Back to Home / #linode / 2019 / 01 / Prev Day | Next Day
#linode IRC Logs for 2019-01-20

---Logopened Sun Jan 20 00:00:28 2019
00:00-!-petris [] has quit []
00:00-!-petris [] has joined #linode
00:00-!-petris is "Ryan Petris" on #Qubes_OS #ext4 #ceph #linode #moocows #friendica #freedombox
03:38-!-xanthe [] has joined #linode
03:38-!-xanthe is "OFTC WebIRC Client" on #linode
03:39-!-xanthe [] has quit []
04:58-!-marshmn [~matt@] has joined #linode
04:58-!-marshmn is "Matt Marsh" on #linode
05:09-!-soco [~oftc-webi@] has joined #linode
05:09-!-soco is "OFTC WebIRC Client" on #linode
05:10<soco>Hey guys, i'm trying to create a CSR to upload Thawte but struggling to do so. My background's not very technical, our dev just walked out on us, so any help would be very much appreciated
05:26<Peng_>...You could use Let's Encrypt
06:13-!-soco [~oftc-webi@] has quit [Remote host closed the connection]
06:23-!-marshmn [~matt@] has quit [Ping timeout: 480 seconds]
06:32-!-culangan_1974 [~oftc-webi@] has joined #linode
06:32-!-culangan_1974 is "OFTC WebIRC Client" on #linode
06:34-!-culangan_1974 [~oftc-webi@] has quit [Remote host closed the connection]
07:31-!-marshmn [~matt@] has joined #linode
07:31-!-marshmn is "Matt Marsh" on #linode
07:40-!-thiras [~thiras@] has joined #linode
07:40-!-thiras is "Ant" on #debian #linode #tami
07:43-!-chesty [] has quit [Remote host closed the connection]
07:43-!-chesty [] has joined #linode
07:43-!-chesty is "chesty" on #moocows #linode
08:35-!-shentino_ [~shentino@] has joined #linode
08:35-!-shentino_ is "realname" on #linode
08:40-!-shentino [] has quit [Ping timeout: 480 seconds]
08:45-!-shentino_ [~shentino@] has quit [Remote host closed the connection]
08:49-!-shentino [~shentino@] has joined #linode
08:49-!-shentino is "realname" on #linode #tux3
09:13-!-dfkscs [] has joined #linode
09:13-!-dfkscs is "Sam Spade" on #linode
10:04-!-Geezus42 [] has quit [Remote host closed the connection]
10:04-!-Geezus42 [] has joined #linode
10:04-!-Geezus42 is "Geezus" on #linode
10:11-!-poky [~oftc-webi@] has joined #linode
10:11-!-poky is "OFTC WebIRC Client" on #linode
10:11<poky>Hi guys! Need quick help on SSH connection.
10:11<poky>When I connect to linode via SSH, after authentication the connection gets closes
10:11<poky>What could be the issue?
10:12<poky>I can only connect via Lish
10:12-!-Geezus42 [] has quit [Ping timeout: 480 seconds]
10:19-!-redentor [] has joined #linode
10:19-!-redentor is "realname" on #debian-mx #debian-es #debian #linode
10:26-!-Geezus42 [] has joined #linode
10:26-!-Geezus42 is "Geezus" on #linode
10:27-!-poky [~oftc-webi@] has quit [Quit: Page closed]
10:35-!-rao [~oftc-webi@] has joined #linode
10:35-!-rao is "OFTC WebIRC Client" on #linode
10:35<rao>hi i need some help
10:35<rao>are you here?
10:38<Abi12>ask your question
10:40<rao>do you accept paypal for payment method?
10:57-!-rao [~oftc-webi@] has quit [Quit: Page closed]
11:15-!-james [~oftc-webi@] has joined #linode
11:15-!-james is "OFTC WebIRC Client" on #linode
11:16-!-james is now known as Guest1205
11:17-!-Guest1205 [~oftc-webi@] has quit [Remote host closed the connection]
11:45<linbot>New news from community: Can I use Cloudflare for my Linode which runs a website and mailserver? <>
11:54-!-Geezus42 [] has quit [Remote host closed the connection]
11:54-!-Geezus42 [~Geezus42@2605:6000:1524:424b:1c8c:aef:c228:948e] has joined #linode
11:54-!-Geezus42 is "Geezus" on #linode
12:12-!-Geezus42 [~Geezus42@2605:6000:1524:424b:1c8c:aef:c228:948e] has quit [Ping timeout: 480 seconds]
12:14-!-Geezus42 [] has joined #linode
12:14-!-Geezus42 is "Geezus" on #linode
12:57-!-marshmn [~matt@] has quit [Ping timeout: 480 seconds]
13:18-!-fstd [] has quit [Ping timeout: 480 seconds]
13:43-!-kaare_ [] has quit [Quit: Konversation terminated!]
