See https://weakdh.org for the problem – 1024 bit Diffie-Hellman keys are potentially breakable (the ‘logjam’ vulnerability). This can be fixed in Apache 2.4 by pointing it at a custom key, but up to recently ver 2.2 was vulnerable. The issue was fixed in apache 2.2.22-13+deb7u5, which allows a custom DH key to be appended to the server certificate. To use this in Debian 7:
Update to apache 2.2.22-13+deb7u5 or higher.
Generate a new Diffie-Hellman group using
Read more...
After much problems with getting a new Proxmox cluster up and running two things have helped:
Putting the SAN IP addresses in the hosts file, avoiding DNS dependancies (especially when one of the systems isn’t in there yet…). This put me on track: http://blog.rhavenindustrys.com/2013/04/curious-proxmox-clustering-fix.html
Important bit:
127.0.0.1 localhost.localdomain localhost
169.254.0.1 proxmox1.local proxmox1 pvelocalhost
169.254.0.2 proxmox2.local proxmox2
10.10.5.101 proxmox1.example.com
10.10.5.102 proxmox2.example.com
This associates the short aliases with the network used by corosync, while leaving the long addresses to the outside world.
Read more...
What everyone says is true. Don’t do it! 2010 seems to be very sensitive to .pst issues. Best to import old ones.
In this post suggested using the Satellite system option. However, this seems to do the same as the mail sent by smarthost; no local mail option in exim – i.e. even local mail to root tries to go via the smarthost, which then complains. The Internet with smarthost option is probably the better choice (equivalent to exim’s mail sent by smarthost; received via SMTP or fetchmail).
N.B. Normal proxmox setup seems to be for postfix to use /etc/aliases directly. Double check this file!