There are no benefits that I can discern for using CentOS (or RHEL) over Ubuntu if you are equally familiar with using both OSes. We use RHEL and CentOS heavily at work, and it’s just painful — we’re building custom packages left and right because the OS doesn’t come with them, and paid RedHat support … Read more
Unfortunately this in now a very common occurrence. It is an automated attack on SSH which is using ‘common’ usernames to try and break into your system. The message means exactly what it says, it does not mean that you have been hacked, just that someone tried.
Starting with version 4.9 OpenSSH (not available in centos 5.x but ChrootDirectory feature was backported) has an internal-sftp subsystem: Subsystem sftp internal-sftp And then block other uses: Match group sftponly ChrootDirectory /upload/%u X11Forwarding no AllowTcpForwarding no AllowAgentForwarding no ForceCommand internal-sftp Add your users to the sftponly group. The chroot directory must be owned by root, … Read more
Use the ntp daemon. Run yum install ntp and ensure that the service is started via ntsysv or chkconfig ntpd on. To get an immediate sync, run ntpdate time.apple.com (or something similar).
You could do that with ssh-keygen, however, remember that the private key is meant to be private to the user so you should be very careful to keep it safe- as safe as the user’s password. Or even safer, as the user is not likely to be required to change it upon first login. ssh-keygen … Read more
This could also be because of a protocol mismatch. In 2017 Microsoft patched Windows Servers and advised to disable the SMB1 protocol. From now on, mount.cifs might have problems with the protocol negotiation. The error displayed is “Host is down.”, but when you do debug with: smbclient -L <server_ip> -U <username> -d 256 you will … Read more
su – yum install gcc-c++ openssl-devel cd /usr/local/src wget http://nodejs.org/dist/node-latest.tar.gz tar zxvf node-latest.tar.gz (cd into extracted folder: ex “cd node-v0.10.3″) ./configure make make install Note that this requires Python 2.6+ to use ./configure above. You can modify the “configure” file to point to python2.7 in line 1 if necessary. To create an RPM package, you … Read more
You should use openssl s_client, and the option you are looking for is -tls1_2. An example command would be: openssl s_client -connect google.com:443 -tls1_2 If you get the certificate chain and the handshake you know the system in question supports TLS 1.2. If you see don’t see the certificate chain, and something similar to “handshake … Read more
For the distributions you mention: On CentOS 5.4 (Should be same for RHEL5) grep run-parts /etc/crontab 01 * * * * root run-parts /etc/cron.hourly 02 4 * * * root run-parts /etc/cron.daily 22 4 * * 0 root run-parts /etc/cron.weekly 42 4 1 * * root run-parts /etc/cron.monthly So cron.daily runs at 04:02am. Same on … Read more
Your hosts file does not include a valid FQDN, nor is localhost an FQDN. An FQDN must include a hostname part, as well as a domain name part. For example, the following is a valid FQDN: Choose an FQDN and include it both in your /etc/hosts file on both the IPv4 and IPv6 addresses you … Read more