Re: [CentOS] POODLE on CentOS
Modifying apache configuration to the following should take care of it. The SSLProtocol directive disables SSLv2 and SSLv3 and leaves other on. SSLProtocol all -SSLv2 -SSLv3 SSLHonorCipherOrder on SSLCipherSuite EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS On Thu, Oct 16, 2014 at 7:41 PM, James B. Byrne byrn...@harte-lyne.ca wrote: According to the centos wiki: Validating Changes You can use Qualys SSL Labs to verify that your web server is no longer vulnerable to POODLE or TLS_FALLBACK_SCSV once all action is complete. You might also want to only use TLSv1.2 for httpd on CentOS-6.5 (or higher) and CentOS-7, while using TLSv1 on CentOS-5. However, on my up-to-datestock CentOS-6.5 the httpd version is 2.2.15 and attems to use SSLProtocols greater than v1 yield this error: Syntax error on line 101 of /etc/httpd/conf.d/ssl.conf: SSLProtocol: Illegal protocol 'TLSv1.1' I presume that the wiki is in error but I would like confirmation of that or instructions on how to enable TLSv1.1 and 1.2 on CentOS-6.5. -- *** E-Mail is NOT a SECURE channel *** James B. Byrnemailto:byrn...@harte-lyne.ca Harte Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- Tharun Kumar Allu == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] LPR to windows lpd question
Hi All, I am trying to print from a CentOS 5.3 server to a windows LPD service. After enabling the LPD service on Windows and creating a LPR port to a particular printer when I execute the following command on CentOS server I do not come out. lpr -H winprint:515 -P printer1 file.txt The above command does not exit. Do I need to configure anything on the server to be able to use lpr as a client ? Ultimately I want to use the above command to print to various printers based on different parameters. On a different note when I execute the same command on Fedora 14 I get Unknown as the error. Thanks Tharun ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] LPR to windows lpd question
On Mon, Dec 5, 2011 at 4:24 PM, m.r...@5-cent.us wrote: Tharun Kumar Allu wrote: Hi All, I am trying to print from a CentOS 5.3 server to a windows LPD service. After enabling the LPD service on Windows and creating a LPR port to a particular printer when I execute the following command on CentOS server I do not come out. lpr -H winprint:515 -P printer1 file.txt The above command does not exit. Do I need to configure anything on the server to be able to use lpr as a client ? Ultimately I want to use the above command to print to various printers based on different parameters. On a different note when I execute the same command on Fedora 14 I get Unknown as the error. Have you checked CUPS? http://localhost:631 mark Yes. The whole idea I am trying to achieve is not to install any printers on the server (if I can avoid) but use it as a client to print through a windows LPD service. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Antwort: Re: Strange connectivity problem from linux.
On Fri, Aug 28, 2009 at 4:01 AM, frank.brodb...@klingel.de wrote: Les Mikesell lesmikes...@gmail.com schrieb am 27.08.2009 20:53:14: I'd assume that 'telnet hostname 443' is intended to be a test for an https web service - which should in fact not permit a connection without ssl encryption. The linux version of telnet probably tries to do some options negotiations before it says it is connected and perhaps the windows version doesn't. A better test would be wget https://adp.eease.com Just for completeness, s_client(1) would be an alternative for testing purposes, too. Frank. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos This is a nice tool. Gives the following error sometimes. $ openssl s_client -connect adp.eease.com:443 socket: Connection refused connect:errno=29 Thanks for pointing this tool out. -- Tharun Kumar Allu == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Strange connectivity problem from linux.
Hi I have been facing a strange connectivity problem from CentOS and Fedora boxes. When I telnet to $ telnet adp.eease.com 443 it works fine some times and every 5-10 tries or so it says connection refused. And this does not happen from my windows box. Can anyone from this list try this on their linux installation and see if they get the same behaviour? Thanks Tharun ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Strange connectivity problem from linux.
Thank you I tested this today morning from the windows machine and it is behaving the same ( connection refused ). So I guess Its the host. I have a call with the Host admin some time today. This test should help me point the issue to him. Thanks Tharun On Thu, Aug 27, 2009 at 7:58 AM, Rohan Gilchristro...@gilchrist.me wrote: I could only connect 3 times out of 10. This was from my Mac laptop running Leopard. It would appear that something abnormal is happening on this host. On Thu, 27 Aug 2009, Tharun Kumar Allu wrote: Hi I have been facing a strange connectivity problem from CentOS and Fedora boxes. When I telnet to $ telnet adp.eease.com 443 it works fine some times and every 5-10 tries or so it says connection refused. And this does not happen from my windows box. Can anyone from this list try this on their linux installation and see if they get the same behaviour? Thanks Tharun ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] script
On Tue, Sep 30, 2008 at 3:47 PM, Mad Unix [EMAIL PROTECTED] wrote: Dear ALL, I need some help with bash scripting, a script that search the content of multiple files and replace old string ip 10.5.1.10 with the new string ip 127.128.1.10 it will search in specific folder and sub folders Thanks ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos sed -i 's/10.5.1.10/127.128.1.10/' should help you example find /path/ additional parameters to find the files | xargs sed -i 's/ 10.5.1.10/127.128.1.10/' -- Tharun Kumar Allu == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] sudoers
On Wed, Jul 9, 2008 at 9:19 AM, Mário Gamito [EMAIL PROTECTED] wrote: Hi, I need to run /bin/mount and /sbin/mount.cifs commands as nobody user (it has (bin/bash shell). So, I've edited /etc/sudoers and added: Cmnd_AliasCMD_MOUNT = /bin/mount Cmnd_AliasCMD_CIFS ) = /sbin/mount.cifs nobody ALL = NOPASSWD: CMD_MOUNT nobody ALL = NOPASSWD: CMD_CIFS But when I run the command as nobody (in the shell), I get the error: mount error 1 = Operation not permitted Any ideas ? Any help would be appreciated. Warm Regards, Mário Gamito May be it is a stupid question but did you execute the command with sudo in logged in as user nobody [EMAIL PROTECTED] sudo /bin/mount[.cifs] -- Tharun Kumar Allu == ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] sudoers
On Wed, Jul 9, 2008 at 10:52 AM, Mário Gamito [EMAIL PROTECTED] wrote: Yes, I do. On Wed, Jul 9, 2008 at 3:24 PM, Tharun Kumar Allu [EMAIL PROTECTED] wrote: On Wed, Jul 9, 2008 at 9:19 AM, Mário Gamito [EMAIL PROTECTED] wrote: Hi, I need to run /bin/mount and /sbin/mount.cifs commands as nobody user (it has (bin/bash shell). So, I've edited /etc/sudoers and added: Cmnd_AliasCMD_MOUNT = /bin/mount Cmnd_AliasCMD_CIFS ) = /sbin/mount.cifs nobody ALL = NOPASSWD: CMD_MOUNT nobody ALL = NOPASSWD: CMD_CIFS But when I run the command as nobody (in the shell), I get the error: mount error 1 = Operation not permitted Any ideas ? Any help would be appreciated. Warm Regards, Mário Gamito May be it is a stupid question but did you execute the command with sudo in logged in as user nobody [EMAIL PROTECTED] sudo /bin/mount[.cifs] Another stupid question are you editing /etc/sudoers using visudo? normally located at /usr/sbin/visudo ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos