ssh fatal: buffer_get: trying to get more bytes than in buffer

The issue

You are using ssh to login to a server with ssh key authentication and you get connection closed. On the server you are logging into the syslog shows as messages like

Oct 17 11:30:02 myserver sshd[27687]: [ID 800047 auth.crit] fatal: buffer_get: trying to get more bytes than in buffer

The fix

Check your authorized_keys file on the remote server. Use ssh-keygen -l -f  ~/.ssh/authorized_keys

ssh-keygen -l -f ~/.ssh/authorized_keys
buffer_get: trying to get more bytes than in buffer

The above shows there is at least one  key in your file that is the wrong format – usually because it is  split over several lines rather than being just one long line. (note it could be any key in the file – not the one you are using from your server ) Once you fix the key then confirm with ssh-keygen that all is well – it should return a md5 checksum.
ssh-keygen -l -f authorized_keys
md5 1024 5d:35:7e:ad:3d:e6:70:6d:6f:1d:76:1a:46:ee:c1:c9 authorized_keys

Now retry your ssh access

E437: terminal capability “cm” required in Redhat or Centos 6

If you try to use vi or another curses based application in Redhat or Centos 6 and you get the error :-

E437: terminal capability “cm” required
Press ENTER or type command to continue
And your TERM type is something other than a vt100 like a dtterm then you need to install additional terminfo

The fix

yum install ncurses-term

Now ls /usr/share/terminfo/d   shows lots of entries rather than dumb

 

Updating Centos 5 to php 5.3

Updating centos 5 to php 5.3

The version of php shipped with Centos 5 is 5.1.6 , lots of programs now need php 5.2 or 5.3 to install. The latest version of WordPress for example will not install or update on servers running 5.1.6.

When Centos 5.6 came out it had the opportunity to install PHP 5.3 from Centos – the problem is not all the PHP rpms available at 5.1.6 are there in the Centos repository at 5.3 e.g. php-pear php-mcrypt

One way around this is use a different repository , a good one for PHP is IUS . IUS has some nice features such as an add on to yum to make replacing the Centos PHP very easy – also it names it’s RPMs differently to Centos so you don’t have to worry about it overwriting Centos RPMs when you do a yum update. You may need to upgrade tour PHP applications to work with PHP 5.3 so check them out before you upgrade.

The following upgrade procedure is taken mostly from here

wget http://dl.iuscommunity.org/pub/ius/stable/Redhat/5/x86_64/ius-release-1.0-8.ius.el5.noarch.rpm

wget http://dl.iuscommunity.org/pub/ius/stable/Redhat/5/x86_64/epel-release-5-4.noarch.rpm

rpm -Uvh ius-release*.rpm epel-release*.rpm

Check you can now see the  PHP 5.3 rpms from IUS

yum list | grep -w \.ius\.

Install the IUS add-on to yum :-

yum install yum-plugin-replace

Stop Apache

service httpd stop

List what php rpms you have installed

-bash-3.2# rpm -qa | grep php
php-pdo-5.1.6-27.el5_5.3
php-pgsql-5.1.6-27.el5_5.3
php-odbc-5.1.6-27.el5_5.3
php-bcmath-5.1.6-27.el5_5.3
php-pear-1.4.9-6.el5
php-5.1.6-27.el5_5.3
php-devel-5.1.6-27.el5_5.3
php-gd-5.1.6-27.el5_5.3
php-cli-5.1.6-27.el5_5.3
php-mbstring-5.1.6-27.el5_5.3
php-common-5.1.6-27.el5_5.3
php-ldap-5.1.6-27.el5_5.3
php-mysql-5.1.6-27.el5_5.3
-bash-3.2
Now replace those rpms with the ones from IUS using the IUS yum add-on

-bash-3.2# yum replace php –replace-with php53
Loaded plugins: fastestmirror, priorities, replace
Loading mirror speeds from cached hostfile
* addons: mirror.netrino.co.uk
* base: mirror.netrino.co.uk
* epel: mirror01.th.ifl.net
* extras: mirror.netrino.co.uk
* ius: mirror.rackspace.co.uk
* rpmforge: fr2.rpmfind.net
* updates: mirror.netrino.co.uk
1872 packages excluded due to repository priority protections
Replacing packages takes time, please be patient…

WARNING: Unable to resolve all providers: [‘config(php)’, ‘php’, ‘config(php-ldap)’, ‘php-ldap’, ‘config(php-mbstring)’, ‘php-mbstring’, ‘config(php-mysql)’, ‘php-mysql’, ‘config(php-pgsql)’, ‘php-pgsql’, ‘config(php-common)’, ‘dbase.so()(64bit)’, ‘php-dbase’, ‘php-mime_magic’, ‘php-pspell’, ‘php-common’, ‘config(php-pdo)’, ‘php-pdo’, ‘config(php-odbc)’, ‘php-odbc’, ‘config(php-gd)’, ‘php-gd’, ‘config(php-bcmath)’, ‘php-bcmath’]

