XSF logo XMPP Service Operators - 2018-01-14


  1. Ge0rG has left
  2. kmq has joined
  3. kmq has joined
  4. nuron strange... when i dont do anything with my prosody or writh from one acc on my server to another everything is fine. But when i start to wrigth the server crash...
  5. Ge0rG has left
  6. ThibG has joined
  7. valo has joined
  8. fp-tester has joined
  9. advisory has left
  10. advisory has joined
  11. Ge0rG has left
  12. Martin has joined
  13. fp-tester has left
  14. fp-tester has joined
  15. jere has left
  16. jere has joined
  17. Ge0rG has left
  18. kmq has left
  19. kmq has joined
  20. Ge0rG has left
  21. nuron has left
  22. mike has left
  23. Ge0rG has left
  24. Ge0rG has left
  25. SamWhited has joined
  26. nuron has left
  27. valo has joined
  28. kmq has joined
  29. kmq has joined
  30. Ge0rG has left
  31. Ge0rG has left
  32. jere has joined
  33. jere has joined
  34. Ge0rG has left
  35. Ge0rG has left
  36. Ge0rG has left
  37. Ge0rG has left
  38. Ge0rG has left
  39. carlos has joined
  40. carlos has joined
  41. Ge0rG has left
  42. Ge0rG has left
  43. SamWhited has left
  44. Ge0rG has left
  45. 404.city has left
  46. SamWhited has joined
  47. Ge0rG has left
  48. Ge0rG has left
  49. Ge0rG has left
  50. Ge0rG has left
  51. Ge0rG has left
  52. Ge0rG has left
  53. uc has joined
  54. Ge0rG has left
  55. Ge0rG has left
  56. jere has joined
  57. Ge0rG has left
  58. Ge0rG has left
  59. Ge0rG has left
  60. Ge0rG has left
  61. Ge0rG has left
  62. 404.city has left
  63. Ge0rG has left
  64. Ge0rG has left
  65. Ge0rG has left
  66. Ge0rG has left
  67. Ge0rG has left
  68. Ge0rG has left
  69. ibikk has joined
  70. Ge0rG has left
  71. uc has joined
  72. Ge0rG has left
  73. Ge0rG has left
  74. Ge0rG has left
  75. Ge0rG has left
  76. Ge0rG has left
  77. Ge0rG has left
  78. Ge0rG has left
  79. Ge0rG has left
  80. uc has joined
  81. jjrh has left
  82. jjrh has left
  83. Ge0rG has left
  84. Ge0rG has left
  85. 404.city has joined
  86. 404.city has left
  87. 404.city has joined
  88. Ge0rG has left
  89. Ge0rG has left
  90. jjrh has left
  91. Ge0rG has left
  92. jjrh has left
  93. Ge0rG has left
  94. Ge0rG has left
  95. 404.city has left
  96. 404.city has joined
  97. jjrh has left
  98. pod has joined
  99. jjrh has left
  100. Ge0rG has left
  101. jjrh has left
  102. SouL has joined
  103. Ge0rG has left
  104. jjrh has left
  105. SouL has left
  106. Ge0rG has left
  107. Ge0rG has left
  108. jjrh has left
  109. Marzanna has left
  110. Neustradamus has left
  111. jjrh has left
  112. Ge0rG has left
  113. Neustradamus has joined
  114. Ge0rG has left
  115. SouL has joined
  116. SouL has left
  117. Ge0rG has left
  118. jjrh has left
  119. Ge0rG has left
  120. 404.city has left
  121. Ge0rG has left
  122. jjrh has left
  123. Ge0rG has left
  124. jjrh has left
  125. Ge0rG has left
  126. jjrh has left
  127. kmq has left
  128. Ge0rG has left
  129. Ge0rG has left
  130. Ge0rG has left
  131. ThibG has left
  132. ThibG has joined
  133. Ge0rG has left
  134. Ge0rG has left
  135. Ge0rG has left
  136. Ge0rG has left
  137. Ge0rG has left
  138. Ge0rG has left
  139. nuron has joined
  140. Ge0rG has left
  141. Ge0rG has left
  142. hannes has joined
  143. Ge0rG has left
  144. Ge0rG has left
  145. Ge0rG has left
  146. Ge0rG has left
  147. Ge0rG has left
  148. Marzanna has joined
  149. Marzanna has joined
  150. Marzanna has joined
  151. Zash has left
  152. fp-tester has left
  153. fp-tester has joined
  154. Ge0rG has left
  155. Ge0rG has left
  156. Ge0rG has left
  157. jere has joined
  158. Ge0rG has left
  159. nuron No success by installation without toast, mostly the same issues... The logs tell me again that the certificate is invalid... But how can I get a valid one?
