/srv/irclogs.ubuntu.com/2009/11/03/#ubuntu-server.txt

gp	can anybODY help ME ?	00:00
gp	calling huston are you there	00:01
Baversjo	When I try to install a package using pear or pecl on ubuntu server 9.10 pear/pecl stops after downloading the file. Tried apc and symfony, neither works.. Any ideas?	00:04
erichammond	gp: What do you mean "fstab is not mounting it"? What command are you typing? What is the result?	00:05
Baversjo	Could someone take a look at this? http://paste.ubuntu.com/308037/ As you can see, the package is never installed.	00:07
phoenixz	Anybody who could tell me how to solve sudo fuser -vki /var/lib/dpkg/lock;sudo dpkg --configure -a gives me this : http://pastebin.com/m46588684 How can I fix this?	00:21
bventura	i bought a vintage 1U compaq proliant from the bargain bin at an electronics recycler and it ran ubuntu great for about a year, then all of a sudden it started having segmentation faults at random times and shutting down. then it seemed to have gotten worse and now wont boot up at all. I'm wondering what would cause this, bad disk, bad memory? where to start with troubleshooting?	00:25
orudie	is there a server guide for 9.10 ?	00:27
zoopster	bventura: start with the memtest	00:36
zoopster	orudie: http://doc.ubuntu.com/ubuntu/serverguide/C/index.html	00:37
bventura	thx zoopster, am running it now. anything to check besides memory and disk? i can't think of anything besides power supply that would wear out over time	00:38
zoopster	no bventura could be anything I suspect - those are hard to troubleshoot so it's random	00:40
=== omani2 is now known as omani
bventura	ok	00:40
uvirtbot	New bug: #471975 in bind9 (main) "package bind9 1:9.6.1.dfsg.P1-3 [modified: usr/share/bind9/bind9-default.md5sum] failed to install/upgrade: sub-processo script post-installation instalado foi morto por sinal (Interrupção)" [Undecided,New] https://launchpad.net/bugs/471975	00:51
Michael123	Hey	01:14
Michael123	is anyone not idle	01:16
qman__	Michael123, just ask	01:16
Michael123	How would I go about installing IRC server on my server?	01:21
qman__	Michael123, sudo apt-get install [irc server of your choice]	01:22
qman__	to get a list, apt-cache search ircd	01:22
arrrghhh	hey all, i'm getting an error processing "ffado-mixer-qt4" when i try to update... i can't purge it, i'm not sure what to do with it!	01:26
supertyco	I trying to use UEC	01:40
supertyco	I just setup eucalyptus but I cant get a instance up and running	01:40
supertyco	euca:UnassignAddress>	01:40
supertyco	thats the error I get	01:41
zoopster	that's not very telling of what you are doing when you get that error supertyco	01:44
supertyco	I am trying to start my first instance	01:46
supertyco	I am running non-managed vlan mode	01:47
supertyco	I am assuming the instance is looking for a dhcp server	01:47
supertyco	but if you follow these instructions	01:48
supertyco	https://help.ubuntu.com/community/UEC/PackageInstall	01:48
supertyco	a dhcp server is never started	01:48
supertyco	which I assume is needed	01:49
supertyco	am I correct	01:49
zoopster	no supertyco	01:51
zoopster	so supertyco what are you doing when you get an error	01:51
supertyco	euca-run-instances emi-DFA2106F -k mykey -t c1.medium	01:52
supertyco	running that command	01:52
zoopster	and it comes back with that cryptic error message?	01:53
supertyco	that error shows up in the log files	01:54
supertyco	my instance goes from pending to terminated	01:54
zoopster	and are you sure you have enough disk space to perform the operation? you will need 2-3x the size of the image	01:56
supertyco	yes I have 200 gigs free	01:56
supertyco	image is only 180 megs	01:57
zoopster	200g free in the SC	01:59
supertyco	yes	02:00
supertyco	its my first instance	02:00
supertyco	4006864 253767628 2% /	02:01
supertyco	its 98% empty	02:01
supertyco	here is the error on the nc	02:03
supertyco	Domain not found: no domain with matching name 'i-53E608B6' (code=42)	02:03
arrrghhh_	hey all, i'm trying to upgrade my server and it dies on "ffado-mixer-qt4", says it's unable to process it. i can't purge it with aptitude, what do i do?	02:09
arrrghhh	crap i thought freenode was a separate network, sorry	02:10
zoopster	supertyco: no other errors in the log anything related to hvm?	02:10
supertyco	on the nc or main	02:10
zoopster	nc	02:11
supertyco	nope last 2 lines are these	02:11
supertyco	[Mon Nov 2 21:02:39 2009][019311][EUCADEBUG ] walrus_request(): writing GET/GetDecryptedImage output to /var/lib/eucalyptus/instances/admin/i-53E608B6/disk	02:11
supertyco	[Mon Nov 2 21:02:44 2009][019311][EUCAERROR ] libvirt: Domain not found: no domain with matching name 'i-53E608B6' (code=42)	02:11
supertyco	if I look in /var/lib/euca/inst/admin	02:12
zoopster	wondering if it's not vt related...that's the only place I see that error pop up	02:12
supertyco	there is nothing there	02:12
supertyco	vt?	02:12
graytech	hi all ... I'm trying to get apache2 to handle mod_rewrite. I have used 'a2enmod rewrite' and it looks like rewrite is loaded but it is not working in the browser. Any ideas?	02:15
supertyco	zoopster what is vt?	02:15
graytech	btw, this is a new ubuntu server installation and I'm a bit new to ubuntu.	02:15
zoopster	virtualization technology	02:16
zoopster	vt is needed on the node controller	02:16
supertyco	gray: use webmin to intall apahe modules	02:18
supertyco	solves my problems usually	02:18
zoopster	graytech: mod_rewrite engine needs to be turned on...did you do that?	02:18
graytech	zoopster, well .. that might be the problem ;)	02:19
zoopster	supertyco: so w/o going through everything I'm not sure where your problem resides...	02:19
zoopster	a2enmod only enables the module to be loaded... graytech	02:20
supertyco	I have xeon processors I can check bios to see if anything is shut off	02:20
zoopster	or just look in dmesg output supertyco	02:20
zoopster	that will tell you if it's turned off in the bios	02:20
graytech	zoopster, if you are talking about the 'RewriteEngine On' directive in apache2.conf ... I forgot, I already did that	02:21
qman__	graytech, that is the correct way to enable mod_rewrite	02:22
qman__	are you sure your rewrite rules are correct?	02:22
graytech	I'm pretty sure. I'm using the .htaccess file form a drupal install ... didn't touch a thing	02:22
qman__	also, ensure that /etc/apache2/mods-available/rewrite.load exists	02:23
qman__	that's probably where the problem is	02:23
qman__	you need to configure it to allow you to define rewrite rules in .htaccess files	02:23
qman__	IIRC that's not allowed by default	02:23
graytech	qman, /etc/apache2/mods-available/rewrite.load exists and there is a symbolic link to it in /etc/apache2/mods-enabled	02:24
qman__	then the module is definitely enabled	02:25
drupalscott	does anyone have experience in setting up a ftp file server? I'm new to ubuntu server, I'm using an old powerBook G4 with ubuntu 9.04 ppc	02:25
qman__	it's probably an htaccess problem	02:25
qman__	you need to allow htaccess to override the main settings	02:25
qman__	I forget how	02:25
graytech	hmm ... I'm stumped here as it looks like everything is as it should be.	02:25
qman__	to test, you could set up a rewrite rule in the site configuration	02:25
graytech	qman, there is a directive for htaccess in apache2.conf	02:26
qman__	if it works, mod_rewrite is working properly and it's definitely an htaccess issue	02:26
graytech	It's set	02:26
graytech	hmmm ... I'm going to try some tests with htaccess and see if I can track it down.	02:26
qman__	you can enable htaccess, but you still have to set up the site to allow htaccess to change any given settings	02:27
zoopster	qman__: you talking about AllowOverride All	02:27
qman__	if you configure a site with certain settings and allow override none (I think that's the terminology) htaccess won't work	02:27
graytech	hmmm ... I haven't looked for that	02:28
qman__	you can fine tune what is and isn't allowed to be changed with htaccess files	02:28
drupalscott	I worked for several hours last night with 'dapper' and decided to re-install 9.04, so I'm starting over from scratch.	02:28
zoopster	graytech: enable logging and that may help track it down	02:28
zoopster	drupalscott: sure there's experience in here...just ask the question	02:29
graytech	I'm going through the conf files from top to bottom right now	02:29
drupalscott	I just want to be able to access photos, videos, etc remotely, is 9.04 ready 'out of the box' for ftp access?	02:30
drupalscott	what 'apt's' would you recommend?	02:30
arrrghhh	so no takers on ffado-mixer-qt4? i don't even know what i need this for, but i can't remove it and it won't let update because it's failing.	02:30
graytech	one sec ... brb ... I'm going to switch to a different machine with the irc client	02:30
arrrghhh	drupalscott, you'd have to setup ftp, no version of ubuntu will come with that installed/ready-to-go "out of the box"	02:31
drupalscott	okay thanks, what would you recommend I use? I looked at 'proftpd'?	02:31
drupalscott	any recommendations?	02:32
arrrghhh	drupalscott, doesn't really matter. i use vsftp.	02:32
graytech	I'm back	02:32
drupalscott	I'm behind an Airport Extreme 802.11n, will I have to adjust settings for this?	02:32
graytech	ok ... I'm looking at the conf file and looking for overrides	02:33
drupalscott	my server will be hard wired to the router	02:33
arrrghhh	drupalscott, if you want to open up access to the "world", then yes. you would have to setup a port on the firewall on ubuntu (i use ufw) and you'd have to open the port on your router.	02:33
zoopster	arrrghhh: what prevents removal of ffado?	02:34
arrrghhh	zoopster, i've tried using aptitude purge and apt-get remove, it fails. let me get the exact error.	02:34
arrrghhh	zoopster, http://pastebin.com/d6e5c73a8	02:35
drupalscott	arrrghhh: is there anything that will help security wise when I do this?	02:36
arrrghhh	i get the same "error while processing" when i try to update my server.	02:36
zoopster	and reinstalling it fails arrrghhh	02:36
arrrghhh	zoopster, yep. want that output? :P	02:37
zoopster	oh sure	02:37
arrrghhh	drupalscott, it's a bad idea to open up ftp to the world, if you can help it.	02:37
arrrghhh	zoopster, http://pastebin.com/d4e1018a8	02:38
drupalscott	how else would I set up a file server? I want to allow access for family mainly.	02:38
graytech	I found the problem ... it WAS the AllowOverride setting in the default virtual host file	02:38
arrrghhh	drupalscott, well there's other protocols depending on what you're doing.	02:39
arrrghhh	drupalscott, http is probably the easiest... but uploading gets complex.	02:39
drupalscott	I'm basically trying to get all family photos in one place. I would like anyone I want to allow access, to be able to download and upload photos.	02:40
graytech	I'm not sure who gave me that sugestion as I'm on a diff machine ... but thanks a bunch!	02:40
zoopster	arrrghhh: wild...it depends on ffado-dbus-server, but that isn't installed...so it appears the best fix is to install ffado-dbus-server then reinstall ffado-mixer-qt4 then you can remove both	02:40
arrrghhh	drupalscott, you can open up ftp, just keep in mind it's a very insecure protcol. i'm not sure how sftp works, but i know it's much more secure...	02:40
zoopster	graytech: np	02:40
drupalscott	arrrghhh: would I have to create a 'frontend' or site to allow access. If I used htt;	02:41
arrrghhh	zoopster, interesting... i was thinking about trying that, just sounded nuts.	02:41
drupalscott	http:	02:41
arrrghhh	drupalscott, essentially, yes. and you'd have a much better system... but it would take more work. you could do it in drupal :P	02:41
zoopster	arrrghhh: it is nuts...ffado-mixer-qt4 depends on ffado-dbus-server so the question is how did it manage to get installed w/o ffado-dbus-server?	02:42
arrrghhh	zoopster, and of course, i can't install ffado-dbus-server.	02:42
drupalscott	I'm actually a drupal developer, just too busy to do it, maybe you're right	02:42
arrrghhh	maybe i need to purge ffado-dbus-server, not ffado-mixer-qt4...	02:42
zoopster	arrrghhh: arrrgggghhhh	02:42
zoopster	good point	02:42
arrrghhh	drupalscott, you know how it works... you know how powerful it is. i'm not saying you definitely shouldn't use ftp, i just recommend against it.	02:43
drupalscott	let me re-phrase, I've had about a year's experience. I mainly work with the dashMediaPlayer	02:43
arrrghhh	damnit, i can't purge any of these pacakges zoopster...	02:43
arrrghhh	drupalscott, that's cool. i know my boss threw together a wiki in a weekend using drupal. love it.	02:44
drupalscott	what about ssh, could I go that route	02:44
drupalscott	I'm new to servers, with the exception of setting up a mail server	02:44
arrrghhh	drupalscott, kinda awkward to share files with ssh...	02:44
drupalscott	oh, okay	02:44
arrrghhh	ssh is more a replacement for telnet... it would work, but it would be... well, awkward lol.	02:44
drupalscott	is there any way to tap into flickster, or any web based photo bucket	02:45
zoopster	but using scp is an option...just as awkward as ftp	02:45
arrrghhh	if you setup ftp, just do it as a temporary solution.	02:45
arrrghhh	zoopster, i dunno, with the ftp clients for firefox like fireftp...	02:45
arrrghhh	i haven't found anything that works as well, except for the paid-for sftp pro, which is windows only. kinda ironic it connects to sftp and scp/ssh servers.	02:46
zoopster	but you have those for nautilus and scp too and putty for windows	02:46
drupalscott	I think I'm going the drupal route, it would be nice for the users-'family'. It would make it easier	02:46
arrrghhh	can you use putty to easily share files? i guess i've never tried.	02:46
qman__	drupalscott, ssh, scp, and sftp are all part of the openssh-server	02:46
zoopster	share? no..scp, yes	02:46
qman__	if you need ftp-like access, ssh/scp/sftp is the most secure option	02:46
arrrghhh	drupalscott, i think for a more polished product, that would be the best. obviously not the easiest, but probably the best.	02:47
qman__	however, it's probably not the best interface for the situation you describe	02:47
qman__	a web interface would probably be better	02:47
arrrghhh	qman__, i didn't know sftp was part of ssh-server... you could go that route pretty easily it sounds like drupalscott. i've ust never set it up.	02:47
zoopster	arrrghhh: what error do you get purging the ffado-dbus-server?	02:47
arthurjohnson	arrrghhh: http://www.expandrive.com/windows but it isn't free	02:48
arrrghhh	yea	02:48
arrrghhh	zoopster, lemme paste...	02:48
arrrghhh	pretty much the same thing from the looks of it	02:48
drupalscott	i agree, thanks for the input. Sometimes you just have to talk it out	02:48
qman__	you can use winscp or filezilla to connect to sftp on windows	02:48
qman__	both free	02:48
arrrghhh	zoopster, http://pastebin.com/d22b209a7	02:49
arrrghhh	qman__, yea, i forget about winscp. i used to use it all the time	02:49
qman__	gftp is what I use on linux desktops	02:50
qman__	not the prettiest client out there but it has bandwidth throttling	02:50
arthurjohnson	qman__: You wanna talk not pretty, try lftp	02:50
drupalscott	what is gftp	02:53
orudie	what do i do to enable RewriteEngine other than specifying "RewriteEngine on" in /etc/apache2/sites-enabled/mysite.com ?	02:53
qman__	a GUI FTP/SFTP/variants client	02:53
qman__	based on gtk/gnome	02:53
zoopster	arrrghhh: did you see this ffado-mixer-qt4: Depends: ffado-dbus-server (= 2.0~rc1-0ubuntu2) but 2.0~rc2+svn1569-2ubuntu1 is installed	02:54
drupalscott	can i use that on the ubuntu 9.04 server	02:54
arrrghhh	zoopster, i didn't. what can i do?	02:54
qman__	drupalscott, no, you'd use that on the client	02:54
qman__	on the server you use openssh-server	02:54
drupalscott	ok	02:54
zoopster	orudie: use a .htaccess file	02:55
drupalscott	i access our servers everyday, they are secure as far as i know	02:55
qman__	if you need a client on ubuntu-server, use the built in 'sftp' program	02:55
drupalscott	we use key-pair	02:56
arrrghhh	zoopster, let me know if you find anything, i have to get going but i'll bbl.	02:56
uvirtbot	New bug: #472080 in krb5 (main) "Installs symlinks to files in non-dependency libkadm5clnt6" [Undecided,New] https://launchpad.net/bugs/472080	02:56
zoopster	arrrghhh: ok...I can't hang too much longer	02:56
drupalscott	thanks arrrghhh:	02:58
drupalscott	now on to my next problem, I access servers all the time, but I have all the right information: ip address, login, etc.. This may sound stupid but how do I set that up from ubuntu	03:00
qman__	what do you mean "set up"	03:00
zoopster	arrrghhh: here's the problem -you have karmic's ffado-dbus-server installed and jaunty's ffado-mixer-qt4 so the only suggestion I have is either back-rev the server or upgrade the mixer to make them match...if you are still at jaunty, I would revert the ffado-dbus-server	03:00
