/r/RockyLinux
An open enterprise operating system project.
A community enterprise Operating System designed to be fully compatible with Red Hat Enterprise Linux
/r/RockyLinux
Hi everyone
I have old Ruckus Switches and I am tring to connect to them via Rocky 9.2 server.
When I ssh to the them I get
no matching key exchange method found. Their offer: diffie-hellman-group1-sha1
and then
no matching host key type found. Their offer: ssh-rsa ( after updating the ssh config )
here is the updated /etc/ssh/ssh_config
^(Host *)
^(KexAlgorithms +diffie-hellman-group1-sha1)
^(HostKeyAlgorithms +ssh-rsa)
^(PubkeyAcceptedAlgorithms +ssh-rsa)
^(Ciphers +aes128-cbc,aes192-cbc,aes256-cbc)
Now I am getting
Bad server host key: Invalid key length
I can't make changes on the the switch.
what is the proper way to support legacy ssh protocols.?
Has anyone successfully used the Emulex driver in 9.5? I used it with 9.4, getting the rpm from ElRepo, but with 9.5 I grabbed the updated rpm and installed it, it loads but there are no messages from the driver in the logs and no interfaces created.
I looked at the diffs and nothing jumped out at me, though I didn't review in detail.
This is for a c-Class blade enclosure from HPE which I realize is out of support, but I'd like to keep using it if possible as a test system if nothing else.
Thanks.
hi guys,
i have 2x DELL R7625 servers, with 2 x 25 GbE Broadcom NIC, with nmcli i created a bond0:
"mode=802.3ad,miimon=100,lacp_rate=1,xmit_hash_policy=layer3+4,updelay=200,downdelay=200"
the servers are connected to the 2 xDELL S5248F (where is VLT configured, and also the port-channel"
when i run iperf server on the minio server1, on the bond0 adapter "iperf3 -s -B 172.23.9.81" and client on the second server "iperf3 -c 172.23.9.81 -P 5 -t 5"
so i have a "dumb" question, why i dont have a full lacp speed like 50 Gbits/sec ?
Also i have another 2 servers, with same nmcli config, and switch config, but servers has 2 x 50 GbE bond0, i have also around 48 Gbits/sec.
the ports are configured like:
interface ethernet1/1/4
description server44
no shutdown channel-group 44 mode active
no switchport
flowcontrol receive off
thank you guys !
I have just upgraded my hosted platform with more storage.
The virtual system contains a single HDD /dev/sda which currently holds 3 partitions sda1-3
I can see in lsblk that my disk reports back the new upgraded size, but how do I extent/expand the / to consume the new space?
When i try running resize2fs it says
The filesystem is already 104344832 (4k) blocks long. Nothing to do!
I don't have a GUI on the system and are only familiar with LVM or GParted.
The system has parted avail, but i'm a little uncertain how to use it correct.
I have a snapshot of the server, so it should be fairly safe to test something.
Does anyone know how? Google dosn't seem to be of much assistance all I have found is either LVM based or outdated. Rocky is 9 current version.
I am trying to expose a VNC server I have running on one of my laptops and connect to it using ipv6 from a device outside of the network (my isp doesn't give out public ipv4s). I have checked with my ISP (did an online chat with them) and they confirmed everything on their end is working, and it is not their issue. I have additionally turned off the firewall on my router (temporarily) and made sure there are no hidden settings affecting it. I am using a Calix GigaSpire router. I have Rocky Linux 9 installed on the VNC server. When I am on the same network, I can connect to the VNC server perfectly fine, whether I use ipv6 or ipv4. However, when I try to connect while not connected to the same network, it doesn't get through whatsoever. I also use https://tools.keycdn.com/ipv6-ping to have it ping my ipv6 of the server to see if any pings get through, and none are going through either. I have disabled the firewall on my VNC server (i think anyway -- i stopped the firewalld service which afaik disabled the firewall?) However, despite all of this the ping test still does not go through. Does anyone have any pointers as to why? I cannot figure this out...
Im using Linux Mint, and trying to remap those Curly Quotes to Straight Quotes using Kanata
https://github.com/jtroo/kanata
But I can´t do it, there is other program in order to archive the same? also remap Caps Lock to Esc
Does anyone know what happened with the Kickstart folder content for Rocky Linux 9? I use a quite simple KVM/Virsh-based script to get a new instance of Rocky Linux 9, but for some time now, it looks like all mirrors (I have a locally rsynced copy) are empty and not usable related to kickstart folders.
Hello, organization only wants updates from dl.rockylinux.org as opposed to the others. Is this something I need to change in the .repo files? Should I hard set mirror or baseurl?
