Re: [CentOS] firewalld

> -Original Message- > From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of Gordon > Messmer > Sent: Friday, January 27, 2017 9:23 PM > To: CentOS mailing list > Subject: Re: [CentOS] firewalld > > On 01/27/2017 06:01 PM, TE Dukes wrote: > > I telnet localhost 143, I get

Re: [CentOS] firewalld

On 01/27/2017 06:01 PM, TE Dukes wrote: I telnet localhost 143, I get connection refused. What zone is used for the local network and what zone is used for outside access? All traffic from localhost is allowed. No zone is involved. The zone for "outside" access depends on which interface

[CentOS] firewalld

Got 7.3 installed Wednesday, things went so so. Been working on getting roundcubemail setup and firewalld is kicking my butt. I can't figure out all these zones. I opened imap, imaps, pop3, pop3s, smtp, smtps in zones internal, trusted and public. I still get connection refused. I telnet

Re: [CentOS] Notes on openssh configuration

On Fri, 2017-01-27 at 13:56 -0800, Gordon Messmer wrote: > On 01/27/2017 10:59 AM, Leonard den Ottolander wrote: > > https://en.wikipedia.org/wiki/MD5 seems to disagree: > > > No, it doesn't. That page links to RFC 6151, which notes: > > "It is not urgent to stop using MD5 in other ways, such

Re: [CentOS] Notes on openssh configuration

On 01/27/2017 10:59 AM, Leonard den Ottolander wrote: https://en.wikipedia.org/wiki/MD5 seems to disagree: No, it doesn't. That page links to RFC 6151, which notes: "It is not urgent to stop using MD5 in other ways, such as HMAC-MD5" There's nothing wrong with disabling hmac-md5 in your

Re: [CentOS] Notes on openssh configuration

Hello Gordon, On Fri, 2017-01-27 at 10:26 -0800, Gordon Messmer wrote: > Cryptographers still consider MD5 secure for HMAC use. Wikipedia's > references (currently 6, 7, and 8) in this article are useful: > > https://en.wikipedia.org/wiki/Hash-based_message_authentication_code

Re: [CentOS] large update - best practice

On Fri, January 27, 2017 12:19 pm, Jon LaBadie wrote: > On Fri, Jan 27, 2017 at 06:05:54PM +0100, Leon Fauster wrote: >> > Am 27.01.2017 um 17:27 schrieb m.r...@5-cent.us: >> > >> > Johnny Hughes wrote: >> >> On 01/27/2017 09:19 AM, Jon LaBadie wrote: >> >>> With a large update to be made, eg.

Re: [CentOS] large update - best practice

On Fri, January 27, 2017 11:48 am, Kenneth Porter wrote: > --On Friday, January 27, 2017 11:11 AM -0600 Valeri Galtsev > wrote: > >> >> Even with having to notify users/schedule reboots as rarely as once >> every >> 54 days on average, this is really PITA, because it

Re: [CentOS] Notes on openssh configuration

On 01/27/2017 10:03 AM, Leonard den Ottolander wrote: To my astonishment the openssh versions on both C6 and C7 will by default negotiate an MD5 HMAC. Cryptographers still consider MD5 secure for HMAC use. Wikipedia's references (currently 6, 7, and 8) in this article are useful:

Re: [CentOS-virt] NIC Stability Problems Under Xen 4.4 / CentOS 6 / Linux 3.18

On 01/27/2017 06:08 AM, Karel Hendrych wrote: > Have you tried to eliminate all power management features all over? I've been trying to find and disable all power management features but having relatively little luck with that solving the problems. Stabbing the the dark I've tried different ACPI

Re: [CentOS] large update - best practice

On Fri, Jan 27, 2017 at 06:05:54PM +0100, Leon Fauster wrote: > > Am 27.01.2017 um 17:27 schrieb m.r...@5-cent.us: > > > > Johnny Hughes wrote: > >> On 01/27/2017 09:19 AM, Jon LaBadie wrote: > >>> With a large update to be made, eg. the 900 package > >>> one I questioned yesterday, are there any