zoopster	arrrghhh: something blew up in your upgrade it appears	03:01
drupalscott	just a moment qman__: and I'll explain. I'm in the middle of a new install and it gives me the option to install predefined collections of software: DNS server, LAMP server, Mail server, OpenSSH server, PostgreSQL database, Print server, Samba file server, Tomcat Java server, Virtual Machine host.....any help on what I might need?	03:03
qman__	drupalscott, it depends entirely on what you intend to do	03:04
qman__	if all you need is sftp, then just choose openssh	03:04
qman__	if you want a web page, choose lamp	03:04
qman__	if you want local file sharing with windows and linux clients, choose samba	03:04
drupalscott	by web page you mean if I'm going to install drupal	03:04
qman__	yes, any web site	03:05
drupalscott	what is a VM host?	03:05
qman__	that's KVM	03:05
qman__	for virtual machines	03:05
drupalscott	I know what a VM is, but host?	03:05
qman__	chances are you don't want that	03:05
drupalscott	how would I use that?	03:05
qman__	a VM host hosts virtual machines	03:05
drupalscott	ok, probably won't be doing that	03:06
drupalscott	where do I find the 'settings' I would need to sftp into my server from ftp client?	03:07
qman__	you use local system accounts	03:07
qman__	you create users on the system, and ssh uses those as logins	03:07
qman__	the only catch here is they're not jailed, so you have to trust your users to not screw up your system, or go and set up a jail	03:08
drupalscott	ok, what about the ip of the server?	03:08
qman__	whatever your IP is	03:08
qman__	that depends entirely on your network configuration	03:08
drupalscott	jail, is definitely a must	03:08
drupalscott	I'm behind a Airport Extreme	03:09
qman__	I've never used one of those	03:09
qman__	if it's like any other home router, you just need to port forward port 22 to the server	03:09
drupalscott	my main ip right? 67.xx.xx.x	03:09
qman__	and use your main IP	03:09
drupalscott	ahhh ok	03:10
drupalscott	how would a DNS server come in handy?	03:10
qman__	as for the jail, it takes a little work, but it's not too hard	03:10
drupalscott	I will look into jail	03:10
qman__	if you need a local zone, or want caching or root hints, you'd install DNS server	03:10
qman__	a DNS server is completely irrelevant to the file server setup you're working on	03:11
qman__	if you want to hand out a domain name instead of an IP, you'd need a dynamic DNS service like afraid.org or dyndns	03:11
qman__	for the jail, I use jailkit	03:12
drupalscott	drupal uses a database, do I need PostgreSQL then, we use mysqli?	03:12
qman__	no, mysql is included in LAMP	03:12
drupalscott	great!	03:12
qman__	postgres is only if you want postgres instead of mysql	03:12
drupalscott	awesome	03:12
drupalscott	the Samba file server is good for local access only, right?	03:13
qman__	or in conjunction, I suppose	03:13
qman__	right	03:13
drupalscott	got it	03:13
qman__	samba is basically an open source implementation of windows file sharing	03:13
qman__	so it has the advantage that it works with just about everything, but it's a LAN-only system	03:13
drupalscott	right now my domain name is at goDaddy, can I move it over to my server with DNS	03:14
drupalscott	or do I have that wrong	03:14
qman__	that's a big maybe	03:14
drupalscott	my understanding of DNS is minimal	03:14
qman__	it depends on your ISP, your DNS provider, and what kind of setup you're really looking for	03:14
drupalscott	I've moved a couple of them to our business server, EC2 cloud	03:14
qman__	if you don't have a static IP at home, you will need a dynamic DNS service	03:15
drupalscott	I would like to host my own site, if I'm going to build it with drupal	03:15
drupalscott	I don't have a static	03:15
drupalscott	DHCP	03:15
qman__	also, you will need to ensure that your ISP doesn't block any important ports	03:15
drupalscott	at&t dsl, I'll have to try a search for blocked ports	03:16
qman__	80 and 443 most notably	03:16
drupalscott	I believe we access our servers through ssh, that's what I would be doing through drupal right? openSSH server	03:17
qman__	so, to use it on a dynamic address, I would sign up for an account on afraid.org, point my domain to afraid.org name servers, and use their dynamic DNS to update my address	03:17
qman__	I don't know a lot about drupal, but for a web interface, you would not be accessing through SSH	03:17
qman__	it would be over HTTP(S)	03:18
drupalscott	drupal's file system resides on the server, I have to have access to it to add	03:18
drupalscott	'modules', add ons, etc	03:19
qman__	if you mean access to the files the site uses, you could use openssh/sftp to upload/download files	03:19
drupalscott	that's what I'll install then	03:19
drupalscott	I really appreciate your input qman__	03:20
qman__	no problem	03:20
drupalscott	I was messing with this last night for hooouurrrrs	03:20
drupalscott	I was afraid I junked it up too much, so I re-installed	03:21
drupalscott	another question if you don't mind: apache2, when would I need this	03:21
qman__	apache is the web server	03:21
qman__	it's included in the LAMP configuration	03:21
drupalscott	once again, great, that makes it easy	03:22
drupalscott	thanks again for your expertise! if I have any more glitches I'll check in	03:23
qman__	yep	03:23
qman__	make sure when you look up documentation, that you use ubuntu or debian specific stuff	03:23
qman__	other systems use vastly different config file setups and can lead to a lot of confusion	03:24
drupalscott	I may have already run into that	03:24
qman__	not that other guides aren't useful, but if you don't understand the differences it can cause you trouble	03:24
drupalscott	I don't need anymore trouble than I have, I have to say I love linux though	03:26
drupalscott	oh, I thought of something else...you still there qman__	03:27
drupalscott	will I be able to add external storage to the server? I would like to store all files on an external drive if I can	03:28
qman__	sure	03:31
orudie	whats a good way to isntall postfix/dovecot , is it with tasksel ?	03:35
qman__	orudie, yes	03:35
orudie	qman__, what would it be then ?	03:35
orudie	tasksel install postfix ?	03:35
qman__	orudie, the mail server task installs postfix and dovecot	03:35
orudie	tasksel install mailserver ?	03:36
qman__	not sure, hang on	03:36
jmarsden	sudo tasksel install mail-server	03:36
qman__	yep, that's it	03:37
drupalscott	will ubuntu recognize the drive? how do mount it	03:39
drupalscott	if i have a domain name and want to set up postfix to use 'user@mydomain.com', can i do that?	03:45
drupalscott	what else is required?	03:45
jmarsden	drupalscott: A static public IP is pretty much required for a real email server.	03:46
JanC	if you have a fixed IP and you can set the MX for that domain, then yes	03:46
JanC	fixed public IP indeed ;)	03:46
drupalscott	can i, how do i set it static	03:46
JanC	if you have a consumer DSL/cable line, it's most likely dynamic, if you are in a datacenter or with some business DSL/cable lines it's static	03:48
jmarsden	You buy a connection to the Internet with a static IP from your ISP, ... unless you are the ISP :)	03:48
JanC	jmarsden: unfortunately, most ISPs make you pay through the nose for that...	03:49
drupalscott	ahhh I see	03:49
JanC	it's actually often cheaper to put/rent a server in a DC than at home :P	03:51
drupalscott	DC?	03:52
JanC	DC = datacenter	03:52
jmarsden	I've seen getting a static IP cost US$10 or US$15 more than dynamic; it's hard to find colo for US$15/month -- but yes, at about US$20/month you might as well just get a small virtual private server at linode.com or similar and use that for a small scale email server.	03:53
orudie	i should be able to send mail right after intalling postfix right ?	03:53
jmarsden	orudie: Given working Internet connectivity and a sane configuration, yes.	03:54
JanC	jmarsden: depends, but e.g. in Belgium no consumer offerings have static IP	03:55
orudie	jmarsden, hmm.. The ubuntu server box is behind the router	03:56
JanC	and business offerings include (supposedly) better support & all that, so they are expensive	03:56
orudie	jmarsden, i am not seeing any errors in mail.log , however i'm not receiving mail to my gmail account	03:56
jmarsden	Does your ISP block outgoing TCP traffic to port 25 except to its own mail servers, and did you configure postfix to use a smarthost or not...?	03:57
orudie	jmarsden, if you still around, do you mind ? http://pastebin.com/m5e8e406f	03:57
jmarsden	orudie: Looks fine at the transport/SMTP level, but the domain name mail.svovausa.home looks odd... and doe snot appear to exist on the public Internet. So Google probablu threw your message away.	03:59
ScottK	Yep. That log message means the message got to Gmail and whatever happened to it, they did it.	04:00
orudie	oh i see	04:00
orudie	i can test with a different domaini ?	04:01
jmarsden	ScottK: But they had no way to tell you what they did, because the email has a non-existent domain name...	04:01
orudie	my goal is to have multiple email domains on this host	04:01
jmarsden	orudie: Use a real existing domain that you own and control DNS for, and it should work better	04:01
ScottK	jmarsden: I think your speculation about why they vanished it is likely valid, but it's hard to tell anything for sure. Whatever happens after 250 is a guess.	04:01
orudie	yup i'll try it now	04:02
JanC	actually, use something that points to the public IP of the server ;)	04:06
jmarsden	JanC: Well, while nice, that shouldn't be 100% necessary just for sending email out, unless the domain concerned uses strict SPF and the receiving mailserver checks SPF.	04:08
JanC	right, forgot that he can't receive answers through that server	04:12
JanC	OTOH, google should implement such policies during receiving IMO ;)	04:13
JanC	and AFAIK they do	04:13
JanC	(with similar things)	04:13
orudie	jmarsden, how can i send a test mai lfrom bash ?	04:15
orudie	how do i send a mail message from within shell?	04:16
JanC	with telnet or netcat	04:16
JanC	e.g. http://www.village-elder.com/blog/archives/1-How-to-test-a-mail-server-by-sending-mail-with-telnet.html	04:19
agc	hi. So i'm definitely not a noob to ec2, but i've got a problem i just cant get around... "I can't connect to my server on Amazon EC2" ... I just went through this article pretty throughly: http://alestic.com/2009/08/ec2-connectivity and I've had no luck... can anyone provide any advice?	04:19
agc	I've ssh'd into my instance many times (it's been running for several months), but within the last several hours, im getting "port 22: Operation timed out"... the last thing i tried was rebooting (about 10 mins ago)... but still no luck	04:23
uvirtbot	New bug: #472156 in mysql-dfsg-5.1 (main) "delete key generates ~ in mysql-client" [Undecided,New] https://launchpad.net/bugs/472156	04:35
qman__	so, I'm trying to figure out what my best course of action is	04:54
qman__	today, I had mdadm claim two disks failed an hour apart	04:54
qman__	using mdadm -Af got the array to assemble in a degraded state, and the data is not corrupted at all	04:54
qman__	according to smartctl, all the disks pass self-tests	04:54
qman__	two disks have a lot of SMART errors logged, one has a few, and the rest have none	04:55
qman__	should I replace all three disks? only replace the two with a lot of errors? mark them as OK and keep using them?	04:55
qman__	most of the data is replaceable, and the critical stuff is all backed up	04:59
qman__	so total failure would be massively inconvenient, but not catastrophic	04:59
qman__	also, is there a good way to determine which disk is which? as in, which physical disk is sda, sdb, etc...	05:17
qman__	they're all the same make and model	05:17
qman__	ah, answered my own question, lshw is helpful there	05:21
twb	qman__: hdparm -I and look at the serial numbers	05:22
twb	lshw ought to have the same info, as you say	05:22
smackdaddy	how to i renew dhcp from the command line	05:26
twb	smackdaddy: ifdown ethX; ifup ethX	05:26
smackdaddy	thanks..	05:27
erichammond	agc: That article asks a number of questions to which you should provide answers if you are seeking help with an EC2 connectivity problem.	05:28
smoser	agc, ec2-authorize default -P tcp -p 22 -s 0.0.0.0/0 ?	05:31
erichammond	agc: You'll probably want to provide the instance id, traceroute, and complete console output on the EC2 forum http://ec2forum.notlong.com	05:31
smoser	i go to bed now.	05:31
* erichammond heads home		05:32
agc	smoser: Client.InvalidPermission.Duplicate: The permission '0.0.0.0/0-1-22-22' has already been authorized on the specified group	05:32
agc	THe result of "ec2-get-console-output i-1f542676" is here: http://pastie.org/681122	05:33
erichammond	agc: What's the AMI id?	05:34
agc	erichammond: ami-398d6b50 (thanks for the help, btw...)	05:35
erichammond	That appears to be a private AMI(?)	05:36
agc	ssh / telnet all time out..	05:36
erichammond	agc: Can you ping the instance?	05:36
agc	erichammond: yeah, sorry i was clear about that	05:36
erichammond	What release is it running?	05:37
agc	erichammond: ping times out	05:37
leo_	?	05:37
erichammond	er, Ubuntu 9.10, etc	05:37
erichammond	agc: Can you ping the instance from another EC2 instance?	05:38
agc	I bundled from this ami: ami-0d729464	05:38
agc	to create the private ami...	05:38
agc	erichammond: pinging from another instance times out as well... both instances on in 'us-east-1c'	05:40
erichammond	agc: Did you try to upgrade the instance to Karmic?	05:40
agc	erichammond: no... i read your article too :-)	05:41
erichammond	agc: Is there any chance somebody might have complained about your instance sending spam or being the URL in spam or phishing attacks?	05:42
agc	erichammond: hmmmm.... my instance is running django, and it sends emails semi-often	05:43
agc	erichammond: would amazon send me a warning email?	05:44
erichammond	agc: Step 1: start working on a new replacement instance. Step 2: Post the instance id and as much info as you can to the EC2 forum and perhaps Amazon can investigate.	05:44
erichammond	agc: Yes, as far as I know they generally do send an abuse report notice.	05:44
smackdaddy	when im starting bind i get this error....	05:45
smackdaddy	rndc: connect failed: 127.0.0.1#953: connection refused	05:45
erichammond	...but there have been mistakes recently where they were not sent. Amazon's cleaning up their abuse process flow.	05:46
smackdaddy	what is that....	05:46
erichammond	agc: It could also be a hardware issue, but only Amazon can determine that.	05:47
agc	erichammond: i wonder if I should ask them, do you know the best place to ask?	05:47
erichammond	agc: http://ec2forum.notlong.com (or pay for premium service)	05:47
agc	related post (maybe?) around the same time: http://developer.amazonwebservices.com/connect/thread.jspa?threadID=38129&tstart=0	05:48
erichammond	agc: With as many servers and customers Amazon has, somebody is experiencing problems all the time. Even though it is a very small percentage of users, sometimes it's you.	05:50
erichammond	er, hardware problems that is.	05:50
agc	nooooooooo ;-)	05:50
erichammond	With EC2, however, can you simply fire up a new server and throw away the old one. You don't even have to worry if it was a hardware problem or not (until it happens several times in a row).	05:51
agc	well, on a positive note, i've been using your ec2ubuntu amis for over a year now, and they are extremely awesome.	05:52
ralphmichael17	ok i am looking for some good 1 on one help with setting up my ubuntu server, i am already familiar with desktop edition, anyone want to help?	05:52
erichammond	agc: Glad to hear they've been working for you. Since you're using Jaunty, I'd recommend migrating over to the Karmic AMIs which were just released.	05:53
agc	erichammond: ok, will do... thanks for all the help	05:54
crohakon	ralphmichael17; What is it you want the server to do?	05:56
smackdaddy	what would be causing this error, bind9 ----------	05:57
smackdaddy	rndc: connect failed: 127.0.0.1#953: connection refused	05:57
smackdaddy	[fail]	05:57
=== nxvl_ is now known as nxvl
ralphmichael17	ok, i have 1 server, 1 network hub, and 7 computers, i want to use ubuntu to network them together on an intranet where all client computers login through the server and can be monitered	06:00
ralphmichael17	can anyone help with that?	06:04
crohakon	So you want the server to act as a internet gate way that logs the activity of the other 7 computers?	06:06
ralphmichael17	yes, and make it so any user can log onto their account from any of the 7 computers to access their files	06:07
masshuu	so i was wonering if i actually needed somthing like fail2ban or denyhosts. theres only 1 user atm that can login via ssh and i have a long password thats a strong password(upper, lower, and symbols)	06:12
