| === hxm is now known as Guest60695 | ||
| === patdk-l2 is now known as patdk-lap | ||
| === markthomas is now known as markthomas|away | ||
| jak2000 | how to know wich program listen on a specified port, sample: mysql listen on port 3306 how to know? | 02:26 |
|---|---|---|
| patdk-lap | jak2000, cause you ask your program | 02:36 |
| adun153 | Quick question, when should I choose PostgreSQL over MySQL and vice versa? | 03:07 |
| sarnold | adun153: some applications are written so that they can only support mysql | 03:22 |
| sarnold | adun153: but since postgresql had ACID transactions about a dozen years before mysql, I've always had a soft spot in my heart for postgresql | 03:23 |
| sarnold | adun153: and now that mysql is run by oracle .. well .. | 03:24 |
| adun153 | well.. that, too. | 03:25 |
| sarnold | jak2000: netstat -anp might be your friend | 03:25 |
| === hxm is now known as Guest53480 | ||
| frediz | rbasak: Good morning there. About kimchi, I had mails after the technical interlock, yesterday, saying that we were missing things on kimchi. I thought that you did the upload after I provided the last packaging on mentors (s/ln/cp change). Isn't that the case ? | 06:06 |
| Celphish | Anyone awake? | 07:03 |
| Celphish | I'm trying to download a pdf through sftp from an ubuntu 12.04-server, but it keeps saying: | 07:04 |
| Celphish | open for read: no such file or directory | 07:04 |
| sarnold | are there any funny characters in the filename? i seem to recall that sftp had a problem with one or another character | 07:04 |
| Celphish | sarnold: well, yea, åäö | 07:05 |
| sarnold | (which is funny, I thought sftp was supposed to handle that better than scp. bah.) | 07:05 |
| Celphish | sarnold: that worked, can't believe I missed that! thanks! | 07:06 |
| sarnold | Celphish: try doing something like sftp 'user@host:/path/to/f\å\ä\öilename' .... | 07:06 |
| sarnold | Celphish: hah, what worked? :) | 07:06 |
| Celphish | sarnold: I just replaced å and ä with a, and ?u with u, ö with o and it worked :D | 07:07 |
| sarnold | ??? | 07:07 |
| sarnold | i'm surprised that worked :) | 07:07 |
| lordievader | Good morning. | 07:24 |
| rbasak | frediz: hi! | 07:37 |
| rbasak | frediz: no, I had no idea you had uploaded an update. I had pinged you on here a couple of times but never saw an answer. | 07:37 |
| frediz | rbasak: well it was just about the "ln" blocker issue | 07:38 |
| frediz | are we in phase on that ? :) | 07:38 |
| rbasak | Yeah, that was the only thing I wanted fixed before upload | 07:38 |
| rbasak | That's fixed now on mentors? | 07:38 |
| frediz | mmm then that should be good; I was sure to have it done then | 07:39 |
| frediz | you're making me doubt :) .. let's check | 07:39 |
| rbasak | It's just that mentors doesn't really provide an opportunity to tell apart when things have been fixed in a new upload because they'll have the same version number and no changelog entry. | 07:39 |
| frediz | you're right | 07:40 |
| frediz | Uploaded: 2015-08-20 12:05 | 07:40 |
| frediz | that should be my change | 07:41 |
| rbasak | I see now. Thanks! Sorry, I just hadn't realised that you had uploaded a new version. | 07:42 |
| maswan | Here's a question, one of our VMs is unreachable over IPv6 from our other VMs on one of its addresses, but reachable from the world (or the HW hosting them). Anyone with clues about that? | 07:42 |
| rbasak | frediz: thank you for syncing up there, and sorry for the confusion. It's over to me now - I'm no longer blocked. | 07:43 |
| frediz | rbasak: wait, that seems to be wrong what's in there | 07:43 |
| frediz | damn | 07:43 |
| sarnold | maswan: is it perhaps a link-local address or something else that's not supposed to be routable? https://en.wikipedia.org/wiki/IPv6_address#IPv6_address_classes | 07:44 |
| rbasak | frediz: yeah - looking at it, that should be in debian/rules now, or a dh_install file, rather than the postinst. | 07:45 |
| frediz | rbasak: right, I'll ping you once it's re-uploaded | 07:47 |
