[00:04] <blistov> I have an md raid5 of 3 discs sd{d,e,f}1 .  When I boot to my karmic install, there is an incorrect device node /dev/md_d1, which is grabbing 1 of d,e, or f, but not initializing any raid.  one of the 3 drives is bind binded, but not used. this means I can not create a useable array.  anyone know how to make this stop?
[00:05] <blistov> I've been at this for an hour trying to figure out what is happening.
[00:16] <lamont> jmarsden: you wound up with upstream's postfix-script, instead of the packaged one
[00:17] <jmarsden> lamont: Not me... jeeves_Moss is the one with the issue.  I was trying to help.
[00:17] <lamont> oh. yeah.  him them.
[00:17] <lamont> s/them/then/
[00:18] <jmarsden> But yes, that makes perfect sense since jeeves_Moss had an earlier "from source" postfix installation which was being replaced by the packaged one.
[00:18] <jeeves_Moss> jmarsden, thanks.  I found out what it was.  it was a hooped aliaises.db file
[00:18] <jmarsden> jeeves_Moss: OK, glad all is now fixed.
[00:19] <jeeves_Moss> jmarsden, next up, trying to figure out why I can't send e-mail through the Postfix server from my pocketPC
[00:20] <jmarsden> Can you send mail through it from other devices (such as a local PC other than the server) ?
[00:21] <jeeves_Moss> jmarsden, yep, everything else sends properly
[00:21] <jeeves_Moss> on the PPC, I'm getting a connection error using the same settings as the desktop
[00:21] <jmarsden> Then it sounds like a config issue on the pocketpc... is it authenticating, and how far does it get before it fails?
[00:22] <jeeves_Moss> on the PPC, there is no way of seeing what it's doing.  I don't even think it logs by default
[00:23] <jmarsden> So read the postfix logs, and if necessary run tcpdump or wireshark on the server to see what it sees at the network level.
[00:24] <jeeves_Moss> jmarsden, yea, I know.  I'm not that excited about it.  it's more of a "nice thing" to have
[00:34] <jeeves_Moss> ok, I think I figured it out.  there was no auth required after pop/impa login
[01:06] <Aison> evening
[01:06] <Aison> i'm trying to define some ip routing rules with ip rule add
[01:06] <Aison> how can I define a rule concerning packets from local processes?
[01:06] <Aison>  ip rule add from [local]
[01:06] <Aison> like
[01:11] <jmarsden> Aison: from 1.2.3.4   # if 1.2.3.4 is your local IPv4 address... or isn't that good enough for whatever you are trying to do?
[01:12] <Aison> jmarsden, i've got around 8 local addresses ;)
[01:12] <jmarsden> So write 8 rules :)
[01:23] <N6REJ> hey guys, this old dinosaur needs a refresher... whats with the "Virtual Machine Host" setting in 9.1 server edition?  Never heard of that b4... don't konw MUCH about VM's either.
[01:28] <j416> N6REJ: are you referring to the installer?
[01:29] <N6REJ> j416: yes
[01:29] <N6REJ> i'm a bit confused
[01:29] <jmarsden> It's just a selection of packages that will be installed, intended for use if your server will run virtual machines.  If you don't want it or son't understand it, don't check that checkbox.
[01:30] <N6REJ> I've got a dinorsaur thats been running server edition since before fiesty... and sudenly last nite after the kernel patch, it got very confused and crashed.....
[01:30] <j416> I'm not entirely sure myself, I read a bit about it before when I installed my machine. My conclusion was that it basically avoids installing things that won't generally be needed for a VM.
[01:30] <N6REJ> in the process i lost everything in the /home *sigh*
[01:30] <N6REJ> so I'm reinstalling
[01:30] <N6REJ> well, if i could pick anything I'd love to be able to "see" the server from my windwos client ( servers desktop ) that is.
[01:31] <N6REJ> but I don't think thats VM
[01:31] <jmarsden> N6REJ: See... as in see disk space?  See shared printers?  ssh into it?  what kind of visibility to you have in mind?
[01:32] <N6REJ> jmarsden: in the past i've always just ssh'd in and done what i needed like a "NORMAL" server
[01:32] <jmarsden> Then the only selection you need to make for that is openssh-server.