joseph_	ralphmichael17; Sorry, I did something dumb and my computer disliked it. Had to reboot. Were you able to find help?	06:12
poningru	ralphmichael17, kinda overboard but look into ltsp	06:13
ralphmichael17	still no but found some interesting things on google	06:13
ralphmichael17	ltsp talked about edubuntu, but thats an educational program	06:13
poningru	ralphmichael17, the other thing you can do is have them login using something like ldap+kerberos	06:13
poningru	ralphmichael17, yes... but you can use that too	06:13
d1b	hi um i used the server upgrade release tool thingy to upgrade from 9.04 to 9.10	06:14
d1b	and said server hasn't come back on a reboot	06:14
joseph_	looks like LTSP is what he is looking for	06:14
d1b	any ideas what could have gone wrong?	06:15
ralphmichael17	im looking to use these computers in a business envirement, and i dont want the computers to use the all the servers memory, i would like them to use their own memory too, can ltsp do that?	06:15
=== joseph_ is now known as crohakon
poningru	ralphmichael17, my understanding is that it can... though I have never used ltsp	06:15
poningru	so I dont know for sure	06:15
ralphmichael17	anyone here ever used ltsp?	06:16
crohakon	http://www.ltsp.org/	06:16
crohakon	read up on the sight	06:16
crohakon	it seems the basic goal is to allow the clients to run diskless.	06:16
crohakon	I am sure some of the processing and such must take place on the client though.	06:17
ralphmichael17	ok if i put server edition on my server, do i need to install desktop edition on the other computers or any certain program	06:18
poningru	ralphmichael17, again like I said... if all you are looking to do is login using the server then that can be accomplished with ldap+kerberos	06:18
poningru	ralphmichael17, and then mount the /home as an iscsi or NFS	06:18
poningru	so that you can have same profile across all the desktops	06:19
crohakon	https://help.ubuntu.com/9.04/serverguide/C/kerberos-ldap.html	06:19
Ash-Fox	Heh, not going to recommend him LTS?	06:20
poningru	Ash-Fox, lts?	06:20
d1b	ok... so no ideas from anyone...	06:22
Ash-Fox	The Long Term Support versions of ubuntu - five year support. Just thought it was suprising you were showing a manual for 9.04 is all.	06:22
twb	Five-year support for some packages	06:22
Ash-Fox	The packages in main :)	06:22
twb	Nope	06:22
twb	Some packages in main, installed on an 8.04 LTS server, do not get five years of support	06:22
Ash-Fox	I stand corrected.	06:22
crohakon	Ash-Fox; ralphmichael17 is using 9.04 I believe, that is why I posted that link for 9.04	06:23
twb	http://bazaar.launchpad.net/%7Enijaba/ubuntu-maintenance-check/trunk/	06:23
qman__	d1b, we need more information than that	06:23
qman__	logs, error messages, something	06:23
twb	Ash-Fox: that's a little script that tells you what gets what support	06:24
d1b	qman__: 9.04 system running just apache etc. i can't get at the box because it is not up atm and i don't have remote vmware access to the console	06:24
d1b	qman__: it moved to 9.10, it had a static ip config etc.	06:24
d1b	had no firewall / iptables configured.	06:24
qman__	d1b, yes, but any number of things could have failed during the upgrade, so until you can get access to the console, there's really no way to determine what went wrong	06:25
poningru	ralphmichael17, look into ltsp fat clients	06:25
d1b	qman__: "a number" ...	06:25
twb	d1b: a stock install will not have any netfilter rules active by default.	06:25
d1b	it is booting my kernel erh a 2.6.31.5 or according to the grub list before i rebooted it was.	06:26
d1b	i just let it update grub ..	06:26
d1b	so the kernel isn't an issue / shouldn't be...	06:26
* crohakon has heard about enough 9.10 upgrade failure stories to keep him from upgrading for a long while...		06:27
d1b	crohakon: orly	06:27
qman__	upgrading my desktop took some manual fixing	06:27
qman__	though I did upgrade to the RC, not the final release	06:28
d1b	like it has no real to fail.... is kind of my point atm. ill know when persons other than me poke at the vmware console.	06:28
qman__	I'm going to wait a month or two before upgrading my jaunty server	06:28
d1b	great...	06:33
poningru	qman__, heh me too	06:52
uvirtbot	New bug: #472257 in samba (main) "package samba-common 2:3.4.0-3ubuntu5 failed to install/upgrade: - even before the upgrade the unistallation/installation didn't work. (I think I removed the directory /etc/smb/ and thereafeter it is impossible to unistalll or reinstall the packet) " [Undecided,New] https://launchpad.net/bugs/472257	07:16
error404notfound	i have installed postgresql-8.3 but i can't find its dir in /etc, all i see is postgresql-common in there which contain no pg_hba.conf file	07:22
error404notfound	if i do locate, the only one found is the pg_hba.sample one	07:22
error404notfound	anyone?	07:24
error404notfound	i have tried it even with --reinstall	07:25
poningru	error404notfound, you can do a purge	07:26
error404notfound	poningru, did that, no use...	07:26
poningru	aptitude purge packagename	07:26
poningru	did it spit out what was left alone?	07:26
poningru	because if the folder isnt empty... as in if you have a modified file then it will not delete that file	07:27
poningru	and will tell you about it	07:27
poningru	I think the dpkg log or the aptitude log should tell you about that	07:27
error404notfound	no errors or such...	07:29
=== _eB is now known as ebolorama
uvirtbot	New bug: #472318 in libapache2-mod-perl2 (main) "apache segfaults when performing stress test" [Undecided,New] https://launchpad.net/bugs/472318	08:26
drcode	hi all	08:39
drcode	whats up	08:39
drcode	what is ubuntu cluad , is it like vmware esx?	08:40
qman__	drcode, ubuntu cloud is most like amazon ec2	08:41
drcode	I can put ubuntu worksation or server in the cloud?	08:42
drcode	os is like grid?	08:42
kwork	its virtualization with fancy marketing terms	08:44
kwork	atleast i havent figured out the benefit yet	08:44
qman__	it's basically clustered virtualization	08:44
drcode	I see	08:44
kwork	but the resources arent clustered	08:44
drcode	I can load also windows os?	08:44
kwork	rather you can move the vmws to other nodes	08:44
drcode	or its more for appliction developement	08:45
kwork	if kvm can load win so can that cloud	08:45
drcode	I see	08:46
qman__	it's more for running servers	08:46
drcode	is there something like vmware esx in opensource?	08:46
qman__	the primary application is when you need a lot of virtual servers, and want to make the most of your hardware by having less actual servers	08:47
drcode	I see	08:47
kwork	qman__, can you move the virtual servers, painlessly from node to node ?	08:47
qman__	or at least that's how I understand it	08:47
qman__	I was under the impression it handled that automatically	08:47
drcode	linux has project same like vmware esx?	08:48
kwork	drcode, if you want vmware go for vmware esxi	08:48
kwork	its free	08:48
qman__	drcode, if you want just one server hosting VMs, go for KVM	08:48
drcode	ok	08:49
drcode	tahxn	08:49
* soren lunches		11:06
incorrect	to run hardy under kvm do i need to install a special kernel like with 9.xx ?	11:35
alvin	Well, I have a server running karmic and kvm here. Curerntly in production. What is this simple test that needs be done?	12:01
alvin	(...and then I pressed the close button on Quassel.)	12:03
uvirtbot	New bug: #466315 in bind9 (main) "bind9 missed a dependency with apparmor-profiles" [Undecided,Confirmed] https://launchpad.net/bugs/466315	12:03
uvirtbot	New bug: #472472 in bind9 (main) "Start Fails - Permission denied (dup-of: 466315)" [Undecided,New] https://launchpad.net/bugs/472472	12:06
=== dendrobates is now known as dendro-afk
incorrect	I've found a strange bug with kvm 9.10 hosting a 8.04 with kernel 2.6.24-25, hard to explain as there is no error, the vm just vaporises 2.6.24-24 works fine	12:39
incorrect	not sure if it was there in 9.04	12:40
smoser	nijaba, "nodes need to have virtualization extentsions (Intel VT or AMD-V) active to work, which is not the case within any virtualization technology that we know of."	12:45
smoser	thats not exactly true, right? http://www.linux-kvm.com/content/kvm-82-released-nested-virtualization	12:45
incorrect	smoser, iirc you need it for hosting 64bit OS's	12:58
smoser	incorrect, you do need vt extensions for UEC. that is true.	12:58
smoser	i guess i didn't quote enough.	12:59
incorrect	i do not know	12:59
incorrect	best to ask in libvirt i guess	12:59
smoser	no, i'm stating. that is true. for UEC you do need nodes to have vt extensions.	12:59
smoser	nijaba, was responding to someone in an email that said (paraphrase) "nodes must be physical rather than virtual machines because" .. ... [see above quote]"	13:00
smoser	a 'node' is the the thing that hosts the guests.	13:01
zul	morning	13:07
sommer	yo :)	13:08
=== aubre_afk is now known as aubre
aubre	good morning	13:23
aubre	smoser: lots of virtualization solutions, while not requiring VT-x or the AMD counterpart work much faster and more efficiently when they are available, and I think it would be folly for anyone to build a solution on hardware without it because what if you decide to change strategies over time?	13:25
nijaba	smoser: regarting nested virtualizatin with KVM, have you tried it? I would be a very happy fellow if it did work, but I must say that I have not tried :)	13:26
smoser	i have not tried it, nijaba but in theory...	13:26
smoser	it is something i would like to try.l.. i would like to spend some time on setting up a single machine (amd64) as a cloud, with vm for CC and node	13:27
nijaba	smoser: in any case, it would be nice for testing, but not really for deployment	13:27
smoser	agreed. i dont think anyone is thinking about nested virt as a production solutoin	13:27
aubre	I visualize pointing mirrors at each other :P	13:27
nijaba	smoser: if you can document this, I am sure everyone that need to do a demo once in a while would just start sending you flowers (or virtual beers) for no apparent reasons :)	13:28
smoser	yeah. it would rock for testing.	13:28
smoser	i've set this up, and it somewhat works for xen in kvm	13:28
smoser	i had karmic host running rhel 5.3 xen guest running xen karmic paravirt kernels	13:29
aubre	have you guys played with any of the overlaying technologies such as RightScale/Cohesive or even using Landscape?	13:30
aubre	I did a free register with RightScale, but i haven't done much, I know it doesn't support storage management yet	13:30
smoser	i think it would even be worth making an effort to get euc to be able to run qemu rather than kvm. at one point i'd done some of that also. again, not a production solution.	13:31
smoser	aubre, there are people here who have done landscape, i've not used rightscale, but have interacted some with their developers, giving them info on how they could use our karmic images.	13:31
uvirtbot	New bug: #471468 in nagios3 (main) "should recognize that exit code 126 means plugin is not executable" [Wishlist,Triaged] https://launchpad.net/bugs/471468	13:32
aubre	smoser: ok, I'm just looking at getting to the next level, since I have UEC working well right now, to show the "powers that be"	13:33
aubre	smoser: so we can get the go-ahead to build a large hopefully multi-rack Canonical supported system	13:34
aubre	smoser: and go into production	13:35
smoser	well of course that sounds good :)	13:35
smoser	i'm sure the landscape folks would love to help you	13:35
aubre	smoser: I'll have to contact them	13:35
aubre	smoser: it would be nice to have a total solution that included autoscaling and the like	13:36
=== erichammond1 is now known as erichammond
uvirtbot	New bug: #466018 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 5.1.30really5.0.75-0ubuntu10.2 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Low,Incomplete] https://launchpad.net/bugs/466018	13:41
uvirtbot	New bug: #472681 in samba (main) "Samba returns NT_STATUS_NOT_SUPPORTED when trying to view list of shares" [Undecided,New] https://launchpad.net/bugs/472681	13:41
smoser	soren, is it intended that vmbuilder require 2.5 ?	13:48
smoser	python 2.5 or better, that is.	13:49
smoser	bug 472090 is why i ask.	13:49
uvirtbot	Launchpad bug 472090 in ec2-init "package ec2-init 0.4.999-0ubuntu7 failed to install/upgrade: " [Undecided,New] https://launchpad.net/bugs/472090	13:49
lyhana8	hi, I fail to use the ChrootDirectory directive for ssh server, could someone help me ?	13:56
incorrect	hmm, seems like a bug with kvm in 9.10, it can't run a stable 8.04	13:57
cemc	incorrect: what does it do ?	14:02
incorrect	just goes bang, no error, just stops	14:02
incorrect	process gone	14:02
incorrect	not error i can't see	14:02
cemc	you mean when your start it, it just dies ?	14:03
incorrect	only thing i can see different is that its running with slightly different options that the other vm's running 9.10	14:03
incorrect	after some time it dies	14:03
incorrect	started happening after i upgraded from 04 to 10	14:03
incorrect	i created a fresh 8.04 and it also crashed	14:04
cemc	incorrect: I'll install a 8.04 guest later tonight. I've installed 8.10, 9.04 and 9.10 guests and I didn't see any problems	14:04
incorrect	i downgraded to an earlier kernel and it was more stable	14:04
incorrect	i noticed there is no LTS virtual kernel package like the one provided in 9.10 etc	14:05
incorrect	-M pc-0.11 seems to be the only difference	14:06
incorrect	but pc is an alias for pc-0.11	14:07
orudie	is there a server guide for 9.10 ?	14:08
orudie	i'm having trouble finding it	14:08
Pici	orudie: https://help.ubuntu.com/9.10/serverguide/C/ perhaps	14:09
orudie	i installed postfix with tasksel , and configured it the usual way with dpkg-reconfigure postfix	14:19
orudie	sending out mail to external works - there is no errors in mail.log However every mail message gets recognized as spam by the mail receiver	14:19
Pixie79_	is this a good location to ask about ubuntu private clouds?	14:19
orudie	its not even poshing it to the spam folder, it just blocks it	14:19
orudie	i tried sending to gmail. and also another mail server that i set up myself	14:20
orudie	for some reason spam assassin doesnt like it at all, and just blocks it	14:20
kblin	orudie: is your server on a dial-up line or DSL or the like?	14:20
orudie	kblin: yeah - verizon fios	14:20
Pixie79_	using private cloud, is there a way to have snapshots be save to a different device to the volume	14:21
orudie	kblin: you think that could be the problem ?	14:21
smoser	orudie, have you verified receipt of said mail? what did you mean by "works" above.	14:21
orudie	smoser: i'm watching the logs on both servers - one says gets sent successfully, the other says - receiving mail - blocked spam :)	14:22
orudie	smoser: both ubuntu servers :)	14:22
smoser	ah. ok. well then its getting there. :)	14:22
orudie	smoser: yeah but i dont know wtf	14:23
kblin	orudie: yeah. most spammers are using trojans on windows PCs. most of those sit behind a dial-up line. not accepting stuff that comes from a dial-up line is a common approach	14:23
kblin	you need to set up a smarthost config that'll hand of your mail to a server with a static IP address	14:23
orudie	its not a dial up line	14:23
kblin	well, DSL is the new dialup, cable is pretty much the same	14:23
orudie	yeah i dont remember having this problem with a static ip	14:24
orudie	it worked right after install	14:24
kblin	what you actually filter on is "dynamic IP address ranges"	14:24
kblin	I can't send emails from my server at home either	14:24
orudie	kblin: the way the router is set up is 10 and above is dynamic	14:25
orudie	1-9 is static	14:25
smoser	orudie, make sure that your 'From' address is resolvable.	14:25
orudie	the server has ip address 5	14:25
kblin	no, that's not what I'm talking about	14:25
smoser	and that it resolves to what that address.	14:25
smoser	err.. maybe not the second part. i'll go away, kblin likely knows more. i've not done this in quite some time.	14:26
orudie	kblin: i dont get it :)	14:26
kblin	orudie: people tend to not accept mails that come in from IP addresses that e.g. Verizon hands out to their customers	14:27
orudie	kblin: is there a work around ?	14:28
kblin	depends	14:29
kblin	I once set up my local mail server to hand off all my local mails to gmail	14:29
kblin	if you only ever send from a gmail address, that works	14:29
nijaba	woot... Netcraft references 1.4 Million web servers running Ubuntu...	14:30
kblin	or rather, if you only ever send from a single gmail address	14:30
kblin	speaking of web servers, I've got a lighty here that crashes (without anything logged) when one user is trying to connect to it	14:31
kblin	other people can use it just fine	14:31
geekboxjockey	I'm having issues with LDAP, pam_ccreds and apache2 http-auth, if I log in to a system via ssh using my LDAP credentials, I can see that my info is cached via 'sudo cc_dump' however for users authenticating with http-auth on our site, their LDAP info is not being cached. Any ideas?	14:32
