write:errno=104 / New, (NONE), Cipher is (NONE)

So if you’re having some issues with SSL connections, it’s higly likely you’re experiencing them from client version openssl 1.0.2. the fix is below and i can confirm it works on both openssl 1.0.1 and 1.0.2.

openssl s_client -connect yourdomain.com:5671 -showcerts
CONNECTED(00000003)
write:errno=104

no peer certificate available

No client certificate CA names sent

SSL handshake has read 0 bytes and written 305 bytes

New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
SSL-Session:
Protocol : TLSv1.2
Cipher : 0000
Session-ID:
Session-ID-ctx:
Master-Key:
Key-Arg : None
PSK identity: None
PSK identity hint: None
SRP username: None
Start Time: 1484575655
Timeout : 300 (sec)
Verify return code: 0 (ok)

openssl s_client \

-cipher RSA \

-connect mydomain.com:5671 \

-servername mydomain.com \

-cert client/cert.pem \

-key client/key.pem \

-CAfile testca/cacert.pem \

-tls1_2

Enjoy!

How to install Node.js on Ubuntu/CentOS

If you want to easy install Node.js on Ubuntu or RHEL – based systems such as CentOS, I’m just gonna point you towards Nodesource. It’s the easiest thing to do since sliced bread.

However, if you’re into more heavy development and you would like an RVM-like setup, you can try NVM. You will be able to run multiple Node.js versions side by side and more granular control.

Enjoy!

Changing SSH port in CentOS with SELinux enabled

So, you wanted to change the ssh port, but when you restart sshd : “systemctl restart sshd” – it doesn’t wanna come up due to selinux not allowing it:

Apr 26 12:31:21 ip-10-0-0-169 systemd[1]: Starting OpenSSH server daemon…
— Subject: Unit sshd.service has begun start-up
— Defined-By: systemd
— Support: http://lists.freedesktop.org/mailman/listinfo/systemd-devel

— Unit sshd.service has begun starting up.
Apr 26 12:31:21 ip-10-0-0-169 polkitd[13985]: Unregistered Authentication Agent for unix-process:14017:9027294 (system bus name :1.65, object path /org/freedesktop/PolicyKit1/AuthenticationAgent, locale en_US.UTF-8) (disconnected from bu
Apr 26 12:31:21 ip-10-0-0-169 sshd[14022]: error: Bind to port 25252 on 0.0.0.0 failed: Permission denied.
Apr 26 12:31:21 ip-10-0-0-169 sshd[14022]: error: Bind to port 25252 on :: failed: Permission denied.
Apr 26 12:31:21 ip-10-0-0-169 sshd[14022]: fatal: Cannot bind any address.
Apr 26 12:31:21 ip-10-0-0-169 systemd[1]: sshd.service: main process exited, code=exited, status=255/n/a
Apr 26 12:31:21 ip-10-0-0-169 systemd[1]: Unit sshd.service entered failed state.
Apr 26 12:31:21 ip-10-0-0-169 systemd[1]: sshd.service failed.

Enter semanage:

[root@ip-10-0-0-169 log]# semanage port -l | grep ssh
ssh_port_t tcp 22
[root@ip-10-0-0-169 log]# semanage port -a -t ssh_port_t -p tcp 25252

(this command will take a while to complete, so just let it be)

restart sshd: systemctl restart sshd 

voila! it’s alive!

— Unit sshd.service has begun starting up.

CentOS wifi howto setup

Hi,

So here are the instructions for getting the wifi rolling:
——————————————
yum -y install wireless-tools wpa_supplicant dbus
——————————————
ifconfig wlan0 up
iwlist wlan0 scan

record the channel number
ifconfig wlan0 down
——————————————
create /etc/sysconfig/network-scripts/ifcfg-wlan0 with the contents below and the instructions mentioned below:

DEVICE=wlan0
HWADDR=<your-mac-address>
TYPE=Wireless
UUID=<an-optional-uuid> #generate one with uuidgen
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=dhcp
PEERDNS=yes
USERCTL=yes
NETWORKING_IPV6=no
ESSID=<your-ssid> # you should either know this or take it from the iwlist wlan0 scan
CHANNEL=<ssid-channel> #the channel you got from when you ran iwlist wlan0 scan
MODE=Managed
RATE=Auto
——————————————
chkconfig NetworkManager off
——————————————
edit /etc/sysconfig/wpa_supplicant and add the wlan name: INTERFACES=”-iwlan0″
——————————————
load the encrypted passphrase in the supplicant
wpa_passphrase <ssid> <passphrase> >> /etc/wpa_supplicant/wpa_supplicant.conf
——————————————
chkconfig messagebus on
chkconfig wpa_supplicant on
——————————————
If the wireless is the only active option, edit /etc/sysconfig/network-scripts – the configs for ifcfg-eth0 and 1 and set onboot to no, so that the route goes over wifi.
——————————————
reboot

Everything should be good to go.

