Re: ssh from 012 cable to server in US fail
Hi, Can't change port number. Some user connect this server from post 22. Rami Tzafrir Cohen wrote: On Tue, Apr 28, 2009 at 11:10:30AM +0300, Rami Addady wrote: Hi, I have weird problem , staring this morning I can't ssh to a server in US, from some computers that connect to the Internet using 012 cabels. But if I'm ssh to server in 012 farm and then from it to the US server is work fine! I called 012 technical support but they didn't help me. Trial and error: what if you use a different port number for the server? For testing: /usr/sbin/sshd -D -p 1234 ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
RE: ssh from 012 cable to server in US fail
FWIW, Netvision, although they've started blocking outgoing SMTP (port 25), still allow SSH with no problems, both locally and to the US. I doubt that it's a Big Brother type of issue (yet). Who was it that said not to attribute to malice that which can be attributed to stupidity? Chag Sameach, Rony -Original Message- From: linux-il-boun...@cs.huji.ac.il [mailto:linux-il-boun...@cs.huji.ac.il] On Behalf Of Ira Abramov Sent: Tuesday, April 28, 2009 1:58 PM To: linux-il@cs.huji.ac.il Subject: Re: ssh from 012 cable to server in US fail Quoting Tomer Cohen, from the post of Tue, 28 Apr: Hi, I had the same issue yesterday evening (012, cable). After few hours I periodically tried, I was able to access the machines (one is located in Dreamhost, the other at sourceforge.net), but very slowly and with sudden disconnections after about one minute of each connection. these all sound annoyingly like the adventures a friend of mine had when connecting to my server from china, including obvious man-in-the-middle attacks, such as each time hׁ” tried to connect, the server would display a different host key. If the state of Israel has started building a great firewall they are both doing it wrong, as well as against the current law. very sad :-( On Tue, Apr 28, 2009 at 11:10, Rami Addady r...@active.co.il wrote: Hi, I have weird problem , staring this morning I can't ssh to a server in US, from some computers that connect to the Internet using 012 cabels. But if I'm ssh to server in 012 farm and then from it to the US server is work fine! I called 012 technical support but they didn't help me. It's not a FW issue because the ssh session start. When I try to ssh it start and after some time fail , here is debug session. ssh -v -l user 111.111.111.111 OpenSSH_3.9p1, OpenSSL 0.9.7a Feb 19 2003 debug1: Reading configuration data /etc/ssh/ssh_config debug1: Applying options for * debug1: Connecting to ... port 22. debug1: Connection established. debug1: identity file /home/user/.ssh/identity type -1 debug1: identity file /home/user/.ssh/id_rsa type -1 debug1: identity file /home/user/.ssh/id_dsa type -1 debug1: Remote protocol version 2.0, remote software version OpenSSH_4.3 debug1: match: OpenSSH_4.3 pat OpenSSH* debug1: Enabling compatibility mode for protocol 2.0 debug1: Local version string SSH-2.0-OpenSSH_3.9p1 debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: server-client aes128-cbc hmac-md5 none debug1: kex: client-server aes128-cbc hmac-md5 none debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(102410248192) sent debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP ... after few minutes... Connection closed by 111.111.111.111 Any idea what wrong Rami ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il -- Tomer Cohen http://tomercohen.com H. L. Mencken - It is even harder for the average ape to believe that he has descended from man. http://www.brainyquote.com/quotes/authors/h/h_l_mencken.html ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il -- The way of the world Ira Abramov http://ira.abramov.org/email/ ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Need Oracle / PHP guru
Hi, I need some help calling Oracle stored procedures and functions from php. Some of the procedures return complex objects,cursors and more. I am having trouble hacking the syntax and I have limited time. I would be interested in hiring somebody who is experienced with the above and can help me with my first steps. The oracle server is located in a different location from the PHP web srerver. The work is expected to be at most a few hours, pay a fair rate. Thanks, David Smith ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Backup encryption key
