Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Topics - erotavlas

Pages: [1]
1
Installation and Upgrades / [SOLVED] Zentyal: how to configure SSH
« on: November 21, 2020, 12:13:44 pm »
Hi,
I can connect to my server via ssh, but I cannot figure out where are stored authorized_keys on zentyal since that path .ssh is empty.

Code: [Select]
cat /etc/ssh/ssh_config

# This is the ssh client system-wide configuration file.  See
# ssh_config(5) for more information.  This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.

# Configuration data is parsed as follows:
#  1. command line options
#  2. user-specific file
#  3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.

# Site-wide defaults for some commonly used options.  For a comprehensive
# list of available options, their meanings and defaults, please see the
# ssh_config(5) man page.

Host *
#   ForwardAgent no
#   ForwardX11 no
#   ForwardX11Trusted yes
#   PasswordAuthentication yes
#   HostbasedAuthentication no
#   GSSAPIAuthentication no
#   GSSAPIDelegateCredentials no
#   GSSAPIKeyExchange no
#   GSSAPITrustDNS no
#   BatchMode no
#   CheckHostIP yes
#   AddressFamily any
#   ConnectTimeout 0
#   StrictHostKeyChecking ask
#   IdentityFile ~/.ssh/id_rsa
#   IdentityFile ~/.ssh/id_dsa
#   IdentityFile ~/.ssh/id_ecdsa
#   IdentityFile ~/.ssh/id_ed25519
#   Port 22
#   Protocol 2
#   Ciphers aes128-ctr,aes192-ctr,aes256-ctr,aes128-cbc,3des-cbc
#   MACs hmac-md5,hmac-sha1,umac-64@openssh.com
#   EscapeChar ~
#   Tunnel no
#   TunnelDevice any:any
#   PermitLocalCommand no
#   VisualHostKey no
#   ProxyCommand ssh -q -W %h:%p gateway.example.com
#   RekeyLimit 1G 1h
    SendEnv LANG LC_*
    HashKnownHosts yes
    GSSAPIAuthentication yes


Code: [Select]
ssh -v localhost
OpenSSH_7.6p1 Ubuntu-4ubuntu0.3, OpenSSL 1.0.2n  7 Dec 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to localhost [127.0.0.1] port 22.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file /home/user/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/user/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/user/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/user/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/user/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/user/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/user/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/user/.ssh/id_ed25519-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
debug1: Remote protocol version 2.0, remote software version OpenSSH_7.6p1 Ubuntu-4ubuntu0.3
debug1: match: OpenSSH_7.6p1 Ubuntu-4ubuntu0.3 pat OpenSSH* compat 0x04000000
debug1: Authenticating to localhost:22 as 'user'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ecdsa-sha2-nistp256
debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ecdsa-sha2-nistp256 SHA256:V4QUdu3fcXzBQ7e3LLhTozJ8kLqiYv8EwGzGQmyv3kI
The authenticity of host 'localhost (127.0.0.1)' can't be established.
ECDSA key fingerprint is SHA256:V4QUdu3fcXzBQ7e3LLhTozJ8kLqiYv8EwGzGQmyv3kI.
Are you sure you want to continue connecting (yes/no)? no

Thank you

2
Hi,
I have a problem with zentyal community edition 6.1. I have clamAV that can be reached by the other processes via unix socket domain (/var/run/clamav/clamd.ctl). ClamAV works well for a while, then the file clamd.ctl disappears from the previous path and I need to manually create it or to restart the system. After boot, the file is automatically created.
I already tried with sudo apt-get install clamav-daemon.