| rbasak | frediz: OK. Thanks! | 07:47 |
| === Lcawte|Away is now known as Lcawte | ||
| maswan | sarnold: Nope, publically routable and it is reachable over the internet | 08:06 |
| maswan | and it is only one of the two v6 addresses it has that is unreachable, both on the same network (just different last octet) | 08:07 |
| maswan | ah, I fixed it by randomly "ip addr del; ip addr add" for the same IP... | 08:20 |
| sarnold | eww :) | 08:23 |
| maswan | yeah | 08:27 |
| maswan | Looking at nagios history it stopped working spontaneously at 4 in the morning, 3.5 days after the last reboot.. | 08:34 |
| gartral | hey all, I have a very old production server that I *MUST* upgrade, is there any way to list the installed packages and have apt reinstall the system and force though the old packages as newer varients? | 09:13 |
| sarnold | what's wrong with do-release-upgrade? | 09:14 |
| gartral | sarnold: Ubuntu 14.04 | 09:15 |
| maswan | you can play with dpkg --get-selections etc, but do-release-upgrade is much more likely to work since some packages change names, etc. | 09:15 |
| maswan | gartral: the old versions are available with a different apt source, so you can get the last released version there and then do-release-upgrade | 09:16 |
| gartral | maswan: ubuntu 14.04 | 09:16 |
| gartral | maswan: how? | 09:16 |
| sarnold | so, "very old" means "16 months"? | 09:16 |
| gartral | er, sorry,, oh crud.. i misread, 10.04 | 09:17 |
| maswan | gartral: http://old-releases.ubuntu.com/ubuntu/ | 09:17 |
| gartral | IE... "OLD" | 09:17 |
| sarnold | that's more like it. hehe. :) | 09:17 |
| maswan | yeah, but still only out of support for a year or so. :) | 09:17 |
| sarnold | do-release-upgrade still ought to take you from 10.04 to 12.04 though | 09:17 |
| maswan | yeah | 09:18 |
| sarnold | here i was afraid this was going to be something like a red hat linux 7.2 or something :) | 09:18 |
| maswan | but if you don't have that installed, you might need to get old-releases apt sources | 09:18 |
| maswan | especially if it wasn't updated for the last couple of years of running [brr] | 09:18 |
| gartral | maswan sarnold many many MANY packages are out of date in 12.04 and never updated clean... | 09:18 |
| gartral | maswan: this is a super-stable platform, ot hasen't been powered down since august 2012 | 09:19 |
| maswan | gartral: I've upgraded a dozen or so servers 10.04->12.04->14.04 fairly recently (just before 10.04 got removed) | 09:21 |
| gartral | the company who owns it doesn't want it down for more that 15 minutes | 09:21 |
| maswan | hm. that'll be problematic. | 09:21 |
| gartral | please excuse my typos, it's 5:20 AM for me | 09:21 |
| sarnold | then definitely image it, and do the updates in a VM first | 09:21 |
| gartral | sarnold: I can't... | 09:22 |
| gartral | sarnold: there's some kind of undocumented security module and custom kernel to match on it, all attempts at imaging the machine results in corrupted data | 09:23 |
| sarnold | gartral: can you walk away from this? this sounds like you're guaranteed to fail. | 09:24 |
| gartral | these people are, fpr whatever reason, extremely paranoid | 09:24 |
| maswan | Yeah, given those constraints, I'd build a new server, and then move services over. | 09:25 |
| gartral | sarnold: not really... i could, but i don't know what they'll do... | 09:25 |
| sarnold | that's a far more predictable outcome.. | 09:25 |
| maswan | (as a side note, paranoia that prevents you from being up to date with security updates is rather misdirected paranoia :/ ) | 09:25 |
| gartral | maswan: impossible, they went through the trouble of having a custom BMC built into a motherboard that handles security | 09:26 |
| sarnold | man are they going to be pissed when it blows capacitors | 09:27 |
| maswan | gartral: Ok. Will the custom kernel work with a newer base OS though? | 09:27 |
| maswan | gartral: Or are you looking at replacing that when you upgrade? | 09:27 |
| gartral | sarnold: all the caps are socketed... it's like alien tech | 09:28 |
