/srv/irclogs.ubuntu.com/2013/05/19/#ubuntu-server.txt

krys	any vmlinuz or initrd gurus out there? I feel like mine might be corrupted and thats why i cant boot	00:12
yofun	how can i search for "Failed launched: No such file or directory" in *.log files in ssh?	02:29
=== thesheff17 is now known as thesheff17_
mardraum	yofun: grep	04:10
=== akashj87_ is now known as akashj87
bigbrovar	Hi guys trying to incease the ulimt on ubuntu for a tomcat user I created	15:05
bigbrovar	ulimit -n for this users hows 1024	15:06
bigbrovar	but when I cat /proc/sys/fs/file-max the limit is set to 599191	15:06
enraged	If I have, let's say, 10 servers that I want to control over SSH from a remote location, would it be more secure to have 1 server act as a key server which I access over the internet, and then after connecting to the key server, port forward to the other 9 servers OR simply carry keys for all 10 servers and connect to each one independantly?	15:20
RoyK	well, if that one server is compromised, the attacker will have full access to the others ;)	15:25
enraged	Exactly my concern.	15:26
enraged	So you would agree it would be better to have each server accessed independantly?	15:26
RoyK	maybe	15:26
RoyK	but if you have a common ssh server, you can close ssh from the net from the others	15:26
RoyK	not sure what's best	15:26
enraged	Theoretically couldn't I run clusterSSH to shutdown all 10 servers at the same time?	15:28
enraged	Ofcourse I'd need to be local to bring them all back online, but in an emergency situation where security rather then accessibility is the concern, that should work?	15:29
RoyK	if an attacker gets root, he or she probably won't shut down the systems but rather plant a rootkit there	15:31
RoyK	I guess a common login server should be easier to manage	15:31
RoyK	then setup the others to block ssh access from the net	15:31
RoyK	setup the login server with denyhosts/fail2ban/something	15:31
RoyK	and make sure it's updated regularly, and not running any other services	15:32
enraged	Exactly my thinking	15:34
enraged	Whatever the setup for security was on the key server I was going to install on each of the 10 servers independantly if I didn't bother going with the key server	15:35
enraged	And then I hoped to manage them over cluster SSH	15:35
enraged	So yeah, fail2ban, SSHkeys with no password access, standard stuff	15:35
RoyK	denyhosts may be better - supports distributed ban lists	15:36
enraged	mm	15:36
enraged	1 last question - Since this is my first time having to remote SSH to my servers, I can normally run clusterSSH on a Ubuntu desktop which has a GUI, however, I am travelling with a Windows laptop. If I connect by SSH to the key server, with Putty, can I run clusterSSH in the terminal because all references I can find to it online mention the opening of a terminal for each server with 1 terminal acting as the main,	15:40
enraged	Sorry, does Cluster SSH work over a Putty terminal?	16:00
enraged	Assumably if I connect to a key server with ClusterSSH installed	16:00
RoyK	http://paste.ubuntu.com/5681058/ <-- nice drive size	17:26
qman__	nice	17:27
RoyK	seems a disk died :)	17:27
Jeruvy	Trying to ping INTO server, noticed shorewall is installed, is there a quick way to disable this for testing?	18:25
RoyK	Jeruvy: iptables -F INPUT	18:35
RoyK	or something	18:35
Jeruvy	RoyK thank you that worked.	18:39
Jeruvy	I see I'm going to have to brush up on this. Cheers!	18:40
=== hachre_ is now known as hachre
Syria	Hello! I have a VPS , Can I know if other users are using Tunnels and browsing websites using socks proxy through it?	19:54
RoyK	User Capacity: 600,332,565,813,390,450 bytes [600 PB]	19:57
=== ToBeFree is now known as matjohnson
=== matjohnson is now known as ToBeFree
James_Epp	How can I make the tftpd-hpa service start on boot? I edited /etc/default/tftpd-hpa to include 'RUN_DAEMON="yes"' but this does not resolve my issue.	22:51
=== racedo` is now known as racedo

Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!