Thanks Matt/Hugo.
scponly sounds perfect, will go have a look.
Kind regards
Kind regards
Murray Crane
On 3 September 2015 at 16:50, Mail Delivery Subsystem <
mailer-daemon(a)googlemail.com> wrote:
> Delivery to the following recipient failed permanently:
>
> hugo-bf(a)carfax.org.uk
>
> Technical details of permanent failure:
> Google tried to deliver your message, but it was rejected by the server
> for the recipient domain carfax.org.uk by mail.carfax.org.uk.
> [2001:ba8:1f1:f1d9:216:3eff:fe14:aef9].
>
> The error that the other server returned was:
> 550 Unrouteable address
>
>
> ----- Original message -----
>
> DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
> d=gmail.com; s=20120113;
>
> h=mime-version:in-reply-to:references:date:message-id:subject:from:to
> :content-type;
> bh=qUsmRotgDrePcgGkI3DnWeS619sY44YzDcMeKhOU5v4=;
>
> b=J+zTvt9/Iedp7OimfHkFm/PpIQhGZzoe5DHLC/pS+a8oG7urV/0dlNyrRZZzFlAQqK
>
> sECRimLaeNqtpGSk98+W+cs1VkDq4ecclWGmtcZqh9QV+o0CYXtn5ijgW/9DY5We9vmi
>
> AQJoWjo1snV2eqTZ/6eVUN4eft3NVD2hOFcFf09oYWGRLcz1u91e/G5SbBx72Tytv0uZ
>
> kxKRCYWIQaEXIwpgboZZPJRZdnWh8pz2BCCrZsrEo7cHUGUFneL4cf8TWxTtkSFgtFBo
>
> XnYtLHyqnBgJG7Lq9MnGloDCD3Zg8d8eUs5prVbKCPgcBmcihinHrO4ln8oQ0h1WhTDQ
> uovw==
> MIME-Version: 1.0
> X-Received: by 10.112.170.129 with SMTP id
> am1mr22610658lbc.116.1441295439506;
> Thu, 03 Sep 2015 08:50:39 -0700 (PDT)
> Received: by 10.112.53.4 with HTTP; Thu, 3 Sep 2015 08:50:39 -0700 (PDT)
> In-Reply-To: <20150903154935.GH11358(a)carfax.org.uk>
> References: <CAAiW_G=sCOXr3g+0KzTpkJmuZYpfDLRY4O3zovk4a0BKEWt=
> Jw(a)mail.gmail.com>
> <20150903154935.GH11358(a)carfax.org.uk>
> Date: Thu, 3 Sep 2015 16:50:39 +0100
> Message-ID: <CAAiW_GkyVwYG4WeNnrC3-ThYSnwUuDLyTOezJEO1=
> c3-G0a7Uw(a)mail.gmail.com>
> Subject: Re: [bitfolk] SSH query
> From: Murray Crane <murray.crane(a)gmail.com>
> To: Hugo Mills <hugo-bf(a)carfax.org.uk>
> Content-Type: multipart/alternative; boundary=001a11c372eab03a74051ed9bee9
>
> Thanks Matt/Hugo.
>
> scponly sounds perfect, will go have a look.
>
> Kind regards
>
> Murray Crane
>
> On 3 September 2015 at 16:49, Hugo Mills <hugo-bf(a)carfax.org.uk> wrote:
>
> > On Thu, Sep 03, 2015 at 04:42:27PM +0100, Murray Crane wrote:
> > > Hi all,
> > >
> > > Hoping to crowdsource your knowledge.
> > >
> > > In Ubuntu/Debian, is it possible to set up the www-data user with SSH
> > > access (for development purposes; read/write to the web server document
> > > root) but not "shell access" otherwise?
> > >
> > > The SSH will be pub-key only, but I already know how to do such things
> > (to
> > > avoid obvious "do it key only" suggestions).
> > > Kind regards
> >
> > There's a project called scponly that you can use to set this
> > up. You set it as the login shell for the account, and it implements
> > the absolute minimum that a shell needs to do to support scp, without
> > giving any kind of interactive access.
> >
> > Hugo.
