David Ghedini

Linux, Java, Oracle, and PostgreSQL


David Ghedini

Saturday Jan 30, 2016

PostgreSQL 9.5 Script for Debian Jessie (8.3)

Adding on to the CentOS PostgreSQL 9.5 scripts below, I've added a version for Debian Jessie (8.3).

Please read the README and use only on a clean install!

https://github.com/brainfurnace/postgresql-9.5-script-debian-8.3x64

As with the CentOS scripts, it adds some basic security steps:

  • Creates a minimally privilaged user (pgadmin - change to whatever you like)
  • Disables root log in
  • Sets the SSH port to 3838 (change to whatever you like).
  • Sets root, postgres, admin, and ssl pass to 32 chars
  • Installs IP tables (if you want to use firwalld, comment the appropriate lines as noted).
  • Configures Webmin for managing PostgreSQL
  • Installs a self-signed SSL for PostgreSQL
  • Updates pga_hba.conf to MD5 and SSL
  • Updates postgresql.conf for SSL and remote connections.


Once completed, it will display the new passwords for pgadmin, root, postgres, and ssl as well as write them to an auth.txt file

: Example Output at End of Script
Passwords saved in /root/auth.txt
pg pass: DqVnavTlCXcSKfHprgUtjF-20rpfsKui
ssl pass: yxaQJCXgudTw19XEOMPdZzNd5n6rwVOG
pgadmin pass: A0RUHtPfSFC82mHeDP_ixrRavk7itgkE
root pass: RvZDHkZv-AeQS-ce0Mcnif7GxmmJ-zxN

Bookmark and Share



Wednesday Dec 23, 2015

PostgreSQL 9.5 Scripts for CentOS 6 and CentOS 7

I'm always pleasantly surprised to see that my "Install PostgreSQL 9 on CentOS" from back in 2011 is still coming up on Google searches and that I still get the occasional new comments for it.

I thought I might be useful to add some scripts for PostgreSQL 9.5 (and 9.4) for Both CentOS 6 and CentOS 7 that may be time savers.

Please read the README and use only on a clean install!

https://github.com/DavidGhedini/postgresql-9.5-script-centos-7x64

https://github.com/DavidGhedini/postgresql-9.4-script-centos-7x64

https://github.com/DavidGhedini/postgresql-9.5-script-centos-6x64

https://github.com/DavidGhedini/postgresql-9.4-script-centos-6x64

The CentOS scripts lists all of the packages individually so you can easily edit the script to add or remove packages.

The scripts adds some basic security steps:

  • Creates a minimally privilaged user (pgadmin - change to whatever you like)
  • Disables root log in
  • Sets the SSH port to 3838 (change to whatever you like).
  • Sets root, postgres, admin, and ssl pass to 32 chars
  • Installs IP tables (if you want to use firwalld, comment the appropriate lines as noted).
  • Configures Webmin for managing PostgreSQL
  • Installs a self-signed SSL for PostgreSQL
  • Updates pga_hba.conf to MD5 and SSL
  • Updates postgresql.conf for SSL and remote connections.


Once completed, it will display the new passwords for pgadmin, root, postgres, and ssl as well as write them to an auth.txt file

: Example Output at End of Script
Passwords saved in /root/auth.txt
pg pass: DqVnavTlCXcSKfHprgUtjF-20rpfsKui
ssl pass: yxaQJCXgudTw19XEOMPdZzNd5n6rwVOG
pgadmin pass: A0RUHtPfSFC82mHeDP_ixrRavk7itgkE
root pass: RvZDHkZv-AeQS-ce0Mcnif7GxmmJ-zxN

Bookmark and Share



Monday Dec 07, 2015

DSpace Handle Server: java.lang.Exception: Incorrect passphrase

The solution is provided by Rafael Carreres Paredes at

http://osdir.com/ml/db.dspace.user/2007-07/msg00300.html

I had a bit of trouble locating it, however, so hopefully this will help the next person:

After issuing './bin/start-handle-server' there is no error displayed but handle server is not running.

The /dspace/log/handle-server.log shows:


Enter the passphrase for this server's authentication private key: 
Note: Your passphrase will be displayed as it is entered
Error: Incorrect passphrase
       (see the error log for details.)

Shutting down...


And in /handle-server/error.log:


Unable to initialize server signature object: java.lang.Exception: Incorrect passphrase
java.lang.Exception: Incorrect passphrase
	at net.handle.hdllib.Util.decrypt(Util.java:1083)
	at net.handle.server.HandleServer.(HandleServer.java:306)
	at net.handle.server.AbstractServer.getInstance(AbstractServer.java:72)
	at net.handle.server.Main.initialize(Main.java:152)
	at net.handle.server.Main.main(Main.java:75)



SSH and navigate to your dspace lib directory.

Navigate to your /lib directory and use the java key util as below (be sure to substitute paths for your privkey to your own):


 java -cp handle-6.2.jar net.handle.apps.tools.KeyUtil /var/lib/dspace-5.4/handle-server/privkey.bin



It starts an interactive session in which you will be asked for your password (the one you set handle configuration) and then give the option of 'Save private key without encryption'


Enter the passphrase for this private key:
Note: Your passphrase will be displayed as it is entered
MyPassword

Choose an operation:
  1: Encrypt private key with passphrase
  2: Save private key without encryption
  3: Exit
2
Warning: data not encrypted
Private key saved to file: /var/lib/dspace-5.4/dspace/handle-server/privkey.bin

Choose an operation:
  1: Encrypt private key with passphrase
  2: Save private key without encryption
  3: Exit
3




Check that you handle server is now running as well as logs.

Bookmark and Share




Main Menu

Built With

Search

Pages

LinkedIn

Tag Cloud

Hosted by:

Navigation

Visitors

Sponsors

Feeds

petiole Cloud