Latest Server related questions

Score: 1
Rino Bino avatar
SSH config: How to automatically execute an interactive script locally before connection?
us flag

Background:

I have a local script that needs to execute locally as a pre-requisite to making an ssh connection.

The script is already working, but currently users need to run the script, then make an ssh connection - two steps. I would like that to happen in one step.

Example script run, from the users perspective:

$ /scripts/generate-mfa-auth.sh
MFA Code: 12345
Configuring authorized_keys...
Success. Yo ...
Score: 1
RetractedRedacted avatar
Set default settings for all roles in Azure PIM
sr flag

We've just started the process of making roles eligible for assignment in Azure PIM. We have a large collection of resources, each with roles that we want to individually make a user eligible to activate. However, we want to require approval for all of these roles.

By default, there are several settings that PIM automatically puts on roles (such as not requiring approval for resource roles). Obvi ...

Score: -1
brokenPipe avatar
Send email to different port / redirecting port
kp flag

I have an email server (Dovecot) and I want to emails be sent from other servers to a different IMAP port, because I can't use the ports 465 and 993

If someone could help me doing this, I would appreciate

Correction: actually i wrote it wrong, i want the server that's sending the email (e.g.: gmail) to my server use another port instead of 465/993 to my server receive the email

Score: 0
gozu avatar
Why is there no drop-down option for selecting auto-scaling group when creating a new TCP target group?
cn flag

And bonus questions while I'm here:

Why does AWS not show which Elastic Network Interface is being used in the Load Balancer details? (at least I couldn't find it)

Why do auto-scaling groups let me select a network load balancer to associate with them instead of a target group?

Score: 2
raindropsdev avatar
Weird Printing Issue: Windows Shared Printers accessible/visible via Hostname but not via IP Address
vi flag

Since about 8-10 months ago we've been facing weird printer issues which culminated this month to a massive amount of errors that got most of the company involved, and that allowed us to identify the core issues: on some machines (~7-8%) sometimes after reboot something happens with the Print Spooler that makes it so that printers are not advertised/available via IP Address, only via hostname.

Sp ...

Score: 0
Trashcan avatar
Domain name is resolving to DC that is not accessable for VPN users
bt flag

Problem is when one (and only one) VPN user tries to resolve our domain name (xxx.local), it is resolving to a DC that is not accessible to VPN users, and not the ones that are accessible.

We have 2 sites with a point-to-point connection between them and a DC for each. VPN comes in though site A. VPN traffic is not allowed from site A to site B. When one user tries to resolves our domain name tho ...

Score: 0
Carlo avatar
NGINX SSL directory and .crt and .key files permissions
cn flag

in folder /etc/nginx/ssl/ I have public and private key for domain for wildcard SSL certificate purchased from CA and transferred as root to that folder. SSL request has made on another windows server but domain name is same on both servers. For example sub1.domain.com is on IIS and domain.com is on NGINX. Because it is wildcard SSL and only DV this should work (and it does) ?

In site config I've added ...

Score: 0
RaiseError avatar
Can Apache MirrorMaker2 run on only one server?
ir flag

I have a couple of test clusters (3 nodes in each) and I’m trying to configure them such that one runs in one country and another in another country (hypothetically).

I have read that remote consume and local produce is the pattern to follow. With that in mind I’ve spun up a MM2 instance in each location.

I configured one cluster to replicate A->B and the other B->A I.e. two one way replic ...

Score: 0
Hemendr avatar
My network profile is showing as private instead of domain profile after installing Active Directory DNS on Windows Server 2019 VMware Workstation
my flag

After installing Active Directory and DNS role on VMware Workstation with domain "mylab.local". I used NAT switch on my VM and my IpV4 settings are

enter image description here

After installation my current network profile was showing as mylab.local enter image description here

However after restarting my VM my network profile changes to private and Domain profile is not available to switch.

enter image description here

> Get-NetConnectionProfile
Name             : Network
Inte ...
Score: 0
user3637971 avatar
tcpdump file cannot be created through crontab bash file
ve flag

I have two scripts: /home/apps/backup.sh // Just invokes tcpdump.sh /home/apps/tcpdump.sh // Generate a tcpdump file

backup.sh is scheduled by crontab dialy.

backup.sh

#!/bin/sh
/home/apps/tcpdump.sh &

tcpdump.sh

#!/bin/sh
pkill tcpdump
NOWtcpDump=$(date +"%Y%m%d_%H%M%S")
tcpdump -w /var/log/tcpdump/tcpdump.$NOWtcpDump -nn -i ens40 '(dst port 8080)'

crontab -e

0 2 * * *       /home/apps/back ...
Score: 0
Use a common CloudFormation template for CF VPC vs non-CF VPC
de flag

I have an application that's been running in one region for years with a manually-configured VPC, but recently I updated the security groups to be managed by CloudFormation. The security group template referenced the VPC ID with a parameter that was passed in:

      VpcId: !Ref VpcId

When I redeployed my application to another region, I created the VPC with CloudFormation and I modified my security gr ...

