD key=`cat ~/.ssh/id_rsa.pub`;ssh user@192.168.5.25 "echo $key >> ~/.ssh/auth........
  • tar gzip: stdout: File too large - Error Size Limit on Large file > 17GB


    The folder I was trying to archive is about 72GB, but much like rsync at about 17GB it chokes because of the filesize. What's with so many common and essential Linux tools having such limitations? I guess it is likely that the authors never wrote their code with the idea that files would be so large but it's still very annoying. It's important to stay on top of these limitations on production servers because I didn't realize what happened until I checked the file with "........
  • Compaq V2405CA Laptop - Unixbench Performance Test


    Here are the results, it is Sempron 3000+ AMD Mobile, 500Gig HDD, 512MB RAM with shared ATI Radeon graphics. # # # # # # # ##### ###### # # #### # # # # ## # # # #&nb........
  • PHP cannot access /usr/bin/openssl


    PHP cannot access /usr/bin/opensslI have verified the username that runs the process is able to access /usr/bin/openssl and it does exist but the PHP script is saying it doesn't exist: [code:1:1fd0f3abbe] if (!file_exists($OPENSSL)) { //echo "ERROR: OPENSSL $OPENSSL not foundn"; }[/code:1:1fd0f3abbe] I don't get itI can clearly see the contents of /usr/bin by using the PHP system fu........
  • SSH automatic login without password


    SSH automatic login without passwordlocal> ssh-keygen -t rsa -f .ssh/id_rsa -t is the encryption type -f tells where to store the public/private key pairs. In this case, the .ssh directory on home is being used A password will be asked; leave this part blank, just pressing Now, go the .ssh directory, and you will find two new files: id_dsa and id_dsa.pub. The last one is the public part. Now, copy the public key to the serv........
  • Need identd for port 113 ? Install authd


    Need identd for port 113 ? Install authdyum install authd Happy identing :)Actually it's not that simple. It installs as an "xinetd" service and is disabled and turned off by deafult. To enable it run: [code:1:8c94df8319] chkconfig --level 3 auth on service xinetd restart [/code:1:8c94df8319] This will set identd aka authd to start by default. service xinetd resta........
  • SSH Public Key Authentication (Login Without Passwords)


    SSH Public Key Authentication (Login Without Passwords)I've gone over this before but just a quick note! the "authorized_keys" file in ~/.ssh must be chmodded to "600" or public key authentication won't work. I guess it's kind of a security/failsafe feature that I've seen on all Linux and Unix OS's........
  • MySQL Server 3.23 won't start after switching from 4.1


    MySQL Server 3.23 won't start after switching from 4.1I was using a 4.1 alpha version of mysql-server and some how version 3.23 of the client and 4.1 of the client were also both installed! So I forced uninstalled everything because after trying and trying even though MySQL server was using the short 16byte password authentication I got some other errors. After trying with the ports and having it fail because I had existing database data I force installe........
  • PHPBB Drop All Tables


    PHPBB Drop All TablesSQL Syntax: [quote:75acd496c1]drop table phpbb_auth_access, phpbb_banlist, phpbb_categories, phpbb_config, phpbb_confirm, phpbb_disallow, phpbb_forum_prune, phpbb_forums, phpbb_groups, phpbb_posts, phpbb_posts_text, phpbb_privmsgs, phpbb_privmsgs_text, phpbb_ranks, phpbb_search_results, phpbb_search_wordlist, phpbb_search_wordmatch, phpbb_sessions, phpbb_smilies, phpbb_themes, phpbb_themes_name, phpbb_topics, phpbb_topics_watch, phpbb_user_group, p........
  • auth/auth_util.c:make_server_info_sam(840) User nobody in passdb, but getpwnam() fails! - SAMBA/SMB Error How To Fix


    auth/auth_util.c:make_server_info_sam(840) User nobody in passdb, but getpwnam() fails! I never found the solution to this in the web, as usual so Ithought I'd post the fix. In plain English smbd is telling us that the user "nobody" does not exist in /etc/passwd. You can simply add this to your /etc/passwd file like so: nobody:x:65534:65534:nobody:/nonexistent:/sbin/nologin Now SAMBA/smbd should........
  • MySQL Error "ERROR 1045 (28000): Access denied for user"


    This happened with a select statement which writes the result to an external file. I didn't remember the privilege "FILE" must be granted on *.* for this to work successfully, it wasn't actually an authentication issue as it implies since I was already in the SQL prompt and doing the query. SELECT some_id FROM sometable INTO OUTFILE '/tmp/result.txt'........
  • Linux/Unix Open SSH Login Without Password Key Exchange including Debian, Redhat, Fedora, Ubuntu, BSD etc..


