I need to setup remote admin console on tcp(not unix socket) for tarantool.
According to documentation it is provided with console module.
And I added this to my tarantool config:
console.listen("0.0.0.0:3313")
Then I can connect to it via telnet or using tarantoolctl connect.
But I'm not pleased that it is not password protected. Yes I've read the docs.
Is there some possibility to get protected console with password?
The correct way to administer tarantool remotely, with authentication is by opening a regular binary port like this:
box.cfg({listen=3301})
And then connecting to it with tarantoolctl:
tarantoolctl connect admin:password#127.0.0.1:3301
So, connect to the instance through the same host:port you'd use to connect with, say, Python or PHP client.
The console module you refer to isn't meant to be used over TCP. It has support for TCP, but it's essentially plaintext, without any authentication. It is only meant to be used by local user who has root account.
Related
So I was following this tutorial to map a remote system as a network drive using sshfs. The issue is the remote system requires Kerberos authentication. So typically I have to do kinit before doing ssh user#remote but doing so before connecting through the network drive doesn't work for me. Is there any way to authenticate with Kerberos before I connect?
As far as I can see, you cannot use Kerberos with sshfs-win, because in normal mode it always waits for at least one password prompt, while in passwordless mode (sshfs.k) it always forces the authentication mechanism to 'publickey' when invoking the actual sshfs client, so there's no way to enable 'gssapi-with-mic' auth even if you do so via ~/.ssh/config.
For now I would suggest accessing the server via WinSCP; it supports Kerberos via Windows SSPI.
(On non-AD-member systems, use cmdkey /add:*.example.com /user:foo#EXAMPLE.COM /pass to store your Kerberos password in Windows Credential storage. This will allow any SSPI-based program to get tickets for the specified servers, including PuTTY, WinSCP, and even Win32-OpenSSH.)
I can not connect to Google Services from client application if it is trying to communicate with oauth2.googleapis.com (which is probably blocked in my corporate network - I dont know how to test it for sure).
I tried BigQuery with JDBC driver in Dbeaver. With basic settings.
User-based login does this:
It generates link for OAUTH. I open the browser and login with the right google account. Then I insert generated code into the Dbeaver and I recieve that AUTH has failed.
Service-based login does this:
It does not want me to visit any webpage. It just tells me:
[Simba][BigQueryJDBCDriver](100004) HttpTransport IO error : oauth2.googleapis.com.
I also tried to use ODBC, where PROXY can be filled in. But no luck.
When I take a look into 'Proxy Options' the proxy port is always rewritten by proxy host. Weird.
This is what happens when i click on 'catalog' or 'dataset' drop-down field. I cant do any further steps.
BUT!
When I set my HTTP PROXY in GCLOUD CLI APP then communication works. And I can call BQ from it.
Does it mean that GCLOUD communicates through HTTP Proxy and DBeaver or ODBC does not? Or does it mean that GCLOUD does not need oauth2.googleapis.com but ODBC and JDBC do and it is blacklisted? I am confused.
We need to migrate from our internal environment to GCP. We would love to use various applications. I would ask for whitelisting oauth2.googleapis.com but i am not sure this is the only problem as GCLOUD app works without any flaws.
I am not-experienced with networking so i am more than happy to update / correct this question or add any info (if you need) to help me understand this issue. Thank you
According to your description, your corporate network is using a Proxy to reach out Internet, this is the reason why gcloud is capable to reach out BigQuery service when Proxy settings are configured in your system; through Cloud SDK Proxy settings or HTTP PROXY environment variable.
You require to setup the proxy settings within the JDBC connection string as described in Simba JDBC driver documentation, e.g.:
jdbc:bigquery:DataSetId=MyDataSetId;ProjectId=MyProjectId;OAuthType=1;ProxyHost=MyProxyHost;ProxyPort=MyProxyPort;ProxyUID=MyProxyUsername;ProxyPWD=MyProxyPassword
This connection string will indicate the Proxy settings to Simba JDBC driver.
Hope everyone is doing well,
I have one new request from the client.
We sends files from our server to one FTP server.
But now client want to use new credential and private ssh key for that FTP server and he shared the same with us.
We have opened the new port also, but I am unable to login into FTP server. Did I need to do something to login or is their different ways to login for the same.
Regards,
Mustafa
FTP can use SSL, which supports client authentication using X.509 certificates. However, while many FTP servers support FTPS, I don't know of any which support client certificates. (In addition, client authentication is complicated in SSL – in many cases, you would have to create and maintain your own certificate authority and stuff. Not many clients support this kind of authentication, either.)
Much easier is to use SFTP, the SSH file transfer protocol. It uses exactly the same keys as "normal" SSH would. On Windows, WinSCP and FileZilla support SFTP.
When a user logs in to the (linux/unix) system as a user and runs a 4GL or ESQL/C program, the program can connect to a DB as the system account user without entering a password. e.g. If I login as rob and run a program it can connect to a DB without providing a password, providing rob has connect permission.
I would like to do a similar thing with a local java program that uses JDBC to talk to the DB server. Is this possible?
Yes, this is fully supported in the JDBC driver for Informix. You can connect without a password as the user who started the Java process that is on the same machine as the Informix server.
As Luis notes in his comment, you forego the username and password fields in your JDBC URL for this to work.
is there a way of how to connect to mysql dbf on a remote server and run sql queries using windows command line?
Yes, you can connect to a different host by running mysql -h 123.45.67.89.
Please note that there are a few security implications:
You will have to grant yourself access. You will need to run something like GRANT ALL on db_name.table TO user#your_ip IDENTIFIED BY 'password'. db_name, table and your_ip can be * but beware of opening your server to hackers.
You will have to open your server's firewall if you are not on the same LAN. Again, ymmv and you should be aware not to open the door to exploits.
You may want to use SSL and use secure-auth in order to protect your traffic and credentials.
Hope that helps.
MySQL has a command-line client, where you can run queries. If you don't want to allow remote connections to the database on the server, you can still script things into a batch. There are command-line telnet/ssh clients, that either accept external file as a list of commands to run remotely, or you can pass it with the input stream redirection (less then symbol) to them.
When opening a connection to server - most clients are programmed so that the only way to specify the login password is by typing it in from keyboard (yeah, they don't use default input stream). Things like that make it hard to script it. However, it may be possible to set up a certificate based login on SSH - you'd actually have to research that.
If the server that's hosting the MySQL database is also a web server - you could also think about putting some script (PHP, Perl, Python, Ruby - whatever you like) on the password protected area, that would allow you to execute queries by simply making a HTTP(S) queries on that script. Although, Windows doesn't have a command-line HTTP(S) client, you can always get something like wget.exe and perform queries with it. Note, that if you choose this approach - I strongly advice to put that script under HTTPS - if discovered by malicious user, it could be lethal to your data.
You could use telnet, or SSH if you want to be more secure.
If the MySQL is running on Linux or BSD, you need a Telnet or SSH connection through something like putty
This will open a command line on the remote server. The command is mysql. There will be issues around authentication of remote users (as you would expect).
If the remote server is running Windows, you have a whole different set of issues.
I'm not sure you can connect to a remote Windows server and control it this way.
I should say I'm not sure HOW you could connect to a remote Windows server and use it this way. But no doubt it's possible.