| sarnold | gartral: ooh. | 09:28 |
| maswan | Anyway, do-release-upgrade and let it take the time it takes then. Just flag that 150 minutes is more likely than 15. | 09:28 |
| sarnold | gartral: well, alright, maybe they aren't as insane as I thought.. | 09:28 |
| gartral | maswan: it looks like as long as the hardware doesn't change it'll be happy | 09:28 |
| sarnold | unless their storage has bonkers iops, 150 minutes is way more likely than 15 :) | 09:29 |
| maswan | (and that if things go wrong, it could easily take 4 times that time) | 09:29 |
| sarnold | yup. | 09:29 |
| gartral | sarnold: there's a few packages that are marked 8.10 that really don't want to be upgraded | 09:30 |
| gartral | the really weird thing is I know what's running.. it's nothing that should·n't | 09:31 |
| gartral | the really weird thing is I know what's running.. it's nothing that shouldn't be possible to upgrade | 09:32 |
| gartral | and they're not holding a gun to me or anything like that, they're just... beligerent | 09:33 |
| maswan | hm. old held packages might be tricky, unless you can release them | 09:33 |
| maswan | part of it is to bring all the base libs etc up to more modern and supported versions | 09:34 |
| gartral | maswan: np I can't, because there's packages that are so old they don't have modern equivelents | 09:34 |
| gartral | sorry for my errors, i'm very tired | 09:34 |
| maswan | sounds like you might also be helped by sleeping on it | 09:35 |
| gartral | maswan: I've been working for a week... I've made progress, bur this is my last day | 09:36 |
| maswan | but for packages that are gone that don't have a modern equivalent but is software that is still needed. hm. the reasonable thing to do is to repackage it yourself, or compile it locally, etc. old packages are likely to break too when you upgrade under their feet. | 09:36 |
| gartral | maswan: some of them are old google-code repo packages that can't be updated... | 09:37 |
| maswan | gartral: ick. | 09:37 |
| gartral | the whole thing's a mess | 09:37 |
| gartral | well they've paid me for my time, i have a great new comp because of it... i'm going to tell them it's a loss | 09:38 |
| frediz | rbasak: I've reuploaded kimchi on mentors. I tested also to install because the change to debian/rules implied a few others. | 09:38 |
| rbasak | frediz: OK, thanks! I'll take a look. | 09:39 |
| frediz | thank you | 09:39 |
| maswan | yeah, I mean, it could possibly be done but I'd say that first you need to go in and take all these old packages and repackage them (possibly from installed files on the server), and then do some test runs etc, but it seems like we're talking about month or two, not a week | 09:39 |
| maswan | gartral: As in, start by cleaning up the mess, one bit at a time, then once it is clean enough... | 09:39 |
| maswan | gartral: Or, build a new from scratch and move services over. Even for an alien server, it might be cheaper than that manpower. | 09:40 |
| sarnold | .. and with a machine this touchy I think I'd want to do the moral equivalent of do-release-upgrade entirely by hand. | 09:40 |
| maswan | sarnold: Yeah, but then you need to dig in and see the corner cases that do-release-upgrade script solves that aren't just plain package upgrades. | 09:41 |
| sarnold | maswan: yeah. it wouldn't be a quick thing.. | 09:42 |
| gartral | yea, they weren't too happy, but the consensus is basocially "Good show, but we're letting you go, take the computer we gave you and clear out, you have an hour | 09:43 |
| sarnold | eep | 09:43 |
| gartral | i'll talk to you all later | 09:43 |
| sarnold | take care gartral | 09:43 |
| gartral | i have my own server which needs help | 09:44 |
| sarnold | and hopefully a bed that's still warm? :) | 09:44 |
| Fab_ | Hi | 10:54 |
| === Fab_ is now known as Guest77264 | ||
| Guest77264 | Hi | 10:54 |
| lordievader | o/ | 10:56 |
| === martins-afk is now known as martinst | ||
