Centos 7 yum -y install epel-release yum -y groupinstall “GNOME Desktop” yum -y install xrdp xorg-x11-xinit firewall-cmd –permanent –zone=public –add-port=3389/tcp firewall-cmd –reload systemctl start xrdp.service systemctl enable xrdp.service Centos 6 rpm -Uvh http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm wget -O epel6.key.txt ‘http://keys.gnupg.net:11371/pks/lookup?search=0x0608B895&op=get’ rpm –import epel6.key.txt … Continue reading →
Revised: How to migrate a kvm guest from one host to another. These instructions are for moving a guest machine from one host to another host where the storage is on the host (instead of external storage that can be … Continue reading →
You go to ssh to a system and you get the following message @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ @ WARNING: POSSIBLE DNS SPOOFING DETECTED! @ @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@ The ECDSA host key for server.domain.com has changed, and the key for the corresponding IP address 10.128.15.2 is … Continue reading →
I have found the following two sites helpful in finding issues with the configuration of SSL secured web sites https://ssltools.digicert.com/checker/ https://www.ssllabs.com/ssltest/analyze.html Test which ciphers (TLS, SSL, etc) are enabled nmap -sV –script ssl-enum-ciphers -p 443 www.yourdomain.com Ref: https://nmap.org/nsedoc/scripts/ssl-enum-ciphers.html
Continue reading →Running ssh across a vpn connection I started having my ssh sessions fail to connect. After starting ssh with the “-vvv” option, the session would timeout after getting a debug1: expecting SSH2_MSG_KEX_ECDH_REPLY After doing some research, I found other people … Continue reading →
Fix your logon prompt for when you are on the console of your Linux server (Centos 6 runlevel 3 or Centos 7 multi-user.target) so that it displays your current ip address Edit /etc/rc.d/rc.local and add the following lines to the end … Continue reading →
A quick synopsis on setting up a Cisco ASA and a Centos 6 or 7 system to use SNMP v3 to be monitored by Cacti Cisco ASA en conf t # create a snmp-server group (needed for SNMP v3) # … Continue reading →
To make sure VSFTPD plays nicely with IPTABLES Make sure the following is set in /etc/vsftpd/vsftpd.conf # Turn on SSL ssl_enable=no # Allow anonymous users to use secured SSL connections allow_anon_ssl=NO # All non-anonymous logins are forced to use a … Continue reading →
Centos 7 Enable yum repository by logging in as root at a bash prompt, then cut/copy/paste the following: cat << EOF > /etc/yum.repos.d/google-chrome.repo [google-chrome] name=google-chrome – $basearch baseurl=http://dl.google.com/linux/chrome/rpm/stable/$basearch enabled=1 gpgcheck=1 gpgkey=https://dl-ssl.google.com/linux/linux_signing_key.pub EOF You will see the following [root@mycomputer ~]# cat … Continue reading →
I changed the port for sshd on my servers to reduce the number of attacks against the sshd server. In the following example, I am changing the port from the default of 22 to 43231 First – backup your sshd_config … Continue reading →