Wednesday, March 20, 2013

iptables log on ubuntu lucid 10.04

# edit /etc/rsyslog.conf and add the following.

:msg,contains,"iptables" /var/log/iptables

& ~
example:


$nano /etc/rsyslog.conf


# if you experience problems, check
# http://www.rsyslog.com/troubleshoot for assistance

# rsyslog v3: load input modules
# If you do not load inputs, nothing happens!
# You may need to set the module load path if modules are not found.

$ModLoad immark   # provides --MARK-- message capability
$ModLoad imuxsock # provides support for local system logging (e.g. via logger command)
$ModLoad imklog   # kernel logging (formerly provided by rklogd)

# Log all kernel messages to the console.
# Logging much else clutters up the screen.
#kern.*                                                 /dev/console

# Log anything (except mail) of level info or higher.
# Don't log private authentication messages!
*.info;mail.none;authpriv.none;cron.none                -/var/log/messages

:msg,contains,"iptables" /var/log/iptables
& ~

# The authpriv file has restricted access.
authpriv.*                                              /var/log/secure

# Log all the mail messages in one place.
mail.*                                                  -/var/log/maillog



Posted by at No comments:

Wednesday, March 13, 2013

host key verification failed - fixed

When connecting to EC2 via ssh, you need to use authorized keys and correct username. When the attempt failed, you can't connect again even if you have the correct details.

The error looks like below:



@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@       WARNING: POSSIBLE DNS SPOOFING DETECTED!          @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
The RSA host key for ec2-12-345-67-89.ap-southeast-1.compute.amazonaws.com has changed,
and the key for the corresponding IP address 12.345.67.89
has a different value. This could either mean that
DNS SPOOFING is happening or the IP address for the host
and its host key have changed at the same time.
Offending key for IP in /root/.ssh/known_hosts:27
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
9a:1e:a5:82:12:23:a6:b7:63:d9:e0:12:0c:12:b2:02.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending key in /root/.ssh/known_hosts:38
RSA host key for ec2-12-345-67-89.ap-southeast-1.compute.amazonaws.com has changed and you have requested strict checking.
Host key verification failed.





Solution:
You need to remove the offending key from known hosts.

Console:
ssh-keygen -R hostname

Example:
ssh-keygen -R ec2-11-234-56-78.ap-southeast-1.compute.amazonaws.com





Posted by at No comments:

Friday, March 1, 2013

Debian Squeeze AMI for Amazon EC2

For reference, I got the following image of Debian Squeeze 6.0.1 - 32-bit. You can use this AMI to install your asterisk. 


Arch: 32bit
Version: 6.0.1 (Squeeze)
Disk: EBS
AMI ID: ami-b02d54e2
Size: 8GB
maintainer: chris.fordham@rightscale.com
login user: root

for more info: http://wiki.debian.org/Cloud/AmazonEC2Image

Posted by at No comments:

Sip Configuration of Asterisk on Amazon AWS EC2

Inorder for asterisk to work well in Amazon EC2, you need to do some tweaks in your asterisk configuration files. If you don't do this, you'll end up with no sound / no audio during your call.




1. Login to your instance.
$ ssh -i asterlui.pem root@ec2-123-456-789-101.ap-southeast-1.compute.amazonaws.com

2. Enter this command to get you external IP. 
$ curl -s http://169.254.169.254/latest/meta-data/public-ipv4

example output. 123.456.789.101

3. Edit your "sip.conf" and add the following settings.

$ nano /etc/asterisk/sip.conf

#add the two lines in your sip.conf
localnet=10.0.0.0/255.0.0.0
externip=123.456.789.101

4. Edit your extension/user config in your sip.conf / users.conf and change the value of nat to yes.


[asterlui]
secret=password
alwaysauthreject=yes
disallow=all
;allow=g722
;allow=g729
allow=ulaw
;allow=alaw
type=friend
nat=yes



5. Don't forget to reload asterisk. 

$ asterisk -rvvvvvvvvvvvvvvvvnc

ip-10-100-955-102*CLI>reload


Note: The settings you've added in your sip.conf is applicable to any Asterisk Server with Public IP.


Posted by at No comments:
Subscribe to: Posts (Atom)