SSH helps keep us secure in many ways, one of those is the host-key fingerprint which is unique. If you have been connecting to an SSH server that you've made no changes to and suddenly ssh warns that the key doesn't match then you have a problem.
But how about connecting to an existing server for the first time on a new machine or client?
A lot of new clients calculate it using an SHA256 hash but it is not as easy on your host machine to produce the sam........
Install Errors on Version 12:
This error happened on QEMU emulator version 2.11.1 pve-qemu-kvm_2.11.1-5
on Proxmox/Debian but installing on QEMU.12 on Centos 6 did not produce the error.
*Update it is not related to the OS or QEMU version. This happened in Centos 6 too after a second install.
What really causes this even though you successfully install........
The strange thing is that usually the first install or two will work on any new machine but then it suddenly won't. I had this experience on QEMU 2.13 on a different machine. There is something finicky or buggy about the CUCM installer even when choosing the same virtual hardware specs.
QEMU PC emulator version 0.12.1 (qemu-kvm-0.12.1.2-2.506.el6_10.1), Copyright (c) 2003-2008 Fabrice Bellard
The reason for not being able to read one of these dreaded/ fillable "XFA" forms is because no Linux PDF reader that I'm aware of supports them. Part of this reasoning is for security. It is really silly, they should ban these XFA forms or at least replace the Please Wait with the non-fillable version.
Download Adobe Reader 9.5 for Linux from here:
This is the solution but only so much, at least for me I was able to view th........
--2018-08-16 05:11:16-- https://downloads.linux.hpe.com/repo/spp/rhel/6/x86_64/current/CP017004.scexe
Resolving downloads.linux.hpe.com (downloads.linux.hpe.com)... 188.8.131.52
Connecting to downloads.linux.hpe.com (downloads.linux.hpe.com)|184.108.40.206|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1525561 (1.5........
The main issue is it looks like Java is not configured to accept the invalid ssl cert that is coming from the download location.
Exception in thread "main" java.lang.RuntimeException: javax.net.ssl.SSLException: java.security.ProviderException: java.security.InvalidKeyException: EC parameters error
sign_and_send_pubkey: signing failed: agent refused operation
This happens when you don't manually add your ssh key with ssh-add it is some weird new feature in SSH or Ubuntu/Debian that causes this weird problem.
Identity added: /home/user/.ssh/id_rsa (/home/user/.ssh/id_rsa)........
yum -y install samba
mkdir syslinux;cd syslinux;unzip syslinux-6.03.zip
mkdir -p /tftpboot/libs/
cp bios/com32/modules/linux.c32 /tftpboot/libs/
cp bios/com32/libutil/libutil.c32 /tftpboot/libs/
cp bios/com32/lib/libcom32.c32 /tftpboot/libs/
#add lib path
echo "PATH libs" >> /tftpboot/pxeli........
W: GPG error: http://archive.debian.org squeeze Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY AED4B06F473041FA NO_PUBKEY 64481591B98321F9
No clue how to fix this.........
Just a note before you do this you should have a sure, guaranteed way into the system such as local, KVMor preferably publickey making bruteforce SSH absolutely impossible since there is no password to bruteforce and even if someone knew the password they wouldn't be able to login except from the local console (presumably you should make sure no one unauthorized has physical access).
1. Edit /etc/ssh/sshd_config
Find the section like this:........
When using the .sh script the rendering doesn't work after an upgrade of related packages to kdenlive.
kdenlive (kdenlive:amd64 (4:17.04.1+git201705191233~ubuntu16.04.1)) with affine or composite transitions was fine but is now broken during the time of transition it is just a white screen.
The previous version was fine:
But now I can't find it or install it:........
Still looking for the solution
Working Solution 2017/07
sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys D46F45428842CE5E
gpg --keyserver hkp://subkeys.pgp.net --recv-keys D46F45428842CE5E
gpg: requesting key 8842CE5E from hkp server subkeys.pgp.net
gpg: keyserver timed out
**** Warning: can't process font stream, loading font by the name.
Can't find CMap Identity-UTF16-H building a CIDDecoding resource.
Warning: falling back to Identity ordering
**** Error reading a content stream. The page may be incomplete.
**** File did not complete the page properly and may be damaged.
**** This file had errors that were repaired or ignored.
For the first two entries comment out #mirrorlist and uncomment #baseurl and then it worked
openvz yum problem Centos 6.5 cannot find file on mirror:
Loaded plugins: fastestmirror
Determining fastest mirrors
* openvz-kernel-rhel6: mirrors.ustc.edu.cn
* openvz-utils: mirrors.ustc.edu.cn
This is basically caused by upgrading PHPto a new version like 5.4 when you had 5.2 before and an old version of Joomla. The only solution is to upgrade Joomla or downgrade PHP, both of which can be a pain.
Strict Standards: Non-static method JLoader::import() should not be called statically in /home/userdir/public_html/libraries/joomla/import.php on line 29
Strict Standards: Non-static method JLoader::register() should not be ca........
Current Direct stable URL from Fedora: https://fedoraproject.org/wiki/Windows_Virtio_Drivers
Direct Downoad of Stable Virtio: https://fedorap........
Visit the above URL, choose your version and architecture and install it. EPELhas a lot of missing and extra packages that rpmforge does not.
For Centos 5
#update EPEL for Centos 5 is now archived and not really supported but can be downloaed from here:........
Basically it's usually because your Cpanel has new IPs and the old IPs it knows are no longer available/working/valid.
The solution is to change the site's IP but you may run into issues for various reasons. Here is what I encountered below.
It redirects there even though public_html is empty and doesn't have any index or htaccess redirect.
This issue happened after a CPanel migration, the site is bein........