Score: 0
Sash_KP avatar
Modifying/Closing Connector 9060 port from server.xml without whole appserver restart
fo flag

I have an app which listens on 9060 port. What i want to acheive is, if i remove the 9060 port from server.xml and then stop/terminate my app, 9060 port should be completely closed i.e netstat -tanp | grep 9060 - should return nothing.

Currently 9060 related connector in my server.xml looks like this,

<Connector port="9060" maxThreads="150" minSpareThreads="25" maxSpareThreads="75" enableLookups="f ...
Score: 1
How to add description to the aws security group ingress rule?
kr flag

with below aws cli command.

aws ec2 authorize-security-group-ingress --group-id sg-07b70f5d9078322f2 --protocol tcp --port 5439 --cidr 175.101.107.216/32

It is creating successfully, but can't find parameter to add description, please suggest.

description

Score: 0
sudojarvis avatar
no live upstreams while connecting to upstream
ph flag

I am trying to set up reverse proxy using nginx. The thing is i want to redirect to umami login page when go to localhost. But i am getting 502 bad gateway.I am not sure i have correctly configured the nginx. Here is my docker-compose.yml looks like:

version: '2'
services:
  nginx-proxy:
    image: nginx:latest
    container_name: nginx-proxy
    ports:
      - "80:80"
      - "443:443"
    volume ...
Score: 0
Using a variable inside an Ansible loop
cn flag

I am trying to get data from json data (below) using a loop with a variable (instead of hard coding a value). In the json data (below), 'cluster' can change therefore I cannot simply use: loop: "{{ drs_rule_jsondata.drs_rule_info.cluster }}" -- which works as I expect it would and produces the expected results.

However, when I use the play below (using vars in the loop and when {{ cluster_info.na ...

Score: 0
juwonlona avatar
how to configure passwd/pam.d to confirm new password 3 or more times when changing password with passwd
cn flag

I am looking to reconfigure my pam.d to prompt for new password confirmation 3 times when using passwd to change password.

I have tried to duplicate the unix.so line in password-auth and system-auth like this

password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok
password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok
password sufficient pam_unix.so sha ...
Score: 0
Greg Burghardt avatar
IIS 10 will not redirect HTTP to HTTPS after enabling HSTS
aw flag

I am attempting to force end users onto HTTPS when visiting our site. I have HSTS enabled in IIS at the site and application level. I have an HTTP redirect set up at the site level to https://ourdomain.com. I can visit the home page for our site and see the Strict-Transport-Security: max-age: XXXX; includeSubDomains header, but I am not getting a redirect from http://internal-hostname/ to https://o ...

Score: 0
Neil Meyer avatar
How do you do the following ftp server permissions on AWS?
ca flag

I looked trough the documentation found here. But found the explanation insufficient. I have gotten my head around creating an instance, choosing a Linux distro, installing Apache, getting ftp going and hooking up some storage space.

I just now need to get a hang of permissions. I need admin rights to the server and then any future employee needs limit privileges.

They need to be authenticated and b ...

Score: 0
Laughing Laugh wwwwwww avatar
Wireguard is not working: 'wg0' is not a WireGuard interface
hu flag

I've got an issue with wireguard. I have a debian-based VPS, and a Manjaro client. Here is my /etc/wireguard/wg0.conf of a server:

[Interface]
Address = 10.0.0.1/24
ListenPort = 194
PrivateKey = <ServerPrivateKey>
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; ipta ...
Score: 0
Alex Kous avatar
TLS error will not let me access iLO
mk flag

So I acquired a new DL380 Gen7 and am trying to access iLO.
I discovered that the iLO version is severely out of date.
It is SO out of date that no matter what I do, the webpage will not display and simply comes up with something about a TLS error:

screenshot

I know updating the iLO would help, but I cannot update, without accessing iLO, so I'm back where I started.

Does anyone know how I can fix this issue?

Score: 0
Nikki Locke avatar
How to set up OpenVPN server on Debian to route VPN traffic to the Internet
bw flag

I am setting up an OpenVPN server on Debian.

I have the server configured, and clients can connect - they are assigned IP addresses in the 10.11.22.0/24 range.

I have the following in my server.conf file:

client-to-client
status /var/log/openvpn-status.log
verb 3

server 10.11.22.0 255.255.255.0

# This ensures Internet-bound traffic to-from clients can pass through the VPN
push "redirect-gateway def1"
p ...
Score: -1
Night_prowler avatar
Windows 7 & 8.1 can't connect to strongSwan 5.9 VPN server on Ubuntu 22
vn flag

I set up VPN server on Oracle's OCI using Ubuntu 22.04 and strongSwan 5.9.5. When I tried connect from different roadwarriors, Android works good, Win10 works good even ancient Blackberry10 works good, but not for Win7 and Win8.1 laptops: they stuck on first stage:

mytestcloud charon[968]: 05[NET] received packet: from <MYIP>[500] to 10.0.0.64[500] (616 bytes)
mytestcloud charon[968]: 05[ENC] ...
Score: 0
Andrew Newby avatar
Setting up managesieve on Dovecot
in flag

I'm trying to get my head around setting up managesieved so that my users can make use of it. So far I have done:

apt-get install dovecot-sieve dovecot-managesieved

After some debugging, I found out I need to create /home/user/sieve/tmp for each user (and set as user:mail ownership).