  160. nuron Should I use the cert from my ISP?
  161. nuron When I try to send a message from my server to trashserver there came up one issue: 'remote server not found'
  162. carlos has joined
  163. carlos has joined
  164. Ge0rG has left
  165. Ge0rG has left
  166. Marzanna has left
  167. Ge0rG has left
  168. nuron https://haste.tchncs.de/kizafocalu.coffee Does anyone have an idea how i can get a valid vert?
  169. Ge0rG has left
  170. Ge0rG has left
  171. 404.city has left
  172. 404.city has joined
  173. Maranda ‎[13:00:32] ‎Maranda‎: @ping famkibo.eu ‎[13:02:03] ‎Echo1‎: Ping failed (remote-server-not-found): Server-to-server connection failed: connection-timeout
  174. Maranda Your server is not dialing back that's the problem
  175. Maranda or answering the stream opening request
  176. nuron i have an other domain Maranda
  177. Maranda ‎[13:03:14] ‎Maranda‎: @ping famkibo.eu ‎[13:04:15] ‎Echo1‎: Ping failed (remote-server-not-found): Server-to-server connection failed: host-unknown (This host does not serve famkibo.eu)
  178. nuron ping famkibo.eu PING famkibo.eu (95.143.172.177) 56(84) bytes of data. 64 bytes from serpens.uberspace.de (95.143.172.177): icmp_seq=1 ttl=59 time=13.4 ms 64 bytes from serpens.uberspace.de (95.143.172.177): icmp_seq=2 ttl=59 time=13.0 ms ^C --- famkibo.eu ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1001ms rtt min/avg/max/mdev = 13.066/13.240/13.415/0.209 ms But i can ping famkibo.eu
  179. Maranda >.>
  180. nuron @ping famkibo.eu
  181. Maranda who cares about ping, if the host *is there* of course you can ping it, but your xmpp server is misconfigured
  182. nuron but i can login?
  183. Maranda are you logining to famkibo.eu? Because your prosody instance isn't serving that virtualhost.
  184. Maranda (when it answers)
  185. nuron No, i bought a New domain...
  186. nuron shreddox.eu
  187. Ge0rG has left
  188. nuron Maranda: the monitor on uptimerobot tell that the xmpp server is up?! status.shreddox.eu
  189. Maranda Jan 14 12:10:13 c2safc1130 debug Received[c2s]: <iq id='9' type='get' to='shreddox.eu'> Jan 14 12:10:13 mod_router debug Routing to remote... Jan 14 12:10:13 mod_s2s debug opening a new outgoing connection for this stanza Jan 14 12:10:13 mod_s2s debug stanza [iq] queued until connection complete Jan 14 12:10:13 mod_s2s debug First attempt to connect to shreddox.eu, starting with SRV lookup... Jan 14 12:10:13 adns debug Records for _xmpp-server._tcp.shreddox.eu. not in cache, sending query (thread: 0x6ed7bc0 )... Jan 14 12:10:13 adns debug Sending DNS query to 127.0.0.1 Jan 14 12:10:13 socket debug new connection established. id: 8d26ae0 Jan 14 12:10:13 socket debug try to close client connection with id: 8d26ae0 Jan 14 12:10:13 socket debug closing client with id: 8d26ae0 client to close Jan 14 12:10:13 adns debug Reply for _xmpp-server._tcp.shreddox.eu. (thread: 0x6ed7bc0) Jan 14 12:10:13 mod_s2s debug shreddox.eu has SRV records, handling... Jan 14 12:10:13 mod_s2s debug Best record found, will connect to host.shreddox.eu.:61412 Jan 14 12:10:13 adns debug Records for host.shreddox.eu. not in cache, sending query (thread: 0x791ab70)... Jan 14 12:10:13 adns debug Sending DNS query to 127.0.0.1 Jan 14 12:10:13 adns debug Records for host.shreddox.eu. not in cache, sending query (thread: 0xad87d60)... Jan 14 12:10:13 adns debug Sending DNS query to 127.0.0.1 Jan 14 12:10:13 socket debug new connection established. id: a150250 Jan 14 12:10:14 adns debug Reply for