This may be normal depending on the package.  Continue? [y/N]
Resolving Dependencies
Resolving Dependencies
–> Running transaction check
—> Package php.x86_64 0:5.1.6-27.el5_5.3 set to be erased
–> Processing Dependency: php >= 4.0.4 for package: squirrelmail
—> Package php-bcmath.x86_64 0:5.1.6-27.el5_5.3 set to be erased
—> Package php-cli.x86_64 0:5.1.6-27.el5_5.3 set to be erased
—> Package php-common.x86_64 0:5.1.6-27.el5_5.3 set to be erased
—> Package php-devel.x86_64 0:5.1.6-27.el5_5.3 set to be erased
—> Package php-gd.x86_64 0:5.1.6-27.el5_5.3 set to be erased
—> Package php-ldap.x86_64 0:5.1.6-27.el5_5.3 set to be erased
—> Package php-mbstring.x86_64 0:5.1.6-27.el5_5.3 set to be erased
—> Package php-mysql.x86_64 0:5.1.6-27.el5_5.3 set to be erased
—> Package php-odbc.x86_64 0:5.1.6-27.el5_5.3 set to be erased
—> Package php-pdo.x86_64 0:5.1.6-27.el5_5.3 set to be erased
—> Package php-pgsql.x86_64 0:5.1.6-27.el5_5.3 set to be erased
—> Package php53.x86_64 0:5.3.3-1.el5_6.1 set to be updated
—> Package php53-bcmath.x86_64 0:5.3.3-1.el5_6.1 set to be updated
—> Package php53-cli.x86_64 0:5.3.3-1.el5_6.1 set to be updated
—> Package php53-common.x86_64 0:5.3.3-1.el5_6.1 set to be updated
—> Package php53-devel.x86_64 0:5.3.3-1.el5_6.1 set to be updated
—> Package php53-gd.x86_64 0:5.3.3-1.el5_6.1 set to be updated
—> Package php53-ldap.x86_64 0:5.3.3-1.el5_6.1 set to be updated
—> Package php53-gd.x86_64 0:5.3.3-1.el5_6.1 set to be updated
—> Package php53-ldap.x86_64 0:5.3.3-1.el5_6.1 set to be updated
—> Package php53-mbstring.x86_64 0:5.3.3-1.el5_6.1 set to be updated
—> Package php53-mysql.x86_64 0:5.3.3-1.el5_6.1 set to be updated
—> Package php53-odbc.x86_64 0:5.3.3-1.el5_6.1 set to be updated
—> Package php53-pdo.x86_64 0:5.3.3-1.el5_6.1 set to be updated
—> Package php53-pgsql.x86_64 0:5.3.3-1.el5_6.1 set to be updated
—> Package php53-process.x86_64 0:5.3.3-1.el5_6.1 set to be updated
—> Package php53-xml.x86_64 0:5.3.3-1.el5_6.1 set to be updated
–> Running transaction check
—> Package squirrelmail.noarch 0:1.4.8-5.el5.centos.10 set to be erased
–> Finished Dependency Resolution
–> Running transaction check
—> Package squirrelmail.noarch 0:1.4.8-5.el5.centos.10 set to be erased
–> Processing Dependency: php >= 4.0.4 for package: squirrelmail
–> Processing Dependency: php-mbstring for package: squirrelmail
–> Running transaction check
—> Package squirrelmail.noarch 0:1.4.8-5.el5.centos.10 set to be erased
–> Finished Dependency Resolution

Dependencies Resolved
=================================================================================
Package             Arch        Version                    Repository      Size
=================================================================================
Installing:
php53               x86_64      5.3.3-1.el5_6.1            updates        1.3 M
php53-bcmath        x86_64      5.3.3-1.el5_6.1            updates         42 k
php53-cli           x86_64      5.3.3-1.el5_6.1            updates        2.4 M
php53-common        x86_64      5.3.3-1.el5_6.1            updates        605 k
php53-devel         x86_64      5.3.3-1.el5_6.1            updates        590 k
php53-gd            x86_64      5.3.3-1.el5_6.1            updates        109 k
php53-ldap          x86_64      5.3.3-1.el5_6.1            updates         37 k
php53-mbstring      x86_64      5.3.3-1.el5_6.1            updates        1.2 M
php53-mysql         x86_64      5.3.3-1.el5_6.1            updates         92 k
php53-odbc          x86_64      5.3.3-1.el5_6.1            updates         52 k
php53-pdo           x86_64      5.3.3-1.el5_6.1            updates         67 k
php53-pgsql         x86_64      5.3.3-1.el5_6.1            updates         74 k
php53-process       x86_64      5.3.3-1.el5_6.1            updates         38 k
php53-xml           x86_64      5.3.3-1.el5_6.1            updates        119 k
Removing:
php                 x86_64      5.1.6-27.el5_5.3           installed      6.2 M
php-bcmath          x86_64      5.1.6-27.el5_5.3           installed       33 k
php-cli             x86_64      5.1.6-27.el5_5.3           installed      5.3 M
php-common          x86_64      5.1.6-27.el5_5.3           installed      397 k
php-devel           x86_64      5.1.6-27.el5_5.3           installed      2.5 M
php-gd              x86_64      5.1.6-27.el5_5.3           installed      333 k
php-ldap            x86_64      5.1.6-27.el5_5.3           installed       49 k
php-mbstring        x86_64      5.1.6-27.el5_5.3           installed      1.8 M
php-mysql           x86_64      5.1.6-27.el5_5.3           installed      196 k
php-odbc            x86_64      5.1.6-27.el5_5.3           installed       88 k
php-pdo             x86_64      5.1.6-27.el5_5.3           installed      114 k
php-pgsql           x86_64      5.1.6-27.el5_5.3           installed      128 k
Removing for dependencies:
squirrelmail        noarch      1.4.8-5.el5.centos.10      installed       14 M