| TheEternalAbyss | this may be a slightly stupid question but...on a default installation of ubuntu15 server and apache.. without having a domain name configured on the VPS where all this is installed... should typing in http://ipaddess/ get me to where my html files should be? or am I missing something here | 12:21 |
| TheEternalAbyss | oh wait I think I see he problem | 12:23 |
| TheEternalAbyss | the* problem.. | 12:23 |
| Daphko | do anybody know why i can not ping from an vserver to an ip (Server) where the vserver belong to ? | 12:35 |
| Voyage | Hi | 13:45 |
| Voyage | These are my devices I was able to sort out. I hope that identification is enough. Now I have NO idea how to set 2 groups of multiseat. http://pastie.org/10381571 I followed https://help.ubuntu.com/community/MultiseatX#Single_xorg.conf but its over my head. Any clues? | 13:45 |
| === CiPi is now known as cipi | ||
| === martinst is now known as martins-afk | ||
| === hxm is now known as Guest10562 | ||
| === martins-afk is now known as martinst | ||
| ssmoCoffee | join /#juju | 15:47 |
| === markthomas|away is now known as markthomas | ||
| dv310p3r | need help mounting a 3tb usb drive, getting the following error: ntfs-3g: Failed to access volume '/dev/sdb1': No such file or directory | 16:12 |
| dv310p3r | ubuntu 14.05 | 16:12 |
| dv310p3r | sorry 14.04 | 16:12 |
| dv310p3r | /dev/sdc1 1 4294967295 4294967292 ee GPT | 16:12 |
| dv310p3r | output of fdisk -l | 16:13 |
| dv310p3r | buehler? | 16:28 |
| teward | dv310p3r: well, you're putting /dev/sdb1 in, but it's clearly /dev/sdc1 | 16:35 |
| teward | (I assume that's you from about 20 minutes ago) | 16:35 |
| dv310p3r | Corerct | 16:37 |
| dv310p3r | sorry, it happens for sdc1 | 16:37 |
| dv310p3r | ntfs-3g: Failed to access volume '/dev/sdc1': No such file or directory | 16:38 |
| teward | pastebin the full `fdisk -l` ? | 16:38 |
| dv310p3r | sudo mount -t ntfs-3g /dev/sdc1 /media/external | 16:38 |
| dv310p3r | http://pastebin.com/r81fDzK9 | 16:39 |
| tarpman | dv310p3r: first, please note the part in the output where it says fdisk can't read GPT and you have to use e.g. parted. second, regardless of what fdisk says, does /dev/sdc1 actually exist in your filesystem | 16:42 |
| teward | run `sudo parted /dev/sdc print` and pastebin it. Use paste.ubuntu.com. | 16:42 |
| teward | and also what tarpman says :) | 16:42 |
| * teward failed ot see 'gpt' there :) | 16:42 | |
| tarpman | teward: oops, sorry for jumping over you :) | 16:42 |
| teward | tarpman: no problem | 16:42 |
| teward | i'm on laggy internet right now | 16:42 |
| teward | fighting the fifty other students in the area tryin to hog my net | 16:43 |
| teward | when i need it | 16:43 |
| teward | still, pastebin the output of `sudo parted /dev/sdc print` :) | 16:43 |
| teward | god this mini wireless keyboard is awesome because now i can carry it around with my laptop xD | 16:43 |
| teward | AND not have to worry about the laptop touchpad >:) | 16:44 |
| teward | (brb, tarpman can take over xD)( | 16:44 |
| * tarpman | 16:44 | |
| dv310p3r_2 | tarpman, yes it does exist | 16:47 |
| dv310p3r_2 | teward, Error: /dev/sdc: unrecognised disk label | 16:48 |
| dv310p3r_2 | results of sudo parted /dev/sdec | 16:48 |
| dv310p3r_2 | results of sudo parted /dev/sdc | 16:48 |
| teward | dv310p3r_2: `ls /dev/ | grep sd` | 16:49 |
| teward | pastebin | 16:49 |
| dv310p3r_2 | http://pastebin.com/VAg7WDCW | 16:51 |
| echo1 | Hi, I'm facing an issue with wifi connections by using nmcli on my ubuntu server 14.04 32bit: "nmcli -p dev wifi" I don't receive nothing back. I have checked first if my wifi interface is up: "ip link show" the response is "wlan0 <BROADCAST, MULTICAST, UP, LOWER_UP> mq state UP". To be sure I launch "ip link set wlan0 up" again and after I ensure NetworkMan is enabled by running: "nmcli nm enable". My scanning with | 16:52 |
| echo1 | "nmcli -p dev wifi list" gives me nothing back as I told, but "id dev wlan0 scan" prompts me back the signals around me. How can I connect to wifi with nmcli? I have tried to plug in second wifi inteface in that case I receive response from wifi, isn't it weired? | 16:52 |
