Re: on to letsencrypt

On 22/04/2021 13:33, Tim via users wrote: On Thu, 2021-04-22 at 10:08 +0800, Ed Greshko wrote: And why expose services to the world that are open to attack if you can have them hosted elsewhere? I suppose we should explicitly point out: All servers can be attacked, and that includes DNS

Re: on to letsencrypt

On 22/04/2021 13:30, Tim via users wrote: On Thu, 2021-04-22 at 12:23 +0800, Ed Greshko wrote: No need for that if you're using a good registrar. My registrar supports Dynamic DNS Records. FWIW, the OP has indicated early on that he has 6 usable static IP addresses. Even with support for

Re: on to letsencrypt

On Thu, 2021-04-22 at 10:08 +0800, Ed Greshko wrote: > And why expose services to the world that are open to attack if you > can have them hosted elsewhere? I suppose we should explicitly point out: All servers can be attacked, and that includes DNS servers. So if you run your own, you need to

Re: on to letsencrypt

On Thu, 2021-04-22 at 12:23 +0800, Ed Greshko wrote: > No need for that if you're using a good registrar. > > My registrar supports Dynamic DNS Records. > > FWIW, the OP has indicated early on that he has 6 usable static IP > addresses. Even with support for DDNS, I wouldn't use it for a real

Re: on to letsencrypt

On 22/04/2021 03:42, Joe Zeff wrote: On 4/21/21 12:56 PM, Tim via users wrote: My "simple" method would be to configure your public DNS records on your registrar, and let them serve them to the publid. This will work fine, if and only if you have a static IP.  If not, you can use a public

Re: on to letsencrypt

On 22/04/2021 04:47, Jack Craig wrote: i have zone files for llh & reverse zone Oh, BTW, there is very little point in defining     zone "213.220.108.in-addr.arpa" {    type master; You only have been assigned 8 IP addresses (6 usable + network + broadcast) within the zone out

[389-users] Re: minssf and TLS cipher ordering

Hi there, > On 22 Apr 2021, at 03:52, Trevor Vaughan wrote: > > Hi All, > > OS Version: CentOS 8 > 389-DS Version: 1.4.3.22 from EPEL > > I have a server set up with minssf=256 and have been surprised that either > 389-DS, or openssl, does not appear to be doing what I would consider a >

Re: Automount occasionally failing to auto-unmount

On Wed, 2021-04-21 at 19:30 +, old sixpack13 wrote: > ... > > The drive is normally only used at 3am to run a backup > > script, ... > > > When I mount the drive manually, the timeout always succeeds (though > > again after 300 seconds rather than 120). > > > > Any ideas? > > > not for

Re: on to letsencrypt

On 22/04/2021 04:47, Jack Craig wrote:  all but named.empty are empty.  cat *named.empty $TTL 3H @ IN SOA @ rname.invalid. ( 0 ; serial 1D ; refresh 1H ; retry 1W ; expire 3H ) ; minimum NS @ A 127.0.0.1 ::1* i have zone files for llh & reverse zone Well, there is "this" problem.  I

Re: suspend doesn't lock

On Wed, Apr 21, 2021 at 11:46:54AM +0200, Frank Elsner via users wrote: On Wed, 21 Apr 2021 17:05:11 +0800 Qiyu Yan wrote: 在 2021-04-21星期三的 10:18 +0200，Frank Elsner写道： > On Tue, 20 Apr 2021 23:55:35 +0800 Qiyu Yan wrote: > > 在 2021-04-20星期二的 10:32 +0200，Frank Elsner via users写道： > > > Hi, > > >

Re: on to letsencrypt

On 4/21/21 1:37 PM, Jack Craig wrote: On Wed, Apr 21, 2021 at 12:31 PM Tim via users < users@lists.fedoraproject.org> wrote: On Wed, 2021-04-21 at 11:47 -0700, Jack Craig wrote: b) You have a public domain name. Your registrar can handle public queries for its data, and doesn't need to know

Re: on to letsencrypt

On Wed, Apr 21, 2021 at 1:06 PM Ed Greshko wrote: > On 22/04/2021 02:39, Jack Craig wrote: > > Apr 21 11:36:07 ws.linuxlighthouse.com > bash[1451129]: zone localhost.localdomain/IN: has 0 SOA records > > Apr 21 11:36:07 ws.linuxlighthouse.com

