Latest Server related questions

I have 3 servers:

• Server #1 runs among other things a MongoDB database
• Server #2 runs some apps that connect to server #1's mongodb, everything works fine
• Server #3 is a new server where more apps will connect to server #1's mongodb

My issue is with server #3, i am trying to get the app to connect to server #1's mongo without success. I've been looking at server #2 for reference and trying to repli ...

I have always preferred POP over IMAP and am increasingly finding that the various mail services I use don't seem to offer it. I just don't need to save my sent mail remotely and prefer to delete mail on the server after a few weeks. I don't run any email servers myself so don't really know what goes on internally, only know as much as either using an all-in-one mail server or having one place with your ...

Today clamAV scanned my AWS instances and detect infected files on each. It looks like false positive due to several reasons:

1. All these files are created in 2021 (why were they detected only now?)

2. SSH port for each instance is protected by MFA + password + VPN.

All these files are in Conda environment and only exe files are infected (my AWS instances are Ubuntu OS).

Could it be the same issue l ...

I am getting a sawtooth style of graph on Grafana when I am tying to monitor the ISP WAN interface of my Fortinet firewall. Can someone please guide me on getting the right graph for the WAN interface bandwidth? The fortinet shows a much smoother and flatter curve but my graph is a sawtooth, here is my OID, oid = "1.3.6.1.2.1.2.2.1.16.187" where 187 is the interface snmp index. Please guide me on this.

I am developing an app and to host backend system I am using AWS Lightsail. Is there a way to keep all the inter service communication private?

I am aware this can be achieved with VPC while using AWS outside lightsail. Is there a way to setup Lightsail resources in VPC?

Here's the environment:

• Local clients vary between Ubuntu 20, MacOS, Windows
• Server is Ubuntu 18 LTE, problem happens on many different servers
• SSH sessions established via Luminate. More than 1 Luminate gateway is showing this problem.
• Both client and server use keepalive in the ssh config
• It's happening for multiple users in different locations across the globe
• I don't have this problem in oth ...

[21:00] Server Message:

Your account has expired; please contact your system administrator.

Why do accounts created with useradd expire at 21:00 and not at the exact time of their creation?

When I create a user using useradd in linux, that user will not expire exactly the next day at the time of creation. it will always expire at 21:00 no matter what time it was created.

I would like to know if it wo ...

I am having some issues with setting up a publicly accessible guacamole server thru my pfsense, which is running haproxy.

Internet > pfsense
          \ haproxy > guac

• I have my domain DNS thru cloudflare. It is currently proxied - should this matter at all?
• I have NAT set up to direct 80 and 443 thru to my haproxy VIP
• I have the haproxy frontend for port 80 redirecting to port 443
• I have the ...

really losing it here. I wrote a simple piece of code just to be able to access secrets, and every time I run it it simply throws the following error:

google.api_core.exceptions.RetryError: Deadline of 60.0s exceeded while calling target function, last exception: 503 Getting metadata from plugin failed with error: ('invalid_grant: Bad Request', {'error': 'invalid_grant', 'error_description': 'Bad R ...

I don't get how "automatically unlock" Bitlocker feature works on Windows 10. I have a main SSD with OS installed in it that's encrypted with bitlocker and another drive encrypted with bitlocker that automatically unlocks itself at boot.

I read in the documentation that a drive set to unlock automatically "can be unlocked only when the main OS drive is locked with bitlocker too". This looks like  ...

So I've been going crazy with this for the last 5 hours or something like that.

We have been having a problem in one of our servers that suddenly started giving 504 gateway timeouts.

So first versions:

• Debian 10 running on Proxmox 7
• Nginx 1.14
• PHP 7.2.34 (39+0~20230609.84+debian10~1.gbpf63844)
• curl 7.64.0

So basically I have the following file on one virtual host, let's call it VH 1 ( example.co ...

I was browsing Wireshark output and noticed that the handshake process for talking to Google DNS servers was asking for TLS1.2 vs the supported default TLS1.3 at 2001:4860:4860::8844.(https://developers.google.com/speed/public-dns/docs/secure-transports)

How do I set the default TLS version to be used on Windows 11 to TLS1.3 and downgrade to TLS1.2 if that is not available.

Internet Options has TLS 1.2  ...

I have around 50 computers joined to DomainA in branch office A and will be move to a temporarily branch office B

Branch office B has a different subnet and DNS servers which belong to a different domain - Domain B

Office A and B network are connected and routable to each other

I do not want to change the 50 computers DHCP automatic setup so those 50 computers are going to get DNS servers that belong t ...

I moved my domain to Route53 and am now getting problems with Certbot renewal. Certbot has been running great for 4 years, but is now failing to renew.

When running sudo certbot renew --apache i get this error:

   Type:   None
   Detail: DNS problem: looking up A for somedomain.com: DNSSEC:
   DNSKEY Missing; DNS problem: looking up AAAA for
   somedomain.com: DNSSEC: DNSKEY Missing

DNSSEC is not, and ...

I want to create a mapping on nginx between $http_MyHeaderName and $port. I have much local hosted IIS sites and depending on header value nginx has to send request to one of them.

Config:

map $http_MyHeaderName  $port {
    Value1 4115;
    Value2 4116;
}

server {
    listen  80;
    #listen 443;
    
    server_name  localhost;


    location / {
        proxy_pass http://localhost:$port;
    }

I have started a user defined data collection set with Perfmon and would like to run it for some days. It's now been almost 24 hours and the .blg file is still zero bytes. Before starting this, we tested a few times and the file was zero until the Perfmon job was stopped. Then it wrote data, we were able to open it and see the graphs.

