I have set up an ftp user on my ubuntu server. I can sftp in to ftp_user#ip, am asked for my password, and get connected fine.
Filezilla (which worked 3 months ago), doesn't connect. This is a redacted version of the ssh logs:
Jul 19 14:18:33 sshd[14275]: Invalid user user from port 47990
Jul 19 14:18:33 sshd[14275]: Received disconnect from port 47990:11: Normal Shutdown, Thank you for playing [preauth]
Jul 19 14:18:33 sshd[14275]: Disconnected from invalid user user port 47990 [preauth]
Jul 19 14:18:44 sshd[14277]: Invalid user user from port 48558
Jul 19 14:18:44 sshd[14277]: Received disconnect from port 48558:11: Normal Shutdown, Thank you for playing [preauth]
Jul 19 14:18:44 sshd[14277]: Disconnected from invalid user user port 48558 [preauth]
Jul 19 14:18:55 sshd[14282]: Invalid user user from port 49142
Jul 19 14:18:55 sshd[14282]: Received disconnect from port 49142:11: Normal Shutdown, Thank you for playing [preauth]
Jul 19 14:18:55 sshd[14282]: Disconnected from invalid user user port 49142 [preauth]
This sounds like Filezilla is trying user "user", which is not correct, but my settings has:
EDIT: it works if I use the quickconnect bar, but not the above main settings.
What am I doing wrong?
Related
Closed. This question is not about programming or software development. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 7 hours ago.
Improve this question
Feb 18 03:12:57 mail roundcube: PHP Deprecated: Return type of zipdownload_mbox_filter::filter($in, $out, &$consumed, $closing) should either be compatible with php_user_filter::filter($in, $out, &$consumed, bool $closing): int, or the>
Feb 18 03:13:24 mail postfix/qmgr[620712]: 4PJXnH2yM2z2LZY: from=2023021802340474722fef9a3343a2a5862690f0a0p0na-C39VIEGRHNUE4S#bounces.amazon.com, size=6596, nrcpt=2 (queue active)
Feb 18 03:13:24 mail postfix/qmgr[620712]: 4PJYPl3Fg1z2Lb2: from=bounce+b69813.b125-jamesnielsen=privasurge.com#mxtoolbox.com, size=36395, nrcpt=2 (queue active)
Feb 18 03:13:24 mail postfix/amavis/smtp[621211]: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused
Feb 18 03:13:24 mail postfix/amavis/smtp[621211]: 4PJXnH2yM2z2LZY: to=jamesnielsen#privasurge.com, relay=none, delay=2353, delays=2353/0.02/0/0, dsn=4.4.1, status=deferred (connect to 127.0.0.1[127.0.0.1]:10024: Connection refused)
Feb 18 03:13:24 mail postfix/amavis/smtp[621211]: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused
<127.0.0.1]:10024: Connection refused)
Feb 18 03:13:24 mail postfix/amavis/smtp[621211]: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused
Feb 18 03:13:24 mail postfix/amavis/smtp[621211]: 4PJYPl3Fg1z2Lb2: to=jamesnielsen#privasurge.com, relay=none, delay=665, delays=665/0.03/0.01/0, dsn=4.4.1, status=deferred (connect to 127.0.0.1[127.0.0.1]:10024: Connection refused)
Feb 18 03:13:24 mail postfix/amavis/smtp[621211]: connect to 127.0.0.1[127.0.0.1]:10024: Connection refused
Feb 18 03:13:24 mail postfix/amavis/smtp[621211]: 4PJYPl3Fg1z2Lb2: to=jnielsen1919#gmail.com, orig_to=jamesnielsen#privasurge.com, relay=none, delay=665, delays=665/0.04/0/0, dsn=4.4.1, status=deferred (connect to 127.0.0.1[127.0.0.>
Feb 18 03:13:57 mail roundcube: PHP Deprecated: Return type of zipdownload_mbox_filter::filter($in, $out, &$consumed, $closing) should either be compatible with php_user_filter::filter($in, $out, &$consumed, bool $closing): int, or the>
Feb 18 03:14:10 mail postfix/smtps/smtpd[621128]: connect from unknown[46.148.40.148]
Mail server was working just find then after changing nothing all of a sudden mail server cannot send and recieve emails
I have tried sending and recieving emails and neither will update
Ever since I upgraded to pfSense 2.5.0, my NordVPN interface does not work anymore. Traffic does not get routes to the NordVPN gateway, as pfSense reports it as "down" with 100% package loss. When checking "Status -> OpenVPN" the connection is reported as UP, but the gateway is DOWN. I don't understand how this is possible, but the log provides some clues, although I don't understand what goes wrong when reading the log.