This is useful for developing a lot of applications, I'm putting it here to keep it handy for myself and hopefully others:
Choose CountryCanadaJapanUnited StatesUnited KingdomAfghanistan........
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 192.168.1.253 [192.168.1.253] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/identity type -1
debug1: identity file /root/.ssh/id_rsa type 1
debug1: identity file /root/.ssh/id_d........
This may sound silly but there will be conflicts/issues with the default Centos repository so you have to use a third party like remi (I prefer not to do this but it's the only option unless you migrate your sites/data to another server or can stand some downtime-not an option IMHOon a production server).
You may need to upgrade to PHP5.3 to run Joomla or many other reasons.
Your host needs to use PHP 5.2.4 or higher to run this version of Jo........
PDOException: SQLSTATE  Access denied for user 'db_user'@'localhost' to database 'dbname' in lock_may_be_available() (line
167 of /home/user/public_html/includes/lock.inc).
The username and password were correct but some reason CPanel added the user with no permissions! Edit the user's permissions to include "All" from Cpanel or MySQL and that is the solution.........
It's weird because I have a nearly identical box and setup and I can update the ovzkernel-PAE* just fine but on this box it doesn't work.
I only get this error with the openvz.repo and not others such as Centos-Base.repo
With my other server it works normally:
Setting up Update Process
--> Running transaction check
---> Package ovzkernel-PAE.i686 0:2.6.18-238.12.1.el5.0........
One thing to note about DNS servers and providers is that they aren't always trustworthy, not even if they're Google or your favorite ISP. Any DNS server can compromise your privacy, and they are likely tracking your browsing habits and keeping logs of it. Sometimes it's for Marketing/Research purposes such as Google's GMail service which they admit is scraped/datamined. I would expect nothing less from their DNS service.
The other danger with such widely used and pu........
Disable OpenWhois RBL (it is dead/defunct/no longer active):
You might see this in your headers
2.4 DNS_FROM_OPENWHOIS RBL: Envelope sender listed in bl.open-whois.org
comment out this inside /usr/share/spamassassin/72_active.cf
header DNS_FROM_OPENWHOIS eva........
I've only used it on Centos, soI thought I'd make a quick Debian guide:
Install the DRBD Package
apt-get install drbd8-utils
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages were automatically installed and are no longer required:
Use 'apt-get autoremove' to remove them.
After an upgrade wine wouldn't open anything, not even the pre-installed notepad.
There are no wine logs and nothing is mentioned in any standard log file about why.
I finally decided to run wine from the shell and see what's going on:
wine client error:0: version mismatch 398/402.
Your wineserver binary was not upgraded correctly,
or you have an older one somewhere in your PATH.
Or maybe the wrong wineserver is still running?........
For a standalone system the solution is simple, just use the same version of Windows a copy a good version of:
C:windowsSecurityDatabasesecedit.sdb from another computer.
Then you should be able to login again without getting the nasty message "Local policy does not permit you to log on interactively."
Of course you will probably need a way of accessing the filesystem off-line in order to get to it such as a Linux boot disc.
This is a very simple solution, but most guides out there make you login twice (once to scp the key) and once to put the key in authorized_keys. There's no need for that.
If you don't already have a ~/.ssh/id_rsa.pub just type "ssh-keygen -t rsa" and keep hitting enter until it's done :)
Just use this code to easily enable passwordless login with SSHD
key=`cat ~/.ssh/id_rsa.pub`;ssh email@example.com "echo $key >> ~/.ssh/auth........
SSH automatic login without passwordlocal> ssh-keygen -t rsa -f .ssh/id_rsa
-t is the encryption type
-f tells where to store the public/private key pairs. In this case, the .ssh directory on home is being used
A password will be asked; leave this part blank, just pressing
Now, go the .ssh directory, and you will find two new files: id_dsa and id_dsa.pub. The last one is the public part. Now, copy the public key to the serv........
Updating yum repos for DAG /etc/yum.repos.dIn /etc/yum.repos.d
[quote:96456b2ab9]Create any file such as "CentOS-Dag.repo" in /etc/yum.repos.d[/quote:96456b2ab9]
Add the following to the above file:
name=Dag RPM Repository For Red Hat Enterprise Linux
Tutorials on port upgradesnice to see a FreeBSD forum
Great FreeBSD Security DOS tutorialhttp://www.onlamp.com/pub/a/bsd/2004/06/24/anti_dos.html........
RAID1 using Gmirror Tutorialhttp://www.onlamp.com/pub/a/bsd/2005/11/10/FreeBSD_Basics.html........
Package managementIf you're like me and often like using an older version you'll need to know this.
Since all 5.x versions no longer have packages of their own you'll have to use the 5-stable
The best way is to set the [b:d5e8972240]packagesite environment variable[/b:d5e8972240] like so in your [b:d5e8972240].profile [/b:d5e8972240]file
Other Security Web SitesSeveral websites actively track security issues. This list provides you with the major providers
of security information on the Web. Many of these organizations also provide newsletters and
mailings to announce changes or security threats:
Center for Education and Research in Information Assurance and Security (CERIAS)
CERIAS is an industry-sponsored center at Purdue University that is focused on technology and
Clustering LinksI thought this might be interesting for people with spare time.
[b:6423c19973]Great clustering article from Linux Mag[/b:6423c19973]
[b:6423c19973]General Linux cluster information[/b:6423c19973]
In those 4 simple commands you can setup mutual key exchange between two sshservers by using a single login shell session and single window.
*Just change the IP address examples of (10.10.0.2) to the target of your mutual key exchange. It doesn't matter if the server is on a LANor WAN(well unless the server is behind a firewall and you cannot SSHinto it).........