similar to: centos 5 - where are genkey and crypto-utils?

So far, OpenVPN has been working very well for me. Unfortunately, the iPhone doesn't have (yet?) an OpenVPN client, so I'm forced to work with what's available. The options are: L2TP, PPTP and IPSec. If you were to install a VPN endpoint on CentOS, which protocol would you prefer? The condition is to avoid shabby VPN servers that make the system less secure. I've seen some

Hi I''m trying to configure bacula''s config file. The issue is everytime the script runs a new key gets generated for bacula. How can I have the config file update only run once with puppet, yet replace the default bacula-fd.conf file. script listed below: class bacula-client { # define which server to use case $datacenter { 1: { $backupserver

Hi, Does anyone have a pointer to correct documantation for generating and installing a self signed ssl cert for use on httpd on a C-5 machine? The docs say to use genkey but AFAIK upstream rm'd crypto-utils from the distro and as such it is not available. I tried generating the cert on a C-4 machine using genkey and installing on the C-5 machine but I get the following error when I try to

Hi, When browsing the (excellent) deployment guide I found the following broken links: http://www.centos.org/docs/5/html/5.2/Deployment_Guide/s2-basic-firewall-securitylevel-enable.html ('Next' link from http://www.centos.org/docs/5/html/5.2/Deployment_Guide/s2-basic-firewall-securitylevel.html) http://www.centos.org/docs/5/html/5.2/Deployment_Guide/s2-iptables-options-commands.html

Hi, I'm enconter other error, is one link to not found in documents manual to centos[1], in site click next link go to not found site[2]. One probability solution problem is referece to correct page[3]. Problems some s3 change to s1 :) Bye.... ( I remember my english is bad =p ) Reference: [1] http://www.centos.org/docs/5/html/5.2/Deployment_Guide/s3-filesystem-boot.html [2]

Hi, I have CentOS 5 installed, and I'd like to read the RHEL 5 Deployment Guide in french. The online version seems to be available in english only. There's an RPM package on my system: # rpm -qa | grep -i depl Deployment_Guide-fr-FR-5.0.0-19.el5.centos Deployment_Guide-en-US-5.0.0-19.el5.centos Now what does the package consist of? 'rpm -ql' on the package shows a series of

>> facing [ no shared cipher ] error with EC private keys. > the client connecting to your instance has to support ecdsa > > It does - Thunderbird 60.0b10 (64-bit) [ security.ssl3.ecdhe_ecdsa_aes_256_gcm_sha384;true ] It seems there is a difference between the private key (rsa vs. ecc -> SSL_CTX?) used for the certificate signing request and the signed certificate. The csr

Hello, I found this Morning a Message in my Logs, that is new for me and I never seen this before? Is this a Error in the Certificate System?? The certificate for www.example.at has expired Datum: 08.07.17 06:31 Von: root <gjn+www at example.at> An: gjn+www at example.at ################# SSL Certificate Warning ################ Certificate for hostname 'www.example.at', in

Hi all , I set up https on CentOS 4.4. I did the below sets of commands, first removed existing files rm /etc/httpd/conf/ssl.key /server.key rm /etc/httpd/conf/ssl.crt/server.crt Next, I created key. Change to the /usr/share/ssl/certs/ directory and type in the following command: make genkey then issued below command, make testcert finaly /sbin/service httpd restart Then I got the

Dear All This is my continuation of postfix setup. Following link http://campworld.net/thewiki/pmwiki.php/LinuxServersCentOS/Cent6VirtMailServerfor postfix setup. At one stage it says, Configuring The Server Setup SSL Certificate Now generate an SSL certificate for postfix and dovecot to have TLS support. Replace mail.example.com with your server hostname. > genkey --days 3650

Hi, facing [ no shared cipher ] error with EC private keys. This happens when the private key is generated with [ openssl ecparam -name brainpoolP512t1 -genkey ] with OpenSSL 1.1.0hh on the same machine Dovecot is running on. Tried some variations of [ ssl_cipher_list ] but to no avail - the [ no shared cipher ] error persists. Once the key is generated with [ openssl genpkey -algorithm RSA ]

> On 11 April 2019 17:44 David Salisbury via dovecot <dovecot at dovecot.org> wrote: > > > On 4/11/2019 1:50 AM, Aki Tuomi wrote: > > > >> ... > >> So, not being an expert at encryption, what are the ramifications of > >> those digests being read as different values in the two different > >> places???? I do notice that the

(another in an ongoing list of things i just want to clarify for the sake of future courses taught on centos.) from this RHEL doc page: http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/Deployment_Guide/s1-openssh-server-config.html the reader is advised to, for the sake of security, remove/disable vsftpd, ostensibly in favour of sftp/sftp-server. really? i can obviously

Centos 5 is still soon end of life. Using it as ipsec gateway is .. Eero 21.3.2016 7.25 ip. "Mike - st257" <silvertip257 at gmail.com> kirjoitti: > On Mon, Mar 21, 2016 at 1:17 PM, Mike - st257 <silvertip257 at gmail.com> > wrote: > > > I second Eero's comment, use a new IPSec daemon. > > > > Openswan was forked and became Libreswan. Paul, now

Hi, I have loaded CentOS 5.6 on HP DL 180G6 2U Rack Server and the physical RAM is 32 GB. As per http://www.centos.org/docs/5/html/Deployment_Guide-en-US/ch-swapspace.html It says it should be 1 x of Physical RAM or less. Not sure about the "less" word in deciding swap space size Please suggest/guide further on what all parameters i should decide to set swap space. Regards, Kaushal

Err. Sounds like security nightmare. 21.3.2016 7.47 ip. "Glenn Pierce" <glennpierce at gmail.com> kirjoitti: > Will ask my boss :) We are hosted on memset so not so easy to update > > Thanks > > On 21 March 2016 at 17:36, Eero Volotinen <eero.volotinen at iki.fi> wrote: > > Centos 5 is still soon end of life. Using it as ipsec gateway is .. > >

On 2015-04-14 11:44, Eero Volotinen wrote: > 2015-04-14 21:40 GMT+03:00 Florin Andrei <florin at andrei.myip.org>: >> >> http://serverfault.com/a/655752/24406 >> >> If that is accurate, the documentation, and the clustering / load >> balancing might tilt the balance in the direction of strongSwan. >> >> > Well, both packages can do ipsec to

I have a fresh installed CentOS 5.3 server which should route traffic between two networks like this: network A (Internet) -- eth0 (default gw) : server : eth1 -- network B (LAN) I have set in sysctl.conf net.ipv4.ip_forward = 1 and routing works fine like this. But when I switch on the iptables service (with default setup, configured when installing the server), routing stops working (or at

On 2015-04-14 11:25, Gordon Messmer wrote: > On 04/14/2015 11:07 AM, Florin Andrei wrote: >> I looked in the yum repositories for CentOS 7 and I noticed that there >> are no packages for any of the major open source IPSec VPN apps - >> Openswan, strongSwan, etc. I'm pretty sure CentOS 6 had Openswan >> packages. > > libreswan replaced openswan, and is

Is it ok to edit the /etc/passwd and /etc/group files manually to add users and groups or would this circumvent other required system commands from being executed when adding them at the command line via useradd and groupadd? In reading the docs @ http://www.centos.org/docs/5/html/Deployment_Guide-en-US/s1-users-tools.html#s2-users-cmd-line I see a user that is created with these utilities is