Background:

I have a local script that needs to execute locally as a pre-requisite to making an ssh connection.

The script is already working, but currently users need to run the script, then make an ssh connection - two steps. I would like that to happen in one step.

Example script run, from the users perspective:

$ /scripts/generate-mfa-auth.sh
MFA Code: 12345
Configuring authorized_keys...
Success. Yo ...

We've just started the process of making roles eligible for assignment in Azure PIM. We have a large collection of resources, each with roles that we want to individually make a user eligible to activate. However, we want to require approval for all of these roles.

By default, there are several settings that PIM automatically puts on roles (such as not requiring approval for resource roles). Obvi ...

I have an email server (Dovecot) and I want to emails be sent from other servers to a different IMAP port, because I can't use the ports 465 and 993

If someone could help me doing this, I would appreciate

Correction: actually i wrote it wrong, i want the server that's sending the email (e.g.: gmail) to my server use another port instead of 465/993 to my server receive the email

And bonus questions while I'm here:

Why does AWS not show which Elastic Network Interface is being used in the Load Balancer details? (at least I couldn't find it)

Why do auto-scaling groups let me select a network load balancer to associate with them instead of a target group?

Since about 8-10 months ago we've been facing weird printer issues which culminated this month to a massive amount of errors that got most of the company involved, and that allowed us to identify the core issues: on some machines (~7-8%) sometimes after reboot something happens with the Print Spooler that makes it so that printers are not advertised/available via IP Address, only via hostname.

Sp ...

Problem is when one (and only one) VPN user tries to resolve our domain name (xxx.local), it is resolving to a DC that is not accessible to VPN users, and not the ones that are accessible.

We have 2 sites with a point-to-point connection between them and a DC for each. VPN comes in though site A. VPN traffic is not allowed from site A to site B. When one user tries to resolves our domain name tho ...

in folder /etc/nginx/ssl/ I have public and private key for domain for wildcard SSL certificate purchased from CA and transferred as root to that folder. SSL request has made on another windows server but domain name is same on both servers. For example sub1.domain.com is on IIS and domain.com is on NGINX. Because it is wildcard SSL and only DV this should work (and it does) ?

In site config I've added ...

I have a couple of test clusters (3 nodes in each) and I’m trying to configure them such that one runs in one country and another in another country (hypothetically).

I have read that remote consume and local produce is the pattern to follow. With that in mind I’ve spun up a MM2 instance in each location.

I configured one cluster to replicate A->B and the other B->A I.e. two one way replic ...

After installing Active Directory and DNS role on VMware Workstation with domain "mylab.local". I used NAT switch on my VM and my IpV4 settings are

After installation my current network profile was showing as mylab.local

However after restarting my VM my network profile changes to private and Domain profile is not available to switch.

> Get-NetConnectionProfile
Name             : Network
Inte ...

I have two scripts: /home/apps/backup.sh // Just invokes tcpdump.sh /home/apps/tcpdump.sh // Generate a tcpdump file

backup.sh is scheduled by crontab dialy.

backup.sh

#!/bin/sh
/home/apps/tcpdump.sh &

tcpdump.sh

#!/bin/sh
pkill tcpdump
NOWtcpDump=$(date +"%Y%m%d_%H%M%S")
tcpdump -w /var/log/tcpdump/tcpdump.$NOWtcpDump -nn -i ens40 '(dst port 8080)'

crontab -e

0 2 * * *       /home/apps/back ...

I have an application that's been running in one region for years with a manually-configured VPC, but recently I updated the security groups to be managed by CloudFormation. The security group template referenced the VPC ID with a parameter that was passed in:

      VpcId: !Ref VpcId

When I redeployed my application to another region, I created the VPC with CloudFormation and I modified my security gr ...

I have an app which listens on 9060 port. What i want to acheive is, if i remove the 9060 port from server.xml and then stop/terminate my app, 9060 port should be completely closed i.e netstat -tanp | grep 9060 - should return nothing.

Currently 9060 related connector in my server.xml looks like this,

<Connector port="9060" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="f ...

with below aws cli command.

aws ec2 authorize-security-group-ingress --group-id sg-07b70f5d9078322f2 --protocol tcp --port 5439 --cidr 175.101.107.216/32

It is creating successfully, but can't find parameter to add description, please suggest.

I am trying to set up reverse proxy using nginx. The thing is i want to redirect to umami login page when go to localhost. But i am getting 502 bad gateway.I am not sure i have correctly configured the nginx. Here is my docker-compose.yml looks like:

version: '2'
services:
  nginx-proxy:
    image: nginx:latest
    container_name: nginx-proxy
    ports:
      - "80:80"
      - "443:443"
    volume ...

I am trying to get data from json data (below) using a loop with a variable (instead of hard coding a value). In the json data (below), 'cluster' can change therefore I cannot simply use: loop: "{{ drs_rule_jsondata.drs_rule_info.cluster }}" -- which works as I expect it would and produces the expected results.

However, when I use the play below (using vars in the loop and when {{ cluster_info.na ...

I am looking to reconfigure my pam.d to prompt for new password confirmation 3 times when using passwd to change password.