host.shreddox.eu. (thread: 0x791ab70) Jan 14 12:10:14 mod_s2s debug DNS reply for host.shreddox.eu. gives us 95.143.172.177 Jan 14 12:10:14 socket debug try to close client connection with id: a150250 Jan 14 12:10:14 socket debug closing client with id: a150250 client to close Jan 14 12:10:14 adns debug Reply for host.shreddox.eu. (thread: 0xad87d60) Jan 14 12:10:14 mod_s2s debug DNS reply for host.shreddox.eu. gives us 2001:1a50:11::5f:8f:acb1:426 Jan 14 12:10:14 s2soutb299270 info Beginning new connection attempt to shreddox.eu ([2001:1a50:11::5f:8f:acb1:426]:6 1412) Jan 14 12:10:14 s2soutb299270 debug Connection attempt in progress... Jan 14 12:10:14 socket debug new connection established. id: bca61a0 Jan 14 12:10:14 s2soutb299270 debug sending: <?xml version='1.0'?> Jan 14 12:10:14 s2soutb299270 debug sending: <stream:stream xmlns:stream='http://etherx.jabber.org/streams' to='shred dox.eu' from='lightwitch.org' version='1.0' xmlns:db='jabber:server:dialback' xmlns='jabber:server'> Jan 14 12:10:14 c2s865cfb0 debug Received[c2s]: <a xmlns='urn:xmpp:sm:3' h='3129'> Jan 14 12:10:14 s2soutb299270 debug Received[s2sout_unauthed]: <features xmlns='http://etherx.jabber.org/streams'><st arttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'><required/></starttls><dialback xmlns='urn:xmpp:features:dialback'/></feat ures> Jan 14 12:10:14 lightwitch.org:tls debug shreddox.eu is offering TLS, taking up the offer... Jan 14 12:10:14 s2soutb299270 debug sending: <starttls xmlns='urn:ietf:params:xml:ns:xmpp-tls'/> Jan 14 12:10:14 s2soutb299270 debug Received[s2sout_unauthed]: <proceed xmlns='urn:ietf:params:xml:ns:xmpp-tls'/> Jan 14 12:10:14 lightwitch.org:tls debug Proceeding with TLS on s2sout... Jan 14 12:10:14 socket debug try to start ssl at client id: bca61a0 Jan 14 12:10:14 socket debug starting handshake... Jan 14 12:10:14 socket debug ssl handshake of client with id:table: 0xbca61a0, attempt:1 Jan 14 12:10:14 socket debug ssl handshake of client with id:table: 0xbca61a0, attempt:2 Jan 14 12:10:14 socket debug ssl handshake of client with id:table: 0xbca61a0, attempt:3 Jan 14 12:10:14 socket debug ssl handshake of client with id:table: 0xbca61a0, attempt:4 Jan 14 12:10:15 socket debug ssl handshake of client with id:table: 0xbca61a0, attempt:5 Jan 14 12:10:15 s2soutb299270 debug Sending stream header... Jan 14 12:10:15 s2soutb299270 debug sending: <?xml version='1.0'?> Jan 14 12:10:15 s2soutb299270 debug sending: <stream:stream xmlns:stream='http://etherx.jabber.org/streams' to='shred dox.eu' from='lightwitch.org' id='d3f89f4e-b151-4dda-9117-37dad7c3301f' version='1.0' xmlns:db='jabber:server:dialback' x mlns='jabber:server'> Jan 14 12:10:15 socket debug ssl handshake done Jan 14 12:10:15 s2soutb299270 debug certificate chain validation result: valid Jan 14 12:10:15 x509 debug Cert dNSName shreddox.eu matched hostname Jan 14 12:10:15 s2soutb299270 info Session closed by remote with error: not-authorized (Your server's certificate is invalid, expired, or not trusted by shreddox.eu) Jan 14 12:10:15 s2soutb299270 debug sending: </stream:stream> Jan 14 12:10:15 s2soutb299270 info outgoing s2s stream lightwitch.org->shreddox.eu closed: not-authorized (Your serv er's certificate is invalid, expired, or not trusted by shreddox.eu) Jan 14 12:10:15 s2soutb299270 debug Destroying outgoing session lightwitch.org->shreddox.eu: not-authorized (Your ser ver's certificate is invalid, expired, or not trusted by shreddox.eu) Jan 14 12:10:15 s2soutb299270 info