Pages

Thursday, December 21, 2023

Creating a Password-Free Connection Between Two Servers with Proper Permissions

Creating a Password-Free Connection Between Two Servers with Proper Permissions

Setting up a password-free SSH connection between two servers, A and B, enhances security and efficiency. This guide will walk you through establishing a secure, key-based connection, ensuring all permissions are correctly set to 600 for safety.

Step 1: Generate SSH Keys

  • On Both Server A and B:

    1. Run ssh-keygen to create a pair of keys: id_rsa (private) and id_rsa.pub (public).
    2. Ensure the permissions of these keys are set to 600.

Step 2: Exchange Public Keys

  • On Server A:
    1. Copy the id_rsa.pub of Server A to the authorized_keys file of Server B.
  • On Server B:
    1. Similarly, copy the id_rsa.pub of Server B to the authorized_keys file of Server A.

Connecting Using Private Key:

  • To connect to Server A from B (or vice versa), use the private key (id_rsa) with the following command:
    ssh user@xxx.xxx.xxx.xxx -i <path-to-private-key>
    Replace xxx.xxx.xxx.xxx with the actual server IP and specify the correct path to your private key.

Additional Tips:

  • From any other server (say Server Z with IP zzz.zzz.zzz.zzz), you can use the ssh-copy-id command to easily copy your public key to Servers A or B:
    ssh-copy-id root@zzz.zzz.zzz.zzz
  • Reverse the process to allow the opposite connection.

Important Notes:

  • Always ensure your keys' permissions are set to 600 to prevent unauthorized access.
  • Regularly update and rotate your keys for enhanced security.

By following these steps, you'll establish a secure, password-free connection between two servers, ensuring efficient and safe operations.

Posted by at No comments:
Labels: ,

Friday, November 3, 2023

Plex Media Server Issue: "Failed to Load Preferences" - Solution

Plex Media Server is a popular media management platform, but like any software, it can encounter issues. One common problem users might face is the "Failed to load preferences" error. In this blog post, we'll explore this issue and provide a solution.


Issue Description:

When attempting to start the Plex Media Server, you might encounter the following error message:

Failed to load preferences at /var/lib/plexmediaserver/Library/Application Support/Plex Media Server

This error indicates a problem with loading preferences for Plex Media Server.


Solution:

Step 1: Stop Plex Media Server

Before proceeding with the solution, stop the Plex Media Server. You can do this using the following command:

sudo systemctl stop plexmediaserver

Step 2: Rename Preferences Directory

The "Failed to load preferences" error often occurs due to a corrupted or misconfigured preferences directory. To resolve this issue, you can rename the existing preferences directory, and Plex Media Server will create a new one.

sudo mv /var/lib/plexmediaserver/Library/Application\ Support/Plex\ Media\ Server /var/lib/plexmediaserver/Library/Application\ Support/Plex\ Media\ Server.bak

This command renames the preferences directory to create a backup.

Step 3: Restart Plex Media Server

Now, start Plex Media Server again:

sudo systemctl start plexmediaserver

Step 4: Verify Operation

Check the status of Plex Media Server to ensure it's running without any errors:

sudo systemctl status plexmediaserver

If everything is working as expected, you should see Plex Media Server as "active (running)" in the status output.

Posted by at No comments:
Labels: , ,

Thursday, August 24, 2023

Generating SSL Certificates for Websites on Non-Standard Ports

Ensuring secure communication is essential for websites, even if they are not published on the default ports 80 or 443. This guide demonstrates how to obtain SSL certificates using Certbot when your website is hosted on a non-standard port. We'll walk through the steps using a generalized URL and domain name for clarity.

Prerequisites

Before starting, make sure you have the following:
  • A server hosting your website is accessible via a specific port.
  • Domain name and DNS management access for the domain.

Step 1: Install Certbot

Begin by installing Certbot using the following commands

sudo dnf install epel-release -y sudo dnf install certbot -y

Step 2: Generate SSL Certificate


Generate an SSL certificate using Certbot's manual mode with DNS challenge. Replace your.domain.com with your actual domain name.

sudo certbot --manual --preferred-challenges dns certonly -d your.domain.com

Follow the prompts provided by Certbot. You'll be asked to add a specific DNS TXT record to your DNS configuration to prove domain ownership.

Step 3: Certificate Location


Upon successful completion, Certbot will provide a confirmation message and indicate the location where the certificate and key files are stored. These files will be required for your web server's SSL configuration plaintext

Certificate is saved at: /etc/letsencrypt/live/your.domain.com/fullchain.pem 
Key is saved at: /etc/letsencrypt/live/your.domain.com/privkey.pem

Step 4: Next Steps


The certificate obtained is not set to automatically renew. To renew it, repeat the same Certbot command before the certificate's expiration date.

Remember, you'll need to configure your web server to use the obtained SSL certificate. or else replace the old certificates with new certificates with same name.
Posted by at No comments:
Labels: ,
Subscribe to: Posts (Atom)