Apache :: 2.4.7 Enables DH-Keys With More Than 1024 Bits?
Nov 27, 2013This Version enables DH-Keys with more than 1024 Bits and pushes the ssllabs rating for key exchange to 100%.
View 19 RepliesThis Version enables DH-Keys with more than 1024 Bits and pushes the ssllabs rating for key exchange to 100%.
View 19 RepliesI would have to assume That No shared hosting service provider would agree to provide full server administrator privileges directly to the Business's customers.
The Company In View is DiscountASP.NET.
Their Officials state that they can use the Web server's feature delegation capabilities and ASP.NET enhancements to enable customer access to key Web service parameters quickly, securely, and more cost-effectively than ever.
i have about three VPSes right now. They are all unmetered (with shared bandwidth).
I am now looking to go on a SINGLE dedicated server with 10mbps unmetered becuuse I want to reduce hassles to managing three VPSes
My peak time usage is shown by this graph ( for each VPS):
[url]
(so this multiplied by 3 is what the new server must be capable of handling)
Now, my query is that:
1. Exactly what speed bandwidth am I using accrding to that image? Is that 12megabytes per second or is that 12 megaBITS per second. Because if it is 12Megabits, then the actual bandwidth speed that I am using would be around 12/8 = 1.5MBPS. ?
2. I think your first question reply would answer this but I will still confirm: will a 10mbps unmetered server be able to handle this kind of bandwidth usage? remember that the graph is only for a single VPS. There are two more VPSes using the same bandwidth at the same time.
i'm move from vps to new vps
after moved all accounts i show error
when i tyr click in " all accounts " by whm I show evryting zero bits and Unlimited
such this pic
show this pic
[url]
I use an SSL certificate on IIS6 for Outlook web access.
I have to renew in the next few days.
Now I find that Godaddy have changed the minimum bit length from 1024 to 2048, but the Microsoft Wizard doesn't give me the chance to change the bit length when I try to generate the CSR file.
If I remove the certificate and generate a new certifcate CSR will I be OK? (I can stand a little downtime - it's a small organisation).
Do I have to get all the text the same as when I first requested the SSL certificate? Or just the URL bit?
I have a client who subscribed for a 1 Mbps dedicated line, he is getting about 900Kbps max, he insist that the datacentre is cheating on him. Datacentre reply
The bandwidth test is done remotely, which bounds to have lost of bandwidth in internet traffic to the remote site including the download test probable taking off about 100Kbps. 1mb bandwidth is base on IDC to POP
Is it reasonable to expect exactly 1024 kbps? Whats the loss to be estimated for overheads?
If you are installing ClamAV for the first time, you have to add a new user and group to your system: 3
# groupadd clamav
# useradd -g clamav -s /bin/false -c "Clam AntiVirus" clamav
Consult a system manual if your OS has not groupadd and useradd utilities. Don't forget to lock access to the account!
WARNING: Never enable the SUID or SGID bits for Clam AntiVirus binaries.
I've done the above before installing ClamAV, what do I do to lock access to the account and siable the SUID or SGID bits for Clam AntiVirus binaries?
I am trying to create an ssh key pair to allow rsync without passwrods between two debian boxes.
I have Main server which I want to push data to Backup server
I have followed the tutorial at [url]but this does not work when I ssh or rsync eaither from main server to backup server or ther other way it still requires password.
I have a problem w whm/cpanel and my server.
Im starting to use private/pub keys for ssh access, so far i can access the server via ssh w the key (ive disabled pass access in sshd_conf) but when i want to copy accounts from this server (the one w ssh key) trough the whm interface to another who hasnt key it doesnt work... am i missing something?
i have my own centos server . i want to let some of my friends to login to my box using ssh keys , so i set an authorized_keys file to have their pubic_keys.
Now , my question is how can i limit the commands they can execute?
i mean let them just only "rsync" their files from their boxes to mine , without any ability to execute any other commands or even loging to my box!
I'm having a problem with SSH keys (they don't work out of the box correct with cPanel) I bilieve the error is in my sshd_conf, but if someone could assist me with what settings that should be uncommented that would be helpful.
Anyways, just some history of what I did so far:
Generated a passphraseless key within Server(A1). Took the public key (not the private, left the privat on the server itself) and transferred it to a file authorized_keys on Server(B2).
Chmod that file to 600. Then ran the following command:
ssh -v -i /root/.ssh/authorized_keys -p 1234 root@xxx.i.p.xxx
First I still get asked for a passphrase (which is wierd since it's suppose to be passphraseless), then when I just press enter (to signify that there is no passphrase), I get the following error:
Permission denied (publickey,gssapi-with-mic).
