Re: tls
by Patrick Dupre
Hello,
Thank.
Port 990, is the default (filezilla).
By the way, using firewall-config.
In public zone service ssh is check but not ftp. Am I supposed to check ftp?
The port for ftp is 21 (I guess default).
There is no service ftps, do I need to create it?
I can easy create port 990, but I not know how to create service ftps
associated to a port!
Sorry for my poor background in this stuff.
>
> Am 07.09.2013 01:09, schrieb Patrick Dupre:
> >> ----- Original Message -----
> >> From: Reindl Harald
> >> Sent: 09/07/13 12:48 AM
> >> To: Community support for Fedora users
> >> Subject: Re: tls
> >>
> >> Am 07.09.2013 00:43, schrieb Patrick Dupre:
> >>> I installed pure-ftpd on my machine to use the TLS protocle.
> >>> I followed the instructions given in:
> >>> http://www.howtoforge.com/how-to-configure-pureftpd-to-accept-tls-session...
> >>>
> >>> but I still cannot ftp by using ftps (filezilla)
> >>
> >> be explicit - you can not connect or you can not list folders and transfer data
> > Status: Connecting to 193.49.194.196:990...
> > Status: Connection attempt failed with "EHOSTUNREACH - No route to host".
> > Error: Could not connect to server
>
> why port 990?
>
> even if the port would be correct you need
> a) verify on which ports your daemon is listening (man netstat)
> b) make sure that ports are open
>
> AFAIK it is using STARTTLS
> http://en.wikipedia.org/wiki/STARTTLS
>
> >> http://slacksite.com/other/ftp.html conatins basics about FTP
> >>
> >>> Do I need to configure the firewall to open the port?
> >>
> >> you need to open the passive port-range in the firewall by hand
> >> "nf_conntrack_ftp" as any other DPI can not work with encrypted streams
> > This, I do not know what to do:
> > I do not see any nf_conntrack_ftp in public service or in selinux
>
> man iptables
>
> if you do not specify "PassivePortRange" the passive port can be anything
> between 1024 and 65535 and if you do use active FTP mode than you need
> to setup the firewall on the client properly - at the end of the day it
> doe snot matter who is chosing the random port for the data connection
> and the otehr side has to open this port
>
> to understand what you are doing i posted
> >> http://slacksite.com/other/ftp.html conatins basics about FTP
>
> only few people (inclduing a lot of professional amdins) do understand FTP really
===========================================================================
Patrick DUPRÉ | | email: pdupre(a)gmx.com
Laboratoire de Physico-Chimie de l'Atmosphère | |
Université du Littoral-Côte d'Opale | |
Tel. (33)-(0)3 28 23 76 12 | | Fax: 03 28 65 82 44
189A, avenue Maurice Schumann | | 59140 Dunkerque, France
===========================================================================
10 years, 7 months
tls
by Patrick Dupre
Hello,
I installed pure-ftpd on my machine to use the TLS protocle.
I followed the instructions given in:
http://www.howtoforge.com/how-to-configure-pureftpd-to-accept-tls-session...
TLS 2
but I still cannot ftp by using ftps (filezilla).
Do I need to configure the firewall to open the port?
in firewall-config, I do not see any tls service.
However, in system-config-service, I do see 2 service pure-ftpd
one saying that it is running and one not running (The pure-ftpd service will be started on demand by the xinetd service and ends when it has nothing more to do.)
Is it normal?
Thank for your help.
===========================================================================
Patrick DUPRÉ | | email: pdupre(a)gmx.com
Laboratoire de Physico-Chimie de l'Atmosphère | |
Université du Littoral-Côte d'Opale | |
Tel. (33)-(0)3 28 23 76 12 | | Fax: 03 28 65 82 44
189A, avenue Maurice Schumann | | 59140 Dunkerque, France
===========================================================================
10 years, 7 months
Something compatible to MS Office on Fedora?
by Oliver Ruebenacker
Hello,
I need to be able to collaborate writing documents with colleagues who
use MS Office. That is, we send documents back and forth while each party
edits them.
It used to be that LibreOffice was acceptable, although way from perfect.
But recently, it is causing severe headaches. I'm importing and exporting
as DOCX in Writer, and I get cases where it crashes persistently when I
want to open a document, or in other cases indentation changes to absurd
ways, and math formulas get corrupted and in one case simply vanish.
Is there a better alternative? Or a better way to use LibreOffice to
share with MS Office?
This is a potentially fatal problem.
Thanks!
Best,
Oliver
--
Oliver Ruebenacker
IT Project Lead at PanGenX (http://www.pangenx.com)
Be always grateful, but never satisfied.
10 years, 7 months
Re: tls
by Patrick Dupre
> ----- Original Message -----
> From: Reindl Harald
> Sent: 09/07/13 12:48 AM
> To: Community support for Fedora users
> Subject: Re: tls
>
> Am 07.09.2013 00:43, schrieb Patrick Dupre:
> > I installed pure-ftpd on my machine to use the TLS protocle.
> > I followed the instructions given in:
> > http://www.howtoforge.com/how-to-configure-pureftpd-to-accept-tls-session...
