"Paul Adare" <[EMAIL PROTECTED]> writes: > Hi Forin, > A question about the paranoid security level. The first couple of times > I setup beta 2 using the default level I could never manage to su to root. I > kept on getting an error message about an incorrect password. It wasn't until > I reduced the level to High that I was able to su to root at the console. Is > that expected? If so, how does one use the root account?
Hi there, I don't know if you have noticed but your mail has nothing to do with this thread (see below). But the answer to your question is related to the user creation. While creating a user during the install you have two options: - leave the check boxes untouched and you will be able to do an su - if you check the boxes that means you know what you are doing. In this case, make sure you add these users to the wheel group in /etc/group this is the same on any other mandrake install and it is not specific to MNF. The only thing to remember is that MNF uses the 5th msec level (paranoid). my 2cts, > pka > > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Florin > Sent: Monday, January 17, 2005 4:19 AM > To: [EMAIL PROTECTED] > Cc: [email protected] > Subject: Re: [Security Firewall] MNF2 NETA don't start from web > > Hi there, > > in MNF2 you are not supposed to change the security level. MNF2 is set as > default to the paranoid level. Forget about everything you have tried with > netstat, etc (use netstat -an |grep LISTEN). Also, you are supposed to try > shorewall clear and not shorewall stop because it's not the same thing ... > > I don't know what else I can say here because I don't seem to find any > other relevant information in your mail ... > > good luck, > > > >Manuel Acevedo Chavira <[EMAIL PROTECTED]> writes: > > > Hi, thanks for you advise, but the problem is that i tried this, with > > shorewall stop i just can ping from > > the client, but i can't to initialize the back end, at the begining i > > was > > looking for some error in the logs files > > and i found in /var/log/auth.log > > > > sshd[3238]: Received signal 15; terminating > > sshd[4692]: Server listening on :: port 22 > > sshd[4692]: error: Bind to port 22 on 0.0.0.0 failed > > Adress already in use > > > > and then i changed in /etc/ssh/sshd_config to add the line > > ListenAdress 0.0.0.0 > > > > > > and the problems in sshd was out, whitout this change netstat -ln show > > in > > sshd > > > > Proto Recv-Q Send-Q Local Adress Foreign Address State > > > > tcp 0 0 :::22 > > :::* LISTEN > > tcp 0 0 :::8443 :::* > > LISTEN > > > > and whith this change netstat -ln show in sshd > > > > Proto Recv-Q Send-Q Local Adress Foreign Address State > > > > tcp 0 0 0.0.0.0:22 > > 0.0.0.0:* LISTEN > > tcp 0 0 :::8443 :::* > > LISTEN > > > > and the error log don't show any more, for that i thinked that is a > > problem > > with 8443, i disable ipv6 > > in modprobe.conf adding > > alias net-pf-10 off > > alias ipv6 off > > > > after netstat -ln show > > > > Proto Recv-Q Send-Q Local Adress Foreign Address State > > > > tcp 0 0 0.0.0.0:22 > > 0.0.0.0:* LISTEN > > tcp 0 0 0.0.0.0:8443 > > 0.0.0.0:* LISTEN > > > > > > and the same problem from the client i can't to see the back > > end, then i > > back the initial configuration > > because i installed in another pc the MNF beta 2, and my > > sorprise was, all > > right!!!!!!! whitout changes, i can see the > > back end, then i reinstall the MNF in the pc with the problem, > > but :(, the > > same problem, it's very confused > > i don't understand what's the problem, in this pc i have been > > installed > > the fisrt MNF and all right, and with > > the new MNF i don't see the back end, in both cases i choose > > security > > nevel to estandar. > > > > thanks very much, i hope you can understand me, and excuse me > > for my > > english > > > > > > -----Mensaje original----- > > De: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] nombre de Dieter > > Sch�tze > > Enviado el: Viernes, 14 de Enero de 2005 04:15 p.m. > > Para: [email protected] > > Asunto: Re: [Security Firewall] MNF2 NETA don't start from web > > > > > > > > Am Freitag, den 14.01.2005, 13:25 -0600 schrieb Manuel Acevedo Chavira: > > > Hi, last month i installed the new MNF beta 2 but i can't to see the web > > > page from > > > any client with https://192.168.1.20:8443 and i don't know what's > > > happening. > > > in /etc/httpd/logs-naat/httpd2-naat.ssl_error_log shows > > > > > > [warn] RSA server certificate CommonName (CN) 'localhost.ai4h3R' does > > > NOT > > > match server name!? > > > > > > any ideas? > > logon direct on the Konsole change to su. > > stop the shorewall with service shorewall stop. > > Now test it from the client ones more. > > Configure your MNF and restart, if you have everything correct > > configured you can logon from the client again. > > > > The certificate is the standard certificate thats normal with > > localhost.xxxx you can make a better certificate if you want, but no > > real certificate without paying. ;-) > > > > Dieter > > > > > > > > ____________________________________________________ > > Want to buy your Pack or Services from MandrakeSoft? > > Go to http://www.mandrakestore.com > > Join the Club : http://www.mandrakeclub.com > > ____________________________________________________ -- Florin http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
____________________________________________________ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com ____________________________________________________