geekboxjockey	I have apache2 set up to use /etc/pam.d/common-auth (which is where I have the caching configured)	14:32
orudie	kblin: so there is actually no work around ?	14:34
orudie	kblin: :)	14:34
kblin	well, you could set up a server on a static IP address and configure your local servers to hand off email to that server with the static IP	14:35
kblin	and of course configure the server on the static IP to only accept emails from your servers at home	14:35
kblin	or whereever your trying to send mail from	14:36
orudie	kblin: ok i get it, i'll try	14:37
orudie	kblin: this will be a little project for me though :)	14:37
kblin	I've not done this myself yet, hasn't been important enough so far	14:37
kblin	it's easier to tell my email program to deliver right to my provider's servers, depending on the identify it's using	14:38
orudie	kblin: yeah same here, i administer a VPS at work, its hosted in a data center never had a problem like this with it	14:38
kblin	you could check if your current external IP is blacklisted	14:38
kblin	but usually that's sort of a losing battle	14:38
orudie	blacklisted where ?	14:39
kblin	dunno, depends on what blacklists your filters are using	14:39
kblin	my servers use the RBL, iirc	14:40
kblin	spamassassin has that set	14:40
heath\|work	hello. I using Open LDAP and am able to add users to a group, but when I try and remove a user from a group using usermod I get {user} not found in /etc/passwd	14:40
orudie	kblin: i understand i can whitelist it on my own server, what about the rest of the world :)	14:40
heath\|work	which is true, so I was wondering how to remove a user from a group with ldap	14:40
geekboxjockey	I'm having issues with LDAP, pam_ccreds and apache2 http-auth, if I log in to a system via ssh using my LDAP credentials, I can see that my info is cached via 'sudo cc_dump' however for users authenticating with http-auth on our site, their LDAP info is not being cached. Any ideas?	14:42
geekboxjockey	I have apache2 set up to use /etc/pam.d/common-auth (which is where I have the caching configured)	14:42
orudie	kblin: what about setting up certificates ?	14:44
kblin	orudie: that's what I'd do for authenticating the mailservers to the smarthost	14:47
orudie	kblin: i'm looking here https://help.ubuntu.com/9.10/serverguide/C/certificates-and-security.html#creating-a-self-signed-certificate	14:52
orudie	kblin: this command returns error server.csr: No such file or directory	14:52
kblin	won't help you for sending email	14:52
orudie	k	14:53
geekboxjockey	I'm having issues with LDAP, pam_ccreds and apache2 http-auth, if I log in to a system via ssh using my LDAP credentials, I can see that my info is cached via 'sudo cc_dump' however for users authenticating with http-auth on our site, their LDAP info is not being cached. Any ideas?	15:07
fox__	hi all, i installed a minimal virtual 9.10 server, now i'm trying to install the vmware tools, but this fails already at mounting the cdrom woth the following error: mount: unknown filesystem type 'iso9660'	15:22
fox__	can't figure out what i have to install to get iso9660 support, any idea?	15:22
drupalscott	I'm new to linux servers but how did you burn the iso?	15:24
drupalscott	are you on mac or pc?	15:24
drupalscott	I ask because I had some trouble getting a 'good' ISO to use to set up my server on a G4 that I have	15:25
drupalscott	I ask because I've had this problem	15:25
elijahwright	fox__, does your kernel have support for iso9660 built into it, or is it a module?	15:25
elijahwright	if module, is it loaded?	15:26
fox__	i think the minimal kernel loads the cdrom support as module	15:26
fox__	but which module to look for?	15:26
elijahwright	it used to be iso9660.ko ;)	15:27
fox__	there is no iso9660.ko on this minimal system, so my next question how to i find out what i have to install to get iso9660.ko	15:29
Reepicheep	fox__: try running "sudo lsmod" and see if iso9660 is in the list	15:31
fox__	no it's not	15:32
Reepicheep	if it isn't you may need to run "sudo modprob iso9660" to load the module	15:32
fox__	FATAL: Module iso9660 not found.	15:32
Reepicheep	sorry run modprobe not modprob ^^	15:33
fox__	i installed so far: fuseiso9660 and xfsprogs but none of those contains the module or a dependency to it	15:35
Reepicheep	fox__: what kernel are you running?	15:36
Reepicheep	uname -r	15:37
Reepicheep	it looks like it recently changed to isofs instead of iso9660	15:38
Reepicheep	i'm not sure when though	15:38
Reepicheep	fox__: try running ..	15:39
Reepicheep	sudo find /lib/modules/`uname -r`/ -name isofs.ko	15:40
Reepicheep	see if it returns a path to the module	15:40
Reepicheep	if it does try "sudo modeprobe isofs"	15:40
fox__	nope there is also no isofs.ko	15:42
smoser	nijaba, ping	15:42
nijaba	smoser: pong	15:42
Reepicheep	is there a iso9660.ko?	15:42
Reepicheep	fox__: ^	15:42
smoser	is it ok if i add a 'tips' entry to UEC documentation from https://help.ubuntu.com/community/UEC ?	15:42
zul	smoser: fire away	15:43
fox__	no there is no iso9660.ko	15:43
nijaba	smoser: sure. Feel free. It's a wiki, so it is meant to be changed by anyone	15:43
nijaba	smoser: I am subscribed to it anyway, so if I don't like it, I'll kill it :P	15:44
zul	oh my god...you killed the wiki!	15:44
zul	you bastard!	15:44
Reepicheep	fox__: what kernel are you running? "uname -r"	15:45
smoser	nijaba, well, maybe i'll get 15 seconds of fame before you delete me comments :)	15:45
nijaba	hehe	15:45
fox__	2.6.31-14-generic-pae	15:45
zul	fox__: the following should work sudo mount /dev/cdrom	15:45
fox__	no it doesn't: sudo mount /dev/cdrom	15:46
fox__	mount: unknown filesystem type 'iso9660'	15:46
fox__	it's a ubuntu 9.10 server 32 -> F4 -> minimal virtual machine installation, it is really minimal which is great (appart from the cdrom support)	15:47
Reepicheep	that's interesting.. my minimal intalls of 9.10 include the isofs.ko module	15:49
Reepicheep	my kernel is 2.6.31-14-server though and it is 64 bit	15:49
fox__	did you choose the minimal or the minimal virtual option?	15:49
Reepicheep	did you select the minimal install or the virtual machine minimal install?	15:50
Reepicheep	oh.. I see it is the virtual machine sorry	15:50
fox__	i did "virtual machine minimal"	15:50
nijaba	fyi: More Ubuntu Server Edition statistics: http://bit.ly/4CKV0m	15:50
Reepicheep	hmm.. I have never used that.. even on virtual machines	15:50
fox__	ok i'll reinstall with just "minimal"	15:51
Reepicheep	someone else my be able to explain what the minimal virutal machine is all about	15:51
bogeyd6	ubuntu has a jeos that is more geared towards vm	15:52
nijaba	Reepicheep: http://www.ubuntu.com/products/whatisubuntu/serveredition/jeos	15:53
Reepicheep	nijaba: bogeyd6 thanks	15:53
Reepicheep	I've built jeos images with vmbuilder.. I kinda was thinking that is what the virtual marchine install option was for	15:54
Reepicheep	but I wasn't sure	15:54
fox__	but i can't find a description what's the difference between the two minimal options, will search a little bit more....	15:56
Reepicheep	so yeah.. fox__ accounding to that page the JEOS edition has a "tuned kernel that only contains the base elements needed to run within a virtualized environment"	15:56
Reepicheep	fox__: see the link that nijaba posted	15:56
fox__	and where does it explain the difference, sorry cant see it	15:57
bogeyd6	fox the ubuntu server minimal option is the default option and installs with no GUI, the virtualized option has the ability the install even more minimally and doing away with certain packages that are unneccesary in an VM.	15:59
bogeyd6	for a specific website to detail everything please visit http://www.ubuntu.com/products/whatisubuntu/serveredition/jeos	15:59
bogeyd6	!jeos	15:59
ubottu	JeOS (pronounced "Juice") is Just enough Operating System. It is an efficient variant of the Ubuntu Server operating system, configured specifically for virtual appliances. See http://www.ubuntu.com/products/whatisubuntu/serveredition/jeos for more information.	15:59
fox__	so what you try to tell me is that "minimal" is minimal and "virtual machine minimal" is jeos	16:04
=== dendro-afk is now known as dendrobates
VirtualDisaster	fox__, yeah you got it	16:10
VirtualDisaster	the jeos is to create appliances	16:10
fox__	ok so back to my inital problem the, how to get cdrom support in the 9.10 jeos install?	16:12
jcastro	kirkland, are you registered to attend UDS in launchpad? on the sprint page?	16:12
VirtualDisaster	fox__, mount	16:14
VirtualDisaster	fox__, btw are you sure youre needing to use the jeos version right	16:14
fox__	sorry mount fails with: mount: unknown filesystem type 'iso9660'	16:15
* VirtualDisaster has has never had to mount a cdrom, i always mount a iso and it just works		16:15
=== drupalscott is now known as newbuntu
newbuntu	I have my new server setup on my old G4, and I am able to sftp in, but I'm have permission issues. Can anyone tell me the right way to set up a secure sftp for a user	16:17
VirtualDisaster	newbuntu, http://www.google.com/search?client=opera&rls=en&q=sftp+multiple+users&sourceid=opera&ie=utf-8&oe=utf-8	16:18
newbuntu	thanks, I'll check it out	16:19
bogeyd6	fox__ sudo mount /dev/cdrom /media/cdrom	16:19
kblin	sftp as in the ssh protocol addition or ftp/ssl?	16:20
newbuntu	yes	16:20
Pici	Isn't ftp + ssl ftps?	16:20
newbuntu	ssh	16:20
bogeyd6	!ssh @ newbuntu	16:20
ubottu	Sorry, I don't know anything about ssh @ newbuntu	16:20
bogeyd6	lol	16:21
bogeyd6	!scp @ newbuntu	16:21
ubottu	Sorry, I don't know anything about scp @ newbuntu	16:21
bogeyd6	wtf	16:21
Pici	bogeyd6: you want \| not @	16:21
bogeyd6	ah	16:21
bogeyd6	!ssh \| newbuntu	16:21
ubottu	newbuntu: SSH is the Secure SHell protocol, see: https://help.ubuntu.com/community/SSHHowto for client usage. PuTTY is an SSH client for Windows; see: http://www.chiark.greenend.org.uk/~sgtatham/putty/ for it's homepage. See also !scp (Secure CoPy) and !sshd (Secure SHell Daemon)	16:21
newbuntu	thanks, I thought I would have access as the user I setup on initial install.	16:23
kblin	you should	16:23
newbuntu	I tried adding a folder via sftp client and it wouldn't let me	16:28
newbuntu	I can only add as 'root' on server machine	16:28
newbuntu	I'm using ubottu's first link to set it up now	16:29
jmarsden	newbuntu: The issue is probably who owns the directory inside which you were trying to create your new one.	16:30
newbuntu	I was within /var/www trying to create /html. I'm setting up a drupal install	16:31
newbuntu	I can do it on the server directly but need ssh access	16:31
jmarsden	newbuntu: /var/www is now likely to have been owned by your ordinary user, hence the need for root to create stuff in there	16:31
jmarsden	is not likely	16:32
newbuntu	it's owned by 'root'	16:33
newbuntu	that's why, huh?	16:33
jmarsden	Indeed.	16:33
newbuntu	okay, I'll just specify which accounts can use SSH	16:33
newbuntu	including my own	16:34
newbuntu	would you agree it's important to choose a random port for ssh to listen on?	16:35
pmatulis	newbuntu: a non-standard port you mean (not 22), not a random port. yes, that can help confuse automated tools	16:39
newbuntu	yes, that's what i mean	16:39
newbuntu	I plan on setting up a key-pair	16:39
pmatulis	use some high port, by default many scanners do not check very high ports	16:40
pmatulis	yes, key-pair, that goes without saying	16:40
=== StrangeCharm_ is now known as StrangeCharm
* kblin shrugs		16:42
kblin	I use denyhosts with the blacklist	16:43
kblin	I don't get many attacks these days	16:43
newbuntu	I've found information on disabling key authentication, not creating one. kblin- what's blacklist?	16:43
newbuntu	denyhosts-blacklist?	16:44
=== dendrobates is now known as dendro-afk
kblin	newbuntu: http://denyhosts.sourceforge.net/ check the "synchronization" feature	16:46
newbuntu	thanks	16:46
smoser	nijaba, kirkland i added ref about MAC filtering at https://help.ubuntu.com/community/UEC/Tips	16:47
nijaba	smoser: neat. I modified /UEC a bit, hope you still like it that way	16:49
smoser	oh, i hate it! let the wiki war begin	16:50
smoser	i mean, it looks fine	16:50
nijaba	smoser: ROFL	16:50
nijaba	I think we should start a little FAQ too. Maybe I'll work on this tomorrow.	16:51
uvirtbot	New bug: #472969 in qemu-kvm (main) "installs a broken man-page symlink" [Undecided,New] https://launchpad.net/bugs/472969	16:52
newbuntu	does anyone know the right syntax for terminal to access myserver: ie. ssh -i xx.xx.xxx.x@user.....	17:02
\sh	ssh <user>@<ip\|host>	17:03
nijaba	smoser: cheers for uec-tools	17:04
newbuntu	cursor dropped to next line but does not ask for password	17:04
ninjah	nijaba: What are uec-tools?	17:04
nijaba	ninjah: https://code.launchpad.net/~ubuntu-on-ec2/ubuntu-on-ec2/uec-tools	17:05
smoser	https://code.launchpad.net/~ubuntu-on-ec2/ubuntu-on-ec2/uec-tools	17:05
smoser	oops. slow	17:05
smoser	and the index updating in bzr is slow too. like hours slow	17:05
error404notfound	i have redmine configured with mod_passenger. Since i configured that sometimes like in once a month or so, apache seems to fork a lot, causing memory to get full, any idea where cna i locate the cause if this issue?	17:06
error404notfound	can i restrict the amount of ram apache can use?	17:06
greenfly	hmm, has the partitioning syntax changed for kickseed in karmic?	17:06
nijaba	smoser: yep, I cheered, then felt dispointed by the commit not being there yet :P	17:06
ninjah	ninjaba: Ah.... I have an EC2 server but I can't remember what tools I used.	17:06
greenfly	a config that worked fine for Jaunty doesn't seem to take affect, I get the dialog prompting me	17:07
newbuntu	i changed my ssh port so I get port:22 Connection refused	17:07
newbuntu	a tried to append to the end of ip--xxx.xx.xx.x:port	17:07
nijaba	newbuntu: ssh user@host:port then	17:07
smoser	ninjah, not a lot of tools there. right now just two. one to resize an image, one to take a tarball and put it into uec	17:08
ninjah	smoser: I don't think I used these tools	17:08
nijaba	ninjah: they are quite new...	17:08
newbuntu	ssh user@host:port gets : nodename nor servname provided, or not known	17:10
smoser	nijaba, there are much more extensive tools at https://code.launchpad.net/~ubuntu-on-ec2/ubuntu-on-ec2/ec2-publishing-scripts	17:11
Reepicheep	newbuntu: try "ssh -p port user@host"	17:12
smoser	they are what are used for ec2 publishing of nightly builds. they're 'ec2-*' dependent right now (rather than euca2ools), but at some point i want to make 'xc2' (the abstraction layer) support euca and ec2	17:13
Ash-Fox	Is there anything in ubuntu that will execute a bunch of applications in a directory on power events? Such as, switching to battery mode, executes scripts/programs, in directory X. On AC power, executes scripts in directory Z etc? If so, what are those paths/	17:13
newbuntu	that worked!	17:13
crohakon	newbuntu; of course it did	17:13
newbuntu	why would it show me my RSA key???	17:13
newbuntu	it spelled it out for me, isn't that bad for security	17:14
crohakon	hehe	17:14
newbuntu	hehe?	17:14
crohakon	newbuntu; Its because we linux users believe in a free and open internet...	17:14
nijaba	smoser: do we reference those anywhere?	17:15
smoser	Ash-Fox, hthere are. http://live.gnome.org/GnomePowerManager/FAQ#head-a49ff0426bd01079d4f1ae269701b27a5f43ea33 thats for gnome-power-manager... not sure about for server (but 'battery mode' doesn't seem very "server" ish)	17:15
crohakon	newbuntu; Why would you ever want to keep someone out? =)	17:15
crohakon	smoser; UPS maybe... not why run a server on a laptop o.0	17:15
Reepicheep	newbuntu: it's just showing you the public key that that machine your connecting to uses?	17:15
smoser	nijaba, no. they're not sufficient for euca at the moment. but they're used a.) by me for ec2 b.) by the build scripts and some of them are quite generic.	17:15
dhalsimm	hi, I'm getting locale errors, I tried /etc/environment, locale-gen command, actually I'm getting same issues with this post: http://ubuntuforums.org/showthread.php?t=1236418&highlight=locale,+locales .... I set tr_TR.UTF8 but I don't care it is turkish or english. I just don't want to see warnings or errors. any help?	17:15
newbuntu	b1ack78	17:16
smoser	crohakon, no reason not to run a server on a laptop.. i was just figuring you were actually asking aobut a desktop.	17:16
newbuntu	are you in here?	17:16
nijaba	smoser: ah, ok, too bad	17:16
Ash-Fox	smoser, thanks for the link, but yeah, not very helpful with regards to a system that doesn't use a GUI. I'm essentially running a server off a laptop in what can be considered an unstable environment (the laptop in question was built to work in extreme conditions).	17:16