This is my file /etc/clamav/clamd.conf
Code: [Select]
LocalSocket /var/run/clamav/clamd.ctl
FixStaleSocket true
# TemporaryDirectory is not set to its default /tmp here to make overriding
# the default with environment variables TMPDIR/TMP/TEMP possible
User root
ScanMail true
ScanArchive true
ArchiveBlockEncrypted false
MaxDirectoryRecursion 15
FollowDirectorySymlinks false
FollowFileSymlinks false
ReadTimeout 180
MaxThreads 12
MaxConnectionQueueLength 15
StreamMaxLength 10M
LogFileMaxSize 0
LogSyslog false
LogFacility LOG_LOCAL6

This is a script run with crontab

Code: [Select]
#!/bin/bash

# update
#freshclam

FILETODOWNLOAD="main.cvd daily.cvd bytecode.cvd";

for F in ${FILETODOWNLOAD}; do
 sudo rm -f /var/lib/clamav/$F
 wget http://database.clamav.net/$F -P /var/lib/clamav
 sudo chown clamav:clamav /var/lib/clamav/$F
 sudo chmod 644 /var/lib/clamav/$F
done

# scan
LOGFILE="/var/log/clamav/clamav-$(date +'%Y-%m-%d').log";
#EMAIL_MSG="Please see the log file attached.";
#EMAIL_FROM="clamav-daily@domain";
#EMAIL_TO="webmaster@domain";
DIRTOSCAN="/var/www /home/master/";

for D in ${DIRTOSCAN}; do
 DIRSIZE=$(du -sh "$D" 2>/dev/null | cut -f1);

 echo "Starting a daily scan of "$D" directory.
 Amount of data to be scanned is "$DIRSIZE".";

 clamscan -ri "$D" >> "$LOGFILE";

 # get the value of "Infected lines"
 MALWARE=$(tail "$LOGFILE"|grep Infected|cut -d" " -f3);
done

Any idea?

3
Installation and Upgrades / Clamav does not update
« on: September 18, 2019, 06:54:36 pm »
Hi,
I'm using zentyal 6.0.1 (ubuntu 18.04.3) and I installed clamav (0.100.3+dfsg-0ubuntu0.18.04.1) and clamtk (5.25-1), but I'm not able to update the clamav signature with freshclam as usual.
Code: [Select]
Wed Sep 18 18:46:20 2019 -> ClamAV update process started at Wed Sep 18 18:46:20 2019
Wed Sep 18 18:46:20 2019 -> ^Your ClamAV installation is OUTDATED!
Wed Sep 18 18:46:20 2019 -> ^Local version: 0.100.3 Recommended version: 0.101.4
Wed Sep 18 18:46:20 2019 -> DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
Wed Sep 18 18:46:20 2019 -> main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
Wed Sep 18 18:46:25 2019 -> ^getfile: daily-25478.cdiff not found on db.local.clamav.net (IP: 104.16.219.84)
Wed Sep 18 18:46:25 2019 -> ^getpatch: Can't download daily-25478.cdiff from db.local.clamav.net
Wed Sep 18 18:46:25 2019 -> *Can't query daily.25478.93.0.0.6810DB54.ping.clamav.net
Wed Sep 18 18:46:26 2019 -> ^getfile: daily-25478.cdiff not found on db.local.clamav.net (IP: 104.16.218.84)
Wed Sep 18 18:46:26 2019 -> ^getpatch: Can't download daily-25478.cdiff from db.local.clamav.net
Wed Sep 18 18:46:26 2019 -> *Can't query daily.25478.93.0.0.6810DA54.ping.clamav.net
Wed Sep 18 18:46:26 2019 -> ^getpatch: Can't download daily-25478.cdiff from db.local.clamav.net
Wed Sep 18 18:46:27 2019 -> ^getpatch: Can't download daily-25478.cdiff from db.local.clamav.net
Wed Sep 18 18:46:27 2019 -> ^getpatch: Can't download daily-25478.cdiff from db.local.clamav.net
Wed Sep 18 18:46:27 2019 -> ^Incremental update failed, trying to download daily.cvd
Wed Sep 18 18:47:42 2019 -> nonblock_recv: recv timing out (30 secs)
Wed Sep 18 18:47:42 2019 -> ^getfile: Download interrupted: Operation now in progress (IP: 104.16.219.84)
Wed Sep 18 18:47:42 2019 -> ^Can't download daily.cvd from db.local.clamav.net
Wed Sep 18 18:47:42 2019 -> *Can't query daily.0.93.0.0.6810DB54.ping.clamav.net
Wed Sep 18 18:47:42 2019 -> Trying again in 5 secs...
Wed Sep 18 18:47:47 2019 -> ClamAV update process started at Wed Sep 18 18:47:47 2019
Wed Sep 18 18:47:48 2019 -> ^Your ClamAV installation is OUTDATED!
Wed Sep 18 18:47:48 2019 -> ^Local version: 0.100.3 Recommended version: 0.101.4
Wed Sep 18 18:47:48 2019 -> DON'T PANIC! Read https://www.clamav.net/documents/upgrading-clamav
Wed Sep 18 18:47:48 2019 -> main.cvd is up to date (version: 58, sigs: 4566249, f-level: 60, builder: sigmgr)
Wed Sep 18 18:47:51 2019 -> ^getfile: daily-25478.cdiff not found on db.local.clamav.net (IP: 104.16.218.84)
Wed Sep 18 18:47:51 2019 -> ^getpatch: Can't download daily-25478.cdiff from db.local.clamav.net
Wed Sep 18 18:47:51 2019 -> *Can't query daily.25478.93.0.0.6810DA54.ping.clamav.net
Wed Sep 18 18:47:51 2019 -> ^getpatch: Can't download daily-25478.cdiff from db.local.clamav.net
Wed Sep 18 18:47:52 2019 -> ^getpatch: Can't download daily-25478.cdiff from db.local.clamav.net
Wed Sep 18 18:47:52 2019 -> ^getpatch: Can't download daily-25478.cdiff from db.local.clamav.net
Wed Sep 18 18:47:52 2019 -> ^getpatch: Can't download daily-25478.cdiff from db.local.clamav.net
Wed Sep 18 18:47:52 2019 -> ^Incremental update failed, trying to download daily.cvd
Downloading daily.cvd [100%]