Re: on to letsencrypt

On Wed, Apr 21, 2021 at 12:31 PM Tim via users < users@lists.fedoraproject.org> wrote: > On Wed, 2021-04-21 at 11:47 -0700, Jack Craig wrote: > > perhaps in the meantime you could outline how to configure my setup > > for your simler, /etc/hosts approach? > > I suppose that before going into

Re: suspend doesn't lock

2021-04-21 21:46 UTC+02:00, Samuel Sieb : > On 2021-04-21 11:57 a.m., Andras Simon wrote: >> 2021-04-21 20:05 UTC+02:00, Frank Elsner via users >> : >> >>> What are the screen lock settings at right now? >>> >>> Activate screensaver when computer is idle [after 1 h] >>> Lock screen when

Re: on to letsencrypt

On 22/04/2021 02:39, Jack Craig wrote: Apr 21 11:36:07 ws.linuxlighthouse.com bash[1451129]: zone localhost.localdomain/IN: has 0 SOA records Apr 21 11:36:07 ws.linuxlighthouse.com bash[1451129]: zone localhost.localdomain/IN: has

Re: suspend doesn't lock

On 2021-04-21 11:57 a.m., Andras Simon wrote: 2021-04-21 20:05 UTC+02:00, Frank Elsner via users : What are the screen lock settings at right now? Activate screensaver when computer is idle [after 1 h] Lock screen when screensaver is active [Yes] Just a shot in the dark, but how long is

Re: on to letsencrypt

On 4/21/21 12:56 PM, Tim via users wrote: My "simple" method would be to configure your public DNS records on your registrar, and let them serve them to the publid. This will work fine, if and only if you have a static IP. If not, you can use a public dynamic DNS service such as DNSEXit.com

Re: on to letsencrypt

On Wed, 2021-04-21 at 11:47 -0700, Jack Craig wrote: > perhaps in the meantime you could outline how to configure my setup > for your simler, /etc/hosts approach? I suppose that before going into masses of technicalities, what does your system actually *need* to do? a) We know you're intending

Re: Automount occasionally failing to auto-unmount

... > The drive is normally only used at 3am to run a backup > script, ... > When I mount the drive manually, the timeout always succeeds (though > again after 300 seconds rather than 120). > > Any ideas? > not for btrfs-automount-case. but you {s,c]ould check with your script if the drive

Re: suspend doesn't lock

On Wed, 21 Apr 2021 20:57:15 +0200 Andras Simon wrote: > 2021-04-21 20:05 UTC+02:00, Frank Elsner via users > : > > > > >> What are the screen lock settings at right now? > > > > Activate screensaver when computer is idle [after 1 h] > > Lock screen when screensaver is active [Yes] > > Just a

Re: on to letsencrypt

On Wed, 2021-04-21 at 11:39 -0700, Jack Craig wrote: > -- A start job for unit named.service has begun execution. > -- > -- The job identifier is 28649. > Apr 21 11:36:07 ws.linuxlighthouse.com bash[1451129]: zone > localhost.localdomain/IN: has 0 SOA records > Apr 21 11:36:07

Re: suspend doesn't lock

2021-04-21 20:05 UTC+02:00, Frank Elsner via users : > >> What are the screen lock settings at right now? > > Activate screensaver when computer is idle [after 1 h] > Lock screen when screensaver is active [Yes] Just a shot in the dark, but how long is your computer suspended before you wake it

Re: on to letsencrypt

Tim: >> Once you've dealt with that, you can consider whether you really >> want to do split DNS (answering outside queries with your public >> IPs, and internal queries with your internal IPs), or whether you >> let your register handle all outside queries (I would), or whether >> you use

Re: suspend doesn't lock

On Wed, 2021-04-21 at 17:05 +0800, Qiyu Yan wrote: > By default, Super+L should be the shoutcut for screenlock. In your > case, if you didn't change the shoutcut, that means your screen lock > is not working at all. I don't think that's the default for all desktops. On mine, using MATE, it's

Re: on to letsencrypt

the results of the caching test aren't too encouraging, the error msg doesnt tell me much, recommended next step is? perhaps in the meantime you could outline how to configure my setup for your simler, /etc/hosts approach? tia, jackc... On Wed, Apr 21, 2021 at 11:21 AM Jack Craig wrote: > >

Re: on to letsencrypt

-- A start job for unit named.service has begun execution. -- -- The job identifier is 28649. Apr 21 11:36:07 ws.linuxlighthouse.com bash[1451129]: zone localhost.localdomain/IN: has 0 SOA records Apr 21 11:36:07 ws.linuxlighthouse.com bash[1451129]: zone localhost.localdomain/IN: has no NS