13:44-!-marshmn [~matt@] has joined #linode
13:44-!-marshmn is "Matt Marsh" on #linode
14:05-!-fstd [] has joined #linode
14:05-!-fstd is "fstd" on #linuxfs #oftc #linode #kernelnewbies
14:12-!-Carlos_Diaz [~oftc-webi@2a01:c50e:1410:5600:519a:31c1:6210:7e9c] has joined #linode
14:12-!-Carlos_Diaz is "OFTC WebIRC Client" on #linode
14:12-!-Carlos_Diaz [~oftc-webi@2a01:c50e:1410:5600:519a:31c1:6210:7e9c] has left #linode []
14:15<Steve^>Why are all the questions asked by Linode?
14:33-!-bumbleVole [~bumbleVol@2604:2000:c543:d600:d5e7:7db7:3260:68c9] has joined #linode
14:33-!-bumbleVole is "bumbleVole" on #linode
14:34<bumbleVole>can i control access to a DNS?
14:37<millisa>What do you mean?
14:38<millisa>(there are some grants in the user/permissions sections for allowing access to the dns manager if that is what you are asking)
15:34<Abi12>Steve^: he's a curious guy
15:43<dwfreed>Steve^: questions asked by Linode come from commonly asked support tickets
16:22-!-thiras [~thiras@] has quit [Ping timeout: 480 seconds]
16:23-!-thiras [~thiras@] has joined #linode
16:23-!-thiras is "Ant" on #debian #linode #tami
16:39<bumbleVole>millisa: i want to start a DNS service, which blocks ads.
16:40<bumbleVole>ill share the DNS service with my friends, they can update the settings on their devices
16:41<bumbleVole>but i dont want a friend who is extra generous to share the DNS server address with somebody else, and that new person be able to use my DNS service
16:42<bumbleVole>but friend's won't have a static IP, so i can't filter that way
16:42<bumbleVole>i'd prefer not to setup the DNS inside a VPN
16:42<dwfreed>on the resolver side, you don't have any cross-platform options unless you restrict it to a VPN
16:42<bumbleVole>so is there some way to control access to the DNS?
16:43<bumbleVole>dwfreed: what is dnscrypt for?
16:44<dwfreed>dnscrypt is a way of ensuring that the communication between the client and the resolver isn't tampered with
16:45<dwfreed>it doesn't provide any way to verify that the client is who it says it is
16:45<bumbleVole>so unless i put the DNS inside a VPN service, there is no way to control who can use it or not?
16:45<dwfreed>not in a cross-platform way, at least
16:46<dwfreed>if you want people to be able to access this from their phones wherever they are, for example, the only option is a VPN
16:46<bumbleVole>if i setup a VPN just for authenticating users for the DNS service, what is the minimum data i'd have to collect?
16:47<bumbleVole>i want to collect as little info as possible.
16:48<dwfreed>depends on the VPN you use, but if you use OpenVPN, you'd only need to generate RSA certificates for them; if you use wireguard, you just need their pubkey
16:49<dwfreed>openvpn would require less work on their end, which is helpful if they're not very technically savvy
17:14-!-marshmn [~matt@] has quit [Ping timeout: 480 seconds]
17:21-!-liamread [] has joined #linode
17:21-!-liamread is "OFTC WebIRC Client" on #linode
17:22<liamread>Hey could someone help me figure out why I can't connect to my caddy web server I just made following the linode guide
17:50<retro|blah>liamread: General advice: 1. Is it listening? (ss -anptl) 2. Check firewall rules.
17:51<liamread>How would I check if it's listening Blah?
17:52<retro|blah>I love when people ask questions that have already been answered
17:52<liamread>Yeah i realised I was being dumb
17:53-!-thiras [~thiras@] has quit [Ping timeout: 480 seconds]
17:54<liamread>I think maybe the linode guide might be outdated for caddy now
17:55<liamread>It's kind of weird but like 2 years ago I swear the firewall was off by default, yet I seem to have iptables by default
18:01<liamread>Do rules for port 80 / 443 come set by defauly as being open?