OpenVPN Log (private IPs removed):
Feb 19 07:42:59 openvpn 79266 Initialization Sequence Completed
Feb 19 07:43:58 openvpn 79266 Authenticate/Decrypt packet error: missing authentication info
Feb 19 07:44:58 openvpn 79266 Authenticate/Decrypt packet error: missing authentication info
Feb 19 07:45:58 openvpn 79266 [nl852.nordvpn.com] Inactivity timeout (--ping-restart), restarting
Feb 19 07:45:58 openvpn 79266 SIGUSR1[soft,ping-restart] received, process restarting
Feb 19 07:45:58 openvpn 79266 Restart pause, 10 second(s)
Feb 19 07:46:08 openvpn 79266 NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Feb 19 07:46:08 openvpn 79266 Outgoing Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Feb 19 07:46:08 openvpn 79266 Incoming Control Channel Authentication: Using 512 bit message hash 'SHA512' for HMAC authentication
Feb 19 07:46:08 openvpn 79266 TCP/UDP: Preserving recently used remote address: [AF_INET]194.127.172.103:1194
Feb 19 07:46:08 openvpn 79266 Socket Buffers: R=[42080->524288] S=[57344->524288]
Feb 19 07:46:08 openvpn 79266 UDPv4 link local (bound): [AF_INET]x.x.x.x:0
Feb 19 07:46:08 openvpn 79266 UDPv4 link remote: [AF_INET]y.y.y.y:1194
Feb 19 07:46:08 openvpn 79266 TLS: Initial packet from [AF_INET]y.y.y.y.z:1194, sid=2ce7940f f02613d1
Feb 19 07:46:08 openvpn 79266 VERIFY WARNING: depth=0, unable to get certificate CRL: CN=nl852.nordvpn.com
Feb 19 07:46:08 openvpn 79266 VERIFY WARNING: depth=1, unable to get certificate CRL: C=PA, O=NordVPN, CN=NordVPN CA5
Feb 19 07:46:08 openvpn 79266 VERIFY WARNING: depth=2, unable to get certificate CRL: C=PA, O=NordVPN, CN=NordVPN Root CA
Feb 19 07:46:08 openvpn 79266 VERIFY OK: depth=2, C=PA, O=NordVPN, CN=NordVPN Root CA
Feb 19 07:46:08 openvpn 79266 VERIFY OK: depth=1, C=PA, O=NordVPN, CN=NordVPN CA5
Feb 19 07:46:08 openvpn 79266 VERIFY KU OK
Feb 19 07:46:08 openvpn 79266 Validating certificate extended key usage
Feb 19 07:46:08 openvpn 79266 ++ Certificate has EKU (str) TLS Web Server Authentication, expects TLS Web Server Authentication
Feb 19 07:46:08 openvpn 79266 VERIFY EKU OK
Feb 19 07:46:08 openvpn 79266 VERIFY OK: depth=0, CN=nl852.nordvpn.com
Feb 19 07:46:08 openvpn 79266 WARNING: 'link-mtu' is used inconsistently, local='link-mtu 1582', remote='link-mtu 1634'
Feb 19 07:46:08 openvpn 79266 WARNING: 'auth' is used inconsistently, local='auth [null-digest]', remote='auth SHA512'
Feb 19 07:46:08 openvpn 79266 Control Channel: TLSv1.2, cipher TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384, 4096 bit RSA
Feb 19 07:46:08 openvpn 79266 [nl852.nordvpn.com] Peer Connection Initiated with [AF_INET]194.127.172.103:1194
Feb 19 07:46:09 openvpn 79266 SENT CONTROL [nl852.nordvpn.com]: 'PUSH_REQUEST' (status=1)
Feb 19 07:46:09 openvpn 79266 PUSH: Received control message: 'PUSH_REPLY,redirect-gateway def1,dhcp-option DNS 103.86.96.100,dhcp-option DNS 103.86.99.100,sndbuf 524288,rcvbuf 524288,explicit-exit-notify,comp-lzo no,route-gateway z.z.z.z,topology subnet,ping 60,ping-restart 180,ifconfig g.g.g.g 255.255.255.0,peer-id 3'
Feb 19 07:46:09 openvpn 79266 OPTIONS IMPORT: timers and/or timeouts modified
Feb 19 07:46:09 openvpn 79266 OPTIONS IMPORT: explicit notify parm(s) modified
Feb 19 07:46:09 openvpn 79266 OPTIONS IMPORT: compression parms modified