Re: on to letsencrypt

ed, i found the caching file test, results shortly,... On Wed, Apr 21, 2021 at 11:21 AM Jack Craig wrote: > > > On Wed, Apr 21, 2021 at 12:48 AM Tim via users < > users@lists.fedoraproject.org> wrote: > >> Tim: >> >> Does your computer actually recognise one of its WAN ports as being >> >> that

Re: on to letsencrypt

On Wed, Apr 21, 2021 at 12:48 AM Tim via users < users@lists.fedoraproject.org> wrote: > Tim: > >> Does your computer actually recognise one of its WAN ports as being > >> that IP?(108.220.213.121) > > Jack Craig: > > Apparently not > > > > I can do a telnet connect to IP for port 53 from

Re: suspend doesn't lock

On 4/21/21 2:31 AM, FUNG Chi Chuen Sampson wrote: On most keyboards, near the left ALT key, there is a key with a "Windows" logo on it. It is called "Meta" or "Super" key in Linux. Super+L means press "Super" key and the "L" key at the same time.

Re: on to letsencrypt

ed, would you resend that caching cfg file; i cant find that email any where!! :( sorry,... On Wed, Apr 21, 2021 at 12:48 AM Tim via users < users@lists.fedoraproject.org> wrote: > Tim: > >> Does your computer actually recognise one of its WAN ports as being > >> that IP?(108.220.213.121)

Re: suspend doesn't lock

On Wed, 21 Apr 2021 09:16:22 -0700 Samuel Sieb wrote: > On 4/20/21 7:30 AM, Frank Elsner wrote: > > On Tue, 20 Apr 2021 01:56:29 -0700 Samuel Sieb wrote: > >> On 4/20/21 1:32 AM, Frank Elsner via users wrote: > >>> running an full updated Fedora 33 I have the following problem: > >>> > >>> For a

[389-users] minssf and TLS cipher ordering

Hi All, OS Version: CentOS 8 389-DS Version: 1.4.3.22 from EPEL I have a server set up with minssf=256 and have been surprised that either 389-DS, or openssl, does not appear to be doing what I would consider a logical TLS negotiation. I had thought that the system would start with the

Re: suspend doesn't lock

On 4/20/21 7:30 AM, Frank Elsner wrote: On Tue, 20 Apr 2021 01:56:29 -0700 Samuel Sieb wrote: On 4/20/21 1:32 AM, Frank Elsner via users wrote: running an full updated Fedora 33 I have the following problem: For a few days I have been observing that the screen isn't locked when the system

Re: suspend doesn't lock

On Wed, 21 Apr 2021 17:05:11 +0800 Qiyu Yan wrote: > 在 2021-04-21星期三的 10:18 +0200，Frank Elsner写道： > > On Tue, 20 Apr 2021 23:55:35 +0800 Qiyu Yan wrote: > > > 在 2021-04-20星期二的 10:32 +0200，Frank Elsner via users写道： > > > > Hi, > > > > > > > > running an full updated Fedora 33 I have the following

Re: suspend doesn't lock

在 2021-04-21星期三的 10:18 +0200，Frank Elsner写道： > On Tue, 20 Apr 2021 23:55:35 +0800 Qiyu Yan wrote: > > 在 2021-04-20星期二的 10:32 +0200，Frank Elsner via users写道： > > > Hi, > > > > > > running an full updated Fedora 33 I have the following problem: > > > > > > For a few days I have been observing that

Re: suspend doesn't lock

On Tue, 20 Apr 2021 23:55:35 +0800 Qiyu Yan wrote: > 在 2021-04-20星期二的 10:32 +0200，Frank Elsner via users写道： > > Hi, > > > > running an full updated Fedora 33 I have the following problem: > > > > For a few days I have been observing that the screen isn't locked > > when the system comes up after

Re: on to letsencrypt

Tim: >> Does your computer actually recognise one of its WAN ports as being >> that IP?(108.220.213.121) Jack Craig: > Apparently not > > I can do a telnet connect to IP for port 53 from 10.0.0.1 & localhost > > 10.0.0.101 and the external IP do not connect > > As my external IP is being

Re: suspend doesn't lock

On most keyboards, near the left ALT key, there is a key with a "Windows" logo on it. It is called "Meta" or "Super" key in Linux. Super+L means press "Super" key and the "L" key at the same time. ___ users mailing list --