sending error replies for 1 queued stanzas because of failed outgoing connection to shreddox.eu Jan 14 12:10:15 mod_router debug Received[s2sin]: <iq id='9' type='error' to='echo1@lightwitch.org/echo1' from='sh reddox.eu'> Jan 14 12:10:15 socket debug try to close client connection with id: bca61a0 Jan 14 12:10:15 socket debug closing delayed until writebuffer is empty Jan 14 12:10:15 s2soutb299270 debug Received </stream:stream> Jan 14 12:10:15 s2soutb299270 debug Attempt to close already-closed session Jan 14 12:10:15 socket debug closing client after writing Jan 14 12:10:15 socket debug closing client with id: bca61a0 client to close Jan 14 12:10:15 s2soutb299270 debug s2s disconnected: lightwitch.org->shreddox.eu (connection closed)
  190. Maranda You don't seem to have DST Root CA X3 added to your certificate authorities
  191. Ge0rG has left
  192. Maranda That or Prosody can't access the server CA-Path.
  193. nuron > You don't seem to have DST Root CA X3 added to your certificate authorities What's that??
  194. Maranda Let's Encrypt CA
  195. nuron I have one... I created them with this command: letsencrypt certonly -d shreddox.eu -d upload.shreddox.eu -d conference.shreddox.eu
  196. nuron Or is this command wrogM
  197. nuron Wrong
  198. nuron ssl = { -- options = { "no_sslv2", "no_sslv3", "no_compression" }; dhparam = "/home/famkibo/var/prosody/ssl/dh-2048.pem"; key = "/home/famkibo/shreddox.eu/privkey.pem"; certificate = "/home/famkibo/shreddox.eu/fullchain.pem"; } Thats the ssl part in the prosody config
  199. fp-tester has joined
  200. Maranda strange Prosody *should* by default use "lsec_continue", "lsec_ignore_purpose" so your server shouldn't refuse connections if it doesn't trust a certificate.
  201. Maranda are you sure you don't have a ssl directive anywhere else in your config file?
  202. nuron Marande maybe this? c2s_require_encryption = true; s2s_require_encryption = true; -- Server müssen anerkannte, gültigen Sicherheitszertifikate vorweisen -- Siehe auch: https://thomas-leister.de/sichere-xmpp-s2s-verschluesselung/ s2s_secure_auth = true;
  203. Zash -certinfo shreddox.eu
  204. Bunneh Zash: Host unreachable: Server-to-server connection failed: Connecting failed: closed
  205. Maranda nuron, yes from documentation it looks to be that.
  206. nuron > -certinfo shreddox.eu What?
  207. nuron > nuron, yes from documentation it looks to be that. So I have to do what?
  208. Maranda This will disable dialback (a DNS-based authentication mechanism), and require that all remote servers present trusted certificates valid for their domain. Note that you can configure which certificate authorities Prosody trusts certificates from, see our documentation on certificates for more info. Beware that many servers on the XMPP network use self-signed or invalid certificates, or even don't support TLS at all (such as gmail.com and all Google-hosted domains). It is possible to make exceptions like this:
  209. Maranda s2s_secure_auth = false; or remove the directive?
  210. Maranda I dunno what the default is
  211. nuron Hmm i'll try it..
  212. Ge0rG has left
  213. nuron has left
  214. Ge0rG has left
  215. 404.city has left
  216. Maranda Dialback failing.
  217. Maranda brb
  218. valo has joined
  219. Ge0rG has left
  220. 404.city has left
  221. fp-tester has joined
  222. Ge0rG has left
  223. Ge0rG has left
  224. Ge0rG has left
  225. carlos has joined
  226. carlos has joined
  227. nuron I think now it works!!!