Hello all, I've got an interesting problem, and I'm not sure if it's just Rocky Linux thing, user error/ignorance, or something else. I recently started my first job out of college and have learned the uselessness of the caps lock key (and frustrating nature of it if you accidentally turn it on in Vim) and would like to remap it. I've found several tutorials online, tried Kanata and Kmonad, setxkbmap, etc. but nothing is working. I've attached an image of the terminal with one example on it to demonstrate what I'm seeing. Basically, I'll remap the caps lock key, then go test it, but nothing happens. I've look all over stack exchange, google, linux tutorials, but nothing has been able to explain why none of the methods I've tried have worked. Any recommendations on what to check? Or thoughts on what I'm missing?
EDIT: I failed to mention this and didn't realize it was important until now, I'm using it through Microsofts remote desktop app (the icon with a blue square with a red circle with two arrows facing in opposite directions)
I have a couple of machines running Rocky Linux 8, with a LUKS encrypted partition that usually auto-unlocks via a keyfile. Both machines are remote and I have no remote KVM access. In addition to the keyfile, there is a "typed" keyphrase that has worked perfectly to manually unlock the LUKS encryption if desired.
However, since an updates via dnf, it's no longer possible to unlock/decrypt the LUKS volumes, and I'm totally stumped.
One is EL8_5, the other is EL8_10 Both have stopped unlocking their LUKs partitions since DNF updates.
I managed to get the EL8_5 machine to unlock it's partition by booting into an older kernel (4.18.0-305.7.1.el8_4.x86_64).
I can't do the same on the EL8_10 machine.
I've tried every kernel installed, I've tried the on disk keyfile, and I've tried manually typing the passphrase.
sudo cryptsetup luksOpen UUID=9ef38ae0-6dcf-4ed3-bba7-99c271590d90 decrypted-data --key-file /root/.luks-keys/.md0-luks.keyfile
No key available with this passphrase.
or interactively with the passphrase:
$ sudo cryptsetup luksOpen UUID=9ef38ae0-6dcf-4ed3-bba7-99c271590d90 decrypted-data
Enter passphrase for /dev/disk/by-uuid/9ef38ae0-6dcf-4ed3-bba7-99c271590d90:
No key available with this passphrase.
Enter passphrase for /dev/disk/by-uuid/9ef38ae0-6dcf-4ed3-bba7-99c271590d90:
No key available with this passphrase.
Enter passphrase for /dev/disk/by-uuid/9ef38ae0-6dcf-4ed3-bba7-99c271590d90:
No key available with this passphrase
But on this second machine, with EL8_10 Rocky I can't unlock the partition at all.
Available Kernels:
sudo dnf list --showduplicates kernel
Installed Packages
kernel.x86_64 4.18.0-348.23.1.el8_5
kernel.x86_64 4.18.0-513.11.1.el8_9
kernel.x86_64 4.18.0-553.22.1.el8_10
kernel.x86_64 4.18.0-553.27.1.el8_10
Available Packages
kernel.x86_64 4.18.0-553.el8_10 baseos
kernel.x86_64 4.18.0-553.5.1.el8_10 baseos
kernel.x86_64 4.18.0-553.8.1.el8_10 baseos
kernel.x86_64 4.18.0-553.16.1.el8_10 baseos
kernel.x86_64 4.18.0-553.22.1.el8_10 baseos
kernel.x86_64 4.18.0-553.27.1.el8_10 baseos
Any guidance on how to solve this and allow the LUKS partition to be unlocked as it did before the dnf update?
EDIT 1: I've discovered that the kernel module, dm-crypt isn't being loaded automatically at boot. I can load the module manually with `modprobe` but that alone doesn't solve the decryption issue.
EDIT 2: I've tested typing of the passphrase into the terminal to test for keyboard map issues. The passphrase types and copy-pastes correctly.
Has anyone ever made an install of Rocky on a beaglebone? If so what was your experience like? Pros and cons vs Ubuntu 24?
I have finally managed to upgrade the CentOS to Rocky Linux 8.10 using Leapp. Before that I had to uninstall a few packages that inhibited preupdate
and update
.
The initramfs failed near the end saying some python program cannot import pyudev, and put me in rescue mode.
I rebooted and got to the login screen, the OS is displayed as Rocky Linux 8.10. But whenever I login using correct credentials, it displays motd in a flash and returns to the login screen. Incorrect credentials are denied normally.
The machine can be pinged but cannot ssh, saying client_loop: send disconnect: Broken pipe
Can anyone help with this? I should be near the end of successfully upgrading while preserving all data. Any help is welcome! Thank you!
