Latest Server related questions

Score: 0
MarkZ avatar
Strange hash lengths in OpenLDAP
fk flag

I recently went through all the hashes stored in an LDAP instance I have access to and noticed something strange that I can't explain.

Despite all the hashes being marked as SSHA (which should be seeded SHA1), most hashes were 32 characters in length, with only a small part being 40 characters.

There's no obvious timing that would explain that newer ones are longer or anything like this.

Additionally,  ...

Score: 0
Ragavan Kalatharan avatar
Routing internet traffic via the vpn interface
cr flag

I have a wifi dongle where I have three interfaces wlan0 (default route), uvpn0(VPN interface) and usb0(interface between the host machine and the dongle).

usb0      Link encap:Ethernet  HWaddr DA:CE:84:EA:A3:E3  
          inet addr:10.0.0.1  Bcast:0.0.0.0  Mask:255.255.255.0
          inet6 addr: fe80::d8ce:84ff:feea:a3e3/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
  ...
Score: 0
robokonk avatar
proxmox - how to set recurring backup on nfs (external) disk?
cd flag

I have added an NFS backup to my Proxmox setup. From the console, I am able to view and create folders and files on /mnt/pre/backup/.

However, when I select Datacenter > Backup > Add, I only see "Local" in the Storage options, and not "Backup NFS Disk".

How can I create a recurring backup to the backup folder? Do I need to first create a backup locally and then copy/move it to /mnt/pre/backup? ...

Score: 0
MofJinB avatar
Can I use a group in a root domain to filter application of a group policy object from this root domain for a computer in a child domain?
mv flag
  • I have a root domain (root.local) with a child domain (child.root.local).

  • I have a Group Policy Object in the root domain, e.g. GPO_root

  • In the child domain I have a computer, computer_child. Is is located in the child domain in the OU child.root.local/OU_child_computers.

  • In the root domain I also have a group of the type Security / Domain Local, named computer_group_root, which contains compu ...

Score: 0
Puneet Sharma avatar
Removing First Samba AD Server from the forest
bh flag

we have 3 Samba AD servers, the oldest one (v4.1.12) is running on Centos 6.10; although we have add 2 more servers with current v4.15.13-Ubuntu and All the Roles switched over to one of them however unable to get rid of the oldest one i.e. user machines are still looking for it either pinging or joining the domain.

how can we switch the lookup to new server?

Score: 0
mxcdh avatar
proxmox / ovh ip failover and bridge
br flag

I have installed both Lubuntu Desktop and Ubuntu Server on Proxmox VMs. However, I don't have internet access on either of them.

I followed this tutorial, but I still don't have internet access: https://help.ovhcloud.com/csm/en-dedicated-servers-network-bridging?id=kb_article_view&sysparm_article=KB0043731

Currently, I have found a temporary fix, but I must redo it after every reboot:

ip link set  ...
Score: 0
Anand Babu avatar
Networking issue in subdomain for two ISP - if one fails and other up
cn flag

We have a subdomain which is connected through a ISP-A in CNAME. Through subdomain, a Program runs in a local server with ISP A. If the ISP-A is down, then program doesn't run. So we have added ISP-B through router to local server. If ISP-A is down, Local server will pickup ISP-B. Now the real problem is, We have multiple work places. Both ISP runs perfectly at local station. If ISP-A is up and which is ...

Score: 0
Laszlo avatar
Update multus configuration file
ms flag

I have the following situation: I have deployed Multus CNI on a k8s cluster which was using Calico as its network plugin. Everything went fine, I was able to have multiple interfaces in my pods. Then I wanted to change something on the Calico configuration (which is the plugin used by Multus for the cluster network). I am modifying the calico-config ConfigMap and restart the calico pods. This is gene ...

Score: 0
Abang avatar
Nginx Reverse Proxy : using self signed SSL certificate to backend server
cn flag

I need to accomplish this:

User (https using wildcard CA cert 1 year) to --> Nginx reverse proxy (https using self signed cert 10 years) to --> backend server

I'm stuck on configuring the connection from Nginx to the backend server. How to add self signed cert entry in Nginx conf? The purpose of this for easier management, just renew the CA certificate only every year.

server {
    listen 80 ...
Score: 0
Sajith Dilshan Jamal avatar
Security of Bamboo Remote Agent in Production VMs for Deployments
cl flag

Got sent from Stackoverflow to here

I have been reading the Bamboo documentation about its remote agent security specifially, and to its credit it seems very secure, but I have yet to find a specific document that answers this.

In a production environment, is it standard/best/security practise to install a Bamboo remote agent on the production VM, so that deployment plans can be executed easily?, or ...

Score: 0
How to detect when someone customizes a managed PC?
tr flag

As we have moved to Intune, we have "managed" nearly everything. Making Intune the only local administrator needed on most of our PCs.

Reaching the edges of this policy, I would like to make it possible for a technician to customize a PC. While somehow knowing which PCs may have been customized. The assumption being, any PC found to have had an administrator logon and/or elevate should be conside ...

