193 Lotus blogs updated hourly. Who will post next? Home | Blogs | Search | About 
 
Latest 7 Posts
Hmmm - ADMA5107E and CWWBA0008E seen whilst uninstalling a SCA module from IBM BPM Advanced 8.5.7
Sat, May 20th 2017 62
WebSphere to WebSphere - Problems with WAS to MQ Server Connection Channel
Sat, May 20th 2017 39
IBM Integration Bus - Tinkering with WebAdmin permissions
Thu, May 18th 2017 55
IBM Integration Bus - Modifying the Listener Ports for the HTTPConnector
Thu, May 18th 2017 60
WebSphere Liberty Collectives - Problems with the FileService MBean
Mon, May 15th 2017 39
macOS Sierra and Apple Mail - Tinkering with Mail Signatures
Sat, May 13th 2017 38
Doh, WebSphere Liberty Profile, still getting it wrong ...
Thu, May 11th 2017 25
Top 10
Hmmm - ADMA5107E and CWWBA0008E seen whilst uninstalling a SCA module from IBM BPM Advanced 8.5.7
Sat, May 20th 2017 62
IBM Integration Bus - Modifying the Listener Ports for the HTTPConnector
Thu, May 18th 2017 60
IBM Integration Bus - Tinkering with WebAdmin permissions
Thu, May 18th 2017 55
WebSphere Liberty Collectives - Problems with the FileService MBean
Mon, May 15th 2017 39
WebSphere to WebSphere - Problems with WAS to MQ Server Connection Channel
Sat, May 20th 2017 39
macOS Sierra and Apple Mail - Tinkering with Mail Signatures
Sat, May 13th 2017 38
Executing external Python/Jython scripts from within WebSphere Application Server's wsadmin tool
Thu, Feb 27th 2014 37
Hmmmm, HTTP404 and SRVE0190E seen with IBM HTTP Server and WebSphere Application Server
Fri, Nov 14th 2014 37
Hmmm, macOS Sierra and XQuartz and X11
Thu, Oct 27th 2016 30
IBM HTTP Server / IBM WebSphere Plugin - Using Transport Layer (TLS) 1.2
Tue, Nov 10th 2015 28


Synology NAS - Broke SSH but Telnet saved me
Twitter Google+ Facebook LinkedIn Addthis Email Gmail Flipboard Reddit Tumblr WhatsApp StumbleUpon Yammer Evernote Delicious
   

I was fiddling about with SSH on my Synology DS414 NAS, with the intention of setting up password-less authentication ( about which more to follow ).

Having updated the SSHD configuration ( /etc/ssh/sshd_config ), I then found that I wasn't able to restart the SSH service, via the following command: -

synoservicectl --restart sshd

Whilst SSH stopped, it refused to restart.

Which meant that I was locked out ….

Happily, I still had access via the Web UI meaning that I could enable the oh-so-secure Telnet service

Whilst I wouldn't use Telnet ordinarily, it provided me with a nice little "back door" ( perhaps an inappropriate choice of words ).

I was then able to telnet into the box, and sort out the configuration i.e. reverse out the changes to sshd_config.

However, things still weren't rosy. Whilst SSHD was apparently running, I was seeing: -

Permission denied, please try again.
Connection to diskstation closed.

when I tried to ssh in.

Thankfully, I still had the Telnet option, so I checked the normal Unix logs: -

dmesg

[15363.072410] init: sshd main process (32286) terminated with status 255
[15363.079132] init: sshd main process ended, respawning
[15363.543730] init: sshd main process (32305) terminated with status 255
[15363.550438] init: sshd main process ended, respawning
[15364.004256] init: sshd main process (32324) terminated with status 255
[15364.010969] init: sshd main process ended, respawning
[15364.469980] init: sshd main process (32343) terminated with status 255
[15364.476658] init: sshd main process ended, respawning
[15364.933677] init: sshd main process (32363) terminated with status 255
[15364.940675] init: sshd main process ended, respawning
[15365.414906] init: sshd main process (32384) terminated with status 255
[15365.421621] init: sshd respawning too fast, stopped


which wasn't totally helpful.

So I revisited the Web UI, and saw this: -


Yep, you guessed it, I'd disabled the service, so it wasn't ever going to start :-)

So, I'm now back to a working SSH situation - time to go play with SSL keys again :-)

That'll be the next blog post ….


---------------------
http://portal2portal.blogspot.com/2017/01/synology-nas-broke-ssh-but-telnet-saved.html
Jan 05, 2017
7 hits



