similar to: SSH keys question [RESOLVED]

All, I have 3 servers. All 3 are CentOS 5.5. All 3 have identical /etc/ssh/sshd_config files. I used ssh-keygen (with no arguments) to generate keys with no password. I then added all 3 id_rsa.pub keys to the authorized_keys file. With this set up, I should be able to ssh between all 3 boxes without needing a password. The problem is that one of the servers keeps asking for a password even with

Thanks for the breakdown Paul - I've had to learn all my sysadmin stuff through organic interactions like this. Still though - someone manages the default repositories - so my question is, who decides when a package gets an update from whatever CentOS ships with default to a newer version? How does that process take place, and, can I affect it by adding microcode_ctl-2.1-18 ? On Wed, Jan 4,

On Tue, 19 Apr 2016, david wrote: > > > > At 09:09 AM 4/18/2016, you wrote: >> On Mon, 18 Apr 2016, david wrote: >> >> > FOLLOWUP & REPORT >> > >> > I had lots of suggestions, and the most persuasive was to try OpenVPN. I >> > already had a CA working, so issuing certificates was easy. The HOW-TO >> > guides were less

On Tue, May 12, 2020 at 8:02 PM Paul Heinlein <heinlein at madboa.com> wrote: > On Tue, 12 May 2020, Thomas Stephen Lee wrote: > > > Hi, > > > > I am user of CentOS 8. > > When can we expect an image on AWS? > > I am just learning AWS and would like to use CentOS 8 for that. > > I can't speak to AWS per se, but Digital Ocean has a CentOS 8

Thanks Mark and Christian, I have two Samba servers running those two versions. That reassure me! Thanks, Bernard On Fri, May 26, 2017 at 12:08 PM, Paul Heinlein <heinlein at madboa.com> wrote: > On Fri, 26 May 2017, Christian, Mark wrote: > > On Fri, 2017-05-26 at 11:19 -0400, Bernard Fay wrote: >> >>> Hi, >>> >>> Does a fix has already been

On 03/08/2017 11:00 AM, Paul Heinlein wrote: > On Wed, 8 Mar 2017, Mark Weaver wrote: > > > Hello all, > > > > I've been googling my brains out since yesterday looking for up-to-date > > information on this matter, and have found information that is > anywhere from > > 15 to 5 years old. I'd really like some information that much more > up to

On Fri, 26 May 2017, Christian, Mark wrote: > On Fri, 2017-05-26 at 11:19 -0400, Bernard Fay wrote: >> Hi, >> >> Does a fix has already been made in the CenOS RPM repositories for this >> Samba remote execution code vulnerability, CVE-2017-7494? > yes. samba-3.6.23-43.el6_9.x86_64.rpm And samba-*-4.4.4-14.el7_3.x86_64 -- Paul Heinlein <> heinlein at

There is a slight performance related reason for exporting disk partitions individually, the performance boost is server-side as Paul says. The advantage is that the no_subtree_check can be used without any additional security risk. It is probably the case that the /export/base/a is a partition, is exported with no_subtree_check, and therefore there is a small performance boost. Preventing

On Wed, 8 Mar 2017, Mark Weaver wrote: > On 03/08/2017 11:00 AM, Paul Heinlein wrote: >> On Wed, 8 Mar 2017, Mark Weaver wrote: >> >> > Hello all, >> > >> > I've been googling my brains out since yesterday looking for >> > up-to-date information on this matter, and have found >> > information that is anywhere from 15 to 5

Our new-to-us Isilon is handling NFSv4 ACLs differently than other NFS file servers we've had. In particular, something causes an 'O' to pop up in the permission field, but I cannot find any documentation of it. For example, [Linux]$ nfs4_getfacl TODO A::OWNER@:tTcCy A::GROUP@:tcy A::EVERYONE@:rwaxtTnNcy A:O:OWNER@:rwadxtTnNcCoy A:gO:admins at madboa.com:rwadxtTnNcy A:gO:readonly

On Sun, 5 Feb 2017, Gordon Messmer wrote: > Yes. Use the software collections. > > https://www.softwarecollections.org/en/ > > https://www.softwarecollections.org/en/scls/rhscl/devtoolset-4/ There are three ways to utilize SCLs: a temporary subshell invoked with the scl utility, a session-long environment shift by sourcing the package's 'enable' script, or a

On Wed, 8 Mar 2017, Mark Weaver wrote: > Hello all, > > I've been googling my brains out since yesterday looking for up-to-date > information on this matter, and have found information that is anywhere from > 15 to 5 years old. I'd really like some information that much more up to date > on the subject. Specifically configuring Sendmail SMTP authentication (_no >

I've got a CentOS 6 machine that's slated to go into production providing some web and development-repository services. Part of the environment is gitweb, which works as expected with one glitch: SELinux doesn't allow gitweb.cgi to query sssd to display who owns the repositories. The audit log entries are pretty straightforward, e.g., type=AVC msg=audit(XXXXXXXXXXXX): avc:

On Thu, 23 May 2019 at 16:43, Paul Heinlein <heinlein at madboa.com> wrote: > On Thu, 23 May 2019, Stephen John Smoogen wrote: > > > I might actually be able to have a workable answer: > > > > alias drf='/usr/bin/df -x tmpfs' > > /usr/bin/df \ > -x autofs -x binfmt_misc -x cgroup -x configfs -x debugfs \ > -x devpts -x devtmpfs -x efivarfs

In case you didn't see it, the initial CentOS 6 trees have been released to QA: http://qaweb.dev.centos.org/node/81 -- Paul Heinlein <> heinlein at madboa.com <> http://www.madboa.com/

On Tue, 23 May 2017, m.roth at 5-cent.us wrote: > hw wrote: >> >> are there packages replacing the ancient perl version in >> Centos 7 with a more recent one, like 5.24? At least the >> state feature is required. Perl 5.24 is available in SCL, in the centos-sclo-rh repository. [root ~]# yum info rh-perl524-perl Name : rh-perl524-perl Arch : x86_64 Epoch

On Tue, 11 Apr 2017, m.roth at 5-cent.us wrote: > Hi, folks, > > We've been using pxeboot to pull up a menu, to build or rebuild > machines for years. We have this new server, and it fails. Times out. > What's happening is that it tries in this order > .../pxelinux.cfg/b8945908-d6a6-41a9-611d-74a6ab80b83d > .../pxelinux.cfg/01-88-99-aa-bb-cc-dd >

On Wed, 24 May 2017, hw wrote: > Paul Heinlein schrieb: >> On Tue, 23 May 2017, m.roth at 5-cent.us wrote: >> >> > hw wrote: >> > > >> > > are there packages replacing the ancient perl version in >> > > Centos 7 with a more recent one, like 5.24? At least the >> > > state feature is required. >> >> Perl

On Thu, 23 May 2019, Stephen John Smoogen wrote: > I might actually be able to have a workable answer: > > alias drf='/usr/bin/df -x tmpfs' /usr/bin/df \ -x autofs -x binfmt_misc -x cgroup -x configfs -x debugfs \ -x devpts -x devtmpfs -x efivarfs -x hugetlbfs -x mqueue \ -x nfsd -x proc -x pstore -x rpc_pipefs -x securityfs \ -x selinuxfs -x sysfs -x tmpfs :-) --

I'm (finally) getting around to putting a backup LDAP authentication server on my network. The backup uses syncrepl to grab the database, and to my eyes both LDAP servers answer read queries identically. I'm testing the client side of this configuration on virtual CentOS 5 i386 machine. /etc/ldap.conf reads ----- %< ----- base dc=DOMAIN,dc=com timelimit 30 bind_timelimit 30