Latest Server related questions

I have a single server block that I want to offer two kinds of certificate for: one ECC and one RSA. The ECC cert is because for certain of the clients ECDSA is the only viable option in TLS 1.2 (and they don't support 1.3). The RSA cert is for widest compatibility across systems. It'd be nice to also offer EdDSA for speed, but that's not a requirement.

Per Can a server offer more than one TLS ce ...

I have a Linux Server hosting an iSCSI target. The iSCSI Initiator is a Windows 10 Desktop

When connecting with the Windows 10 Machine im unable to start MCS. (Too many connections) Windows also shows me that the max allowed connections is just 1.

On the Linux server im running a plain fileio backed iSCSI Target with 2 Portal IPs.

On the Windows Desktop I have both Portals added under the Discovery T ...

We have been receiving a large number of malicious Google Docs being shared to our users via external phishing emails and are looking for a way to prevent these from coming through our Exchange server. We have internal users who share Google Docs between one another and need to retain that functionality, while preventing Google Docs from arriving from external contacts. Has anyone figured out how to imp ...

When using the Nginx Mail Proxy feature to realize an SMTP proxy, there are several options available to configure (start)tls between the client and the proxy.

However, it appears between the proxy and the upstream SMTP server, only 'plain' SMTP is supported, and there is no way to enable either STARTTLS or regular TLS.

Can anyone confirm this? Or is there a way to securely connect (and authentica ...

I have this situation. Current VM where this nginx config is stored has a valid ssl certificate. Inside this VM is the main application app1 served in port 80. On another port 1234 another service is served app2 in a docker container. I managed to reverse proxy app2 like this

       location /app2/ {
           proxy_pass          http://127.0.0.1:1234/;

           proxy_http_version 1.1;
          ...

I am working in a VMWare environment creating a network for a college class, and I keep running into what I can only assume is a DNS error with my two CENTOS7 systems. The system environment is as follows:

Firewall system: LAN at x.x.5.2
Hostname: fw01
pfsense

Management system: LAN at x.x.5.10
Hostname: mgmt01
Windows Server version 1809
Acting as management system  for network

Workstation System: ...

I am running RHEL7, and my audit log partition randomly (not often, but often enough to annoy me) gets corrupted, preventing me from booting. How can I either prevent the partition from being corrupted, or ignore it and allow the system to continue to boot? "Sledgehammer" answers are acceptable.

Whenever the system becomes corrupted, I run a umount, followed by a xfs_repair -L, followed by a mount ...

Let me explain my scenario. I'm establishing a VPN connection from a client on the internet to an Ubuntu server (Server1) on my local network. I have a second server (server2) on my LAN, and I would like the client that is connecting to the VPN Server (Server1) to be able to reach this server (Server2). Right now I'm able to communicate between the client and Server1 without issues, but I wasn't able to ...

If I run svnlook tree -N /path I get a list of the top level folders in the SVN repo like this:

/
 tags/
 trunk/

But what I need to see is a list of the current tags. I know I can turn off -N but this then lists every single file and it is impossible to see the list of directories in /tags/

I have tried svn ls "^/tags" when I am in the repo directory and that gives the following error:

svn: E1550 ...

I have a working OpenVPN Server on a Synology NAS. All works fine if I try to connect with Tunnelblick. However, if I use the OpenVPN client on a mobile device, I can't perform any http request. My browser hangs and the request times out. The strange thing is that the VPN connection is properly established, I can even ping my the NAS and see the open ports.

How can I troubleshot this?

EDIT: it looks l ...

I created a app based on Vuejs (frontend) and Node.js/Express (backend), both have domains and they are online on web.

Inside the backend, I have some files scripts written in Python which I also had to install some external libraries (pandas, numpy, selenium...).

IN LOCALHOST:

All works fine, I installed all external libraries in venv (virtual env) and i have to execute the following commands to work wit ...

Any Solution for the following issue?

[preflight] Running pre-flight checks
    error execution phase preflight: [preflight] Some fatal errors occurred:
            [ERROR CRI]: container runtime is not running: output: time="2023-01-27T16:42:55Z" level=fatal msg="validate service connection: CRI v1 runtime API is not implemented for endpoint \"unix:///var/run/containerd/containerd.sock\": rpc erro ...

On some HP printers, when I try to import a certificate to enable HTTPS for the printer's Embedded Web Server (EWS), I get the error message "The format of the file is invalid". This happens both (1) when I have created the CSR using openssl and (2) when I use the "Create a Certificate Request" option in EWS.

Updating to the latest firmware does not help.

Example model: HP Color LaserJet MFP M477fnw ...

I want to match all subpages to parent pages, am using wordpress, will that mess up the images and wordpress files?, And I have tags and categories, and I want to exclude them from this rule.

RewriteRule ^(.*/). https://www.example.com/$1 [R=301,L]

This is the htaccess rule. Let's say I want to exclude https://example.com/year/1999,https://example.com/year/1979, etc from this rule. How do I do t ...

When I use KVM with libvirt and virtio block devices, does it propagate IO priority in some way? If the guest starts a process with ioidle priority, I want it to run only if the host is also in ioidle state. Is there an easy way to propagate the priorities?