Transaction Summary
=================================================================================
Install      14 Package(s)
Upgrade       0 Package(s)
Remove       13 Package(s)
Reinstall     0 Package(s)
Downgrade     0 Package(s)

Total download size: 6.7 M
Is this ok [y/N]:
Downloading Packages:
(1/14): php53-ldap-5.3.3-1.el5_6.1.x86_64.rpm             |  37 kB     00:00
(2/14): php53-process-5.3.3-1.el5_6.1.x86_64.rpm          |  38 kB     00:00
(3/14): php53-bcmath-5.3.3-1.el5_6.1.x86_64.rpm           |  42 kB     00:00
(4/14): php53-odbc-5.3.3-1.el5_6.1.x86_64.rpm             |  52 kB     00:00
(5/14): php53-pdo-5.3.3-1.el5_6.1.x86_64.rpm              |  67 kB     00:00
(6/14): php53-pgsql-5.3.3-1.el5_6.1.x86_64.rpm            |  74 kB     00:00
(7/14): php53-mysql-5.3.3-1.el5_6.1.x86_64.rpm            |  92 kB     00:00
(8/14): php53-gd-5.3.3-1.el5_6.1.x86_64.rpm               | 109 kB     00:00
(9/14): php53-xml-5.3.3-1.el5_6.1.x86_64.rpm              | 119 kB     00:00
(10/14): php53-devel-5.3.3-1.el5_6.1.x86_64.rpm           | 590 kB     00:00
(11/14): php53-common-5.3.3-1.el5_6.1.x86_64.rpm          | 605 kB     00:00
(12/14): php53-mbstring-5.3.3-1.el5_6.1.x86_64.rpm        | 1.2 MB     00:00
(13/14): php53-5.3.3-1.el5_6.1.x86_64.rpm                 | 1.3 MB     00:00
(14/14): php53-cli-5.3.3-1.el5_6.1.x86_64.rpm             | 2.4 MB     00:00
——————————————————————————–

Total                                            3.2 MB/s | 6.7 MB     00:02
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Installing     : php53-common                                             1/27
warning: /etc/php.d/json.ini created as /etc/php.d/json.ini.rpmnew
Installing     : php53-pdo                                                2/27
Installing     : php53-cli                                                3/27
Installing     : php53                                                    4/27
Installing     : php53-mbstring                                           5/27

Installing     : php53-bcmath                                             6/27
Installing     : php53-pgsql                                              7/27
Installing     : php53-mysql                                              8/27
Installing     : php53-ldap                                               9/27
Installing     : php53-xml                                               10/27
Installing     : php53-process                                           11/27
Installing     : php53-gd                                                12/27
Installing     : php53-devel                                             13/27
Installing     : php53-odbc                                              14/27
Erasing        : php-ldap                                                15/27
Erasing        : php-pdo                                                 17/27
Erasing        : php-mysql                                               18/27
Erasing        : php-devel                                               19/27
Erasing        : php-odbc                                                20/27
Erasing        : php-gd                                                  21/27
Erasing        : php                                                     22/27
Erasing        : php-common                                              23/27
Erasing        : php-bcmath                                              24/27
Erasing        : php-cli                                                 25/27

Erasing        : squirrelmail                                            26/27
Erasing        : php-pgsql                                               27/27

Removed:
php.x86_64 0:5.1.6-27.el5_5.3         php-bcmath.x86_64 0:5.1.6-27.el5_5.3
php-cli.x86_64 0:5.1.6-27.el5_5.3     php-common.x86_64 0:5.1.6-27.el5_5.3
php-devel.x86_64 0:5.1.6-27.el5_5.3   php-gd.x86_64 0:5.1.6-27.el5_5.3
php-ldap.x86_64 0:5.1.6-27.el5_5.3    php-mbstring.x86_64 0:5.1.6-27.el5_5.3
php-mysql.x86_64 0:5.1.6-27.el5_5.3   php-odbc.x86_64 0:5.1.6-27.el5_5.3
php-pdo.x86_64 0:5.1.6-27.el5_5.3     php-pgsql.x86_64 0:5.1.6-27.el5_5.3

