How to , and other stuff about linux, photo, php … A linux, photography blog. To remember some linux situation, and fix them quickly.

September 18, 2012

Generating a Certificate Signing Request (CSR) 2048 bits

Filed under: Linux — Tags: , , , , — admin @ 3:20 pm

How to create your 2048 bit CSR via SSH
Well first of all this is require by new hosting company .

To generate this you have to run

openssl req -new -newkey rsa:2048 -nodes -keyout yourdomain.key -out yourdomain.csr
You must replace yourdomain with domain that you want to use. Example if is for matrafox.info
openssl req -new -newkey rsa:2048 -nodes -keyout matrafox.key -out matrafox.csr

You will be asked next question:

2. You will be prompted to enter some information for your CSR:

Country Name (2 letter code) [GB]:
State or Province Name (full name) [Berkshire]:
Locality Name (eg, city) [Newbury]:
Organization Name (eg, company) [My Company Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server’s hostname) []:
Email Address []:

Please enter the following ‘extra’ attributes to be sent with your certificate request

A challenge password []:
An optional company name []:

The ‘CN’ field (Common Name) is where you should enter the fully qualified domain name of the website you require the certificate for.
Note: for wildcard certificates, the Common Name should be in the format: *.mydomain.com

Try to not insert a password even if is less secure. However this will not require the password every time when you restart apache server .

How to convert csr to crt

Just run :
openssl x509 -req -in matrafox.csr -signkey matrafox.key -out matrafox.crt

Just replace matrafox.* with your file name

September 11, 2012

putty slow to connect – SSH

Filed under: Linux — Tags: , , , , , — admin @ 10:56 am

Hello
Today , I was trying to connect to one of my server and observe that after I introduce user/password I don’t enter immediately on log on. It take some time to reach at command promt.

Well first of all I think this may happen when you have load on a server, however my server was fine, so what other reason should can be ?
Well I try to make a nslookup on my ip and this was resolved. So I have a reverse ptr.
Well I updated the resolv.conf with google nameserver and the problem disappear .

So basically just add at the beginning of /etc/resolv.conf the line bellowl:

nameserver 8.8.8.8

Part 2:
Waiting for SSH login prompt
It seems that the problem still persist. So , i try from a linux server
ssh -vvv ip_of_server
and did notice this
debug1: Unspecified GSS failure. Minor code may provide more information
No credentials cache found
debug1: Unspecified GSS failure. Minor code may provide more information
No credentials cache found
debug1: Unspecified GSS failure. Minor code may provide more information
debug2: we did not send a packet, disable method

Ok, now I check the /etc/ssh/sshd_config and see that
GSSAPIAuthentication yes
SSAPICleanupCredentials yes

are both on yes. I disable them and now everything is ok.

Part 3
You may use also into /etc/ssh/sshd_config
UseDNS no

September 4, 2012

Replacing a defective drive from a raid 1

Filed under: Linux — Tags: , , , , , , , , — admin @ 10:51 am

Well yesterday I receive daily e-mail and saw that my raid is failing .

cat /proc/mdstat
Personalities : [raid1] [raid0] [raid6] [raid5] [raid4] [raid10]
md0 : active raid1 sdb1[1] sda1[0]
2102464 blocks [2/2] [UU]

md1 : active raid1 sdb2[1] sda2[0]
264960 blocks [2/2] [UU]

md2 : active raid1 sdb3[2](F) sda3[0]
1462766336 blocks [2/1] [U_]

So that mean that sdb3 is marked as failed drive and U_ mean that raid is degraded.
Well from this point I remove the sdb1 and sdb2 from raid but before I mark them as failed

mdadm --manage /dev/md1 --fail /dev/sdb2
mdadm --manage /dev/md0 --fail /dev/sdb1

mdadm /dev/md0 -r /dev/sdb1
mdadm /dev/md1 -r /dev/sdb2
mdadm /dev/md2 -r /dev/sdb3

After replacement of hard drive I have to recreate the same partition on new sdb and add it to raid.

sfdisk -d /dev/sda | sfdisk /dev/sdb
mdadm /dev/md0 -a /dev/sdb1
mdadm /dev/md1 -a /dev/sdb2
mdadm /dev/md2 -a /dev/sdb3

Now watch how your raid is recovering
watch cat /proc/mdstat
Every 2.0s: cat /proc/mdstat Tue Sep 4 09:52:52 2012

Personalities : [raid1] [raid0] [raid6] [raid5] [raid4] [raid10]
md0 : active raid1 sdb1[1] sda1[0]
2102464 blocks [2/2] [UU]

md1 : active raid1 sdb2[1] sda2[0]
264960 blocks [2/2] [UU]

md2 : active raid1 sdb3[2] sda3[0]
1462766336 blocks [2/1] [U_]
[===>.................] recovery = 16.0% (234480192/1462766336) finish=412.8min speed=49580K/sec

unused devices:

However the speed my by low so how to increase that speed ?

cat /proc/sys/dev/raid/speed_limit_max
200000
cat /proc/sys/dev/raid/speed_limit_min
1000

Now I increase the min limit to 50000
echo 50000 >/proc/sys/dev/raid/speed_limit_min

Now if you watch cat /proc/mdstat again you will see that your speed is improved and your time get low.

Powered by WordPress