Just want to know if this is normal. It would be a bit upsetti ...

I am running Ubuntu Server 20.04 on a Raspberry Pi. It is set up as a web/email LEMP server. When I send an email from my gmail account to a an email address on my LEMP server, I get an error from spamd stating internal error, python traceback seen in response in my server's mail logs. See below...

Jul 29 10:14:23 mail opendkim[1686]: 3F2031EA70E: s=20221208 d=gmail.com a=rsa-sha256 SSL
Jul 29 10:14:23 ...

I want to disable the USB 'host' NIC present in some Redfish implementations. I want to do this in order to remove the enp10xxxxxxxx device which pops up inside an operating system running on hardware with this feature.

According to the docs this should be possible like this:

# Disable the host interface 
curl -sku ${username_password} -X PATCH -H "Content-Type: application/json"  -H "If-Match:*" http ...

Ok, I'll try to keep this quick. The data on these drives isn't mission-critical so there's no backup. Losing the data would be a bit annoying, so if I could get it back that would be neat, but if not that's fine. More than anything this seems like a good time to explore some mdadm wizardry.

I have a raid array that when it was working looked like:

Personalities : [raid6] [raid5] [raid4] 
md0 : acti ...

When Linux OOM Killer interrupts a process, the kernel logs usually provide enough information about the culprit's memory consumption (even it is not killed eventually). For example, when snmpd process becomes an OOM trigger, its memory state can be found a bit later in the log by the PID=1190:

Jul 18 02:21:26 inm-agg kernel: snmpd invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, o ...

I have inherited a rather small server and am forced to try splitting the e-mail accounts served by Exim on two (or more) disks (different mount points).

I was searching the internet for a solution but couldn't find one.

If at all possible, I want to be able to tell Exim on which mount point each e-mail address is and save accordingly.

Is this possible?

Thank you in advance!

I have dedicated server from OVH, that has 40 ip addresses on three routes.

ip route show
default via x.y.z.254 dev eno0 
a.b.c.0/24 dev eno0 proto kernel scope link src a.b.c.161 
x.y.b.0/24 dev eno0 proto kernel scope link src x.y.b.74 
x.y.z.0/24 dev eno0 proto kernel scope link src x.y.z.238

For example, 16 ip addresses on routing a.b.c.0/24 ending with 160 to 175.

There is a PLESK hosting control p ...

Seeing a lot of martian logs:

May 15 08:30:27 prd-srvr1 kernel: [789192.798073] IPv4: martian source 192.168.0.200 from 10.0.0.115, on dev eth0
May 15 08:30:27 prd-srvr1 kernel: [789192.798095] ll header: 00000000: ff ff ff ff ff ff 3c ef ee 4b 26 e0 08 06        ......<..K&...

We have two interfaces which are configured with different networks -- eth0 in 192.x and eth1 in 10.x, and default g ...

Hi have one domain lets say example.in, i have been using one of its subdomain for my application purpose xyz.example.in, i have following NS record for main domain and sub domain :

example.in  NS      ns54.jinfo.net
example.in  NS      ns51.jinfo.net
example.in  NS      ns52.jinfo.net
example.in  NS      ns53.jinfo.net

xyz.example.in  NS      ns1.xyz.example.in
xyz.example.in  NS      ns2.xyz.exa ...

Some of my servers lost network connection (ip address disappears in ifconfig). I checked the linux dhcp server's messages log, and I found around the time those servers lost connections, there are messages like below:

DHCPDISCOVER from <mac address of the server> via <port>
Abandoning IP Address <IP of the server>: pinged before offer

I think it is unlikely that my dhcp server's add ...

I'm hoping there is a general way, though I'm specifically looking at an instance of Aurora PostgreSQL that I know I've adjusted one or two parameters for. However, there are nineteen pages of settings and there is no "default value" column or "last modified" column or list of events to help me determine which parameters I've changed.

vi data.sql :

-- MariaDB dump 10.19  Distrib 10.4.28-MariaDB, for Win64 (AMD64)

But when I do head -n 10 data.sql I get the first line as

��-- MariaDB dump 10.19  Distrib 10.4.28-MariaDB, for Win64 (AMD64)

As a result of which I get this while importing :

ERROR 1064 (42000) at line 1: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the  ...

I'm attempting to authenticate with a cloud SQL instance using a client cert:

psql -h "$IP" "sslmode=verify-ca sslkey=certs/tls.key sslcert=certs/tls.crt sslrootcert=certs/ca.crt dbname=postgres"
Password for user root:

The server's cert is in certs/ca.crt; the client's cert/key in tls.crt/tls.key.

As you can see, that appears to be failing, and psql is apparently falling back to password. How can I eit ...

What would be the "right" strategy for this use-case?

1. x86_64-platform with UEFI
2. 40-Pin GPIO available
3. Ubuntu/Debian and Yocto-Custom-Build available (by manufacturer) for that platform/board
4. eMMC and SSD available

The goal is to have a working Debian-system on SSD which should be standardized loaded. At the same time there should be an option to do a "factory reset" by i.e. pressing a GPIO-button du ...

Context

I'm setting up ZFS autobackup on my home server for offsite backups. All commands printed below are run as non-root.

Problem

A 'permission denied' error arises originating from the target machine when the following command is issued:

(zfs send --large-block --embed --raw --verbose --parsable --props \
 -i @previous_snap localpool/mydataset@newest_snap) | \
(ssh ostsite 'zfs recv -u -o can ...