We've been cooking up some exciting news about Rocky Linux availability for RISC-V and it's time to share! Also, v. 9.5 is in active testing. Details in the update: https://rockylinux.org/news/community-update-november-2024
So there was a dell firmware update today and I don't know if that is the reason. I haven't opened Rocky Linux for some time. I am a complete beginner so please keep that in mind when helping. Here is the link to the system logs:
EDIT: forgot to mention I am dual booting alongside windows 11 on my laptop 😅
I have Rocky Linux running on a Dell PC workstation. I had considerable diffculty finding the correct keyboard driver when I did the install as I use a QWERTZ Luxembourg keyboard also known as a French Swiss keyboard. It has all the accented chars I need for all the the languages in which I type text. The problem is when I bring up the keyboad diagram on the screen, it seems to illustrate the correct keyboard but when I type in my password, It doesn't type the correct characters corresponding to my keystrokes.
I also have a UK English keyboard driver installed along with a German Swiss driver and I am wondering if it defaults to one of these on startup thus making incorrect chars appear when I type my password.
Can that happen? I no longer need the other keyboard drivers so maybe I should uninstall them?
I thought I'd share my latest mad science experiment: 32 bit (i686) Rocky 9!
Bit of background: The Rocky project publishes all binaries produced in an organized way via the "devel" repository in our repos. This is great, and allows people to make use of packages that aren't included in the official RedHat-compatible repositories (BaseOS, AppStream, et al). As part of supporting select "multilib" packages for i686 (glibc.i686, openssl.i686, etc.), Rocky actually builds most packages in i686 as well as x86_64. Because of this, https://dl.rockylinux.org/pub/rocky/9/devel/i686/ has almost everything you need to make an actual working system.
The big exception is the kernel. Fortunately, with some small modifications I was able to port the ELRepo 6.1.x LT kernel package to i686. This package combined with that devel/ repository is enough to create a bootable, working Rocky 9 system for i686 processors. My experiments show that only Pentium 4 or higher is supported, no Pentium 3 or earlier CPUs due to userspace gcc optimizations.
This was just an experiment, and comes with no warranty of any kind. I thought I'd publish it in case anyone was interested. Super thanks to the Rocky project and ELRepo for providing the tools - makes this sort of thing pretty easy to build, all told.
Enjoy!
I'm running a home server with RL, and as of recently I'm experiencing random crashes, almost daily or every other day.
I've enabled permanent logs for journalctl, but unfortunately, the last few messages before the crash do not provide any useful information.
However, there is a crash report in /var/crash with the timestamp when the crash happened.
I found this guide on how to use the crash utility, but there is no vmlinux file that is supposed to be in /usr/lib/debug... I also searched systemwide for that file, but nothing. Therer is only vmlinuz, but I get the error that this format is not supported.
Any help is much appreciated.
Hi guys, I would like to install GLPI-Agent on a Rocky Linux machine so that it can be inventoried on my GLPI server. Does the installation work like on a RedHat machine?
[EDIT - PROBLEM SOLVED] I want to try Rocky Linux and i did choose Workstation live which takes a whole day to download. Why? Btw, i have a good internet speed, so is it because of the server?
I checked and --add-repo'd all of the base repos just in case, but dnf update gives the following output:
[root@localhost /]# dnf update
created by dnf config-manager from file:///appstream
Errors during downloading metadata for repository 'appstream':
- Curl error(37): Couldn't read a file:// file for file:///appsteram/repodata/repomd.xml [Couldn't open file /appstream/repodata/repomd.xml]
Error: Failed to dowwnload metadata for repo 'appstream': Cannot download repomd.xml: Cannot download repodata/repomd.xml: All mirrors were tried
Earlier it was complaining about the baseos repo so I disabled it as per some guy's advice, and now it's complaining about appstream. What's wrong? I have an internet connection, ping to google and a wget I did earlier worked fine.
I am trying to connect a rocky server to open vpn but every search only shows posts on how to start a server. I have a express subscription and want to put that vpn on the server. I am trying to use the command line because it is a cloud server. please help.
Any one have any thoughts on this?
[admin@rockylinux8 ~]$ rstudio
[3321285:1007/075655.649934:ERROR:gl_factory.cc(120)] Requested GL implementation (gl=none,angle=none) not found in allowed implementations: [(gl=egl-angle,angle=default),(gl=egl-gles2,angle=none)].
[3321285:1007/075655.651553:ERROR:viz_main_impl.cc(198)] Exiting GPU process due to errors during initialization
[3321235:1007/075656.639871:ERROR:object_proxy.cc(576)] Failed to call method: org.freedesktop.DBus.StartServiceByName: object_path= /org/freedesktop/DBus: org.freedesktop.DBus.Error.NoReply: Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken.
[3321363:1007/075726.573510:ERROR:gl_factory.cc(120)] Requested GL implementation (gl=none,angle=none) not found in allowed implementations: [(gl=egl-angle,angle=default),(gl=egl-gles2,angle=none)].