> >
> > > Murray Crane
> >
> > > _______________________________________________
> > > users mailing list
> > > users(a)lists.bitfolk.com
> > > https://lists.bitfolk.com/mailman/listinfo/users
> >
> >
> > --
> > Hugo Mills | I spent most of my money on drink, women and
> fast
> > hugo@... carfax.org.uk | cars. The rest I wasted.
> > http://carfax.org.uk/ |
> > PGP: E2AB1DE4 | James
> > Hunt
> >
>
I've just installed PuTTY on a new PC running Windows 10. When I attempt
to connect to my VPS console (on bellini) PuTTY immediately disconnects
with the message
"Disconnected: No support authentication methods available (server sent:
publickey,keyboard-interactive)"
I can connect to my VPS using PuTTY without any problems. I can also
connect to the console on bellini from my home Linux box (using openssh
on CentOS 6).
This was working (PuTTY, Windows 10) a couple of weeks ago - has
anything changed?
Thanks,
Mike
$ ssh t67(a)t67.console.bitfolk.com
This computer system is the property of BitFolk Ltd.
Disconnect NOW if you have not been expressly authorised to
use this system. Unauthorised use is a criminal offence
under the Computer Misuse Act 1990.
Communications on or through BitFolk's computer systems may
be monitored or recorded to secure effective system
operation and for other lawful purposes.
Enter passphrase for key '/home/joseph/.ssh/id_rsa':
Linux bellini 2.6.32-5-xen-amd64 #1 SMP Wed Feb 18 14:24:30 UTC 2015 x86_64
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Wed Jul 15 06:59:27 2015 from
host86-144-240-244.range86-144.btcentralplus.com
You are not the owner of /var/run/screen/S-t67.
Connection to t67.console.bitfolk.com closed.
$
Hi.
Has anyone got any recommendations for webmail software? I've been using
prayer (http://www-uxsup.csx.cam.ac.uk/~dpc22/prayer/) but it seems to
be vulnerable to POODLE and unlikely to get patched, so I'm looking for
something new. Ideally whatever software would be good for the security
obsessed (so eg not php[1]).
[1] no php arguments please. I just don't trust it. I know you've had
massive success and your favourite huge website uses it fine.
Hi all!
Just got a new VPS running Debian Jessie.
My VPS only seems to have 1 CPU. Is this normal?
# nproc
1
It's not a problem I'm just curious if it's correct since my last VPS
(with another provider) had 4.
Hi,
as of this morning (I think) I have problems connecting to various
website that use Akamai from my Bitfolk VPS.
For example:
e6203.b.akamaiedge.net.
a1723.g.akamai.net.
a1723.g.akamai.net.
I can reach those servers (on port 80) without issues from another UK
server (behind an business ADSL connection), but from Bitfolk the
connection times out.
It's probably not something Andy/Bitfolk can do much about, but I
thought I'd mention it just in case (or in case this is something
specific to my VPS).
Martijn.
Hello!
I'm coming around to the idea of running my own mail servers again and
closing down my google apps accounts, try and free myself from our googley
overlord a little bit :)
Last time I did this I remember it being a pita to maintain. Can anyone
recommend some reading for someone who hasn't maintained a mail server for
about 7 years to catch up please?
Thank!
-Matt Daubney
As ever, I'd quite like someone else to do the Wheezy to Jessie upgrade
first :)
The one thing I know I have to watch out for is that the change from
Apache 2.2 to 2.4 involves a change in the authentication modules for
websites that use it. I have it on \wp-admin for WordPress websites as
that stops the bots from bothering WordPress itself...
Ian
Hi,
Assume that:
1) You're a user of BitFolk's secondary DNS service.
2) One or more of your zones have been unreachable from our
secondary servers for so long that they have expired.
How long would you expect BitFolk to continue serving SERVFAIL for
your zone(s) before removing them from the configuration (and
thereafter serving NOERROR/REFUSED as for any name they're not
authoritative for)?
If any of you use other similar services where you provide the
primary DNS server, what do they do in that circumstance?
Is there a difference in behaviour in typical Internet protocols
that encounter SERVFAIL vs NOERROR? e.g. would a mail server
consider SERVFAIL to be a temporary failure but NOERROR to be a
permanent one?
Cheers,
Andy
--
http://bitfolk.com/ -- No-nonsense VPS hosting
