05 Říj
DNSSEC in BIND & Fast validation
Edit Bind config file vi /etc/bind/named.conf.options … options { … dnssec-enable yes; dnssec-validation auto; … }; …
Author Archive
24 Zář
Error „Hardware RAID is disabled via NVRAM Controller setting“
# Show controller slots ssacli ctrl all show config # Disable HBA Mode ssacli controller slot=0 modify hbamode=off # Recheck controller status ssacli controller slot=0 show
21 Zář
Sync time on Windows 2019 server
# Set NTP servers w32TM /config /syncfromflags:manual /manualpeerlist:pool.ntp.org /update # Restart the time service net stop w32time && net start w32time # Resync the time w32tm /resync # Verify status w32tm /query /status
21 Zář
Failed to establish secure connection: sslv3 alert handshake failure: 1040
Debian 10 (Buster) + latest NSClient++ on Windows 2019 server Linux: root@nagios:/# /usr/lib/nagios/plugins/check_nrpe -H 172.24.1.1 -c check_ad CHECK_NRPE: (ssl_err != 5) Error – Could not complete SSL handshake with 172.24.1.1: 1 Windows: 2019-09-21 18:30:46: error:c:\source\master\include\socket/connection.hpp:273: Seems we other end is not using ssl: unknown protocol 2019-09-21 18:30:46: error:c:\source\master\include\socket/connection.hpp:274: Please review the ssl option as well […]
18 Zář
Convert Windows Server 2019 Eval to Server Standard
DISM /online /Get-CurrentEdition DISM /online /Get-TargetEditions DISM /online /Set-Edition:ServerStandard /ProductKey:N69G4-B89J2-4G8F4-WWYCC-J464C /AcceptEULA slmgr.vbs /upk slmgr.vbs /ipk your_mak_key slmgr.vbs /ato Official KMS client keys https://docs.microsoft.com/en-us/windows-server/get-started/kmsclientkeys
14 Čvc
Jak dešifrovat heslo z Remminy
…aneb když zapomenete přihlašovací údaje. Hesla v remmině jsou zašifrována pomocí blokové šifry 3DES s 256bitovým (náhodně vygenerovaným) klíčem. Klíč lze nalézt (Kubuntu 18.04) v souboru ~/.config/remmina/remmina.pref (na řádce začínající slovem „secret=“). Jednotlivá zašifrovaná hesla pak jsou v souborech ~/.local/share/remmina/*.remmina (řádek začínající klíčovým slovem „password=“). K dešifrování poslouží tento krátký skript v Pythonu (nahraďte položky […]
27 Led
IPSEC tunnel from Check Point to Mikrotik
Check Point configuration: IP address WAN: 1.2.3.4 IP address LAN: 192.168.1.0/24 Username: johndoe Password: mysecret Shared secret: 12345678 Mikrotik configuration: /interface l2tp-client add connect-to=1.2.3.4 disabled=no ipsec-secret=12345678 name=l2tp-checkpoint password=“mysecret“ use-ipsec=yes user=johndoe /ip ipsec proposal set [ find default=yes ] enc-algorithms=3des pfs-group=none /ip route add distance=1 dst-address=192.168.1.0/24 gateway=l2tp-checkpoint
13 Led
Getent passwd dosen’t show all users of LDAP server (Can’t receive more than 500 entries)
Quick fix: echo „dn: cn=config changetype: modify replace: olcSizeLimit olcSizeLimit: 10000“ > olcSizeLimit.ldif ldapmodify -Y EXTERNAL -H ldapi:/// -f olcSizeLimit.ldif
13 Led
SSL Library Error: 185073780 key values mismatch
When installing a certificate on Apache web server, you might receive an error SSL Library Error: 185073780 error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch during restart of Apache service. Most often, this error appears if you are using an incorrect private key along with the certificate you received from the Certificate Authority. In order for Apache to […]