I was able to install and start tftp.I can tftp localhost and get a file, even from a non-administrator login.I can connect from a remote host, but the *get* times out.I suspect there is a security issue. Can you tell me how to lower the security on tftp so that a remote host can do gets?
View 4 RepliesI am trying to wade through the semanage jungle to get permissions for a tftp client. I followed the HowTos [URL] but I get the following at the client:
tftp> status
Connected to 192.168.1.101.
Mode: netascii Verbose: off Tracing: off
Rexmt-interval: 5 seconds, Max-timeout: 25 seconds
tftp> get hello.o4
tftp: hello.o4: Permission denied
I finally figured out that the firewall directives shown at the end of the HowTo refer to semanage although the options are stated incorrectly according to the man page for semanage. I did insure that the file hello.o4 in /tftpboot has read permission for everybody.
way to redirect the audit daemon message to a remote host I checked the auditd.conf and it's man page and find that the log location is specified by the line log_file = file_path and in the man page
Quote:
"log_file: This keyword specifies the full path name to the log file where audit records will be stored. It must be a regular file."
does this mean that the auditd does not have the function to redirect the logs to a remote hosts.
We recently had a vulnerability scan done on our network and one of the vulnerabilities was that the dns server discloses the remote host name when using hostname.bind.
Is there any way that we can stop this from happening? Our name server is a Fedora 11 machine.
host always ask password on 1st remote desktop (VNC) access Desktop version... how can I disable this?
View 2 Replies View RelatedI am using TomCat6 with Ubuntu Server 9.10 x64. I successfully configured to iptables to redirect the port "443" to "8443" (Tomcat SSL), using this command:
[code]...
I have set up SSH and redirected the ssh server to listen on another port other than 22 for a bit of added security.
Now in hosts.deny I have:
ALL : ALL
In hosts.allow I have:
SSH : ip_address_of_client
I can no longer connect. I get the message: ssh_exchange_identification: Connection closed by remote host.
When I change hosts.allow to read:
ALL : ip_address_of_client
I can successfully connect the server.
However, I only want to allow SSH access in hosts.allow. What is the correct syntax?
I have tried and failed with each one of these:
SSH : ip_address:port_number
SSH2 : ipaddress
sshfwd-portnumber : ip_address_of_client
I am having trouble connecting to one of the VM's through ssh from base machine all of a sudden. All I get is an error : ssh_exchange_identification: Connection closed by remote host
--IP/Hostname crossed out --
[root@XX-XX02 ~]# ssh -v 1XX.1X.5X.1XX
OpenSSH_4.3p2, OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008[code].....
Saying that the problem is only with ssh would be wrong as I can't seem to telnet or ftp it either. But I can ping it fine.When I try to login to that VM through console, it won't even let me login. The screen would flash for a sec and the same login prompt would reappear. I am not sure what exactly happened as it was working fine before.
OS version: CentOS release 5.5 (Final)
uname -a: Linux XX.XX 2.6.18-194.17.1.el5 #1 SMP Wed Sep 29 12:50:31 EDT 2010 x86_64 x86_64 x86_64 GNU/Linux
I'm trying to setup my test nagios to check the disk space of another linux box. I've got it setup and checking. But to my surprise, it was checking the nagios server's local disk space instead of the remote linux.
Here is my services.cfg.
define service{
use basic-service
name disk-space
check_command check_local_disk!20%!10%! /
[Code].....
telnet localhost the output is...
Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection refused
telnet: Unable to connect to remote host: Connection refused
I don't understand what is the problem. Its not configured properly how do i configure it?
I've setup vsftpd correctly and it's running fine with local users (in the same LAN). However, when remote users wanna login to the server, it takes more than 1 minute to get in. Users do can login from remote. It just took too long. (It prompted for the username and password very fast.) Since the server is behind a router, I did configure the port forwarding for TCP 20-21. The centos version is 5.3. The vsftpd is v2.0.5.
