|
my balls hurt
|
# ? Feb 1, 2015 08:50 |
|
|
# ? May 17, 2024 09:05 |
Flat Daddy posted:my balls hurt
|
|
# ? Feb 1, 2015 09:03 |
|
kalstrams posted:if i need vps to host a website with small tool, i take i have no reasons to looks past amazon's ec2 or whatever was it called, right? you could also use heroku
|
# ? Feb 1, 2015 09:44 |
|
lithium hosting is pretty good, they had some good goon only deal dunno if they do anymore
|
# ? Feb 1, 2015 10:04 |
|
saucepanman posted:lithium hosting is pretty good, they had some good goon only deal dunno if they do anymore they still do the discounts yeah, you go to their SAMart page and use the link lithium are good
|
# ? Feb 2, 2015 19:19 |
|
i have 2 identical disks connected to a mac, one is failing so i want to clone it to the other one. whats the best way to do this (the failing disk is ntfs, both are 1.5 tb) i was thinking about using dd but i dont really know how to use it without it taking absolutely forever
|
# ? Feb 6, 2015 03:39 |
|
also after reading a bit about dd it looks like this should do what i want? dd if=/dev/rdisk2 of=/dev/rdisk3 bs=8m conv=noerror,sync i dont really care about the data on the target disk (its ancient backups from leopard lol) so i'm going to try that but if someone has a better idea i'll stop it and do whatever e: to be completely clear i dont really care about the data on the dying disk either, its just my windows install. i'd just rather not have to reinstall everything on a new disk Beeftweeter fucked around with this message at 03:53 on Feb 6, 2015 |
# ? Feb 6, 2015 03:43 |
|
ya dd is good for that
|
# ? Feb 6, 2015 09:20 |
|
looks like there is a mac version of ddrescue, which is designed such that it will retry bad sectors n times or until it gets a good read. takes awhile longer, but might get a better copy of your data. that said, there are like 3 versions of ddrescue and im not sure which version this is a port of. ive used gddrescue (gnu ddrescue) in the past with success off a linux live environment
|
# ? Feb 6, 2015 09:37 |
is there some simple trink to convince yum on my centos 7 to do a favour for me? i have a package that by default installs to code:
code:
|
|
# ? Feb 6, 2015 12:34 |
|
kalstrams posted:is there some simple trink to convince yum on my centos 7 to do a favour for me? Install it in the regular location then symlink the dir there. Better even is to use the config file it probably drops in /etc/httpd/sites-available. This is the intended way of doing things.
|
# ? Feb 6, 2015 12:55 |
spankmeister posted:Install it in the regular location then symlink the dir there. thanks for advice, made it work through nginx virtual host file
|
|
# ? Feb 6, 2015 13:47 |
|
Raluek posted:looks like there is a mac version of ddrescue, which is designed such that it will retry bad sectors n times or until it gets a good read. takes awhile longer, but might get a better copy of your data. that said, there are like 3 versions of ddrescue and im not sure which version this is a port of. ive used gddrescue (gnu ddrescue) in the past with success off a linux live environment if i decide to redo it i'll try this but it took about 15 hours using the command i posted before lol it looks like it worked (even though it was clicking 98% of the time it was copying) although strangely the disk isnt bootable. i'll have to dig out a windows dvd to test it
|
# ? Feb 6, 2015 18:14 |
|
also lolcode:
Beeftweeter fucked around with this message at 18:50 on Feb 6, 2015 |
# ? Feb 6, 2015 18:30 |
|
Beeftweeter posted:also lol
|
# ? Feb 6, 2015 18:44 |
|
anthonypants posted:your Raw_Read_Error_Rate is a POSR his "high fly" writes are a rock lol
|
# ? Feb 6, 2015 18:46 |
ERR_CONNECTION_RESET if use openssl with nginx, any ideas? this is how my virtual host file lookscode:
code:
cinci zoo sniper fucked around with this message at 00:40 on Feb 7, 2015 |
