Wednesday, September 20, 2023
support@conference.yunohost.org
September
Mon Tue Wed Thu Fri Sat Sun
        1
 2
 3
4
 5
 6
 7
 8
 9
 10
11
 12
 13 14
 15
 16
 17
18
 19
 20
 21
 22
 23
 24
25
 26
 27
 28
 29
 30
  
             

[08:18:02] <Daniel> 2nd day in a row I get diagnosis email about high amount of failed ssh login attempts - should I investigate it, or this is a known false-positive?
[08:20:38] <Daniel> This ynh instance is hosted on public cloud and my .dev domain points to it, so it's IP is easily accessible.
[08:21:25] <isAAAc> > <@danielduel:dduel.dev> 2nd day in a row I get diagnosis email about high amount of failed ssh login attempts - should I investigate it, or this is a known false-positive?

it's probably bots trying dictionnary attacks, you should have a look on /var/log/fail2ban.log and have a look on https://yunohost.org/en/security to change port and activate the cert authentification and deny the passwd
[08:21:35] <Daniel> The password is like 300bits of entropy, so I am not scared of somebody breaking it in next 2 existences of universe with current technology.
[08:23:04] <Daniel> Yea, I just wanted to make sure that it is necessary 😕

Thank you
[08:23:51] <Daniel> And thanks for the fail2ban log path, you saved me few minutes of looking for it 💛
[08:26:22] <Daniel> Can we create a new ammendment to ssh protocol to include the info that password is so strong that dictionary attacks will not work... so we can save those bots from wasting energy? 😅
[09:32:38] <lapineige> > <@danielduel:dduel.dev> 2nd day in a row I get diagnosis email about high amount of failed ssh login attempts - should I investigate it, or this is a known false-positive?

Oh, it's very nice that it does that !
[17:20:45] <Aleks (he/him/il/lui)> (Btw the warning is not just about ssh login attempts but also covers possibly somebody trying to bruteforce sudo locally, though ofc the usual cause is ssh login attempts, but it's a nice feature to also check any system auth attempts because fail2ban only covers ssh+some web and mail stuff)
[19:24:18] <Mr Donz> hi :)
[19:53:36] <Mr Donz> i cannot find any answear to my problem in the history of the channel, but i found another problem similar with on last february: i cannot reset admin password with cli, with command "sudo yunohost tools adminpw" - the output is https://paste.yunohost.org/erulohirip.pl
[19:56:34] <orhtej2> > <@mrdonz:matrix.org> i cannot find any answear to my problem in the history of the channel, but i found another problem similar with on last february: i cannot reset admin password with cli, with command "sudo yunohost tools adminpw" - the output is https://paste.yunohost.org/erulohirip.pl

`admin` is no longer a thing, what is the problem you're trying to solve?
[19:56:56] <orhtej2> meaning: whose password you're trying to reset
[19:57:01] <tituspijean> As per the command output, it's now `rootpw` ;)
[19:57:23] <orhtej2> > <@titus:pijean.ovh> As per the command output, it's now `rootpw` ;)

yeah but what task requires knowing `root` password in the first place
[19:58:02] <Mr Donz> > `admin` is no longer a thing, what is the problem you're trying to solve?

root password grant me access just to ssh not web access, am i doing something else wrong?
[19:58:45] <orhtej2> > <@mrdonz:matrix.org> root password grant me access just to ssh not web access, am i doing something else wrong?

you should have dedicated user belonging to admin group that can login to both webui and via ssh to use sudo
[19:59:03] <tituspijean> Your first user should have become an admin. You can check out the announcement for v11.1 on the forum :)
[20:01:26] <orhtej2> if you're a sudoer then try running `sudo yunohost user group info admins` to see who's member of this group
[20:04:08] <Mr Donz> > <@titus:pijean.ovh> Your first user should have become an admin. You can check out the announcement for v11.1 on the forum :)

checking :)
[20:06:20] <bernard75> Bonsoir l'équipe, est-ce qu'un outil comme joal est déjà emballé pour yunohost ?
https://github.com/anthonyraymond/joal
[20:27:42] <Mr Donz> > if you're a sudoer then try running `sudo yunohost user group info admins` to see who's member of this group

thank you vm "yunohost user update username -p" and worked
[20:29:35] <tituspijean> > <@bernard75:matrix.org> Bonsoir l'équipe, est-ce qu'un outil comme joal est déjà emballé pour yunohost ?
> https://github.com/anthonyraymond/joal

a priori non
[20:33:34] <bernard75> > <@titus:pijean.ovh> a priori non

J'ai testé la version bureau de joal trouvable sur ce dépôt https://github.com/anthonyraymond/joal-desktop/releases il fonctionne du tonnerre. Il semblerait qu'il ait été prévu d'abord pour fonctionner sur serveur avec une interface web, il est compatible docker
[20:35:11] <tituspijean> Tu peux l'ajouter à la liste de souhaits d'applications comme pour les deux apps en *arr que tu as suggérées l'autre jour: https://yunohost.org/en/apps_wishlist
[20:37:41] <bernard75> Je le ferai dès que j'aurai créer un compte github 👍️
[23:19:40] <orhtej2> @[Guillaume Bouzige] : umami lives? https://github.com/YunoHost-Apps/umami_ynh/issues/12#issuecomment-1728502996