first question.
I recently put kubuntu onto my chromebook via crouton, which was painless and awesome. However, it did necessitate putting it into developer mode. For some reason, this has removed ChromeOS's ability to authenticate SSLs for a couple of sites I use for work (but not all of them). I prodded the sysadmin, and he says the problem is the NSS library. Specifically:
It is a problem with the NSS library version on the users OS. You can
by pass the problem by starting Chrome with;
$ google-chrome-stable --ssl-version-max=tls1.1
I tried running that command (with and without the $) in Crosh, shell, and even bios command prompt. Nope (command not found, or some variation there of). This page seems to suggest that NSS isn't favoured, but the sysadmin is unable or unwilling to change the protocol to OpenSSL. So I'm left with trying to install NSS support onto my post-crouton, dev-mode chromebook. Problem is, I have no idea how to do that. Worst case scenario, I can move my work environment totally from ChromeOS into the newly installed Kubuntu instance, but I'd rather not because ChromeOS is just such a pleasure to work on, for browser based work.
Does anyone know how to get NSS protocol SSLs working on dev-mode ChromeOS?
you cannot re-run chrome from within chrome, so that command won't help.
NSS/OpenSSL aren't protocols, they're libraries that implement protocols. Chrome OS uses NSS for some certificate management, but it uses OpenSSL (actually BoringSSL) for all network communication.
putting Chrome OS into dev mode though should not change its behavior at all when it comes to network protocol negotiation. without more details, it's hard to guess at the issue.
Related
Here is my working context;
no internet (I use my company's intranet)
Linux CentOS 7.9 remote server with my source files
PhpStorm 2021.3.2 on my development PC
My wish is to develop on my PC on remote sources. Your new JetBrains Gateway solution seems to meet my expectations on paper.
However, in practice, I have the impression that it is not possible to use this solution without internet ? Indeed, the connection process stops on this failure:
Looks like your solution is trying to download an IDE client to install on my machine. Which from my point of view is a weird behavior because I already have a client to install on my machine: PhpStorm. Why not use my PhpStorm client already installed on my machine ?
Thank you for your reply
The "Jetbrains Client" mentioned in the error message is not for your local machine, but for the Linux server:
Once the IDE version and project directory are selected, Gateway will download the IDE to the remote server, unpack it, and launch it with your project loaded.
It acts on the remote server as a "backend IDE" to which the client on your local machine connects:
The JetBrains Client runs locally and provides the user interface for the IDE backend.
You would not even require the full PHPStorm IDE, the Jetbrains Gateway is a standalone app that comes with a "thin client" that can connect to the backend IDE:
This whole process is managed by JetBrains Gateway, a new, compact, standalone app that provides everything you need to get started with remote development. Since it’s standalone, it’s the only thing you need to install locally to start working and is ideal for less powerful laptops and in cases where a full IDE install isn’t desired.
See https://blog.jetbrains.com/blog/2021/12/03/dive-into-jetbrains-gateway/ for a more detailed look at how it works.
To answer your question: it is not possible to use Jetbrains Gateway without an internet connection.
Is there a difference between using salt-proxy ssh and directly salt-ssh? I'm interested because according to documentation both aimed to run remote commands without agent installation on the end machine.
You cant simply do salt-ssh on a proxy minion, for which you would have to write your own custom ssh interface to the remote system, because your proxy minion may not support doing salt-ssh.
How to choose between using salt-ssh vs salt-proxy totally depends on the type of a minion system.
As stated in the saltstack documentation - https://docs.saltstack.com/en/latest/topics/ssh/index.html and
https://docs.saltstack.com/en/latest/topics/proxyminion/index.html
For salt-ssh to be used, the remote system must have python installed - one of the criteria. For example, controlling ubuntu from centos.
As stated in the salt-proxy doc,
Proxy minions are a developing Salt feature that enables controlling
devices that, for whatever reason, cannot run a standard salt-minion.
Examples include network gear that has an API but runs a proprietary
OS, devices with limited CPU or memory, or devices that could run a
minion, but for security reasons, will not.
I am trying to integrate sonarqube(version 5.1.2) with intellij(2016.2). I have added sonarLint plugin.
when I am trying to add a sonar server to the sonarLint settings it asks for username and password for sonar server and other details like url.
But it somehow is unable to connect to the sonar server and gives error :
Fail to request : https://example.com/api/system/status
The latest version of SonarLint only supports SonarQube 5.6+ (5.6 is the current LTS version).