[3321363:1007/075726.574854:ERROR:viz_main_impl.cc(198)] Exiting GPU process due to errors during initialization
[3321382:1007/075727.453866:ERROR:gl_factory.cc(120)] Requested GL implementation (gl=none,angle=none) not found in allowed implementations: [(gl=egl-angle,angle=default),(gl=egl-gles2,angle=none)].
[3321382:1007/075727.454975:ERROR:viz_main_impl.cc(198)] Exiting GPU process due to errors during initialization
[3321235:1007/075732.097002:ERROR:network_service_instance_impl.cc(599)] Network service crashed, restarting service.
[3321396:1007/075732.115229:ERROR:gl_factory.cc(120)] Requested GL implementation (gl=none,angle=none) not found in allowed implementations: [(gl=egl-angle,angle=default),(gl=egl-gles2,angle=none)].
[3321396:1007/075732.131506:ERROR:viz_main_impl.cc(198)] Exiting GPU process due to errors during initialization
libva error: vaGetDriverNameByIndex() failed with unknown libva error, driver_name = (null)
[3321369:1007/075736.507333:ERROR:command_buffer_proxy_impl.cc(131)] ContextResult::kTransientFailure: Failed to send GpuControl.CreateCommandBuffer.
[3321362:1007/075736.507014:ERROR:command_buffer_proxy_impl.cc(131)] ContextResult::kTransientFailure: Failed to send GpuControl.CreateCommandBuffer.
i have problem when i want install zabbix i have this error: Error: Unable to find a match: zabbix-apache-conf
hi, i have problem with openvpnn. i used to configure this shit from this website:https://reintech.io/blog/installing-configuring-openvpn-rocky-linux-9.
In moment im haveing evey generated keys and configured this file /etc/openvpn/server.conf. when i want to start deamon i see thisoutput:
Failed to start openvpn@server.service: Unit openvpn@server.service not found.
I need help...
Hi all,
I manage a small cluster of RockyLinux nodes where login information is centralised with FreeIPA and home directories are mounted via NFS (v4.2) from another Rocky server.
Things run smoothly (yes, I did set SELinux option use_nfs_home_dirs --> on) however for the life of me I cannot get around a single issue that affects only two nodes and it is related to accessing the content of some users' authorized_keys (thus hindering key-based login).
Specifically, on the failing nodes doing a cat of the file will only display bogus binary contents, while from any other node it will correctly show the allowed pubkeys. The only available workaround is a touch on the file itself from the affected node, which will make things work...until some hours later (note that the file is seldomly changed). It is not a permission issue either as the file is set to 600 and owned by the user itself.
I tried a strace cat authorized_keys
from both a failing and a working node and couldn't spot any sensible difference, apart from the content itself of the file.
All nodes are running on RL 8.9 albeit there might be minor differences in some packages due to different install times, however I would not even know where to start looking. For what it's worth, the mount options are:
type nfs4 (rw,relatime,vers=4.2,rsize=1048576,wsize=1048576,namlen=255,soft,proto=tcp,nconnect=8,timeo=600,retrans=2,sec=sys,clientaddr=10.30.SOME.IP,fsc,local_lock=none,addr=10.SERVER.IP.ADDR)
My first guess was the NFS cachefilesd that runs on all machines (I did check the version detail for this specific package and they match major, minor and patch), however disabling and/or adding verbosity to the debug of such daemon proved of little help.
Any hint on where to look next?
Hello everyone, new RockyLinux user here. Does anyone know if OpenKiosk is working on RL 9.4? I cannot make it work.
I installed Rocky Linux 8.9 in a Hyper-V cluster.
Primarily using it as a syslog server.
I installed updates that included a kernel update - I think this was the 8.10 yum update.
At this point, whenever I restart the system, it will boot loop ~ 3 times shut off, boot loop another 3 times then shut off, then it will boot...
Yes, it finally boots, but right now it requires a bit of hand holding to get things back online every time I patch it.
Any thoughts on what I could check?
I am experimenting in getting Rocky 9.4 to run in fips-mode via the NIST-171 security policy. I went through the install process no problem; and verified fips-mode is enabled via fips-mode-setup --check. My issue is when I try to update the system, I get the following when trying to run
sudo dnf update
Error: Failed to download metadata for repo 'baseos': Cannot prepare internal mirrorlist: Curl error (60): SSL peer certificate or SSH remote key was not OK for https://mirrors.rockylinux.org/mirrorlist?arch=x86_64&repo=BaseOS-9 [SSL certificate problem: EE certificate key too weak]
I am assuming that fips-mode is limiting the system to a subset of ciphers that isn't in the rocky repository's certificate. I am also assuming that the repository should be setup to connect with fips enabled machines. Is there something I am missing on my end?