SSH Public Key Authentication
Tonight I disabled password authentication entirely for ssh.
If you haven’t set up public key authentication yet feel free to contact me or possibly read a how-to:
This security setting was a long time coming I’ve gotten rather tired of going through all the “script kiddie” failed login attempts.
I apologize if this makes this a bit more inconvenient for anyone but security does / has to come first after all.
That’s all for now.
read moreOpenDNS Issue (Gmail.com)
So if anyone has been having issues emailing to gmail users lately I finally found out why.
OpenDNS apparently is having kittens doing proper resolves for any of it.
Now if you’re an OpenDNS user you might say my settings were wrong or something.
Well I reviewed all my settings (disabled all security stuff and filtering) and I would get a bunch of NXDOMAIN(3) errors.
host gmail.com:
gmail.com has address 74.125.228.53
gmail.com has address 74.125.228.54
Host gmail.com not found: 3(NXDOMAIN)
Whereas using he.net’s dns:
host gmail.com:
gmail.com has address 74.125.225.117
gmail.com has address 74.125.225.118
gmail.com has IPv6 address 2607:f8b0:4009:802::1016
gmail.com mail is handled by 10 alt1.gmail-smtp-in.l.google.com.
gmail.com mail is handled by 20 alt2.gmail-smtp-in.l.google.com.
gmail.com mail is handled by 30 alt3.gmail-smtp-in.l.google.com.
gmail.com mail is handled by 40 alt4.gmail-smtp-in.l.google.com.
gmail.com mail is handled by 5 gmail-smtp-in.l.google.com.
Quite a big difference eh?
So for the time being we will stop using OpenDNS as our primary dns provider until the issue is resolved.
read moreRouter Damaged
So late last night we had a storm of epic proportions which caused quite a bit of flooding to occur.
While the server is fine it fried our network router / switch entirely.
I brought over my secondary repeating router to fill in the service gap for now.
We really need to get / replace the current router with a different one as this is only a stopgap solution.
If you are a current user of inexistence and enjoy our services then I please ask you to donate
any amount to help fix this massive issue.
You can use the button below to help out:
read moreDebian + Apache 2 (CVE-2011-1176)
Debian pushed the apache update finally (get to disable the workaround)
apache2 (2.2.16-6+squeeze1) stable-security; urgency=high
* Fix CVE-2011-1176 in apache2-mpm-itk: If NiceValue was set, the default
with no AssignUserID was to run as root:root instead of the default
Apache
user and group. Closes: #618857
So that should close the issue…
Thanks Debian and Apache for the fix!
Network Issue (He.net) Resolved
Hurricane Electric is back up and working and so is our DNS.
Our primary DNS provider for inexistence.org (Hurricane Electric) is having kittens,
DNS.he.net is experiencing an issue at the moment. For those that are missing zones, we are in the process of recovering them at this time.
This also includes tunnelbroker.net which is how our IPv6 works so yeah epic fail on their end.
As of right now all *.inexistence.org services will probably not work for you.
If you know how to edit your hosts file you can temporarily fix it by referring directly
to our IP: 216.196.207.102.
216.196.207.102 inexistence.org
216.196.207.102 mail.inexistence.org
216.196.207.102 www.inexistence.org
216.196.207.102 cubemail.inexistence.org
If their servers continue to be down for too much longer I might change DNS servers.
I am willing to give them a chance to fix it as their services rocks with it’s working…
All other hostnames will continue to work (we use cloudflare for everything else).