Geoserver - PostGIS database connexion issue - default password always appearing - passwords

I am using Geoserver 2.18.2 in a Docker image (Docker version 3.1.0) from my Mac (OS Big Sur 11.2.3). My problem is that when I want to add a PostGIS new store a default password always appears. If I modify it with the proper one, it does not change anything as when I apply or save the connexion the default password comes back.
I have checked with colleagues using the same Docker image also on Mac, and I seem to be the only one with this issue. I disabled all passwords managers but still this default password appears.
Any suggestion is welcome, thank you!

This is a browser issue, you have a saved password for the GeoServer site and you browser is (helpfully) filling in the password field for you, just delete it and put in the correct password - GeoServer won't connect if you don't supply a password as trusted logins are not supported by the datastore.

Related

SSH 2FA not working with Google Authenticator

Ssh with 2FA using Google Authenticator worked well for many months. My cellphone broke and I had to use the backup codes. All backup codes were used.
I fixed the phone, I'm able to use the Google Authenticator, but the codes don't work. I tried using the 'Time correction for codes' but it didn't help.
The administrator of the servers can't access the root account of the server (they are using VMWare but they don't know how to login as root without the password, yes, they are a little stupid).
So, I can't access the server. What can I do, consider my limitations?
Thanks.
I don't see a way besides reset root's password.
To reset root's password: reboot the host, edit Grub boot options and add init=/bin/bash to the kernel line. This will drop you into a bash command prompt where you can run passwd to reset the password
See this full guide with images here.
After successfully reset of root's password, reconfigure Google Authenticator for your user.
P.S:
Authy is a good alternative for Google Authenticator. It syncs your codes between all your devices. So, if your phone gets broken or lost again you won't have these troubles anymore.
Authy has a ssh integration, you may give it a try.

Batch | Net use Password

Sorry for my bad English, but if you can help my it will be great.
I have couple of file system over my network and every night I need to take one file from another file system to mine.
for that to happen i'm using a Batch script how mapping me the drive with net use command.
my problem is that i don't want the password will go through clear text
( To see my password or to sniff it).
my questions is :
there is any way that i can encrypt my password and still login with the same credentials.
Thank You
If you can set up a Domain controller using either one of your Windows machines, or Samba, then you could use Trusted authentication based on the user executing the scheduled job that executes the batch file.
Alternately, you could encrypt the password and have a program decrypt it and execute the net use, but you're always* going to be faced with the fact that if your computer can send the password out when you don't type it in, then your computer knows your password, and anyone with physical access to that computer can get your password.
*Unless your computer doesn't know the password, and instead relies on an HSM (Hardware Security Module).
I had the same thing but found a nice workaround.
The passwords are not stored in DOS so I went from the run menu and simply typed the name of the path like "\server\files".
When it asked for credentials I ticked the checkbox "Save credentials"
The password will then be stored in your Windows Credential Manager (control panel) and this way your dos batch file fwill always now the password.

How to use "htaccess" on synology system for website access control?

I am trying to set up the access control for my personal website on synology NAS. Right now I am using DS212J. I found the following article teaching how to use "htaccess" on apache to achieve that.
http://www.synology.com/support/faq_show.php?lang=enu&q_id=347
But I encountered 2 problem:
1) I don't have the command "htpasswd" after ssh to my DS212J.
2) After I manually create those files, I got the username and password prompting up on the website. However, the password in "admin.pw" and "normal.pw" doesn't work when I type in. I am not sure whether it is because I didn't use command "htpasswd".
What am I missing here?
Thanks.
The htpasswd executable is at /usr/syno/apache/bin/htpasswd. As that directory is not on the PATH, you have to explicitly use the whole path to use it:
Apache doesn't keep passwords in plain text, it uses a hash of them so that even if someone gets access to the password file they won't be able to log in. That's why you must use htpasswd to create the file.
For anyone who comes across this, I couldn't get that synology support tutorial to work either. I am running DSM 5.1-5022 Update 4 on my own domain with ssl. Here's how it got it working:
Follow the steps in the following wiki: Synology Wiki
In the control panel, go to "Web Services" and disable SPDY for secure connections. (Gleaned from this article.)
Good luck.