I have tried to duplicate the unix.so line in password-auth and system-auth like this

password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok
password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok
password sufficient pam_unix.so sha ...

I am attempting to force end users onto HTTPS when visiting our site. I have HSTS enabled in IIS at the site and application level. I have an HTTP redirect set up at the site level to https://ourdomain.com. I can visit the home page for our site and see the Strict-Transport-Security: max-age: XXXX; includeSubDomains header, but I am not getting a redirect from http://internal-hostname/ to https://o ...

I looked trough the documentation found here. But found the explanation insufficient. I have gotten my head around creating an instance, choosing a Linux distro, installing Apache, getting ftp going and hooking up some storage space.

I just now need to get a hang of permissions. I need admin rights to the server and then any future employee needs limit privileges.

They need to be authenticated and b ...

I've got an issue with wireguard. I have a debian-based VPS, and a Manjaro client. Here is my /etc/wireguard/wg0.conf of a server:

[Interface]
Address = 10.0.0.1/24
ListenPort = 194
PrivateKey = <ServerPrivateKey>
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; ipta ...

So I acquired a new DL380 Gen7 and am trying to access iLO.
I discovered that the iLO version is severely out of date.
It is SO out of date that no matter what I do, the webpage will not display and simply comes up with something about a TLS error:

I know updating the iLO would help, but I cannot update, without accessing iLO, so I'm back where I started.

Does anyone know how I can fix this issue?

I am setting up an OpenVPN server on Debian.

I have the server configured, and clients can connect - they are assigned IP addresses in the 10.11.22.0/24 range.

I have the following in my server.conf file:

client-to-client
status /var/log/openvpn-status.log
verb 3

server 10.11.22.0 255.255.255.0

# This ensures Internet-bound traffic to-from clients can pass through the VPN
push "redirect-gateway def1"
p ...

I set up VPN server on Oracle's OCI using Ubuntu 22.04 and strongSwan 5.9.5. When I tried connect from different roadwarriors, Android works good, Win10 works good even ancient Blackberry10 works good, but not for Win7 and Win8.1 laptops: they stuck on first stage:

mytestcloud charon[968]: 05[NET] received packet: from <MYIP>[500] to 10.0.0.64[500] (616 bytes)
mytestcloud charon[968]: 05[ENC] ...

I'm trying to get my head around setting up managesieved so that my users can make use of it. So far I have done:

apt-get install dovecot-sieve dovecot-managesieved

After some debugging, I found out I need to create /home/user/sieve/tmp for each user (and set as user:mail ownership).

Then I have to symlink that back to

/home/user/..dovecot.sieve /home/user/sieve/managesieve.sieve 

So far so good. Some  ...

In RHEL7/8 I know we control the locale setting using localctl command and which updates the /etc/locale.conf file.

Ex :

# localectl set-locale LANG=ja_JP.utf8
# localectl set-keymap jp106
# localectl
   System Locale: LANG=ja_JP.utf8
       VC Keymap: jp106
      X11 Layout: jp

But in RHEL6 we have another file for this purpose

/etc/sysconfig/i18n

LANG=en_US.UTF-8
SUPPORTED="en_US.UTF-8:en_US:en:j ...

I am researching my error for some time now, and I do not seem to get a sufficient answer on my own:

I configured our Domain on our registrar to forward an URL from http://example.com to http://www.another-example.com. This another-example.com domain on their side have a forwarding from HTTP to HTTPS. So far so good. I tested it with freshly installed browsers and it seemed to work. Additionally I ...

Our website is down and it is showing certificate is expired. When I check the custom domain settings section in GCP, I am getting the following warning.

We have removed the records and re-added them, but showing the same warning.

enter image description here

I'm running the RaspAP on my Raspberry pi and changed some dnsmasq settings in the terminal. Since then I can't connect to any service running at the raspberry. I want to reset the settings I made but have no clue how to do that.

The following setting should be the problem:

sudo dnsmasq --address=/#/10.3.141.1

I'm getting crazy installing Node 16.x on Ubuntu.

I use

curl -fsSL https://deb.nodesource.com/setup_16.x | sudo -E bash -

And then

sudo apt-get install -y nodejs

But the version installed is the 18.x

sudo apt list nodejs -a

Return me

nodejs/kinetic 18.7.0+dfsg-5ubuntu1 amd64
nodejs/unknown 16.18.1-deb-1nodesource1 amd64

How can I remove the first one?

I want to setup as below

I have two ISP with different static IP, terminated in single server with two NIC, make virtual IP for this NIC, want to bind my local web serve to this Virtual IP, so that if any ISP will fail will not affect to my webserver accessing from outside. How can I do it with Linux.

I have an Ubuntu Server 22.04 which I am accessing from wireguard interface 10.69.69.0/24, But I am having trouble accessing it's LAN environment on 10.0.0.0/24

I understand I need to do some source nat but I am not sure of the correct commands.

• From my laptop I can ping 10.69.69.0/24 & 10.0.0.50 but not anything else on 10.0.0.0/24
• From my server I can ping 10.69.69.0/24 and 10.0.0.0/24

I need t ...