In order to improve our security posture, we changed several dozen internal applications over to using a new username and password to access an AS400 database a few months back.

However, there is some mystery process running on a Windows Server (that hosts our main SQL Server instance) that is still hitting the AS400 with the previous username and password. AS400 logs show that the source is this ...

I have RAID5 with 4 disks on HPE dl380p with p420i controller.

now i need to convert it to RAID0.

conversion from RAIOD0 to RAID5 without reboot was simple.

ssacli ctrl slot=0 ld 1 modify raid=5

but can i convert it to raid0 back like this?

ssacli ctrl slot=0 ld 1 modify raid=0

controller is battery backed. so online conversion is available

I have a proprietary Linux distribution based on RHEL 7 and am trying to deal with the following issue. The machine has one primary network interface with two IP addresses assigned. The first one is present all the time and is static, the second one is configured by VRRP protocol. All server application listens on the static IP but I noticed that when they send replies, they use the VRRP IP when it is s ...

I've recently encountered a strange script behavior and still don't understand y the array behaves this way.

Here is a piece of the script:

for nCDATAReg in $(seq 1 4)
    do
        sTestBuffer1=$(grep -Pzoi '\/\/<\!\[CDATA\[[\s\S]*?\/\/\]\]>' $SOMEFILE | sed  -rz 's/\/\/<\!\[CDATA\[\n(.*)\/\/\]\]>/\1/g' | tr -d '\0' | sed -rz 's/InsertData\(([[:digit:]]+), [[:digit:]]+, \{(.*?)\}\)\;/\1/ ...

I am new to networking and servers and I am trying to get started by setting up a simple server in port 8000 in a remote host with python -m http.server 8000 and telnet from my local computer

I've opened port 8000 for tcp traffic and im getting the following outputs for ufw status and netstat -ntlp | grep LISTEN

Status: active

To                         Action      From
--                         -- ...

I have a DNS server hosted on Windows server 2016 and contains a lot of forward zones, unfortunately not all records have PTR records and some zones are not created, is there a way to force DNS via policy, script, or option to update DNS records to have PTR records?

Is it possible to tell dpkg to only install a .deb if the new package version is higher than what's already installed on the system?

Example:

I have htop version 3.0.5 installed and I attempt to install 3.0.4 with dpkg -i htop-3.0.4-ubuntu.deb. The behavior I want is for dpkg to abort.

I have to modify a user's UID and DN in an OpenLDAP server because of marriage. Now, I follow this example from Oracle's website: https://docs.oracle.com/cd/E22289_01/html/821-1273/adding-modifying-and-deleting-directory-data.html (under the headline "To change an RDN").

However, the user is right now associated with several LDAP groups via her UID or DN. Will ldapmodify actually change the UID/DN i ...

Just a query - we have an on-prem Windows 2012R2 server running AD with 'domain.local'. I've always added the computers to the domain using 'domain.local', however my assistant tells me that he's always added them using just 'domain' until today when it didn't work, but using 'domain.local' did.

Why would adding them as 'domain' work at all?

Thanks

I've seen many blogs talk about using a Microsoft Converter utility, but the link is gone, and apparently was retired in 2016-2017 time period. I was able to export my Oracle VBOX (Virtual Box) using "Export Appliance" to a .ova (2.0) file. I also tried a converter from StarWind, but it didn't seem to be able to take an .ova as input.

I haven't used my VBOX image (of a Windows 2019 server) for  ...

Wondering how everyone else looks at recourse utilization in AWS EC2 instances. For example, I'm trying to 'right-size' many of our over-provisioned instances to the correct instance type/performance specifications. In doing so, I've been sizing down to instance sizes that may have 80%+ memory utilization for a given workload.

The idea being that recourse utilization is different when working wit ...

I need to isntall SSH server on windows 11 using powershell. It should be a script that isntalls SSH server and logs you in and does everything untill this: ssh domain\username@servername

These are some methods I tried but unsuccessfully: (offline ofc) https://it-infra-ya.com/en/ws19-sshserver_en/#toc2 from github, with .msi file (this works but I need to strat the script from server offline and thi ...

I am trying to setup a slurm installation and I have advanced towards the e-mail stage. So far I do not receive any mails. I have a working setup using msmtp-mta and msmtp. When I batch a script the slurmctld log shows

email msg to **@**: Slurm Job_id=73 Name=example_script.sh Began, Queued time 00:00:00

But I receive nothing. To troubleshoot the issue, I wrote a small script that does nothing b ...

I am running a Parent/Child domain for a number reasons. I have a printer server that accessed the Parent domain on VLAN 2 and the Development domain on VLAN 3. The printers are on VLAN 2 and users on VLAN 2 print without a problem through the print server. For the printers users on VLAN 2 and VLAN 3 have "Print" permission. VLAN 3 computers are pushed the printers through GPO and like VLAN 2 print jobs ...

I am trying to create an iptable rule that will match multiple source ports and a single destination port. I have tried the following rule but am met with this error:

iptables -A INPUT -p udp -m multiport --sports 30000:65535 --dport 3074 -j ACCEPT
iptables v1.4.21: multiport: option "--source-ports" cannot be used together with "--destination-ports".

I saw a post similar to this one where someone ask ...