[01:32] <N6REJ> but there are a few programs, like games, i'd love to have open as a window with that game actually running on the server instead of on my windows box
[01:32] <N6REJ> i think thats "remote desktop" right?
[01:33] <N6REJ> the server is our "file server" i.e. backup locatoin... and would make a nice linux Sandbox
[01:33] <jmarsden> You could run an RDP server on the server machine, or you could run a X display server on the Windows machine, or use any of many remode desptop protocols, VNC would be once choice...
[01:33] <j416> N6REJ: https://help.ubuntu.com/community/JeOSVMBuilder
[01:33] <jmarsden> WHich is "best" depends on the nature of the games concerned
[01:33] <N6REJ> mmmm kk...
[01:33] <N6REJ> yeah
[01:34] <N6REJ> i know adobe HATES nix.. and thats one app i'd have to have working 100% but i think i'm xing lines again.
[01:34] <N6REJ> too many new ways of cooking LOL
[01:34] <N6REJ> ok, last question i think...
[01:34] <jmarsden> If you really want to get funky, use the new SPICE remote app which can use the client graphics card to run games etc on the server...
[01:34] <N6REJ> the server is behind my router NOT accessible to the net anymore so then our clients are...
[01:35] <N6REJ> OH SWEET
[01:35] <N6REJ> i'll look that up
[01:35] <N6REJ> i forget the term on the router but its turned off
[01:35] <N6REJ> not jailed
[01:35] <N6REJ> hmmmmmmmmmmmmmmm
[01:35] <j416> NAT?
[01:35] <N6REJ> DMZ
[01:35] <j416> ok
[01:36] <N6REJ> yeah, the lan is FULLY nat'd
[01:36] <N6REJ> 192.168.1.x
[01:36] <N6REJ> all ports closed etc...
[01:36] <jmarsden> Your server and client PCs are not reachable from the Internet, they are on a private subnet.  OK.
[01:36] <N6REJ> yep
[01:36] <N6REJ> ok.. so only thing i need the server to know is how to talk to the clients and check for updates and wget when i ask
[01:36] <jmarsden> Where's the question?
[01:36] <N6REJ> stuff like that
[01:37] <N6REJ> so.... do I need/want a dns server for that? or is it complicating matters
[01:37] <N6REJ> personally Bind drives me insane
[01:37] <jmarsden> If you have enough clients on your local LAN, a local DNS server is nice to have.  But it's not a requirement.
[01:37] <N6REJ> the FQDN we've used in the past is hallhome.lan
[01:37] <N6REJ> 3 currently and will be 5
[01:37] <N6REJ> clients that is
[01:38] <jmarsden> Then it's not worth running DNS, especially if you hate doing so :)
[01:38] <N6REJ> its just confusing to setup
[01:38] <j416> N6REJ: if your network is small, it may be easier to just define, say static DHCP IPs in your router, and map them up using hosts files.
[01:38] <jmarsden> If you had said 50 clients I might have suggested otehrwise :)
[01:38] <N6REJ> yeah
[01:38] <N6REJ> ok cool.. and if I do put the dns on is it "caching"?
[01:39] <N6REJ> there used to be a program where you could config via the web, like cpanel but thats gone
[01:39] <N6REJ> webmin i believe
[01:39] <jmarsden> Well, caching is so you can use it to resolve other people's (Internet) DNS names etc.
[01:39] <N6REJ> well i would need that to get updates right?
[01:39] <jmarsden> Read the Ubuntu Server Guide.
[01:39] <jmarsden> No, you can use your ISP's DNS servers for that.
[01:39] <N6REJ> k, its been a long time so i will
[01:39] <N6REJ> OH
[01:39] <N6REJ> ok
[01:39] <j416> N6REJ: if you don't have your own DNS server, you will connect to a remote DNS server. No problem.
[01:40] <N6REJ> i'm used to making "real" servers not lan ones... if that makes sense
[01:40] <j416> the only benefit is that your DNS lookups will work even if your ISPs DNS is down
[01:40] <j416> and that they will be slightly faster. :)
[01:40] <N6REJ> and like I said its been almost 7yrs sine i've even touched it other then ssh sudo apt-get update / ugprade LOL
[01:40] <jmarsden> j416: No, he would also be able to be authoritative for hallhome.lan if he runs his own DNS server...
