From karlp at ourldsfamily.com Tue Sep 9 04:23:50 2008 From: karlp at ourldsfamily.com (Karl Pearson) Date: Mon, 8 Sep 2008 22:23:50 -0600 (MDT) Subject: IMAP Message count Message-ID: My email server doesn't count the unread messages correctly. Strange thing is that I had until recently, the same setup at work, and it does count right. Using Squirrelmail as the client, I have show all unread email count turned on. The count slowly works its way up until it shows I have as many as 10,000 unread emails in my various and sundry email folders. If I do a Search for something in all folders, the count is reset to something close to correct, though only if I mark all messages in every folder showing "N"ew as read. Any ideas? Dovecot is the IMAP server. Karl From karlp at ourldsfamily.com Mon Sep 15 23:01:28 2008 From: karlp at ourldsfamily.com (Karl Pearson) Date: Mon, 15 Sep 2008 17:01:28 -0600 (MDT) Subject: IMAP Login fails Message-ID: I have a couple webmail applications: Squirrelmail and Hastymail (for WAP browsers, but it has a few bugs, but it's good to have it to test with) Since provisioning a new server, they won't authenticate. They did at first, but in fixing things, apparently I broke something. Since I did so much during the first hours bringing the server up, I have no idea what could have changed things to the point they are now. In either one, I enter my user name and password, and they respond, SQM: You must be logged in to access this page, and HM: Login failed. I'm suspecting Dovecot or Apache, but can't see anything that might be causing it. I compare this setup to my previous (old HD mounted in an external USB housing) Any thoughts or ideas please? --- _/ _/ _/ _/_/_/ ____________ __o _/ _/ _/ _/ _/ ____________ _-\\<._ _/_/ _/ _/_/_/ (_)/ (_) _/ _/ _/ _/ ...................... _/ _/ arl _/_/_/ _/ earson KarlP at ourldsfamily.com --- http://consulting.ourldsfamily.com --- From ricks at nerd.com Mon Sep 15 23:49:48 2008 From: ricks at nerd.com (Rick Stevens) Date: Mon, 15 Sep 2008 16:49:48 -0700 Subject: IMAP Login fails In-Reply-To: References: Message-ID: <48CEF49C.9010809@nerd.com> Karl Pearson wrote: > I have a couple webmail applications: Squirrelmail and Hastymail (for > WAP browsers, but it has a few bugs, but it's good to have it to test with) > > Since provisioning a new server, they won't authenticate. They did at > first, but in fixing things, apparently I broke something. Since I did > so much during the first hours bringing the server up, I have no idea > what could have changed things to the point they are now. Which "new server" did you provision...a new web server running the Squirrelmail and/or Hastymail or a new IMAP server that the web server is trying to authenticate against? > In either one, I enter my user name and password, and they respond, SQM: > You must be logged in to access this page, and HM: Login failed. Did you verify the firewalls permit IMAP service (TCP/UDP port 143) or IMAPS (TCP/UDP port 993) if you're using IMAPS? Did you verify the web server can actually ping the IMAP server (you don't have a bogus route in there somewhere, do you)? Can you get on the web server via a terminal and use telnet to log into the IMAP service? If you don't know how to do that: 1. On the web server, enter "telnet name-of-IMAP-machine 143" 2. Eventually the IMAP server will respond "OK" 3. Enter "1 login yourusername yourpassword" 4. The IMAP server should respond "1 OK User logged in" 5. Enter "2 logout" 6. IMAP server should respond "2 OK User logged out" and the connection should break. If you don't get a response at item 2 above, then either the IMAP server isn't running an IMAP service or your firewall is blocking port 143. You can see if IMAP is live by getting on the IMAP server and doing the same 6 things, but using "telnet localhost 143" at step 1. If that works, then you've either got a firewall or routing issue. > I'm suspecting Dovecot or Apache, but can't see anything that might be > causing it. I compare this setup to my previous (old HD mounted in an > external USB housing) Well, let's try the things I listed above first and see where that gets us. ---------------------------------------------------------------------- - Rick Stevens, Systems Engineer rps2 at nerd.com - - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 - - - - "Hello. My PID is Inigo Montoya. You `kill -9'-ed my parent - - process. Prepare to vi." - ---------------------------------------------------------------------- From karlp at ourldsfamily.com Tue Sep 16 05:50:29 2008 From: karlp at ourldsfamily.com (Karl Pearson) Date: Mon, 15 Sep 2008 23:50:29 -0600 (MDT) Subject: IMAP Login fails In-Reply-To: <48CEF49C.9010809@nerd.com> References: <48CEF49C.9010809@nerd.com> Message-ID: On Mon, September 15, 2008 5:49 pm, Rick Stevens wrote: > Karl Pearson wrote: >> I have a couple webmail applications: Squirrelmail and Hastymail (for >> WAP browsers, but it has a few bugs, but it's good to have it to test with) >> >> Since provisioning a new server, they won't authenticate. They did at >> first, but in fixing things, apparently I broke something. Since I did >> so much during the first hours bringing the server up, I have no idea >> what could have changed things to the point they are now. > > Which "new server" did you provision...a new web server running the > Squirrelmail and/or Hastymail or a new IMAP server that the web server > is trying to authenticate against? > >> In either one, I enter my user name and password, and they respond, SQM: >> You must be logged in to access this page, and HM: Login failed. > > Did you verify the firewalls permit IMAP service (TCP/UDP port 143) or > IMAPS (TCP/UDP port 993) if you're using IMAPS? Did you verify the web > server can actually ping the IMAP server (you don't have a bogus route > in there somewhere, do you)? > > Can you get on the web server via a terminal and use telnet to log into > the IMAP service? If you don't know how to do that: > > 1. On the web server, enter "telnet name-of-IMAP-machine 143" > 2. Eventually the IMAP server will respond "OK" > 3. Enter "1 login yourusername yourpassword" > 4. The IMAP server should respond "1 OK User logged in" > 5. Enter "2 logout" > 6. IMAP server should respond "2 OK User logged out" and the connection > should break. > > If you don't get a response at item 2 above, then either the IMAP server > isn't running an IMAP service or your firewall is blocking port 143. > You can see if IMAP is live by getting on the IMAP server and doing > the same 6 things, but using "telnet localhost 143" at step 1. If that > works, then you've either got a firewall or routing issue. > >> I'm suspecting Dovecot or Apache, but can't see anything that might be >> causing it. I compare this setup to my previous (old HD mounted in an >> external USB housing) > > Well, let's try the things I listed above first and see where that gets us. Nice... I broke it myself. The permissions of the php session directory was wrong. I had already gone through everything you said above, before I read this email. You know, sometimes I just get too smart for my own britches. The php session directory had the wrong group, so it couldn't write to it. But that only showed up in /var/log/httpd/ssl_error_log which is the last place I would have looked for php authentication errors. Not that it shouldn't be there, but I just don't know php very well. Oh, it WAS the last place I looked. I guess continuing to look for something after it's found is a sign of something I don't have yet. Karl > ---------------------------------------------------------------------- > - Rick Stevens, Systems Engineer rps2 at nerd.com - > - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 - > - - > - "Hello. My PID is Inigo Montoya. You `kill -9'-ed my parent - > - process. Prepare to vi." - > ---------------------------------------------------------------------- > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > -- Karl L. Pearson karlp at ourldsfamily.com http://consulting.ourldsfamily.com --- My Thoughts on Terrorism In America right after 9/11/2001: http://www.ourldsfamily.com/wtc.shtml --- "The constitution doesn't grant us rights any more than a birth certificate gives us life. It's just a piece of paper that tells us what we already know." - John Charles Carter, aka, Charlton Heston, 10/4/23-4/5/08 See http://en.wikipedia.org/wiki/Charleton_Heston#Political_activism --- http://www.bobbarr2008.com/a-real-choice/ - Vote Bob Barr --- "To mess up your Linux PC, you have to really work at it; to mess up a microsoft PC you just have to work on it." --- From ricks at nerd.com Tue Sep 16 17:03:34 2008 From: ricks at nerd.com (Rick Stevens) Date: Tue, 16 Sep 2008 10:03:34 -0700 Subject: IMAP Login fails In-Reply-To: References: <48CEF49C.9010809@nerd.com> Message-ID: <48CFE6E6.2060502@nerd.com> Karl Pearson wrote: > On Mon, September 15, 2008 5:49 pm, Rick Stevens wrote: >> Karl Pearson wrote: >>> I have a couple webmail applications: Squirrelmail and Hastymail (for >>> WAP browsers, but it has a few bugs, but it's good to have it to test with) >>> >>> Since provisioning a new server, they won't authenticate. They did at >>> first, but in fixing things, apparently I broke something. Since I did >>> so much during the first hours bringing the server up, I have no idea >>> what could have changed things to the point they are now. >> Which "new server" did you provision...a new web server running the >> Squirrelmail and/or Hastymail or a new IMAP server that the web server >> is trying to authenticate against? >> >>> In either one, I enter my user name and password, and they respond, SQM: >>> You must be logged in to access this page, and HM: Login failed. >> Did you verify the firewalls permit IMAP service (TCP/UDP port 143) or >> IMAPS (TCP/UDP port 993) if you're using IMAPS? Did you verify the web >> server can actually ping the IMAP server (you don't have a bogus route >> in there somewhere, do you)? >> >> Can you get on the web server via a terminal and use telnet to log into >> the IMAP service? If you don't know how to do that: >> >> 1. On the web server, enter "telnet name-of-IMAP-machine 143" >> 2. Eventually the IMAP server will respond "OK" >> 3. Enter "1 login yourusername yourpassword" >> 4. The IMAP server should respond "1 OK User logged in" >> 5. Enter "2 logout" >> 6. IMAP server should respond "2 OK User logged out" and the connection >> should break. >> >> If you don't get a response at item 2 above, then either the IMAP server >> isn't running an IMAP service or your firewall is blocking port 143. >> You can see if IMAP is live by getting on the IMAP server and doing >> the same 6 things, but using "telnet localhost 143" at step 1. If that >> works, then you've either got a firewall or routing issue. >> >>> I'm suspecting Dovecot or Apache, but can't see anything that might be >>> causing it. I compare this setup to my previous (old HD mounted in an >>> external USB housing) >> Well, let's try the things I listed above first and see where that gets us. > > Nice... I broke it myself. The permissions of the php session directory was > wrong. I had already gone through everything you said above, before I read > this email. You know, sometimes I just get too smart for my own britches. > > The php session directory had the wrong group, so it couldn't write to it. But > that only showed up in /var/log/httpd/ssl_error_log which is the last place I > would have looked for php authentication errors. Not that it shouldn't be > there, but I just don't know php very well. Oh, it WAS the last place I > looked. I guess continuing to look for something after it's found is a sign of > something I don't have yet. They're called "senior moments" and I get them often. :-) Glad you sorted it out. You didn't state you were using secure http, or I would've suggested that. I assumed a normal Squirrelmail/IMAP installation. I know, never assume. ---------------------------------------------------------------------- - Rick Stevens, Systems Engineer rps2 at nerd.com - - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 - - - - "Hello. My PID is Inigo Montoya. You `kill -9'-ed my parent - - process. Prepare to vi." - ---------------------------------------------------------------------- From karlp at ourldsfamily.com Tue Sep 16 22:24:41 2008 From: karlp at ourldsfamily.com (Karl Pearson) Date: Tue, 16 