ssh: connect to host … port 22: Connection refused – UPDATE

As someone pointed out here another possibilty for these kind off error messages is that, if you’ve just changed the SSH port from 22 to something else for security, then there’s a good chance your firewall may be blocking the connection.

Redhat5/CentOS5 cetainly has a firewall enabled as default. Try ‘iptables –list’ to see if you’ve got iptables running

vps monitoring

If you have your website, e-mail system, etc. running on your own VPS or dedicated server it’s good to know when that server is unavailable so you can contact your server provider asap.

The best way to do this is use an external monitoring company. I’ve been using Hyperspin for a couple of months now and it’s been working great.

You can pick what services/ports on your server to monitor (SMTP, HTTP, HTTPS, etc.) and you can chose how to be alerted when they are not available. Obviously you need to make sure that you’re alerted via an out of band method (in other words don’t rely on an e-mail to an e-mail account on your VPS to know that your VPS is down!)

The Hyperspin website isn’t very pretty but overall their system is reliable and easy to use.

ssh: connect to host … port 22: Connection refused

I run a backup script to backup my VPS’s every night using rsync. On one of my VPS’s I was seeing the error  “ssh: connect to host … port 22: Connection refused” at seeming random points.

It took me a while to track down the fact that lylix.com (the provider of my VPS) block multiple inbound and outbound ssh connections to a server made over a short period of time.

Whilst this is probably useful for some people, and will offer their VPS some protection from brute force login attempts, it broke my script!  🙂

Continue reading

Where’s all my disk space gone! – linux

Even with today massive disk drives it’s so easy to run out of disk space. This can be a real pain if you happen to run out of space on your root volume.

So, you fancy doing some spring cleaning and want to track down where all of your space has gone.

Here’s a quick run through using nothing more than the command prompt –

To show all of your filesystems with the -m showing used/free space in megabytes

$ df -m
Filesystem   1M-blocks      Used     Available   Use%    Mounted on
simfs        10000          718      9283        8%      /

So I’m using 718 MB of my disk space but where?

For the next bit we’re going to need to be root (or root equivalent)

$ sudo -s
cd /
du -ahm --max-depth 1 --exclude /proc | sort -n

That will list the size in MB of all of the folders in root (/) with the largest last.

5    ./bin
6    ./etc
6    ./root
7    ./sbin
12    ./lib
18    ./home
154    ./var
513    ./usr

So my /usr folder is using 513MB. Now I can drill down into the folders running the same command again.

cd /usr
du -ahm --max-depth 1 --exclude /proc | sort -n

and so on.

Obviously you only want to be deleting files when you’re absolutely positive what they are used for and what impact deleting them will have on your system!

There are a whole bunch of utilities for both Windows and linux to make this process easier and prettier! Here’s a couple –

Linux – http://treesize.sourceforge.net/
Windows – http://sourceforge.net/projects/windirstat/

ERROR: Could not open file (/a/etc/vfstab)

I was trying to install Solaris U5 on one of our Sun boxes using jumpstart today and came across the error –

ERROR: Could not open file (/a/etc/vfstab)

We were previously using Solaris U4 and I had copied the U5 media to our jumpstart server. What I had forgotten to do was to copy the x86.miniroot file from the installation media to where it was being loaded from.

This resulted in the U5 installation trying to use the U4 ramdisk image. Doh!

So, if you see the same error, it’s something to check.

Configuring lighttpd for use with Asterisk & FreePBX

I recently had a client that wanted to install Asterisk and FreePBX on a machine that was already running Apache so I though I’d have a go at getting it working with lighttpd instead.

It is pretty easy to setup and worked well. The instructions below are for CentOS 5.1.

Here’s how to set it up. You will probably need to alter this for your environment but it’ll be a good starting point.

Prerequisites

You need to have already installed Asterisk and FreePBX. When installing FreePBX you should choose a unique location for the install rather than the Apache default – /var/www/html. I chose /var/www/freepbx.

Installing lighttpd

I chose to install lighttpd from rpmforge but you could just as easy compile it from source.

See here for details on setting up rpmforge – http://dag.wieers.com/rpm/FAQ.php#B

rpm -Uhv http://apt.sw.be/redhat/el5/en/i386/rpmforge/RPMS/rpmforge-release-0.3.6-1.el5.rf.i386.rpm
yum install lighttpd lighttpd-fastcgi

Lighttpd configuration file changes

Change or add the following lines from the default lighttpd configuration file

vi /etc/lighttpd/lighttpd.conf

server.document-root       = "/var/www/freepbx"
server.port                = 81
server.username            = "asterisk"
server.groupname           = "asterisk"
server.pid-file            = "/var/run/lighttpd/lighttpd.pid"
server.modules = (  "mod_fastcgi", "mod_auth" )
fastcgi.server             = ( ".php" =>
( "localhost" =>
(
"socket" => "/var/run/lighttpd/php-fastcgi.socket",
"bin-path" => "/usr/bin/php-cgi"
)
)
)
ssl.engine                 = "enable"
ssl.pemfile                = "/etc/lighttpd/lighttpd.pem"
auth.backend = "htdigest"
auth.backend.htdigest.userfile = "/etc/lighttpd/.passwd"
auth.debug = 2
auth.require = ( "/" =>
(
"method" => "digest",
"realm" => "Authorized users only",
"require" => "valid-user"
)
)

Generate the SSL certificate

cd /etc/lighttpd/
openssl req -new -x509 -keyout lighttpd.pem -out lighttpd.pem -days 365 -nodes
chown asterisk:asterisk lighttpd.pem
chmod 600 lighttpd.pem

Create the password file

htdigest -c /etc/lighttpd/.passwd 'Authorized users only' bob

Set some access rights

chown -R asterisk:asterisk /var/log/lighttpd/
mkdir /var/run/lighttpd
chown -R asterisk:asterisk /var/run/lighttpd/

Start Lighttpd

chkconfig lighttpd on
service lighttpd start

And that’s it. You should now be able to connect to FreePBX on port 81 using HTTPS.

You should be asked for a username/password which, if you followed the instructions above, will be ‘bob’ and whatever password you chose.

10 steps to a Xen domU

Here’s a quick and easy way to get a CentOS Xen dom0 and domU up and running

1 – Boot using the CentOS CD

2 – When prompted for the package bundle selection just choose “Virtulization”

3 – Log into your new CentOS install as root

4 – Install the ftp server vsftpd. We’ll use this to install CentOS on our domU

yum install vsftpd
service vsftpd start

5 – Mount our CentOS CD so we can access it via FTP

mount /dev/cdrom /var/ftp

Continue reading

Where are my packets going?

If you’ve ever had a slow, unable connection to a server it could be that you’re suffering from some packet loss between you and the server.

This might not be noticeable for web browsing or e-mail but if you’re doing any sort or VOIP or gaming it can be critical to know the quality of the connection between 2 points.

A simple tool for this is mtr. This is normally included in modern Linux ditros – if you’re a RedHat/CentOS/Fedora person just run –

yum install mtr

Now you can fire it up by running –

/usr/sbin/mtr www.digg.com

Continue reading

bash: /bin/rm: Argument list too long

Yesterday I was trying to delete rather a lot of files from a server that had been used as a spam relay.

There were a total of 2.2 million files in the /var/spool/mqueue folder (and another 2 million in the /var/spool/clientmqueue folder!).

If you try to delete this many files from a folder using …

rm -f *

… you get get the following error

Continue reading