I am currently running Cent OS 5...where do I find the directory or file to add my public key to?
View 9 Replies View RelatedI have setup a private/public key for myself so I can login to SSH with a different password now I need to setup for someone else.
Now do I put there public key in the same file as my public key on the server, or do I make a new file on the server?
How can use this feature in cpanel of my dedicated server Manage SSH Keys.
Any place where there is a small tutorial on this feature?
removing my ssh key from the server. I want to be able to login with just a password. I have to change one of my servers and I cannot do it with the keys enabled.
View 1 Replies View RelatedI had previously had this working. However, I changed the second VPS and now I can't remember how I set it up.
I will call it SourceVPS and BackupVPS.
I am trying to setup SSH keys to allow me to SCP backups from the sourceVPS to the backupVPS.
The SCP command I am trying to run on the SourceVPS is:
Code:
scp -i /root/.ssh/VPS_root_access_key -pr /root/movetest.txt root@server.BackupVPS.com:/backup/
Previously, I had the SSH keys between the SourceVPS and BackupVPS so the above command would move a file from one to the other (instead of movetest.txt, that is normally the name of the backup file being moved).
Can someone walk me through the steps for setting up the SSH keys? I am on Cpanel/WHM and Centos 4.6
A Short tutorial to use SSH keys instead of plain password to login.
1. Logon to WHM and goto Main >> Security >> Security Center
2. Under "SSH Password Auth Tweak" and disable the Password Authentication.
3. Under "Manage SSH Keys" click on Generate new key.
4. Give a Key name and Generate a good password (remember it). Choose KeyType as DSA since it's more secure than RSA.
5. Once done, you will see a pair of public private keys. Authorize the public key to connect.
6. View/Download the private key to your system. If you're using putty it can also generate in relevant format.
7. Save the key in a secure place in your local system and chmod to 600 so that no one can read it.
8. Next, connect to your server:
Code:
root@localhost ~]# ssh -i /path-to-file/file.key root@server.ip.address
It should ask for the password, if you have used in step 4.
TLDR version:
when populating and attempting to write keys to authorized_keys I'm receiving the following error:
Quote:
Could not create directory '/home/Administrator/.ssh'
Long version:
I've been grinding my wheels with this for a long time now. Basically I'm attempting to get rsync set up to backup some data directories on my Windows 2k3 Server through a batch file with task scheduler to bqbackup. I've been back and forth with both Scott and Rsync.net's tech support about this issue - both of which have been great... but essentially keep hitting the same impasse with Scott appearing to have hung his hat stating he's not familiar enough with windows and rysnc.net telling me to wait for their GUI client that should be launching "soon." In the meantime I'm just running the backup manually until I can get this key issue figured out.
Here's what's going on:
I've been mainly using BQ's Guide and Rsync's Guide to try and accomplish this.
After executing ssh-keygen -t rsa -N ''
I receive the following message:
Quote:
Generating public/private rsa key pair.
Enter file in which to save the key (/home/Administrator/.ssh/id_rsa):
If I accept the default value it gives me I receive this error:
Quote:
Could not create directory '/home/Administrator/.ssh'.
Open /home/Administrator/.ssh/id_rsa failed: Not a directory.
Saving the key failed: /home/Administrator/.ssh/id_rsa.
Now my thoughts were this was occurring because my %homepath% is actually:
Quote:
c:documents and settingsadministrator.DOMAIN
(DOMAIN replacing actual text)
I'm able to change the default path location and create the RSA file elsewhere using the cygdrive format... so when prompted for the path to save I instead input:
Quote:
/cydrive/c/docume~1/administrator.DOMAIN/
and am able to create the RSA file... so mission accomplished... so far, I believe I'm past this, the snafu is now occurring on writing these keys to the authorized_keys file on BQBackup...
Quote:
C:Program FilescwRsyncin>rsync -av "/cydrive/c/documents and
settings/administrator.DOMAIN/.ssh/id_rsa.pub"
<login>@<host>:.ssh/authorized_keys
Could not create directory '/home/Administrator/.ssh'.
The authenticity of host '<host> (<ip>)' can't be established.
RSA key fingerprint is 18:02:d9:95:06:a9:70:74:86:b7:76:41:f6:71:a0:a4.