Sep 2008 16:24:41 -0600 (MDT) Subject: IMAP Login fails In-Reply-To: <48CFE6E6.2060502@nerd.com> References: <48CEF49C.9010809@nerd.com> <48CFE6E6.2060502@nerd.com> Message-ID: On Tue, September 16, 2008 11:03 am, Rick Stevens wrote: > Karl Pearson wrote: >> On Mon, September 15, 2008 5:49 pm, Rick Stevens wrote: >>> Karl Pearson wrote: >>>> I have a couple webmail applications: Squirrelmail and Hastymail (for >>>> WAP browsers, but it has a few bugs, but it's good to have it to test >>>> with) >>>> >>>> Since provisioning a new server, they won't authenticate. They did at >>>> first, but in fixing things, apparently I broke something. Since I did >>>> so much during the first hours bringing the server up, I have no idea >>>> what could have changed things to the point they are now. >>> Which "new server" did you provision...a new web server running the >>> Squirrelmail and/or Hastymail or a new IMAP server that the web server >>> is trying to authenticate against? >>> >>>> In either one, I enter my user name and password, and they respond, SQM: >>>> You must be logged in to access this page, and HM: Login failed. >>> Did you verify the firewalls permit IMAP service (TCP/UDP port 143) or >>> IMAPS (TCP/UDP port 993) if you're using IMAPS? Did you verify the web >>> server can actually ping the IMAP server (you don't have a bogus route >>> in there somewhere, do you)? >>> >>> Can you get on the web server via a terminal and use telnet to log into >>> the IMAP service? If you don't know how to do that: >>> >>> 1. On the web server, enter "telnet name-of-IMAP-machine 143" >>> 2. Eventually the IMAP server will respond "OK" >>> 3. Enter "1 login yourusername yourpassword" >>> 4. The IMAP server should respond "1 OK User logged in" >>> 5. Enter "2 logout" >>> 6. IMAP server should respond "2 OK User logged out" and the connection >>> should break. >>> >>> If you don't get a response at item 2 above, then either the IMAP server >>> isn't running an IMAP service or your firewall is blocking port 143. >>> You can see if IMAP is live by getting on the IMAP server and doing >>> the same 6 things, but using "telnet localhost 143" at step 1. If that >>> works, then you've either got a firewall or routing issue. >>> >>>> I'm suspecting Dovecot or Apache, but can't see anything that might be >>>> causing it. I compare this setup to my previous (old HD mounted in an >>>> external USB housing) >>> Well, let's try the things I listed above first and see where that gets us. >> >> Nice... I broke it myself. The permissions of the php session directory was >> wrong. I had already gone through everything you said above, before I read >> this email. You know, sometimes I just get too smart for my own britches. >> >> The php session directory had the wrong group, so it couldn't write to it. >> But >> that only showed up in /var/log/httpd/ssl_error_log which is the last place >> I >> would have looked for php authentication errors. Not that it shouldn't be >> there, but I just don't know php very well. Oh, it WAS the last place I >> looked. I guess continuing to look for something after it's found is a sign >> of >> something I don't have yet. > > They're called "senior moments" and I get them often. :-) > > Glad you sorted it out. You didn't state you were using secure http, > or I would've suggested that. I assumed a normal Squirrelmail/IMAP > installation. I know, never assume. You assumed right. I am NOT using 943/IMAPS which is why I wouldn't have thought to look there either. And I have senior moments as much as regular moments now... Grandkids do that to one, eh? :) Karl > ---------------------------------------------------------------------- > - Rick Stevens, Systems Engineer rps2 at nerd.com - > - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 - > - - > - "Hello. My PID is Inigo Montoya. You `kill -9'-ed my parent - > - process. Prepare to vi." - > ---------------------------------------------------------------------- > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > --- _/ _/ _/ _/_/_/ ____________ __o _/ _/ _/ _/ _/ ____________ _-\\<._ _/_/ _/ _/_/_/ (_)/ (_) _/ _/ _/ _/ ...................... _/ _/ arl _/_/_/ _/ earson KarlP at ourldsfamily.com --- http://consulting.ourldsfamily.com --- "To mess up your Linux PC, you have to really work at it; to mess up a microsoft PC you just have to work on it." --- From ricks at nerd.com Wed Sep 17 00:59:23 2008 From: ricks at nerd.com (Rick Stevens) Date: Tue, 16 Sep 2008 17:59:23 -0700 Subject: IMAP Login fails In-Reply-To: References: <48CEF49C.9010809@nerd.com> <48CFE6E6.2060502@nerd.com> Message-ID: <48D0566B.4090904@nerd.com> Karl Pearson wrote: > On Tue, September 16, 2008 11:03 am, Rick Stevens wrote: >> Karl Pearson wrote: >>> On Mon, September 15, 2008 5:49 pm, Rick Stevens wrote: >>>> Karl Pearson wrote: >>>>> I have a couple webmail applications: Squirrelmail and Hastymail (for >>>>> WAP browsers, but it has a few bugs, but it's good to have it to test >>>>> with) >>>>> >>>>> Since provisioning a new server, they won't authenticate. They did at >>>>> first, but in fixing things, apparently I broke something. Since I did >>>>> so much during the first hours bringing the server up, I have no idea >>>>> what could have changed things to the point they are now. >>>> Which "new server" did you provision...a new web server running the >>>> Squirrelmail and/or Hastymail or a new IMAP server that the web server >>>> is trying to authenticate against? >>>> >>>>> In either one, I enter my user name and password, and they respond, SQM: >>>>> You must be logged in to access this page, and HM: Login failed. >>>> Did you verify the firewalls permit IMAP service (TCP/UDP port 143) or >>>> IMAPS (TCP/UDP port 993) if you're using IMAPS? Did you verify the web >>>> server can actually ping the IMAP server (you don't have a bogus route >>>> in there somewhere, do you)? >>>> >>>> Can you get on the web server via a terminal and use telnet to log into >>>> the IMAP service? If you don't know how to do that: >>>> >>>> 1. On the web server, enter "telnet name-of-IMAP-machine 143" >>>> 2. Eventually the IMAP server will respond "OK" >>>> 3. Enter "1 login yourusername yourpassword" >>>> 4. The IMAP server should respond "1 OK User logged in" >>>> 5. Enter "2 logout" >>>> 6. IMAP server should respond "2 OK User logged out" and the connection >>>> should break. >>>> >>>> If you don't get a response at item 2 above, then either the IMAP server >>>> isn't running an IMAP service or your firewall is blocking port 143. >>>> You can see if IMAP is live by getting on the IMAP server and doing >>>> the same 6 things, but using "telnet localhost 143" at step 1. If that >>>> works, then you've either got a firewall or routing issue. >>>> >>>>> I'm suspecting Dovecot or Apache, but can't see anything that might be >>>>> causing it. I compare this setup to my previous (old HD mounted in an >>>>> external USB housing) >>>> Well, let's try the things I listed above first and see where that gets us. >>> Nice... I broke it myself. The permissions of the php session directory was >>> wrong. I had already gone through everything you said above, before I read >>> this email. You know, sometimes I just get too smart for my own britches. >>> >>> The php session directory had the wrong group, so it couldn't write to it. >>> But >>> that only showed up in /var/log/httpd/ssl_error_log which is the last place >>> I >>> would have looked for php authentication errors. Not that it shouldn't be >>> there, but I just don't know php very well. Oh, it WAS the last place I >>> looked. I guess continuing to look for something after it's found is a sign >>> of >>> something I don't have yet. >> They're called "senior moments" and I get them often. :-) >> >> Glad you sorted it out. You didn't state you were using secure http, >> or I would've suggested that. I assumed a normal Squirrelmail/IMAP >> installation. I know, never assume. > > You assumed right. I am NOT using 943/IMAPS which is why I wouldn't have > thought to look there either. I meant your connection to Squirrelmail. It sounds like it's via https on port 443 (which would require SSL), but I could be wrong. > And I have senior moments as much as regular moments now... Grandkids do that > to one, eh? :) I wish I had such an excuse, Karl. I'm 50, single and to my knowledge never, uh, procreated. At least no one's tried to claim paternity. An old "friend" told me I was the poster child for Planned Parenthood: a big photo of me with the caption, "Don't let THIS happen again!" :-) ---------------------------------------------------------------------- - Rick Stevens, Systems Engineer rps2 at nerd.com - - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 - - - - Microsoft Windows: Proof that P.T. Barnum was right - ---------------------------------------------------------------------- From karlp at ourldsfamily.com Wed Sep 17 04:03:25 2008 From: karlp at ourldsfamily.com (Karl Pearson) Date: Tue, 16 Sep 2008 22:03:25 -0600 (MDT) Subject: IMAP Login fails In-Reply-To: <48D0566B.4090904@nerd.com> References: <48CEF49C.9010809@nerd.com> <48CFE6E6.2060502@nerd.com> <48D0566B.4090904@nerd.com> Message-ID: On Tue, September 16, 2008 6:59 pm, Rick Stevens wrote: > Karl Pearson wrote: >> On Tue, September 16, 2008 11:03 am, Rick Stevens wrote: >>> Karl Pearson wrote: >>>> On Mon, September 15, 2008 5:49 pm, Rick Stevens wrote: >>>>> Karl Pearson wrote: >>>>>> I have a couple webmail applications: Squirrelmail and Hastymail (for >>>>>> WAP browsers, but it has a few bugs, but it's good to have it to test >>>>>> with) >>>>>> >>>>>> Since provisioning a new server, they won't authenticate. They did at >>>>>> first, but in fixing things, apparently I broke something. Since I did >>>>>> so much during the first hours bringing the server up, I have no idea >>>>>> what could have changed things to the point they are now. >>>>> Which "new server" did you provision...a new web server running the >>>>> Squirrelmail and/or Hastymail or a new IMAP server that the web server >>>>> is trying to authenticate against? >>>>> >>>>>> In either one, I enter my user name and password, and they respond, SQM: >>>>>> You must be logged in to access this page, and HM: Login failed. >>>>> Did you verify the firewalls permit IMAP service (TCP/UDP port 143) or >>>>> IMAPS (TCP/UDP port 993) if you're using IMAPS? Did you verify the web >>>>> server can actually ping the IMAP server (you don't have a bogus route >>>>> in there somewhere, do you)? >>>>> >>>>> Can you get on the web server via a terminal and use telnet to log into >>>>> the IMAP service? If you don't know how to do that: >>>>> >>>>> 1. On the web server, enter "telnet name-of-IMAP-machine 143" >>>>> 2. Eventually the IMAP server will respond "OK" >>>>> 3. Enter "1 login yourusername yourpassword" >>>>> 4. The IMAP server should respond "1 OK User logged in" >>>>> 5. Enter "2 logout" >>>>> 6. IMAP server should respond "2 OK User logged out" and the connection >>>>> should break. >>>>> >>>>> If you don't get a response at item 2 above, then either the IMAP server >>>>> isn't running an IMAP service or your firewall is blocking port 143. >>>>> You can see if IMAP is live by getting on the IMAP server and doing >>>>> the same 6 things, but using "telnet localhost 143" at step 1. If that >>>>> works, then you've either got a firewall or routing issue. >>>>> >>>>>> I'm suspecting Dovecot or Apache, but can't see anything that might be >>>>>> causing it. I compare this setup to my previous (old HD mounted in an >>>>>> external USB housing) >>>>> Well, let's try the things I listed above first and see where that gets >>>>> us. >>>> Nice... I broke it myself. The permissions of the php session directory >>>> was >>>> wrong. I had already gone through everything you said above, before I read >>>> this email. You know, sometimes I just get too smart for my own britches. >>>> >>>> The php session directory had the wrong group, so it couldn't write to it. >>>> But >>>> that only showed up in /var/log/httpd/ssl_error_log which is the last >>>> place >>>> I >>>> would have looked for php authentication errors. Not that it shouldn't be >>>> there, but I just don't know php very well. Oh, it WAS the last place I >>>> looked. I guess continuing to look for something after it's found is a >>>> sign >>>> of >>>> something I don't have yet. >>> They're called "senior moments" and I get them often. :-) >>> >>> Glad you sorted it out. You didn't state you were using secure http, >>> or I would've suggested that. I assumed a normal Squirrelmail/IMAP >>> installation. I know, never assume. >> >> You assumed right. I am NOT using 943/IMAPS which is why I wouldn't have >> thought to look there either. > > I meant your connection to Squirrelmail. It sounds like it's via https > on port 443 (which would require SSL), but I could be wrong. I have https up, but don't use it for email. I'm thinking of switching to it, however. So, still why would it end up in ssl_error_log? One thing I noticed while tinkering around with Dovecot was that alpine connected and the logs said it was using TLS, even though that's turned off for alpine, too. > >> And I have senior moments as much as regular moments now... Grandkids do >> that >> to one, eh? :) > > I wish I had such an excuse, Karl. I'm 50, single and to my knowledge > never, uh, procreated. At least no one's tried to claim paternity. An > old "friend" told me I was the poster child for Planned Parenthood: a > big photo of me with the caption, "Don't let THIS happen again!" > > :-) With no offspring, you would have to be the poster *child*, hmmm? I would then be the poster child for the Catholic/Mormon Reproduction Symposium??? 