When stress testing our loadbalancer, i was unable to get more than 20 reliable ssh connections. The following error would be reported.
ssh_exchange_identification: Connection closed by remote host
The resolution for this is quite simple.
Edit the /etc/ssh/sshd_config file and increase the MaxStartups. On my server i set this to 200.
Edit /etc/sysctrl.conf and add the following line:
net.core.netdev_max_backlog = 3000
Then apply this change:
# sysctl -p
In this article Barry Mavin, CEO and Chief Software Architect for Recital, details how to use the Recital Database Server with Visual FoxPro.
Here's how to set up field validation based on dynamic values from another table.
Using the products.dbf table from the southwind sample database, validation can be added to the categoryid field to ensure it matches an existing categoryid from the categories.dbf table.
open database southwindThe rlookup() function checks whether an expression exists in the index (master or specified) of the specified table . An attempt to update categoryid with a value not in the list will give an error: Validation on field 'CATEGORYID' failed.
alter table products add constraint;
(categoryid set check rlookup(products.categoryid,categories))
If you have access to the Recital Workbench, you can use the modify structure worksurface to add and alter your dictionary entries, including a customized error message if required.
http://kbala.com/ie-9-supports-corner-radius/
Recital provides the following additional benefits:
- Easy to Install and Deploy - Users can set up Recital in minutes enabling organizations to deliver new applications faster than other databases.
- Easy to Administer - Recital is a low administration database that eliminates the need for highly trained, skilled, and costly database administrators to maintain the database.
- High Performance - Superior database performance for the most demanding of OLTP applications. Additionally, Clustered Recital provides 99.999% availability.
- Embeddable Library - Recital Embedded Edition provides in-process data storage engine that delivers all the features of a traditional relational database but in a size which makes it ideally suited for ISVs/VARs who need a small footprint and easy to use toolkit.
- Platform Independence - Recital runs on Linux, Solaris, AIX, HP-UX, Windows, and Mac OS X giving organizations complete flexibility in delivering a solution on the platform of their choice.
If when your attempt to create device meta-data fails this is drbd preventing you from corrupting a file system present on the target partition.
$ drbdadm create-md drbd0
v08 Magic number not found
md_offset 30005817344
al_offset 30005784576
bm_offset 30004867072
Found ext2 filesystem which uses 190804004 kB
current configuration leaves usable 29301628 kB
Device size would be truncated, which
would corrupt data and result in
'access beyond end of device' errors.
You need to either
* use external meta data (recommended)
* shrink that filesystem first
* zero out the device (destroy the filesystem)
Operation refused.
Command 'drbdmeta /dev/drbd0 v08 /dev/sda4 internal create-md' terminated with exit code 40
drbdadm aborting
Once you have confirmed that the file system present on the target partition is no longer required at the prompt type the following:
Replace /dev/sdaX with the block device you are targeting.
dd if=/dev/zero of=/dev/sdaX bs=1M count=128
Once this has completed the drbdadm create-md drbd0 command will complete with a "success."
$ drbdadm create-md drbd0
v08 Magic number not found
v07 Magic number not found
v07 Magic number not found
v08 Magic number not found
Writing meta data...
initialising activity log
NOT initialized bitmap
New drbd meta data block successfully created.
success
$
auth sufficient pam_krb5.so try_first_pass
auth sufficient pam_unix.so shadow nullok try_first_pass
account required pam_unix.so broken_shadow
account [default=bad success=ok user_unknown=ignore] pam_krb5.so
Opening SSH to the outside world is a security risk. Here is how to restrict SSH access to certain IP addresses on a machine.
- Edit the /etc/hosts.allow file to include these lines, assuming your machine is on the 192.168.2.x nonrouting IP block, and you want to enable an external address of 217.40.111.121 IP block: Remember to add the period on the end of each incomplete IP number. If you have another complete IP address or range, add a space and that range on the end.
sshd,sshdfwd-X11: 192.168.2. 217.40.111.121
- Edit your /etc/hosts.deny file to include this line:
sshd,sshdfwd-X11:ALL
- These lines refuse SSH connections from anyone not in the IP address blocks listed.
Additionally you can restrict SSH access by username.
- Edit the /etc/ssh/sshd_config file and add the following lines
PermitRootLogin no
AllowUsers user1 user2 user3 etc
PasswordAuthentication yes
Now restart the ssh daemon for these changes to take effect
service sshd restart