Monthly Archives: March 2018


Lubuntu LVM Encrypted

While trying to setup a lubuntu GNU/Linux that would use an encrypted LVM file-system we run into several problems that should have not been there.
For example, the installer would not continue as swap memory was not encrypted and it was blocking the operation.
An other issue was that the LVM support package was not installed by default although it is needed by the installer.

Our solution requires an active internet connection so that you can install the lvm2 package.

Methodology

After booting into the live session, before we started the installation process, we opened a terminal from the main menu (Start Menu) and executed the following two commands:


sudo apt-get install lvm2 -y;

sudo swapoff --all;

These two commands disabled all swap (so that we do not get the error that swap is not encrypted) and it installed the lvm2 package that is needed by the installer to create our LVM setup.

The following video presents the full successful installation procedure by making the changes before starting the procedure.

The next video, shows our attempts to fix the installation after encountering the errors instead of fixing them beforehand.


CloudFlare does not allow port 22 (usual SSH port) on domain 3

When you try to connect via ssh on a domain for which you are using CloudFlare as a HTTP proxy, you will get the following error:

$ ssh [email protected]
 ssh_exchange_identification: Connection closed by remote host

You have a few options to resolve for this issue:

  1. Either connect directly to the IP of the machine.
  2. Or, setup a CNAME record with no HTTP proxy for the SSH (so that you do not need to remember the IP).
    This solution does not offer any additional benefits than connecting directly to the IP of the server.
    To do that, you need to visit the configure DNS page for your site: e.g. https://www.cloudflare.com/a/dns/example.com,
    then create the CNAME named ssh, use as target your domain (e.g. example.com) and disable HTTP proxy by clicking on the orange cloud and making it gray before pressing the Add Record button.

    Then, you will be able to connect via ssh [email protected].
  3. Last solution but not least is configuring your server to listen for SSH on one of the ports of CloudFlare that are open.
    When this post was written, the following ports were available/open for any site in CloudFlare:
    For requests made via HTTP:

    80
    8080
    8880
    2052
    2082
    2086
    2095

    For requests made via HTTPS:

    443
    2053
    2083
    2087
    2096
    8443

    At the time, we were using an Ubuntu GNU/Linux server, to instruct Ubuntu SSHD to listen to multiple ports we edited the file /etc/ssh/sshd_config and right after the lines:

    # What ports, IPs and protocols we listen for
    Port 22

    we added another line with the new port we wanted to use:

    # What ports, IPs and protocols we listen for
    Port 22
    Port 2053

    After restarting the service
    service ssh restart;
    we were able to connect to our page as follows:
    ssh -p 2053 [email protected];

 


Cannot verify domain with Yandex when domain is behind CloudFlare 2

Recently we were trying to verify the ownership of a domain through yandex. We tried the CNAME approach which would be more universal and so we added a new CNAME record in the DNS configuration in CloudFlare.

The record had the following configuration:

  • Type: CNAME
  • Name: yamail-dd63c3831dbd
  • Value: mail.yandex.com
  • TTL: Automatic
  • Status: DNS and HTTP proxy (CDN)

We tried several times the verify domain button in https://domain.yandex.com/domain/example.com/ but it kept on failing saying that the CNAME record was not found. Only after we disabled the DNS and HTTP proxy (CDN) did it work.

So in the end, the properly working record was as follows:

  • Type: CNAME
  • Name: yamail-dd63c3831dbd
  • Value: mail.yandex.com
  • TTL: Automatic
  • Status: DNS Only

JetPack: Cannot Verify Site Ownership using pinterest 6

Recently, we tried to verify the ownership of a site running WordPress with JetPack in Pinterest.

As the instructions say, we logged in to Pinterest and visited the settings page to Claim Website paragraph.

Using the meta tag solution we received a code similar to the one below:

<meta name="p:domain_verify" content="8525e3384b3545fb80b9e21f0910de21"/>

When we tried to add the code in the JetPack site verification page (https://example.com/wp-admin/admin.php?page=jetpack#/traffic) we got the following error:
Error updating settings. Invalid parameter(s): pinterest (Status 400).

To resolve the issue, we just added a space character right before the end of the tag /> and our code became:

<meta name="p:domain_verify" content="8525e3384b3545fb80b9e21f0910de21" />

Trying again, it worked properly!