7 kids, 3 grandkids, so far... I still have 4 to get married, so that number will change. ;-) > > ---------------------------------------------------------------------- > - Rick Stevens, Systems Engineer rps2 at nerd.com - > - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 - > - - > - Microsoft Windows: Proof that P.T. Barnum was right - > ---------------------------------------------------------------------- > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > --- _/ _/ _/ _/_/_/ ____________ __o _/ _/ _/ _/ _/ ____________ _-\\<._ _/_/ _/ _/_/_/ (_)/ (_) _/ _/ _/ _/ ...................... _/ _/ arl _/_/_/ _/ earson KarlP at ourldsfamily.com --- http://consulting.ourldsfamily.com --- "To mess up your Linux PC, you have to really work at it; to mess up a microsoft PC you just have to work on it." --- From ricks at nerd.com Wed Sep 17 16:49:14 2008 From: ricks at nerd.com (Rick Stevens) Date: Wed, 17 Sep 2008 09:49:14 -0700 Subject: IMAP Login fails In-Reply-To: References: <48CEF49C.9010809@nerd.com> <48CFE6E6.2060502@nerd.com> <48D0566B.4090904@nerd.com> Message-ID: <48D1350A.4020208@nerd.com> Karl Pearson wrote: > On Tue, September 16, 2008 6:59 pm, Rick Stevens wrote: >> I meant your connection to Squirrelmail. It sounds like it's via https >> on port 443 (which would require SSL), but I could be wrong. > > I have https up, but don't use it for email. I'm thinking of switching to it, > however. So, still why would it end up in ssl_error_log? One thing I noticed > while tinkering around with Dovecot was that alpine connected and the logs > said it was using TLS, even though that's turned off for alpine, too. SSL and TLS are very similar beasts. Most TLS stuff is actually SSL behind the scenes, so any TLS stuff would most likely log in SSL locations. As to Dovecot, I think it negotiates the "safest" connection it can. If it can negotiate an SSL/TLS session with the client, it does so. It may be that Squirrelmail does as well. It's been a long time since I really dug into that stuff. I only had a cursory glance as Squirrelmail way back...I had already deployed Horde/IMP/Turba/Kronolith for our webmail clients using UWIMAP servers (before Dovecot appeared). No reason to change things. >>> And I have senior moments as much as regular moments now... Grandkids do >>> that >>> to one, eh? :) >> I wish I had such an excuse, Karl. I'm 50, single and to my knowledge >> never, uh, procreated. At least no one's tried to claim paternity. An >> old "friend" told me I was the poster child for Planned Parenthood: a >> big photo of me with the caption, "Don't let THIS happen again!" >> >> :-) > > With no offspring, you would have to be the poster *child*, hmmm? Being the poster child would be irrelevant to whether I had offspring. The fact I had parents (rather than being a pod person) would be the determining factor. Thhhpt! :-p > I would then > be the poster child for the Catholic/Mormon Reproduction Symposium??? 7 kids, > 3 grandkids, so far... I still have 4 to get married, so that number will > change. ;-) Jeeze! Either you didn't quite figure out just what causes "children", or you're trying to repopulate the planet with your DNA. Either reason is bloody scary! :-) Q: What do you call Catholics that practice the rhythm method? A: "Parents" ---------------------------------------------------------------------- - Rick Stevens, Systems Engineer rps2 at nerd.com - - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 - - - - If at first you don't succeed, quit. No sense being a damned fool! - ---------------------------------------------------------------------- From karlp at ourldsfamily.com Wed Sep 17 18:18:57 2008 From: karlp at ourldsfamily.com (Karl Pearson) Date: Wed, 17 Sep 2008 12:18:57 -0600 (MDT) Subject: IMAP Login fails In-Reply-To: <48D1350A.4020208@nerd.com> References: <48CEF49C.9010809@nerd.com> <48CFE6E6.2060502@nerd.com> <48D0566B.4090904@nerd.com> <48D1350A.4020208@nerd.com> Message-ID: <1e05d4e0292412fbf63fd6fb0682ee19.squirrel@webmail.ourldsfamily.com> On Wed, September 17, 2008 10:49 am, Rick Stevens wrote: > Karl Pearson wrote: >> On Tue, September 16, 2008 6:59 pm, Rick Stevens wrote: > >>> I meant your connection to Squirrelmail. It sounds like it's via https >>> on port 443 (which would require SSL), but I could be wrong. >> >> I have https up, but don't use it for email. I'm thinking of switching to >> it, >> however. So, still why would it end up in ssl_error_log? One thing I noticed >> while tinkering around with Dovecot was that alpine connected and the logs >> said it was using TLS, even though that's turned off for alpine, too. > > SSL and TLS are very similar beasts. Most TLS stuff is actually SSL > behind the scenes, so any TLS stuff would most likely log in SSL > locations. > > As to Dovecot, I think it negotiates the "safest" connection it can. If > it can negotiate an SSL/TLS session with the client, it does so. It may > be that Squirrelmail does as well. It's been a long time since I really > dug into that stuff. I only had a cursory glance as Squirrelmail way > back...I had already deployed Horde/IMP/Turba/Kronolith for our webmail > clients using UWIMAP servers (before Dovecot appeared). No reason to > change things. The newer versions of Squirrelmail are quite nice. Some of the plugins are very good especially, like translation tools, calendaring, testing 'fetch' and others. The spell checker is nice, too. But I'm using majordomo instead of mailman for the same reason you keep Kronolith... > >>>> And I have senior moments as much as regular moments now... Grandkids do >>>> that >>>> to one, eh? :) >>> I wish I had such an excuse, Karl. I'm 50, single and to my knowledge >>> never, uh, procreated. At least no one's tried to claim paternity. An >>> old "friend" told me I was the poster child for Planned Parenthood: a >>> big photo of me with the caption, "Don't let THIS happen again!" >>> >>> :-) >> >> With no offspring, you would have to be the poster *child*, hmmm? > > Being the poster child would be irrelevant to whether I had offspring. > The fact I had parents (rather than being a pod person) would be the > determining factor. Thhhpt! :-p Speaking of which, I had a co-worker who was several petals short of a flower. One day I walked up to his desk and stated: "You know, having children is a hereditary trait: If your parents didn't have kids, you won't either." His reply? "Really? That's cool to know!" Then he stopped, gave me a dirty look, and tried to hit me. :) > >> I would then >> be the poster child for the Catholic/Mormon Reproduction Symposium??? 7 >> kids, >> 3 grandkids, so far... I still have 4 to get married, so that number will >> change. ;-) > > Jeeze! Either you didn't quite figure out just what causes "children", > or you're trying to repopulate the planet with your DNA. Either reason > is bloody scary! :-) My Dad told me quite young that having children is my wife's decision, and with my counsel. Then I better have the guts, faith and work-ethic to support her, and them. I believed him. I have a very good marriage to my best friend. It doesn't hurt that she's hot, too. :-) > > Q: What do you call Catholics that practice the rhythm method? > A: "Parents" Exactly... > > ---------------------------------------------------------------------- > - Rick Stevens, Systems Engineer rps2 at nerd.com - > - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 - > - - > - If at first you don't succeed, quit. No sense being a damned fool! - > ---------------------------------------------------------------------- > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > --- _/ _/ _/ _/_/_/ ____________ __o _/ _/ _/ _/ _/ ____________ _-\\<._ _/_/ _/ _/_/_/ (_)/ (_) _/ _/ _/ _/ ...................... _/ _/ arl _/_/_/ _/ earson KarlP at ourldsfamily.com --- http://consulting.ourldsfamily.com --- "To mess up your Linux PC, you have to really work at it; to mess up a microsoft PC you just have to work on it." --- From karlp at ourldsfamily.com Tue Sep 23 19:06:37 2008 From: karlp at ourldsfamily.com (Karl Pearson) Date: Tue, 23 Sep 2008 13:06:37 -0600 (MDT) Subject: ssh -X (-Y) not working Message-ID: I like remote managing my server using ssh -X or ssh -Y and then running gui apps sometimes. I've check workstation and server X11Forwarding yes and then restarted sshd so don't know where else to go. I've checked the logs and there's nothing about it. The error I get is: [root at mail root]# system-config-printer system-config-printer: could not open display This is a graphical application and requires DISPLAY to be set. or: [karlp at mail ~/]$ xterm xterm Xt error: Can't open display: xterm: DISPLAY is not set Of course, the obvious is to set $DISPLAY, which doesn't work either. I've seen blogs, threads and other stuff all over the net and everything says, enable X11Forwarding. I've done this for years and have never had that not work. Using -X or -Y should even countermand that setting if it's off, right? Any ideas where to go next? --- _/ _/ _/ _/_/_/ ____________ __o _/ _/ _/ _/ _/ ____________ _-\\<._ _/_/ _/ _/_/_/ (_)/ (_) _/ _/ _/ _/ ...................... _/ _/ arl _/_/_/ _/ earson KarlP at ourldsfamily.com --- http://consulting.ourldsfamily.com --- From bob at bobcatos.com Tue Sep 23 20:18:02 2008 From: bob at bobcatos.com (Bob McClure Jr) Date: Tue, 23 Sep 2008 15:18:02 -0500 Subject: ssh -X (-Y) not working In-Reply-To: References: Message-ID: <20080923201802.GD11045@bobcat.bobcatos.com> On Tue, Sep 23, 2008 at 01:06:37PM -0600, Karl Pearson wrote: > I like remote managing my server using ssh -X or ssh -Y and then running > gui apps sometimes. > > I've check workstation and server X11Forwarding yes and then restarted > sshd so don't know where else to go. > > I've checked the logs and there's nothing about it. The error I get is: > > [root at mail root]# system-config-printer > system-config-printer: could not open display > This is a graphical application and requires DISPLAY to be set. > > or: > > [karlp at mail ~/]$ xterm > xterm Xt error: Can't open display: > xterm: DISPLAY is not set > > Of course, the obvious is to set $DISPLAY, which doesn't work either. Well, no, it needs to be set by sshd. If you "ssh -X host.onthe.net", when you get a shell prompt, you should be able to $ echo $DISPLAY localhost:10.0 in the usual case. Any problems should be evident in /var/log/messages or /var/log/secure. Check also your ~/.Xauthority file on the distant server. Permissions should be something like mine: -rw------- 1 bob users 532 Sep 23 15:09 .Xauthority You might try deleting it, then exit, and "ssh -X" in again. It should mention something about creating it. > I've seen blogs, threads and other stuff all over the net and everything > says, enable X11Forwarding. I've done this for years and have never had > that not work. Using -X or -Y should even countermand that setting if it's > off, right? > > Any ideas where to go next? > > --- > _/ _/ _/ _/_/_/ ____________ __o > _/ _/ _/ _/ _/ ____________ _-\\<._ > _/_/ _/ _/_/_/ (_)/ (_) > _/ _/ _/ _/ ...................... > _/ _/ arl _/_/_/ _/ earson KarlP at