Feb 19 07:46:09 openvpn 79266 OPTIONS IMPORT: --sndbuf/--rcvbuf options modified
Feb 19 07:46:09 openvpn 79266 Socket Buffers: R=[524288->524288] S=[524288->524288]
Feb 19 07:46:09 openvpn 79266 OPTIONS IMPORT: --ifconfig/up options modified
Feb 19 07:46:09 openvpn 79266 OPTIONS IMPORT: route options modified
Feb 19 07:46:09 openvpn 79266 OPTIONS IMPORT: route-related options modified
Feb 19 07:46:09 openvpn 79266 OPTIONS IMPORT: --ip-win32 and/or --dhcp-option options modified
Feb 19 07:46:09 openvpn 79266 OPTIONS IMPORT: peer-id set
Feb 19 07:46:09 openvpn 79266 OPTIONS IMPORT: adjusting link_mtu to 1657
Feb 19 07:46:09 openvpn 79266 Using peer cipher 'AES-256-CBC'
Feb 19 07:46:09 openvpn 79266 Data Channel: using negotiated cipher 'AES-256-CBC'
Feb 19 07:46:09 openvpn 79266 Outgoing Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
Feb 19 07:46:09 openvpn 79266 Outgoing Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
Feb 19 07:46:09 openvpn 79266 Incoming Data Channel: Cipher 'AES-256-CBC' initialized with 256 bit key
Feb 19 07:46:09 openvpn 79266 Incoming Data Channel: Using 512 bit message hash 'SHA512' for HMAC authentication
Feb 19 07:46:09 openvpn 79266 Preserving previous TUN/TAP instance: ovpnc8
Feb 19 07:46:09 openvpn 79266 NOTE: Pulled options changed on restart, will need to close and reopen TUN/TAP device.
Feb 19 07:46:09 openvpn 79266 Closing TUN/TAP interface
Feb 19 07:46:09 openvpn 79266 /usr/local/sbin/ovpn-linkdown ovpnc8 1500 1637 a.b.c.d 255.255.255.0 init
Feb 19 07:46:10 openvpn 79266 ROUTE_GATEWAY a.b.c.d/255.255.254.0 IFACE=re0 HWADDR=00:e2:6c:68:07:be
Feb 19 07:46:10 openvpn 79266 TUN/TAP device ovpnc8 exists previously, keep at program end
Feb 19 07:46:10 openvpn 79266 TUN/TAP device /dev/tun8 opened
Feb 19 07:46:10 openvpn 79266 /sbin/ifconfig ovpnc8 x.x.x.x y.y.y.y mtu 1500 netmask 255.255.255.0 up
Feb 19 07:46:10 openvpn 79266 /sbin/route add -net x.x.x.x x.x.x.x 255.255.255.0
Feb 19 07:46:10 openvpn 79266 /usr/local/sbin/ovpn-linkup ovpnc8 1500 1637 x.x.x.x 255.255.255.0 init
Feb 19 07:46:10 openvpn 79266 Initialization Sequence Completed
And the gateway log:
Feb 19 04:16:02 dpinger 68141 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr x.x.x.x bind_addr x.x.x.x identifier "NORDVPN_VPNV4 "
Feb 19 04:16:04 dpinger 68141 NORDVPN_VPNV4 x.x.x.x: Alarm latency 0us stddev 0us loss 100%
Feb 19 04:19:13 dpinger 16894 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr x.x.x.x bind_addr x.x.x.x identifier "WAN_DHCP "
Feb 19 04:19:13 dpinger 17398 send_interval 500ms loss_interval 2000ms time_period 60000ms report_interval 0ms data_len 1 alert_interval 1000ms latency_alarm 500ms loss_alarm 20% dest_addr x.x.x.x bind_addr x.x.x.x identifier "NORDVPN_VPNV4 "
Feb 19 04:19:15 dpinger 17398 NORDVPN_VPNV4 x.x.x.x: Alarm latency 0us stddev 0us loss 100%
In Firewall -> Rules -> LAN I adjusted the "default allow LAN to any rule" to the gateway "NordVPN". Outbound NAT is set to manual, with the top rule taking the LAN net as source and the NORDVPN interface.
Any help is appreciated. As said, the current configuration worked fine in 2.4.5 -- the latest release before upgrading to 2.5.0. I'm considering downgrading at this point.
