Latest Server related questions

I checked the fingerprint for my Postfix SSL/TLS certificate like this:

openssl x509 -in public.cer -noout -pubkey | openssl pkey -pubin -outform DER | openssl dgst -sha256 -c

But when I obtain the fingerprint for the mailserver from my local machine

openssl s_client -connect my.mail.server:587 -starttls smtp < /dev/null 2>/dev/null | openssl x509 -fingerprint -noout -in /dev/stdin | cut -d ...

I replaced the default snakeoil certificate for Postfix with my own cert and key. The following configuration in /etc/postfix/main.cf works:

smtpd_tls_cert_file=/etc/ssl/certs/public.cer
smtpd_tls_key_file=/etc/ssl/private/private.key

But when I concatenate the key and cert into a single file and use the recommended syntax for Postfix 3.4

smtpd_chains_files = /etc/postfix/chains.pem

smtpd warns abou ...

It recently became painfully obvious that I just don't know how I'm supposed to manage Python packages on my systems.

I simply MUST be able to know what all is installed and under what user IDs, since the Python community is coached that nothing should be installed as Root. . . . This leaves me with a serious problem!

In this instance, I'm using Fedora distributions, MOSTLY but not exclusively Fedor ...

Last night I was trying to undo some ip table changes I did and I ended up doing iptables -F, Is there anyway to get back to normal? I'm on an ubuntu server.

I accidently did this iptables command on CentOS7. How to undo it?

sudo iptables -I DOCKER-USER -i src_if -o dst_if -j ACCEPT

When I start a remote desktop connection to the server I get the following warnings

when launching double click on my shortcut:

The advertiser of this remote connection can NOT be identified.

editor: unknown publisher

and after entering the username and password:

The identity of the remote computer cannot be verified Unable to perform a revocation check for the certificate unknown publisher

The certifi ...

(sorry for my basic question but I had noone to ask)

Does routers/smart-switches that foward/pass vlan packets inside same network need to have assign IP from that given VLAN that they foward packets (thru TRUNK port) or they only need one IPfrom management VLAN so administrator can access them from that single VLAN ?

I'm currently running a centOS server with directadmin and custombuild. I keep getting spoofed phishing mails with spoofed from addresses that have SPF setup properly.

Spamassassin gives it a score 1.8, probably because the mail seem legit and other tests compounded result in a negative score. So negative score + SPF test score = 1.8

In directadmin you have ways to block mail, but this is looking at ...

Setup I'm running apache on an ubuntu server. I've created a fail2ban rule which bans an ip when they request too many pages too fast.

# Fail2ban Rule
failregex = ^.*?(:80|:443) <HOST> - .* "(GET|POST|HEAD).*$
ignoreregex =.*(.ico|.jpg|.png|.gif|.js|.css|.woff|.mp4)

findtime = 30
maxretry = 10

Goal:
I would like to run an old apache log against this new fail2ban rule so i can see if it would hav ...

As shown in the diagram below, I currently have three systems networked together:

                             Interface eno2
                             IP Addresses Assigned:
                             192.10.10.12───────────┐
                                                    │
                                                    │
                                 ...

I use Apache2 mod_cache_disk with symlink to my ramdisk: /tmp/ramdisk/mod_cache_disk but I cant get it to work :( It only works when path leads to real directory. How can I fix this problem ?

I want to verify my app but I am confused about which scope should I define because my app is not being verified.

I am using google calendar APIs for the cloud console app and when submitting my app for verification I skip scopes. I want to ask if i have to define any scope for my app verification of it can get verified without defining any scope

I have a server system that I've had running for a couple of months - fresh install, Ubuntu 20.04 with all updates, and from day 1 it has had repeated messages, about every four seconds, that say, "usb usb2-port10: Cannot enable. Maybe the USB cable is bad?"

All USB ports that I know about are working fine, so this is either a port I don't know/care about, or a phantom message. I'm presuming it' ...

I am trying to set up an IMAP server on my basic Centos 7 mail server. I have postfix MTA set up and delivering mails to the following directory (I have no reason to change this to use the $HOME directory):

root@mail3:/var/spool/mail
# ls -ltrh
total 12K
-rw-rw----. 1 rpc    mail    0 Feb 29  2020 rpc
-rw-rw----. 1 centos mail    0 Feb  3 19:39 centos
-rw-rw----. 1 bruce  mail    0 Feb  3 19:47 br ...

I am configuring Active Directory authentication for an Alma 8 box using SSSD, Kerberos, and initial SSH key for log in stored in an Active Directory object, and a local sudoers file that lists groups permitted to sudo.

I have connected the server to the domain and been able to authenticate as a domain user user, logging in initially using the SSH key. An AD domain password must subsequently be s ...

I am trying to use a script for showing iptables line numbers from iptables-save command.

The script was taken from this site: https://blog.oddbit.com/post/2018-02-08-listing-iptables-rules-with-li/

And is as follows with number-rules name:

#!/bin/awk -f

state == 0 && /^-A/ {state=1; chain=$2; counter=1; printf "\n"}
state == 1 && $2 != chain {chain=$2; counter=1; printf "\n"}
!/^-A/ ...