Latest Server related questions

Is there a way in the AWS to list all AWS keys (ids only of course) of all users in the account?

I'm trying to track down some keys that I don't know who/what they belong to.

I have running a web application on a hosted web server. The web application needs to send out emails to different client email adresses.

The flow would be :

Local WebApplication -> Local Postfix SMTP Server(Port 25) -> Forward Email to Any Remote SMTP Server depending to the Recipient Email Adreee (via STARTTLS Port 587)

How to configure the local Postfix to receive the local Emails from Web Appli ...

In Godaddy I have a domain example1.com and www.example1.com with valid A record to my Centos 7 server's IP.

I 've created hostnames for that domain, ns1.example1.com, ns2.example1.com with the same server IP.

I have another doamin example2.com in Godaddy in which I want to use the custom nameservers. So I put in the nameserver field ns1.example1.com and ns2.example1.com.

In my server's named.conf

My Wireguard setup randomly stopped working yesterday and I don't know how to trace the source of the problem. I inspected the traffic with Wireshark and it shows that the traffic gets sent from the local peer to the server, but never gets back. SSH and Ping still work while the VPN is active, but everything else gets rejected. I have the configurations attached in the links below:

Server config: ...

I have created a local DNS server using BIND9. It is just a simple DNS server that forwards queries to 1.1.1.1. When I use this as the only manual DNS server on my iOS device, it works fine. However when I add a secondary DNS server such as 8.8.8.8 as a failover, the secondary server always gets preferred. I read that this could be because of iOS preferring servers that support DoH/DoT, but could this a ...

First time using salt stack.

I configured salt stack on three virtual box machines. All three machines are set up as bridged networks. Centos7(Master), Centos7(minion), Ubuntu(minion). On the master, I installed the update using:

sudo rpm --import https://repo.saltproject.io/salt/py3/redhat/7/x86_64/SALT-PROJECT-GPG-PUBKEY-2023.pub curl -fsSL https://repo.saltproject.io/salt/py3/redhat/7/x86_64/latest.r ...

On Debian 12, I somehow managed to delete most of /etc (using rclone sync, still have to figure out what went wrong).

I can no longer run sudo or su as root, which complicates things.

I do have a backup but as it was made using rclone sync to a pCloudDrive, owner, group and permissions are missing. I know realise I should probably better create a tar of /etc before copying it to pCloud but that is  ...

It is possible to add the DHCP option 82 in DHCP client of mikrotik router?

mikrotik default DHCP options

I want to add the Agent-Circuit-ID and Agent-Remote-ID from DHCP client option of mikrotik router.

I am using a self-signed certificate which is working fine when using Chrome or Edge. Both browsers show that the connection is secure and that the certificate is valid.

An application using the WinInet-API to access the same website, however, fails with ERROR_INTERNET_SEC_CERT_REVOKED (12170) and the error message:

The security certificate for this site has been revoked. This site should not be  ...

This is likely a very trivial issue answered multiple times but my knowledge is not enough to recognize/implement.

Problem:

• I can connect to my self-hosted wireguard server and access admin panel from outside. I can also use the VPN to access services within my home network. I however don't have access to the internet when I am connected via VPN. This worked before and something went wrong after reboot  ...

I am using debian 12 as a submission server. I cant get it to work as described. Here is my doveconf -n:

auth_mechanisms = plain login
disable_plaintext_auth = no
mail_location = maildir:/home/vmail/%d/%n
mail_privileged_group = vmail
namespace inbox {
  inbox = yes
  location =
  mailbox Drafts {
    special_use = \Drafts
  }
  mailbox Junk {
    special_use = \Junk
  }
  mailbox Sent {
    specia ...

I have fail2ban running on my server and I have three programs running: sshd, sshd-ddos and runcloud-agent. There are no error messages but when I recently restarted my server, I got an email message saying sshd and runcloud-agent are running, I did not get a message for sshd-ddos saying it was running.

Here's my jail.local config file:

[DEFAULT]
ignoreip = 127.0.0.1/8
bantime = 3153600000
maxretry =  ...

Good day, I am trying to follow this DNS server setup tutorial

Here's what I was hoping to setup

win10 | 192.168.1.247

ns1 | 192.168.1.203

mint | 192.168.1.183

domain: nyc3.example.com

my named-checkconf returns correctly, but when I try to run $systemctl start named, I cannot start it.

$systemctl status named.service - l

named.service - Berkeley Internet Name Domain (DNS)
   Loaded: loaded (/usr/lib/sys ...

Following https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/storage_administration_guide/vdo-quick-start

I am able to setup/configure VDO.

I am unable to find any documentation for moving the physical disk (created/configured through VDO on a server) to another server.

Basically used LVM to create volumes on top of VDO Disk. Now have moved the disk to another server (which ha ...

I set up my own webserver and installed some user-generated ssl certificates, however, now, when I visit the site (using https), Chrome displays the error message

NET::ERR_CERT_AUTHORITY_INVALID

What can I do?