Dependency Removed:
squirrelmail.noarch 0:1.4.8-5.el5.centos.10

Installed:
php53.x86_64 0:5.3.3-1.el5_6.1         php53-bcmath.x86_64 0:5.3.3-1.el5_6.1
php53-cli.x86_64 0:5.3.3-1.el5_6.1     php53-common.x86_64 0:5.3.3-1.el5_6.1
php53-devel.x86_64 0:5.3.3-1.el5_6.1   php53-gd.x86_64 0:5.3.3-1.el5_6.1
php53-ldap.x86_64 0:5.3.3-1.el5_6.1    php53-mbstring.x86_64 0:5.3.3-1.el5_6.1
php53-mysql.x86_64 0:5.3.3-1.el5_6.1   php53-odbc.x86_64 0:5.3.3-1.el5_6.1
php53-pdo.x86_64 0:5.3.3-1.el5_6.1     php53-pgsql.x86_64 0:5.3.3-1.el5_6.1
php53-process.x86_64 0:5.3.3-1.el5_6.1 php53-xml.x86_64 0:5.3.3-1.el5_6.1

Complete!

Check all the php rpms you had installed at 5.1.6 are now there at 5.3

-bash-3.2# rpm -qa | grep php
php53-cli-5.3.3-1.el5_6.1
php53-process-5.3.3-1.el5_6.1
php53-mysql-5.3.3-1.el5_6.1
php-pear-1.4.9-6.el5
php53-mbstring-5.3.3-1.el5_6.1
php53-devel-5.3.3-1.el5_6.1
php53-pdo-5.3.3-1.el5_6.1
php53-bcmath-5.3.3-1.el5_6.1
php53-xml-5.3.3-1.el5_6.1
php53-odbc-5.3.3-1.el5_6.1
php53-pgsql-5.3.3-1.el5_6.1
php53-5.3.3-1.el5_6.1
php53-gd-5.3.3-1.el5_6.1
php53-common-5.3.3-1.el5_6.1
php53-ldap-5.3.3-1.el5_6.1
-bash-3.2#
-bash-3.2# php -v
PHP 5.3.3 (cli) (built: Mar 30 2011 13:51:54)
Copyright (c) 1997-2010 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies
-bash-3.2#

Set your timezone for PHP ( if you do not do this you may see errors like PHP Warning:  strtotime(): It is not safe to rely on the system’s timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. )

vi /etc/php.ini

date.timezone = ‘Europe/London’

Restart Apache

service httpd start

Check your applications now work

 

Checking when a SSL/TLS certificate for an email server expires

Check if the SSL/TLS certificate for SMTP email has expired on the local server

echo ‘”‘ | openssl s_client -connect localhost:25 -starttls smtp > /var/tmp/jik

depth=0 /C=GB/ST=Hampshire/L=Farnborough/O=Tuqix/CN=mail.tuqix.org
verify error:num=18:self signed certificate
verify return:1
depth=0 /C=GB/ST=Hampshire/L=Farnborough/O=Tuqix/CN=mail.tuqix.org
verify error:num=10:certificate has expired
notAfter=Feb  9 16:03:39 2010 GMT
verify return:1
depth=0 /C=GB/ST=Hampshire/L=Farnborough/O=Tuqix/CN=mail.tuqix.org
notAfter=Feb  9 16:03:39 2010 GMT
verify return:1
250 DSN
DONE
–  As you can see it has! After making a new one with genken –days 1825 mail.tuqix.org  and restarting dovecot ; service dovecot restart:-
-bash-3.2# echo ‘”‘ | openssl s_client -connect localhost:25 -starttls smtp > /var/tmp/jik
depth=0 /C=GB/ST=Hampshire/L=Farnborough/O=Tuqix/CN=mail.tuqix.org
verify error:num=18:self signed certificate
verify return:1
depth=0 /C=GB/ST=Hampshire/L=Farnborough/O=Tuqix/CN=mail.tuqix.org
verify return:1
250 DSN

To Do list / Task List manager ; Taskfreak


When ( not if ! ) you decide you need a To Do list / Task List then I suggest you head over to the Lifehacker web site. This is an excellent site for productivity ideas ( also some fun non productive ones ! ). It covers both computer based and non computer based ( e.g. paper notebooks etc. ) tools. If you decide on a paper based approach then head over to Cultpens to select you required pen or pencil from their very interesting collection.

If you decide that  a computer based To Do list / Task List manager  is the way to go then check out a comparison of software .

I wanted a tool that was web based , that could be installed on my own web server and is easy to add and “cross off” tasks.

I tried a few different ones and found Taskfreak to be just want I needed.  It features amongst other things :-

  • Display tasks by project
  • Display tasks by deadline
  • Display completed tasks
  • Add comments to tasks
  • Simple progress bar for tasks
  • Pop up calender when adding deadlines

See the screen shots below for an idea of how it looks

It was also by far the easiest software I tested to create a new task. It is also multi user with several levels of users ( don’t worry if you just want to use it for one person – it is fine to do so ). There is a single user version on the site but it does not have as many features so I suggest you install the multi user version even if it is going to be used by only one person.

The license is GPL and it requires PHP 4.3.1+ or PHP 5 plus MySql  . It also works with PHP 7 if you use the fork on Github :-

Although TaskFreak looks like it is no longer maintained I found a fork on Github that allows TaskFreak to work with PHP 7 so I suggest you use this.

