KeyHelp Serververwaltung

KeyHelp

FAQ rund um KeyHelpSerververwaltung

Felhlermeldung: Can’t open file /etc/ssl/keyhelp/mail-ca.crt: Permission denied

Folgender Fehler wird in der E-Mail Warteschlange in KeyHelp angezeigt.

temporary failure. Command output: doveconf:
Fatal: Error in configuration file /etc/dovecot/conf.keyhelp.d/10-ssl.conf
line 4: ssl_ca: Can't open file /etc/ssl/keyhelp/mail-ca.crt: Permission
denied

Die Lösung:
Kommentiere die Zeile: ssl_ca in /etc/dovecot/conf.keyhelp.d/10-ssl.conf mit # aus.
also so: #ssl_ca = </etc/ssl/keyhelp/mail-ca.crt

Reboot

How to disable cloud-init in Ubuntu

How to disable cloud-init in Ubuntu

Prevent start

  • Create an empty file to prevent the service from starting

      sudo touch /etc/cloud/cloud-init.disabled
    

Uninstall

  • Disable all services (uncheck everything except “None”):

      sudo dpkg-reconfigure cloud-init
    
  • Uninstall the package and delete the folders

      sudo dpkg-reconfigure cloud-init
      sudo apt-get purge cloud-init
      sudo rm -rf /etc/cloud/ && sudo rm -rf /var/lib/cloud/
    
  • Restart the computer

      sudo reboot
    
Keyhelp, fail2ban does not start on some debian12 /ubuntu systems

Keyhelp fail2ban does not start on some debian/ubuntu systems – backend should probably be set to systemd on all systemd-based distros.

1. add this to your jail.local

sudo nano /etc/fail2ban/jail.local

[DEFAULT]
# Debian 12 has no log files, just journalctl
backend = systemd
logtarget = SYSTEMD-JOURNAL

  • since Debian 12 is well and truly systemd (by default) now: it should have fail2ban log to systemd journal instead of the logfile. (logtarget = SYSTEMD-JOURNAL) in the [DEFAULT] section.

2. Restart fail2ban with:  systemctl restart fail2ban

 

Environment:

  • Fail2Ban master branch, as well as version 0.11.1 on Ubuntu Focal and many others
  • OS, including release name/version : Ubuntu Focal. Allegedly, Ubuntu Xenial is also affected, as well as some Debian installations.
  • Fail2Ban installed via OS/distribution mechanisms
  • You have not applied any additional foreign patches to the codebase
  • Some customizations were done to the configuration (provide details below is so)

The issue:

On modern systemd-based distros, like newer releases of Ubuntu, Debian, Archlinux, RHEL, Fedora, etc, services like sshd logs to the systemd journal. Optionally rsyslog or syslog can be installed and run, and logs will also be available i.e. in /var/log/auth.log or /var/log/secure.log.

In the files /etc/fail2ban/paths-{arch|fedora|opensuse} there is a section like this:

syslog_backend = systemd
sshd_backend = systemd
dropbear_backend = systemd
proftpd_backend = systemd
pureftpd_backend = systemd
wuftpd_backend = systemd
postfix_backend = systemd
dovecot_backend = systemd

… and because of this, fail2ban works on arch, fedora (with derivatives) and opensuse. However, it fails on debian and ubuntu, unless the syslog package is installed and the service is running.

Ubuntu Server: A start job is running for Wait for Network to be Configured

Beim Startvorgang eines Ubuntu LTS Server Systems kann es zu einer zweiminütigen Wartezeit kommen, wenn bestimmte Dienste auf das Starten der Netzwerkumgebung warten. In diesem Fall wird auf der Konsole die Meldung A start job is running for Wait for Network to be Configured (2min 1s / no limit) angezeigt. In diesem Artikel zeigen wir, wie Sie dieses Problem beheben können.

Ursache

Meldung “A start job is running for wait for network to be configured” beim Starten von Ubuntu Server.

Um herauszufinden, welche Dienste die Verzögerung verursachen, rufen Sie das folgende Kommando auf:

systemctl show -p WantedBy network-online.target

Problemlösung

Zur Lösung deinstallieren wir das bei uns nicht benötigte Paket cloud-config und deaktivieren die beiden iscsi Dienste:

 sudo dpkg-reconfigure cloud-init
 sudo dpkg-reconfigure cloud-init
 sudo apt-get purge cloud-init
 sudo rm -rf /etc/cloud/ && sudo rm -rf /var/lib/cloud/
sudo systemctl disable iscsid.service
sudo systemctl disable open-iscsi.service
  sudo reboot

Es kommt damit beim Startvorgang zu keiner Verzögerung mehr.

Zeitzone richtig setzten. (ubuntu, debian)

In der Konsole (root)

$ timedatectl status
zeigt:

 Local time: Thu 2023-08-03 22:29:02 CEST
Universal time: Thu 2023-08-03 20:29:02 UTC
RTC time: Thu 2023-08-03 20:29:02
Time zone: Europe/Berlin (CEST, +0200)
System clock synchronized: yes
NTP service: active
RTC in local TZ: no

$ timedatectl list-timezones
zeigt: z.B

Etc/Greenwich
Etc/UCT
Etc/UTC
Etc/Universal
Etc/Zulu
Europe/Amsterdam
Europe/Andorra
Europe/Astrakhan
Europe/Athens
Europe/Belfast
Europe/Belgrade
Europe/Berlin
Europe/Bratislava usw.....

$ timedatectl set-timezone Europe/Berlin
setzt Zeitzone auf: Europe/Berlin
prüfen mit: $ timedatectl status
Fertig.