[01:41] <j416> jmarsden: I was trying to simplify things :)
[01:41] <j416> ok :)
[01:41] <N6REJ> www.hallhome.lan shoudl take me to my sql,mail, what have u
[01:41] <jmarsden> "The only" is confusing if it is incorrect.
[01:41] <j416> sorry about that.
[01:41] <j416> s/The only/The only user-noticable/
[01:41] <j416> then
[01:41] <jmarsden> N6REJ: So either you run your own DNS server that knows about *.hallhome.lan, or you use the hosts file on each machine
[01:42] <N6REJ> ok, so i think the consensus is go ahead and install the dns server.... just use it for *.hallhome.lan as u just said
[01:42] <j416> ftr, I have three machines in my network, no DNS. It's just a hassle.
[01:42] <N6REJ> i've been letting the router "assign" it a static ip from the dhcp pool is that ok?
[01:43] <N6REJ> i understand
[01:43] <j416> sure.
[01:43] <jmarsden> Yes, that's OK.  I'd run DNS, but then I run DNS at work for a couple of hundred domains... so bind isn't scary to me :)
[01:43] <N6REJ> thats why i was grumpy when after almost 12yrs it finally asked to be reinstalled LOL
[01:43] <N6REJ> well i'm used to setting up LAMP and such.. have for years... but i'm very rusty at server maintence.... last time i did it pro was in 98
[01:44] <N6REJ> and all the gears dont' mesh these days like they did then
[01:44] <j416> a server should have a static IP anyway, and the most "correct" way would probably be to set a static IP for the server. I prefer to have settings as central as possible, so I set everything in the router (static DHCP).
[01:44] <N6REJ> gotcha! same there
[01:44] <N6REJ> here
[01:44] <N6REJ> thats why the server holds ALL , music, photos, etc.
[01:45] <N6REJ> so, no vmh, just lamp,dns,ssh,samba
[01:45] <N6REJ> sound right?
[01:45] <j416> if it is VM, why not use the VM installation?
[01:45] <N6REJ> ?
[01:46] <N6REJ> wait now i'm confused?
[01:46] <j416> "Install a minimal virtual machine"
[01:46] <j416> that one
[01:46] <N6REJ> the "SERVER" is not virtual
[01:46] <j416> ok :)
[01:46] <j416> then I would avoid it
[01:46] <N6REJ> its a p3-933
[01:46] <N6REJ> kk
[01:46] <j416> I'll be running virtual (also reinstalling things here...)
[01:47] <j416> easier maintenance/backup :)
[01:47] <N6REJ> i might do that here later but we'll have to see.. right now that spice sounds tasty..
[01:47] <N6REJ> but it takes me a long time to digest stuff these days
[01:47] <N6REJ> getting older sucks LOL
[01:47] <j416> heh
[01:47] <j416> yeah...
[01:47] <j416> VM isn't hard though :)
[01:48] <N6REJ> just think its cause i hav epretty hard wired definitions in my brain... server = hardware...  etc...
[01:49] <j416> :)
[01:49] <Zelest> I just replaced my NIC in one of my machines, and now it has eth2 but no eth0 or eth1.. how come it appears as eth2 and how can I rename/make it eth0 again?
[01:49] <N6REJ> there used to be a step by step walk through guide for server... is it still there?
[01:49] <j416> N6REJ: there are a few guides on ubuntu.com
[01:50] <j416> for postfix etc. that seem to work
[01:50] <j416> helpful.
[01:50] <N6REJ> j416: ok, i'll look harder
[01:50] <lamont> Zelest: /etc/udev/rules.d/70-persistent-net.rules or so
[01:51] <jmarsden> N6REJ: For a basic email setup there is now a postfix-dovecot package
[01:51] <Aison> Zelest, that's because of a udev rule
[01:51] <j416> N6-away: start here: https://help.ubuntu.com/community
[01:51] <N6-away> oh sweet
[01:51] <N6-away> ty
[01:51] <N6-away> dovecot is nice.