    In those 4 simple commands you can setup mutual key exchange between two sshservers by using a single login shell session and single window. *Just change the IP address examples of (10.10.0.2) to the target of your mutual key exchange. It doesn't matter if the server is on a LANor WAN(well unless the server is behind a firewall and you cannot SSHinto it).........
  • MySQL Restoring And Dumping/Backing UP MySQL Data/Tables/Databases


    Backing MySQL Databases Backing Up/Dumping All Mysql Databases To A Single File mysqldump --all-databases -u admin -p > allmysqldatabases.sql The "-all-databases" clause is pretty obvious isn't it? It means that it will backup all databases. The "-u admin" means login using the user "admin", if you h........
  • iPhone Backgrounder Adds True and Real iPhone multitasking on jailbroken phones


    Apple crippled the iPhone by not allowing multi-tasking of the non-primary apps. I use SSH a lot and I don't want to close my session just to check my e-mail, etc, now an app found in Cydia called "Backgrounder" allows just that. Although it's not perfect, we installed the correct one for "3.x" iPhones and hit "Reload SpringBoard" and the hour/circle glass has just been going for minutes. It seems like it installed fine even with the crash t........
  • iPhone 3GS Jailbreak Information & Benefits


    Truly, the only way to unleash the capabilities and customization abilities of iPhone are to jailbreak, it's not just for hackers anymore. A few days ago someone by the named of "geohot" released a single click application called "purplera1n", which does the entire operation smoothly and seamlessly. In our case, the first time it went as far as "done, wait for reboot" on our Windows machine and for minutes we waited and saw the pic on the iPhone w........
  • Using a Mac OSX DMG Image in Windows and Converting to Standard ISO Format use dmg2iso


    The dmg format is silly and annoying to work with, why couldn't Apple stick with the .iso standard? Anyway, there's an excellent Linux and Windows based tool to convert it back to a normal .iso Image called dmg2iso I'll only cover theLinux version although the Windows pre-built binary works the same way. Download dmg2iso here for free (from the author's website) It's just silly and doesn't make sense that Ubuntu doe........
  • SSH Slow Login even with SSHD UseDNS no parameter


    Icouldn't understand why on one system it took a few minutes to get the SSHlogin prompt when connecting to other systems. The other systems all had the UseDNS parameter set to no, which almost always resolves the login prompt delay. The reason is Ubuntu and perhaps Debian and other distributions /etc/nsswitch.conf file Edit yours to have the "hosts" line like so (notice that files and dns are the primary resolution choice........
  • Samba SMB Error - Server not using user level security and no password supplied. tree connect failed: NT_STATUS_WRONG_PASSWORD


    Server not using user level security and no password supplied. tree connect failed: NT_STATUS_WRONG_PASSWORD That happens when trying to use smbclient to connect to a share. The weird thing is that I can authnenticate just fine from Windows XP. It is partially my mistake, I forgot this share does have a password. I've tried authenticating with the correct user and also with "Guest" because this works in Windows. In Linux I ........
  • Viewing and Connecting to an SMB Samba Share on Windows/Linux/Unix


    This will give you the basic info needed to browse and connect to Samba shares from the command line. From the GUI of Gnome or KDE etc, it is pretty standard and straight forward. However, I've found very little guides on how to do it from the command line and if you're like me, a nerd who prefers command line for its simplicity and for remote use, this is the way to go. First get a list of all the Samba/SMB shares on the target. smbclient -L hostname........
  • Latest Articles

  • python mysql install error: /bin/sh: 1: mysql_config: not found /bin/sh: 1: mariadb_config: not found /bin/sh: 1: mysql_config: not found mysql_config --version
  • FreePBX 17 How To Add a Trunk
  • Docker Container Onboot Policy - How to make sure a container is always running
  • FreePBX 17 How To Add Phones / Extensions and Register
  • Warning: The driver descriptor says the physical block size is 2048 bytes, but Linux says it is 512 bytes. solution
  • Cisco How To Use a Third Party SIP Phone (eg. Avaya, 3CX)
  • Cisco Unified Communication Manager (CUCM) - How To Add Phones
  • pptp / pptpd not working in DD-WRT iptables / router
  • systemd-journald high memory usage solution
  • How to Install FreePBX 17 in Linux Debian Ubuntu Mint Guide
  • How To Install Cisco's CUCM (Cisco Unified Communication Manager) 12 Guide
  • Linux Ubuntu Redhat How To Extract Images from PDF
  • Linux and Windows Dual Boot Issue NIC Won't work After Booting Windows
  • Cisco CME How To Enable ACD hunt groups
  • How to install gns3 on Linux Ubuntu Mint
  • How to convert audio for Asterisk .wav format
  • Using Cisco CME Router with Asterisk as a dial-peer
  • Cisco CME How To Configure SIP Trunk VOIP
  • Virtualbox host Only Network Error Failed to save host network interface parameter - Cannot change gateway IP of host only network
  • Cisco CME and C7200 Router Testing and Learning Environment on Ubuntu 20+ Setup Tutorial Guide