cpanel error code 128 (Connection refused when cloning private repo) - cpanel

I'm trying to add a private github repository to my cpanel host but this error hapens to me:
Error: (XID uaxnz3) β€œ/usr/local/cpanel/3rdparty/bin/git” reported
error code β€œ128” when it ended: ssh: connect to host github.com port
22: Connection refused fatal: Could not read from remote repository.
Please make sure you have the correct access rights and the repository
exists.
I have added the Deploy key to private repository by the help of this guide (click here).

Related

SFTP error: No connection could be made because the target machine actively refused it. (INTERMITTENT)

when we try to connect to a SFTP server we INTERMITTENTLY get the ff. error:
"No connection could be made because the target machine actively refused it".
I've been trying to search but i cannot find a similar case where this happens randomly - sometimes we can successfully connect and sometimes we encounter this error. We turned on the verbose log and this is part of what we read:
"2017-03-15 07:24:38.833 INFO SshSession(1)[8] SSH: Connecting to
sftp.igxfer.com:22 using SshSession 3.0.5885.0.
2017-03-15 07:24:39.926 ERROR SshSession(1)[8] SSH: Rebex.Net.ProxySocketException:
No connection could be made because the target machine actively refused it. --->
Rebex.Net.ProxySocketException: No connection could be made because the target
machine actively refused it.
---> System.Net.Sockets.SocketException:
No connection could be made because the target machine actively refused it 52.33.119.6:22
at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress)"
Any thoughts? TIA!

BitBucket: Authentication failed

I followed this link: https://confluence.atlassian.com/bitbucket/add-an-ssh-key-to-an-account-302811853.html
I generated a public key and I pasted the file ~/.ssh/id_rsa.pub to SSH Keys in BitBucket.
However, I still get the error:
Host key verification failed. fatal: Could not read from remote
repository.
Please make sure you have the correct access rights
Host key verification failed. fatal: Could not read from remote repository.
This is not about client authentication, but server authenticity. You need to verify that the server you are connecting to is really the bitbucket. This is explained in this article.
The easiest way to resolve the problem is to paste the server public key below into the ~/.ssh/known_hosts:
bitbucket.org,104.192.143.1 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAubiN81eDcafrgMeLzaFPsw2kNvEcqTKl/VqLat/MaB33pZy0y3rJZtnqwR2qOOvbwKZYKiEO1O6VqNEBxKvJJelCq0dTXWT5pbO2gDXC6h6QDXCaHo6pOHGPUy+YBaGQRGuSusMEASYiWunYN0vCAI8QaXnWMXNMdFP3jHAJH0eDsoiGnLPBlBp4TNm6rYI74nMzgz3B9IikW4WVK+dc8KZJZWYjAuORU3jc1c/NPskD2ASinf8v3xnfXeukU0sJ5N6m5E8VLjObPEO+mN2t/FZTMZLiFqPWc/ALSqnMnnhwrNi2rbfg/rd/IpL8Le3pSBne8+seeFVBoGqzHM9yXw==

