similar to: centos7 :: ks.cfg :: customisation of sshd

On Wed, Feb 17, 2016 at 2:48 PM, Adrian Sevcenco <Adrian.Sevcenco at cern.ch> wrote: > Hi! I want to change the sshd port at install for centos7 but i am not sure > if i am on the good track (and it is time expensive to make many > try-outs).. > So, i would be grateful if someone with experience can spot if i have > problems > with my planning.. (the actual purpose is that

On 02/18/2016 10:27 AM, Mike - st257 wrote: > ( You forgot to escape the space before 60000 in the first sed expression > you provided. ) True, but you shouldn't need to escape spaces at all: sed -i 's/#Port 22/Port 60000/; s/#PermitRootLogin yes/PermitRootLogin yes/' > Though I will note there is some sort of syntax error with the > PermitRootLogin sed expression

I have experienced this myself. It is very upsetting. (Sent from iPhone, so please accept my apologies in advance for any spelling or grammatical errors.) > On Jan 19, 2017, at 2:57 AM, Fabian Arrotin <arrfab at centos.org> wrote: > > log

Hello everyone, Now after the recent discussion on running SSH on a different port, I decided to start a new thread but with SELinux involved. Assuming that you have SELinux enabled, and that you changed the default port for SSHD, let say for 1234, when I restart SSHD I don't get any AVC denials. This is the output of: semanage -l port | grep ssh ssh_port_t tcp

Hello All After recent system upgrade (this night) i lost access to two servers through SSH, because of change in SELinux policy - i have ssh there on different port and now it's gone. Thanks to puppet i was able to change SSH port back to default and log in, but is this expected behavior? I thought minor upgrade shouldn't break up things? Or maybe "semanage port -a -t ssh_port_t

Hi, the instructions for "Time Synchronisation - SELinux Labeling and Policy" on https://wiki.samba.org/index.php/Time_Synchronisation_-_SELinux_Labeling_and_Policy don't seem to work on CentOS 8. Using chrony I tried to adapt them (with very limited SELinux knowledge) like this: chcon -u system_u -t chronyd_exec_t /var/lib/samba/ntp_signd semanage fcontext -a -t chronyd_exec_t

Hi! I try to load an module that it is found in curent /lib/modules/`uname -r` tree ... root at sevcenco: ~ # ls -l /lib/modules/`uname -r`/kernel/drivers/crypto/padlock-* -rwxr--r-- 1 root root 14296 Mar 16 19:37 /lib/modules/2.6.38-0.el5.elrepo/kernel/drivers/crypto/padlock-aes.ko -rwxr--r-- 1 root root 10808 Mar 16 19:37 /lib/modules/2.6.38-0.el5.elrepo/kernel/drivers/crypto/padlock-sha.ko

This is for centos 7 that has chronyd 2.1.1 I am looking into how to use chronyd as my local ntp server. On my old servers with ntpd I had local access control lines like: restrict 192.168.128.0 mask 255.255.255.0 nomodify notrap But in looking for documentation on chronyd I did not find anything on this at: https://chrony.tuxfamily.org/doc/2.1/manual.html In the actual /etc/chronyd.conf

AFAIK the only thing needed to make your host an NTP server using chrony is to set the allow line to the network address in CIDR format of the network you want to be served, and uncomment it. The restart chronyd. You also need to ensure that port 123 (NTP) is open to your internal network on your filrewall. I have a CentOS 6 box that is an NTP server for my network. CentOS 7 works the same

Hi, i was wondering what is the status of 4.7 Thank you, Best regards, Adrian -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3092 bytes Desc: S/MIME Cryptographic Signature URL: <http://lists.centos.org/pipermail/centos/attachments/20080831/2ebe58b8/attachment-0005.bin>

On 5/23/2015 11:22 PM, Luigi Rosa wrote: > Kirk Bocek wrote on 24/05/2015 04:37: >> So I've built my first CentOS 7 host and am learning all the new ways >> of doing >> things. I setup and enabled ntpd but after a reboot I get: > > In CentOS 7 is bettere to use chrony, here's an howto > > http://linoxide.com/linux-command/chrony-time-sync/ > So

On 07/01/2015 11:51 AM, Tru Huynh wrote: > On Wed, Jul 01, 2015 at 11:36:36AM +0300, Adrian Sevcenco wrote: >> Hi! Did anyone encountered problems with nfs after the latest updates? >> I started to have problems like nfsvers=3 no longer working in fstab >> or messages like : >> RPC: Program not registered > at work, our diskless warewulf setup is still working fine

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I am having a problem getting sshd to run after changing it's default port. I edit sshd_config and set the desired port, open it with firewall-cmd and then issue a systemctl start sshd. No error gets reported on the console but the following is logged in /var/messages sshd.service: main process exited, code=exited, status=255/n/a Not a very

Hi All, Just noticed a funny time jump on a testing CentOS 7 VM. Specifically the system time jumps around by a few hours during system boot. The below is a selection from /var/log/messages during boot: Jan 19 12:49:57 arr-data-dev chronyd[716]: Frequency -0.829 +/- 0.007 ppm read from /var/lib/chrony/drift Jan 19 12:49:57 arr-data-dev polkitd[720]: Started polkitd version 0.112 Jan 19

Hi! I have a small problem with some packages : i was doing an update over ssh and my connection was interrupted .. now i have a lots of duplicates and if i try to remove them, yum tries to uninstall all system (447 packages 1.4 gb)!! Any idea how can i clean this mess? would be pretty bad if the machine needs to be re-installed only because the connection went bad during the process... Thanks

So I have learned that Postfix should delay until Chronyd has moved the system time from 0 to current. What other services need to be delayed? Apache? Bind? Of course if this is a nameserver, Chronyd will probably not be able to resolve the NTP server addresses until Bind is running! thanks

Hi, As Centos 7 and Fedora defaults to chronyd [2] , should I use ntpd for some reason [3] ? I based my configurations on [1] which use ntpd ... but I thinking change for chronyd , change ntp deamons could outage the samba service and client computers ? Thanks [1] https://negativo17.org/samba-4-active-directory-with-bind-dlz-zones-dynamic-dns-updates-windows-static-rpc-2/ [2]

On 5/24/2015 12:22 PM, Gordon Messmer wrote: > On 05/24/2015 11:41 AM, Kirk Bocek wrote: >> to activate your selected daemon. I just used the new systemd commands, >> thinking that would be enough. So I tried that and rebooted. Nope, same >> problem: > > chronyd and ntpd both use UDP port 123, so each will terminate the > other when it starts. If both are enabled,

Hi! I have an directory full with rpms that are installed on some machines.. what is the best way to update those rpms to the latest version? are there more optimal approaches then searching for each rpm names in an update repo and download one by one? Thanks, Adrian -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature

My Centos7 system does not have a battery for the clock (like most armv7 SOCs), thus I rely on that at some point in boot time, chronyd sets the time. If a file is updated prior to chronyd accomplishing its task (or network connectivity is down), the file ends up with a timestamp of "Dec 31 1969". I notice that occasionally, after a reboot, /etc/aliases.db reverts to this time,