Drown security vulnerability

Protect yourself from drown attack by updating your openssl package.
Redhat patched openssl 1.0.1e

# rpm -q --changelog openssl-1.0.1e-51.el7_2.4.x86_64 | head
* Wed Feb 24 2016 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-51.4
- fix CVE-2016-0702 - side channel attack on modular exponentiation
- fix CVE-2016-0705 - double-free in DSA private key parsing
- fix CVE-2016-0797 - heap corruption in BN_hex2bn and BN_dec2bn

* Tue Feb 16 2016 Tomáš Mráz <tmraz@redhat.com> 1.0.1e-51.3
- fix CVE-2015-3197 - SSLv2 ciphersuite enforcement
- disable SSLv2 in the generic TLS method

goto https://drownattack.com/ for more info

Cluster ssh with nice fonts !

Cluster ssh is super nice, but out of the box it got ugly and small fonts.
Here’s my Cluster ssh config, which I respectfully ripped from the net:

# $HOME/.clusterssh/config
terminal_args=-fa  'DejaVu Sans Mono:style=Book' -fs 11
# note these are not consistent with the TTF font selection, so have to 'adjust' accordingly
#terminal_size=80x24
# for terminal_args=-fa  'DejaVu Sans Mono:style=Book' -fs 12:
#terminal_size=133x36
# for terminal_args=-fa  'DejaVu Sans Mono:style=Book' -fs 11
terminal_size=120x34

Thank you dansnotebook.blogspot.no

puppet 2.7.x complaining about “err: Could not retrieve catalog from remote server: Error 400 on SERVER: Could not parse YAML data for node”

You’ll probably find numerous links that tell you to delete

/var/lib/puppet/yaml/[fqdn].yaml

in puppetmaster, node or both.

None of those solved my problem.

Upgradeing to puppet-2.7.25 didn’t help either .

On my puppet client, in /var/lib/puppet deleting

rm -fr state/ lib/ facts/ client*

at least let me run puppet again, but next run gives that 400 error again …

note to self: get back to this post when I get time to further debugging this really annoying issue

tcpdump tip

As I was debugging an issue at work related to http headers being forwarded by haproxy I used a couple tcpdump commands that was great, storing here for future reference .

tcpdump -s 1024 -l -A | grep X-Forwarded-For

tcpdump -s 1024 -l -A src 192.168.9.56 or dst 192.168.9.56

First one will print lines containing X-Forwarded-For, second one let you filter on src and/or destination .
Note that tcpdump by default does not include 127.0.0.1 or ::1 ( lo ) .

Terminate PostgreSQL clients from the db you’re about to drop

For PostgreSQL 9.1 and below

SELECT pg_terminate_backend(pg_stat_activity.procpid)
FROM pg_stat_activity
WHERE pg_stat_activity.datname = 'TARGET_DB'
  AND procpid <> pg_backend_pid();

For PostgreSQL 9.2 and above

SELECT pg_terminate_backend(pg_stat_activity.pid)
FROM pg_stat_activity
WHERE pg_stat_activity.datname = 'TARGET_DB'
  AND pid <> pg_backend_pid();

Totally ripped from stackoverflow.com .

Kept here for my personal future reference .
If you stumble over this post please check the stackoverflow link above .