smoser	i think if you're not running gnome-power-manager (then you want acpid	17:17
crohakon	smoser; I was not asking anything... just commenting on the laptop/server comment you made	17:17
smoser	Ash-Fox, /etc/acpi	17:17
crohakon	Ash-Fox; oh, I guess that makes sense...	17:17
Ash-Fox	/etc/acpi appears to only have the power button	17:17
=== jfluhmann_ is now known as jfluhmann
Ash-Fox	One of the first places I looked :)	17:17
* Ash-Fox checks through ubuntu's packages, perhaps there is some laptop tools or something needed.		17:18
smoser	Ash-Fox, i think that should work.	17:18
smoser	at least on my laptop here, acpid is running, it is what passes events to gnome-power-manager (if it is running)	17:19
smoser	Ash-Fox, maybe you want acpi-support	17:19
smoser	pkg	17:20
Ash-Fox	Nevermind, I missunderstood the /etc/acpi/events layout :)	17:20
cxo	I have a retarded problem. When I had ubuntu-desktop installed I could get the wifi working. But using iwconfig, the damn thing just doesnt associate	17:23
newbuntu	I'm on a mac trying to transfer my RSA key to it, ssh-copy-id <username>@<host>....what is the host?	17:23
cxo	I'm giving it every damn param to iwconfig, but when i type iwconfig again, it looses it all	17:23
newbuntu	I've tried my computer name and my ip	17:25
newbuntu	I'm trying to do this:	17:26
newbuntu	f you can log in to a computer over SSH using a password, you can transfer your RSA key by doing the following from your own computer:	17:26
newbuntu	ssh-copy-id <username>@<host>	17:26
newbuntu	Where <username> and <host> should be replaced by your username and the name of the computer you're transferring your key to.	17:26
newbuntu	can anyone tell me where I can find the correct value for<host>	17:27
Pici	newbuntu: host is the computer that you want to copy your ssh key to.	17:28
cxo	FUK!!!!!!!!! It was Network-Manager, once i killed that, it all worked	17:28
Pici	cxo: Please mind your language here.	17:28
* cxo spent 5 hours on that		17:28
cxo	Why the hell does network-manager keep messing with my wireless	17:28
cxo	Pici, sorry	17:28
newbuntu	Pici: is it referring to <computername> or <ip>?	17:28
Pici	newbuntu: doesn't matter	17:29
newbuntu	I've tried both of those?	17:29
newbuntu	Is it because I changed my ssh port?	17:29
newbuntu	was 22, now XXXXX	17:29
Reepicheep	newbuntu: are you trying to run ssh-copy-id from the Mac or to the Mac?	17:30
newbuntu	I only changed it on the server	17:30
Pici	newbuntu: That would cause an issue. I don't see an arugment for ssh-copy-id to specify the port number.	17:30
newbuntu	I'm trying to run ssh-copy on my MacPro through terminal, connected to my G4 server	17:30
Pici	newbuntu: They're both running Ubuntu/	17:31
Pici	?	17:31
newbuntu	I'm logged into the server with password	17:31
newbuntu	no	17:31
Reepicheep	k.. the reason I ask is because OS X does not have the ssh-copy-id command	17:31
newbuntu	macPro is OSX	17:31
newbuntu	oh	17:31
Reepicheep	but you can always just copy it the old fashion way	17:31
newbuntu	any ideas on copying RSA to my macPro off the server	17:31
newbuntu	okay	17:32
Reepicheep	from the machine that you want to copy the key from run:	17:32
newbuntu	I want the ssh_host_rsa_key.pub, right?	17:33
Reepicheep	scp -p port ~/.ssh/id_rsa.pub user@host:/tmp/	17:33
newbuntu	thanks	17:33
Reepicheep	then from the target machine run:	17:33
Reepicheep	cat /tmp/id_rsa.pub >> ~/.ssh/authorized_keys	17:34
Reepicheep	as the user you want to login as ^	17:34
newbuntu	how do I look at the .ssh hidden dir	17:35
newbuntu	on server	17:35
newbuntu	cd ~	17:35
newbuntu	ls	17:35
newbuntu	nothing there	17:35
Reepicheep	ls -a	17:35
bptk421	I just upgraded my Jaunty server and for some reason it installed the generic kernel. Does this sound right? I'm still fairly new to Ubuntu server. thx.	17:35
newbuntu	ahhh thank you	17:35
newbuntu	which file do I want? id_rsa or id_rsa.pub	17:37
newbuntu	private or public? i gues	17:37
newbuntu	never mind, I see your post above	17:38
newbuntu	Reepicheep: connection refused on port 22	17:40
newbuntu	maybe need to change the ssh port back to 22 on server?	17:40
newbuntu	then back again?	17:41
Reepicheep	newbuntu: you set the port with -p on scp correct?	17:42
newbuntu	no	17:42
newbuntu	thanks	17:42
Reepicheep	newbuntu: because you are not running the ssh server on the standard port you always need to tell your client to use the none standard port. whether the client is ssh or scp or some other client that uses ssh	17:43
Ash-Fox	Wow, getting things to work via the /etc/acpi/events way is quite.. messed up	17:43
Reepicheep	oh.. and newbuntu: "man" is your friend. learn to use the man pages	17:44
newbuntu	it's telling me the connection to the target machine is refused on port:22	17:46
newbuntu	might be my router, checking that	17:47
uvirtbot	New bug: #473062 in eucalyptus (main) "new node has eucalyptus-nc down (apache config ?)" [Undecided,New] https://launchpad.net/bugs/473062	17:54
mathiaz	kirkland: hi!	17:55
kirkland	mathiaz: yo	17:55
mathiaz	kirkland: I've got a source package ready for the eucalyptus SRU	17:55
kirkland	mathiaz: sweet	17:55
mathiaz	kirkland: seems like the PPAs are backlogged	17:55
kirkland	mathiaz: i'm leading an OpenWeek session in 4 minutes on Byobu	17:55
kirkland	mathiaz: i'll review/test it after	17:56
mathiaz	kirkland: ok - will you have some tiem for testing later?	17:56
mathiaz	kirkland: great - thanks	17:56
kirkland	mathiaz: sure	17:56
jcastro	kirkland, just a few minutes until your session	17:56
mathiaz	kirkland: I won't push to a PPA because of the long queue	17:56
kirkland	#ubuntu-server: come join us in #ubuntu-classroom for a session on Byobu including a live demo in EC2!!!	17:56
jcastro	heh	17:56
kirkland	mathiaz: just do it, and ask an admin to bump the build prio	17:57
kirkland	jcastro: i'm on it, cap'n	17:57
newbuntu	disconnected	17:57
newbuntu	Reepicheep: I've opened up ssh on my router, but I still get- :No route to host?	17:58
jcastro	kirkland, I have to hop on a call, just take over when jono is done	17:58
jcastro	you're all voiced up	17:58
kirkland	jcastro: word	17:58
jcastro	thanks!	17:58
Reepicheep	newbuntu: keey in mind you router thinks ssh is running on port 22 and your aren't running it on port 22 anymore..	17:59
Reepicheep	you may need to open the other none standard port.. I am away now..	17:59
newbuntu	I changed everything back to 22, to take it out of the mix	17:59
newbuntu	thanks for all you help	18:02
tharis20	hey, i've installed ubuntu-server on a P2. The problem is that the font size is huge	18:04
tharis20	does anyone know how to fix this?	18:04
bogeyd6	tharis20 you need to edit /etc/default/console-setup	18:06
bogeyd6	if memory serves correct	18:06
qman__	tharis20, it's more likely the console resolution that's too low, you change that in /boot/grub/menu.lst	18:07
bogeyd6	tharis20 you can also do a dpkg-reconfigure console-setup	18:07
qman__	it defaults to an 80x25 terminal	18:07
zul	smoser: are you doing a hardy refresh?	18:09
qman__	add vga=791 to the kopts line, and run sudo update-grub	18:09
smoser	:)	18:09
smoser	zul, i was looking at that right now.	18:09
qman__	when you reboot it should be 1024x768	18:09
zul	smoser: coolness let me know if you need my advice	18:10
bnjmn	i need to build a kernel module for karmic on ec2 that wasn't built. what's the best way to go about that?	18:12
ninjah	I just reinstall mysql-server and mysql-common. Is it normal to see "cannot access /sys/module/apparmor: No such file or directory"?	18:18
jetole	hey guys, I know this isn't too ubuntu specific (although I don't know whom else to ask). Is there a way to setup a pair of file servers to act as a raid 1 to each other? Not DRBD but something more hardware related like through host bus adapters?	18:21
VirtualDisaster	jetole, DRBD is network raid1	18:22
VirtualDisaster	or whats that other one...	18:23
bogeyd6	!google	18:28
ubottu	While Google is useful for helpers, many newer users don't have the google-fu yet. Please don't tell people to "google it" when they ask a question.	18:28
jetole	VirtualDisaster: I know DRBD is	18:30
jetole	VirtualDisaster: I use it	18:30
jetole	Looking for some hardware related way	18:30
jetole	In all honesty, I have done some research on Host Bus Adapters (HBA) but I am honestly still not sure what they are for.	18:31
VirtualDisaster	jetole, they are network cards designed for storage thats all	18:34
jetole	VirtualDisaster: and what do they do that a normal network card doesn't?	18:34
VirtualDisaster	wikipedia it for a complete understanding	18:35
jetole	I have. Have you?	18:35
jetole	That article doesn't tell me much	18:35
VirtualDisaster	mainly are used for SAN environments that need a lot of network storage like for virtualization	18:35
jetole	which is exactly where I am but I don't know what it does.	18:36
jetole	how does it differ from a network card if that is what it is closest to?	18:36
VirtualDisaster	simplest way to understand it is that it is just a network card for primarily storage related tasks	18:36
jetole	ok	18:36
* jetole still doesn't get it but doesn't matter since thats not really what I need to know		18:37
jetole	still trying to find a native way to keep disks in perfect sync on two different file servers	18:37
jetole	I know DRBD does but I would hardly call that a native way	18:37
=== newbuntu__ is now known as newbuntu
crohakon	newbuntu; Every find what you were looking for lastnight?	18:44
crohakon	ever*	18:44
newbuntu	hey crohakon	18:45
newbuntu	I almost have it working, ran into a problem I've been trying to fix for over an hour though	18:45
newbuntu	I am setting up a id_rsa but can't get it copied over to my target machine	18:46
newbuntu	are you there?	18:47
crohakon	I don't know much about that, but I am sure someone in this massive room does.	18:47
newbuntu	If you can log in to a computer over SSH using a password, you can transfer your RSA key by doing the following from your own computer:	18:47
newbuntu	ssh-copy-id <username>@<host>	18:47
newbuntu	Where <username> and <host> should be replaced by your username and the name of the computer you're transferring your key to.	18:47
newbuntu	I get this error: port 22 Connection refused	18:48
jetole	newbuntu: ssh-copy-id -i id_rsa.pub computer.domain.com	18:48
jetole	oh well thats easy	18:48
jetole	the port is closed	18:48
crohakon	yup	18:48
crohakon	lol	18:48
newbuntu	I opened it up on my router?	18:48
newbuntu	Airport Extreme	18:48
jetole	connection refused means it's not firewalled but instead getting a RST/ACK packet	18:48
newbuntu	port mapping	18:48
jetole	newbuntu: I believe you	18:48
ajaya	can anyone say why I shouldn't be using Karmic on EC2 as my production server?	18:48
newbuntu	oh	18:48
jetole	ajaya: it's not LTS	18:49
newbuntu	RST/ACK? not sure what that means	18:49
jetole	it means the computer, not the firewall or router but the computer is saying the port is closed	18:49
jetole	@ newbuntu	18:49
newbuntu	how do I open it?	18:49
jetole	start ssh daemon	18:50
newbuntu	if you don't mind	18:50
jetole	sudo /etc/init.d/ssh start	18:50
ajaya	jetole wonder it makes huge deal for a basic LAMP OR Rails server.	18:50
jetole	ajaya: don't think it should	18:50
newbuntu	in my terminal, right? I already tried to start it that way, no success	18:50
smoser	zul, ping.	18:50
zul	smoser: pong	18:50
smoser	looking at ec2-init in ec2-init-0.3.4ubuntu7~hardy1	18:51
jetole	newbuntu: netstat -tpeln \| grep 22	18:51
jetole	newbuntu: run that on the server	18:51
jetole	also on the server try connecting to your ssh locally	18:51
jetole	i.e. ssh 127.0.0.1	18:51
smoser	the init script runs (i think) after ssh	18:52
smoser	$ ls -altr /etc/rc2.d/ \| egrep "ssh\|ec2-init"	18:52
smoser	lrwxrwxrwx 1 root root 13 2009-04-25 06:25 S16ssh -> ../init.d/ssh	18:52
smoser	lrwxrwxrwx 1 root root 18 2009-04-25 06:25 S90ec2-init -> ../init.d/ec2-init	18:52
jetole	smoser: why -t	18:52
smoser	but ec2-init regenerates ssh keys. and doesn't restart ssh.	18:52
jetole	thats date based	18:52
jetole	and yes it runs after ssh	18:52
smoser	jetole, no reason... my fingers just type that any time they see a '-l'	18:52
newbuntu	ssh 127.0.0.1 returns: port 22: Connection refused.	18:53
zul	smoser: yep feel free to backport the karmic version to hardy	18:53
jetole	anything in rc2 (or any other rc) suns based on number	18:53
newbuntu	I changed my port	18:53
jetole	i.e. S16 runs before S99	18:53
newbuntu	on the server anyway	18:53
jetole	newbuntu: then you need to tell your client to connect to a different port	18:53
jetole	either ssh -p port	18:53
jetole	or change ~/.ssh/config	18:53
jetole	I run all my ssh on different ports so I store it in config	18:54
smoser	zul, ok, so thats a known bug then.	18:54
zul	smoser: i think so	18:54
newbuntu	I'm a bit slow, so give me a minute to check your posts	18:55
jetole	newbuntu: if you changed the server port to say 54321 then type "ssh -p 54321 my.server"	18:56
crohakon	My server runs ssh on say... port 99... so when I log in I use: ssh -p 99 192.168.1.xxx	18:57
newbuntu	on my server I've typed: scp -p 54321 ~/.ssh/id_rsa.pub <client_user>@<client_ip>:/tmp	18:58
newbuntu	I get port 22: connection refused	18:58
newbuntu	is that refusal on the client or server?	18:58
jetole	ubuntulog: I don't think -p works in scp	18:59
jetole	first off, thats not how you add a key	18:59
jetole	you add a key using ssh-copy-id	18:59
jetole	ssh-copy-id -i my.key my.server	18:59
crohakon	which was mentioned once before...	18:59
jetole	secondly, since you are doing that	18:59
crohakon	<jetole> newbuntu: ssh-copy-id -i id_rsa.pub computer.domain.com	18:59
jetole	create a file called config in the ~/.ssh directory	19:00
jetole	chmod 600 config	19:00
jetole	then add the lines:	19:00
jetole	Host *	19:00
jetole	Port 54321	19:00
jetole	also if you only want this for one host you can use:	19:00
jetole	Host my.server	19:00
jetole	instead of Host *	19:00
jetole	close the file and then ssh to the server	19:00
jetole	if ssh works but asks you for a key then you know it knows the port	19:01
jetole	I mean if it works but asks for a passwords	19:01
jetole	once that works then run ssh-copy-id to place the key	19:01
newbuntu	thank you, trying now	19:01
jetole	let me know when it works	19:01
newbuntu	I will!:)	19:02
* crohakon pats Jetole on the back		19:02
crohakon	Nice work.	19:02
jetole	thanks	19:03
jetole	lol	19:03
jetole	no offense to newbuntu but this is childs play	19:04
soren	smoser: When you say vmbuilder, do you actually mean ec2-init or is there a connection to vmbuilder in that bug that I'm just not seeing?	19:04
newbuntu	I've only been at this for a few days, new to this	19:04
crohakon	jetole; Yes, in terms of knowledge, but not everyone has grown out of their linux pampers. Me for example, I just started walking. =)	19:04
VirtualDisaster	newbuntu, its a learning experience	19:04
jhan	i'm using ubuntu 9.4version,how do i configure apt-get server in my machine	19:04
jetole	newbuntu: like I said, no offense to you	19:05
jhan	please give me steps	19:05
VirtualDisaster	newbuntu, ive been using linux for 5 years and still have to get help	19:05
crohakon	9.04?	19:05
jetole	I remember my first beer	19:05
jetole	;)	19:05
VirtualDisaster	jhan, read the documentation on the ubuntu web site	19:05
newbuntu	gotta start somewhere, not claiming to have the knowledge you all have	19:05
crohakon	lol @ jetole	19:05
smoser	soren, you're referring to something i said like 8 hours ago, right? i thikn youi're right, that that shoudl have said ec2-inti	19:05
jhan	k	19:05
crohakon	newbuntu; your fine, no worries.	19:05
jetole	newbuntu: I know. I am not saying anything bad about it/you	19:05
newbuntu	that's why I'm here, thanks for your help though	19:05
jetole	instead I am helping	19:05
newbuntu	I appreciate it!	19:06
soren	smoser: Uh, yeah, it's been a while. I've been internet deprived.	19:06
jetole	sure	19:06
newbuntu	stupid question? The following is done on the server/client: create a file called config in the ~/.ssh directory	19:07
newbuntu	chmod 600 config	19:07
newbuntu	then add the lines:	19:07
jetole	right, from the terminal, type chmod 600 config	19:07
jetole	config is the actual config file	19:07
jetole	so you will need to be in the .ssh directory of your home	19:07
jetole	chmod 600 means make this file read/write by me and only me	19:07
zul	soren: going through withdrawls?	19:07
crohakon	sudo nano ~/.ssh/config	19:07
jetole	otherwise ssh will not accept it	19:07
* jetole rolls eyes @ nano		19:08
newbuntu	okay, thanks	19:08
crohakon	he, I like nano	19:08
jetole	vi is the editor of the gods	19:08
crohakon	yeah, but you also need a book to learn it.	19:08
crohakon	nano is easy, so for him it is good.	19:08
soren	zul: It's getting upgraded and there was some sort of problem, so now I'm leeching off of a neighbours open wifi :)	19:08