(<login>@<host> replacing actual login & host... it's definitely connecting)
That pesky '/home/Administrator/.ssh' pops up again. I'm not sure if that's what's causing the issue or not. I'm not even sure why the %homepath% for my administrator account on the server is set to administrator.DOMAIN, but AFAIK I can't log in to a local account on a Win2k3S box, correct?
Now, you'll notice that the command I issued to upload the keys I got from the RSync.net instructions. BQ's instructions for step 3 are pretty foreign to me.
I've gone further than this and attempted other things such as SSH'ing into my BQ server using putty and attempting to write the keys that way with no luck. I can't fully remember the errors I encountered doing so, though.
in order to secure my server against instrusion, i disabled ssh root login and created a user for myself. however in order to access the user i need to enable SSH Password authentication
I dont enable password authentication all the time and i keep it disabled unless i need to do something via ssh.
Now my question will be, is there a way to keep the user i created and keep the root login disabled and password authentication disabled but use ssh keys for the user i created?
I was informed that if i opt to login to ssh via the user i created, the only way to do that is to enable password authentication as it cannot work with ssh keys. is this true?
I really hope someone can help me how to use the user i created together with ssh keys so i dont have to enable password authentication when loggin to ssh
how to set DKIM and Domain Keys on centos 5.2 with cPanel?
1. as my friend is using it for an IPB forum, some of his mails r rejected to especially
2 famous email providers, on research found, they are checking with DKIM or domain keys to verify the mails..
I came to know from some where tht domain keys aren't updated any more, so is it safe to use the last available release and is it bug free?
2. Can we add both DKIM and Domain Keys for the mails been sent on the server?
3. how to add them,
Currently I have a server that has direct root SSH access disabled (have to login as regular user then su to root), but I am currently working on setting up authentication via SSH keys, but I can't seem to get it working with direct root SSH access disabled? Is this normal, and if so is there anyway to work around it?
Basically I'd like to be able to authenticate both ways; both with SSH keys or by logging in as a regular user and su to root.
After enabling DomainKeys via 'Server-Wide Mail Settings' and 'Mail Settings for domain.com'.The DomainKeys are not generated and placed in the TXT resource records created in the domains' DNS zones.
Specs: OS: Up-to-date CentOS 7, Control Panel: Plesk 12.0.18 Update #15.
I recently migrated 50+ domains from a plesk 11.5 server to a plesk 12 server and many of the customers are not signing with domain keys anymore after the move.
Is there any way to regenerate domain keys for ALL domains?
I need to transfer plesk from current existing server to a new server. I don't need to migrate existing data. I've already installed plesk in a new server. How to retrieve the license key files. I cannot access the existing plesk panel over SSH or HTTP due to an IP blocking issue.
View 1 Replies View RelatedRecently I migrated my server from CentOs 5 to CentOS 6.4, while using the migration manager from plesk 11.0.9 (the migration was between the same plesk version).
I used rsync first, which caused some trouble, but without it, the migration process worked fine.
Unfortunately, if I create new domains now, they won't get any domainkey DNS entries anymore and under /etc/domainkeys no keys are created for the new domains.
Nothing I tried did work so far, which was resetting the DNS template, turning on and off the domainkeys setting, nor did calling "/usr/local/psa/admin/sbin/mchk --with-spam" resolve the problem.
For the existing domains, domainkeys work fine, but I can't find any errors how I can fix my plesk installation to generate domainkeys for new domains.
I have enabled DomainKeys and ticked the box "Use DomainKeys spam protection system to sign outgoing email messages" however messages sent do not have the DomainKeys signature present.
I presume they should be present for email sent with PHP, that is what i'm trying to do anyway so email's from our website do not get marked as SPAM.
The _domainkey and default._domainkey DNS entries are present.
I'm trying to migrate old server into a new server.
Both uses plesk 11.5.30 version.
I'm using the "Migration & Transfer Manager" for importing everything but it does not work. The error is
Error: launchpad error (Error code = 2):
== STDERR ====================
Unable to start SSH session: Unable to exchange encryption keys
==============================
Seems like an ssh problem but ssh from shell works fine in both directions.
I tried also to create public key and put into authorized_keys with no luck..
Recently I've tested the usage of domain keys on my plesk 12 server. The feature works without problems. I'm wondering however if it's possible to activate the domain keys by a service plan or subscription model. If not, for all my domains (65) I've to activate them manually and for each domain iIll create in the future I have to activate it too.
View 6 Replies View RelatedMy server has plesk 12 with Ubuntu.The problem I have is that the messages go with a valid domain keys signature, but without the DKIM signature.I'm not using opendkim.
View 1 Replies View Related