[01:51] <j416> jmarsden: cool, didn't know that
[01:51] <N6-away> tyvm
[01:51] <j416> thanks
[01:51] <Zelest> Oh, thanks, I'll look into it. :)
[01:51] <jmarsden> You're welcome.
[01:52] <lamont> Zelest: for most personal machines, it's simplest to just remove the file and reboot and let udev figure it out all over from scratch
[01:52] <Zelest> Aah, nifty! :D
[01:52] <Zelest> lamont, Yeah, I just saw 2 other NIC's in there and removed those lines.. hopefully that will do it. :)
[01:52] <lamont> well, fix the remaining one to say eth0....
[01:53] <Zelest> Yeah
[01:59] <N6-away> any reason for mysql root pw to NOT be blank in my case?
[02:00] <N6-away> nm
[02:15] <N6REJ> jmarsden: u still here?
[02:16] <jmarsden> Yes
[02:16] <jmarsden> And you should always put *something* for your MySQL password...
[02:16] <N6REJ> jmarsden: i'm confused again, i'm sorry... somehow it named itself "server.scrtc.com" not server.hallhome.lan infact it never ask the hallhome.lan question
[02:16] <jmarsden> But as a network admin I would say that :)
[02:16] <N6REJ> yeah, thats what i decided
[02:17] <N6REJ> <[02:17] <jmarsden> Most likely you left a box checked so it got its name from your LAN DHCP server
[02:17] <N6REJ> UGH
[02:17] <N6REJ> lets c if I remember how to fix this....
[02:17] <N6REJ> ./etc/hosts i think
[02:17] <N6REJ> and its at 127.x so thats wrong also
[02:18] <N6REJ> they've changed the guide... there doesn't appear to be a step-by-step walk through anymore
[02:18] <jmarsden> Edit there and also hostname -f server.hallhome.lan
[02:18] <jmarsden> N6REJ: Walkthrough of what?  The basic server install process?
[02:19] <N6REJ> yeah
[02:19] <kees> Daviey: say, you been seeing those asterisk emails?
[02:19] <N6REJ> jmarsden: used to be a step-by-step, do this, then check for this... etc...
[02:20] <jmarsden> N6REJ: It's not necessary... the basic install is pretty trivial, surely?  What exactly do you need help with?
[02:20] <N6REJ> jmarsden: after i've got it IN, like i do now....then i need to config samba, dns, etc... there use to be like a checklist kinda thing
[02:21] <N6REJ> idk how to describe it.
[02:21] <jmarsden> N6REJ: Ah.  Well... doesn't the Server Guide tell you how to do each one of those things?
[02:21] <N6REJ> i'm going to look again but i think its more dictionary style then walk through style
[02:22] <N6REJ> jmarsden: do i remove this line? 127.0.1.1       server.scrtc.com        server
[02:22] <jmarsden> There are independent "The Perfect Server Guide" type of things but they only work if your needs exactly match those of the guide creator and you don't mind doing exactly what that author thinks is right...
[02:22] <N6REJ> jmarsden: true
[02:22] <jmarsden> N6REJ: I'd edit that into  127.0.1.1   server.hallhome.lan server
[02:22] <N6REJ> jmarsden: i use it as my "gray matter shaker"
[02:23] <N6REJ> jmarsden: and i need 192.168.1.69 server.hallhome.lan server also don't i?
[02:23] <N6REJ> so it knows to be on the 192 network?
[02:23] <N6REJ> althought i'm ssh'd into it now so
[02:23] <jmarsden> If you have set it up static at that IP, sure.
[02:23]  * N6REJ is confusing himself
[02:24] <jmarsden> BTW I just looked, the Server Guide has a chapter on DNS: https://help.ubuntu.com/9.10/serverguide/C/dns.html
[02:24] <jmarsden> And one on windows networking (SAMA etc): https://help.ubuntu.com/9.10/serverguide/C/windows-networking.html
[02:24] <jmarsden> *SAMBA
[02:25] <N6REJ> ty *sigh* i guess i'm not looking hard enough
[02:25] <N6REJ> probably geting myself overwhelmed
[02:25] <jmarsden> And a oneliner for installing a postfix and dovecot mail server is there too at https://help.ubuntu.com/9.10/serverguide/C/postfix.html#postfix-dovecot
[02:26] <jmarsden> Read the Server Guide, all of it, and no other docs.  To get started...