Changed fallback DEA to AES-256-CBC from AES-256-GCM, and it's working fine
Go to VPN/OpenVPN/Client, and edit the setting "Fallback Data Encryption Algorithm"
NordVPN has posted updated documentation for pfSense 2.5.0, titled: pfSense 2.5 Setup with NordVPN.
As #NDK has mentioned in their A'er the updated docs show that you need to change the Fallback Data Encryption Algorithm to AES-256-CBC.
I have a problem with connecting to VPN. When I start up the raspberry device and connect the VPN with nmcli connection up VPN it succeceds. But if I bring the interface down and trying to bring it up again it fails. If I restart the raspberry I can connect to VPN again. What is the next step? Do you guys have any idea what has gone wrong?
In the journalctl log I get this message when it fails:
Could not determine IPv4/IPv6 protocol
Oct 23 15:56:24 raspberrypi nm-openvpn[2282]: SIGUSR1[soft,init_instance] received, process restarting
Oct 23 15:56:29 raspberrypi nm-openvpn[2282]: WARNING: --ns-cert-type is DEPRECATED. Use --remote-cert-tls instead.
Oct 23 15:56:29 raspberrypi nm-openvpn[2282]: NOTE: the current --script-security setting may allow this configuration to call user-defined scripts
Oct 23 15:56:29 raspberrypi nm-openvpn[2282]: RESOLVE: Cannot resolve host address: vpn.******.**:1194 (Name or service not known)
Oct 23 15:56:29 raspberrypi nm-openvpn[2282]: RESOLVE: Cannot resolve host address: vpn.*****.**:1194 (Name or service not known).
pi#raspberrypi:~ $ openvpn --version
OpenVPN 2.4.7 arm-unknown-linux-gnueabihf [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Feb 20 2019
library versions: OpenSSL 1.1.1d 10 Sep 2019, LZO 2.10
uname -a
Linux raspberrypi 5.4.51-v7+ #1333 SMP Mon Aug 10 16:45:19 BST 2020 armv7l GNU/Linux
NetworkManager --version
1.14.6
When requesting via https it looks like serf is funnelling the request via port 80 instead of 443?
[Mon Jan 16 10:25:48.007386 2017] [error] [pid 350] [mod_pagespeed 1.11.33.4-0 #350] Serf status 120171(APR does not understand this error code) polling for 1 threaded fetches for 0.05 seconds
[Mon Jan 16 10:25:48.007539 2017] [error] [pid 350] [mod_pagespeed 1.11.33.4-0 #350] Serf status 120171(APR does not understand this error code) polling for 1 threaded fetches for 0.05 seconds
[Mon Jan 16 10:25:53.021234 2017] [warn] [pid 350] [mod_pagespeed 1.11.33.4-0 #350] Fetch timed out: https://www.domain.com/assets/76dc6ad2/style.min.css (connecting to:10.33.12.222:80) (1) waiting for 50 ms
SSL termination on the load balancer. SSL is also configured to work from behind the load balancer as well so https can be served from within the network.
ModPagespeedFetchHttps enable
ModPagespeedRespectXForwardedProto on
ModPagespeedEnableFilters prioritize_critical_css
How to have serf request https via port 443?
#dhaupin
I don't seem to notice that error anymore.
This is probably what fixed it, explicitly handling https requests.
ModPagespeedLoadFromFile "https://example.com" "/var/www/example/"
ModPagespeedRespectXForwardedProto on
I have system log
Jul 28 20:37:44 pi postfix/pickup[853]: 3F4F1A2C0: uid=0 from=<root>
Jul 28 20:37:44 pi postfix/cleanup[863]: 3F4F1A2C0: message-id=<20150728183744.3F4F1A2C0#mail.domain.tld>
Jul 28 20:37:44 pi postfix/qmgr[854]: 3F4F1A2C0: from=<root#domain.tld>, size=413, nrcpt=1 (queue active)
Jul 28 20:37:44 pi postfix/local[865]: 3F4F1A2C0: to=<root#domain.tld>, relay=local, delay=0.26, delays=0.24/0/0/0.02, dsn=2.0.0, status=sent (delivered to mailbox)
Jul 28 20:37:44 pi postfix/qmgr[854]: 3F4F1A2C0: removed
But mail doesnt come to mailBox or mailDir
command mail does not show anything
I have configured Maildir
and command mail can read only mailbox.. so I must to install mutt or something else...