If you are using PHP 5.3 or greater  you need to edit /etc/php.ini and set your timezone :-

date.timezone = ‘Europe/London’

Otherwise you will see messages complaining about the timezone in the Apache logs :-

PHP Warning:  strtotime(): It is not safe to rely on the system’s timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected ‘Europe/London’ for ‘BST/1.0/DST’ instead in /var/www/html/taskfreak/include/classes/pkg_project.php on line 28, referer: https://tuqix.org/taskfreak/index.php?PHPSESSID=59b7orgmpe4sj64a9b7rpjal40

Installing Taskfreak

This assumes you already have MySql and PHP setup. These instructions are for Centos but will be similar for various Linux distributions.

Create the database

mysql -u root -p
mysql> create database taskfreak;
mysql> grant all privileges on taskfreak.* to taskfreak@localhost identified by ‘Password’ ;

mysql>flush privileges;

I suggest restricting access to the Taskfreak directory for security in Apache. There is a good guide to do this here.

cd /var/www/html

Clone the Git repo

git clone git://github.com/wnoisephx/TaskFreak

rename the directory to taskfreak

chmod -R 755 taskfreak

cd taskfreak/include

vi config.php

Change the value of TZN_DB_USER to be taskfreak

Change the value of TZN_DB_PASS to the password you set above

Point your browser at the taskfreak/install/index.php  script and click on Check install

If everything is OK it will ask you if you want to create the missing tables – click on yes install missing tables for me.

If all is OK then click on Launch Taskfreak

Login as admin ( no password ) and you will be in the application.

You will see a warning about removing the install directory – this should be done so no one can overwrite you install.

cd to the directory you installed Taskfreak in and rm -r install

Set the Admin password and profile

Go to Manage – My Profile

Set your details including a password

Click on return to list

To create another user click on the taskfreaknu1new user icon :-

Fill in the details and click on Account is enabled – this will then let you setup the user as an Administaror , Manager, Intern or Guest.

From the README file explains the privileges :-General permissions:
– guests, interns and managers can view only tasks that belong to the
projects they are associated with
– interns, managers and administrator can create tasks (guests can not)
– interns, managers and administrator can see internal tasks (guests can not)
– managers and administrator can create projects
– managers and administrator can create users
– administrator can edit everything (tasks, projects, users)

Then we can give a specific position to a user when linking him to a project:
– extern: can only see tasks, can not do anything
– official: can add comments (later)
– member: can create tasks
– moderator: can add, edit, delete tasks and comments, manage users and change
project’s status
– leader: can do everything

Associating a task to a user is only for you to organize yourself.
Someone who has access to the system and is associated to a project can see
all (public) tasks of the project.

Using Taskfreak

Taskfreak is easy to use, one of the reason why I chose it was becuase it is so easy to add a task.

To add a new task – Task – New To Do

Fill in the form as desired. The Context selection is for using TaskFreak as part of Getting Things Done (GTD)

If you need to create a new project at the same time just click on the link. To bring up a calendar for the deadline click on the icon.

Add a task
Add a task

Displaying tasks

You can display only tasks belonging to a particular project, display completed tasks only , display both completed and future tasks.

You can order the display by priority, project, deadline, status just by clicking on the headings

Display tasks
Display tasks

Adding comments

You can add time stamped comments by clicking on the “bubble” icon in the Com. field.

TaskFreak adding comments
TaskFreak adding comments

You also have a history and descrption tag

To change the status of a task ( e.g. 40% done ) just click on the Status grids next to the task

To complete a task you can click on the final grid in the status column for the task

You can edit a task just by clicking on it in the Title column.

Customizations and add-ons

As TaskFreak is open source you can customize colours , contexts etc. Head over to the TaskFreak forums where there are lots of hints and also details of plugins .

If you find TaskFreak useful then there is a donation button on the TaskFreak website.

Installing Clipperz password manager

Clipperz password manager

There are various password managers around. I wanted one that was web based so I could access it from anywhere , I also wanted to install it on my own web server. I would never use it for anything financial , just for the numerous web sites that require a user name and password.

After searching around I found Clipperz .  This seemed to do everything I wanted and the community edition is  licensed with  an open source  AGPL license . If you don’t want to install it on your own web server then Clipperz offers a hosted service for users. The Clipperz site explains how the data is encrypted and why it is secure.

Clipperz has some very nice features :

  • You can copy the password into the clipboard without it showing in clear text.
  • You can create a read only copy on your local desktop in a single HTML file than can be read with a browser , keeping the same encryption method – very cool!
  • You can import passwords from CSV, Excel , KeePass, Password Plus.
  • You can export the passwords and import them into another Clipperz account.
  • It can be run it a Firefox Sidebar or Opera panel

Installation on Centos 5

This assumes you already have Apache, PHP and Mysql already installed and working.

For my Centos server I needed to install json and the bcmath PHP extensions.