18:06-!-thiras [~thiras@] has joined #linode
18:06-!-thiras is "Ant" on #debian #linode #tami
18:08<liamread>well this is very fustrating I can't get this linode to allow traffic on port 2015 at all
18:23<liamread>Okay I fixed the firewall rules and I can see caddy running on port 80/443 with the correct domain name, but I still can't access index.html
18:31<liamread>well this is thoroughly depressing
18:40-!-thiras [~thiras@] has quit [Ping timeout: 480 seconds]
18:41-!-thiras [~thiras@] has joined #linode
18:41-!-thiras is "Ant" on #debian #linode #tami
18:44<Woet>liamread: things like "I still can't access" is not useful
18:44<Woet>tell us the error messages, the logs, the ways you're debugging it, etc
18:45<liamread>Well I've figured out it's the iptables inital configuration
18:45<liamread>Though I just flushed everything out of frustration
18:45<liamread>Though I can see my caddy website now, I'm kind of worried about my server being hacked
19:01-!-thiras [~thiras@] has quit [Ping timeout: 480 seconds]
19:14-!-thiras [~thiras@] has joined #linode
19:14-!-thiras is "Ant" on #debian #linode #tami
19:16-!-Shailen [~oftc-webi@] has joined #linode
19:16-!-Shailen is "OFTC WebIRC Client" on #linode
19:16<Shailen>hi guys. I need your help with the SSL
19:16<Shailen>SSL received a record that exceeded the maximum permissible length. Error code: SSL_ERROR_RX_RECORD_TOO_LONG
19:17<Shailen>I can't figure out the issues
19:21<Peng_>That usually means it's HTTP, not HTTPS
19:22<Peng_>The server is HTTP and the client thinks it should be HTTPS
19:22<Shailen>hi Peng_
19:22<Shailen>how may i solve this please?
19:22<Shailen>SSL module is ON
19:23<Shailen>Listening on both 80 http and 443 https
19:24<Shailen>both Key & CRT file match
19:24<nate>you should not have SSL on for port 80, port 80 is not https
19:25<Shailen>no .. only HTTPS is listening on 443
19:25<Shailen>http > Listen 80
19:30<Shailen>i' ve been struggling with this since last night guys ... I have done the same thing on another linode and its working perfertly
19:31<nate>did you make sure the sslengine on line was under the 443 listens?
19:31<nate>That would be my only other guess, either you have https:// attempted over http:// or http:// is being sent over the https://, -normally- that error is the latter as peng said
19:32<Shailen>Listen 80 Listen 443 https Listen https <IfModule ssl_module> Listen 443 </IfModule> <IfModule mod_gnutls.c> Listen 443 </IfModule> <IfModule mod_ssl.c> Listen 443 </IfModule> # vim: syntax=apache ts=4 sw=4 sts=4 sr noet
19:32<linbot>Please paste longer snippets over at and not in the channel
19:35<Shailen>SSLEngine is ON
19:36<Shailen>This is my SSL VirtualHost
19:38<Shailen>Any clue guys
19:38<millisa>doesn't look like it's doing ssl.
19:40<Shailen>i'm really lost
19:41<Shailen>No error on Apache2
19:42<Shailen>SSL Engine on, SSL module running, CRT do match Key, paths to CRT, PEM, KEY are correct
19:42<Shailen>Apache2 restart, force reload ...
19:44<millisa>bpaste apachectl -S and spachectl -M
19:44<millisa>er, apachectl -S and apachectl -M
19:45<nate>Out of curiousity when you last edited these changes in, did you reload/restart apache? You need to any time config changes are made
19:45<nate>Past that also check your apache config settings, perhaps your apache oddly does not have SSL/TLS capacity (ie; didn't include openssl at compile, etc)
19:45<nate>er not config settings, check your apache log files
19:46<nate>Actually, no check your config settings also, make sure you actually have ciphers declared -somewhere-
19:46<nate>Your virtualhost block doesn't have any ciphers/dh/curve stuff defined in it, so if that's not defined globally in the config somewhere, I'm not sure if apache will fail to utilize a cipher properly (as millisa's results imply)
19:46<Shailen>Apache was reloaded / restarted at every time
19:50<millisa>The /etc/apache2/sites-enabled/ is going to be what applies if you use the IP to try to connect, what's in that.
19:52<Shailen>its was the dev server ... i can disable it
19:52<Shailen>no use
19:52<millisa>you also appear to have multiple configs with the same server names.