| dv310p3r_2 | Just as a note. I pulled this drive out of a ubuntu server, it was connected via SATA internally, now it's connected via USB 3.0 dock to the new ubuntu server | 16:53 |
| tarpman | dv310p3r_2: we're talking about the 3TB disk (sdc), right? parted says there are no partitions, /dev/says there are no partitions. maybe the filesystem covers the entire device? | 16:55 |
| tarpman | dv310p3r_2: how were you mounting it on the old server? the corresponding fstab line would be helpful | 16:56 |
| Norbin | why would i get this error while trying to ifdown a network adapter? http://i.imgur.com/dSSqdIH.png | 16:56 |
| Norbin | it's clearly configured and is working... | 16:56 |
| tarpman | Norbin: most likely it was configured by something other than ifup | 16:57 |
| tarpman | Norbin: network-manager, ifconfig, etc | 16:57 |
| Norbin | oh... | 16:57 |
| Norbin | ye ifconfig :O | 16:57 |
| Norbin | so i can't if down/up this network card this way? | 16:57 |
| tarpman | Norbin: take it down with the same tool you brought it up with, is all | 16:57 |
| Norbin | got it, thanks | 16:58 |
| Norbin | (had no clue this how it works.. xD) | 16:59 |
| dv310p3r_3 | tarpman, ok one sec | 16:59 |
| tarpman | dv310p3r_3: you are incrementing :o | 16:59 |
| dv310p3r_3 | I don't know why | 17:00 |
| dv310p3r_3 | http://pastebin.com/pyQz8PHd | 17:02 |
| dv310p3r_3 | fstab line from old server mounting that drive | 17:02 |
| tarpman | dv310p3r_3: something is not adding up. i don't know why the new server would not detect partitions where the old one did | 17:06 |
| dv310p3r_3 | I know | 17:07 |
| dv310p3r_3 | it's killing me. | 17:07 |
| dv310p3r_3 | Could it be the USB dock somehow? | 17:07 |
| dv310p3r_3 | the connection was SATA before I pulled it | 17:07 |
| tarpman | a usb dock _should_ not interfere that way, but i can't prove anything | 17:07 |
| dv310p3r_3 | tarpman, you've given me some good info and help, It's much appreciated | 17:08 |
| dv310p3r_3 | my search continues | 17:08 |
| tarpman | dv310p3r_3: just out of interest. can you unplug the usb, plug it in again, and pastebin the related new lines from dmesg | 17:09 |
| tarpman | the fdisk output you pasted looks sane enough | 17:09 |
| tarpman | (give it a few seconds to settle after plugging in before running dmesg) | 17:09 |
| Daphko | i have installed ubuntu server on hyperv, when i try to ping my root server where hyperv is installed, i dont receive any answer | 17:12 |
| Daphko | have anybody an idea why ? | 17:13 |
| zach2825 | hi, i have a post fix queuing questions.. | 17:16 |
| RoyK | Daphko: I gues the hyper-v folks might know. last time I was using hyper-v, some three years back, only redhat was supported and ubuntu had major issues with networking intermittently dropped | 17:17 |
| RoyK | s/gues/guess/ | 17:18 |
| Daphko | RoyK: the problem is that i can ping google oder other server | 17:18 |
| Daphko | i only can not ping the host where hyperv is installed | 17:18 |
| echo1 | I have solved my problem: 1. Uncomment everything in /etc/network/interfaces under interface lo, in other words uncomment wlan and eth configuration. 2. Reboot. 3. Run: nmcli dev wifi con SSID_name password SSID_password iface wlan0 | 17:18 |
| RoyK | Daphko: ask the hyper-v folks | 17:18 |
| RoyK | Daphko: they may have put up heavy firewalling on it | 17:18 |
| RoyK | which may indeed make sense | 17:18 |
| RoyK | our ESXi hosts are locked into an RFC1918 network not available from anywhere but a small network only accessible by select personnel | 17:19 |
| Daphko | do they have an channel ? | 17:19 |
| RoyK | Daphko: why do you want to ping the host? | 17:20 |
| Daphko | i have an application vhost on hyper-v, and on the root server where hyperv is installed, there is git installed. From everywhere else i can pull my project but not from the vhosts | 17:21 |
| Daphko | so i tried so ping my host and see that this is not working | 17:21 |
| RoyK | Daphko: don't do that | 17:22 |