Installing PHP json on Centos 5

I had to do the following :-

yum install php-devel

yum install php-pear        ( this will also install pecl )

pear install pecl/json            ( if you try to just use pecl to install json you will get an error about a 8MB limit the solution is to use pear – I found this thanks to this page )

vi /etc/php.d/json.ini and add a line :-

extension=json.so

Install bcmath

yum install php-bcmath

If you don’t install bcmath you will get the following in the Apache error log when you try to register a user :-

PHP Fatal error:  Call to undefined function bcscale() in /var/www/html/mytools/clipperz/php/index.php on line 72

Restart Apache

service httpd restart

Creating the database for Clipperz

mysql -u root -p

You will be prompted for the Mysql root password you first set when you setup Mysql

create database clipperz ;

grant all privileges on clipperz.* to “clipperzadmin”@”localhost” identified by “passwd” ;

flush privileges ;

exit ;

passwd is the password you want for the clipperzadmin DB user

Installing the PHP files

Download the community edition of Clipperz from sourceforge

Goto the HTML directory of your Apache installation – /var/www/html on Centos and if ncessary create a subdirectory where you want to install Clipperz. You probably want this directory protected by Apache authorisation. Unzip the Clipperz zip file you downloaded and rename the directory extracted to something like clipperz. Goto the directory and look at the INSTALL.txt file.

vi php/configuration.php

Set the database name , database user and database password you set when creating the database.

Point you browser to the location of Clipperz /php/setup/index.php

e.g. If you installed Clipperz in /var/www/html/mytools/clipperz you would go to yourdomain/mytools/cliperz/php/setup/index.php

You will now be in a page with POG  ( PHP Object Generator ). Hit the POG ME UP button and if all goes well you will have a proceed button. Hit that and you will go onto another page where you can examine the database. On the plugins tab make sure you do not install base64 if you do Clipperz will not work on Centos – if the tab says it is installed then click on uninstall.

You are now ready to use Clipperz. Point your browser at the Clipperz location yourdomain/mytools/cliperz if you used the setting above. Click on the Create One button to create an account.

There are links on the pages for help and the main Clipperz site is very helpful.

You may want to donate some money to the project – there are links on the Clipperz site.

Once installed it is recommended you remove the php/setup directory to prevent someone deleting database records .

You can backup your settings by exporting the data to json format  ( Data – Export – Export to json format ), this will keep all your settings and can be restored into another Clipperz account.

Another useful thing is to create an offline copy – this will create a single HTML file that can be loaded in a browser , keeping the same encryption protection.

Problems with json

On another server I had a problem with json . If I tried to create an account it failed. Looking at the ssl error log I got :-

[Wed Dec 28 16:57:45 2011] [error] [client 33.33.33.33] PHP Fatal error:  Call to undefined function json_decode() in /var/www/html/tools/clipperz/php/index.php on line 227, referer: https://myserver.mydomain/tools/clipperz/

And in the error_log :-

PHP Warning:  PHP Startup: Unable to load dynamic library ‘/usr/lib64/php/module
s/json.so’ – /usr/lib64/php/modules/json.so: undefined symbol: ZVAL_DELREF in Un
known on line 0

The solution was found here ( note that is not for PHP53 if you followed my advise to use the IUS reposity to upgrade PHP – use php53-common – see below)

I used

cd /var/tmp
yum install yum-utils.noarch
yumdownloader php53-common
rpm -Uvh –force php53-common-5.3.3-1.el5_7.3.x86_64.rpm
service httpd restart

 

Web based bookmark manager SiteBar

Web based bookmark mangers

There are plenty of web based bookmark manager services out there but I wanted to install my own one on my Linux VPS server.

After looking at numerous bookmark managers I settled on SiteBar

See my post here for a walk through using SiteBar

It is open source , works with any browser, can import and export bookmarks.

SiteBar provides a service you sign up for if you don’t want to install your own server.

Installation is very easy. You need to have PHP and Mysql on your server.

Ensure in your php.ini system file ( /etc/php.ini  on Centos ) you have set the timezone like

date.timezone = ‘Europe/London’

otherwise you will get a warning

Warning: getdate() [function.getdate]: It is not safe to rely on the system’s timezone settings. You are required to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier.

Make a directory somewhere  under your web document root

mkdir /var/www/html/sitebar

You probably want to restrict access to the directory using Apache authentication controls

Download the zip file from the SiteBar site download page.

Unzip  :-

cd /var/www/html

unzip sitebar-master.zip
rename the directory to what you want to call it

mv sitebar-master.zip  sitebar
Fire up your browser and go to hostname/sitebar/index.php

Fill in the DB Password ( this is the root password you set when you setup MySql )

The rest  left as default

Click on Create Database

Click on Check Settings

Click on Download Settings and save the config.inc.php file to your desktop

Copy the config.inc.php file to /var/www/html/sitebar/adm directory

Click Check Settings and you should now go to a new page with an Install Button

Click Install

Click setup

Select language , fill in username , admin passwd, email , real name

Select the other options as required

Click on submit

Everything is now setup and you can start using things.

There is a link to the help documents but in general you right click on things to bring up an action menu. ( If right click does not work do Control-Right- click , you need to do this with some browsers like Galeon.).