jetole	I know I know	19:08
jetole	I work with a programmer who can't stand vi	19:08
zul	soren: good on you ;)	19:08
* VirtualDisaster loves vi		19:08
VirtualDisaster	simple	19:08
jetole	and a dozen other programmers that don't know what it is	19:08
VirtualDisaster	jetole, lol	19:09
crohakon	jetole; I know what is is... but prefer nano as it is really simple and I don't need much more.	19:09
jetole	VirtualDisaster: it is the most capable editor I know	19:09
soren	smoser: But no, clearly no reason to fail on python2.4. I didn't even think we shipped 2.4 anymore, but I see that we do.	19:09
jetole	crohakon: I know, just saying I agree with you sorta since I know lots of people feel the same	19:09
jetole	vi is not simple	19:09
crohakon	nods	19:09
jetole	vi is instead complete	19:09
VirtualDisaster	jetole, agreed	19:10
smoser	yeah, i think for /usr/bin/python to be 2.4 it was probably a upgrade from something old	19:10
crohakon	Well, time to go get food.	19:10
jetole	I'm thinking time for bed	19:10
jetole	I'm taking today off after working 70+ hours in the last 8 days	19:10
zul	soren: quick question for you does window 7 work as a kvm guest?	19:11
crohakon	yeah, not fun. My last job I was managing two restaurants. I was working 130 hours a pay period (every two weeks) between march and october	19:12
crohakon	Now, I am un-employed and poor. =)	19:12
crohakon	bye	19:12
jetole	Virtual, wow!	19:13
newbuntu	jetole: Port 22	19:13
newbuntu	Host alias	19:13
newbuntu	IdentifyFile <key-pair I'm currently using>	19:13
newbuntu	HostName <domain of site>	19:13
newbuntu	User root	19:13
jetole	I'm setting up a new cloud and SAN infrastructure	19:13
jetole	:D	19:13
newbuntu	I already have this info in that file, can I just add to it?	19:13
jetole	for the love of god don't use root	19:13
jetole	or IdentityFile	19:13
jetole	Identity file is not a big deal but if you have ~/.ssh/id_rsa.pub then ssh uses it automatically	19:14
soren	zul: don't know for sure. I think I've heard of someone who did it, but I'm sure I heard about someone for whom it failed.	19:14
soren	smoser: Probably, yeah.	19:14
zul	soren: reason im asking is so I can test samba for lucid better	19:14
soren	smoser: ...so why the heck is he installing ec2-init? :)	19:14
jetole	and yes, you can append to that file but also don't specify IdentityFile until after you know it's working before the identity file is needed	19:14
soren	zul: Well... Try it and let me know :)	19:15
smoser	yeah, and why did he install it on that old distro and thn upgrade	19:15
kirkland	mathiaz: okay	19:15
kirkland	mathiaz: done with my session	19:15
kirkland	mathiaz: should i just pull your branch and build locally?	19:15
newbuntu	do I add: Host 1 2 3 4 or...	19:16
newbuntu	host 1	19:16
newbuntu	host 2	19:16
newbuntu	host 3	19:16
soren	smoser: People are nuts. :)	19:16
zul	soren: I just need a copy of it	19:16
zul	umm...legal copy of it	19:16
jetole	newbuntu: all commands apply for the host hey are listed under...	19:16
dhalsimm	Hi, I can't connect to ssh using nautilus or gftp (other than terminal) except root user. I'm using jaunty	19:16
* smoser thinks zul watched the windows 7 torrent party video		19:17
jetole	so if you want something to apply to all hosts, list it under Host * and make sure Host * is at the bottom	19:17
zul	smoser: mayyyybe	19:17
jetole	Host is like the group breaker	19:17
zul	smoser: maybe im just converting all my boxes to windows	19:17
jetole	each Host line represents a new machine	19:17
jetole	for everything under it until the next host line	19:17
newbuntu	oh, got it	19:17
newbuntu	thanks	19:17
smoser	zul, all my boxes are already upgraded to windows 7.	19:18
newbuntu	okay, I'm connected to my server through ssh in Terminal!!!	19:24
jetole	lol	19:24
jetole	cool	19:24
newbuntu	now how do I get access through ftp/ssh client	19:24
Reepicheep	newbuntu: nice.. did you get your public key copied over?	19:24
jetole	newbuntu: don't use ftp	19:24
jetole	use scp	19:24
newbuntu	doing that now	19:24
newbuntu	trying... anyway	19:25
jetole	scp file my.server: (copies file to home directory on server)	19:25
jetole	scp my.server:/home/newbuntu/this.file ~ (copies this.file on server to your ~ directory)	19:25
jetole	newbuntu: also look at sshfs + afuse	19:25
Reepicheep	newbuntu: do you still have sshd listening on a different port?	19:26
newbuntu	yes	19:26
newbuntu	i do	19:27
Reepicheep	I think I told you incorrectly how to switch ports with scp earlier	19:27
Reepicheep	use -P not -p	19:27
jetole	it's all in the man page	19:27
Reepicheep	so "scp -P port user@hostname:/path/to/file	19:27
jetole	man scp	19:27
jetole	Reepicheep: he is using a proper ssh config file now though so I don't think he needs it	19:27
jetole	newbuntu: also man ssh_config for more things to change	19:28
Reepicheep	so newbuntu set it up to so his clients use it system wide in the /etc/ssh config files?	19:28
BerRMaNyA	Hii i have a problem when i try config exim4 with smarthost, somebody can helpme?	19:29
JavaJimFL	New to Linux in general, Ubuntu in particular: new 9.1 server install, single OS, ok till Grub install, at which point the install menu loops on that selection till I select 'no bootloader' and then the server won't start after the install. Any pointers? Thanks.	19:29
jetole	Reepicheep: he could but instead place it in ~/.ssh/config instead of /etc/ssh/config	19:29
jetole	/etc/ssh/config should only be used for all users	19:30
Reepicheep	yeah.. that would probably be better anyway	19:30
newbuntu	I thought I had to use ssh-copy-id <username>@<host>	19:30
jetole	newbuntu: no	19:30
BerRMaNyA	Hii i have a problem when i try config exim4 with smarthost, somebody can helpme?	19:30
jetole	ssh-copy-id -i key.file your.host	19:30
Reepicheep	newbuntu: are you still trying to copy the public key from your Mac?	19:30
jetole	for example ssh-copy-id -i ~/.ssh/id_rsa.pub my.server.com	19:30
jetole	did you just say mac?	19:31
newbuntu	I am trying to copy the public key from my server to my mac so I can have access	19:31
newbuntu	I created the key on my server	19:31
newbuntu	is that right?	19:31
Reepicheep	so you want your server to be able to connect to your mac via the ssh keys?	19:31
newbuntu	yes	19:31
jetole	ok, I don't know much about ssh on mac other then my dad has one and the configs in /etc don't work the way they do on every other computer	19:31
BerRMaNyA	Hii i have a problem when i try config exim4 with smarthost, somebody can helpme?	19:31
Reepicheep	BerRMaNyA: can you paste your exim router configs in a paste bin?	19:32
Reepicheep	newbuntu: I just want to make it clear you want to connect from your ubuntu server to your mac not vice versa?	19:33
newbuntu	no, I'm sorry...I want to be able to access the server via the mac	19:33
Reepicheep	that's what I thought	19:33
Reepicheep	you need to generate the key on the client.. not the server	19:34
Reepicheep	so in your instance the client is your Mac	19:34
BerRMaNyA	What is the file of configuration?, i execute sudo dpkg-reconfugyre exim4-config	19:34
Reepicheep	newbuntu: and OS X does not have ssh-copy-id so you have to do it by hand.. the old fashion way	19:35
newbuntu	oh, I was thinking of it backwards!	19:36
Reepicheep	BerRMaNyA: I use exim but I have never used the configs made via dpkg-reconfigure so I don't know if I can help a lot	19:36
Reepicheep	I can help you edit the files by hand.. but you may want to do it the ubuntu way as you have tried with dpkg-reconfigure	19:37
BerRMaNyA	Reepicheep wait, i'll upload the config file	19:38
Reepicheep	when you run dpkg-reconfugyre exim4-config does it give you an option to set it up using a smarthost as postfix does? BerRMaNyA	19:38
Reepicheep	newbuntu: the first thing you need to make sure is that you have a public private key generated for your user an your mac?	19:38
newbuntu	I generated both, but on the server	19:39
Reepicheep	newbuntu: from the terminal type "ls ~/.ssh/" and is there an id_rsa.pub or id_tsa.pub file?	19:39
BerRMaNyA	when i run dpkg-reconfigure, askme the ip of smarthost, but i dont know de smarthost ip	19:40
newbuntu	no just my a config file and known_hosts file	19:40
Reepicheep	s/id_tsa.pub/id_dsa.pub/ ^ sorry	19:40
BerRMaNyA	I try put ip of isp	19:40
BerRMaNyA	but dont work	19:40
Reepicheep	BerRMaNyA: you will defiantly need that info to set up the smart host	19:40
newbuntu	I have set this up with another server before	19:40
newbuntu	appearantly	19:41
Reepicheep	BerRMaNyA: you may be able to use the DNS name of the smarthost you would like to use	19:41
Reepicheep	newbuntu: then you need to generate a key pair for your user on you Mac first.. use ssh-keygen	19:42
Reepicheep	i.e ssh-keygen -t rsa	19:42
newbuntu	Reepicheep: I don't remember why but the <known_hosts> file contains the other RSA I use for another server, not sure why I set it up that way	19:42
BerRMaNyA	but i dont understand, i 'll try use the DNS of ISP, that is ok?	19:43
Reepicheep	that's ok.. the known host contains the public key for every ssh server you have connected to and trusted said ssh servers keys	19:43
Reepicheep	newbuntu: ^	19:43
newbuntu	ahhhh	19:43
Reepicheep	BerRMaNyA: do you understand what a "Smarthost" is?	19:44
Reepicheep	BerRMaNyA: basically it is a server that will relay your mail to and from your existing server depending on your situation.	19:45
Reepicheep	is that what you are after?	19:45
uvirtbot	New bug: #473218 in sysstat (universe) "Please sync sysstat-9.0.5-1 from Debian unstable." [Undecided,New] https://launchpad.net/bugs/473218	19:46
BerRMaNyA	mmm i think that smathost is a service when i run mail() in php for example, mi smtp server relay the mail to smarthost, and smarthost redirect this mail to email account what specify in mail function	19:46
BerRMaNyA	sorry my inglish is bad	19:46
mathiaz	kirkland: avahi and eucalyptus uploaded to my ppa - https://launchpad.net/~mathiaz/+archive/eucalyptus/+packages	19:50
Reepicheep	BerRMaNyA: are you setting up exim to host local inboxes? or just to send mail out to external email account?	19:50
mathiaz	kirkland: so you can probably grab the source code from there and build them localy	19:50
newbuntu	so I just created a key on my client computer	19:50
newbuntu	reepicheep	19:51
newbuntu	ls -a	19:51
Reepicheep	newbuntu: sweet. now you need to get the contents of the ~/.ssh/id_rsa.pub file into the ~/.ssh/authorized_keys file on the server	19:51
newbuntu	okay, doing that now	19:52
Reepicheep	replace rsa with dsa if you created the keys that way ^	19:52
newbuntu	no they are rsa, what's the diff	19:52
Reepicheep	the easiest way is to use "scp"	19:52
Reepicheep	scp -P port ~/.ssh/id_rsa.pub user@hostname:/tmp/	19:53
BerRMaNyA	Reepicheep: I try config the local pc as server, i have static ip, when mi work now is config this machine with smtp server and pop3 server, I installed exim as smtp server, i try send the mail with PHP to my email account, and I recibe this mail in spam inbox	19:53
Reepicheep	newbuntu: that will get the pub file over to your server in the /tmp/ directory	19:53
BerRMaNyA	When i think that if setup smarthost i will recibe mail in inbox and NO spam	19:54
Reepicheep	newbuntu: then just concatenate it to the end of the authorized_keys file	19:54
Reepicheep	cat /tmp/id_rsa.pub >> ~/.ssh/authorized_keys	19:54
newbuntu	now for a really dumb question? is my host name not what I see when I'm logged into my server ie. root@testserver	19:55
Reepicheep	BerRMaNyA: are you receiving this mail on an account hosted on the server with exim on it or in an existing email account that is hosted elsewhere?	19:56
newbuntu	nevermind	19:56
newbuntu	got it	19:56
BerRMaNyA	i recive mail on gmail	19:57
newbuntu	it asks for root@<my ip>'s password? my pass doesn't work	19:57
Reepicheep	newbuntu: that concatenate command should be run on the server as the user that you wish to login as after the key has been copied to the servers /tmp/ directory	19:58
BerRMaNyA	when i enter to http://localhost/mail.php?to=bernacas@gmail.com i recive mail in spam	19:58
BerRMaNyA	on gmail	19:58
Reepicheep	BerRMaNyA: you may not need to run exim on your machine at all if you are sending to a gmail account	19:59
lukehasnoname	Hey guys. Y'all know where I can get the raw Docbook XML for the server guide?	19:59
Reepicheep	php should be able to use a smtp server provided by your ISP	19:59
newbuntu	it wants the root password	19:59
BerRMaNyA	I use php to check if my smtpserver is running	20:00
BerRMaNyA	if (mail("bernacas@gmail.com","test","test")) : echo "The mail is sent"; endif;	20:00
Reepicheep	newbuntu: assuming that you have heard the warning about sshing to a root account... you can copy the file to the server as a non root user	20:01
BerRMaNyA	This way check if my smtp server is on	20:01
Reepicheep	then copy the contents to /root/.ssh/authorized_keys with sudo or as the root user	20:01
Reepicheep	newbuntu: by default ubuntu does not set a root password	20:02
newbuntu	hmmm, ok	20:02
Reepicheep	BerRMaNyA: if you are just trying to send mail from php.. I'm not sure you really need a full MTA like exim running. there probably are better ways of sending that mail out.	20:04
newbuntu	sorry for the confusion but I created the 'id_rsa.pub' file in ~/.ssh/ logged in as my root, was that a mistake? Should I have created the keys in ~/.ssh/ logged in as my user?	20:05
newbuntu	Reepicheep	20:05
BerRMaNyA	Reepicheep: Now i just config the smtp server, but i now install pop3 server, i can create for example bermanya@IPSTATIC ?	20:06
lukehasnoname	got it	20:06
Reepicheep	newbuntu: it's usually best to connect to your server as an unprivileged user, then use sudo to execute things that need root privileges	20:06
Reepicheep	so in the command I gave you .. "user" in "user@hostname" would by your username not root	20:07
Reepicheep	than run the concatenate command as your user on the server	20:07
Reepicheep	BerRMaNyA: in that case you do need an MTA	20:07
newbuntu	so should the key files on my clientMac be stored in the root ~/.ssh/ or my User ~/.ssh/	20:08
BerRMaNyA	exim is MTA true?	20:08
jetole	user ssh	20:08
newbuntu	the one's I just created?	20:08
jetole	@ newbuntu	20:08
newbuntu	ok	20:08
Reepicheep	newbuntu: as the user	20:08
newbuntu	well I messed up then, I did it as root	20:08
Reepicheep	so /Users/<username>/.ssh/	20:08
newbuntu	I can just delete and redo, huh?	20:08
jetole	newbuntu: that only applies if you want the root user to be able to ssh which you can but that is against a lot of BOFH regulations	20:09
jetole	newbuntu: I wasn't paying attention but you can delete and re create your certs as many times as you like	20:09
Reepicheep	it doesn't hurt to have those keys in the /root/.ssh/ you just won't use them :newbuntu	20:09
newbuntu	deleting and re-creating	20:09
newbuntu	now	20:10
BerRMaNyA	Reepicheep: do you have some tutorial that explain me that i looking for?	20:10
newbuntu	that is also where I put the config file, need to change that	20:10
jetole	if [ ${UID} -eq 0 ]; then echo "not as root"; exit 1; fi; sudo rm -rf /root/.ssh; ssh-keygent -t rsa; ssh-copy-id -i ~/.ssh/id_rsa.pub my.server	20:10
jetole	@ newbuntu	20:10
jetole	that needs a little work but thats the general idea of how to do it all over again	20:11
Reepicheep	BerRMaNyA: not of the top of my head.. why is it that you settled on "exim" was it from a tutorial?	20:11
newbuntu	a little over my head but thanks	20:11
newbuntu	the if statement anyway	20:11
Reepicheep	jetole: I like that.. that's a cute way to put it	20:12
jetole	newbuntu: that should actually do it all except at the end change my.server to your server	20:12
jetole	newbuntu: that will delete the root .ssh dir	20:12
jetole	and recreate the new keys	20:12
jetole	and copy them over	20:12
jetole	assuming passwords still work on the server	20:12
Reepicheep	jetole: the only issue is that OS X doesn't have ssh-copy-id :(	20:12
newbuntu	I have them on for now, will turn them off when I get this working	20:13
* jetole doesn't allow passwords on ssh on his servers but it's all corporate and I have keys backed up around the corner		20:13
jetole	Reepicheep: wow... uh... that sucks	20:13
* jetole points to www.openssh.org		20:13
jetole	can download and compile from there	20:13
jetole	as part of the openssh package	20:13
jetole	newbuntu: just make sure you have backed up your keys very well before you do	20:14
BerRMaNyA	I have opened 100000 tutorials but i cant make work exim, but I now open https://help.ubuntu.com/9.04/serverguide/C/exim4.html	20:14
newbuntu	I will	20:14
Reepicheep	jetole: that is why I was having newbuntu us scp to copy the public key to the server.. but I didn't realize it was the root user	20:14
jetole	BerRMaNyA: the problem is exim != postfix	20:14
jetole	;)	20:14
jetole	yeah me either	20:15
jetole	never use root	20:15
newbuntu	won't from now on	20:15
