Solving VSFTPD SSL/TLS Negotiation Failures

05 January, 2015 09:57 CST6CDT

VSFTPD by default will only allow login where the user home directory, or root directory does not have write permissions while using a chroot option.  Some say this adds a layer of security, I say it adds a layer of unneeded complexity and have chosen to use the Ubuntu 10.04 LTS VSFTPD deb package on a more recent LTS install for quite some time.  Support for Ubuntu 10.04 LTS Server ends in a couple of months so I was forced to update to the new LTS VSFTPD binary package for my system or compile VSFTPD by source and remove the chroot write permissions feature.  I opted to do a binary update since the server has become less complicated in terms of FTP user accounts.

I jumped the gun with a couple of FTP login attempts resulting in failed SSL or TLS communications that were the result of a couple of file system permissions - those in which I attempted only encrypted connections without debugging the good old FTP protocol to start with.  VSFTPD connection attempts on an encrypted connection looks as though it errors out as a result of a TLS or an SSL compatibility issue although it is really receiving an "OOPS".  A response from the popular FileZilla application is "GnuTLS error -15: An unexpected TLS packet was received".  The response will vary depending on the client you use.

So if you are installing or upgrading the Very Secure FTP Server, don't forget to connect with plain old FTP for debugging purposes.  You may see "500 OOPS: vsftpd: refusing to run with writable root inside chroot()" in response, a helpful message.  A user must have proper directory permissions set as I failed to do properly with a random account when upgrading.  If you opt for CHROOT and your user is 'mk' with a home directory of '/home/mk', make sure to 'chmod -w /home/mk' after creating writable folders inside that user's home directory.

A year ago I was writing...

It is Squirrel Thursday! - Squirrel Fight
UNU 14000 mAh Enerpak Extreme Portable Battery Pack

Article & Comments Tags: Software

GoDaddy DNS is Down For Many

09 December, 2014 00:48 CST6CDT

GoDaddy DNS is having a SERVFAIL (failed lookup) when resolving domain names using ns* nameservers.  The problem itself lies within the ans(*) DNS servers that resolve the ns* nameserver's IP address.

I first noticed this on the evening of December 8th when failed to work as a plugin on one of this host's websites.  I verified GoDaddy's DNS failure with four separate source IP addresses.  As of December 9th 1:00 AM CST the problem is still pending a fix.  If you are using a caching nameserver, you may not notice this issue until the DNS cache expires.

Their has been mentions of DDoS attacks on Google nameservers to lookup GoDaddy sites in which GoDaddy blocked, however this is not the case at the present time (GoDaddy blocking Google DNS).  @GoDaddyHelp on Twitter responded to concerns at 12:17 AM - 9 Dec 2014 with "Some users are reporting connection issues, but we are not showing any errors on our side. We're collecting information & 1/2".  Classic!

Article & Comments Tags: Software

It is Squirrel Thursday! - Feasting on Squirrel

27 November, 2014 03:10 CST6CDT

Fat SquirrelIf your Chestnuts aren't roasting upon an open fire, this evil and fat squirrel probably snatched them from you and munched with a red eye of delight. We have witnessed them hang by the nuts steeling food from those of other nature, as shown here: Hanging In There.

Thanksgiving is time to give thanks to what may be good to you, like shelter and food. You would be kind to add meat into the food category and also give thanks to pellet guns as you strike off a life of a street crossing neighborhood four legged from hell.

Not everyone enjoys squirrel, or nut stuffed squirrel for the holiday dining table but keep in mind that they can be drained and used in a cranberry sauce for additional structure and cohesion. If you are not kind to both squirrel meat nor cranberry, you could kindly drop off a fat-evil-four-legged-squirrel and leave it where it rests as a sign of the merry seasons.

Article & Comments Tags: Squirrel Thursday

A Look at the Smok Tech eGo Mega Dual Coil Cartomizer

25 November, 2014 14:20 CST6CDT

Smok Tech eGo Mega Dual Coil CartomizerThose whom don't want the mess of an e-cig tank or for those whom find that their current tanks or cartomizers are void of flavor may find the eGo Mega Dual Coil Cartomizer from Smok Tech offers a no mess, no leak, flavorful vaping experience.

These Mega cartomizers hold about 5mL of juice and may be filled several times making them a long life competitor to tanks. These are dual coil cartomizers that let out a plume of vapor and flavor. They do get a bit warm if you chain vape but they still don't take much of a hit on the battery life.

The tip is rubber and flat tipped. Unlike the Smileomizer that I had previously reviewed, this tip feels more natural in relation to traditional drip tips. The tip is flexible so it will fit in your pocket without breaking and it will not leak. The Smok Mega Dual Coil Cartomizer is metal, not plastic.

While I still prefer my Aspire BDC tanks to cartomizers, I keep a few of these eGo cartomizers on hand for older batteries that don't have enough push which tanks now require in this day of vaping. This one shown in the picture is 1.6 ohm and black. I tend to pick up the stainless steel version when it is available – this is a personal preference as I use mostly black batteries.

A year ago I was writing...

Google Play Sprint Carrier Billing Solution
HOWTO: Enable Intel VT-x Virtualization on a Sony Vaio VGN-SZ330P Laptop
It is Squirrel Thursday! - Hanging In There

Article & Comments Tags: E-Cigs

Guide to ROOT on the Envizen EM63TX

21 October, 2014 06:18 CST6CDT

In conjunction with the Envizen EM63 TX (EM63TX) Reviewed article I will outline the steps needed to be taken in order to root the EM63TX Android tablet.

The user itz420 on the XDA Developers Forum announced that a Chinese rooting application VROOT version 1.7.9 was able to successfully root the EM63TX tablet.  VRoot is a Chinese rooting application for various Android devices.  This user also noted that more recent releases of VRoot were unsuccessful.  However, if you were to install a more recent version with an English installer, and then install the working VRoot Chinese application provided by the above URL (1.7.9), you will be able to use the 1.7.9 root libraries with an English interface.  I would imagine their is a system registry key to change the language used by VRoot.

You need to enable the 'Developer Options' by tapping on the 'Build Number' several times in 'About Tablet' in the system settings.  Developer options will show USB debugging already enabled however it is not.  You will need to toggle this option to enable USB debugging.  You must also make sure you can install an APK from an unknown source and that you do not verify applications in the 'Security' menu in settings.

The VRoot process for the Envizen is a click through process.  This rooting tool will install 'su', Superuser.apk, an interface for a Chinese website, and a cache optimizer application.  These applications with the exception of the 'su' binary are in the Chinese writing language.  The web page gateway and cache optimizer applications may be removed after root access is obtained.

The 'Superuser' application used to manage user based root permissions is in Chinese.  I wanted to have a more conventional root with an English interface on the tablet so I followed the instructions from MrW0lf: Remove/Replace Chinese VRoot superuser with SuperSU.  The version 2 zip file [mirror] available on worked flawlessly.  Simply unzip to the sdcard root directory, use a terminal emulator and type 'su' to grant and use root privileges, and issue the command 'sh /sdcard/mrw/'.  After replacing the Superuser permission system with SuperSU and installing an updated 'su' binary, you can then remove any VRoot related applications and data that you may like to.  This script attempts to automatically remove as much VRoot related data as possible.  Cheers!

A year ago I was writing...

Google Announces Freedom of Expression Tools
When Nothing Comes To Mind

Article & Comments Tags: Software

1 2 3 ... 120 121 122  Next»
Land where drunk cows swim and home to my daily hand