[08:43:48]
<ynhuser> Good day everyone. Could somebody take a look at my issue?
[12:29:58]
<ic> I am trying to ssh into yunohost keys are accepted but my password is not, I have tried with two different domains, I am assuming I use the user password which is in the admin group or is there another one
[12:44:36]
<akik> i also have a nfs/autofs setup to mount my nas disk. would that be also possible to add to the mix?
[13:23:28]
<ic> I have just discovered that although I can't ssh into yunohost as a user I can as root, the documentation seems to say root is no longer used for login also that you can add users to admin and give ssh permission this does not work neither does giving individual users ssh permission
[14:08:24]
<emanuellee> Tchat photo https://www.highrevenuegate.com/vdvpyk3j?key=f2b21af2cea51f467a32bdc200d0bff7
[14:19:29]
<tituspijean> ic It looks like you are not running YunoHost v11.1+, or that you have not run the migration needed to create the `admins` group.
[14:27:19]
<ic> I have just installed 11.0.9-amd64-stable and updated it, yunohost is v 11.1.18 I have an admin group
[14:33:37]
<tituspijean> Then you should be able to add users to the `admins` group and log into your server with their username and password.
If that works, you can setup an SSH key for any user using standard Debian fashion (append a pubkey in `.ssh/authorized_keys`, for example), or use the command line to add one (`yunohost user ssh add-key <TheUser> <TheKeyInOneLine>`)
[14:34:23]
<tituspijean> If you don't want them to be admins, you can directly setup the ssh key and not add them to the admins group
[14:44:20]
<akik> tituspijean: can i configure the yunohost host for those two features i require? (ipv6 tunnel and nfs mount)
[14:47:45]
<Frasck> Bonjour, je suis nouveau sur le chat, je sais pas trop comment ça fonctionne.
[14:50:02]
<Frasck> J'ai une erreur 500 quand je me connecte au panel, la connexion ssh fonctionne bien.
[14:50:03]
<Frasck> je vois pas trop quoi faire
[14:50:03]
<Frasck> yunohost est sur un raspberry avec juste webapp d'installé.
[14:53:27]
<akik> looks like yunohost is just added on top of debian so it should be possible to modify the debian config as i wish https://yunohost.org/en/install/hardware:vps_debian
[15:00:42]
<ic> tituspijean I explained earlier I have my users in Admin, Debian accepts their keys when I try to login ,I have tried IP and domain name it prompts for password but will not accept any. However if I log in as root it allows the login, which is fine for me as I am used to using root and it is what you usually want when you have logged in, however I think I should be able to log in as admin as a user
[15:03:35]
<tituspijean> ic let's monitor what's happening when you log in with the user and the ssh key:
1. log into ssh with root
2. run `tail -f /var/log/auth.log`
3. open another terminal and attempt to log in with the user and their ssh key, in verbose mode (add `-vvv` as parameter)
Now look into both the debug of the ssh attempt and the first terminal to see why the login might fail
[15:04:11]
<tituspijean> (you can stop the `tail` in the first terminal with `CTRL+C`)
[15:05:21]
<tituspijean> > <@akik:libera.chat> tituspijean: can i configure the yunohost host for those two features i require? (ipv6 tunnel and nfs mount)
what do you mean by IPv6 tunnel? as for nfs mount, YunoHost is pretty much agnostic regarding binds/mounts/fstab/...
[15:06:39]
<tituspijean> Frasck peux-tu vérifier la commande suivante et partager son résultat?
`sudo systemctl status yunohost-api`
[15:10:31]
<akik> tituspijean: i get my ipv6 access from tunnelbroker.net (hurricane electric). i have a shell script that enables that tunnel
[15:11:56]
<ic> tituspijean just says pam_unix(sshd:auth): check pass; user unknown
[15:13:27]
<Frasck> Merci tituspijean voici le retour :
[15:13:28]
<Frasck> May 01 15:57:27 tinyserv.nohost.me yunohost-api[561]: return _bootstrap._gcd_import(name[level:], packa>
[15:13:31]
<Frasck> May 01 15:57:27 tinyserv.nohost.me yunohost-api[561]: File "<frozen importlib._bootstrap>", line 1030, in>
[15:13:32]
<Frasck> May 01 15:57:27 tinyserv.nohost.me yunohost-api[561]: File "<frozen importlib._bootstrap>", line 986, in >
[15:13:33]
<Frasck> May 01 15:57:27 tinyserv.nohost.me yunohost-api[561]: File "<frozen importlib._bootstrap>", line 1007, in>
[15:13:34]
<Frasck> May 01 15:57:27 tinyserv.nohost.me yunohost-api[561]: File "<frozen importlib._bootstrap_external>", line>
[15:13:34]
<Frasck> May 01 15:57:27 tinyserv.nohost.me yunohost-api[561]: File "<frozen importlib._bootstrap_external>", line>
[15:13:35]
<Frasck> May 01 15:57:27 tinyserv.nohost.me yunohost-api[561]: File "<frozen importlib._bootstrap>", line 680, in >
[15:13:35]
<Frasck> May 01 15:57:27 tinyserv.nohost.me yunohost-api[561]: File "<frozen importlib._bootstrap_external>", line>
[15:13:36]
<Frasck> May 01 15:57:27 tinyserv.nohost.me yunohost-api[561]: File "<frozen importlib._bootstrap>", line 228, in >
[15:13:37]
<Frasck> May 01 15:57:27 tinyserv.nohost.me yunohost-api[561]: ValueError: source code string cannot contain null by
[15:28:16]
<tituspijean> > <@akik:libera.chat> tituspijean: i get my ipv6 access from tunnelbroker.net (hurricane electric). i have a shell script that enables that tunnel
without seeing the actual shell script, I can only guess and hope it should not break anything
[15:28:53]
<tituspijean> > <@Frasck:libera.chat> Merci tituspijean voici le retour :
j'aurais dû préciser, est-ce que le service tourne? (`active` en haut de la sortie de la commande)
[15:29:07]
<tituspijean> mais il semblerait qu'il y ait un bug. es-tu bien à jour?