ourldsfamily.com > --- > http://consulting.ourldsfamily.com > --- Cheers, -- Bob McClure, Jr. Bobcat Open Systems, Inc. bob at bobcatos.com http://www.bobcatos.com "A new command I give you: Love one another. As I have loved you, so you must love one another. By this all men will know that you are my disciples, if you love one another." John 13:34-35 (NIV) From karlp at ourldsfamily.com Tue Sep 23 20:28:44 2008 From: karlp at ourldsfamily.com (Karl Pearson) Date: Tue, 23 Sep 2008 14:28:44 -0600 (MDT) Subject: ssh -X (-Y) not working In-Reply-To: <20080923201802.GD11045@bobcat.bobcatos.com> References: <20080923201802.GD11045@bobcat.bobcatos.com> Message-ID: On Tue, 23 Sep 2008, Bob McClure Jr wrote: > On Tue, Sep 23, 2008 at 01:06:37PM -0600, Karl Pearson wrote: >> I like remote managing my server using ssh -X or ssh -Y and then running >> gui apps sometimes. >> >> I've check workstation and server X11Forwarding yes and then restarted >> sshd so don't know where else to go. >> >> I've checked the logs and there's nothing about it. The error I get is: >> >> [root at mail root]# system-config-printer >> system-config-printer: could not open display >> This is a graphical application and requires DISPLAY to be set. >> >> or: >> >> [karlp at mail ~/]$ xterm >> xterm Xt error: Can't open display: >> xterm: DISPLAY is not set >> >> Of course, the obvious is to set $DISPLAY, which doesn't work either. > > Well, no, it needs to be set by sshd. If you "ssh -X host.onthe.net", > when you get a shell prompt, you should be able to > > $ echo $DISPLAY > localhost:10.0 Nope, it's empty... > > in the usual case. Any problems should be evident in > /var/log/messages or /var/log/secure. Logging in works, and the logs show that, but there's nothing about forwarding anomalies. There is an entry about DNS lookup failed for my IP. Should I set secure forwarding on? > > Check also your ~/.Xauthority file on the distant server. Permissions > should be something like mine: > > -rw------- 1 bob users 532 Sep 23 15:09 .Xauthority > > You might try deleting it, then exit, and "ssh -X" in again. It > should mention something about creating it. Deleted. And... not recreated on next ssh in... Hmmm? > >> I've seen blogs, threads and other stuff all over the net and everything >> says, enable X11Forwarding. I've done this for years and have never had >> that not work. Using -X or -Y should even countermand that setting if it's >> off, right? >> >> Any ideas where to go next? >> >> --- >> _/ _/ _/ _/_/_/ ____________ __o >> _/ _/ _/ _/ _/ ____________ _-\\<._ >> _/_/ _/ _/_/_/ (_)/ (_) >> _/ _/ _/ _/ ...................... >> _/ _/ arl _/_/_/ _/ earson KarlP at ourldsfamily.com >> --- >> http://consulting.ourldsfamily.com >> --- > > Cheers, > -- > Bob McClure, Jr. Bobcat Open Systems, Inc. > bob at bobcatos.com http://www.bobcatos.com > "A new command I give you: Love one another. As I have loved you, so > you must love one another. By this all men will know that you are my > disciples, if you love one another." John 13:34-35 (NIV) > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > --- _/ _/ _/ _/_/_/ ____________ __o _/ _/ _/ _/ _/ ____________ _-\\<._ _/_/ _/ _/_/_/ (_)/ (_) _/ _/ _/ _/ ...................... _/ _/ arl _/_/_/ _/ earson KarlP at ourldsfamily.com --- http://consulting.ourldsfamily.com --- From bob at bobcatos.com Tue Sep 23 21:14:06 2008 From: bob at bobcatos.com (Bob McClure Jr) Date: Tue, 23 Sep 2008 16:14:06 -0500 Subject: ssh -X (-Y) not working In-Reply-To: References: <20080923201802.GD11045@bobcat.bobcatos.com> Message-ID: <20080923211406.GA18146@bobcat.bobcatos.com> On Tue, Sep 23, 2008 at 02:28:44PM -0600, Karl Pearson wrote: > On Tue, 23 Sep 2008, Bob McClure Jr wrote: > > >On Tue, Sep 23, 2008 at 01:06:37PM -0600, Karl Pearson wrote: > >>I like remote managing my server using ssh -X or ssh -Y and then running > >>gui apps sometimes. > >> > >>I've check workstation and server X11Forwarding yes and then restarted > >>sshd so don't know where else to go. > >> > >>I've checked the logs and there's nothing about it. The error I get is: > >> > >>[root at mail root]# system-config-printer > >>system-config-printer: could not open display > >>This is a graphical application and requires DISPLAY to be set. > >> > >>or: > >> > >>[karlp at mail ~/]$ xterm > >>xterm Xt error: Can't open display: > >>xterm: DISPLAY is not set > >> > >>Of course, the obvious is to set $DISPLAY, which doesn't work either. > > > >Well, no, it needs to be set by sshd. If you "ssh -X host.onthe.net", > >when you get a shell prompt, you should be able to > > > >$ echo $DISPLAY > >localhost:10.0 > > Nope, it's empty... Figgers. > >in the usual case. Any problems should be evident in > >/var/log/messages or /var/log/secure. > > Logging in works, and the logs show that, but there's nothing about > forwarding anomalies. There is an entry about DNS lookup failed for my IP. > Should I set secure forwarding on? I guess so. Can't say I know what that does. I think I've always set it. > >Check also your ~/.Xauthority file on the distant server. Permissions > >should be something like mine: > > > >-rw------- 1 bob users 532 Sep 23 15:09 .Xauthority > > > >You might try deleting it, then exit, and "ssh -X" in again. It > >should mention something about creating it. > > Deleted. And... not recreated on next ssh in... Hmmm? Just thought I'd check. I was suspecting that the file had somehow acquired bogus permissions or ownership and couldn't be written to. Oh, I don't know why I failed to suggest this before. Turn on verbosity with "-v", up to three times to get more details on what's going on. When they say "verbose", they mean _verbose_. You'll have to scroll up to see the whole mess. See if any clues come of that. > >>I've seen blogs, threads and other stuff all over the net and everything > >>says, enable X11Forwarding. I've done this for years and have never had > >>that not work. Using -X or -Y should even countermand that setting if it's > >>off, right? > >> > >>Any ideas where to go next? > >> > >>--- > >> _/ _/ _/ _/_/_/ ____________ __o > >> _/ _/ _/ _/ _/ ____________ _-\\<._ > >> _/_/ _/ _/_/_/ (_)/ (_) > >> _/ _/ _/ _/ ...................... > >> _/ _/ arl _/_/_/ _/ earson KarlP at ourldsfamily.com > >>--- > >>http://consulting.ourldsfamily.com > >>--- > > > >Cheers, > >-- > >Bob McClure, Jr. > > --- > _/ _/ _/ _/_/_/ ____________ __o > _/ _/ _/ _/ _/ ____________ _-\\<._ > _/_/ _/ _/_/_/ (_)/ (_) > _/ _/ _/ _/ ...................... > _/ _/ arl _/_/_/ _/ earson KarlP at ourldsfamily.com > --- > http://consulting.ourldsfamily.com > --- Cheers, -- Bob McClure, Jr. Bobcat Open Systems, Inc. bob at bobcatos.com http://www.bobcatos.com "A new command I give you: Love one another. As I have loved you, so you must love one another. By this all men will know that you are my disciples, if you love one another." John 13:34-35 (NIV) From lunixer at gmail.com Wed Sep 24 00:37:20 2008 From: lunixer at gmail.com (Aldo Foot) Date: Tue, 23 Sep 2008 17:37:20 -0700 Subject: ssh -X (-Y) not working In-Reply-To: References: Message-ID: <3d22fc520809231737x257403eeic757fc0e6d618c3d@mail.gmail.com> On Tue, Sep 23, 2008 at 12:06 PM, Karl Pearson wrote: > I like remote managing my server using ssh -X or ssh -Y and then running gui > apps sometimes. > > I've check workstation and server X11Forwarding yes and then restarted sshd > so don't know where else to go. > > I've checked the logs and there's nothing about it. The error I get is: > > [root at mail root]# system-config-printer > system-config-printer: could not open display > This is a graphical application and requires DISPLAY to be set. > > or: > > [karlp at mail ~/]$ xterm > xterm Xt error: Can't open display: > xterm: DISPLAY is not set > > Of course, the obvious is to set $DISPLAY, which doesn't work either. > > Any ideas where to go next? > > --- On the ssh client: $ xhost + ~af P.S. Trim your replies a bit for legibility. From ricks at nerd.com Wed Sep 24 00:44:41 2008 From: ricks at nerd.com (Rick Stevens) Date: Tue, 23 Sep 2008 17:44:41 -0700 Subject: ssh -X (-Y) not working In-Reply-To: References: <20080923201802.GD11045@bobcat.bobcatos.com> Message-ID: <48D98D79.3030602@nerd.com> Karl Pearson wrote: > On Tue, 23 Sep 2008, Bob McClure Jr wrote: > >> On Tue, Sep 23, 2008 at 01:06:37PM -0600, Karl Pearson wrote: >>> I like remote managing my server using ssh -X or ssh -Y and then running >>> gui apps sometimes. >>> >>> I've check workstation and server X11Forwarding yes and then restarted >>> sshd so don't know where else to go. >>> >>> I've checked the logs and there's nothing about it. The error I get is: >>> >>> [root at mail root]# system-config-printer >>> system-config-printer: could not open display >>> This is a graphical application and requires DISPLAY to be set. >>> >>> or: >>> >>> [karlp at mail ~/]$ xterm >>> xterm Xt error: Can't open display: >>> xterm: DISPLAY is not set >>> >>> Of course, the obvious is to set $DISPLAY, which doesn't work either. >> >> Well, no, it needs to be set by sshd. If you "ssh -X host.onthe.net", >> when you get a shell prompt, you should be able to >> >> $ echo $DISPLAY >> localhost:10.0 > > Nope, it's empty... > >> >> in the usual case. Any problems should be evident in >> /var/log/messages or /var/log/secure. > > Logging in works, and the logs show that, but there's nothing about > forwarding anomalies. There is an entry about DNS lookup failed for my > IP. Should I set secure forwarding on? > >> >> Check also your ~/.Xauthority file on the distant server. Permissions >> should be something like mine: >> >> -rw------- 1 bob users 532 Sep 23 15:09 .Xauthority >> >> You might try deleting it, then exit, and "ssh -X" in again. It >> should mention something about creating it. > > Deleted. And... not recreated on next ssh in... Hmmm? > > >> >>> I've seen blogs, threads and other stuff all over the net and everything >>> says, enable X11Forwarding. I've done this for years and have never had >>> that not work. Using -X or -Y should even countermand that setting if >>> it's >>> off, right? >>> >>> Any ideas where to go next? On your ssh client, enter "echo $DISPLAY" and make sure it displays something to the effect ":0.0" (you ARE in an xterm, right?). If it doesn't, then there's something wrong with your local X. That's step one. If you don't have $DISPLAY set locally, there's no way ssh can communicate that to the sshd server, regardless of using "-X" or "-Y". Next, check the remote machine's /etc/ssh/sshd_config and make sure that both "AllowTcpForwarding yes" and "X11Forwarding yes" are set (they're both set to "no" by default). If you've changed either or both settings, do "service sshd restart" before you log off the remote machine to make the changes "take". Now, if the local "echo $DISPLAY" does display data, then "ssh -Y remotehost" should get you to the remote. Once on there, do another "echo $DISPLAY" and it should show "localhost:10.0" or something very similar (the ":10" bit is set by the "X11DisplayOffset" value in the remote machine's /etc/ssh/sshd_config file and is 10 by default). The "localhost" bit indicates that X is being tunneled through the ssh pipe. Example on my machines: [root at prophead ~]# echo $DISPLAY :0.0 [root at prophead ~]# ssh bigdog Last login: Tue Sep 23 17:26:51 2008 from prophead.hci.com [root at bigdog ~]# echo $DISPLAY [root at bigdog ~]# exit logout Connection to bigdog closed. [root at prophead ~]# ssh -Y bigdog Last login: Tue Sep 23 17:30:31 2008 from prophead.hci.com [root at bigdog ~]# echo $DISPLAY localhost:10.0 [root at bigdog ~]# exit logout Hope that helps! ---------------------------------------------------------------------- - Rick Stevens, Systems Engineer ricks at nerd.com - - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 - - - - We look for things. Things that make us go! - ---------------------------------------------------------------------- From karlp at ourldsfamily.com Wed Sep 24 01:29:48 2008 From: karlp at ourldsfamily.com (Karl Pearson) Date: Tue, 23 Sep 2008 19:29:48 -0600 (MDT) Subject: ssh -X (-Y) not working In-Reply-To: <20080923211406.GA18146@bobcat.bobcatos.com> References: <20080923201802.GD11045@bobcat.bobcatos.com> <20080923211406.GA18146@bobcat.bobcatos.com> Message-ID: On Tue, 23 Sep 2008, Bob McClure Jr wrote: > On Tue, Sep 23, 2008 at 02:28:44PM -0600, Karl Pearson wrote: >> On Tue, 23 Sep 2008, Bob McClure