| Daphko | so i cant not use git over http | 17:22 |
| RoyK | Daphko: create a tiny vm for git instead | 17:22 |
| RoyK | Daphko: don't use hosts for anything but hosts | 17:22 |
| zach2825 | does anyone know how to check which domain is queuing emails in postfix? one of the word press instances i host is spamming emails but there are to many to shut down and wait till it stops. | 17:22 |
| RoyK | Daphko: you'll probably need some disk space and 256MB memory for git to work | 17:22 |
| RoyK | Daphko: in a separate vm | 17:23 |
| RoyK | Daphko: always use separation - that's why you have virtialisation | 17:23 |
| === wendar_ is now known as wendar | ||
| Daphko | i know but i use stash as an application | 17:26 |
| Daphko | on my host | 17:26 |
| Daphko | for managing repositories | 17:26 |
| RoyK | just listen, ok? separate host and guest, use the host as a host only | 17:27 |
| JaguarDown | Hi all newbie here. My home server uses namecheap freeDNS/dynamic dns service. Apparently ddclient 3.8.1 has a problem updating multiple domains/subdomains so I am just using the python script at https://help.ubuntu.com/community/DynamicDNS#Namecheap_.26_Python | 17:39 |
| JaguarDown | However I have a subdomain "irc" I want to update as well, I imagine that would be easy but I have no python knowledge. | 17:39 |
| jelly | what do you mean by subdomain, JaguarDown ? | 17:40 |
| JaguarDown | in otherwords I have an A record that points irc.<mysite>.com to my IP | 17:41 |
| JaguarDown | (for the sole purpose of aesthetics when connecting to my irc daemon) | 17:41 |
| JaguarDown | ddclient could do this easily simply by specifying "irc" next to "@" on the last line of the config file. I want to do the same with this python script but I don't know how. I tried searching to no avail. | 17:42 |
| RoyK | JaguarDown: it would have to be supported on the dyndns serverside too | 17:44 |
| JaguarDown | True...the ubuntu documentation specifically states the script works with Namecheap | 17:44 |
| JaguarDown | I could only assume you can update the subdomains with it. | 17:45 |
| JaguarDown | Namecheap has no docs on python. | 17:45 |
| jelly | JaguarDown: ok, so "<mysite>.com" is your domain, and "irc.<mysite>.com" is the A record you wanted updated via Namecheap dynamic dns API? | 17:45 |
| JaguarDown | yes | 17:45 |
| jelly | "irc.<mysite>.com" isn't a "subdomain", it's just a hostname (fully qualified) | 17:45 |
| JaguarDown | ok my mistake | 17:46 |
| JaguarDown | I suppose if it were set up as a CNAME it would be considered a subdomain? | 17:46 |
| jelly | you can easily use the API to update irc.<mysite>.com A record just like you update somethingelse.<mysite>.com | 17:47 |
| JaguarDown | Ok that makes sense. | 17:47 |
| jelly | it would be a subdomain if there were host records under it. | 17:47 |
| JaguarDown | I just added a line in the python script to do that and it works! Thanks, Jelly. | 17:50 |
| jelly | JaguarDown: ah, good | 17:53 |
| jelly | namecheap's API is basically just a http request -- you can do it with a browser or wget https://www.namecheap.com/support/knowledgebase/article.aspx/29/11/how-do-i-use-the-browser-to-dynamically-update-hosts-ip | 17:54 |
| jelly | so you basically just fill in https://dynamicdns.park-your-domain.com/update?host=[host_name]&domain=[domain.com]&password=[domain_password]&ip=[your_ip] | 17:55 |
| === cipi is now known as CiPi | ||
| Norbin | most likely a silly question but can you use ssh keys from a windows machine connecting to an open ssh ubuntu server? | 18:14 |
| Norbin | so i am connecting via my windows-putty client to an ubuntu-ssh server, with the use of a key instead of password | 18:15 |
| Norbin | is that even possible? | 18:15 |
| tarpman | Norbin: yes. | 18:15 |
| JaguarDown | yes I do it. | 18:15 |
| tarpman | Norbin: the putty key tool has an Import menu item somewhere that will import your openssh private key and convert it to putty format | 18:15 |
| JaguarDown | jelly: Thanks again. I bookmarked that link. | 18:15 |