19:53<millisa>there's both a and a that both appear to want to serve for the same name (I could swear apachectl -t catches that...)
19:56<Shailen>I was testing since it was not working ...
19:56<millisa>still have the dev.heritage.. config in there.
19:56<millisa>there on line 4 of that last bpaste.
19:57<Shailen>let me remove it
19:57<millisa>(this probably is going to eventually end up back at what nate last said)
19:59<Shailen>It's workinggggggggggggggggggggg!!!
19:59<millisa>i see ssl stuff serving
19:59<millisa>time to go watch some tv.
19:59<Shailen>Millisa .......... thankkkkkkkkkkkkkkkk u
19:59<Shailen>thank u guys ...
20:00<Shailen>ok let me continue the other configs ... :)
20:00<Shailen>Cheers from sunny tropical Mauritius Island
20:00<Shailen>i'm too happy
20:02-!-bumbleVole [~bumbleVol@2604:2000:c543:d600:d5e7:7db7:3260:68c9] has quit [Remote host closed the connection]
20:03-!-bumbleVole [] has joined #linode
20:03-!-bumbleVole is "bumbleVole" on #linode
20:09-!-bumbleVole [] has quit [Remote host closed the connection]
20:10-!-bumbleVole [] has joined #linode
20:10-!-bumbleVole is "bumbleVole" on #linode
20:15-!-dianoga7 [] has joined #linode
20:15-!-dianoga7 is "dianoga7" on #linode
20:15-!-Dianoga [] has quit [Read error: Connection reset by peer]
20:15-!-Shailen [~oftc-webi@] has quit [Quit: Page closed]
20:25-!-bumbleVole [] has quit [Read error: Connection reset by peer]
20:26-!-bumbleVole [] has joined #linode
20:26-!-bumbleVole is "bumbleVole" on #linode
20:40-!-bumbleVole [] has quit [Remote host closed the connection]
20:42-!-bumbleVole [] has joined #linode
20:42-!-bumbleVole is "bumbleVole" on #linode
20:54-!-bumbleVole [] has quit [Read error: Connection reset by peer]
20:56-!-bumbleVole [] has joined #linode
20:56-!-bumbleVole is "bumbleVole" on #linode
21:13-!-liamread [] has quit [Quit: Page closed]
21:25-!-bumbleVole [] has quit [Read error: Connection reset by peer]
21:26-!-bumbleVole [] has joined #linode
21:26-!-bumbleVole is "bumbleVole" on #linode
21:55-!-bumbleVole [] has quit [Read error: Connection reset by peer]
21:56-!-bumbleVole [] has joined #linode
21:56-!-bumbleVole is "bumbleVole" on #linode
21:59-!-dsdamsd [] has joined #linode
21:59-!-dsdamsd is "OFTC WebIRC Client" on #linode
22:00<dsdamsd>I started restoring from a backup to a new linode and soon deleted the old one, did I just fuck up and delete my backups so the creation of new linode will fail?
22:06<dwfreed>no, it takes a bit for the source linode's backups to be deleted, in case the Linode was accidentally deleted
22:07<dsdamsd>it's been at 0 files restored for 20 minutes so it doesn't look very good
22:07<dwfreed>it can take a bit to start up
22:08<dwfreed>especially if you have a lot of files
22:08<dsdamsd>76k files
22:08<dsdamsd>well I hope they aren't gone or I'm in huge trouble
22:08<dwfreed>okay, it shouldn't take *that* long
22:09<dwfreed>they most likely aren't gone, but they may have been moved in such a way that the restore process can't find them anymore, and it requires staff to do some work to bring them back
22:10<dsdamsd>do you know for how long they are kept?
22:10<dwfreed>at least a day, most likely a week
22:11-!-bumbleVole [] has quit [Read error: Connection reset by peer]
22:11<dsdamsd>okay, I'll open a ticket and hope for the best. thanks
22:11-!-bumbleVole [] has joined #linode
22:11-!-bumbleVole is "bumbleVole" on #linode
22:14<dsdamsd>now it jumped to 1000 files moved so maybe it works
22:32-!-Geezus42 [] has quit [Ping timeout: 480 seconds]
22:52-!-bumbleVole [] has quit [Quit: My MacBook has gone to sleep. ZZZzzz…]
23:13-!-Ikaros [] has quit [Remote host closed the connection]
---Logclosed Mon Jan 21 00:00:30 2019