Jr wrote: >> >>> On Tue, Sep 23, 2008 at 01:06:37PM -0600, Karl Pearson wrote: >>>> I like remote managing my server using ssh -X or ssh -Y and then running >>>> gui apps sometimes. >>>> >>>> I've check workstation and server X11Forwarding yes and then restarted >>>> sshd so don't know where else to go. >>>> >>>> I've checked the logs and there's nothing about it. The error I get is: >>>> >>>> [root at mail root]# system-config-printer >>>> system-config-printer: could not open display >>>> This is a graphical application and requires DISPLAY to be set. >>>> >>>> or: >>>> >>>> [karlp at mail ~/]$ xterm >>>> xterm Xt error: Can't open display: >>>> xterm: DISPLAY is not set >>>> >>>> Of course, the obvious is to set $DISPLAY, which doesn't work either. >>> >>> Well, no, it needs to be set by sshd. If you "ssh -X host.onthe.net", >>> when you get a shell prompt, you should be able to >>> >>> $ echo $DISPLAY >>> localhost:10.0 >> >> Nope, it's empty... > > Figgers. > >>> in the usual case. Any problems should be evident in >>> /var/log/messages or /var/log/secure. >> >> Logging in works, and the logs show that, but there's nothing about >> forwarding anomalies. There is an entry about DNS lookup failed for my IP. >> Should I set secure forwarding on? > > I guess so. Can't say I know what that does. I think I've > always set it. > >>> Check also your ~/.Xauthority file on the distant server. Permissions >>> should be something like mine: >>> >>> -rw------- 1 bob users 532 Sep 23 15:09 .Xauthority >>> >>> You might try deleting it, then exit, and "ssh -X" in again. It >>> should mention something about creating it. >> >> Deleted. And... not recreated on next ssh in... Hmmm? > > Just thought I'd check. I was suspecting that the file had somehow > acquired bogus permissions or ownership and couldn't be written to. > > Oh, I don't know why I failed to suggest this before. Turn on > verbosity with "-v", up to three times to get more details on what's > going on. When they say "verbose", they mean _verbose_. You'll have > to scroll up to see the whole mess. See if any clues come of that. Verbose output shows debug1: Sending environment but echo $DISPLAY still shows nothing (it shows :0.0 on localhost before ssh) > >>>> I've seen blogs, threads and other stuff all over the net and everything >>>> says, enable X11Forwarding. I've done this for years and have never had >>>> that not work. Using -X or -Y should even countermand that setting if it's >>>> off, right? >>>> >>>> Any ideas where to go next? >>>> >>>> --- >>>> _/ _/ _/ _/_/_/ ____________ __o >>>> _/ _/ _/ _/ _/ ____________ _-\\<._ >>>> _/_/ _/ _/_/_/ (_)/ (_) >>>> _/ _/ _/ _/ ...................... >>>> _/ _/ arl _/_/_/ _/ earson KarlP at ourldsfamily.com >>>> --- >>>> http://consulting.ourldsfamily.com >>>> --- >>> >>> Cheers, >>> -- >>> Bob McClure, Jr. >> >> --- >> _/ _/ _/ _/_/_/ ____________ __o >> _/ _/ _/ _/ _/ ____________ _-\\<._ >> _/_/ _/ _/_/_/ (_)/ (_) >> _/ _/ _/ _/ ...................... >> _/ _/ arl _/_/_/ _/ earson KarlP at ourldsfamily.com >> --- >> http://consulting.ourldsfamily.com >> --- > > Cheers, > -- > Bob McClure, Jr. Bobcat Open Systems, Inc. > bob at bobcatos.com http://www.bobcatos.com > "A new command I give you: Love one another. As I have loved you, so > you must love one another. By this all men will know that you are my > disciples, if you love one another." John 13:34-35 (NIV) > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > --- _/ _/ _/ _/_/_/ ____________ __o _/ _/ _/ _/ _/ ____________ _-\\<._ _/_/ _/ _/_/_/ (_)/ (_) _/ _/ _/ _/ ...................... _/ _/ arl _/_/_/ _/ earson KarlP at ourldsfamily.com --- http://consulting.ourldsfamily.com --- From karlp at ourldsfamily.com Wed Sep 24 01:33:31 2008 From: karlp at ourldsfamily.com (Karl Pearson) Date: Tue, 23 Sep 2008 19:33:31 -0600 (MDT) Subject: ssh -X (-Y) not working In-Reply-To: <3d22fc520809231737x257403eeic757fc0e6d618c3d@mail.gmail.com> References: <3d22fc520809231737x257403eeic757fc0e6d618c3d@mail.gmail.com> Message-ID: On Tue, 23 Sep 2008, Aldo Foot wrote: > On Tue, Sep 23, 2008 at 12:06 PM, Karl Pearson wrote: >> I like remote managing my server using ssh -X or ssh -Y and then running gui >> apps sometimes. >> >> I've check workstation and server X11Forwarding yes and then restarted sshd >> so don't know where else to go. >> >> I've checked the logs and there's nothing about it. The error I get is: >> >> [root at mail root]# system-config-printer >> system-config-printer: could not open display >> This is a graphical application and requires DISPLAY to be set. >> >> or: >> >> [karlp at mail ~/]$ xterm >> xterm Xt error: Can't open display: >> xterm: DISPLAY is not set >> >> Of course, the obvious is to set $DISPLAY, which doesn't work either. > >> >> Any ideas where to go next? >> >> --- > > On the ssh client: > $ xhost + No joy. echo $DISPLAY still shows a blank line. > > ~af > > P.S. Trim your replies a bit for legibility. > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > --- _/ _/ _/ _/_/_/ ____________ __o _/ _/ _/ _/ _/ ____________ _-\\<._ _/_/ _/ _/_/_/ (_)/ (_) _/ _/ _/ _/ ...................... _/ _/ arl _/_/_/ _/ earson KarlP at ourldsfamily.com --- http://consulting.ourldsfamily.com --- From karlp at ourldsfamily.com Wed Sep 24 01:36:32 2008 From: karlp at ourldsfamily.com (Karl Pearson) Date: Tue, 23 Sep 2008 19:36:32 -0600 (MDT) Subject: ssh -X (-Y) not working In-Reply-To: <48D98D79.3030602@nerd.com> References: <20080923201802.GD11045@bobcat.bobcatos.com> <48D98D79.3030602@nerd.com> Message-ID: On Tue, 23 Sep 2008, Rick Stevens wrote: > Karl Pearson wrote: >> On Tue, 23 Sep 2008, Bob McClure Jr wrote: >> >>> On Tue, Sep 23, 2008 at 01:06:37PM -0600, Karl Pearson wrote: >>>> I like remote managing my server using ssh -X or ssh -Y and then running >>>> gui apps sometimes. >>>> >>>> I've check workstation and server X11Forwarding yes and then restarted >>>> sshd so don't know where else to go. >>>> >>>> I've checked the logs and there's nothing about it. The error I get is: >>>> >>>> [root at mail root]# system-config-printer >>>> system-config-printer: could not open display >>>> This is a graphical application and requires DISPLAY to be set. >>>> >>>> or: >>>> >>>> [karlp at mail ~/]$ xterm >>>> xterm Xt error: Can't open display: >>>> xterm: DISPLAY is not set >>>> >>>> Of course, the obvious is to set $DISPLAY, which doesn't work either. >>> >>> Well, no, it needs to be set by sshd. If you "ssh -X host.onthe.net", >>> when you get a shell prompt, you should be able to >>> >>> $ echo $DISPLAY >>> localhost:10.0 >> >> Nope, it's empty... >> >>> >>> in the usual case. Any problems should be evident in >>> /var/log/messages or /var/log/secure. >> >> Logging in works, and the logs show that, but there's nothing about >> forwarding anomalies. There is an entry about DNS lookup failed for my IP. >> Should I set secure forwarding on? >> >>> >>> Check also your ~/.Xauthority file on the distant server. Permissions >>> should be something like mine: >>> >>> -rw------- 1 bob users 532 Sep 23 15:09 .Xauthority >>> >>> You might try deleting it, then exit, and "ssh -X" in again. It >>> should mention something about creating it. >> >> Deleted. And... not recreated on next ssh in... Hmmm? >> >> >>> >>>> I've seen blogs, threads and other stuff all over the net and everything >>>> says, enable X11Forwarding. I've done this for years and have never had >>>> that not work. Using -X or -Y should even countermand that setting if >>>> it's >>>> off, right? >>>> >>>> Any ideas where to go next? > > On your ssh client, enter "echo $DISPLAY" and make sure it displays > something to the effect ":0.0" (you ARE in an xterm, right?). If it > doesn't, then there's something wrong with your local X. That's step > one. If you don't have $DISPLAY set locally, there's no way ssh can > communicate that to the sshd server, regardless of using "-X" or "-Y". > > Next, check the remote machine's /etc/ssh/sshd_config and make sure that > both "AllowTcpForwarding yes" and "X11Forwarding yes" are set (they're > both set to "no" by default). If you've changed either or both > settings, do "service sshd restart" before you log off the remote > machine to make the changes "take". > > Now, if the local "echo $DISPLAY" does display data, then "ssh -Y > remotehost" should get you to the remote. Once on there, do another > "echo $DISPLAY" and it should show "localhost:10.0" or something very > similar (the ":10" bit is set by the "X11DisplayOffset" value in the > remote machine's /etc/ssh/sshd_config file and is 10 by default). The > "localhost" bit indicates that X is being tunneled through the ssh > pipe. Nope. no DISPLAY on the server, just the client (:0.0) Something appears to have kept the DISPLAY being sent when the environment is sent. > > Example on my machines: > > [root at prophead ~]# echo $DISPLAY > :0.0 > [root at prophead ~]# ssh bigdog > Last login: Tue Sep 23 17:26:51 2008 from prophead.hci.com > [root at bigdog ~]# echo $DISPLAY > > [root at bigdog ~]# exit > logout > Connection to bigdog closed. > [root at prophead ~]# ssh -Y bigdog > Last login: Tue Sep 23 17:30:31 2008 from prophead.hci.com > [root at bigdog ~]# echo $DISPLAY > localhost:10.0 > [root at bigdog ~]# exit > logout > > Hope that helps! > ---------------------------------------------------------------------- > - Rick Stevens, Systems Engineer ricks at nerd.com - > - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 - > - - > - We look for things. Things that make us go! - > ---------------------------------------------------------------------- > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > --- _/ _/ _/ _/_/_/ ____________ __o _/ _/ _/ _/ _/ ____________ _-\\<._ _/_/ _/ _/_/_/ (_)/ (_) _/ _/ _/ _/ ...................... _/ _/ arl _/_/_/ _/ earson KarlP at ourldsfamily.com --- http://consulting.ourldsfamily.com --- From karlp at ourldsfamily.com Wed Sep 24 05:53:14 2008 From: karlp at ourldsfamily.com (Karl Pearson) Date: Tue, 23 Sep 2008 23:53:14 -0600 (MDT) Subject: ssh -X (-Y) SOLVED In-Reply-To: References: <20080923201802.GD11045@bobcat.bobcatos.com> <48D98D79.3030602@nerd.com> Message-ID: Evil top-poster here, but y'all deserve to find out quickly what I did to solve this thing. I finally decided to remove openssh-server and re-install. That failed to work, so what about remove openssh and openssh-server. I did that, and found 2 copies of openssh on the system. Removing: openssh i386 4.7p1-4.fc8 installed 722 k openssh i386 4.7p1-2.fc8 installed 722 k openssh-server i386 4.7p1-4.fc8 installed 470 k Removing for dependencies: openssh-askpass i386 4.7p1-4.fc8 installed 9.9 k openssh-clients i386 4.7p1-4.fc8 installed 876 k So, how can 2 copies of openssh be installed? I've never manually done it. I've only done yum update. But now that it's working as advertised, I'm not sure I care. But I have one other question: How can I get protocol 1 to work so I can connect via my Palm Pilot using TGssh? Not a critical issue, but as long as I'm asking. Oh, and changing: Protocol 2 to Protocol 2,1 didn't work... Karl On Tue, 23 Sep 2008, Karl Pearson wrote: > On Tue, 23 Sep 2008, Rick Stevens wrote: > >> Karl Pearson wrote: >>> On Tue, 23 Sep 2008, Bob McClure Jr wrote: >>> >>>> On Tue, Sep 23, 2008 at 01:06:37PM -0600, Karl Pearson wrote: >>>>> I like remote managing my server using ssh -X or ssh -Y and then running >>>>> gui apps sometimes. >>>>> >>>>> I've check workstation and server X11Forwarding yes and then restarted >>>>> sshd so don't know where else to go. >>>>> >>>>> I've checked the logs and there's nothing about it. The error I get is: >>>>> >>>>> [root at mail root]# system-config-printer >>>>> system-config-printer: could not open display >>>>> This is a graphical application and requires DISPLAY to be set. >>>>> >>>>> or: >>>>> >>>>> [karlp at mail ~/]$ xterm >>>>> xterm Xt error: Can't open display: >>>>> xterm: DISPLAY is not set >>>>> >>>>> Of course, the obvious is to set $DISPLAY, which doesn't work either. >>>> >>>> Well, no, it needs to be set by sshd. If you "ssh -X host.onthe.net", >>>> when you get a shell prompt, you should be able to >>>> >>>> $ echo $DISPLAY >>>> localhost:10.0 >>> >>> Nope, it's empty... >>> >>>> >>>> in the usual case. Any problems should be evident in >>>> /var/log/messages or /var/log/secure. >>> >>> Logging in works, and the logs show that, but there's nothing about >>> forwarding anomalies. There is an entry about DNS lookup failed for my IP. >>> Should I set secure forwarding on? >>> >>>> >>>> Check also your ~/.Xauthority file on the distant server. Permissions >>>> should be something like mine: >>>> >>>> -rw------- 1 bob users 532 Sep 23 15:09 .Xauthority >>>> >>>> You might try deleting it, then exit, and "ssh -X" in again. It >>>> should mention something about creating it. >>> >>> Deleted. And... not recreated on next ssh in... Hmmm? >>> >>> >>>> >>>>> I've seen blogs, threads and other stuff all over the net and everything >>>>> says, enable X11Forwarding. I've done this for years and have never had >>>>> that not work. Using -X or -Y should even countermand that setting if >>>>> it's >>>>> off, right? >>>>> >>>>> Any ideas where to go next? >> >> On your ssh client, enter "echo $DISPLAY" and make sure it displays >> something to the effect ":0.0" (you ARE in an xterm, right?). If it >> doesn't, then there's something wrong with your local X. That's step >> one. If you don't have $DISPLAY set locally, there's no way ssh can >> communicate that to the sshd server, regardless of using "-X" or "-Y". >> >> Next, check the remote machine's /etc/ssh/sshd_config and make sure that >> both "AllowTcpForwarding yes" and "X11Forwarding yes" are set (they're >> both set to "no" by default). If you've changed either or both >> settings, do "service sshd restart" before you log off the remote >> machine to make the changes "take". >> >> Now, if the local "echo $DISPLAY" does display data, then "ssh -Y >> remotehost" should get you to the remote. Once on there, do another >> "echo $DISPLAY" and it should show "localhost:10.0" or something very >> similar (the ":10" bit is set by the "X11DisplayOffset" value in the >> remote machine's /etc/ssh/sshd_config file and is 10 by default). The >> "localhost" bit indicates that X is being tunneled through the ssh >> pipe. > > Nope. no DISPLAY on the server, just the client (:0.0) > > Something appears to have kept the DISPLAY being sent when the environment is > sent. > >> >> Example on my machines: >> >> [root at prophead ~]# echo $DISPLAY >> :0.0 >> [root at prophead ~]# ssh bigdog >> Last login: Tue Sep 23 17:26:51 2008 from prophead.hci.com >> [root at bigdog ~]# echo $DISPLAY >> >> [root at bigdog ~]# exit >> logout >> Connection to bigdog closed. >> [root at prophead ~]# ssh -Y bigdog >> Last login: Tue Sep 23 17:30:31 2008 from prophead.hci.com >> [root at bigdog ~]# echo $DISPLAY >> localhost:10.0 >> [root at bigdog ~]# exit >> logout >> >> Hope that helps! >> ---------------------------------------------------------------------- >> - Rick Stevens, Systems Engineer ricks at nerd.com - >> - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 - >> - - >> - We look for things. Things that make us go! - >> ---------------------------------------------------------------------- >> >> _______________________________________________ >> Redhat-install-list mailing list >> Redhat-install-list at redhat.com >> https://www.redhat.com/mailman/listinfo/redhat-install-list >> To Unsubscribe Go To ABOVE URL or send a message to: >> redhat-install-list-request at redhat.com >> Subject: unsubscribe >> > > --- > _/ _/ _/ _/_/_/ ____________ __o > _/ _/ _/ _/ _/ ____________ _-\\<._ > _/_/ _/ _/_/_/ (_)/ (_) > _/ _/ _/ _/ ...................... > _/ _/ arl _/_/_/ _/ earson KarlP at ourldsfamily.com > --- > http://consulting.ourldsfamily.com > --- > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > From pengcz at 126.com Wed Sep 24 11:32:34 2008 From: pengcz at 126.com (pengcz) Date: Wed, 24 Sep 2008 19:32:34 +0800 (CST) Subject: how to enable tftp upload with selinux in rhel5 Message-ID: <10355903.415331222255954708.JavaMail.coremail@bj126app62.126.com> hi, all i have problem when using the tftp to upload file to tftpd server with selinux enable, if i disable the selinux ,upload file to the tftpd server is ok, can any one help me to solve this issue with selinux enable ? -------------- next part -------------- An HTML attachment was scrubbed... URL: From lunixer at gmail.com Wed Sep 24 16:29:17 2008 From: lunixer at gmail.com (Aldo Foot) Date: Wed, 24 Sep 2008 09:29:17 -0700 Subject: ssh -X (-Y) not working In-Reply-To: References: <3d22fc520809231737x257403eeic757fc0e6d618c3d@mail.gmail.com> Message-ID: <3d22fc520809240929u195eac76sca16c42da79d2f0c@mail.gmail.com> On Tue, Sep 23, 2008 at 6:33 PM, Karl Pearson wrote: >> On the ssh client: >> $ xhost + > > No joy. echo $DISPLAY still shows a blank line. > >> >> ~af >> >> P.S. Trim your replies a bit for legibility. For troubleshooting purposes try setting the display on the ssh server to point to the remote client. remote is the FQDN or IP of the remote system. C-SHELL server% setenv DISPLAY remoteClient:0 BOURNE server$ export DISPLAY=remoteClient:0 Then test by starting an X-Client on the server. Note that using setenv to set the display neglects ssh security. ~af From alok.rhct at gmail.com Thu Sep 25 05:29:52 2008 From: alok.rhct at gmail.com (Alok Pandey) Date: Thu, 25 Sep 2008 10:59:52 +0530 Subject: Problem in Compiling Kernel 2.6.24 : kernel headers remains unchanged In-Reply-To: <48D8925B.3060800@gmail.com> References: <48D8925B.3060800@gmail.com> Message-ID: <48DB21D0.7010901@gmail.com> Alok Pandey wrote: > Hi All, > I am trying to compile a new kernel-2.6.24 on RHEL5(xeon-x86_64) to > use /* tcp-md5 encryptions*/, but after successfully compilation , > kernel headers remain unchanged. > The steps I followed to compile the kernel was : > > linux2.6.24#] make oldconfig > >make menuconfig (to select tcp-md5 as *) > > make dep,clean, modules,all > > make modules_install, headers_install_all > > make install > Linux2.6.24#] mkinitrd /boot/initrd-2.6.24.img 2.6.24 > > check /boot/grub/grub.conf (for proper entry) > reboot. > > After Reboot: Checked, system is booted with correct kernel (i.e > 2.6.24) but still kernel headers are unchanged (i.e files under > /usr/include/{linux,netinet}) > > Any idea ,what i am doing wrong ? > Any suggestion is welcome ...! > > Thanks in advance > Alok Panedy > -------------- next part -------------- An HTML attachment was scrubbed... URL: From ricks at nerd.com Thu Sep 25 17:43:19 2008 From: ricks at nerd.com (Rick Stevens) Date: Thu, 25 Sep 2008 10:43:19 -0700 Subject: Problem in Compiling Kernel 2.6.24 : kernel headers remains unchanged In-Reply-To: <48DB21D0.7010901@gmail.com> References: <48D8925B.3060800@gmail.com> <48DB21D0.7010901@gmail.com> Message-ID: <48DBCDB7.7080706@nerd.com> Alok Pandey wrote: > Alok Pandey wrote: >> Hi All, >> I am trying to compile a new kernel-2.6.24 on RHEL5(xeon-x86_64) to >> use /* tcp-md5 encryptions*/, but after successfully compilation , >> kernel headers remain unchanged. >> The steps I followed to compile the kernel was : >> >> linux2.6.24#] make oldconfig >> >make menuconfig (to select tcp-md5 as *) >> > make dep,clean, modules,all >> > make modules_install, headers_install_all >> > make install >> Linux2.6.24#] mkinitrd /boot/initrd-2.6.24.img 2.6.24 >> > check /boot/grub/grub.conf (for proper entry) >> reboot. >> >> After Reboot: Checked, system is booted with correct kernel (i.e >> 2.6.24) but still kernel headers are unchanged (i.e files under >> /usr/include/{linux,netinet}) >> >> Any idea ,what i am doing wrong ? >> Any suggestion is welcome ...! What did you expect to change? The headers are the headers. Rebuilding a kernel doesn't change the headers, just the kernel, its associated modules and the "/boot/config-(version)" file. You also don't need the "make dep clean" stuff with 2.6 kernels. ---------------------------------------------------------------------- - Rick Stevens, Systems Engineer ricks at nerd.com - - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 - - - - If one is what one eats, then I am fast, cheap and greasy! - ---------------------------------------------------------------------- From alok.rhct at gmail.com Fri Sep 26 08:18:52 2008 From: alok.rhct at gmail.com (Alok Pandey) Date: Fri, 26 Sep 2008 13:48:52 +0530 Subject: Problem in Compiling Kernel 2.6.24 : kernel headers remains unchanged In-Reply-To: <48DBCDB7.7080706@nerd.com> References: <48D8925B.3060800@gmail.com> <48DB21D0.7010901@gmail.com> <48DBCDB7.7080706@nerd.com> Message-ID: <48DC9AEC.7060507@gmail.com> Hi Rick, Thanks for your time, What I am trying to do is, want to use the new feature of *TCP-MD5* for encryption and for which I need to compile a new kernel version >2.6.24 (as lower version kernels don't have such options) After successful kernel installation , still guy's (developers) are not able to use it as it complains about KERNEL-HEADERS. As i am not a developer and have limited knowledge about lib and headers, hope you will understand my problem and will able to suggest me the best way to resolve this issue. *Reasons why it seems to be an Kernel headers problem ,because * In kernel src dir i.e linux2.6.46/usr/include/linux/ there is file named tcp.h (which had entry for tcp-md5) ,but file tcp.h on system (/usr/include/netinet/) don't have such entry and after installation it remains unchanged and; Our script use that file from system src (/usr/include/netinet/) also I think ,gcc is also need to be upgraded , if this be the case, then what will be the safe way to UPGRADE the gcc. PLZ SUGGEST....!! Thanks Alok Rick Stevens wrote: > Alok Pandey wrote: >> Alok Pandey wrote: >>> Hi All, >>> I am trying to compile a new kernel-2.6.24 on RHEL5(xeon-x86_64) to >>> use /* tcp-md5 encryptions*/, but after successfully compilation , >>> kernel headers remain unchanged. >>> The steps I followed to compile the kernel was : >>> >>> linux2.6.24#] make oldconfig >>> >make menuconfig (to select tcp-md5 as *) >>> > make dep,clean, modules,all >>> > make modules_install, headers_install_all >>> > make install >>> Linux2.6.24#] mkinitrd /boot/initrd-2.6.24.img 2.6.24 >>> > check /boot/grub/grub.conf (for proper entry) >>> reboot. >>> >>> After Reboot: Checked, system is booted with correct kernel (i.e >>> 2.6.24) but still kernel headers are unchanged (i.e files under >>> /usr/include/{linux,netinet}) >>> >>> Any idea ,what i am doing wrong ? >>> Any suggestion is welcome ...! > > What did you expect to change? The headers are the headers. Rebuilding > a kernel doesn't change the headers, just the kernel, its associated > modules and the "/boot/config-(version)" file. > > You also don't need the "make dep clean" stuff with 2.6 kernels. > ---------------------------------------------------------------------- > - Rick Stevens, Systems Engineer ricks at nerd.com - > - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 - > - - > - If one is what one eats, then I am fast, cheap and greasy! - > ---------------------------------------------------------------------- > -------------- next part -------------- An HTML attachment was scrubbed... URL: From charlesvgoff at gmail.com Fri Sep 26 12:42:30 2008 From: charlesvgoff at gmail.com (Charles Goff) Date: Fri, 26 Sep 2008 07:42:30 -0500 Subject: Microsoft Bluetooth Keyboard and Mouse Message-ID: <6670060b0809260542t19bcb178r943e423c34212243@mail.gmail.com> Is it possible to install the microsoft bluetooth keyboard and mouse on Red Hat 5? If so could someone give me a brief description of the process. I've seen a few posts on the internet where people have commented that they've been able to use these devices with red hat but no explanation as to how. Thanks for any help -------------- next part -------------- An HTML attachment was scrubbed... URL: From ktr at mtu.edu Fri Sep 26 12:47:33 2008 From: ktr at mtu.edu (Kevin Raber) Date: Fri, 26 Sep 2008 08:47:33 -0400 Subject: Microsoft Bluetooth Keyboard and Mouse In-Reply-To: <6670060b0809260542t19bcb178r943e423c34212243@mail.gmail.com> References: <6670060b0809260542t19bcb178r943e423c34212243@mail.gmail.com> Message-ID: <48DCD9E5.8060302@mtu.edu> plug them in ?? Charles Goff wrote: > Is it possible to install the microsoft bluetooth keyboard and mouse on > Red Hat 5? If so could someone give me a brief description of the > process. I've seen a few posts on the internet where people have > commented that they've been able to use these devices with red hat but > no explanation as to how. > > Thanks for any help > > > ------------------------------------------------------------------------ > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe From mcorsi at