Score: 0
Vitas avatar
enter-pssession not working over Wireguard
jp flag

I have multiple computers in a LAN and a Windows Server 2012 R2 in another city. They are all in a Wireguard VPN. I can use SMB file shares, PSexec, RDP and such things, but can't make WinRM enter-pssession work because

enter-pssession : Connecting to remote server myserver failed with the following error message : The WinRM client cannot process the request. If the authentication scheme is different fr ...

Score: 0
Nikhil Chopra avatar
Setting mysql using ansible in ubuntu remote machine
ps flag

I have written one ansible playbook for installing MySQL server in ubuntu remote machine but is not working here is the yaml code

---
- name: setting mysql in ubuntu
  hosts: web01
  become: yes
  tasks:
   - name: install mysql
     apt:
      name: mysql-server
      state: present
   - name: install python
     apt:
      name: python3-pymysql
      state: present
   - name: start & enable se ...
Score: 0
Pram avatar
Apache 2.4 i WAMP redirect from http to https not working
cy flag

I am using wamp server in windows(Apache/2.4.41 (Win64) OpenSSL/1.1.1c PHP/7.3.12). I have successfully installed SSL certs. Now https is working without any issue. But http redirection is not working.

<VirtualHost *:80>
ServerName test.com
ServerAlias www.test.com
Redirect permanent / https://test.com/

</VirtualHost>

<VirtualHost *:443>
ServerName test.com
ServerAlias www.test. ...
Score: 0
Ingram avatar
Why are "wmic diskdrive get size" and "(Get-Disk).Size" returning slightly different values?
th flag

As you can see, the following commands provide slightly different output. Why? I was expecting them to be the same. There is a 2.66MB difference between the two.

How can I get the values from "wmic diskdrive get size" in powershell? This is the value I'm needing and it's the one that appears in the MSINFO32 tool.

  • wmic diskdrive get size
  • (Get-Disk).Size
  • (Get-PhysicalDisk).Size
PS C:\Windows\system3 ...
Score: 1
Rsyslog prepend text to messages in certain facility
US flag

OS: Debian 11 Rsyslog version 8.2102 Squid version 4.13

I am attempted to remote log squid logs without going through a file. I am using the following logging line for the store log in squid.conf:

cache_store_log syslog:local:6

These store logs appear in journal, so they are skipping the standard log file as intended.

When these logs are generated, they are not meaningfully distinguishable from th ...

Score: 1
roehrijn avatar
Alpine Linux 3.17 does not mount CephFS during boot
de flag

I have configured a CephFS fuse mount in fstab on my Alpine Linux 3.17 as follows:

none /data fuse.ceph ceph.id=filer,ceph.client_mds_namespace=files,_netdev 0 0

When I issue a mount -a the filesystem is mounted properly to /data as expected. However when booting the system the filesystem is not mounted but the netmount service seems to be active:

~# rc-update add netmount boot
 * rc-update: netmount a ...
Score: 0
nginx as reverse proxy for different PHP backends
ru flag

I maintain two Debian Linux servers, A and B. A is rather old and runs a old PHP installation (5.4), while B runs a newer (7.2). Both run Apache as a web server. Server A uses PHP as a module, while server B uses PHP FPM.

What I'd like to do is to have the same domain name for both servers, eg. mydomain.com. When a visitor requests mydomain.com/pathA the response should originate from server A, w ...

Score: 2
Ishayahu avatar
Apache on debian don't redirect http to https correctly
id flag

Debian 11

config file: /etc/apache2/sites-enabled/000-default.conf

<VirtualHost *:80>
    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
    ServerName zabbix.example.ru

</VirtualHost>
<VirtualHost *:443>
    ServerName zabbix.example.ru
    DocumentRoot "/usr/share/zabbix/"
</VirtualHost>

If I open in brouser zabbix.e ...

Score: 0
T0b1a5 avatar
Is there a way of rewriting wss to https Apache 2
np flag

Hi im currently trying to find a way to switch out the protocol of a url. Im having a server wich is running fine on its own but behind a apache reverse proxy its throwing the error connection to websocket failed. The problem is that the Websocket is only locally available as wss:// through the ip of the server it gets switched to https://. Is there any way to switch it back ok a apache reverse proxy? ...

Score: 0
lordofire avatar
Does Linux tap interface support tcp segmentation on ipip network traffic
om flag

Recently I experienced an issue on running kubernetes slaves on a VM with calico ipip tunnel as the network connection protocol to interconnect the kubernetes nodes. The current symptom (with the confirmation of tcpdump) is that when a tcp traffic is initiated to the k8s slave node on VM, all the packets arrived at vmbr0 (bridge interface on VM host) with the size bigger than VM MTU are dropped and coul ...

Score: 0
Kirill Nikitin avatar
Routing decision after IPSec processing
je flag

I have a Linux box running in AWS EC2 with just one interface - eht0. This interface connected to private subnet 172.16.0.0 and has an IP 10.95.114.69 on it. All hosts from subnet are reachable from this Linux box. This box terminates IPSec tunnel with subnet 10.0.77.0 behind it. I can reach any hosts from that subnet from this Linux box and can reach that Linux box from this subnet.