Install and configure Pure-FTPd with multiple users on CentOS 6

So, let’s say you want to do FTP virtual users on CentOS 6. Here’s a quick how-to:

yum install pure-ftpd

Edit: /etc/pure-ftpd/pure-ftpd.conf and make the following changes:

-PAMAuthentication yes

+#PAMAuthentication yes

-#PureDB /etc/pure-ftpd/pureftpd.pdb

+PureDB /etc/pure-ftpd/pureftpd.pdb

Turn the daemon on:

chkconfig pure-ftpd on

service pure-ftpd restart

Let’s add the first users then ?

pure-pw useradd $USERNAME -u $USER -g $GROUP -d /path/to/ftp/directory
$USERNAME = FTP username
$USER = System username – the username which will own the files/folders created by the virtual FTP users
$GROUP = System groupname – the groupname which will own the files/folders created by the virtual FTP users
/path/to/ftp/directory = Directory location for the FTP to jail to (such as /var/www/htdocs/)

Restart the FTP server for the new users to take effect :

pure-pw mkdb

service pure-ftpd restart

Great ! Now you can login with your brand new created virtual FTP users on Pure-FTPD – CentOS6

Enjoy!

RVM How To

This is the easiest stuff ever:

curl -sSL https://get.rvm.io | bash

[root@SG2 ~]# rvm install 1.9.3

Searching for binary rubies, this might take some time.
Found remote file https://rvm.io/binaries/centos/5/x86_64/ruby-1.9.3-p484.tar.bz2
Checking requirements for centos.
Installing requirements for centos.
Updating system.
Installing required packages: libyaml-devel, libffi-devel………
Requirements installation successful.
ruby-1.9.3-p484 – #configure
ruby-1.9.3-p484 – #download
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 10.3M 100 10.3M 0 0 3253k 0 0:00:03 0:00:03 –:–:– 3320k
ruby-1.9.3-p484 – #validate archive
ruby-1.9.3-p484 – #extract
ruby-1.9.3-p484 – #validate binary
ruby-1.9.3-p484 – #setup
ruby-1.9.3-p484 – #making binaries executable.
ruby-1.9.3-p484 – #downloading rubygems-2.2.2
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 404k 100 404k 0 0 2886k 0 –:–:– –:–:– –:–:– 9.8M
No checksum for downloaded archive, recording checksum in user configuration.
ruby-1.9.3-p484 – #extracting rubygems-2.2.2.
ruby-1.9.3-p484 – #removing old rubygems.
ruby-1.9.3-p484 – #installing rubygems-2.2.2……………
ruby-1.9.3-p484 – #gemset created /usr/local/rvm/gems/ruby-1.9.3-p484@global
ruby-1.9.3-p484 – #importing gemset /usr/local/rvm/gemsets/global.gems..
ruby-1.9.3-p484 – #generating global wrappers.
ruby-1.9.3-p484 – #gemset created /usr/local/rvm/gems/ruby-1.9.3-p484
ruby-1.9.3-p484 – #importing gemsetfile /usr/local/rvm/gemsets/default.gems evaluated to empty gem list
ruby-1.9.3-p484 – #generating default wrappers.
[root@SG2 ~]# ruby -v
ruby 1.9.3p484 (2013-11-22 revision 43786) [x86_64-linux]

RVM style multiple Python versions on the same server – Centos5

Hi, so i need to setup some services that use Python 2.7.6, however, since i am using the same Centos5.10 machines that i can’t reload, and i don’t really need to reload them since they are working fine (don’t fix what’s not broken), and on Centos5 you have 2.4.3, and if you decide to upgrade it, you will most likely screw a lot of things in the process, here’s a nice tutorial on how to work things out, using a similar approach to Ruby’s Version Manager or RVM:

1 – Create a user of your choosing, and login as said user.

2 – git clone git://github.com/yyuu/pyenv.git .pyenv

3 – Add env variables to your bash profile (i assume you should be using the bash shell, if you’re using another shell not sure how that goes):

echo ‘export PYENV_ROOT=”$HOME/.pyenv”‘ >> ~/.bash_profile
echo ‘export PATH=”$PYENV_ROOT/bin:$PATH”‘ >> ~/.bash_profile
echo ‘eval “$(pyenv init -)”‘ >> ~/.bash_profile

4 – Logout and relog, or restart shell. I find relog to be the choice for me as i usually have consoles opened for long periods of time, so i might forget and control+D and then miss my settings and wonder why.