View 6 Replies View RelatedI have it working fine when tftp and dhcp are installed on the same server but when trying to forward to a remote tftp it does not work. Dnsmasq insist on giving its local ip.I have added to config:dhcp-boot=pxelinux.0,pxetest2,192.168.0.130and I tried with and without the original hcp-boot=/var/lib/tftpboot/pxelinux.0Not much on this topic on the google nor on the dnsmasq homepage.
View 1 Replies View RelatedI'm trying to connect with my server via telnet, but when i sent the command (telnet xxx.xxx.xxx.xxx Port) doesn't works and shows then follow error: Unable to connect to remote host: Connection refused, It happens with any port. Is strange but my telnet services works (telnet xxx.xxx.xxx.xxx), In addition, i tried with firewall enabled and disabled and the problem still happens. My centOS run on virtualbox.
View 3 Replies View RelatedI setup a remote web server yesterday evening, which had Centos 5.3 on it. This went well, and I did this mostly over vnc, to get a GUI. However, I hadn't realised that there was a pending cron job to 'yum upgrade'. So, come 2am, 5.3 turned into 5.6. I carried on the install today, but after some time (I'm not sure exactly how or when), I lost the ability to run any GUI system config tools that required root login. I also lost the ability to run anything graphical - emacs, for example, when I was already root in an xterm.
/var/log/secure isn't telling me anything. It claims that it's running the config tool on my behalf, but nothing happens. If I try to run emacs, I get a message saying that the X server isn't responding. Could this be related to the upgrade? It feels like a PolicyKit problem - I've seen something similar on 6.0 for remote access over vnc - but 5.6 isn't running PolicyKIt.
When I try to pxe boot a Sun X4100 (which actually has a RHEL OS on it right now) I get the message TFTP open timeout. All traffic is allowed for port 69 udp in both directions. I do get a dhcp address. I see that both on the server and the client it gets an IP. After that I get this message in the logs:
[Code]....
Is there any way to user can increase or lower his privileges? I tried by "semanage login" but it works only for admin i think. I would like for example change range form s0:c0 to s0:c0.c10 and vice versa.
View 6 Replies View RelatedI'm trying to setup a network boot server and I'm having an issue with tftp. In the /etc/xinetd.d/tftp file, I added the "-v" (verbose) option to the server arg line so that i could figure out what was happening. When i looked at the /var/log/messages log file, it let me know that permission was denied to /tftpboot/nbi_img.
So, in short, my problem is that tftp isn't working because it doesn't have permission to /tftpboot/nbi_img. I can't figure out why. I stumbled upon a site where the user figured out a temporary fix to this issue and what he did was disabled the xinetd service and typed the following command:/usr/sbin/in.tftpd -l -v -v -s /tftpboot/nbi_imgWhen I do this as well, it works! but only until I restart and then I have to do that again. Is there a way to be able to fix that for good?
Is there a trick to allowing a TFTP connection to create a file? I can successfully tftfp (from a cisco router) if I touch the file first, but otherwise, (/tftpboot has been chmoded to 777) I get [TFTP: error code 2 received - 20334]
View 7 Replies View RelatedSo I'm playing around w/ some Cisco equipment and needed a quick tftp server. Go to command line and type yum install tftp-server. I get No Package available! I can clearly see it here on the i386 repo. Any ideas?? In the meantime, I'm just going to upgrade this lil 600m laptop to CentOS 6 to quickly solve the problem but I thought it was curious.
View 4 Replies View RelatedI have a problem installing CentOS 5.5 over lan. I set up a dhcp3 server and it works, client got an ip. I set up a tftpd-hpa server and it works, client can boot the install image of CentOS 5.5 I set up an apache server and it seems to be impossible... In the installation marathon I clicked through the menu to the choice of the web server where my installation files are available. I enter the ip 192.168.138.1 and the path CentOS-5.5 and CentOS tells me "Unable to retrieve http://192.168.138.1//CentOS-5.5/images/stage2.img" . Thats right because the two slashes are not right. Where the hell come the two slashes from???