The process is repeated many times without success. I can only update the signature manually by downloading them from clamav Web site via wget (the same url present in /etc/clamav/freshclam).
I tried with a fresh install of zentyal 6.0.1 and the behaviour is the same. All works well under ubuntu 18.04.3 64 bit.
Moreover, the freshclam service does not start:
Code: [Select]
sudo systemctl status clamav-freshclam
● clamav-freshclam.service - ClamAV virus database updater
   Loaded: loaded (/lib/systemd/system/clamav-freshclam.service; disabled; vendo
   Active: inactive (dead)
     Docs: man:freshclam(1)
           man:freshclam.conf(5)
           https://www.clamav.net/documents
lines 1-6/6 (END)...skipping...

Any idea about this? Could be a bug?
Thank you in advance

4
Hi,
I have an old installation of zentyal 3.4. I'm analysing https://wiki.zentyal.org/wiki/Updating_your_Zentyal_Server how to manage it and at the same time I'm testing the latest release 6.0. I would like to know if it is advised and possible to perform several upgrade from 3.4 up to 6.0. Moreover, can I just install the latest release 6.0 and import the backup from 3.4 (I do not think so)?
Thank you

5
Hi,
I discovered that starting from Zentyal 4.0, the GUI manager does not provide Web server feature. I know how to setup an apache Web server with virtual hosting in order to have more Web sites. Can I change the apache Web server configuration files without worrying about Zentyal strange behaviour? I mean, could Zentyal change some configuration files by itself? I'm asking this because I found some particular/strange behaviour of Zentyal compared to standard ubuntu server regarding mySQL configuration.
Thank you

6
Hi,
I recently discovered zentyal. I'm trying it for my main server and I would like to install moodle 3.7 e-learning. I'm having an issue with mySQL root password. I already read https://forum.zentyal.org/index.php?topic=30806.0 about how to find the mySQL zentyal user password. However, I'm not able to create new user nor viewing the current users:
Code: [Select]
select * from mysql.user;How can I add a root user? I tried the standard command https://dev.mysql.com/doc/refman/8.0/en/creating-accounts.html but it does not work for insufficient privilege.
Zentyal is based on ubuntu server, however the behaviour in this situation is quite different. Do you have any suggestion?
Thank you

Pages: [1]