> >
> > but I still cannot ftp by using ftps (filezilla)
>
> be explicit - you can not connect or you can not list folders and transfer data
Status: Connecting to 193.49.194.196:990...
Status: Connection attempt failed with "EHOSTUNREACH - No route to host".
Error: Could not connect to server
> http://slacksite.com/other/ftp.html conatins basics about FTP
>
> > Do I need to configure the firewall to open the port?
>
> you need to open the passive port-range in the firewall by hand
> "nf_conntrack_ftp" as any other DPI can not work with encrypted streams
This, I do not know what to do:
I do not see any nf_conntrack_ftp in public service or in selinux
===========================================================================
Patrick DUPRÉ | | email: pdupre(a)gmx.com
Laboratoire de Physico-Chimie de l'Atmosphère | |
Université du Littoral-Côte d'Opale | |
Tel. (33)-(0)3 28 23 76 12 | | Fax: 03 28 65 82 44
189A, avenue Maurice Schumann | | 59140 Dunkerque, France
===========================================================================
10 years, 7 months
"Error: connection activation failed: Device not managed by NetworkManager or unavailable" after moving machine
by Aaron Gray
Hi,
"Error: connection activation failed: Device not managed by
NetworkManager or unavailable"
I am getting the above error and have tried all my normal mods to try
and get a connection.
I did move the SATA drive from one machine to another and back,
changing the MAC address and putting it back in the process.
I have tried adding 'NM_CONTROLLED="yes"' to
/etc/sysconfig/network-scripts/ifcfg-em1
but still am not able to get it to work.
As I cannot connect to the internet on this device I cannot do any yum
reinstalls.
Hope you can help,
Aaron
10 years, 7 months
RE: Turning off SELINUX
by Alan Gagne
> As for the tinfoil hat, it needs two layers --- the inside layer needs
> to be orientend shiny-side in, which would prevent the NSA from spying
> on your brain waves. But the outside layer needs to be oriented
> shiny-side out, to prevent the NSA from feeding your brain with
> undesired signals. The two layers need to be well insulated against
> each other --- it's obvious that a short-circuit between them will
> leave you completely vulnerable...
I prefer kevlar in the insulated layer. Also my hat is more of a full
helmet.
Like to make it slightly more difficult in the event they decide my
process needs to be terminated.
:-)
Alan
10 years, 7 months
Making yum say what mirror it is downloading from
by Fernando Cassia
Any idea why yum doesn't show by default from what mirror it is downloading
from? It's not like there's no space on the output strings layout...
Instead of
----------
Transaction Summary
================================================================================
Install 1 Package (+3 Dependent packages)
Upgrade ( 7 Dependent packages)
Total download size: 50 M
Is this ok [y/d/N]: y
Downloading packages:
updates/19/i386/prestodelta | 1.2 MB 00:03
Delta RPMs reduced 1.4 M of updates to 416 k (71% saved)
(1/11): nspr-4.9.6-1.fc19_4.10.0-3.fc19.i686.drpm | 28 kB 00:01
(2/11): nss-softokn-freebl-3.14.3-1.fc19_3.15.1-1.fc19.i68 | 31 kB 00:00
----------
I'd suggest:
Transaction Summary
==============================================================
Install 1 Package (+3 Dependent packages)
Upgrade ( 7 Dependent packages)
Total download size: 50 M
Is this ok [y/d/N]: y
Downloading packages: [from Mirror: fedora.gtdinternet.com] <<<<<<<<<<
updates/19/i386/prestodelta | 1.2 MB 00:03
Delta RPMs reduced 1.4 M of updates to 416 k (71% saved)
(1/11): nspr-4.9.6-1.fc19_4.10.0-3.fc19.i686.drpm | 28 kB 00:01
(2/11): nss-softokn-freebl-3.14.3-1.fc19_3.15.1-1.fc19.i68 | 31 kB 00:00
-----
In case of a timeout (which down here, happens often) it'd show, instead
of...
-----
wget-1.14-8.fc19.i686.rpm FAILED
http://fedora.gtdinternet.com/updates/19/i386/wget-1.14-8.fc19.i686.rpm:
[Errno 14] curl#6 - TIMEOUT
Trying other mirror.
-----
-----
wget-1.14-8.fc19.i686.rpm FAILED
http://fedora.gtdinternet.com/updates/19/i386/wget-1.14-8.fc19.i686.rpm:
[Errno 14] curl#6 - "TIMEOUT"
Trying other mirror: [ www.las.ic.unicamp.br ]
-----
It should be noted that under the current behaviour:
1. The current mirror is not displayed
2. When there are recurrent problems (ie slow downloads) with a current YUM
whatever download, one cannot identify the name of the problem mirror,
because (point #1)
3. even with -v (for "verbose" operation) yum details all kinds of internal
values, timings etc but NOT THE MIRROR it is downloading from.
It seems like a nice RFE with no downsides I can think of, and trivial to
implement.
Thoughts? Comments? Expletives? ;-).
PS: I have filed a bug...
https://bugzilla.redhat.com/show_bug.cgi?id=1004628
FC
--
During times of Universal Deceit, telling the truth becomes a revolutionary
act
Durante épocas de Engaño Universal, decir la verdad se convierte en un Acto
Revolucionario
- George Orwell
10 years, 7 months