בThursday 23 April 2009, נכתב על ידי Yuval Hager: On Thursday 23 April 2009, Shachar Shemesh wrote: I should point out one huge disadvantage of storing binary diffs when using encrypted systems. There is no (practical) way to erase old backups. Your backup storage size is bound to be ever increasing. This is because the only way to create a new complete snapshot (i.e. - a non-incremental backup) is to retransmit the entire backup data. Because the remote side is encrypted, you cannot use it to expand the image remotely. I have not given as much thought as you to the details here, but if I read the man page correctly, duplicity does allow to --remove-older-than. I am not sure how that works though. I've continued to read on that - as long as you have at least one full backup, you can deleted earlier backups (which is quite obvious). The main reason I am using rdiff-backup is that I can delete backups older than a certain time, as much as I like, without ever running a full backup besides the initial backup. The only limitation is that the data is not compressed nor encrypted on the destination. -- yuval signature.asc Description: This is a digitally signed message part. ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Backup encryption key
Yuval Hager wrote: בThursday 23 April 2009, נכתב על ידי Yuval Hager: On Thursday 23 April 2009, Shachar Shemesh wrote: I should point out one huge disadvantage of storing binary diffs when using encrypted systems. There is no (practical) way to erase old backups. Your backup storage size is bound to be ever increasing. This is because the only way to create a new complete snapshot (i.e. - a non-incremental backup) is to retransmit the entire backup data. Because the remote side is encrypted, you cannot use it to expand the image remotely. I have not given as much thought as you to the details here, but if I read the man page correctly, duplicity does allow to --remove-older-than. I am not sure how that works though. I've continued to read on that - as long as you have at least one full backup, you can deleted earlier backups (which is quite obvious). The main reason I am using rdiff-backup is that I can delete backups older than a certain time, as much as I like, without ever running a full backup besides the initial backup. The only limitation is that the data is not compressed nor encrypted on the destination. And with rsyncrypto+rsync, you can do all that AND have them encrypted and compressed. Shachar -- Shachar Shemesh Lingnu Open Source Consulting Ltd. http://www.lingnu.com ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: ssh from 012 cable to server in US fail
Hi, We are not aware of such problem, and if such one exists, it is not intentional. Please provide me with some more information off-list (IP addresses, capture files of connection attempts if possible etc.), and we will check into it. --imriz ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: ssh from 012 cable to server in US fail
On Tuesday 28 April 2009 13:57:36 Ira Abramov wrote: these all sound annoyingly like the adventures a friend of mine had when connecting to my server from china, including obvious man-in-the-middle attacks, such as each time hׁ” tried to connect, the server would display a different host key. If the state of Israel has started building a great firewall they are both doing it wrong, as well as against the current law. very sad A bit paranoid, aren't we? :) ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: ssh from 012 cable to server in US fail
2009/4/29 ronys ro...@gmx.net: FWIW, Netvision, although they've started blocking outgoing SMTP (port 25), still allow SSH with no problems, both locally and to the US. I doubt that it's a Big Brother type of issue (yet). Who was it that said not to attribute to malice that which can be attributed to stupidity? Yesterday afternoon, Netvision was randomly blocking port 25 and 587, pop3 (110) and 995. I called to complain and when I got through the phone maze, I was hung up on. By around 10pm last night, things were back to normal, 587,110 and 995 were working. SSH, HTTP and HTTPS worked the entire time. I use a HOT cable modem and a PPTP tunnel. I'll go with your second explanation. BTW, does anyone know whom the new Minister of Telecommunications is? The English press reported that there was one, but never mentioned who it was. Geoff. -- Geoffrey S. Mendelson N3OWJ/4X1GM Jerusalem, Israel ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: ssh from 012 cable to server in US fail
Hi Geoffrey, On Thu, Apr 30, 2009 at 07:31:43AM +0300, Geoffrey Mendelson wrote: BTW, does anyone know whom the new Minister of Telecommunications is? The English press reported that there was one, but never mentioned who it was. According to the page at http://www.moc.gov.il/137-en/MOC.aspx (English) the minister of communication is Moshe Kachlon (Likud). baruch -- ~. .~ Tk Open Systems =}ooO--U--Ooo{= - bar...@tkos.co.il - tel: +972.2.679.5364, http://www.tkos.co.il - ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il