 

Preventing ssh brute force attacks with DenyHosts

Looking in /var/log/secure

Well my VPS server has been up for just over a week and a check of /var/log/secure shows there have been a number of ssh brute force attacks.

An example from /var/log/secure :-

Feb 18 19:30:17 vm sshd[29470]: pam_succeed_if(sshd:auth): error retrieving information about user jodie
Feb 18 19:30:19 vm sshd[29470]: Failed password for invalid user jodie from 222.122.227.26 port 35485 ssh2
Feb 18 19:30:19 vm sshd[29471]: Received disconnect from 222.122.227.26: 11: Bye Bye
Feb 18 19:30:21 vm sshd[29478]: Invalid user jody from 222.122.227.26
Feb 18 19:30:21 vm sshd[29479]: input_userauth_request: invalid user jody
Feb 18 19:30:21 vm sshd[29478]: pam_unix(sshd:auth): check pass; user unknown
Feb 18 19:30:21 vm sshd[29478]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.122.227.26
Feb 18 19:30:21 vm sshd[29478]: pam_succeed_if(sshd:auth): error retrieving information about user jody
Feb 18 19:30:23 vm sshd[29478]: Failed password for invalid user jody from 222.122.227.26 port 35986 ssh2
Feb 18 19:30:23 vm sshd[29479]: Received disconnect from 222.122.227.26: 11: Bye Bye
Feb 18 19:30:25 vm sshd[29486]: Invalid user joe from 222.122.227.26
Feb 18 19:30:25 vm sshd[29487]: input_userauth_request: invalid user joe
Feb 18 19:30:25 vm sshd[29486]: pam_unix(sshd:auth): check pass; user unknown

I started adding the IP addresses to /etc/hosts.deny but I thought there must be a way of automating things.

A Google search found DenyHosts which parses the secure log and automatically updates hosts.deny

DenyHosts has plenty of useful options ( including listing IP addresses that will never be added to hosts.deny – very handy so you don’t lock yourself out ! ). It can run from cron or in daemon mode.

Installation on Centos

Get the RPM from the Epel repository ( there are a great number of useful RPMS in the Epel repository and it is well worth adding to yum.

yum install denyhosts

Edit the configuration file

vi /etc/denyhosts.conf

The default setting will work fine but you may want to change things such as :-

ADMIN_EMAIL   if you want to be emailed about blocked hosts

The date format and log format.

The configuration file is very well documented.

Run the script on your /var/log/secure file :-

denyhosts.py –file=/var/log/secure

cat /etc/hosts.deny to see all the hosts it has found causing problems.

vi /var/lib/denyhosts/allowed-hosts  and add IP addresses you never want to be blocked each one on their own line.

Check if denyhosts will be started automatically at boot :-

-bash-3.2# chkconfig –list denyhosts
denyhosts          0:off    1:off    2:on    3:on    4:on    5:on    6:off

Then start it up :-

-bash-3.2# service denyhosts start

Yum update

Checking for Centos updates and fixes

Centos yum command has an option of check-update  which has a return code of 100 if there are updates together with a list of the updates. If there are no updates but the command worked then it returns 0.

I wrote a quick script to be run from cron to check for updates and send an email if they are any.

#!/bin/bash
# Checks for updates from Centos

MAILADDR=user@yourdomain
YUMTMPF=/var/tmp/yumcheck.$$

yum check-update  > $YUMTMPF  2>&1
RETCODE=”$?”
if  [ “$RETCODE”  -eq 100 ]
then
cat $YUMTMPF | mail -s  “There are Centos updates available on `hostname`” $MAILADDR

else
if   [ “$RETCODE” -ne 0 ]
then
{
cat $YUMTMPF | mail -s   ” Problems with yum check-updates on `hostname`” $MAILADDR
rm  $YUMTMPF
exit 1
}
fi
fi
rm $YUMTMPF
When I actually ran the yum update command I got some errors :-

Transaction Check Error:
file /usr/share/emacs/site-lisp/psvn.el from install of subversion-1.5.5-0.1.el5.rf conflicts with file from package subversion-1.4.2-2.el5
file /usr/share/man/man1/svn.1.gz from install of subversion-1.5.5-0.1.el5.rf conflicts with file from package subversion-1.4.2-2.el5
file /usr/share/man/man1/svnadmin.1.gz from install of subversion-1.5.5-0.1.el5.rf conflicts with file from package subversion-1.4.2-2.el5
file /usr/share/man/man1/svnlook.1.gz from install of subversion-1.5.5-0.1.el5.rf conflicts with file from package subversion-1.4.2-2.el5
file /usr/share/man/man5/svnserve.conf.5.gz from install of subversion-1.5.5-0.1.el5.rf conflicts with file from package subversion-1.4.2-2.el5
file /usr/share/man/man8/svnserve.8.gz from install of subversion-1.5.5-0.1.el5.rf conflicts with file from package subversion-1.4.2-2.el5
file /usr/share/xemacs/site-packages/lisp/psvn.el from install of subversion-1.5.5-0.1.el5.rf conflicts with file from package subversion-1.4.2-2.el5