spearreport.com Fri Sep 26 12:49:44 2008 From: mcorsi at spearreport.com (Mark Corsi) Date: Fri, 26 Sep 2008 08:49:44 -0400 Subject: Microsoft Bluetooth Keyboard and Mouse In-Reply-To: <48DCD9E5.8060302@mtu.edu> References: <6670060b0809260542t19bcb178r943e423c34212243@mail.gmail.com> <48DCD9E5.8060302@mtu.edu> Message-ID: <929FEB4C55B74DFCB612BB82A68EEBCA@spearreport.local> lmao -----Original Message----- From: redhat-install-list-bounces at redhat.com [mailto:redhat-install-list-bounces at redhat.com] On Behalf Of Kevin Raber Sent: Friday, September 26, 2008 8:48 AM To: Getting started with Red Hat Linux Subject: Re: Microsoft Bluetooth Keyboard and Mouse plug them in ?? Charles Goff wrote: > Is it possible to install the microsoft bluetooth keyboard and mouse > on Red Hat 5? If so could someone give me a brief description of the > process. I've seen a few posts on the internet where people have > commented that they've been able to use these devices with red hat but > no explanation as to how. > > Thanks for any help > > > ---------------------------------------------------------------------- > -- > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe _______________________________________________ Redhat-install-list mailing list Redhat-install-list at redhat.com https://www.redhat.com/mailman/listinfo/redhat-install-list To Unsubscribe Go To ABOVE URL or send a message to: redhat-install-list-request at redhat.com Subject: unsubscribe From charlesvgoff at gmail.com Fri Sep 26 17:14:37 2008 From: charlesvgoff at gmail.com (Charles Goff) Date: Fri, 26 Sep 2008 12:14:37 -0500 Subject: Microsoft Bluetooth Keyboard and Mouse Message-ID: <6670060b0809261014o5becf11fudb2e2540ac3770e9@mail.gmail.com> I thought I would find a helpful answer to my problem from what is supposed to be a community of people involved in the same things. Apparently I was wrong. I've since found the answer on another website where people seem to be concerned with real answers and not being comedians I'd like to personally thank Kevin Raber for his insightful comments; They were plugged in jackass. -------------- next part -------------- An HTML attachment was scrubbed... URL: From mcorsi at spearreport.com Fri Sep 26 18:54:37 2008 From: mcorsi at spearreport.com (Mark Corsi) Date: Fri, 26 Sep 2008 14:54:37 -0400 Subject: Microsoft Bluetooth Keyboard and Mouse In-Reply-To: <6670060b0809261014o5becf11fudb2e2540ac3770e9@mail.gmail.com> References: <6670060b0809261014o5becf11fudb2e2540ac3770e9@mail.gmail.com> Message-ID: Charles - This list is very helpful. From time to time, people make cute comments; but that does not detract from the overall expertise of the list. I am glad you were able to find your answer to the problem. I thought the 'plug it in' quip was highly comical. One might advise you to lighten up a tad. Regards _____ From: redhat-install-list-bounces at redhat.com [mailto:redhat-install-list-bounces at redhat.com] On Behalf Of Charles Goff Sent: Friday, September 26, 2008 1:15 PM To: redhat-install-list at redhat.com Subject: Re: Microsoft Bluetooth Keyboard and Mouse I thought I would find a helpful answer to my problem from what is supposed to be a community of people involved in the same things. Apparently I was wrong. I've since found the answer on another website where people seem to be concerned with real answers and not being comedians I'd like to personally thank Kevin Raber for his insightful comments; They were plugged in jackass. -------------- next part -------------- An HTML attachment was scrubbed... URL: From ricks at nerd.com Fri Sep 26 19:53:51 2008 From: ricks at nerd.com (Rick Stevens) Date: Fri, 26 Sep 2008 12:53:51 -0700 Subject: Microsoft Bluetooth Keyboard and Mouse In-Reply-To: <48DCD9E5.8060302@mtu.edu> References: <6670060b0809260542t19bcb178r943e423c34212243@mail.gmail.com> <48DCD9E5.8060302@mtu.edu> Message-ID: <48DD3DCF.9030909@nerd.com> Kevin Raber wrote: > plug them in ?? An utterly stupid comment, Kevin. I'm sure he's plugged them in, but they're obviously not working or he wouldn't be asking this question. Most people come to the list looking for real help, not a flippant response. And most respondants bottom-post on Red Hat and Fedora lists. > Charles Goff wrote: >> Is it possible to install the microsoft bluetooth keyboard and mouse >> on Red Hat 5? If so could someone give me a brief description of the >> process. I've seen a few posts on the internet where people have >> commented that they've been able to use these devices with red hat but >> no explanation as to how. Charles, to be honest I've never used a bluetooth keyboard or mouse. I have some, I just haven't used them. I can do some research and get them to work for me and post a how-to, but I'm a bit swamped with stuff at the moment and won't be able to get to it until this weekend. Can you wait until then? ---------------------------------------------------------------------- - Rick Stevens, Systems Engineer ricks at nerd.com - - AIM/Skype: therps2 ICQ: 22643734 Yahoo: origrps2 - - - - Do you know where _your_ towel is? - ---------------------------------------------------------------------- From karlp at ourldsfamily.com Sun Sep 28 03:41:35 2008 From: karlp at ourldsfamily.com (Karl Pearson) Date: Sat, 27 Sep 2008 21:41:35 -0600 (MDT) Subject: Fail2Ban? Message-ID: I've installed fail2ban and it's working nicely. I lengthened out the ban-time because I run a very busy server. As part of that, I removed root ssh access, because it's just about time. On a side note, before I get to my question, I wrote before because ForwardX11 wasn't working. I solved it by removing and re-installing openssh-server and openssh-clients. Well, it quit working again after the next reboot, which is coming more often than I'd like because of it being new. In any case, after disabling root login, it hasn't failed yet. My question is: Do you know a good method of denying access to non-captcha forms using fail2ban. If you've used it, and have it working, I'd like to know. I've checked online and found easy ways to prevent login-enabled form access, but these are public forms and don't require a login. Thanks, --- _/ _/ _/ _/_/_/ ____________ __o _/ _/ _/ _/ _/ ____________ _-\\<._ _/_/ _/ _/_/_/ (_)/ (_) _/ _/ _/ _/ ...................... _/ _/ arl _/_/_/ _/ earson KarlP at ourldsfamily.com --- http://consulting.ourldsfamily.com --- "To mess up your Linux PC, you have to really work at it; to mess up a microsoft PC you just have to work on it." --- From bob at bobcatos.com Sun Sep 28 12:15:11 2008 From: bob at bobcatos.com (Bob McClure Jr) Date: Sun, 28 Sep 2008 07:15:11 -0500 Subject: Fail2Ban? In-Reply-To: References: Message-ID: <20080928121510.GA12347@bobcat.bobcatos.com> On Sat, Sep 27, 2008 at 09:41:35PM -0600, Karl Pearson wrote: > I've installed fail2ban and it's working nicely. I lengthened out the > ban-time because I run a very busy server. As part of that, I removed root > ssh access, because it's just about time. > > On a side note, before I get to my question, I wrote before because > ForwardX11 wasn't working. I solved it by removing and re-installing > openssh-server and openssh-clients. Well, it quit working again after the > next reboot, which is coming more often than I'd like because of it being > new. In any case, after disabling root login, it hasn't failed yet. > > My question is: Do you know a good method of denying access to non-captcha > forms using fail2ban. If you've used it, and have it working, I'd like to > know. I've checked online and found easy ways to prevent login-enabled > form access, but these are public forms and don't require a login. I don't know if this fits your problem or not, but it has pretty much eliminated my form-spam problem without resorting to CAPTCHA. The technique was described in SysAdmin April 2007, page 30. Add a TEXTAREA field to your form, labeled "comments" or something common, perhaps ahead of any other TEXTAREA field. Make it invisible by adding 'style="display: none"' to its tag. For real humans, the field is not there, but form bots will see it and poke their spam into it. So then if your form processor sees that the invisible field is filled in, it can ignore it, blacklist the IP, or anything else you care to devise. > Thanks, > > --- > _/ _/ _/ _/_/_/ ____________ __o > _/ _/ _/ _/ _/ ____________ _-\\<._ > _/_/ _/ _/_/_/ (_)/ (_) > _/ _/ _/ _/ ...................... > _/ _/ arl _/_/_/ _/ earson KarlP at ourldsfamily.com > --- > http://consulting.ourldsfamily.com > --- > "To mess up your Linux PC, you have to really work at it; > to mess up a microsoft PC you just have to work on it." > --- Cheers, -- Bob McClure, Jr. Bobcat Open Systems, Inc. bob at bobcatos.com http://www.bobcatos.com [S]o Christ was sacrificed once to take away the sins of many people; and he will appear a second time, not to bear sin, but to bring salvation to those who are waiting for him. Hebrews 9:28 (NIV) From karlp at ourldsfamily.com Sun Sep 28 21:33:27 2008 From: karlp at ourldsfamily.com (Karl Pearson) Date: Sun, 28 Sep 2008 15:33:27 -0600 (MDT) Subject: Fail2Ban? In-Reply-To: <20080928121510.GA12347@bobcat.bobcatos.com> References: <20080928121510.GA12347@bobcat.bobcatos.com> Message-ID: On Sun, 28 Sep 2008, Bob McClure Jr wrote: > On Sat, Sep 27, 2008 at 09:41:35PM -0600, Karl Pearson wrote: >> I've installed fail2ban and it's working nicely. I lengthened out the >> ban-time because I run a very busy server. As part of that, I removed root >> ssh access, because it's just about time. >> >> On a side note, before I get to my question, I wrote before because >> ForwardX11 wasn't working. I solved it by removing and re-installing >> openssh-server and openssh-clients. Well, it quit working again after the >> next reboot, which is coming more often than I'd like because of it being >> new. In any case, after disabling root login, it hasn't failed yet. >> >> My question is: Do you know a good method of denying access to non-captcha >> forms using fail2ban. If you've used it, and have it working, I'd like to >> know. I've checked online and found easy ways to prevent login-enabled >> form access, but these are public forms and don't require a login. > > I don't know if this fits your problem or not, but it has pretty much > eliminated my form-spam problem without resorting to CAPTCHA. The > technique was described in SysAdmin April 2007, page 30. Add a > TEXTAREA field to your form, labeled "comments" or something common, > perhaps ahead of any other TEXTAREA field. Make it invisible by > adding 'style="display: none"' to its tag. For real humans, the field > is not there, but form bots will see it and poke their spam into it. > So then if your form processor sees that the invisible field is filled > in, it can ignore it, blacklist the IP, or anything else you care to > devise. Very nice. I'll give that a try. I do have comment fields now, but adding one that is blank will be a dead giveaway. So, SysAdmin, huh? I've been a subscriber to Linux Journal for years, but not SysAdmin. Send me some info for them. Thanks, Karl > >> Thanks, >> >> --- >> _/ _/ _/ _/_/_/ ____________ __o >> _/ _/ _/ _/ _/ ____________ _-\\<._ >> _/_/ _/ _/_/_/ (_)/ (_) >> _/ _/ _/ _/ ...................... >> _/ _/ arl _/_/_/ _/ earson KarlP at ourldsfamily.com >> --- >> http://consulting.ourldsfamily.com >> --- >> "To mess up your Linux PC, you have to really work at it; >> to mess up a microsoft PC you just have to work on it." >> --- > > Cheers, > -- > Bob McClure, Jr. Bobcat Open Systems, Inc. > bob at bobcatos.com http://www.bobcatos.com > [S]o Christ was sacrificed once to take away the sins of many people; > and he will appear a second time, not to bear sin, but to bring > salvation to those who are waiting for him. Hebrews 9:28 (NIV) > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > --- _/ _/ _/ _/_/_/ ____________ __o _/ _/ _/ _/ _/ ____________ _-\\<._ _/_/ _/ _/_/_/ (_)/ (_) _/ _/ _/ _/ ...................... _/ _/ arl _/_/_/ _/ earson KarlP at ourldsfamily.com --- http://consulting.ourldsfamily.com --- "To mess up your Linux PC, you have to really work at it; to mess up a microsoft PC you just have to work on it." --- From bob at bobcatos.com Sun Sep 28 22:31:40 2008 From: bob at bobcatos.com (Bob McClure Jr) Date: Sun, 28 Sep 2008 17:31:40 -0500 Subject: Fail2Ban? In-Reply-To: References: <20080928121510.GA12347@bobcat.bobcatos.com> Message-ID: <20080928223140.GA7332@bobcat.bobcatos.com> On Sun, Sep 28, 2008 at 03:33:27PM -0600, Karl Pearson wrote: > On Sun, 28 Sep 2008, Bob McClure Jr wrote: > > >On Sat, Sep 27, 2008 at 09:41:35PM -0600, Karl Pearson wrote: > >>I've installed fail2ban and it's working nicely. I lengthened out the > >>ban-time because I run a very busy server. As part of that, I removed root > >>ssh access, because it's just about time. > >> > >>On a side note, before I get to my question, I wrote before because > >>ForwardX11 wasn't working. I solved it by removing and re-installing > >>openssh-server and openssh-clients. Well, it quit working again after the > >>next reboot, which is coming more often than I'd like because of it being > >>new. In any case, after disabling root login, it hasn't failed yet. > >> > >>My question is: Do you know a good method of denying access to non-captcha > >>forms using fail2ban. If you've used it, and have it working, I'd like to > >>know. I've checked online and found easy ways to prevent login-enabled > >>form access, but these are public forms and don't require a login. > > > >I don't know if this fits your problem or not, but it has pretty much > >eliminated my form-spam problem without resorting to CAPTCHA. The > >technique was described in SysAdmin April 2007, page 30. Add a > >TEXTAREA field to your form, labeled "comments" or something common, > >perhaps ahead of any other TEXTAREA field. Make it invisible by > >adding 'style="display: none"' to its tag. For real humans, the field > >is not there, but form bots will see it and poke their spam into it. > >So then if your form processor sees that the invisible field is filled > >in, it can ignore it, blacklist the IP, or anything else you care to > >devise. > > Very nice. I'll give that a try. I do have comment fields now, but adding > one that is blank will be a dead giveaway. Umm, I don't understand. How so? To real humans it never shows up. It's not there. But to bots that simply read HTML and don't grok CSS, it's another textarea field. I suggested putting it ahead of any other textarea fields, because I don't know if they fill in all textarea fields, or the first one they find, or what. > So, SysAdmin, huh? I've been a subscriber to Linux Journal for years, but > not SysAdmin. Send me some info for them. Alas, they ceased publication July '07, however their website is still up at http://www.samag.com/ and they still advertise their back-issue CD-ROM which covers 1992-2006, which also includes _The Perl Journal_ from 1996-2002. > Thanks, > > Karl > > > > >Cheers, > >-- > >Bob McClure, Jr. > --- > _/ _/ _/ _/_/_/ ____________ __o > _/ _/ _/ _/ _/ ____________ _-\\<._ > _/_/ _/ _/_/_/ (_)/ (_) > _/ _/ _/ _/ ...................... > _/ _/ arl _/_/_/ _/ earson KarlP at ourldsfamily.com > --- > http://consulting.ourldsfamily.com > --- > "To mess up your Linux PC, you have to really work at it; > to mess up a microsoft PC you just have to work on it." > --- Cheers, -- Bob McClure, Jr. Bobcat Open Systems, Inc. bob at bobcatos.com http://www.bobcatos.com [S]o Christ was sacrificed once to take away the sins of many people; and he will appear a second time, not to bear sin, but to bring salvation to those who are waiting for him. Hebrews 9:28 (NIV) From karlp at ourldsfamily.com Mon Sep 29 00:25:21 2008 From: karlp at ourldsfamily.com (Karl Pearson) Date: Sun, 28 Sep 2008 18:25:21 -0600 (MDT) Subject: Fail2Ban? In-Reply-To: <20080928223140.GA7332@bobcat.bobcatos.com> References: <20080928121510.GA12347@bobcat.bobcatos.com> <20080928223140.GA7332@bobcat.bobcatos.com> Message-ID: On Sun, 28 Sep 2008, Bob McClure Jr wrote: > On Sun, Sep 28, 2008 at 03:33:27PM -0600, Karl Pearson wrote: >> On Sun, 28 Sep 2008, Bob McClure Jr wrote: >> >>> On Sat, Sep 27, 2008 at 09:41:35PM -0600, Karl Pearson wrote: >>>> I've installed fail2ban and it's working nicely. I lengthened out the >>>> ban-time because I run a very busy server. As part of that, I removed root >>>> ssh access, because it's just about time. >>>> >>>> On a side note, before I get to my question, I wrote before because >>>> ForwardX11 wasn't working. I solved it by removing and re-installing >>>> openssh-server and openssh-clients. Well, it quit working again after the >>>> next reboot, which is coming more often than I'd like because of it being >>>> new. In any case, after disabling root login, it hasn't failed yet. >>>> >>>> My question is: Do you know a good method of denying access to non-captcha >>>> forms using fail2ban. If you've used it, and have it working, I'd like to >>>> know. I've checked online and found easy ways to prevent login-enabled >>>> form access, but these are public forms and don't require a login. >>> >>> I don't know if this fits your problem or not, but it has pretty much >>> eliminated my form-spam problem without resorting to CAPTCHA. The >>> technique was described in SysAdmin April 2007, page 30. Add a >>> TEXTAREA field to your form, labeled "comments" or something common, >>> perhaps ahead of any other TEXTAREA field. Make it invisible by >>> adding 'style="display: none"' to its tag. For real humans, the field >>> is not there, but form bots will see it and poke their spam into it. >>> So then if your form processor sees that the invisible field is filled >>> in, it can ignore it, blacklist the IP, or anything else you care to >>> devise. >> >> Very nice. I'll give that a try. I do have comment fields now, but adding >> one that is blank will be a dead giveaway. > > Umm, I don't understand. How so? Because it's hidden. And the ones I've gotten have all the fields filled in. The bot doesn't know when to stop, so when I get the field that should be empty, and isn't, I take action. Do I have that right? > > To real humans it never shows up. It's not there. But to bots that > simply read HTML and don't grok CSS, it's another textarea field. > I suggested putting it ahead of any other textarea fields, because I > don't know if they fill in all textarea fields, or the first one they > find, or what. > >> So, SysAdmin, huh? I've been a subscriber to Linux Journal for years, but >> not SysAdmin. Send me some info for them. > > Alas, they ceased publication July '07, however their website is still > up at > > http://www.samag.com/ > > and they still advertise their back-issue CD-ROM which covers > 1992-2006, which also includes _The Perl Journal_ from 1996-2002. > >> Thanks, >> >> Karl >> >>> >>> Cheers, >>> -- >>> Bob McClure, Jr. >> --- >> _/ _/ _/ _/_/_/ ____________ __o >> _/ _/ _/ _/ _/ ____________ _-\\<._ >> _/_/ _/ _/_/_/ (_)/ (_) >> _/ _/ _/ _/ ...................... >> _/ _/ arl _/_/_/ _/ earson KarlP at ourldsfamily.com >> --- >> http://consulting.ourldsfamily.com >> --- >> "To mess up your Linux PC, you have to really work at it; >> to mess up a microsoft PC you just have to work on it." >> --- > > Cheers, > -- > Bob McClure, Jr. Bobcat Open Systems, Inc. > bob at bobcatos.com http://www.bobcatos.com > [S]o Christ was sacrificed once to take away the sins of many people; > and he will appear a second time, not to bear sin, but to bring > salvation to those who are waiting for him. Hebrews 9:28 (NIV) > > _______________________________________________ > Redhat-install-list mailing list > Redhat-install-list at redhat.com > https://www.redhat.com/mailman/listinfo/redhat-install-list > To Unsubscribe Go To ABOVE URL or send a message to: > redhat-install-list-request at redhat.com > Subject: unsubscribe > --- _/ _/ _/ _/_/_/ ____________ __o _/ _/ _/ _/ _/ ____________ _-\\<._ _/_/ _/ _/_/_/ (_)/ (_) _/ _/ _/ _/ ...................... _/ _/ arl _/_/_/ _/ earson KarlP at ourldsfamily.com --- http://consulting.ourldsfamily.com --- From bob at bobcatos.com Mon Sep 29 00:32:55 2008 From: bob at bobcatos.com (Bob McClure Jr) Date: Sun, 28 Sep 2008 19:32:55 -0500 Subject: Fail2Ban? In-Reply-To: References: <20080928121510.GA12347@bobcat.bobcatos.com> <20080928223140.GA7332@bobcat.bobcatos.com> Message-ID: <20080929003255.GA14483@bobcat.bobcatos.com> On Sun, Sep 28, 2008 at 06:25:21PM -0600, Karl Pearson wrote: > On Sun, 28 Sep 2008, Bob McClure Jr wrote: > > >On Sun, Sep 28, 2008 at 03:33:27PM -0600, Karl Pearson wrote: > >>On Sun, 28 Sep 2008, Bob McClure Jr wrote: > >> > >>>On Sat, Sep 27, 2008 at 09:41:35PM -0600, Karl Pearson wrote: > >>>>I've installed fail2ban and it's working nicely. I lengthened out the > >>>>ban-time because I run a very busy server. As part of that, I removed > >>>>root > >>>>ssh access, because it's just about time. > >>>> > >>>>On a side note, before I get to my question, I wrote before because > >>>>ForwardX11 wasn't working. I solved it by removing and re-installing > >>>>openssh-server and openssh-clients. Well, it quit working again after > >>>>the > >>>>next reboot, which is coming more often than I'd like because of it > >>>>being > >>>>new. In any case, after disabling root login, it hasn't failed yet. > >>>> > >>>>My question is: Do you know a good method of denying access to > >>>>non-captcha > >>>>forms using fail2ban. If you've used it, and have it working, I'd like > >>>>to > >>>>know. I've checked online and found easy ways to prevent login-enabled > >>>>form access, but these are public forms and don't require a login. > >>> > >>>I don't know if this fits your problem or not, but it has pretty much > >>>eliminated my form-spam problem without resorting to CAPTCHA. The > >>>technique was described in SysAdmin April 2007, page 30. Add a > >>>TEXTAREA field to your form, labeled "comments" or something common, > >>>perhaps ahead of any other TEXTAREA field. Make it invisible by > >>>adding 'style="display: none"' to its tag. For real humans, the field > >>>is not there, but form bots will see it and poke their spam into it. > >>>So then if your form processor sees that the invisible field is filled > >>>in, it can ignore it, blacklist the IP, or anything else you care to > >>>devise. > >> > >>Very nice. I'll give that a try. I do have comment fields now, but adding > >>one that is blank will be a dead giveaway. > > > >Umm, I don't understand. How so? > > Because it's hidden. And the ones I've gotten have all the fields filled > in. The bot doesn't know when to stop, so when I get the field that should > be empty, and isn't, I take action. Do I have that right? Oh, okay, I understand. It's a dead giveaway to you. Yes, you have it precisely right. > >To real humans it never shows up. It's not there. But to bots that > >simply read HTML and don't grok CSS, it's another textarea field. > >I suggested putting it ahead of any other textarea fields, because I > >don't know if they fill in all textarea fields, or the first one they > >find, or what. > > > >>So, SysAdmin, huh? I've been a subscriber to Linux Journal for years, but > >>not SysAdmin. Send me some info for them. > > > >Alas, they ceased publication July '07, however their website is still > >up at > > > >http://www.samag.com/ > > > >and they still advertise their back-issue CD-ROM which covers > >1992-2006, which also includes _The Perl Journal_ from 1996-2002. > > > >>Thanks, > >> > >>Karl > >> > >>> > >>>Cheers, > >>>-- > >>>Bob McClure, Jr. > > > >Cheers, > >-- > >Bob McClure, Jr. > --- > _/ _/ _/ _/_/_/ ____________ __o > _/ _/ _/ _/ _/ ____________ _-\\<._ > _/_/ _/ _/_/_/ (_)/ (_) > _/ _/ _/ _/ ...................... > _/ _/ arl _/_/_/ _/ earson KarlP at ourldsfamily.com > --- > http://consulting.ourldsfamily.com > --- Cheers, -- Bob McClure, Jr. Bobcat Open Systems, Inc. bob at bobcatos.com http://www.bobcatos.com [S]o Christ was sacrificed once to take away the sins of many people; and he will appear a second time, not to bear sin, but to bring salvation to those who are waiting for him. Hebrews 9:28 (NIV) From garyfreder at gmail.com Tue Sep 30 12:13:15 2008 From: garyfreder at gmail.com (Gary Frederick) Date: Tue, 30 Sep 2008 07:13:15 -0500 Subject: Microsoft Bluetooth Keyboard and Mouse In-Reply-To: <48DD3DCF.9030909@nerd.com> References: <6670060b0809260542t19bcb178r943e423c34212243@mail.gmail.com> <48DCD9E5.8060302@mtu.edu> <48DD3DCF.9030909@nerd.com> Message-ID: <4943eea0809300513g15900a4brfd3e0386cca33cb2@mail.gmail.com> I have plugged in a microsoft bluetooth keyboard and mouse and it worked. Unfortunately I do not remember what OS... It may not be useful but I also connected to a PS3/YDL (Fedora based) Charles, can you pass on what you learned? Gary (top posting for years and years...)