Recent Blog Posts
62
Hmmm - ADMA5107E and CWWBA0008E seen whilst uninstalling a SCA module from IBM BPM Advanced 8.5.7
Sat, May 20th 2017 7:15a   Dave Hay
Hmmm, I started seeing this whilst attempting to remove an existing SCA module ( EAR file ) from a BPM Advanced 8.5.7 environment: -[5/20/17 6:10:25:473 UTC] 0000013b UninstallSche I ADMA5017I: Uninstallation of MQ_Test started.[5/20/17 6:10:25:535 UTC] 0000013b DMAdapter I com.ibm.ws.ffdc.impl.DMAdapter getAnalysisEngine FFDC1009I: Analysis Engine using data base: /opt/ibm/WebSphere/AppServer/properties/logbr/ffdc/adv/ffdcdb.xml[5/20/17 6:10:25:616 UTC] 0000013b FfdcProvider W com.ibm.ws
39
WebSphere to WebSphere - Problems with WAS to MQ Server Connection Channel
Sat, May 20th 2017 5:43a   Dave Hay
This was driving me batty for a few hours, until I really focused on the problem.This was what I was seeing in WAS: -/opt/ibm/WebSphereProfiles/AppSrv01/logs/AppClusterMember1/SystemOut.log... Caused by [5] --> Message : com.ibm.mq.jmqi.JmqiException: CC=2;RC=2397;AMQ9641: Remote CipherSpec error for channel 'TESTQMGR.SVRCONN' to host ''. [3=TESTQMGR.SVRCONN]...com.ibm.msg.client.jms.DetailedJMSException: JMSWMQ0018: Failed to connect to queue manager 'TESTQM' with connection mode
55
IBM Integration Bus - Tinkering with WebAdmin permissions
Thu, May 18th 2017 8:51p   Dave Hay
This came up in a conversation with one of my team earlier.In brief, it's possible to configure the IIB 10 Web Admin UI to be protected by a user ID / password.This is what I did: -Define a user ID, password and role - iibadminsmqsiwebuseradmin TESTNODE_iibadmin -c -u davehay -a passw0rd -r iibadminsGrant the appropriate permissions to the iibadmins rolemqsichangefileauth TESTNODE_iibadmin -r iibadmins -p all+Stop the Integration Nodemqsistop TESTNODE_iibadminEnable the file-based authenticatio
60
IBM Integration Bus - Modifying the Listener Ports for the HTTPConnector
Thu, May 18th 2017 7:06a   Dave Hay
One of my colleagues was endeavouring to change the port on which the HTTPConnector object listens within an IBM Integration Bus 10 environment.In the past, she'd have run this command: -mqsichangeproperties TESTNODE_iibadmin -e default -o HTTPConnector -n 8000and then used this command to check: -mqsireportproperties TESTNODE_iibadmin -e default -o HTTPConnector -rHowever, she was finding that the port didn't change.We dug into the documentation, and found this: -…You must use the explicitl
39
WebSphere Liberty Collectives - Problems with the FileService MBean
Mon, May 15th 2017 10:10a   Dave Hay
I kept seeing this exception: -[15/05/17 09:16:25:071 BST] 0000031d com.ibm.ws.filetransfer.internal.mbean.FileService E CWWKX7900E: Access denied to the /opt/IBM/wlp path. in my Liberty Collective Controller's log: -/opt/IBM/work/servers/cc/logs/messages.logeven though I'd configured the appropriate permission using the remoteFileAccess stanza in my include.xml : - /tmp/nodejsApplications ${wlp.install.dir ${wlp.user.dir} ${se
38
macOS Sierra and Apple Mail - Tinkering with Mail Signatures
Sat, May 13th 2017 5:29p   Dave Hay
On behalf of a friend, I've been tinkering with the signatures in  Mail, as included with macOS Sierra 10.12.4.Things have changed since last I tried this, most importantly that it's not easy to add a HTML signature ( with fonts, images, links etc. ).Thankfully, this blog helped: -How to Make an HTML Signature in Apple Mail for Sierra OS X 10.12There are plenty of tutorials online to create an HTML signature in Apple Mail with older versions of OS X, and you have probably already seen one o
25
Doh, WebSphere Liberty Profile, still getting it wrong ...
Thu, May 11th 2017 1:50p   Dave Hay
I saw this from my Liberty runtime today: -...[AUDIT ] CWWKT0016I: Web application available (default_host): http://e88e0bcb807d:9080/IBMJMXConnectorREST/[AUDIT ] CWWKT0016I: Web application available (default_host): http://e88e0bcb807d:9080/ibm/api/collective/notify/[AUDIT ] CWWKT0016I: Web application available (default_host): http://e88e0bcb807d:9080/ibm/adminCenter/deploy-1.0/[AUDIT ] CWWKT0016I: Web application available (default_host): http://e88e0bcb807d:9080/ibm/adminCenter/serve
7
WebSphere Application Server Log Watcher: Using TrapIt.ear to watch for WebSphere Application Server events
Tue, Apr 25th 2017 8:02p   Dave Hay
Found this whilst looking for something completely different: -Problem(Abstract)While investigating a problem with WebSphere Application Server, you may need to watch for events such as messages to the SystemOut.log and take action when they occur.Resolving the problemThe TrapIt.ear provides an easy way to perform actions based on events(message ids) in the WebSphere Application Server or based on time. If you need to monitor files (for example SystemOut.log, ffdcs, application or operating syst
10
WebSphere MQ - Advanced Message Security - Some tinkering and AMQ9021
Fri, Apr 21st 2017 7:18p   Dave Hay
This is the first of a few posts about my voyage of discovery with WebSphere MQ ( now IBM MQ ) Advanced Message Security (AMS), in the context of message authentication and encryption.Thus far, I've broken it twice :-)I'm following this tutorial: -Quick Start Guide for IBM MQ AMS on UNIX platformsand was able to successfully send messages from Alice to Bob, via a MQ Queue Manager.However, I did hit two exceptions: -/opt/ibm/mqm/samp/bin/amqsput TESTQ TESTQMSample AMQSPUT0 starttarget queue is
12
IBM Operational Decision Manager - Adding a LDAP server via the Decision Center Business Console
Thu, Apr 20th 2017 7:07p   Dave Hay
This has been on my To-Do list for some time.One of my colleagues was looking to configure connectivity between the IBM ODM Decision Center Business Console and an LDAP server.He, like me, is using ODM Advanced 8.8.1.I'd previously installed and configured this version on WebSphere Application Server (WAS) Network Deployment 8.5.5.This is what I have installed: -/opt/ibm/InstallationManager/eclipse/tools/imcl listInstalledPackagescom.ibm.cic.agent_1.8.6000.20161118_1611com.ibm.websphere.IBMJAVA




Created and Maintained by Yancy Lent - About - Planet Lotus Blog - Advertising - Mobile Edition