Updates:

Similar topics mod installed, currently shown at the end of a topic

Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Topics - Brian000

#1
Linux Support / SSH Key authentication
January 07, 2022, 10:11:24 PM
(Lubuntu - 5.11.0-43-generic #47~20.04.2-Ubuntu)

I have played with SSH authentication in the past and failed then too - but didn't have a use for it.... However, that's changed because I'm looking at using GIT and therefore need to be able to SSH onto my GIT server via cron - so I'm back setting up SSH key authentication.

This is a single computer, which I'm SSHing back to itself for testing and I have done what the internet suggests is the "usual" - being:
(only one of so many examples : https://www.pragmaticlinux.com/2021/05/configure-ssh-for-login-without-a-password/)


ssh-keygen -f .ssh/id_gitserver
eval "$(ssh-agent -s)"
ssh-add .ssh/id_gitserver
ssh-copy-id -i .ssh/id_gitserver [email protected]


"OK, nice!", I think to myself when it all works! However, it seems that I need to rerun the two commands; "eval" and "ssh-add" (which requires the passphase) whenever I logout and back in....  I see that I now have a lot of "ssh-agent" processes running, so I'm pretty sure this isn't how it should work - but does anybody know what I'm doing wrong?

Some posts suggest that I should use "ssh-agent bash" instead of the EVAL command - but I that gives similar/same results.

There is a risk from my testing, that I have nested connections, but I expect the SSH keys to authenticate from my git user regardless of anything.

Thanks.
#2
General Discussion / Version Control
December 31, 2021, 06:42:28 PM
Hello everybody,

I have just spent (AKA wasted :) ) today learning the basics of RCS. While I accept that it's extremely old, it did fit my use-case rather well.... But stretching my testing to other computers, I quickly found that it's not available in (standard) RHEL8 - so fear that's the start of it phased out of other distros.

My network consists of various computers, all of which have similar config files and custom scripts which I'm keen to version control.  Using RCS, I "had" created a central NFS stored directory, and used symlinks for the "RCS" directories (where it stores the version details) allowing me to easily include them within my backup process.
 
I guess I'm about to move to GIT - but does anybody else use GIT to version control O/S level config files, and have any tips on how to structure such a repository?  And/or how to pull/get changes to separate directories - like say I want to version control: "/etc/host", "/var/www/config.php" and /home/brian/my_script.sh (for examples) - for ALL my assets.

While I'm largely a single user I guess I'd have 1 repository per asset - but is that a fair assumption and is there anything I need to consider?

Thanks in advance...
Brian
#3
General Discussion / Logging Options
November 10, 2021, 10:32:06 PM
Hi,

I'm thinking about how to improve my script logging...

I currently have all logs (per server/client) write to a monthly-dated file, but have previously created a web API and site to report and manage those.

XMPP was great, as it would Ping my phone and other clients with messages, but MQTT was less good, because it would only store/display the last message (unless I logged those and that seemed like a pointless task - akin to logging the logging :)).

I've never, more than a thought anyway, considered a SYSLOG server - but like the idea of adding my router/switch/etc too... would that bring anything helpful to my party?

But what is YOUR view and what would YOU  recommend?

oh.... I have pretty poor internet, so anything which keeps traffic "internal" would be best or at least more reliable.

Thanks for your thoughts...
#4
Hi,

I'm not sure how long I've had the issue but today I decided to simply change the IP of my NAS (it's configured to DHCP, albeit with a fixed address in dhcpd.conf) and something that I thought would be easy, but found that devices were struggling to re-connect.    I was looking around and have discovered that the MAC address of the NAS was incorrect on most/all devices (based on "ip neigh").  And something that a reboot of my router/switch/NAS didn't simply resolve. 

I have since connect to several of my servers, and run "ip -s -s neigh flush all" and "arp -d <ip>", one or both successfully cleared the ARP cache and was soon showing the correct MAC address (Yay! I thought), but after a few minutes it was reverted, so the same IP has the incorrect MAC again (it's always the same one). 

My NAS is the same hardware with the same NIC (and unchanged MAC) - plus I'm not 100%  sure where the "incorrect" MAC is coming from, I assume it's on my network somewhere, but as yet have not found it (with so may mobile devices I've not yet managed to check everything).  I read that I can force the IP/MAC details into the ARP cache - but I assume that that shouldn't be necessary (should it?)

I'd like to better understand where ARP or IP, get the MAC address from - which may help me understand my problem and therefore resolve it. 
But also - how I can scan my entire network for MAC Addresses assuming this "unknown" one is on my network.

The other options is that I've made a rookie error, and done something wrong in either BIND or DHCPD.... My gateway seems to be the only asset that consistently should the correct details......

Hoping everybody is well and enjoying the change in weather,
Brian,
#5
Linux Support / How to Back Deletes
May 21, 2021, 09:48:12 PM
Hi all,

I have a simple backup policy which sees two drives rsynced weekly. This is great as it works well and has the plus of being both nice and easy.

I would like to make these syncs more regular to avoid data loss, but need some protection from/backup for, deletes.

My first though is to scan the two disks and copy those deleted files - keeping them safe, before the rsync.

Before i start any thing i thought i ask....
Is there a switch in rsync that a I'm not aware of that does this?
....or is there a better option (AKA, what should I do?)?

Let's suggest I'd like to retain 7days of deletes while rsyncing every day.

Thanks in advance,
Brian