BerRMaNyA	jetole which is the diference of exim and postfix?	20:15
Reepicheep	BerRMaNyA: I love exim ... it is my MTA of choice .. but in your instance postfix may be better	20:15
Reepicheep	newbuntu: that away to here the warning about using the root user ;-)	20:16
BerRMaNyA	which is the diference between exim and postfix?	20:16
jetole	BerRMaNyA: what is the difference between windows and linux? You are asking the difference between two different peices of software. You can put sendmail and the microsoft mail package in the question too. If you want a complete answer download both source packages and run diff -ur against the two directories	20:17
Reepicheep	BerRMaNyA: they both accomplish the same thing..	20:17
newbuntu	out of curiosity, why is it soooo bad for me to be logged in as root	20:17
Reepicheep	but the ubuntu way tends to be use postfix.. so you will find more documentation that way	20:17
jetole	newbuntu: because you don't need to be and by typing the wrong command as root you will destroy your system	20:17
newbuntu	enough said	20:17
* jetole has been using postfix for years and it just works		20:18
newbuntu	thanks	20:18
jetole	newbuntu: also you don't want the root user accessible via ssh incase someone cracks in	20:18
BerRMaNyA	Ok reepicheep, so i run apt-get remove exim and i 'll install postfix is that ok?	20:18
* Reepicheep has been using exim for years .. but in this instance .. Reepicheep thinks BerRMaNyA should use postfix		20:18
jetole	BerRMaNyA: great idea	20:18
Reepicheep	BerRMaNyA: you will find plenty of tutorials showing you ubuntu-server + postfix + (dovecot \| courier \| cyrus \| your choice of software)	20:20
jetole	BerRMaNyA: also #postfix is an informative room	20:20
* jetole votes for dovecot which also functions as the LDA		20:20
* Reepicheep votes the same..		20:20
jetole	well I'm gonna go poo	20:21
jetole	bbiab	20:21
Reepicheep	newbuntu: .. basicly you just need to run those two commands on your mac as you unprivileged user (ssh-keygen and the scp one)	20:21
BerRMaNyA	Reepicheep thanks so much for your help, jetole same for you	20:22
jetole	BerRMaNyA: I didn't offer much but enjoy	20:22
newbuntu	I'm in the process now....	20:22
BerRMaNyA	now i try install postfix and dovecat	20:22
BerRMaNyA	dovecot	20:22
Reepicheep	newbuntu: then concatenate the /tmp/id_rsa.pub file (make sure it's the new one and not roots) to the users .ssh/authorized_keys file	20:23
Reepicheep	BerRMaNyA: find a walk through to help you with the configuration steps need	20:24
kirkland	mathiaz: yo	20:24
kirkland	mathiaz: okay, i'm downloading now	20:24
newbuntu	I've got the key in my /tmp on server! moving on...	20:26
newbuntu	when I try to cd .shh (logged in as me) it tells me permission denied	20:27
Reepicheep	what about "cd ~/.ssh" ?	20:28
newbuntu	it's owned by root, why?	20:28
newbuntu	denied	20:29
Reepicheep	"pwd" returns your users home directory not "/root" correct?	20:29
newbuntu	yes, correct	20:29
Reepicheep	k.. lets start over on the server side..	20:29
newbuntu	k	20:29
Reepicheep	type "sudo rm -r /home/<username>/.ssh"	20:30
Reepicheep	make sure it is the correct directory :[\|	20:30
Reepicheep	:-\|	20:30
newbuntu	it's gone..	20:30
Reepicheep	k.. create a new one .. like by for instance typing "ssh -p port localhost"	20:31
Reepicheep	and accepting the public key	20:31
mathiaz	kirkland: well - I think everything is built now	20:31
kirkland	mathiaz: yup, i'm installed	20:31
kirkland	mathiaz: did you put together SRU testing instructions yet?	20:31
mathiaz	kirkland: not for all the bugs	20:32
mathiaz	kirkland: some of them have the testing instructions already	20:32
newbuntu	made new /.ssh, it's owned by me now	20:32
Reepicheep	sweet.. now lets make sure the id_rsa.pub file you your users and not root's	20:32
Reepicheep	type "cat /tmp/id_rsa.pub" it should be the key	20:33
Reepicheep	at the end it should have "username@your.mac.hostname" not "root@your.mac.hostname"	20:33
newbuntu	it does	20:34
Reepicheep	sweet.. k.. now:	20:34
Reepicheep	cat /tmp/id_rsa.pub >> ~/.ssh/authorized_keys	20:34
newbuntu	ok	20:35
newbuntu	how do we check	20:35
Reepicheep	and when that completes you should see the public key in /home/<username/.ssh/authorized_keys .. use "cat" to see it	20:35
Reepicheep	if it's there you should have it setup.. now back on your Mac	20:36
newbuntu	it's there!!	20:36
Reepicheep	great	20:36
newbuntu	wow, I really appreciate all your time	20:36
kirkland	mathiaz: i'll write the SRU testing for mine (the powernap one)	20:36
Reepicheep	ssh -p port username@server.hostname	20:37
Reepicheep	from the Mac ^	20:37
mathiaz	kirkland: ok	20:37
newbuntu	ok	20:37
geekboxjockey	I'm having issues with LDAP, pam_ccreds and apache2 http-auth, if I log in to a system via ssh using my LDAP credentials, I can see that my info I'm having issues with LDAP, pam_ccreds and apache2 http-auth, if I log in to a system via ssh using my LDAP credentials, I can see that my info is cached via 'sudo cc_dump' however for users authenticating with http-auth on our site, their LDAP info is not being c	20:37
geekboxjockey	ached. Any ideas?is cached via 'sudo cc_dump' however for users authenticating with http-auth on our site, their LDAP info is not being cached. Any ideas?	20:37
geekboxjockey	I have apache2 set up to use /etc/pam.d/common-auth (which is where I have the caching configured)	20:37
Reepicheep	if the username is the same on both you don't need the "username@" part	20:37
geekboxjockey	I'm having issues with LDAP, pam_ccreds and apache2 http-auth, if I log in to a system via ssh using my LDAP credentials, I can see that my info is cached via 'sudo cc_dump' however for users authenticating with http-auth on our site, their LDAP info is not being cached. Any ideas?	20:38
geekboxjockey	(sorry, something got chopped up in my last message)	20:38
newbuntu	it asked me for my server password? does that mean it didn't work?	20:39
newbuntu	should it still ask for that?	20:39
mushroomtwo	time to edit sshd_config	20:40
Reepicheep	newbuntu: no it should just log you in	20:40
newbuntu	had to enter password	20:40
Reepicheep	double check to make sure that the key on your Mac /Users/<username>/.ssh/id_rsa.pub matches the key on your server /home/<username>/.ssh/authorized_keys	20:41
Reepicheep	also make sure that it is still enable in the sshd_config file on the server	20:42
newbuntu	looks as though they match, looking at a few characters in the beginning and end	20:43
newbuntu	at the end of the RSA it has = user@computername.local	20:44
newbuntu	should this be the ip?	20:44
Reepicheep	nah.. that should be fine	20:45
Reepicheep	have you edited /etc/sshd_config on the server?	20:45
newbuntu	I want to be able to access this whether I'm on my home network or away, I guess that doesn't matter	20:45
newbuntu	i will check the /etc/sshd_config	20:46
newbuntu	PubkeyAuthentication = yes	20:46
newbuntu	all I changed is the port	20:47
Reepicheep	hmm. that should work..	20:47
newbuntu	what is this: # HostKeys for protocol version2	20:47
Reepicheep	let me make sure I can get it to work .. what version of OS X are you running?	20:47
newbuntu	my has: HostKey /etc/ssh/ssh/host/rsa/key	20:48
newbuntu	wait mis type	20:48
Reepicheep	usually it is something like:	20:49
newbuntu	t	20:49
Reepicheep	HostKey /etc/ssh/ssh_host_rsa_key	20:49
newbuntu	that's what I meant to type	20:49
newbuntu	thanks	20:49
newbuntu	I have a /know_hosts on my mac? does that mean anything?	20:50
newbuntu	I'm running 10.6	20:50
newbuntu	reepicheep	20:51
DrNick_	is ubuntu server have "official" support on Sparc boxen? or is it "officially" just i386/x64?	20:52
DrNick_	err, * does	20:52
Reepicheep	k.. let me test that.. btw. if you want you can have ssh listen on multiple ports. just put on "Port <portnumber>" line per port	20:53
Reepicheep	newbuntu: ^	20:53
newbuntu	I see a line in sshd_config: #AuthorizedKeysFile %h/.ssh/authorized_keys.	20:54
newbuntu	there is nothing under it	20:54
newbuntu	Reepicheep^	20:54
newbuntu	does my key path need to be there?	20:54
Reepicheep	newbuntu: by chance is it asking you for the password you gave when generating the ssh key pairs with the ssh-keygen command?	20:54
newbuntu	no, just my user pass	20:55
newbuntu	well, they might be the same?	20:55
newbuntu	i'm not sure	20:55
newbuntu	was that not my user pass?	20:56
newbuntu	I figured it was trying to authenticate me as a user before generating	20:56
newbuntu	Reepicheep^	20:56
Reepicheep	because if you give a set a password when creating the keys with ssh-keygen it will prompt you for that password every time you use the key	20:56
newbuntu	can I turn off the password authentication in the sshd_config file and try to login again?	20:57
newbuntu	will that tell me anything	20:57
Reepicheep	if you want to connect in "Passwordless" if that's a word.. you need to create the ssh_key pair without a password.. but .. there are security concerns doing it that way also	20:57
newbuntu	i don't mind typing in the password, just wanted to make sure I was actually connecting with the key pair	20:58
newbuntu	Reepicheep^	20:58
Reepicheep	you probably are.. it is just prompting you for your key pair password not your user password on the server	20:59
Reepicheep	btw.. it works fine for me from a 10.6.1 Mac to an ubuntu server 9.10	21:00
newbuntu	I just turned of pass auth in sshd_conf on server	21:01
newbuntu	restarted ssh	21:01
newbuntu	tried to log in from mac	21:01
newbuntu	permission denied (publickey)	21:01
newbuntu	confused	21:02
uvirtbot	New bug: #473332 in openipmi (universe) "Startup failed to load ipmi_devintf module" [Undecided,New] https://launchpad.net/bugs/473332	21:02
newbuntu	ls	21:02
newbuntu	do I need the key in known_hosts?	21:03
newbuntu	Reepicheep^	21:03
newbuntu	on my mac	21:04
newbuntu	oh wait, it's there	21:04
Reepicheep	yeah.. that is the servers public key	21:04
newbuntu	it's there	21:04
newbuntu	nevermind	21:04
Reepicheep	that is what you are prompted to accept the first time you connect to a host	21:04
newbuntu	do I need the config file on my mac or the server?	21:05
newbuntu	I don't have it on my mac	21:05
newbuntu	Reepicheep^	21:05
Reepicheep	you don't need to adjust anything on your Mac.. you just need the user to generate a key pair .. which you have done	21:06
newbuntu	k	21:06
Reepicheep	DrNick_: I don't think sparc hardware is officially supported	21:11
newbuntu	any ideas? Reepicheep	21:11
DrNick_	ok. however it still has community support currently?	21:12
Reepicheep	newbuntu: I must of missed the question.. is it still not working?	21:12
newbuntu	no it's not working	21:12
Reepicheep	DrNick_: I would suppose.. as best you can get	21:12
newbuntu	I just turned off pass auth in sshd_conf on server	21:13
DrNick_	only i seem to remember a time when ubuntu was officially supported on x86/x64, ppc and sparc. i can understand them dropping ppc, with apple going intel but sparc i would have hoped might continue	21:13
newbuntu	restarted ssh	21:13
newbuntu	tried to log in from mac	21:13
newbuntu	permission denied (publickey)	21:13
DrNick_	there was some fanfare a while ago about ubuntu-sun lovin', i guess that is no more. esp' with sun going to oracle	21:14
Reepicheep	newbuntu: so it prompts you for the password for your keys.. you enter that .. then it gives your the "permission denied (publickey)" error?	21:14
newbuntu	no- I enter: ssh -p port user@ip hit enter	21:15
newbuntu	Permission denied (publickey)	21:16
Reepicheep	DrNick_: I have run linux (not ubuntu though) on sparc hardware for awhile .. but I have taken most of them out of production in the last couple years.. it worked pretty well though	21:16
DrNick_	well, thanks for the info anyway Reepicheep	21:17
* newbuntu Invalid PEM structure, '-----BEGIN...' missing.		21:18
DrNick_	cdimage.ubuntu.com seem to have a variety of different architecture's to install, all community supported. there's even one for the ps3 lol	21:18
newbuntu	this is what I get when I try to get in using ftp client	21:19
newbuntu	ssh	21:19
newbuntu	sftp	21:19
newbuntu	whatever	21:19
Reepicheep	newbuntu: have you mess with the keys in /etc/ssh on the server?	21:19
DrNick_	even PA-RISC is there	21:19
newbuntu	no I haven't	21:19
Reepicheep	DrNick_: yeah I have seen that .. I have used the PPC one a few times .. I even have download the sparc one. burned the disk .. it's sitting on top of an old sunfire machine on my bench.. but I have yet to install it.. :-\|	21:20
DrNick_	:-)	21:20
DrNick_	boot it, see what happens	21:21
Reepicheep	newbuntu: your scp command worked earlier to copy the id_rsa.pub file from the mac to the server correct?	21:21
newbuntu	at the end of my ssh_host_rsa_key.pub..... it is root@myserver	21:21
Reepicheep	DrNick_: I will sometime.. I just haven't got around to it	21:21
newbuntu	is that wrong	21:21
newbuntu	yes it did work	21:22
Reepicheep	newbuntu: that is fine.. that is the system keys used via the openssh server	21:22
newbuntu	oh	21:23
Reepicheep	they are auto generated when you install the openssh-server package	21:23
Reepicheep	you shouldn't need to mess with them	21:23
newbuntu	ok, i see	21:23
Reepicheep	the only keys you need to care about are the keys in your home directory's .ssh/ folder	21:23
Reepicheep	newbuntu: can you try running the scp command from the mac again.. just copy any file to the server's /tmp/ folder	21:24
newbuntu	my key is in the file authorized_keys	21:24
newbuntu	yes	21:24
Reepicheep	newbuntu: correct .. the public key for the user on the client (your Mac) should be in your user's authorized_keys file on the server	21:25
newbuntu	permission denied (publickey)	21:27
newbuntu	Reepicheep^	21:27
newbuntu	I will have to turn passAuth back on i guess	21:28
newbuntu	in sshd_config	21:28
newbuntu	what is invalid PEM structure	21:37
newbuntu	Reepicheep^	21:37
newbuntu	the other key I'm using is keypair.pem	21:37
newbuntu	this on is keypair.pub	21:37
newbuntu	could that be anything?	21:37
newbuntu	Reepicheep^	21:37
=== mdz` is now known as mdz
Reepicheep	newbuntu: afaik. pem files are files that combine the public and signed certificate in ssl .. I have never used them in the ssh realm	21:50
RoyK	hm.... it'd be fine the day linux has something like zfs	21:50
Reepicheep	where is it that you see the keypair.pem file?	21:50
newbuntu	ok	21:50
newbuntu	I use one to log into another server I use, for business	21:50
RoyK	if any of you work with storage, take a little look at what's in opensolaris	21:51
RoyK	it eats linux for breakfast	21:51
newbuntu	I also get this error when trying to sftp: into my server:	21:51
Reepicheep	RoyK: I agree I really wish sun could release zfs with a linux compatible license	21:51
newbuntu	Reepicheep^Invalid PEM structure, '-----BEGIN...' missing.	21:52
Reepicheep	newbuntu: does it happen to be secure ftp like ftp over ssl ... which is different then sftp over ssh	21:53
newbuntu	it might be	21:53
newbuntu	have a question	21:53
RoyK	Reepicheep: well, they don't want to, so I'll stick with opensolaris for storage	21:54
newbuntu	if I'm getting 'Permission denied (publickey) when I try to scp to the server? On which side does the problem lie?	21:54
Reepicheep	newbuntu: for copying files from your make to a machine with ssh you should look at Macfusion .. it uses fuse to make the connection but it integrates into your finder	21:54
newbuntu	cool	21:54
newbuntu	did you see the post just above your last?	21:55
Reepicheep	newbuntu: is the /etc/ssh/sshd_config and /etc/ssh/ssh_config files pretty standard on your server other then the port change?	21:55
RoyK	the nfs4 stuff in opensolaris is quite a bit better than what's in linux, so .......	21:55
newbuntu	yes, I changed nothing from the install except port: and passwordAuthorization	21:58
Reepicheep	try changing passwordAuthorization back .. and see what it does	21:59
newbuntu	k	22:00
mathiaz	smoser: any news from upstream on bug 461156?	22:00
uvirtbot	Launchpad bug 461156 in euca2ools "User data is not parsed correctly by Eucalyptus in some cases" [High,In progress] https://launchpad.net/bugs/461156	22:00
mathiaz	kirkland: ^^?	22:00
kirkland	mathiaz: latest i know is in that bug	22:01
kirkland	mathiaz: i'm still testing your ppa packages	22:01
kirkland	mathiaz: i'm running into some weirdness	22:01
kirkland	mathiaz: but i don't know if it's your fault yet :-)	22:01
mathiaz	kirkland: weirdness?	22:02
mathiaz	kirkland: do you have issue with dns resolution to connect to the cc?	22:02
newbuntu	Reepicheep^	22:02
kirkland	mathiaz: haven't tried that	22:02
kirkland	mathiaz: i'm testing the little powernap one, which should be a no-op really at this point	22:03
newbuntu	this is what I get when I restart ssh: Could not load host key	22:03
kirkland	mathiaz: but i couldn't get powersave working at all at first	22:03