I am attempting to adjust my deployment scripts to access a server behind a newly established gateway that I've configured. The gateway currently is accepting traffic from the internet correctly and the server behind the gateway currently is only accessible through the gateway.

I've configured https traffic to correctly flow through the gateway. But right now, ssh connections to the internal serv ...

Symptom: The first attempt at connecting to a TCP service (https, ftp, or ssh) fails. The second attempt succeeds Subsequent connections will work until there is a 15 minute period of inactivity, in which case the next connection will fail again. Upon inspection of packets on both sides, the client seems to log a TCP 3 way handshake for the first connection followed by a reset. The server logs no packet ...

I need an open source SSO tool integrated with Nginx like authelia. It must be able to manage users' access to different sites. For example, the "s.com" domain is protected by SSO. This domain has four sub-domains named "a","b","c", and "d". Also, two users X and Y are the clients of these sites. After authentication, user X should only be able to access the sub-domains "a" and "b" , and user Y should o ...

before that, i've hosted some websites from my synology nas. But now, i need to create a mailserver. 've installed iredmail on ubuntu server, and created a new Nginx server ( on other hw) for the reverse proxy.

I can reach the roundcube from outside ( so the proxy is working correctly), but i cant log-in. I'am getting the following error from outside of the network:

"Invalid request! No data was sav ...

I need an advice about the following scenario:

• IoT devices are sending UDP packets to a 18.04 Ubuntu server environment (HOST1) on port 1234.
• HOST1 processes the UDP packets as per the internal configuration
• I need to: Duplicate/mirror those incoming UDP packets from HOST1 to another external server (HOST2) after they are processed by HOST1

Is this possible to achieve using iptables?

1. This comman ...

I have around 6 Ips and 6 email addresses I want to make sure that every email address uses the Ip that I allow it to send email I added this command in the end of main.cf sender dependent default transport maps

care@    smtp:192.236.11
care1@    smtp:192.236
care2@    smtp:192.236
care3@    smtp:192.236
care4@    smtp:192.236
care5@    smtp:192.236

But now the email is being sent back to me I am gett ...

I have tried to install the dashboard service for my test-used OpenStack instance following the offical guidance. When I tried to visit the URL provided in the installation document, an error with code of 403 was encountered.

The content of white page: Forbidden You don't have permission to access this resource.

I checked the error log of the Apache service of controller node. Becuase I refresh  ...

Referring to an instructional book, I am setting up an EC2 instance on AWS using an IAM role.

However, when I try to access the URL using the EC2 instance's public IP address, I am unable to establish a connection.

URL: http://(public IPv4 address)/aws-sample

I followed these steps:

1. Configured IAM Roles
2. Created a Security Group
3. Created the EC2 Instance
4. My process for creating the EC2 instance:
    ...

1. Which NUC mini PC supports Total Memory Encryption - TME and its extension?

2. And TXT vs SGX vs TME ? Confusing among these.

I find latest mini PC does not support SGX and only Trusted Execution Technology TXT.

3. Is TXT equal Encryption in use?

4. Is TME equal Encryption in use?

5. I find only Windows 11 22H2 has TME support. But intel specification can not be found?

6. VMware support SGX, how about TME ...

I have been trying to host a dynamic Flask website which includes Machine Learning on AWS ElasticBeanstalk. The success message "Environment has succesfully launched" is displayed.

However, in the "environment overview" section the health status is still "No data". When I clicked on the "View causes" link. The following is obtained: "Instance has not sent any data since launch." (The running time ...

I have configured some websites in IIS on my Windows VPS. When I am accessing this subdomain installer.app-wards.com from the server, it's going to the wwwroot folder from Default Web site instead of the physical path I have configured for the web site.

Result when I access http://installer.app-wards.com/ from the server (it should display "Working" instead). Sorry the server is in French

Default ...

I have a fresh Debian 12 installed and updated. Along with Cockpit and Cockpit virtual machines.

I am getting the following errors and warning when looking at the log section in Cockpit:

Failed to open file '/sys/kernel/security/apparmor/profiles': Permission denied libvirtd

Failed to read AppArmor profiles list '/sys/kernel/security/apparmor/profiles': Permission denied libvirtd

Failed to open fi ...

We're having an issue with our ISP where 75% of our outgoing IP packets are lost to the ether. Incoming packets are totally unaffected, and we assume we're not being throttled because we can send massive bursts of UDP packets without seeing an increase in the dropped packet ratio.

The ISP has been exceptionally slow (weeks) in fixing the issue, and we need to implement a workaround on our end unt ...

The AKS docs mention that 3 nodes are recommended in Production for System Node Pool.

What is the rationale behind this?

Does the fact that the cluster is a private cluster change anything in the recommendation?

I've no experience deploying domain services from Azure/Intune, just plenty of experience with an on-prem domain controller.

I have a client here who has an azure tenant, O365 and a domain setup. I'm trying to deploy identity management/domain services and join 8 laptops to the domain.

The problem I'm having is I can't seem to figure out how this works? Everything I read states that I need to be sig ...