Latest Server related questions

Im trying to setup a cluster autoscaler. after following docs and trying from this thread to do one , i wasn't able to create one.

Created a Cluster using kops cli

 kops create cluster --name=pavan.k8s.local --zones=us-east-1a --cloud=aws --master-size=t2.medium --node-size=t2.medium

Replaced the created node with a new node of these configurations

apiVersion: kops.k8s.io/v1alpha2
kind: InstanceGro ...

I'm looking for a way to open a proxy server on Windows or Linux which is bound to a client of OpenVPN or L2TP or PPTP, so the user that is connecting to the proxy is gonna connect to the VPN server and the host (proxy server) whatever it's Linux or Windows shouldn't route any traffic to the VPN client excpet the ones coming and going from proxy side.

user <---> proxy server <---> openv ...

I installed jenkins on ubuntu it is successfully installed. But while i access through browser by using IP_Address:8080 it shows site can't be reached shows. i tried sudo ufw allow 8080 and sudo ufw enable but it can't work

ubuntu@ip-172-31-32-61:~$ sudo ufw status

Status: active


To                         Action      From

--                         ------      ----

8080                        ...

I’m trying to configure public key + TOTP-based 2FA based ssh on a server. The setup works perfectly, however I’m curious to know how exactly the configuration works.

This is what /etc/pam.d/sshd looks like.

#%PAM-1.0
auth       required     pam_sepermit.so
# auth       substack     password-auth
auth       include      postlogin
# Used with polkit to reauthorize users in remote sessions
-auth  ...

ERROR! conflicting action statements: hosts, tasks

The error appears to be in '/home/a899444/aerospike-ansible/roles/java_install/tasks/main.yml': line 1, column 3, but may be elsewhere in the file depending on the exact syntax problem.

The offending line appears to be:

- name: Java installation
 ^ here

- name: Java installation
  hosts: remote_server
  become: true
  tasks:
    - name: Downlo ...

I am looking into building something like a "VPN satellite device". Basically a Linux box, that can be used in any typically home network. It should obtain a DHCP lease, connect to a vpn server, and then forward/DNAT/SNAT certain ports to an address within the vpn. So, basically, it provides certain services that are hosted within the vpn, as if they were hosted on the satellite device.

First question: ...

I am new here so this is my first day with a very confusing Quistion so please help me to understand it Properly. Expert Advise Required

My Quastion is :

I have a dell PowerEDGE Server With Intel Scalable CPU 24 Cores and 64GB RAM on it, if i install KVM Hypervisor (Ubuntu Or Rocky Linux) in that hardware so can KVM Supports All the Cores or any limitation is there and if Support all the core so how ...

I'm trying to suid a shell and it's not working. I need help understanding why, and how to fix it...

I'm following these steps (as root)

cp /usr/bin/bash /usr/bin/bash-emergency
chmod 4755 /usr/bin/bash-emergency

bash-emergency is owned by root:root

I would expect that this should execute bash-emergency as root, resulting in a root shell

I know all the reasons not to do this. This is in a lab. su  ...

I am able to setup a samba shares shared among 400 users on ubuntu 20 as file server. As a part of policy after any user have completed his/her work they disconnect from share. The problem arises for some users who share computers. For these users the user who started the computer is able to login to samba successfully but subsequent users cannot login the share without reboot. All these computers run o ...

Server is running Windows 2008R2. Drive failed and reported degraded, but restarted and OS loaded. The good drive is a copy from 5/2021 almost 8 months ago.

Is it possible the drive stopped copying data on 5/21? The failed drive could it still have data from after that date? We boot up the old drive with the controller and it shows a config error.

Yes, we have a backup using wbadmin, but the OS  ...

I'm trying to setup VMware UAG load balanced with Nginx. I keep getting this error,

nginx: [emerg] "stream" directive is not allowed here.

I'm not sure what I am doing wrong. I am in no way a developer so please excuse my ignorance. Thanks in advance Here's my config:

stream {
    upstream vdi_ssl {
        hash $remote_addr;
        server uag-01.example.com:443;
        server uag-02.example.com:443 ...

If I use a SIP provider that uses SIP REGISTER for connections (instead of using an IP address), the outgoing registration originating from my side opens a connection to the SIP provider, and they use that same connection to send calls to me. I don't have to do any port forwarding, and I don't have to allow any incoming connections through the firewall.

I'm not asking if that is recommended. I a ...

Im following an RHCSA training course and to disable root I need to set PermitRootLogin to no in the /etc/ssh/sshd_config file and restart sshd using systemctl. I've done all this and can still login as root. Can anyone tell me what to do? Thanks.

Output of ps:

root         836       1  0 14:36 ?        00:00:00 sshd: /usr/sbin/sshd -D [listener] 0 of 10-100 startups
root        3929    2956  0 15: ...

I just installed Alma 9.1 on my homelab, and I've attempted to install samba everything seems to work okay locally. Im able to run smbclient -U user -W SAMBA -L //192.168.0.254 and list all the available shares, but im not able to run this command from another linux computer on the same network. I am able to ssh between these machines, suggesting that there shouldn't be a problem with my networking e ...