[02:26] <N6REJ> jmarsden: ok.. ty.. i won't bother you again tonight I don't want to be a troll
[02:26] <jmarsden> No problem :)
[02:34] <N6REJ> jmarsden:  i lied i got one last question ( i think ) but it has nothing to do with ubuntu really....... I just found a box labled "domain name" in the router system setup area.... if I put that hallhome.lan will that mess anythign up?
[02:35] <jmarsden> Not unless your ISP cares about what goes in there, which is very unlikely.
[02:35] <N6REJ> jmarsden: and then it will automatically be "hallhome.lan on the server and windows machines too right ??
[02:35] <jmarsden> BTW, general good form here is to ask the question to "the channel" -- whoever is here and knows will try to help you out :)
[02:36] <N6REJ> ok sorry
[02:36] <jmarsden> N6REJ: If they all use that DHCP-provided info, yes.
[02:36] <N6REJ> sweet!
[02:36] <N6REJ> tyvm!!
[02:36] <N6REJ> g'nite
[02:36] <jmarsden> You're welcome.
[06:31] <blistov> I just build a new md raid5 of three disks using karmic's alternate installer.  When i examine the raid however, i see that there are supposed to be 3 raid devices, but at the bottom there are 4, and one says "faulty removed"
[06:32] <blistov> anyone know what this is?
[06:32] <blistov> p.s. one of my 3 disks is being listed as a spare.
[15:02] <Xserver> need a bit of kickstart help with ubuntu on ec2 with persistant filesystem for LAMP
[15:02] <Xserver> any suggestions
[15:14] <henriquev> Xserver: is saving a AIM enough for you?
[15:23] <Xserver> henriquev : I need to save the Mysql files also
[15:23] <Xserver> saving AIM is a first time job.. but data also needs to be saved for next instances when i reboot the server
[15:24] <Xserver> maybe some sort of a direct filesystem attached to my instance
[15:27] <henriquev> Xserver: why not to use the RDS?
[15:27] <henriquev> I think you can do something with EBS however
[15:27] <henriquev> not sure
[15:28] <Xserver> apart from database there are still some custom application on the server
[15:29] <Xserver> right now ... after googling a lot i found that Booting from EBS will be perfect for me
[15:29] <Xserver> But there ain't any ubuntu desktop AMI's available on EBS volumes
[16:10] <AnRkey> i have just booted my server after having to shut it down in a power outage. I noted that my data partition on the server is not mounting. I tried to mount it manually and I get this : mount: /dev/sdb3 already mounted or /media/Data busy
[16:10] <AnRkey> a reboot results in the same problem
[16:10] <AnRkey> what can i try?
[16:29] <RoyK> AnRkey: reboot into single user mode and run fsck on the filesystem
[16:41] <AnRkey> RoyK, booting live cd now
[16:41] <AnRkey> and on a friggen sunday :(
[16:45] <AnRkey> RoyK, i'm a noob :( i should have just done that from the start. I did not do it because I thought it would be the same thing since the partition had not mounted.
[16:45] <AnRkey> fsck is scanning it now... at last
[16:46] <AnRkey> and it was a clean shutdown that i did too during a power failure
[16:49] <AnRkey> how only one partition got damaged in a clean shutdown i will never know
[17:01] <RoyK> that might happen
[17:02] <RoyK> but it's RARE
[17:02] <RoyK> usually something related to hardware
[17:02] <RoyK> what filesystem?
[17:02] <RoyK> ext3? ext4?
[17:03] <RoyK> AnRkey: also, for next time, just boot into safe mode. press <esc> at boot to get the grub menu and choose single from there
[17:04] <AnRkey> ta RoyK
[17:04] <RoyK> don't remember what they call it - it's not single - something else
[17:04] <AnRkey> was not thinking straight, was very very very very very very stressed :D
[17:04] <RoyK> but is it ext3 or ext4?
