ssh-agent and a server
woensdag, 28 november 2007

My backupserver runs linux on it. When it's backup-time it looks through some bunch of config files and logs in to the appropriate servers. The server does this with some ssh-keys ofcourse. But... then it broke... ssh-agent would not run anymore (automatically) and the server didn't backup anymore. That's why I installed: libpam-ssh

Magnificent. When you login it makes sure ssh-agent is started and it asks you for your password. Now my server can backup it thing automatically again.

On my desktop it did not have to install this package. Why? Because ssh-agent gets started when X gets loaded. (Or something like that). So on a server without X (99.9%) it makes sense to install libpam-ssh. 
 
A lot of bugs in the new Gutsy Gibbon
woensdag, 31 oktober 2007

There are a lot of bugs in the new Ubuntu Gutsy gibbon. For example:  

https://bugs.launchpad.net/ubuntu/+source/gnome-power-manager/+bug/41994

I encoutered on my laptop. But also my server-install of Ubuntu encoutered some bugs.Even one in the apache2 package! And one in the firehol package that was open since Feisty Fawn. So my verdict: some nice new features, but more new bugs.

I know, I'm nog upgrading my live serverto Gutsy.

 
Gutsy, apache2 and auth_pam
zondag, 28 oktober 2007

In installed libapache2-mod-auth-pam and enabled it:

  #Requires mod_auth_pam
  <IfModule mod_auth_pam.c>
    AuthPAM_Enabled on
    AuthType Basic
    AuthName "Subversion Repository"
  </IfModule>

  #SSLRequireSSL
  #Require group subversion

  <IfModule mod_auth_basic.c>
    AuthBasicAuthoritative Off 
  </IfModule>

But it didn't work. I got this error messages:

[error] [client 83.119.XX.XXX] PAM: user 'leon' - not authenticated: Authentication failure
apache2: pam_unix(apache2:auth): authentication failure; logname= uid=33 euid=33 tty= ruser= rhost=83.119.XX.XXX user=XXXX 

I turned out, apache couldn't read /etc/shadow. So I added the www-data user to the shadow-group. Rebooted apache2 and voila: it worked. 
 
Addition to ssh keys
donderdag, 04 oktober 2007

Don't forget to run:

ssh-add

I forget to mention it in my previous blog about ssh. 
 
Installing winbind
woensdag, 03 oktober 2007

I you install winbind, don't forget to edit /etc/nsswitch.conf:

hosts:          files mdns4_minimal [NOTFOUND=return] dns mdns4 

to

hosts:          files mdns4_minimal [NOTFOUND=return] wins dns mdns4 
 
More...