5 – Install the Python version you need!

pyenv install 2.7.6

6 – Setup your new installed version as default:

pyenv local 2.7.6

7 – Enjoy your new Python installation!

Increase the size of /tmp (/usr/tmpDSK) partition in Linux?

How to increase the size of /tmp partition in Linux?
Proceed with the given steps:-
========================
1) Stop MySql service and process kill the tailwatchd process. Additionally if you receive an error that /tmp is in use, do a “lsof |grep tmp” and see which processes use /tmp, and stop them.

[root@antg ~]# /etc/init.d/mysqld stop
Stopping MySQL: [ OK ]
[root@antg ~]# pstree -p | grep tailwatchd
Find the tailwatchd process id and kill it
[root@antg ~]# kill -9 2522
2) Take a backup of /tmp as /tmp.bak
[root@localhost ~]#cp -prf /tmp /tmp.bak
3) Create a 2GB file in the avaliable freespace
[root@antg ~]# dd if=/dev/zero of=/usr/tmpDSK bs=1024k count=2048
2048+0 records in
2048+0 records out
2147483648 bytes (2.1 GB) copied, 73.6908 seconds, 29.1 MB/s
[root@antg ~]# du -sch /usr/tmpDSK
2.1G /usr/tmpDSK
2.1G total
4) Assign ext3 filesystem to the file
[root@antg ~]# mkfs -t ext3 /usr/tmpDSK
mke2fs 1.39 (29-May-2006)
/usr/tmpDSK is not a block special device.
Proceed anyway? (y,n) y
Filesystem label=
OS type: Linux
262144 inodes, 524288 blocks
26214 blocks (5.00%) reserved for the super user
First data block=0
Writing inode tables: done
Creating journal (16384 blocks): done
Writing superblocks and filesystem accounting information: done
This filesystem will be automatically checked every 25 mounts or
180 days, whichever comes first. Use tune2fs -c or -i to override.
5) Check the file system type:-
[root@antg ~]# file /usr/tmpDSK

/usr/tmpDSK: Linux rev 1.0 ext3 filesystem data (large files)
Note:-
You may also use the following comands for making ext3 file system on a file:
[root@antg ~]# mkfs.ext3 /usr/tmpDSK
[root@antg ~]# mke2fs /usr/tmpDSK
6) Unmount /tmp partition
[root@antg ~]# umount /tmp
7) Mount the new /tmp filesystem with noexec
[root@antg ~]# mount -o loop,noexec,nosuid,rw /usr/tmpDSK /tmp
8) Set the correct permission for /tmp
[root@antg ~]# install -d –mode=1777 /tmp
[root@antg ~]# ls -ld /tmp
drwxrwxrwt 3 root root 4096 Feb 6 08:42 /tmp

( you may use the command chmod 1777 /tmp for doing the same )
[root@antg ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda9 28G 6.4G 20G 25% /
/dev/sda8 99M 10M 84M 11% /boot
tmpfs 500M 0 500M 0% /dev/shm
/usr/tmpDSK 2.0G 68M 1.9G 4% /tmp
7)Restore the content of old /tmp.bkp directory
[root@antg ~]# cp -rpf /tmp.bak/* /tmp
8) Restart the mysql and tailwathchd services.
[root@antg ~]# /etc/init.d/mysql start
[root@antg ~]# /scripts/restartsrv_tailwatchd
9)Edit the fstab and replace /tmp entry line with :-
/usr/tmpDSK /tmp ext3 loop,noexec,nosuid,rw 0 0
10) Mount all filesystems
[root@antg ~]# mount -a

Check it now:-

[root@antg ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/sda9 28G 6.4G 20G 25% /
/dev/sda8 99M 10M 84M 11% /boot
tmpfs 500M 0 500M 0% /dev/shm
/usr/tmpDSK 2.0G 68M 1.9G 4% /tmp

Done.

htop with freebsd

Most of the times i use htop to check cpu threads usage in linux. I have quite a few freebsd servers, so i ran into some issues when installing htop on vanilla freebsd. Well, you need to make some adjustments so that htop works,  so here it goes:

First you have to dynamically load the linux object in the kernel:

kldload linux

Then we have to make this loading permanent so addlinux_enable=”YES” to /etc/rc.conf.

After this, install a linux layer:

cd /usr/ports/emulators/linux_base-fc4 (for some strange reason fc6 is not working for me)
make install distclean

Go to /etc/fstab and add the following line:

linproc /compat/linux/proc linprocfs rw 0 0

Mount the new filesystem: mount linproc and go to/usr/ports/sysutils/htop and install as usual.

Enjoy