The idea is  ...

Score: 2
xorinzor avatar
How do I configure a virtual server in nginx to listen only on IPv6
br flag

For my website I need effectively 3 domains:

  • example.domain: accessible via both IPv4 & IPv6
  • ipv4.example.domain: accessible via IPv4 only
  • ipv6.example.domain: accessible via IPv6 only

I tried to solve this using the following nginx config:

server {
    listen [::]:80 ipv6only=off default_server;
    listen 80 default_server;
    server_name example.domain;
}

# IPv4 only endpoint
server {
    l ...
Score: 1
asdfmoin avatar
iperf3: Multiple user Streams test does not start
mk flag

Im trying to use iperf3 to test where issues lie at a client that uses RDP to connect to our terminal-server. Their issue is that the RDP window freezes (mouse clicks mostly still go trough). Sometimes minimizing an maximizing the RDP windows helps, most times they need to disconnect and reconnect.

So im trying to use iperf3 to test both TCP and UDP protocols. As such I tried multiple tests, to s ...

Score: -1
Михаил Агафонов avatar
Route all traffic (except port 3336 and a few more) from eth0 to specific ip

How can I route all incoming traffic from eth0 interface to ip 10.8.0.5 (VPN tunnel)?

I need to forward incoming traffic except port 3666, to specific ip on ubuntu 22.04 machine.

In future list of ports that should not be routed will get bigger.

How can i do it the best way?

I have explained my situation here -> Proxy all requests from one machine to another using nginx or anything else

Score: 0
Is it possible to use OpenVPN to make a local server available publicly?
pl flag

Is it possible to use OpenVPN to make a local server available publicly, like ngrok or pagekite?

I've seen portmap.io which can make a locally running server publicly available. Meaning, I neither need to touch any network settings or have a public IP. It uses OpenVPN to achieve this.

I was wondering how they do this. I actually want to make use of OpenVPN to achieve the same thing but without portmap. ...

Score: 0
mwryl avatar
NGINX waiting 60 seconds before processing request for NodeJS application
tn flag

I have a NodeJS (ExpressJS) application containerized on Docker that is exposed through an NGINX reverse proxy also containerized on Docker. Sometimes, a request sent to NGINX takes 60 seconds before being sent to the application. In my monitoring on Sentry, I see that the server responded to the request in 600ms, but on the browser the download time is 61 seconds.

Here is my Nginx configuration



										
Score: 0
Lighttpd CGI downloads .py instead of running it
us flag

I have two CGI test scripts in lighttpd.

When I open Bash http://host/cgi-bin/test.sh URL I get a valid response from the script.

But when I open Python http://host/cgi-bin/test.py the file is downloaded in browser instead of being run by CGI module.

How can I make both Bash and Python work in CGI?

My CGI configuration in lighttpd.conf:

server.modules              = (
                                "mod ...
Score: 0
user1667906 avatar
Logging hash of signed PowerShell-Scripts
ls flag

I use signed PowerShell scripts within my infrastructure and log all PowerShell activity via Windows EventLog. Sadly it seem that windows does not log a hash or fingerprint of signed scripts or even any information about the status of a script as long as I do not prohibit unsigneds scripts from executing. I'm not quite ready to do that and had hoped to use the logging to find where unsigned scripts are  ...

Score: 0
kofifus avatar
Apache conf Listen not allowed here
cn flag

I try Apache 2.4 conf:

  Listen 443

  #if SECOND_HOST_PORT is defined and is not 443 listen on it 

  <IfDefine !SECOND_HOST_PORT>
    Define SECOND_HOST_PORT 443
  </IfDefine>

  <If "'${SECOND_HOST_PORT}' != '443'">
    Listen ${SECOND_HOST_PORT}
  </If>

But I get:

Listen not allowed here

In the line before last

What am I doing wrong ?

The Stunning Power of Questions

Much of an executive’s workday is spent asking others for information—requesting status updates from a team leader, for example, or questioning a counterpart in a tense negotiation. Yet unlike professionals such as litigators, journalists, and doctors, who are taught how to ask questions as an essential part of their training, few executives think of questioning as a skill that can be honed—or consider how their own answers to questions could make conversations more productive.

That’s a missed opportunity. Questioning is a uniquely powerful tool for unlocking value in organizations: It spurs learning and the exchange of ideas, it fuels innovation and performance improvement, it builds rapport and trust among team members. And it can mitigate business risk by uncovering unforeseen pitfalls and hazards.

For some people, questioning comes easily. Their natural inquisitiveness, emotional intelligence, and ability to read people put the ideal question on the tip of their tongue. But most of us don’t ask enough questions, nor do we pose our inquiries in an optimal way.

The good news is that by asking questions, we naturally improve our emotional intelligence, which in turn makes us better questioners—a virtuous cycle. In this article, we draw on insights from behavioral science research to explore how the way we frame questions and choose to answer our counterparts can influence the outcome of conversations. We offer guidance for choosing the best type, tone, sequence, and framing of questions and for deciding what and how much information to share to reap the most benefit from our interactions, not just for ourselves but for our organizations.