|
# ? Feb 7, 2015 00:16 |
|
something's jacked with your cert maybe
|
# ? Feb 7, 2015 01:00 |
|
kalstrams posted:ERR_CONNECTION_RESET if use openssl with nginx, any ideas? this is how my virtual host file looks you can't just offer those 2 ciphers, the TLS spec requires some algo's to be turned on in order for it to be in spec and handshake correctly. I don't know offhand but i'd say the problem is your ciphersuite
|
# ? Feb 7, 2015 01:03 |
uncurable mlady posted:something's jacked with your cert maybe code:
e: seems like broken version, assuming this is not ubungu specific in that case, i need to upgraade which brings me to centos repos, ugh e2: oh, just noticed spankmeister posted:you can't just offer those 2 ciphers, the TLS spec requires some algo's to be turned on in order for it to be in spec and handshake correctly. I don't know offhand but i'd say the problem is your ciphersuite alright, ill check that out too cinci zoo sniper fucked around with this message at 01:47 on Feb 7, 2015 |
|
# ? Feb 7, 2015 01:07 |
|
b/c i am a computer janitor ive done probably 500 centos install / troubleshoots, if u need help or whatever
|
# ? Feb 7, 2015 01:49 |
idk i went on to post on serverfault since ive been busy with this crap for some 8 hours already, maybe, and im running out of ideas that would be near what little competence i pretend to have
|
|
# ? Feb 7, 2015 03:12 |
|
what happens when you just, on the command line, do an "openssl ciphers" and see what you've got? does what's in your list in the config match with entries there? do you have any logs from the server side that detail the hits that are causing the error?
|
# ? Feb 7, 2015 03:14 |
Sniep posted:what happens when you just, on the command line, do an "openssl ciphers" and see what you've got? sudo openssl ciphers posted:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-DSS-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA256:DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:DHE-RSA-CAMELLIA256-SHA:DHE-DSS-CAMELLIA256-SHA:ECDH-RSA-AES256-GCM-SHA384:ECDH-ECDSA-AES256-GCM-SHA384:ECDH-RSA-AES256-SHA384:ECDH-ECDSA-AES256-SHA384:ECDH-RSA-AES256-SHA:ECDH-ECDSA-AES256-SHA:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:CAMELLIA256-SHA:PSK-AES256-CBC-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:DHE-DSS-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-DSS-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:DHE-RSA-SEED-SHA:DHE-DSS-SEED-SHA:DHE-RSA-CAMELLIA128-SHA:DHE-DSS-CAMELLIA128-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:ECDH-RSA-AES128-GCM-SHA256:ECDH-ECDSA-AES128-GCM-SHA256:ECDH-RSA-AES128-SHA256:ECDH-ECDSA-AES128-SHA256:ECDH-RSA-AES128-SHA:ECDH-ECDSA-AES128-SHA:ECDH-RSA-DES-CBC3-SHA:ECDH-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:SEED-SHA:CAMELLIA128-SHA:DES-CBC3-SHA:IDEA-CBC-SHA:PSK-AES128-CBC-SHA:PSK-3DES-EDE-CBC-SHA:KRB5-IDEA-CBC-SHA:KRB5-DES-CBC3-SHA:KRB5-IDEA-CBC-MD5:KRB5-DES-CBC3-MD5:ECDHE-RSA-RC4-SHA:ECDHE-ECDSA-RC4-SHA:ECDH-RSA-RC4-SHA:ECDH-ECDSA-RC4-SHA:RC4-SHA:RC4-MD5:PSK-RC4-SHA:KRB5-RC4-SHA:KRB5-RC4-MD5 code:
|
|
# ? Feb 7, 2015 03:16 |
Sniep posted:do you have any logs from the server side that detail the hits that are causing the error? quote:2015/02/07 03:18:34 [error] 27951#0: *17 no "ssl_certificate" is defined in server listening on SSL port while SSL handshaking, client: my.computers.ip.address, server: 0.0.0.0:443 e: wtf quote:2015/02/07 00:33:08 [error] 25969#0: *39 open() "/usr/share/nginx/html/ljlj/ljl/lj.php" failed (2: No such file or directory), client: bad.dude.ip.2, server: localhost, request: "GET /ljlj/ljl/lj.php HTTP/1.1", host: "my.server" cinci zoo sniper fucked around with this message at 03:24 on Feb 7, 2015 |
|
# ? Feb 7, 2015 03:20 |
|
post "/path/certificate.pem" that you ref in the link you posted (not the private key dont be a dummy) e: or just send me a message here with it if you dont want everyone to be able to see the subject material (CN) or SANs if applicable