| tarpman | Norbin: and then you point putty at that converted key under SSH → Auth (IIRC) | 18:16 |
| Norbin | i saw that now tarpman, only missing how i go about transferring the public key to the windows host so i can import it. official man says by using "ssh-copy-id username@remotehost | 18:19 |
| Norbin | " | 18:19 |
| tarpman | Norbin: I think you're confused. you want your *private* key on the machine you run putty on, and your *public* key on the machine you ssh _to_ | 18:20 |
| Norbin | oh. correct | 18:20 |
| tarpman | Norbin: ssh-copy-id copies your public key, not useful here. (also it uses scp, so probably not useful with windows) | 18:21 |
| tarpman | Norbin: how you go about transferring → left as an exercise to the reader. i suggest a usb stick | 18:21 |
| tarpman | Norbin: just don't email it to yourself, or send it over plain http, or something like that. those are very quick ways to have it intercepted... | 18:22 |
| Norbin | tarpman thanks very much, i will see how i get the key over and then try to import it via putty or so, see if it let's me ssh over without being promted for a password | 18:25 |
| tarpman | Norbin: i'm an idiot. you're already using putty -- pscp/psftp would be a quick and secure way to copy it | 18:27 |
| tarpman | or, heck, cat + copy-and-paste from putty... | 18:27 |
| jrwren | you are using a password protected private key, right? | 18:28 |
| Norbin | exactly what i am reading now tarpman :P http://unix.stackexchange.com/questions/106480/how-to-copy-files-from-one-machine-to-another-using-ssh | 18:28 |
| jrwren | pagent is very nice. | 18:28 |
| Norbin | Yes, user/password key | 18:28 |
| jrwren | so the private key is encrypted with that password. email it to yourself all you want :) | 18:29 |
| Norbin | yep it's AES 128 CBC encrypted | 18:29 |
| jrwren | I tend to run samba so I \\SERVER\user in windows and read the ssh priv key via cifs | 18:29 |
| RoyK | I setup a system a year back or so to only allow ssh from known users with known keys with correct passwords | 18:31 |
| RoyK | adding google authenticator on top would make it rather more messy :D | 18:31 |
| teward | RoyK: there's a 2FA method/system from Duo Security - cloud based, but they give a pam module that can tie into the logins and require 2FA via their app or texted codes or a phone call with the codes | 18:33 |
| teward | i use it on my servers' SSH interfaces | 18:33 |
| teward | but i also enforce SSH keys, so... :P | 18:33 |
| teward | gets pricey if more than 5-10 users though | 18:33 |
| RoyK | teward: you need 12FA! | 18:33 |
| teward | RoyK: I need bio-identification 2FA :P | 18:34 |
| tarpman | something you have, something you know, something you are, something you forgot, something you ate, ... | 18:34 |
| teward | "{ | 18:34 |
| teward | tarpman: something you DIDN'T eat | 18:34 |
| RoyK | something you wish you ate, something you wish you never ate..... | 18:34 |
| tarpman | :] | 18:34 |
| teward | your home, your previous home, your parents' home... :P | 18:35 |
| teward | anyways | 18:35 |
| RoyK | you previous parents | 18:35 |
| teward | your in-laws | 18:35 |
| RoyK | your future in-laws | 18:35 |
| teward | your significant other. | 18:35 |
| * teward yawns | 18:36 | |
| teward | but i digress | 18:36 |
| tarpman | what have I started. further discussion to twitter.com/must_contain please :P | 18:36 |
| RoyK | https://xkcd.com/936/ | 18:38 |
| acmehandle | anyone running docker on 14.04 with a 2.6.32 kernel? | 19:22 |
| sarnold | I'm terrified to ask how that particular combination happened.. | 19:24 |
| acmehandle | I'm terrified that youre terrified | 19:25 |
| acmehandle | I thought I was running 14.04 | 19:25 |
| acmehandle | lts | 19:26 |
| acmehandle | I dont know if my vps has been lying to me or what | 19:26 |
| sarnold | 2.6.32 sounds vaguely like an openvz kernel | 19:26 |
| acmehandle | /etc/issue says 14.04.3 lts | 19:26 |
| acmehandle | Yes, it is a vps they say theyre running openvz | 19:26 |
| acmehandle | I guess thats the story then | 19:26 |