Re: [CentOS] large update - best practice

On Fri, 2017-01-27 at 10:02 -0600, Johnny Hughes wrote: > But generally, this upgrade should be OK via ssh, etc. Just make sure you invoke screen right after you log in in case you accidentally lose the connection. Regards, Leonard. -- mount -t life -o ro /dev/dna /genetic/research

[CentOS] Notes on openssh configuration

Hello list, To my astonishment the openssh versions on both C6 and C7 will by default negotiate an MD5 HMAC. C6 client, C7 server: debug2: mac_setup: found hmac-md5 debug1: kex: server->client aes128-ctr hmac-md5 none debug2: mac_setup: found hmac-md5 debug1: kex: client->server aes128-ctr

Re: [CentOS] large update - best practice

--On Friday, January 27, 2017 11:11 AM -0600 Valeri Galtsev wrote: Even with having to notify users/schedule reboots as rarely as once every 54 days on average, this is really PITA, because it is often. That, BTW is why we fled our servers away from Linux ;-(

Re: [CentOS] large update - best practice

On Fri, January 27, 2017 10:27 am, m.r...@5-cent.us wrote: > Johnny Hughes wrote: >> On 01/27/2017 09:19 AM, Jon LaBadie wrote: >>> With a large update to be made, eg. the 900 package >>> one I questioned yesterday, are there any suggestions >>> to avoid possible complications? >>> >>> Two

Re: [CentOS] large update - best practice

> Am 27.01.2017 um 17:27 schrieb m.r...@5-cent.us: > > Johnny Hughes wrote: >> On 01/27/2017 09:19 AM, Jon LaBadie wrote: >>> With a large update to be made, eg. the 900 package >>> one I questioned yesterday, are there any suggestions >>> to avoid possible complications? >>> >>> Two examples,

Re: [CentOS] large update - best practice

Johnny Hughes wrote: > On 01/27/2017 09:19 AM, Jon LaBadie wrote: >> With a large update to be made, eg. the 900 package >> one I questioned yesterday, are there any suggestions >> to avoid possible complications? >> >> Two examples, I'd like to know of others too: >> >> I'm not running the most

Re: [CentOS] large update - best practice

On 01/27/2017 09:19 AM, Jon LaBadie wrote: > With a large update to be made, eg. the 900 package > one I questioned yesterday, are there any suggestions > to avoid possible complications? > > Two examples, I'd like to know of others too: > > I'm not running the most recently installed kernel, >

[CentOS] large update - best practice

With a large update to be made, eg. the 900 package one I questioned yesterday, are there any suggestions to avoid possible complications? Two examples, I'd like to know of others too: I'm not running the most recently installed kernel, I assume I should reboot to that. I normally have a

Re: [CentOS] software raid 1 failure

On 01/26/2017 05:27 PM, Jerry Geis wrote: I tried many things to mount it, to mdadm add it but could not get it to cooperate. You probably want to "mdadm --assemble --scan". If there were logical volumes on it, you'd also want to "lvchange -a y" afterward.

Re: [CentOS] yum adding 7.3 packages to 7.2 system

Hello Jon, On Thu, 2017-01-26 at 23:35 -0500, Jon LaBadie wrote: > And here I thought I had asked to upgrade to 7.2 a year ago. Not exactly sure what you are referring to, but to elaborate on what the others said, only the latest point release is a supported release. This was 7.2.1511 (year 15,

Re: [CentOS-virt] NIC Stability Problems Under Xen 4.4 / CentOS 6 / Linux 3.18

Have you tried to eliminate all power management features all over? Are the devices connected to the same network infrastructure? There has to be something common. I've been using Intel NICs with Xen/CentOS for ages with no issues. Karel On 27.1.2017 02:57, Kevin Stange wrote: On 01/26/2017

[CentOS] CentOS-announce Digest, Vol 143, Issue 11

Send CentOS-announce mailing list submissions to centos-annou...@centos.org To subscribe or unsubscribe via the World Wide Web, visit https://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to