  228. nuron At least with trashserver
  229. nuron But when i try to start a new muc / chat with an other server my clients disconnect from the servern
  230. nuron Server
  231. nuron has left
  232. Ge0rG has left
  233. Maranda I still get timeouts on s2s
  234. Maranda whatever, bbl
  235. nuron has left
  236. blabla has left
  237. Ge0rG has left
  238. nuron Yea, the server crashes sometimes... I don't know why
  239. nuron But prosodyctl status tell me, that the server is still a life but I get timeouts too
  240. Ge0rG has left
  241. Zash What do you mean by crashes?
  242. Zash Also, there's a room specifically for prosody support, prosody@conference.prosody.im
  243. nuron > Also, there's a room specifically for prosody support, prosody@conference.prosody.im Okay, thanks but i think it isn't much to do now...
  244. nuron > What do you mean by crashes? The server is still running (htop -> lua; prosodyctl status -> prosody is running) but all my accounts discontent from the server... And the CPU use of lua rise zu 100%
  245. Zash Not what I would call a crash, but apparently everything is a crash nowdays :(
  246. nuron Okay, than the server do not crash... But there is an issue..
  247. nuron After a while the server is reachable again and the connection to the other server works fine...
  248. Zash And this was the machine with one billion local ip addresses?
  249. nuron The server has very much ipv6 addresses, right
  250. Zash Then you will want to specify the interfaces to use
  251. nuron ?
  252. Zash interfaces = { "95.143.172.177", "2001:1a50:11:0:5f:8f:acb1:426" }
  253. nuron Add to config?
  254. Zash Yes. Global section.
  255. nuron Okay, just wait a second...
  256. nuron Then reload or restart prosody?
  257. Ge0rG has left
  258. Zash Reload config and mod_s2s
  259. nuron So the command is? Prosodyctl reload ?
  260. Zash Needs the telnet console or adhoc commands to reload modules
  261. Zash `prosodctl reload` only reloads config, logging and certs
  262. nuron Okay, telnet isn't available... And adhoc I don't know
  263. Zash just restart it then
  264. nuron 👍
  265. Zash It would be unwise to enable telnet on that host
  266. nuron How long should a restart need?
  267. Zash What do you mean?
  268. nuron Should it take 1 minute , 5 minute's?
  269. nuron When I restart prosody and then the time where every client is logged in again
  270. nuron Sorry, my English is very bad 😑
  271. Zash Less than a minute
  272. nuron Hmm okay
  273. Zash Like, it should on the order of a second or two
  274. Zash Depends on number of connections that need to be closed
  275. nuron Now prosody is restarted... I'll try with jabber.de
  276. 404.city nuron: what is the proble?
  277. nuron 404.city: a second please
  278. Zash nuron: Have you tried `prosodyctl check dns`
  279. nuron Of course
  280. nuron https://haste.tchncs.de/amirazipoy.vhdl zash
  281. ibikk has joined
  282. Zash Ugh, javascript-requiring pastebins :(
  283. nuron 404.city: the problem is, that I lose my connection to the server when I try to chat with an other xmpp server...
  284. nuron > Ugh, javascript-requiring pastebins :( Should I post it here?
  285. 404.city nuron: firewall allow port 5269?
  286. nuron S2s port is 61412, this port is open an the srv will manage
  287. Zash There is no response on that port
  288. nuron Hmm it should...
  289. Zash It just times out
  290. nuron Hmm
  291. Ge0rG has left
  292. nuron Ipv4 or ipv6
  293. Zash Both
  294. nuron Strange
  295. Zash Says connected, but doesn't say anything
  296. nuron Hmm
  297. nuron I'll go to check the logs
  298. Zash -ping shreddox.eu
  299. Zash Oh
  300. Zash bunnnnnnnnn!
  301. Bunneh has joined
  302. Zash -ping shreddox.eu
  303. Bunneh Zash: Ping failed (remote-server-not-found): Server-to-server connection failed: closed
  304. nuron Now it should work... My Clients are up
  305. Zash What do you see in /etc/ssl/certs ?
  306. 404.city has left
  307. nuron zash i only have the folder /home/famkibo/etc/prosody/certs and there are this files inside
  308. nuron ls ~/etc/prosody/certs/ cert.pem chain.pem fullchain.pem privkey.pem README
  309. Zash nuron: That's not what I asked
  310. nuron zash you mean this?
  311. nuron s /etc/ssl/certs ca-bundle.crt localhost-with-intermediate.crt renew-dummy-cert sub.class1.server.sha2.ca.pem wildcard.serpens.uberspace.de.crt ca-bundle.trust.crt make-dummy-cert sub.class1.server.ca.pem sub.class2.server.ca.pem wildcard.serpens.uberspace.de-with-intermediate.crt class3.crt Makefile sub.class1.server.ca.pem.1 sub.class2.server.sha2.ca.pem
  312. Zash Uhu
  313. Zash Prosody expects the list of root certificates to live in there, by default.
  314. Zash If those files are all that's there, then that's not the case, so all cert TLS validation will fail
  315. nuron So I have to use /etc/SSL/certs as cert folder?
  316. Ge0rG has left
  317. nuron Sorry, but I don't unterstand this
  318. Zash You need to do things that are normally done by the packager, such as point Prosody to where local CA root certificates are stored.
  319. Zash Might be that 'ca-bundle.crt', but I don't know.
  320. Zash You might need `ssl = { capath = "path to special directory" or cafile = "path to ca bundle file" }`
  321. nuron And the paths are /etc/ssl/certs/file
  322. nuron Right?
  323. Zash It depends on the OS/distro
  324. Zash Debian & co has `/etc/ssl/certs` in a special format
  325. nuron On uberspace its centOS
  326. Zash My favorite!!!
  327. nuron ;)
  328. Zash Majority of my CentOS experience is debugging impossible problems and finding logged in root terminals left by senior admins
  329. Zash Which contributes to my general dislike of uberspace
  330. nuron I don't have root access?! Its shared hosting...
  331. Zash Everything is just weird, and difficult for even weirder reasons.
  332. Zash That was at a previous job.
  333. 404.city has joined
  334. Ge0rG has left
  335. css has left
  336. nuron But what have I to do?
  337. nuron Shall I ask uberspace what the problem is?
  338. Zash Ask where CA certs are
  339. nuron Okay, and when I have the answer, what have I to do then?
  340. ThibG has joined
  341. Zash Like I said earlier, depending on if it's a bundle file or a directory, `ssl = { capath = "directory", cafile = "bundle file" }`
  342. nuron Okay, thanks
  343. Ge0rG has left
  344. carlos has left
  345. carlos has joined
  346. Maranda why are you try to run prosody on shared hosting... when you can get away with a vps at 5$/mo or so >.>
  347. nuron Because I have the shared hosting server anyways
  348. Maranda When you ask for troubles (and possibly a suspended account) you usually find 'em.
  349. nuron > When you ask for troubles (and possibly a suspended account) you usually find 'em. ?
  350. Maranda Because that still makes no sense.
  351. nuron What makes no sense?
  352. Maranda ‎[16:13:35] ‎nuron‎: Because I have the shared hosting server anyways
  353. nuron Why should I pay for two servers?
  354. Zash Tons of people run on uberspace, and it feels like all of them have the weirdest problems
  355. Maranda Because A) shared hosting sucks B) It's generally way unsafer than a vps C) Costs about the same.
  356. Maranda and D) saves you the hassle of not being able to run on standard ports which is a horrible practice.
  357. Ge0rG has left
  358. nuron I'll contact the support and when they can't help me I will stop this "project"...
  359. Maranda and D) saves you the hassle of not being able to run on standard ports which not doing falls below horrible practices.
  360. nuron Or I have to build up a second network at home so I can use my hone server for prosody...
  361. mimi89999 has joined
  362. Maranda If you have a static ip address and a good connection it's for sure better than what you're trying to do now imho
  363. Maranda (lightwitch.org web/mail server sit right in my living room on a shelf tbh.)
  364. nuron The connection is good but I have a dynamic IP and don't want to open several ports...
  365. Ge0rG has left
  366. Ge0rG has left
  367. kmq has joined
  368. nuron Maranda: you said that you host your web and mail server at home. Do you have a second network for the server(s)? Do you have a static IP?
