Thanks for the quick reply. Unfortunately, the problem is not with https or any of the standard ssl useage - they just man in the middle that, and decrypt it on the fly. As evidence, I can get to...
Type: Posts; User: floobit; Keyword(s):
Thanks for the quick reply. Unfortunately, the problem is not with https or any of the standard ssl useage - they just man in the middle that, and decrypt it on the fly. As evidence, I can get to...
I have an odd problem. I run an Ubuntu vm at work. Recently, our security team locked down the firewall such that denies most encrypted connections to outside websites. This includes...
Found the answer on another tutorial. correct contents of db.home are as follows. The takeaway is that the NS record should not be a fqdn, and there needs to be a shortname A record as well:
...
Sorry, typo. That file is in /etc/bind/db.home. Original post edited to correct.
I'm setting up bind and am having some problems. I'm using the tutorial here. For testing, I set up a machine with hostname dc01.home, ip=192.168.1.100. I installed bind, and configured per the...
Thanks, all. As spjackson suggested, the sleep command was interfering with trap. when I switched to an active wait (as in Vaphell's example), I got normal behavior. Not the behavior I'd expect...
I'm trying to determine what kill signals sshd sends a child process when a session disconnects, and thought I'd write a simple bash script that catches all the signals and writes them to a file,...
Indeed. That is exactly what I was hoping would exist. Thanks sandyd.
True. I'm guessing the fs will be 1.5 T or so, and individual updates on the order of 100M, so uploading the whole filesystem each month would not be feasible. I suppose I could use tar's...
I'm trying to create a backup strategy using s3tools and glacier, and am wondering if rsync (or similar) can create a solid file of the "diffs" it generates.
Because glacier is designed to handle...
I'm not sure where to put this thread, as it's mostly just about pipes and redirection. I am trying to write iostat statistics to a log file, so do something like this:
iostat sda 2 > today.log...
I'm trying to navigate an ncurses-based text interface using expect. I need to send escape sequences in order to do so. I'm having trouble doing so. I want to send an <F4> signal, which in xterm...
I want some power users to have read access to everyone's home directories. They should not have any command-line access, however, let alone sudo. I thought I could solve this by making them...
Thanks, all. I cannot use scp or sftp because in a normal implementation, that server software is the ssh server. My clients use ssh to connect to database frontend on the server. I need to...
I suppose background might help. Currently, file access to the server is achieved through FTP. Samba/CIFS was suggested as a more secure alternative. Certainly, authentication is more secure with...
After reading a fair bit of documentation, it sounds like cifs (and nfs for that matter) does not encrypt its data aside from authentication. I wanted a unequivocal confirmation of this from the...
Unfortunately not. The best bet seems to be using samba for the scp needs, and use the single forcecommand. Alas.
Ok, so it's now clear I did not finish reading the smb.conf doc. There are options for doing precisely this. Specifically, it looks like I want:
readonly = yes
delete readonly = yes
The...
I need to be able to set up samba homedir shares with read and delete only permissions. I do not want users making new files or modifying existing files. Is there a way to do this with samba? the...
Yeah, I looked into that. The issue is that almost all the connections are fine, and I'm not sure I want the overhead of hundreds of screen sessions hanging out after the users have logged off. ...
I would like to restrict my users to two uses of ssh: running a particular script, say /usr/local/bin/myscript.sh and regular sftp. Using ForceCommand in /etc/sshd_config seems to restrict me to...
Let us know if and how you figure this out. As far as I can tell, this will be difficult, because your tasks are best handled by configuring PAM. I do not mean to start a flame-war, but PAM is...
Yes. I was just hoping that this might have been documented somewhere. It has clearly been tested and developers have put specific code in to check for periods in usernames. VMware, for instance,...
Thank you for the reply. Upon your advice, I did submit a bug report (actually updated an existing one). I am guessing it is a policy decision to prevent compatibility issues.
I did use...
Sometimes I have users that ssh or telnet into a server, open some records on a db, then leave for lunch (potentially locking the records). Is there a way to hijack their terminal session and send...