Browser unable to connect to web2py over secure SSH tunnel

I followed the instructions in the web2py manual on how to connect to a remote web2py via ssh tunnel. SSH to my server appears to work just fine:
[~/prg]$ ssh -L 8002:127.0.0.1:8002 username#linux-server.com
Linux schemelab2 4.6.5-x86_64-linode71 #2 SMP Fri Jul 29 16:16:25 EDT 2016 x86_64
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
You have new mail.
but just as others have failed, when I attempt to visit http://localhost:8002 or https://localhost:8002 I get a number of connection refused messages:
channel 3: open failed: connect failed: Connection refused
channel 4: open failed: connect failed: Connection refused
channel 3: open failed: connect failed: Connection refused
channel 3: open failed: connect failed: Connection refused
channel 3: open failed: connect failed: Connection refused
channel 3: open failed: connect failed: Connection refused
channel 4: open failed: connect failed: Connection refused
channel 3: open failed: connect failed: Connection refused
channel 3: open failed: connect failed: Connection refused
channel 3: open failed: connect failed: Connection refused
If it helps any, here is my sshd_config
Also note:
telnet localhost 8002 yields
schemelab#schemelab2:~$ telnet localhost 8002
Trying ::1...
Trying 127.0.0.1...
telnet: Unable to connect to remote host: Connection refused
schemelab#schemelab2:~$
Could be one of several possible reasons. I am assuming you are mostly interested in accessing the web2py admin page on your remote server, since web2py doesn't allow remote admin access over an insecure channel... So first things first, you want to make sure your server's IP Tables are allowing access to services on the port you are trying to connect to, otherwise these remote connection solutions probably wont work (except for perhaps Plan C). See here for more info: https://help.ubuntu.com/community/IptablesHowTo
Firstly, let me show you how I SSH tunneled to web2py via dozens of servers I used in the past. I'll be using port 8889 in my examples:
ssh -L 8889:127.0.0.1:8889 username#linux-server.com
Just like with a normal SSH, you should now see the shell of your server (which you have demonstrated). Now, in the same terminal, cd to your server's root web2py directory and do the following (do not close the terminal window after):
> cd mywebite.com
> python web2py.py -a password -i 127.0.0.1 -p 8889
*web2py startup stuff*
Now on your local browser visit http://127.0.0.1:8889/admin and you should see the web2py admin page from your server.
Plan B - Using self-signed SSL certificate
If you're still having issues with ssh tunnel, another option you can try is using a self-signed SSL certificate.
Making a self-signed certificate is very easy with OpenSSL, and you can also use some online self-signed certificate generators (though I don't recommend this) to save you even more time.
Once you have your generated .crt and .key files, sftp to your server and upload the files to your server's root web2py directory (or upload them to Dropbox, ssh to your server, cd to your root web2py directory and wget the file links). Finally ssh to your server and do the following (do not close the terminal window after):
> cd mywebite.com
> python web2py.py -a password -p 8889 -i 0.0.0.0 server.crt -k server.key
*web2py startup stuff*
Now on your browser enter (notice the https) https://xxx.xxx.xxx.xxx:8889/admin (xxx... being your server IP), or you can do https://mywebsite.com:8889/admin if you already have your domain name setup.
Now you should see a SSL security warning on your browser. Simply ignore this warning and add an exception, and finally you should be able to see the web2py admin page from your server.
Plan C - Edit web2py source
This is the least recommended plan to allow admin over insecure channel, and should be used as a last resort. You can simply edit the part of the web2py source code that disables admin by just adding one line of code. In
<server's root web2py directory>\applications\admin\models\access.py (around line 21) put request.is_local=True before the part that disables admin over insecure channel:
'...'
request.is_local=True #TESTING ONLY. COMMENT OUT OR REMOVE IN PRODUCTION!
if request.env.http_x_forwarded_for or request.is_https:
session.secure()
elif not request.is_local and not DEMO_MODE:
raise HTTP(200, T('Admin is disabled because insecure channel'))
'...'
Now you can access your server's web2py admin by simply visiting http://xxx.xxx.xxx.xxx:8889/admin (xxx... being your server IP), or you can do http://mywebsite.com:8889/admin if you already have your domain name setup.
Note this is a quick and dirty solution and should be used only temporarily and for testing. Don't forget to remove or comment out that line in production!

SSL connection between eDirectory and OpenLDAP

I use a State Machine Driver to connect our eDirectory (Source) to a OpenLDAP Directory (Destination).
Without SSL everything is fine...but only for testing.
Now i need to use SSL.
I activated use-ssl (Driver Configuration -> Driver Parameters) and give the path to a keystore.
I add a self-signed-certificate of the OpenLDAP-Server to the keystore.
After restarting the driver i get (servername replaced by xxxx):
java.net.ConnectException: Connection refused
16:12:15 FFFFFFFFFAA5D700 Drvrs: eDir-OpenLDAP PT:eDir-OpenLDAP: Schema.Schema() - LDAPException: Unable to connect to server xxxx:636 (91) Connect Error
java.net.ConnectException: Connection refused
I used /opt/novell/eDirectory/lib/nds-modules/jre/lib/security/cacerts as keystore.
What could i try next to get the SSL-connection running?
Thank you for reading this question!
The problem is solved.
Port 636 was closed on the destination server.
Thank you for the hint Bruno.

hg push Connection refused

I use a http://bitbucket.org private repository, usually works well, but now I can't do push.
When I try get this message:
hg push
remote: ssh: connect to host bitbucket.org port 22: Connection refused
abort: no suitable response from remote hg!
Many thanks.
Connection refused means that either their firewall is blocking you or they are not running ssh on port 22 (the default). I would recommend either contacting their customer support or talk to whomever gave you access.
Since port 22 was blocked, I used the alternate URL ssh://hg#altssh.bitbucket.org:443/account_name/repo_name/ as described here.
I had the same problem, and actually this solution helped me out:
vim ~/.ssh/config
Add these lines and save it.
Host github.com
Hostname ssh.github.com
Port 443
Host bitbucket.org
Hostname altssh.bitbucket.org
Port 443
taken from https://gist.github.com/goddoe/5692bfc3cdc374d918a87882963edf36