OT: S..d by ATT and S..d by Google
by Jonathan Ryshpan
My ISP, att.com, has blocked a number of European IP addresses,
including two, which I badly need to contact. Here's the skinny from
the KDE forum, one of these addresses:
...[the blacklist] covers entire datacenters as our servers are all in
completely different IP blocks, even at the /8 level and they're all
blacklisted - and this is with at least two different datacenters run
by different providers.
The only way to get these emails (after spending most of a day in chats and on the phone) seems to be to open a Gmail account. So, I started to do this. Naturally I wanted to use jonrysh(a)gmail.com, since my current email address is jonrysh(a)pacbell.net. Unfortunately it seems that when I opened my Google+ account some years ago jonrysh(a)gmail.com was assigned to me automatically; since I never used it, Google deleted it. And a Gmail expert writes me:
Email addresses once used can never be reused in Gmail.
Even the address has been deleted at some point in the past, Gmail does not allow you to reuse the address ever again.
With Gmail having around 1 billion users now, even many unusual words are taken or have been taken at some point in the past.
Only option is to choose another account name.
Maybe I should move to China or somewhere else where I won't be
oppressed by big businesses (8-).
jon
8 years, 1 month
Security of netinstall?
by Troels Arvin
When I install Fedora from a netinstall image:
Given that I initially
- check the SHA256 checksum of the Fedora-Server-netinst-x86_64-23.iso
file
- check the GPG signature of the file which contained the checksum
(the Fedora-Server-23-x86_64-CHECKSUM file)
Then:
How is the authenticity of the rest of the installation sources ensured?
I mean: During the installation, the installer in the netinstall image
will pull a number of packages from somewhere on the web; how does it
insure that the packages pulled are really the unaltered Fedora packages?
--
Regards,
Troels Arvin
8 years, 1 month
Slightly OT - connecting from Fedora to Windows 7 sftp/ssh using public keys
by Gary Stainburn
I need a way to rebustly copy files from a Fedora server to a Windows box. As
my usual environment is Linux by first thought was SCP, using Perl and
Net::SCP.
I first tried an OpenSSH install from the WinSCP site and had managed to
connec to the Windows box using passwords, but could not get public keys to
work either way.
I then downloaded OpenSSH for Windows using the installer found at
http://www.mls-software.com/opensshd.html
Using this setup I can ssh from the Windows box to my Fedora server and it
logs in successfully using keys. However, I still cannot connect from Fedora
to Windows.
Oddly, I do get the banner.txt file appear in the login attempt.
Also oddly, the attemp doesn't drop down to passwords when the keys fail even
though it has
PasswordAuthentication yes
in sshd_config. Can anyone suggest what I try next. Below is the terminal
session from the Fedora box.
[root@lou ~]# gvim .ssh/authorized_keys
[root@lou ~]# ssh -v -l Administrator lcomp6
OpenSSH_6.2p2, OpenSSL 1.0.1e-fips 11 Feb 2013
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 50: Applying options for *
debug1: Connecting to lcomp6 [10.1.1.34] port 22.
debug1: Connection established.
debug1: permanently_set_uid: 0/0
debug1: identity file /root/.ssh/identity type 0
debug1: identity file /root/.ssh/identity-cert type -1
debug1: identity file /root/.ssh/id_rsa type 1
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: identity file /root/.ssh/id_dsa type 2
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.2
debug1: match: OpenSSH_7.2 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.2
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr hmac-sha1-etm(a)openssh.com none
debug1: kex: client->server aes128-ctr hmac-sha1-etm(a)openssh.com none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA 7e:4d:45:6f:53:d5:76:c8:24:86:67:fa:14:a5:37:42
debug1: Host 'lcomp6' is known and matches the ECDSA host key.
debug1: Found key in /root/.ssh/known_hosts:33
debug1: ssh_ecdsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug1: SSH2_MSG_SERVICE_ACCEPT received
****USAGE WARNING****
This is a private computer system. This computer system, including all
related equipment, networks, and network devices (specifically including
Internet access) are provided only for authorized use. This computer system
may be monitored for all lawful purposes, including to ensure that its use
is authorized, for management of the system, to facilitate protection against
unauthorized access, and to verify security procedures, survivability, and
operational security. Monitoring includes active attacks by authorized
entities
to test or verify the security of this system. During monitoring, information
may be examined, recorded, copied and used for authorized purposes. All
information, including personal information, placed or sent over this system
may be monitored.
Use of this computer system, authorized or unauthorized, constitutes consent
to monitoring of this system. Unauthorized use may subject you to criminal
prosecution. Evidence of unauthorized use collected during monitoring may be
used for administrative, criminal, or other adverse action. Use of this system
constitutes consent to monitoring for these purposes.
debug1: Authentications that can continue:
publickey,password,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /root/.ssh/id_rsa
Connection closed by 10.1.1.34
[root@lou ~]#
8 years, 1 month
OT: port forwarding with ssh
by Mike Wright
Hi all,
Goal: connect to a remote pop3 server over an encrypted link.