I am trying to transfer all the incoming data in my server to another server

In other words, I want to create a tunnel.

i use this command in ubuntu: ssh -o GatewayPorts=true -L 80:0.0.0.0:80 [email protected]

But i Get this error: ssh: connect to host 157.90.166.71 port 22: Connection timed out

I have another question, what is the best and fastest way to tunnel between servers? (Pay attention that I w ...

We have a list of CIDR's

1.10.10.0/24
5.154.0.0/16
5.181.219.0/24
23.90.68.0/24
31.40.214.0/24

I want to check if a IP for example : 23.90.68.56 belongs to any of the above CIDR's. If yes then we get the output of that CIDR.

According the above example the output should be 23.90.68.0/24

I tried using grepcidr but I do not know how can we output that specific CIDR's

I am creating a bash script for thi ...

I have a client with a 2019 Standard Windows Server and a Windows 10 Pro desktop. Server has a network share \server\programshare.

Most times when opening a program in the share from the client, we experience severely degraded load times.

I used Process Monitor to analyze when it's slow vs when it's fast and noticed the culprit may be when Windows attempts to access a .mun file from \server\SystemRe ...

I am trying to create this policy through AWS web console instead of terraform. But getting error as in below screen.

Please suggest

I want to backup a few folders with duplicity and exclude the rest using a --include-globbing-filelist. Let's say to make it simple I want to backup /first and /second but not /third or any other (new) folders that may be in /.

My filelist looks like this:

+ /first
+ /second
- /

and I run duplicity with duplicity --include-globbing-filelist my_filelist.txt / file:///backup-location/

Of course, I exc ...

NGINX newb here. I'm running NGINX via a SWAG container and have TLS enabled for my server using a Let's Encrypt cert.

What I'm trying to do is proxy https://plantuml.mydomain.com to https://plantuml.com. I've tried multiple variations and followed multiple guides, but thus far have been unable to get this configuration to work.

A few of the pages I've tried to follow:

• https://docs.nginx.com/nginx/adm ...

I set up MediaWiki in my /var/www/html under the folder w/ and I'm trying to recreate the functionality of another wiki that uses root FQDN/ but I am having no success in trying to replicate the behavior with nginx configs

my current nginx is config:

server {
    listen 80;
    listen [::]:80 ipv6only=on;

    server_name domain.wiki www.domain.wiki;

    location / {
        return 301 https://$host$r ...

We are finding that using AWS file storage (EFS or EBS using GP2 or GP3) from an EC2 instance is very slow when doing simultaneous reads. Here's an example:

I'm reading 30 binary files into memory, totaling 46 MB.

Doing this once takes about 16 ms. However, if I spawn 8 parallel processes on the same EC2 instance, each reading different sets of 30 binary files, each one takes an average of 105 ms ( ...

I have 2 servers A and B I've configured my server A with NGINX and a website. I want to reverse proxy all the traffic that is coming to my server A with the /path1/ to my server B's domain with /ptah2/.

my server A NGINX config:

    server {
        listen 443 ssl http2;
        listen [::]:443 ssl http2;
        ssl_certificate       /ssl/certificate.crt;
        ssl_certificate_key   /ssl/privk ...

After updating GKE to version 1.23.1400 it started showing the error resource.labels.containerName: sidecar-injector-webhook Error: failed to start patch cert loop the server could not find the requested resource

I can get salt to let me run keytool this way:

salt [host] cmd.run shell=powershell '& "$JRE_HOME/bin/keytool.exe" --help'

But I can't figure out how to put this into a state file. A straightforward translation fails saying "& was unexpected at this time".

cmd.run:
 - shell: powershell
 - name: '& "$JRE_HOME/bin/keytool.exe" --help'

I've tried dozens of variations on this, but have yet t ...

I have a vSphere Tanzu license already available in my vCenter Server. Now I want to assign that license to a Supervisor Cluster. It works through the vSphere Webclient manually, but I need to do it programmatically in an IaC context.

I already tried it with the community.vmware.vcenter_license Ansible module and the cluster_name parameter, but that gives me the following error:

Could not assign "XXXXX-XX ...

We've noticed an issue with our HR system where users request leave, this approval is sent to their manager, and when their manager clicks the link to approve it they see an error saying that the leave is already approved... That seems to be because Outlook sends a GET request to the HR system's approval URI in order to check whether the link is maliscious; but in doing so it approves the employee's lea ...

I have a bsic tomacat 8.5 fresh setup, I went through documentaion as well as some threads here such as How to access tomcat manager gui from another machine? and others and all confirm the same solution which is not working on my fedora box (of course every time I update a file I restart tomcat) I have added necessary details in tomcat users file as follows

also updated context.xml to accept any I ...

I would like to deploy P12 certificate (for OpenVPN) to Windws Certificate Store, to be more precise to LocalMachine\Personal. The reason is the certificate will be protected at least by local admin password. 

Of course I can do it manually. It is easy to double click on the P12 file, provide local admin credentials and go through wizzard to its end. Then I can see the certificate in LocalMachin ...

How can I drop the first SYN packet (or the first SYN/ACK reply) received by my server?

I have a test VPS set up to capture and analyze malicious traffic directed to non-standard TCP ports, for example attacks on sshd running on a high port. Using BGP, an IPv4 /23 is routed to the VPS. With the nftables rules below, connection attempts to any port 20000-60000 are redirected to SSHD.

flush rules ...