| acmehandle | So what happens to me know. If I upgrad kernel do I run the risk of hosing my system | 19:27 |
| sarnold | acmehandle: the openvz guys have been working on getting docker to run inside an openvz container, but I think they did it by having a daemon to proxy a bunch of services in the 'host' ... | 19:27 |
| sarnold | acmehandle: I don't think you have any ability to upgrade your kernel. you're just a container, not a VM. | 19:28 |
| acmehandle | O. So does thatt mean no docker for me. | 19:28 |
| sarnold | acmehandle: see if you've got a /proc/vz/veinfo file .. that looks like it might be reliable way to tell | 19:29 |
| acmehandle | I have it | 19:30 |
| acmehandle | says a whole bunch of numbrs and machine ip | 19:30 |
| sarnold | yup. no docker on that system. :) | 19:31 |
| Norbin | so regarding the ssh key from before (i've set up samba etc till now :S), i take the private key into the windows host, load it up using puttygen and saving it in a .ppk format, then i keep getting server refused key for some reason | 19:40 |
| teward | so, with postfix, if the hostname of the server postfix is on is i.am.a.teapot.tld and all my different domains' MX records point to i.am.a.teapot.tld, do I need an SSL certificate for i.am.a.teapot.tld or do I need an SSL certificate for i.am.overlord.tld (which is where the @domain.tld says on the email address)? | 19:40 |
| Norbin | other than generating the key (ssh-keygen -t rsa), giving it a name and a user/password... anything else needs to be done? | 19:40 |
| Norbin | ls | 19:41 |
| Norbin | ops | 19:41 |
| sarnold | Norbin: verify permissions on the authorized_keys file, the containing directory, the home directory, etc.. sshd is very picky and will refuse to use an authorized_keys file that allows group or world write, etc.. | 19:41 |
| tarpman | Norbin: what sarnold said, also /var/log/auth.log on the server may contain more details | 19:42 |
| acmehandle | sarnold, whats the worst that would happen if I ran apt-get install linux-image-extra-3.x-generic for example? | 19:47 |
| sarnold | acmehandle: you'd probably waste some of your disk quota | 19:47 |
| acmehandle | wont make a difference then? | 19:56 |
| sarnold | acmehandle: right; the kernel you're actually using is stored on the host's filesystem; you share it with all the other users of your vps | 19:57 |
| === hxm is now known as Guest619 | ||
| === Joel is now known as Guest16209 | ||
| larsi | when connecting to a mssql database with freetds it successfully connects | 21:05 |
| larsi | but I am not able to run anything | 21:05 |
| larsi | it just starts counting up from 1 | 21:05 |
| larsi | anyone know why? | 21:05 |
| larsi | https://gist.github.com/anonymous/f8f983fe88c91c4d841d | 21:06 |
| larsi | the 4 is from when I pressed enter, 85 is where it's at when copied | 21:07 |
| larsi | oh, got an error message now | 21:08 |
| bdx | Does anyone here know how to add custom cloud-config to maas provisioning....i.e. curtin_userdata preseeed or custom preseed?? | 21:11 |
| bdx | been trying to figure it out for a while now.....It would be nice to get some advice from the pros.... | 21:12 |
| bdx | core, dev: Does anyone here know how to add custom cloud-config to maas provisioning....i.e. curtin_userdata preseeed or custom preseed?? | 21:24 |
| sarnold | bdx: you may wish to try also in #maas | 22:18 |
| bdx | sarnold: Totally...I'v posted there too. Might hit up the ml soon. Thanks | 22:19 |
| sarnold | bdx: it's a bit late on a friday, mail list seem slike a good bet, someone might get to it on monday before you're around... | 22:23 |
| bdx | sarnold: totally. will do. thanks man. | 22:34 |
| sarnold | goo dluck :) | 22:35 |
| acmehandle | Trying to install mysql-server-5.6. I get this error: dpkg: error processing package mysql-server-5.6 (--configure): | 23:43 |
| acmehandle | any ideas? | 23:43 |
| sarnold | pastebin the whole error? | 23:43 |
| acmehandle | http://pastebin.com/1yJqx6pn | 23:45 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!