[17:04] <RoyK> understandable :)
[17:04] <AnRkey> ext3
[17:04] <RoyK> k
[17:04] <AnRkey> dont trust 4 just yet
[17:04] <RoyK> me neither
[17:04] <AnRkey> hehe
[17:05] <RoyK> I mostly use ext3 and xfs
[17:05] <AnRkey> it's pretty crazy out there in fs land right now, with serial killers and fs's being forgotten about
[17:05] <AnRkey> ext3 has never let me down yet
[17:06] <RoyK> yeah, wifemurderfs isn't really my thing
[17:06] <AnRkey> it always comes right no matter what
[17:06] <RoyK> ext3 isn't very good with large volumes
[17:06] <RoyK> xfs is better there, just don't use xfs for spool
[17:06] <AnRkey> it's a bit slow on my ext3 1.5tb volume here
[17:06] <AnRkey> but runs soooo smooth
[17:06] <AnRkey> no problems... well until now
[17:06] <RoyK> I use zfs for large volumes
[17:06] <RoyK> :D
[17:06] <AnRkey> fast?
[17:06] <RoyK> zfs ROCKS
[17:07] <RoyK> take LVM and a very nice filesystem, some compression, data deduplication, snapshotting, versioning, dynamic expansion etc and add it up
[17:07]  * RoyK doesn't use linux for large data sets anymore
[17:08] <AnRkey> ahhh, it's kicking in [the plant :) ]
[17:08] <AnRkey> yeah, i hate that u have to rape the journal to increase ext3's size
[17:09] <RoyK> I have this 27TiB zpool on this one box
[17:09] <AnRkey> nice
[17:09] <RoyK> 3x7-drive RAID-Z2 (similar to RAID6, only cooler)
[17:09] <RoyK> with SSDs for caching
[17:09] <RoyK> do that with linux :D
[17:10] <AnRkey> wow
[17:10] <RoyK> total price with lots of redundancy ~ NOK 65k
[17:10] <AnRkey> what does it store?
[17:11] <RoyK> that's like $10k
[17:11] <RoyK> scientific data from satellites, mostly
[17:11] <RoyK> model data used by the scientists
[17:12] <AnRkey> i could fill it :P
[17:13] <RoyK> hehe
[17:13] <RoyK> pr0n all the way
[17:22] <laen> RoyK: do the ssd's really cache well enough? I'd expect that to be working better with memory..
[17:25] <RoyK> laen: heh - 'cept that 250 gigs of memory is a bit more expensive
[17:26] <qman__> not that much, SSDs are expensive
[17:26] <RoyK> laen: obviously, 16GB of L1 cache would be nice-to-have for your CPU, but for some reason, people tend to use slower memory for larger amounts of cache
[17:26] <RoyK> qman__: not really
[17:27] <RoyK> qman__: you can get a 250GB SSD drive quite cheaply these days
[17:27] <neonfreon> waaay cheaper than that much DRAM!
[17:27] <qman__> going with DDR2 ramdisks would only cost ~3x more than intel SSDs
[17:28] <RoyK> qman__: haha - please show me that
[17:28] <RoyK> an Intel X25M is quite affordable
[17:28] <RoyK> X25E is expensive, but then, it's friggin' fast
[17:28] <qman__> the 6-slot units are 250, and add DDR2
[17:29] <RoyK> also, if you use DRAM for ZIL (write cache) and power dies, you're fucked
[17:29] <qman__> they've got batteries and CF slots
[17:29] <RoyK> qman__: read up about this, please, before you barge in and try to reinvent the wheel
[17:30] <qman__> I have read up on it
[17:30] <RoyK> well, shut up, then
[17:30] <qman__> it is more expensive, but on a grand scale it's not that much
[17:30] <qman__> SSDs have a long way to come down
[17:30] <neonfreon> only 3x difference in price according to what you say
[17:30] <neonfreon> 3x !!