I'm trying to setup port forwarding but keep receiving a usage message
instead of success. Below is the excerpted man page rule I'm trying to use:
usage: ssh -L [bind_address:]port:host:hostport]
Here's what I'm trying:
sudo ssh -L lo.cal.ip.adx:11110:rem.ote.ip.adx:110
Different permutations including -b also fail.
After a couple of days of this it's time for fresh eyes.
Any takers?
Thanks,
Mike Wright
8 years, 1 month
(f23) no more prelink?
by William Mattison
Hi all,
This morning, I upgraded to fedora 23. When that was done, I tried to
do a "prelink -aR". No such command! The system offered to install it
for me (nice touch!). I said yes. But it could not find it. What
happened to prelink? Is it now considered useless?
thanks,
Bill.
8 years, 1 month
strange icon problem with commercial video dvd
by François Patte
Bonjour,
I am facing a strange problem with xfce configuration: when I put a
commercial video dvd in the drive: no icon appears on the desktop. and
there are error messages in /var/log/messages, like:
blk_update_request: I/O error, dev, sr0 sector 9137664
buffer I/O error on dev sr0, logical block 1142208 async page read
But, I can play the video with vlc without any problem....
If I mount this dvd (say: mount /dev/sr0 /media), no problem, no error
reported....
When I umount the dvd (umount /media), an icon appears on the desktop
and immediately disappears.....
This problem does not occur with dvd I recorded myself, nor with any
other removable media (usb sticks or drives).
Thank you for any help.
fedora 23 up to date...
--
François Patte
UFR de mathématiques et informatique
Laboratoire CNRS MAP5, UMR 8145
Université Paris Descartes
45, rue des Saints Pères
F-75270 Paris Cedex 06
Tél. +33 (0)1 8394 5849
http://www.math-info.univ-paris5.fr/~patte
8 years, 1 month
Discourse - DeviceMapper causing corruption?
by Philip Rhoades
People,
I had a couple of issues to sort out with installing the Docker
Discourse app and while that was being done people made these comments:
"Devicemapper is non starter, fails spectacularly under load and causes
corruption. We block setup if we detect devicemapper. You need aufs or
another better supported docker filesystem."
- which was not true - it did install without resorting to aufs.
also:
"Redhat team get very upset when we mention that it just does not work
for us, but release after release they say there are no bugs left, and
each time we keep seeing Discourse users complain about corruption due
to device mapper."
Any comments?
Thanks,
Phil.
--
Philip Rhoades
PO Box 896
Cowra NSW 2794
Australia
E-mail: phil(a)pricom.com.au
8 years, 1 month
reporting on BZ for texlive-IEEEtran
by Ranjan Maitra
Hi,
I wanted to report on Bugzilla that the IEEEtran style file was quite outdated and needed an update. However, it appears that on BZ there is no entry to list it under. The only choices I get there are: texlive-extension, texlive-texmf and texlive-texmf-errata and texlive itself. It is in the Fedora 23 updates repo so I am confused how to file it.
The updated cls (yes, I know I can get it down on my own and use it, and that is what I am doing now) is at
http://www.ctan.org/pkg/ieeetran
Many thanks,
Ranjan
--
Important Notice: This mailbox is ignored: e-mails are set to be deleted on receipt. Please respond to the mailing list if appropriate. For those needing to send personal or professional e-mail, please use appropriate addresses.
____________________________________________________________
FREE 3D EARTH SCREENSAVER - Watch the Earth right on your desktop!
Check it out at http://www.inbox.com/earth
8 years, 1 month
init 5 from single user mode fails
by JD
it belches out:
Error getting authority: Error initializing authority: Could not
connect: No such file or directory (g-io-error-quark, 1)
.
.
.
a few more lines about some other activity ...
and the system does not proceed any further.
SO how can I debug this, or is this the normal behavior?
If normal, since which release?
8 years, 1 month
network printing broken
by Greg Woods
>From my desktop, I am now unable to print to a printer that is attached to
another host on my network. The error I see in the journal is:
Mar 20 15:28:49 cobweb.gregandeva.net cupsd[5648]: Set
job-printer-state-message to "No destination host name supplied by
cups-browsed for printer \"epson\", is cups-browsed running?", current
level=ERROR
cups-browsed is running. The same thing happens if I restart it.
Anybody have any ideas how I can debug this? I tried setting LogLevel to
debug in cupsd.conf, but I don't see anything useful in there (maybe
because I have no idea what to look for).
One odd thing is that the printer name is "EPSON" (upper case). I don't
know if that's important or not.
Thanks,
--Greg
8 years, 1 month