Doing a rpm -qa | grep subversion

-bash-3.2# rpm -qa | grep subversion
subversion-1.5.0-0.1.el5.rf
subversion-1.4.2-2.el5

Showed two versions of subversion installed so I removed the older one :-

-bash-3.2# yum remove subversion-1.4.2-2.el5
Loading “fastestmirror” plugin
Setting up Remove Process
Loading mirror speeds from cached hostfile
* dag: apt.sw.be
* base: centosb2.centos.org
* updates: centosh2.centos.org
* addons: centosj3.centos.org
* extras: centosb2.centos.org
Resolving Dependencies
–> Running transaction check
—> Package subversion.i386 0:1.4.2-2.el5 set to be erased
–> Finished Dependency Resolution

Dependencies Resolved

=============================================================================
Package                 Arch       Version          Repository        Size
=============================================================================
Removing:
subversion              i386       1.4.2-2.el5      installed         7.6 M

Transaction Summary
=============================================================================
Install      0 Package(s)
Update       0 Package(s)
Remove       1 Package(s)

Is this ok [y/N]: y
Downloading Packages:
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction
Erasing   : subversion                   ######################### [1/1]

Removed: subversion.i386 0:1.4.2-2.el5
Complete!

Looking at the Dependencies Resolved section it showed the RPM to be i386 whereas my system is X86_64 so that looked like it was the problem. The update worked after that successfully.

Had a problem today with yum update :-

Resolving Dependencies
–> Running transaction check
—> Package file.x86_64 0:4.17-15.el5_3.1 set to be updated
Traceback (most recent call last):
File “/usr/bin/yum”, line 29, in ?
yummain.user_main(sys.argv[1:], exit_code=True)
File “/usr/share/yum-cli/yummain.py”, line 229, in user_main
errcode = main(args)
File “/usr/share/yum-cli/yummain.py”, line 145, in main
(result, resultmsgs) = base.buildTransaction()
File “/usr/lib/python2.4/site-packages/yum/sqlitesack.py”, line 94, in _read_db_obj
setattr(self, item, _share_data(db_obj[item]))
TypeError: unsubscriptable object

A search on Google gave me the answer  :-

yum clean all

Afterwards I was able to do the yum update successfully

Installing WordPress on a Linux VPS

WordPress blogging software

Having setup my Linux VPS server ( see previous blog ) it’s time to install some web applications.

I wanted to install a blog so I could recount my experiances with a Linux VPS server. WordPress was chosen as it is open source and had very good reviews.

WordPress needs PHP and mysql – both of which were installed already.

Note current versions of WordPress require a later version of PHP than that shipped by default with Centos 5, If you are using Centos 5  update php to version 5.3 see here

First setup Apache so it will use PHP files

vi /etc/httpd/conf/httpd.conf and search for DirectoryIndex

Add index.php index.php3 index.pl index.htm index.cgi

( they are not all needed for WordPress but as I’m going to add other software I put them in )

Restart apache :-

service httpd restart

Create the database

As this is the first application I’m installing that uses mysql there a few steps needed to get msql up and running.

chkconfig  mysqld on

/etc/init.d/mysqld start

mysqladmin -u root password ‘apassword’

‘apassword’ is the password you want to set for the mysql root user

mysqladmin -u root -p -h localhost password ‘apassword’

Now create a database and a user for the database

mysql  -u root -p

create database wordpress ;

grant all privileges on wordpress.* to “wordpressadmin”@”localhost” identified by “passwd” ;

flush privileges ;

exit

passwd” is the password you want the wordpressadmin user to have. You don’t have to call the database wordpress or the user wordpressadmin.

Get the latest WordPress version :-

cd /root

wget http://wordpress.org/latest.tar.gz

cd /var/www/html

tar xvfz /root/latest.tar.gz

Now for the setup and install

cd wordpress

cp wp-config-sample.php wp-config.php

vi wp-config.php

change DB_NAME , DB_USER, DB_PASSWORD    to the values you used above in mysql.

Assuming you have your site enabled for SSL then add the following to force all login and admin sessions to be over SSL ( https )

define('FORCE_SSL_ADMIN', true);

Point your browser to https://yourhostname/wordpress/wp-config.php

Fill in the blog name  and an email address ( you can change these later ) then click install.

If successful you will get a password for the admin user displayed – make a note of this and login as user admin with that password.

Click on the Settings link at the left hand side and fill in the Blog Title , Tag Line , Worpress Address URL ( http://yourdomain/wordpress ) , Blog Address ( http://yourdomain/wordpress ).

Check and change any of the other settings such as date format as you want then save the changes.

Next setup your profile – click Users and Edit the admin user, fill in your first and last names ( these are not made public ) , a nick name  , select from the drop-down box the name you want to appear as and  an email address.

Finally change your password , then click on Update Profile

Now you are ready to blog. Click on Posts at the left hand side – you will see the is already one post which you can either edit or delete. Once you have created your post hit the Publish or Update Post button at the right hand side.

There are loads of different themes and plugins available for WordPress – give them a go.