[17:31] <neonfreon> i'm not sure how you do your budgeting, but 3x is a giant difference in my budgets
[17:31] <RoyK> still, that calculation doesn't match reality
[17:31] <neonfreon> yea
[18:00] <AnRkey> qman__, i'd go with royk on this one... large ram drives suck
[18:00] <AnRkey> can't get the data off them fast enough when power goes off
[18:02] <AnRkey> RoyK, it's rebooting now, lets see if it worked
[18:04]  * AnRkey lights a doobie, ahhh... it's fixed
[18:04] <AnRkey> RoyK, it's up and running fine
[18:05] <AnRkey> no data loss from what i can see
[18:10] <RoyK> :)
[19:34] <laen> RoyK, qman__: don't know -a- (as in 1) server yet that can hold 250G ram, so.. indeed :)
[19:36] <laen> Oh nevermind, backlog.
[19:37] <RoyK> hehe
[19:37] <RoyK> also, having a battery backup on that memory seems a hard task
[19:38] <RoyK> some 100-200 gigs for caching seems a good idea to me
[20:42] <blistov> Anyone know of a repo with zfs-fuse for karmic?
[21:30] <Letter3> hi. I generated a key pair for ssh, copied the public key to my remote machine to ~/.ssh/blah.pub. However, if I restart my sshd server it complains: "Could not load host key: /etc/ssh/ssh_host_rsa_key" ... I'm confused, I thought it was looking for keys in ~/.ssh/ ? Do I have to copy my public key to /etc/ssh or what?
[21:32] <guntbert> Letter3: the server needs its own keys
[21:34] <Letter3> guntbert: okay, but why? as I understand public key encryption, the server generates random blob of data, encrypts it with the public key in ~/.ssh/, send that to the client and since only the client can decrypt it with the private key, it authenticates the client if it is able to send the original blob back. what does the server then need own keys for?
[21:35] <guntbert> Letter3: the server has to prove to the client that it is who it is saying to be (see man in the middle)
[21:36] <Letter3> guntbert: oh, yes, of course. do I have to copy the public key of the server back to the client or is this done automatically at first connection attempt?
[21:37] <guntbert> guntbert: the public key is writtten to .ssh/known_hosts on first connect (you are asked about that every time)
[21:40] <Letter3> guntbert: okay. I generated my key pairs for RSA and DSA and this in my /var/log/auth.log after restarting the server and trying to connect: sshd[4312]: error: Could not load host key: /etc/ssh/ssh_host_rsa_key ...... sshd[4312]: error: Could not load host key: /etc/ssh/ssh_host_dsa_key .... sshd[4313]: fatal: No supported key exchange algorithms
[21:41] <Letter3> I used these commands: sudo ssh-keygen -t rsa -f /etc/ssh/ssh_host_rsa_key
[21:41] <Letter3> sudo ssh-keygen -t dsa -f /etc/ssh/ssh_host_dsa_key
[21:43] <guntbert> Letter3: please pastebin the output of ls -l /etc/ssh
[21:45] <Letter3> guntbert: http://www.pastebin.ca/1728821
[21:48] <guntbert> Letter3: permission look ok - I have two suggestions - 1) rename the blacklist-files 2) look into sshd_config
[21:55] <Letter3> guntbert: renaming blacklists doesn't work, and the sshd_config file seems to okay (I basically copied it from a tutorial on this, changed the listening port to a custom port). I checked with iptables and it doesn't block the connection.
[21:56] <guntbert> Letter3: did'nt you install it from the repos?
[21:58] <Letter3> guntbert: I did.
[21:58] <guntbert> Letter3: sorry got to go - bedtime :-)
[21:58] <Letter3> guntbert: thanks though, good night
[22:24] <Zelest> I'm running Ubuntu 9.10 and use it as a KVM host, together with libvirt. I'm curious how to do a somewhat more graceful shutdown? Right now it seems like a shutdown of the host system instantly kills the kvm processes and simply "pulling the plug" for the VM's .. can this be avoided/fixed somehow?
[22:33] <laen> Zelest: thats a #kvm question i guess.
[22:35] <laen> What you want is the VM to get a signal like pressing the powerbutton on a physical machine, haven't looked that up myself yet, interested though.
[22:50] <Zelest> laen, Yeah, I guess.. I thought it was a feature or what not with libvirt though, as you're able to specify which machine to autostart when the host starts.. so I figured it would send a "power button press" upon shutdown and wait X seconds before killing the process.. however, it seems like it kills it instantly instead.