EC2 (Remote Desktop) RDP refuses Administrator credentials

My EC2 (Windows Server) instance was accessible through RDP logging in as Administrator and the default password retrieved from EC2 dashboard (AWS Management console).
I relegated my domain name to Route 53, and I also created an Elastic IP address for my instance and modified the DNS CNAME record to point to the EIP.
http access to my app works fine using domain name.
However, RDP broke since my existing rdp link pointed to the old public DNS name given to my EC2 instance.
I tried to recreate the RDP link and all the following attempts failed:
Using an RDP link downloaded from EC2 dashboard on AWS management console.
Enter the Elastic IP's public DNS name into the 'Computer' field of the RCP General tab (click on options on the bottom left of the dialog)
Enter the Elastic IP's external IP address (ie the XX.YY.ZZ.VV taken from ec2-XX-WW-ZZ-VV.compute-1.amazonaws.com ) into 'Computer' field.
Enter the EC2 Private IP address taken from the EC2 console into the 'Computer' field
In all cases listed above I used the existing password and I double checked by decoding the the Administrator's password again (from EC2 console using the original key file).
And in all cases, I keep getting the invalid credentials error from RDP connection.
For all practical purposes, I am locked out of my running instance.
HELP
Thanks...
Firstly, the first thing you should do after Creating an EC2 instance is change the Administrator password. Its easy to lock yourself out of an EC2 instance permanently by neglecting to change this. For example if you create an EBS Image and restore it you'll no longer be able to decrypt the windows password.
Are you still able to retrieve the windows password using the Management Console? If not, then the password will irretrievable. Have you tried rebooting the instance. Double check your Route 53 settings to make sure you are pointing to the correct instance and you're not trying to log into someone elses.
If all else fails I'd suggest rebuilding the instance, and immediately changing the password before changing any other settings.
I had the same problem with newly created EC2 machine: after downloading RDP file and decrypting password, RDP doesn't work. I solved it by typing public IP adress in RDP interface input box and providing same password and user Administrator. Looks like another bug in EC2...
I had the same problem. The reason is because AWS does not support saved credentials. Now I know you will say, "but I'm typing in/ copy-pasting my existing password that I have checked and re-checked with my AWS console", yes but the silly thing takes 'Administrator' as a saved credential! :D
So all you have to do is click use another account on the RDP login dialogue box and type 'Administrator' and your existing password and voila! You'll get the trusted certificate dialogue, click continue and in you get.
I was frustrated too, hope this helps. Cheers.

Stop password prompt on MAMP startup

I develop using MAMP pro on my Mac. When I start MAMP it prompts me for a password if I use port 80. If I use a higher port it doesn't prompt me, but I have to append the port number in the URL ( eg dev.local:8888 ).
Does anyone know how to make it not prompt for password when using standard ports?
Thank you.
I've put together an app that allows you to start/stop MAMP's Apache and MySQL without the password request, even on port 80. It stores the password in Keychain, so you only need to enter it once. It has a nice icon too!
Download: http://www.46palermo.com/blog/run-mamp-without-password-easy-way/
According to a living-e rep they are considering adding an option to store the password in the keychain:
http://forum.webedition.de/phpBB/viewtopic.php?f=4&t=5517&p=12019
Update: I pestered Living-e support and got them to add it as a feature request to their bug tracker. The link is here: http://qa.living-e.de/tracker/view.php?id=3648 (requires registration) if you want to follow it.
Another update: Still following this issue. Looks like living-e moved their bug tracker, the new link to this issue is:
http://bugs.mamp.info/view.php?id=3652
It's in German but the Google translation is:
When will start and stop the server in
each case the admin password is
required if port is used as low-1024th
If we could get the password from the
OS X Keychain / keyring, allowed
themselves to avoid annoying popup
ads.
Or a German speaker's translation is:
When the Server starts/stops it will ask for the admin password each time.
If it could get the password from OS X Keychain / Keyring, the annoying popup could be avoided.
As found on Macworld and already mentioned by Tom in the other answer there is a way with applescript! Downside is you have to save your user credentials in plain text.
Open AppleScript Editor
Enter the following code replacing YOURPASSWORD and YOURUSERNAME with your user credentials
Save it as application. You might tick run-only to prevent other users from reading the plain text as a small security measure
do shell script "/Applications/MAMP/bin/startApache.sh &" password "YOURPASSWORD" user name "YOURUSERNAME" with administrator privileges
do shell script "/Applications/MAMP/bin/startMysql.sh > /dev/null 2>&1"
There might be an issue with the correct file path as MAMP apparently changed startmySQL.sh to startMysql.sh in some version, so double check if it's not working!
You can put the new application in the Login Items (System Preferences -> Users & Groups -> Login Items), so the Apache server and MySQL start automatically without even showing up the MAMP-App at startup (silent start).
In response to the commands that were posted:
1) Run MAMP on port > 1024
Running all of the servers on MAMP (nginx, apache, mysql) with port ranges above 1024 allows the Mac OS X account you logged in with to launch the services, so you will not be asked for a password in this instance. Any server that runs below port 1024 requires root privileges when being executed.
2) chmod -R a+w /tmp
This command would recursively go through all files and sub folders in /tmp and make them writable for the current user. When MAMP launches, servers create temporary files in this directory.
Also if you decide you want to run the servers below port 1024 and want a solution with applescript that does not store the password in plain text then see this link applescript password with keychain
I'm now using these two applescripts to start/stop MAMP, you can save startup script is a login item so it's always up when I boot. It does mean storing your password in plain text, as Im the only one using this machine I can live with it, better than typing in my password at least three times a day.
I bind apache to port 8080 and then use port forwarding from 80 to 8080
sudo ipfw add 100 fwd 127.0.0.1,8080 tcp from any to any 80 in
Works for me, but I'm working on making the above script permanent. So far, nothing I've tried sticks, so I just run the command above in terminal after restarting. But you can then freely start and stop MAMP without a password and use a URL without :8080 or :8888.
Its a security issue, and MacOS with its UNIX heritage like security (=Good Thing). That's why MacOS asks for passwords all the time. Not much you can do about it as far as I know.
1) Run MAMP on port > 1024
2) chmod -R a+w /tmp