1. Enable serial console with command :
systemctl enable --now serial-getty@ttyS0.service
2. Connecting to guest OS from KVM with command:
virsh console [VM_NAME]
ref: ostechnix.com
1. Enable serial console with command :
systemctl enable --now serial-getty@ttyS0.service
2. Connecting to guest OS from KVM with command:
virsh console [VM_NAME]
ref: ostechnix.com
Problem :
1. Can't start RADIUS Systemd service.
2. Log show like this.
Oct 9 00:00:49 radius1 sh[1114]: C = FR, ST = Radius, L = Somewhere, O = Example Inc., emailAddress = admin@example.org, CN = Example Certificate Authority
Oct 9 00:00:49 radius1 sh[1114]: error 10 at 1 depth lookup: certificate has expired
Oct 9 00:00:49 radius1 sh[1114]: C = FR, ST = Radius, O = Example Inc., CN = Example Server Certificate, emailAddress = admin@example.org
Oct 9 00:00:49 radius1 sh[1114]: error 10 at 0 depth lookup: certificate has expired
Oct 9 00:00:49 radius1 sh[1114]: error server.pem: verification failed
Oct 9 00:00:49 radius1 sh[1114]: make: *** [Makefile:107: server.vrfy] Error 2
Oct 9 00:00:49 radius1 rsyslogd[1098]: imjournal: journal files changed, reloading... [v8.1911.0-6.el8 try https://www.rsyslog.com/e/0 ]
Oct 9 00:00:49 radius1 systemd[1]: radiusd.service: Control process exited, code=exited status=2
Oct 9 00:00:49 radius1 systemd[1]: radiusd.service: Failed with result 'exit-code'.
Oct 9 00:00:49 radius1 systemd[1]: Failed to start FreeRADIUS high performance RADIUS server..
Cause :
Certificate file in `/etc/raddb/certs/` have any expired certificates.
Resolution 1 (If you do not user certificate in /Certs ) :
Delete all certificate files in `/raddb/certs` with this command.
rm -f *.pem *.der *.csr *.crt *.key *.p12 serial* index.txt*
Resolution 2 :
Create new certificate new certificate instead expired certs.
1. Show all zone name and information about those zone.
firewall-cmd --list-all-zones
2. Create new zone.
firewall-cmd --new-zone=dmz2 --permanent
3. Add source network or source IP to firewall zone to allow those network access allow services or port number in specific zone. firewall-cmd --zone=dmz2 --add-source=192.168.0.0/24 --permanent
firewall-cmd --reload #Apply
4. Add service port to allow sources network in a zone to access those port.
firewall-cmd --zone=dmz2 --add-port=80/tcp --add-port=443 --permanent
firewall-cmd --reload #apply
Introduction: This guide will walk you through the process of importing your SSH private key to a Yubikey (PIV) for SSH authentication on y...