newbuntu	start stop dameo: warning: failed to kill: operation not permitted	22:03
newbuntu	Reepicheep^	22:03
newbuntu	this is what I get when I restart ssh	22:03
newbuntu	[ok]	22:04
kirkland	mathiaz: which ones have SRU test instructions already?	22:04
mathiaz	kirkland: bug 458904	22:04
uvirtbot	Launchpad bug 458904 in eucalyptus "When installing a node, euca_find_cluster fails to locate the cluster controller if instances are running" [High,In progress] https://launchpad.net/bugs/458904	22:04
Reepicheep	newbuntu: what does "sudo netstat -tlpn \| grep sshd" return ?	22:05
mushroomtwo	anyone know why, after swapping switches, a 9.04 server box will refuse connections via ssh?	22:05
mathiaz	kirkland: yeah - that's all - I'm writing up the other SRUs	22:05
kirkland	mathiaz: i filled in most of https://bugs.edge.launchpad.net/ubuntu/+source/eucalyptus/+bug/458163	22:06
uvirtbot	Launchpad bug 458163 in eucalyptus "[regression] euca_rootwrap fixes affected eucalyptus power management (powerwake)" [Wishlist,Fix committed]	22:06
newbuntu	tcp 0.0.0.0.0:myPort	22:07
newbuntu	is that what you were looking for	22:07
Reepicheep	newbuntu: now stop the ssh server and run the same command see if it goes away	22:07
newbuntu	my ip isn't there	22:07
newbuntu	ok	22:07
Reepicheep	newbuntu: 0.0.0.0 is all ipv4 interfaces	22:08
kirkland	mathiaz: SRUs are so much fun :-)	22:08
newbuntu	operation not permitted	22:08
newbuntu	cant' stop	22:08
newbuntu	still there	22:08
Reepicheep	what command are you using to stop ssh?	22:08
newbuntu	g	22:09
newbuntu	hang on	22:09
newbuntu	</etc/init.d/ssh stop>	22:10
newbuntu	wouldn't let me type without <>	22:10
Reepicheep	try: "sudo service ssh stop"	22:10
newbuntu	did it	22:11
newbuntu	output grep \| not there any more	22:11
Reepicheep	k.. now start it	22:11
Reepicheep	replace "stop" with "start"	22:12
newbuntu	k	22:12
newbuntu	started	22:12
newbuntu	now that I have turned my passwordAuth on in sshd_conf I can transfer files via scp	22:13
Reepicheep	newbuntu: check out the Macfusion .. it may be what you want	22:14
newbuntu	i will, thanks for all your help	22:15
uvirtbot	New bug: #473439 in mailman (main) "can´t start mailman" [Undecided,New] https://launchpad.net/bugs/473439	22:21
newbuntu	could it be because I used a passPhrase when I created the key	22:25
newbuntu	Reepicheep	22:25
newbuntu	do i need a passphrase?	22:25
Reepicheep	newbuntu: you can try creating a new key without a passphrase if you want, it would be one less layer of security.. but it would then allow you to login with out being prompted for a password	22:43
newbuntu	I've already tried	22:44
Reepicheep	did it work?	22:44
newbuntu	I started over from scratch, following all your instructions, created new key and everything.....when I try to access the server through terminal ssh -p 5555 ............ I get	22:45
newbuntu	Permission Denied	22:45
newbuntu	(publickey)	22:45
newbuntu	still	22:45
newbuntu	resetting router, be right back	22:46
newbuntu_	removing port mapping on router	22:47
newbuntu_	I'm at a loss, if you have any idea I would appreciate it	22:47
newbuntu_	I can get in with the password, but not the publickey	22:48
newbuntu_	I've got to figure this out because I'm going to have to set this up on about 10 other machines. PC and MAC	22:50
newbuntu_	they all need access to the server	22:50
kblin	newbuntu_: you're not getting your home dir mounted during login or fanyc crap like that?	22:50
newbuntu_	home dir mounted?	22:51
kblin	at university the /home share is on a network mount, so there's no access to $HOME/.ssh during login	22:51
kblin	at my university, that is	22:52
newbuntu_	I'm at my house, I'm behind a router if that matters	22:53
newbuntu_	I can get through with my password, just not the publicKey	22:53
kblin	ok, so no network shares for /home?	22:53
newbuntu_	key pair	22:53
newbuntu_	by network shares you mean, other machines on the network sharing my /home	22:53
kblin	yeah	22:54
newbuntu_	no, I don't have it shared on my local network	22:54
kblin	what's the name of the private key you're using?	22:55
newbuntu_	key_pair.pub	22:55
newbuntu_	I made one up	22:56
Reepicheep	newbuntu: would it be to much to start completely over even with the ssh server and keys on the server?	22:56
Reepicheep	and the config files in /etc/ssh/	22:56
kblin	and what's your ssh command?	22:56
kblin	the full command line?	22:56
uvirtbot	New bug: #236757 in postfix (main) "openldap2 vs openldap when installing kolabd" [Undecided,New] https://launchpad.net/bugs/236757	22:57
newbuntu_	no, I'd be willing to try anything. I would like to rule out my router though, could it be causing me problems?	22:57
Reepicheep	for you testing is the router between you and your server?	22:57
newbuntu_	kblin: ssh -p <myPort> user@<myIP>	22:58
kblin	aha	22:58
newbuntu_	Reepicheep: yes	22:58
newbuntu_	well I think	22:58
kblin	try ssh -p <myPort> -i key_pair user@<myIP>	22:58
Reepicheep	is your Mac and server on the same network?	22:58
newbuntu_	they are	22:59
newbuntu_	I'm trying to access as if I am not on same network though	22:59
newbuntu_	how?	22:59
Reepicheep	let's get it working internally before you through the router/port forwarding into the mix	23:00
kblin	yeah, and try the -i key_pair thing	23:00
newbuntu_	kblin: that worked!!	23:01
kblin	figures	23:01
newbuntu_	no password needed, not denied permissions	23:01
kblin	you've used a non-standard name for the key file, so you need to tell ssh to use it	23:01
newbuntu_	so how does that work	23:01
Reepicheep	newbuntu_: have you messed with any of the system ssh settings on your Mac?	23:01
kblin	see the -i option in man ssh	23:02
newbuntu_	system ssh settings, no I don't think so , let me look	23:02
Reepicheep	newbuntu_: what is the name of your key_pair?	23:03
newbuntu_	kblin: how do I log in from my sftp client?	23:03
Reepicheep	have you edited anything in /etc/ssh_config on the Mac?	23:03
kblin	Reepicheep: key_pair/key_pair.pub, newbuntu_ said so a few minutes ago	23:04
kblin	that has nothing to do with the ssh_config	23:04
kblin	newbuntu_: what sftp client?	23:04
=== newbuntu_ is now known as newbuntu
kblin	scp?	23:04
newbuntu	cyberDuck	23:04
newbuntu	on mac	23:04
kblin	never heard of that	23:04
newbuntu	like fileZilla	23:04
Reepicheep	kblin: sorry I missed that	23:04
kblin	it'll have an option to specify a key pair, if it's any good	23:05
kblin	Reepicheep: happens, no worries :)	23:05
newbuntu	it does, but does it matter that I named it diff	23:05
Reepicheep	newbuntu: I have used cyberduck.. let me see if you can set it to use a non standard key pair	23:05
newbuntu	that's what I was wondering	23:05
newbuntu	Reepicheep	23:05
Reepicheep	newbuntu: it may be easier to use the standard key pair names thought...	23:06
newbuntu	this may be my whole problem, that's what I get for trying to organize things	23:06
Reepicheep	if that is possible	23:06
newbuntu	yea, I can redo it, if that will fix my problem	23:06
newbuntu	no worries, now that I know what caused it	23:06
newbuntu	I only need one key per machine, right:	23:07
newbuntu	?	23:07
kblin	"In the Connection Dialog or the Bookmark editor in Cyberduck select Use Public Key Authentication and select the private key in your .ssh directory. "	23:07
newbuntu	can I use the same key for every machine?	23:07
newbuntu	I have about 10 I need to connect to the server?	23:07
Reepicheep	btw.. newbuntu cyberduck lets you select a key to use.	23:07
Reepicheep	under "more options"	23:07
newbuntu	I saw that and tried to select it, it wouldn't work	23:08
Reepicheep	"use public key authentication"	23:08
newbuntu	let me try again.....one minute	23:08
kblin	newbuntu: I tend to create one key per machine	23:08
newbuntu	better option then passing around one key?	23:08
newbuntu	kblin^	23:08
kblin	newbuntu: then I can selectively allow/disallow logins from specific machines	23:08
* Reepicheep does the same as kblin.. one key pair per machine		23:09
newbuntu	got it, I like that option	23:09
newbuntu	I like to have control	23:09
Reepicheep	newbuntu: you just need to add the public key from each machine to the authorized_keys file on the server	23:09
newbuntu	so, when setting up a new machine though, I will have to leave the passwordAuthorization set to 'yes' while I am setting up all the machines?	23:10
Reepicheep	usually it is ~/.ssh/id_rsa.pub on the client	23:10
newbuntu	I won't be able to access the server remotely on a machine that doesn't have a keyPair?	23:10
Reepicheep	you may.. you just need some way to get the public key onto the server	23:11
tharis20	qman__: which line is the kopts line?	23:11
Reepicheep	copy and paste works also..	23:11
kblin	or copy over the public key from a machine that can log in :)	23:11
newbuntu	all the machines are at diff locations	23:11
newbuntu	to make it easier should I turn off password after they are set up?	23:12
Reepicheep	newbuntu: that may be the easiest way	23:12
newbuntu	then it wouldn't matter, right?	23:12
kblin	newbuntu: so put the existing public keys somewhere you can get at without password..eg. on a web server	23:12
newbuntu	ok, just checking	23:12
Reepicheep	get it set up then make it more secure ..	23:12
newbuntu	that's a good idea kblin	23:12
kblin	read-only, obviously	23:13
newbuntu	Reepicheep: I think I'll do that	23:13
newbuntu	right kblin"	23:13
newbuntu	i'm going to try to cyberDuck it	23:13
Reepicheep	that's true.. the public section of the key can be printed on a bus if you wish.. it doesn't need to be kept secret	23:13
kblin	but yeah, I tend to switch off password-based auth after copying over my key file	23:14
samlpet_	i just created a uec setup and my instances are hanging on the "waiting for meta-data" when they are starting. all of the bug reports i have read say this should be fixed. am I just messing something up?	23:14
Reepicheep	you can even email it to your self if you choose .. then put in on the server from a machine that is already set up	23:14
newbuntu	on cyberDuck: here's the error...	23:14
newbuntu	I/O Error: Connection failed	23:14
newbuntu	Invalid PEM structure, '-----BEGIN...' missing.	23:14
kblin	ugh	23:15
kblin	that tool seems to use a different key format then	23:15
kblin	anyway, bedtime for me, good luck with that duck	23:15
newbuntu	Reepicheep	23:16
newbuntu	thanks kblin	23:16
Reepicheep	let me see if I can get cyberduck working with standard keys.. I had to update cyberduck.. it's been awhile since i used it	23:16
newbuntu	cool, thanks	23:17
tharis20	qman__: I added vga=791 and some green squares appear on the screen and I can't do nothing...	23:18
newbuntu	even when I select the key from my ~/.ssh it doesn't work	23:18
Reepicheep	newbuntu: it works fine	23:19
Reepicheep	these are the settings I used	23:19
newbuntu	with id_rsa.pub	23:20
Reepicheep	Open Connection -> SFTP (SSH File Transfer Protocal) -- I set hostname & Port # under more options I checked "Use Public Key Authentication" then I selected .ssh/id_rsa	23:21
Reepicheep	use id_rsa on the client side.. that is the secret one	23:22
Reepicheep	id_rsa.pub is for the other machine to use	23:22
Reepicheep	and make sure it is SFTP and not FTPS	23:22
Reepicheep	FTPS is FTP over SSL not what your after	23:23
deizel	when i go into `screen`, i can't see bash prompts and error messages, only what i type and what programs output.. wtf?	23:23
deizel	(it was fine before i restarted)	23:23
newbuntu	uuughhhh I was using the .pub	23:23
newbuntu	thanks, Reepicheep, I assumed I used the same one	23:23
newbuntu	I'm in!!!!	23:23
Reepicheep	sweet.. you will figure it out.. that is how key pairs work	23:24
newbuntu	okay, last thing, well for now anyway....I'm using a 10.x.x.x IP to connect to the server, that's through my router, right? Do I use the same when I'm at a remote location?	23:25
Reepicheep	the client uses the secret key.. while anyone you connect to uses the public key which doesn't need to be secured as long as you don't let anyone else have you secret key..	23:25
newbuntu	Reepicheep^	23:25
Reepicheep	newbuntu: that is a whole nother ball game..	23:25
newbuntu	well crap	23:25
Reepicheep	I assume that both your client and server have a 10.x.x.x address atm correct?	23:26
Reepicheep	and they are both in the same subnet	23:26
newbuntu	yes, they are both on the router	23:26
iarp	www.ipchicken.com	23:26
Reepicheep	so they can talk to each other without involving the router	23:26
iarp	will tell you your external addy	23:26
newbuntu	I have to be able connect remote machines though	23:26
Reepicheep	true.. you will need to use your external address.. as iarp has shown one way to get your external IP	23:27
newbuntu	I know my external, but how do get through the router	23:27
Reepicheep	that IP is the IP that your NAT router has on it's external interface	23:27
newbuntu	that's for a diff IRC	23:27
newbuntu	yes, I know that one	23:28
Reepicheep	you will need to make sure that you forward a port from the external interface to the internal server:port that ssh is on	23:28
newbuntu	can I just substitute it? Not that easy I'm sure	23:28
Reepicheep	then connect to your external IP when you are not inside your NAT router	23:28
newbuntu	can I give it a name, instead of typing 67.xx.xxx.xxx	23:29
Reepicheep	is it a dynamic address?	23:29
iarp	www.no-ip.org you can make up host redirects(fre)	23:29
Reepicheep	if so you may need to look at some dynamic DNS client	23:29
newbuntu	yes it's dynamic	23:29
iarp	they also have a software download to keep host redirects updates to your proper ip adress	23:30
newbuntu	www.no-ip.org is free?	23:31
iarp	ya, but you'd need to use one of thier domains, so like i have on for vent.myvnc.com	23:31
Reepicheep	newbuntu: you can use something like zoneedit if you wish to use your own domain	23:33
Reepicheep	I also use dyndns.. although I believe it's not free anymore	23:33
Reepicheep	some routers even support some dynamic dns providers on the router itself	23:34
newbuntu	we have an account with dns made easy I think	23:34
Reepicheep	see if they have a dynamic client you can use..	23:35
Reepicheep	for instance I use ddclient	23:35
Reepicheep	but I don't see dns made easy as a supported provider for that	23:36
newbuntu	so I need a nameserver IP	23:36
newbuntu	I already have name servers assigned to one of my domains, is that what we are talking about?	23:37
Reepicheep	it's more difficult than that.. you need a nameserver that supports dynamic updating of the records from the client when the client realizes that it's external IP has changed	23:38
iarp	are you hosting the website on a server yourself or do you pay for someone to host	23:38
newbuntu	I'm trying to do this on my server that I've been setting up today	23:39
Reepicheep	not just any nameserver will work, that's where one of the dynamic dns providers come in	23:39
newbuntu	DNS made easy has Dynamic DNS, is that what I need?	23:40
newbuntu	I see it turned on in our settings	23:40
Reepicheep	do they provide or recommend a client to use?	23:40
newbuntu	I can create an A Record there, and give an IP	23:42
newbuntu	I'm looking at our main site, that is set up there, It's an A Record	23:43
Reepicheep	the problem with setting a static "A" record is that it doesn't change when your router changes IP addresses	23:46
Reepicheep	newbuntu: ^^	23:47
newbuntu	i see	23:47
newbuntu	so how can I get around hosting my domain with a 3rd party, can I do it on my newly created server?	23:48
iarp	buy the domain through a provider like no-ip.org and install eithor software which updates their records to your external ip address	23:49
deizel	when i go into `screen`, i can't see the bash prompt or any error messages, only what i type and what programs i run are outputting.. any suggestions?	23:50
iarp	deizel: what profile are you using for screen	23:51
Reepicheep	deizel: you may try moving your .screenrc file out of the way and start over with it .. if you haven't put much into it	23:51
Reepicheep	something like "mv ~/.screenrc ~/.screenrc.old	23:52
deizel	iarp: well thats a problem actually, i installed it long ago and it just worked .. so i can't remember	23:53
deizel	iarp: since it wasn't working just there, i removed screen and reinstalled it	23:53
iarp	deizel: just follow what Reepicheep said lol that's faster and easier	23:53
Reepicheep	move the .screen-profiles out of the way also	23:53
deizel	iarp: well, this time it installed some screen-profile stuff and i get stuff like: /usr/bin/select-screen-profile: 176: cannot create /dev/null: Permission denied	23:54
deizel	Reepicheep: will try	23:54
deizel	okay, there wasn't a .screenrc, and moving the .screen-profile directory didn't work either	23:57
Reepicheep	deizel: and it used to work? did screen get updated or anything?	23:58
deizel	yeh it was working fine like an hour ago before i restarted my jaunty vps	23:59

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!