Then I have to symlink that back to

/home/user/..dovecot.sieve /home/user/sieve/managesieve.sieve 

So far so good. Some  ...

Score: 0
user984993 avatar
locale setting for rhel7/8
gw flag

In RHEL7/8 I know we control the locale setting using localctl command and which updates the /etc/locale.conf file.

Ex :

# localectl set-locale LANG=ja_JP.utf8
# localectl set-keymap jp106
# localectl
   System Locale: LANG=ja_JP.utf8
       VC Keymap: jp106
      X11 Layout: jp

But in RHEL6 we have another file for this purpose

/etc/sysconfig/i18n

LANG=en_US.UTF-8
SUPPORTED="en_US.UTF-8:en_US:en:j ...
Score: 0
markus avatar
Registrar forwarding HTTP to HTTP, getting certificate error on some browsers
de flag

I am researching my error for some time now, and I do not seem to get a sufficient answer on my own:

I configured our Domain on our registrar to forward an URL from http://example.com to http://www.another-example.com. This another-example.com domain on their side have a forwarding from HTTP to HTTPS. So far so good. I tested it with freshly installed browsers and it seemed to work. Additionally I ...

Score: 0
Sulagna Nandi avatar
DNS records could not be found. Certificate activation will retry automatically
ch flag

Our website is down and it is showing certificate is expired. When I check the custom domain settings section in GCP, I am getting the following warning.

We have removed the records and re-added them, but showing the same warning.

enter image description here

Score: 0
Justin avatar
How to reset dnsmasq console settings?
sc flag

I'm running the RaspAP on my Raspberry pi and changed some dnsmasq settings in the terminal. Since then I can't connect to any service running at the raspberry. I want to reset the settings I made but have no clue how to do that.

The following setting should be the problem:

sudo dnsmasq --address=/#/10.3.141.1

Score: 0
Install with apt an old version of Node on Ubuntu 22.04
cn flag

I'm getting crazy installing Node 16.x on Ubuntu.

I use

curl -fsSL https://deb.nodesource.com/setup_16.x | sudo -E bash -

And then

sudo apt-get install -y nodejs

But the version installed is the 18.x

sudo apt list nodejs -a

Return me

nodejs/kinetic 18.7.0+dfsg-5ubuntu1 amd64
nodejs/unknown 16.18.1-deb-1nodesource1 amd64

How can I remove the first one?

Score: -1
SDhimar avatar
Virtual IP in Single Server
mx flag

I want to setup as below

I have two ISP with different static IP, terminated in single server with two NIC, make virtual IP for this NIC, want to bind my local web serve to this Virtual IP, so that if any ISP will fail will not affect to my webserver accessing from outside. How can I do it with Linux.

Score: 0
Matty-Server avatar
How to source NAT on Ubuntu Server when accessing from wireguard interface to access server LAN environment
gw flag

I have an Ubuntu Server 22.04 which I am accessing from wireguard interface 10.69.69.0/24, But I am having trouble accessing it's LAN environment on 10.0.0.0/24

I understand I need to do some source nat but I am not sure of the correct commands.

  • From my laptop I can ping 10.69.69.0/24 & 10.0.0.50 but not anything else on 10.0.0.0/24
  • From my server I can ping 10.69.69.0/24 and 10.0.0.0/24

I need t ...

The Stunning Power of Questions

Much of an executive’s workday is spent asking others for information—requesting status updates from a team leader, for example, or questioning a counterpart in a tense negotiation. Yet unlike professionals such as litigators, journalists, and doctors, who are taught how to ask questions as an essential part of their training, few executives think of questioning as a skill that can be honed—or consider how their own answers to questions could make conversations more productive.

That’s a missed opportunity. Questioning is a uniquely powerful tool for unlocking value in organizations: It spurs learning and the exchange of ideas, it fuels innovation and performance improvement, it builds rapport and trust among team members. And it can mitigate business risk by uncovering unforeseen pitfalls and hazards.

For some people, questioning comes easily. Their natural inquisitiveness, emotional intelligence, and ability to read people put the ideal question on the tip of their tongue. But most of us don’t ask enough questions, nor do we pose our inquiries in an optimal way.

The good news is that by asking questions, we naturally improve our emotional intelligence, which in turn makes us better questioners—a virtuous cycle. In this article, we draw on insights from behavioral science research to explore how the way we frame questions and choose to answer our counterparts can influence the outcome of conversations. We offer guidance for choosing the best type, tone, sequence, and framing of questions and for deciding what and how much information to share to reap the most benefit from our interactions, not just for ourselves but for our organizations.