Tagged: centos7

Auto-renew SSL certificate via letsencrypt in Cent OS 7

Problem: Want to auto-renew SSL cert via letsencrypt.

Solution: first make letsencrypt program executable from anywhere since most of you just download a zip file from the Internet.

ln -s /opt/letsencrypt/letsencrypt-auto /usr/bin/letsencrypt 

then you can enter letsencrypt to trigger /opt/letsencrypt/letsencrypt-auto.

above command can eventually renew all certificates that about to expired.

Then add a record to cron job:

enter command crontab -e and add below content

0 0 * * 1 /usr/bin/letsencrypt  renew >> /var/log/le-renew.log

the command will trigger at 00:00 on every Monday. The renew record will save on /var/log/le-renew.log

“too many connections mysql” error occurred in MariaDB, CentOS 7

Problem: Too many connections error occurred and you can’t access via PHPMyAdmin or command line.

This is because no more connection can be made, so you have to stop MySQL service and change the setting.

Solution: first stop MySQL service, I user MariaDB so the service will be mariadb:

systemctl stop mariadb
systemctl start mariadb

then enter MySQL prompt via MySQL, and enter below query to check current maximum connection:

SHOW VARIABLES LIKE "max_connections";

The default value is 151. You can set a higher one like

SET GLOBAL max_connections = 1000;

Error “mount: unknown filesystem type ‘(null)'” occurred in CentOS 7 AWS

Problem: Attach a volume to AWS EC2 instance, after enter a command for mount drive:

sudo mount /dev/xxxx /xxx

An error occurred:

mount: /dev/xxxx is write-protected, mounting read-only mount: unknown filesystem type ‘(null)’

Solution: the volume is unformatted and you should format it first. Enter below command to format volume to ext4 file system :

sudo mkfs.ext4 /dev/xxxx

Then mount again:

sudo mount /dev/xxxx /xxx

By the way, you can use lsblk command to retrieve hard disk partitions and disk space information.

Sublime SFTP failure while using Google Authenticator and Key file as two-factor authentication in CentOS 7

Problem: After applying Key file (ref here, using ssh-keygen ), and Google Authenticator (ref here, using yum install google-authenticator ) in CentOS 7, both SSH and FTP via FileZilla are both working ( FileZilla need to pass key file login, then switch login type to interactive in order to enter passphrase generated by Google Authenticator) but Sublime Text 3 can not upload file via SFTP. If the server just has a key file login, it will work.

According to this post, Sublime SFTP is waiting for the input prompt, and the prompt message has to be “Password: ” and show up.

Solution: Follow the below steps to turn on prompt and set it to “Password: ” :

1.Edit /etc/pam.d/sshd

vim /etc/pam.d/sshd

2. Append authtok_prompt to auth required pam_google_authenticator.so in order to override default token prompt :

auth required pam_google_authenticator.so [authtok_prompt=Password: ]

The value “Password: ” must not change to other values like “Passphrase: “, “Pass”. Otherwise Sublime can not recognize the prompt.

3. Enter systemctl restart sshd.service to restart service

systemctl restart sshd.service

Normally if you set the “user”, “password” and “ssh_key_file” value, in my case it will prompt a message like [email protected]_ip and asking your password. After entering your SSH password, it will prompt again with the same message, now please enter your Google Authenticator’s passphrase.

Enable SSH password authentication on AWS with CentOS 7

Problem: Want to login to CentOS 7 via username and password only, remove private key login.

Solution: First of all, follow this video instruction if you haven’t built the Amazon EC2 or able to connect server via private key yet.

Then inside the server terminal command line, edit /etc/ssh/sshd_config

Edit the line “PasswordAuthentication no” to (or if you can’t find the line, just add) “PasswordAuthentication yes

restart SSH service

systemctl restart sshd.service

Don’t forget to change the password for user. For the current user,

passwd

for root,

sudo passwd

Can not uninstall MySql completely in CentOS 7

Problem: Want to download MariaDB via yum, but There have conflicts between MariaDB and MySql.

This a problem because these two RDBMS use the same port, simply just use one of them.

Solution: Completely uninstall MySql

First using

 yum list installed | grep mysql

to find out all packages that contain “mysql”

then remove one by one, below commend is to remove the first one(you can keep php-mysqlnd.x86_64 because it is PHP package)

sudo yum remvoe mysql-community-client.x86_64 -y

Then clean MySQL files inside /var/lib/mysql/ and /etc/

sudo rm -r /var/lib/mysql/*
sudo rm -rf /etc/my.cnf

Finally, install MariaDB

sudo yum install MariaDB-server MariaDB-client -y

After a restart, apache return ERR_CONNECTION_TIMED_OUT in CentOS 7

Problem: Before the restart, everything works fine on all websites and apache.

Solution: Try below solution, something must be re-enabled if you choose AWS or other web service provider

  • Allow incoming traffic on port 80:
iptables -A INPUT -p tcp --dport 80 -j ACCEPT
  • Disable firewall
systemctl stop firewalld
  • Disable SELINUX

First edit /etc/selinux/config, then replace SELINUX= to SELINUX=disabled

sudo nano /etc/selinux/config

SELINUX=disabled

Then restart

reboot -h now

Secured By miniOrange