  369. kmq has left
  370. Maranda I have a static ip, why should I have a second network or vlan?
  371. Ge0rG has left
  372. nuron So you have your Server in your hone network?
  373. carlos has joined
  374. carlos has joined
  375. nuron has joined
  376. nuron But a dynamic IP will work as well, right?
  377. Zash Works, but can be a bit of a pain to deal with IP changes, depending on how it works
  378. nuron I have no other possibility... Of course I can buy another server but I have everything I need
  379. nuron And how do you protect your Server Maranda
  380. Ge0rG has left
  381. mike has left
  382. Maranda O.o? The way everyone protects networks and servers, via those things called "Firewalls"?
  383. nuron Firewall in your Server, Router on an extra device
  384. carlos has joined
  385. carlos has joined
  386. jere has joined
  387. Maranda Usually you have a firewall on your nat/router and another on your server...?
  388. Ge0rG has left
  389. nuron Jes oft course...
  390. nuron But do you use additional software like fail2ban?
  391. nuron has left
  392. Maranda No, and fail2ban sucks
  393. nuron has left
  394. Ge0rG has left
  395. Maranda I suppose he was a fan of F2B perhaps.
  396. nuron has joined
  397. nuron has left
  398. nuron has joined
  399. kmq has joined
  400. Ge0rG has left
  401. nuron has joined
  402. nuron has joined
  403. Martin nuron: didn't read allbut on uberspace you need cafile setting
  404. nuron Martin: what have you set in config as cafile?
  405. Martin Don't remember and am ag icehockey now. Google uberspace prosody cafile there are some examples online
  406. nuron Okay, thanks
  407. nuron Have fun
  408. Martin Thx
  409. Ge0rG has left
  410. ThibG has joined
  411. ThibG has joined
  412. Ge0rG has left
  413. Ge0rG has left
  414. Ge0rG has left
  415. ThibG has left
  416. ThibG has joined
  417. Ge0rG has left
  418. mimi89999 has left
  419. uc has left
  420. mimi89999 has left
  421. uc has joined
  422. css has left
  423. Ge0rG has left
  424. ibikk has left
  425. kmq has joined
  426. kmq has joined
  427. Ge0rG has left
  428. Ge0rG has left
  429. fp-tester has joined
  430. 404.city has left
  431. Ge0rG has left
  432. 404.city has left
  433. 404.city has left
  434. Marzanna has left
  435. 404.city has left
  436. SouL has left
  437. Ge0rG has left
  438. Ge0rG has left
  439. nuron Now it works!!
  440. nuron I've added the ca file /etc/ssl/certs/ca-bundle.trust.crt in the config and now it works fine. Also with s2s_secure_auth
  441. Ge0rG has left
  442. ibikk has left
  443. Ge0rG has left
  444. advisory has joined
  445. kmq has joined
  446. kmq has joined
  447. ThibG has joined
  448. Ge0rG has left
  449. kmq has left
  450. Ge0rG has left
  451. carlos has joined
  452. carlos has joined
  453. Marzanna has left
  454. SamWhited has left
  455. SamWhited has left
  456. fp-tester has joined
  457. Ge0rG has left
  458. advisory has left
  459. css has joined
  460. advisory has joined
  461. advisory has left
  462. advisory has joined
  463. Marzanna has left
  464. carlos has joined
  465. carlos has joined
  466. Ge0rG has left
  467. Martin has joined
  468. css has left
  469. SouL has left
  470. Ge0rG has left
  471. Ge0rG has left
  472. ibikk has joined
  473. pod has left
  474. carlos has joined
  475. carlos has joined
  476. Ge0rG has left
  477. jere has left
  478. carlos has joined
  479. carlos has joined
  480. Ge0rG has left
  481. carlos has joined
  482. carlos has joined
  483. jere has joined
  484. Ge0rG has left
  485. Ge0rG has left
  486. carlos has joined
  487. carlos has joined
  488. carlos has joined
  489. carlos has joined
  490. Ge0rG has left
  491. uc has joined
  492. kmq has joined
  493. Ge0rG has left
  494. carlos has joined
  495. carlos has joined
  496. Ge0rG has left
  497. ibikk has left
  498. SamWhited has joined
  499. Ge0rG has left
  500. kmq has left