Re: **questions** ssh w/ rsa certs not working
On Wed, 24 Jan 2007, Gabriel Rossetti wrote: The user needing to log in is root (I know this is not good and turned off by default), so I re-enabled root login with ssh but like I said above, I get a password prompt when I do : ssh -l root machine2 whoami Not sure if there is more going on as well, but you might want to set PermitRootLogin without-password in your sshd_config on the server you are trying to access. This /should/ give you a bit more security in that someone won't be able to brute force your root password if I understand it, but will allow you to login using the sshd keys (if they are set up properly). Might also check file and directory perms on .ssh and the different key and authorized_keys2 files involved if you haven't already, seems perms often bite me.. Matt Ruzicka - Senior Systems Administrator FRII 970-212-0728 [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
FreeBSD 6.2 + xinetd + amanda problem
While building out a couple new servers FreeBSD 6.2 was released. Since these boxes were not quite ready to be put into production we took the opportunity to upgrade these boxes from 6.1 to 6.2 following the instructions from the UPDATING file in src as usual. Initially everything seemed fine, but then we noticed that our previously working amanda backups started to fail. We install amanda from source and run it from xinetd, which we install from ports. Initially I figured amanda just needed to be recompiled, but the new install was failing as well. Specifically amcheck from the amanda server was reporting that the client self check was timing out. (A common and usually easily fixed issue.) During the troubleshooting I noticed that xinetd was reporting the following errors in /var/log/messages. Jan 24 14:36:34 hostname xinetd[44463]: fcntl( 0, clear close-on-exec ) failed: Bad file descriptor (errno = 9) Jan 24 14:36:34 hostname xinetd[44463]: dup2( 0, 0 ) failed: Bad file descriptor (errno = 9) After these errors finished the amanda server would report the selfcheck request timed out and suggest the host was down. Normally when this runs the amanda client creates a /var/tmp/amanda directory on the server being backed up, but after the selfcheck fails the directory has not been created. This seems to imply that amanda is never actually starting. This lead me to believe that there was something wrong with xinetd and not amanda so I disabled amanda from the xinetd config and added it to plain old inetd and fired it up. With amanda running from inetd the selfcheck would complete properly and the /var/tmp/amanda would be created with the proper files. The strange thing I have two other services running from xinetd that /are/ working just fine, so xinetd itself seems to be at least partially ok. After re-installing xinetd about a dozen times with variations in the config options and from both ports and source I'm still getting the same errors and it's really eating my lunch. I am able to confirm that the amanda and xinetd configs were working under 6.1 because we have backups of these machines. Also, this combination of services are running just fine on other servers. Just to be sure though I reinstalled amanda and xinetd on one of my 6.1 boxes from the same source that I'm having trouble with on 6.2 and everything works fine on 6.1. It seems very odd, but there does seem to be some strange subtle issue or bug with FreeBSD 6.2 as it relates to the combination of amanda and xinetd. Has anyone else seen anything even remotely similar with FreeBSD 6.2? Of course I could just run amanda from inetd, but that loses some security I would much rather retain. I'm considering attempting to roll back to 6.1, but I'm afraid that will cause all sort of strange and unexpected results. Plus, I'll want to move to 6.2 at some point and might just need to solve this issue then. Thanks in advance for your time and I apologize if something similar has already been discussed and I somehow missed it in my troubleshooting and research. Matt Ruzicka - Senior Systems Administrator FRII 970-212-0728 [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: **questions** Re: Tracking if disk is busy
Thanks for all the input, this puts us on track. Seems like considering snmp is probably our best bet based on our needs, but these other suggestions give lots of good info. Thanks. Matt Ruzicka - Senior Systems Administrator Front Range Internet, Inc. [EMAIL PROTECTED] - (970) 212-0728 On Fri, 23 Jun 2006, Nikos Vassiliadis wrote: On Friday 23 June 2006 01:12, Matt Ruzicka wrote: We've got a couple servers that appear to have particularly busy disks and I was trying to determine if there is a way to more easily poll this data for tracking. I'm not sure if this is one of those can't see the forest for the trees issues or not, but the only means that I am familiar with to see the percentage of time the disk is busy is to run 'systat -vmstat'. I was hoping for something more concise that I could run periodically and maybe even graph (realizing that watching this might well distort the results). It appears that iostat on Solaris gives this information, but I can't seem to mimic this functionality with FreeBSD. Are there other ways in FreeBSD to pull the percentage of time the disk is busy? gstat gives percentage load per (device|slice|partition) which is what I think you need. but it's written for interactive use, it issues commands to the terminal so you cannot have its output to file... ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Tracking if disk is busy
We've got a couple servers that appear to have particularly busy disks and I was trying to determine if there is a way to more easily poll this data for tracking. I'm not sure if this is one of those can't see the forest for the trees issues or not, but the only means that I am familiar with to see the percentage of time the disk is busy is to run 'systat -vmstat'. I was hoping for something more concise that I could run periodically and maybe even graph (realizing that watching this might well distort the results). It appears that iostat on Solaris gives this information, but I can't seem to mimic this functionality with FreeBSD. Are there other ways in FreeBSD to pull the percentage of time the disk is busy? Thanks. Matt Ruzicka - Systems Administrator Front Range Internet, Inc. [EMAIL PROTECTED] - (970) 212-0728 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