I edited my httpd.conf like this:
<Directory /tftpboot/CentOS-5.5>
Options Indexes
AllowOverride None
</Directory>
[Code]....
I tried to add my wife , and when I put in a password for her, this error comes up."Please set a valid user name consisting of a lower case letter followed by lower case letters and numbers." I did all that and I still can't set a password for her.
View 3 Replies View RelatedI have installed CentOS 5.4 machine named test.example.com (192.168.1.1)File /etc/hosts contains:127.0.0.1 test.example.com test localhost.localdomain localhostI have read that the loopback addres should not be assigned to host name,only to localhost and the host name should be assigned to 192.168.1.1, like this:127.0.0.1 localhost.localdomain localhost192.168.1.1 test.example.com testIs there any reason why it should be one or another way?
View 6 Replies View RelatedI am having difficulty sending files from a remote machine to local one using
Code:
scp
. It is working the other way however. local > remote. I am using the verbose options
[code]....
I always use VNC to check my server for updates, and this morning I started the xvnc4viewer to vnc into my server and it keep asking for a password. I never setup a password because I do this local from my laptop, and I am the only one who uses my laptop. I had to go to my server and check the setting in System > Preferences > Remote Desktop and found them all changed. There was a password setup and there was a check mark in the you must confirm each access to this machine there some security update that changed all these setting? Sometimes when I do updates I don't know what is being changed on my server
View 9 Replies View Relatedhave fedora 10 and am having problems with ssh. For some reason I can't connect via a remote host to my ssh. Local network connections do work just fine. I have been looking for a log of what is going on but have not had luck seeing anything.Things I have tried:
-Modify hosts.allow to allow ssh to all
-generated rsa1 key identity tryed specifying that with the -i option on the guest computer
[code]...
I'm using Windows XP. I'm connecting to a UNIX box using putty SHH(ksh). Now I want to copy a text file present in remote host to my local system.
View 5 Replies View RelatedI need to delete all files inside remote directory using ssh P.S. The directory must not be deleted, so @Wes answer is not what I need. If it would be local dir, I would run "rm -rf dir/*"
View 4 Replies View RelatedI can use TeamViewer to get into this remote host. It has sshd running. I would like to ssh to it. But it gives the system's IP as 192.168.xx.yy. How do I ssh into it?
View 1 Replies View RelatedYesterday i install nagios, after that i can successfully monitor my local machine disk usage and its services, but now i want to monitor remote host, but have no idea how to do this , i also google alot but not getting resource full explanation.so please guys tell me how can i monitor the remote host using nagios..
View 54 Replies View RelatedI have a box (boell) running Fedora 10 sitting behind a firewall at school. I am able to freely ssh to and from this box to other computers (minion) within that lan. Outside of this network I cannot directly ssh to boell - I must ssh first to minion, then I can ssh to boell. I've spoken with the sysadmin and he's verified that the firewall permits ssh freely - i haven't had any issues like this with other boxes of mine there, so this isn't any surprise.
I have verified that the hosts.deny file is blank, iptables permits ports 22 (and 80) and I didn't see anything obvious in the sshd_config. I tried a tcp dump on the external host and boell while attempting to ssh from the former to boell. The packets appear to be acknowledged by boell, but this fails to lead to a connection. I've tried this process with external hosts in different locations with the same result. I have made few modifications to the default installation for F10, so perhaps there is some default somewhere I have to change. In any case, below I have attached excerpts of germane files.
======== ssh from boell =======
[root@boell log]# ssh -vvv 71.189.5.67
OpenSSH_5.1p1, OpenSSL 0.9.8g 19 Oct 2007
debug1: Reading configuration data /etc/ssh/ssh_config
[code]....