Apart of that, you might also be facing a problem with server SSL certificates. SonarLint will try to validate the server's SSL certificate using the JVM's truststore. So if your SonarQube server uses an SSL certificate, you might need to install the CA certificate in the trustore of the JVM used by IntelliJ.
Due to a limitation in SonarLint, certificates configured within IntelliJ aren't supported by SonarLint: https://jira.sonarsource.com/browse/SLI-75
I ran into something similar myself using SonarLint 3.1 and SonarQube 6.7.
In IntelliJ I kept running into this error message
Failed to connect to the server. Please check the configuration.
Error: Fail to request https://<SONARQUBE>/api/system/status
However I could access that URL through my browser without any issues.
When you WireShark the requests coming from the browser and the IDE you can see that the cypher suite is quite different and that the IDE plugin gets a TLS handshake failure.
That lead me to discover that Java still ships with limited strength cryptographic functions. That’s either because of US export policy or because nobody has gotten around to fixing it. The internet isn’t quite sure.
Either way, you can download the Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files from Oracle: http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html
Once I installed those onto the IntelliJ JVM, I no longer got the underlying TLS handshake failure when trying to connect to SonarQube and the connection works.
I just had the same error. After many tries, it turned out that I had to enter my login (it's a domain account) in the upper-case. Looks like login is case-sensitive.
It's my work account and I was using it always in lower-case, so it's quite surprising, but worked nonetheless.
Sorry for late response, but you can try to follow this instruction.
You can find it here. Download the Zip and follow the instructions in the pop-up after you click download.
Versions: SonarLint - IntelliJ IDEs Plugin | Marketplace (jetbrains.com)
I have a series of RPi's running Raspian which need to deployed in various location around the world.
They will have internet access, but will all be behind a router. Is there an off-the-shelf solution to keep the possibility to create a SSH connection to them? I am thinking about solving problems, upgrading etc.
I am thinking of a 'server' solution where a 'client' on the RPi keep an active connection so a SSH connection can be established when required. Any suggestions will be much appreciated!
I have experimented with several services including LogMeIn Hamachi and Weaved among others. I would highly recommend using Weaved because it allows you to meet your goal (SSH to pi behind a router), and the setup is painless. You may even find some other uses that are quite handy.
See the installation details at https://developer.weaved.com/portal/members/betapi.php
Steps to be up and running:
Go to http://www.weaved.com and sign up.
Install weaved on your pi, and follow the prompts for SSH (Instructions at https://developer.weaved.com/portal/members/betapi.php).
Go to "My Devices" at weaved.com and get the new internet accessible proxy address for your pi.
Enjoy!
I know it seems to be an odd question.
I have downloaded and installed PostgreSQL 9.3 from its main website, then I used Application Stack Builder to install ODBC, JDBC, Apache/PHP v2.2.22, phpPgAdmin v5.1.
Now the problem for me is I am used to use programs like MAMP (where you can exit the program and kill the server at the same time), or in an IDE (like MyEclipse's included Tomcat or Jetty), or in a framework like Play's built-in JBoss Netty server. Those servers, since they are connected to an IDE, or program, or framework, they can be easily turned off; and I am used to turn off a server when I am not using it.
I find out I can't turn off this apache server installed by Application Stack Builder. I tried terminal commands. It does not work. Whenever I type in localhost:8080, the welcome page will just pop out.
Do I need to turn it off? How do I do so? Also, can I turn of PostgreSQL database server as well? (Like in MAMP, you always have the option to turn Apache and MySQL server off)
Added: I'm using Mac OS X.
To restart EnterpriseDB Apache, I did
sudo /Library/PostgreSQL/EnterpriseDB-ApachePHP/apache/bin/apachectl graceful
Explanation:
On my machine this exact problem was because the apachectl was still default Mac OS X. This can be verified by doing
which apachectl
To which I got the response:
/usr/sbin/apachectl
This is the default apache in Mac OS X, not the Enterprise DB one. I did not want to mess with system paths so I left this one alone. You can also create aliases to if you bounce apache often.
This is what I did?
I just unsinstalled EnterpriseDB-ApachePHP and any other PostgreSQL you might have on your Mac.
Reboot your Mac and try it again.
Once you have setup Jenkins and everything is running great, you can install EnterpriseDB again if you need. Patrick K.02/8/2017