[15:29:14]
<Frasck> Oui Active: active (running)
[15:29:36]
<Frasck> J'ai fais une mise à jour à l'instant
[15:30:31]
<akik> tituspijean: no i mean if i can insert that script into the yunohost host system bootup scripts?
[15:30:46]
<akik> tituspijean: it's just a series of ip commands
[15:30:58]
<Frasck> Je n'ai que webapp avec deux sites dessus, ils tournent normalement
[15:31:13]
<tituspijean> Frasck peux-tu partager le log de yunohost-api? `yunohost log share /var/log/yunohost/yunohost-api.log` (et partage le lien vers paste.yunohost.org)
[15:33:57]
<tituspijean> > <@akik:libera.chat> tituspijean: it's just a series of ip commands
then yes I guess so. We rely on systemd for services management
[15:34:51]
<tituspijean> > <ic> tituspijean just says pam_unix(sshd:auth): check pass; user unknown
can you check that the user is listed with `ssh.main` when you run ` yunohost user permission list` ?
[15:36:31]
<Frasck> Je suis pas trop au top la commande ne fonctionne pas :
[15:36:32]
<Frasck> sudo yunohost log share /var/log/yunohost/yunohost-api.log
[15:36:33]
<Frasck> Info: This log is now available via https://paste.yunohost.org/raw/ogotidegap
[15:37:11]
<Frasck> excuse mois j'ajais pas compris
[15:39:56]
<ic> tituspijean can you check that the user is listed with `ssh.main` when you run ` yunohost user permission list` ? how/where do I run that
[15:41:58]
<ic> If you mean setting under users it says this This is a special group corresponding to admin users. Users in this group can access YunoHost's webadmin, connect to the server with SSH and use the `sudo` command.
[15:43:42]
<ic> there is no option to add anything but email and xmpp
[15:57:15]
<tituspijean> ic no, I mean literally running that command. In my case, I have given the `ssh.main` permission to a user named `test`, and I get:
```
yunohost user permission list
permissions:
...
sftp.main:
allowed:
ssh.main:
allowed: test
```
[15:59:38]
<tituspijean> Mmmh ça confirme que tu fais face à des erreurs 500, mais je ne sais plus comment déboguer ça...
[16:03:44]
<ic> `this is what it shows only admin permission``
root@xxchat:~# yunohost user permission list
permissions:
mail.main:
allowed:
sftp.main:
allowed:
ssh.main:
allowed:
xmpp.main:
allowed: admins
root@xxchat:~#
```
[16:07:58]
<tituspijean> try `yunohost user permission add ssh.main <TheUser>`
[16:23:21]
<ic> Yes that has worked I have added both my users they now show ssh permission for both but I have tried user, domain and IP but still not letting me log in do I have to restart something after the changes
[16:27:04]
<tituspijean> ic now you need to check the logs again
[16:29:22]
<Frasck> Warning: 'yunohost domain cert-install' is deprecated and will be removed in the future
[16:29:22]
<Frasck> sudo yunohost domain cert-install rss.domain.org --force --no-checks
[16:35:59]
<tituspijean> Frasck `sudo yunohost domain cert install rss.domain.org --force --no-checks` (pas de tiret)
[16:38:39]
<ic> tituspijean Finally solved, with your help thanks, I need to log in as the user not admin so ssh "user"@ IP I am sorry if that was obvious and I missed it but all the documents say log in as admin.
[16:42:55]
<Frasck> Cela retourne le message d'erreur suivant :
[16:42:56]
<Frasck> 'Could not run script: /usr/share/yunohost/hooks/conf_regen/15-nginx'
[16:49:48]
<Frasck> Exception: Could not regenerate the configuration for category(s): nginx
[16:49:48]
<Frasck> Info: The operation 'Regenerate system configurations 'nginx'' could not be completed. Please share the full log of this operation using the command 'yunohost log share 20230501-163545-regen_conf-nginx' to get help
[16:49:48]
<Frasck> Error: Certificate installation for tinyserv.nohost.me failed !
[18:29:52]
<orhtej2> My first user is able to log in but no longer able to check mail with roundcube (SMTP auth failed), any particular log to check for clues?
[18:32:28]
<orhtej2> > My first user is able to log in but no longer able to check mail with roundcube (SMTP auth failed), any particular log to check for clues?
Nvm, was able to check in incognito, must be stale cookie or something
[19:17:49]
<orhtej2> > Nvm, was able to check in incognito, must be stale cookie or something
ahh it's a case of https://yunohost.org/en/packaging_sso_ldap_integration#logging-out-on-the-app-vs
[20:14:20]
<khalid5> m
[20:33:33]
<viras> Hi
[21:18:21]
<tenten> Hi
[23:02:51]
<vvvv> Hai
[23:54:26]
<ali1984> Hi