|
# ? Feb 7, 2015 03:27 |
it's a dummy cert i generated to sort stuff out before i get into getting decent certquote:-----BEGIN CERTIFICATE-----
|
|
# ? Feb 7, 2015 03:29 |
|
k the cert looks fine. does the CN match the hostname youre trying to access this via? i still lean ciphers since none show up when you did the s_client against it. are you testing from localhost? are you certain the openssl ciphers on your test platform support what you have nginx limited down to? (extremely limited down to?) i mean i run apache, so the formatting is a little different but here's my personal cipher list: SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH EDH+aRSA ECDH+3DES DH+3DES RSA+3DES !EECDH+aRSA+RC4 !RC4 !aNULL !eNULL !LOW !MD5 !EXP !PSK !SRP !DSS"
|
# ? Feb 7, 2015 03:33 |
|
which is pretty sloppy now that i look at it, but regardless, i have a few in there for compatibility, not just the limited ones you specified
|
# ? Feb 7, 2015 03:35 |
i have also tried this onequote:ssl_ciphers "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4"; cn is example.com, hostname is test.example.com - is that fine or should i remake cert for test.example.com?
|
|
# ? Feb 7, 2015 03:41 |
|
upgrade to windows and IIS. it just works.
|
# ? Feb 7, 2015 03:42 |
|
kalstrams posted:i have also tried this one if the cn was *.example.com then test.example.com would work but if its just example.com then no. Either way the server shouldn't give a poo poo about the cn, only the client will complain.
|
# ? Feb 7, 2015 03:43 |
|
kalstrams posted:i have also tried this one that's not what you posted above when you pasted in the certificate pem but swr you need it to be a wildcard if you are using a subdomain off of it (or at least SAN in the specific subdomain) Sniep fucked around with this message at 03:47 on Feb 7, 2015 |
# ? Feb 7, 2015 03:44 |
|
Shaggar posted:if the cn was *.example.com then test.example.com would work but if its just example.com then no. Either way the server shouldn't give a poo poo about the cn, only the client will complain. yeah chasing the CN isn't fruitful, but its just another thing that doesnt line up either way it fails to handshake and i still wonder what client he is using to do the s_client with and if it supports his fancy ciphers, or if nginx itself isnt properly listening
|
# ? Feb 7, 2015 03:46 |
Sniep posted:that's not what you posted above when you pasted in the certificate pem
|
|
# ? Feb 7, 2015 03:50 |
|
idk nginx but try removing everything but the bare minimum ssl config and see if it works. also make sure w/e user nginx is running as can access your key (both file permissions + password if it has one)
|
# ? Feb 7, 2015 03:52 |
Sniep posted:either way it fails to handshake and i still wonder what client he is using to do the s_client with and if it supports his fancy ciphers, or if nginx itself isnt properly listening
|
|
# ? Feb 7, 2015 03:52 |
|
oh yea didnt think bout that, did you password the key and is nginx able to unencrypt it? i mean drat man you gotta have some sort of logs of the ssl part bitching somewhere, im just not that familiar with nginx logs
|
# ? Feb 7, 2015 03:53 |
|
i mean you posted this: 2015/02/07 03:18:34 [error] 27951#0: *17 no "ssl_certificate" is defined in server listening on SSL port while SSL handshaking, client: my.computers.ip.address, server: 0.0.0.0:443 so, i'd probably head that direction first? is the test.blah.conf being included correctly? it seems like it might not even be fired up, the fundamental issue first is that ssl wont even handshake so to figure out why its not running...
|
# ? Feb 7, 2015 03:55 |
|
|
# ? May 17, 2024 09:05 |
|
like u could have setup an entire IIS cluster in the time it took for me to post this
|
# ? Feb 7, 2015 03:56 |