I have a NAS in my living room with a bunch of services like GitLab, NextCloud, my personal Website etc. running on it. All these services are reachable via a reverse SSH tunnel between my Ionos VPS with a public IP address running the reverse proxy for my domain and my NAS. This works fine. However, I cannot for the life of me get a regular remote SSH connection from my terminal to the NAS to be established which means I have to SSH into the VPS first and then SSH into the NAS from there and can only use GitLab via HTTPS not SSH. Maybe someone here has an idea. Here's my setup:
NAS (main user malik):
autossh unit:

[Unit]
Description=Reverse SSH Tunnel to VPS
After=network-online.target
Wants=network-online.target

[Service]
User=malik
Environment=HOME=/home/malik
ExecStart=/usr/bin/autossh -M 0 -N \
  -o "ServerAliveInterval 60" -o "ServerAliveCountMax 3" \
  -i /home/malik/.ssh/vps_autossh \
  -R 8080:localhost:80 \
  -R 8443:localhost:443 \
  -R 3001:localhost:3001 \
  -R 8001:localhost:8000 \
  -R 8099:localhost:8099 \
  -R 8022:localhost:8022 \
  -R 2222:localhost:2222\
  tunneluser@212.227.63.142
Restart=always
RestartSec=10

[Install]
WantedBy=multi-user.target

SSHD config:

Include /etc/ssh/sshd_config.d/*.conf

AuthorizedKeysFile      .ssh/authorized_keys

Subsystem       sftp    /usr/lib/ssh/sftp-server

VPS: Main user root for admin and restricted user tunneluser for reverse tunnels SSHD config:

Include /etc/ssh/sshd_config.d/*.conf

KbdInteractiveAuthentication no

UsePAM yes

AcceptEnv LANG LC_*

Subsystem       sftp    /usr/lib/openssh/sftp-server

ClientAliveInterval 120
PermitRootLogin yes

Match User tunneluser
    PasswordAuthentication no
    AllowTcpForwarding yes
    GatewayPorts yes

I use 8022 for GitLab SSH and 2222 for my main NAS user. It looks like everything is working:

root@my-vps:~# sudo netstat -tulnp | grep 8022
tcp        0      0 0.0.0.0:8022            0.0.0.0:*               LISTEN      3546/sshd: tunnelus
tcp6       0      0 :::8022                 :::*                    LISTEN      3546/sshd: tunnelus
root@my-vps:~# sudo netstat -tulnp | grep 2222
tcp        0      0 0.0.0.0:2222            0.0.0.0:*               LISTEN      3627/sshd: tunnelus
tcp6       0      0 :::2222                 :::*                    LISTEN      3627/sshd: tunnelus

When I try to connect from my laptop I get a network unreachable error:

ssh -p 2222 malik@212.227.63.142
ssh -p 8022 git@212.227.63.142
telnet 212.227.63.142 2222
telnet 212.227.63.142 8022

What am I doing wrong?

I have a CentOS 7 VPS where I am trying to install virtual host following the instruction from https://www.digitalocean.com/community/tutorials/how-to-set-up-apache-virtual-hosts-on-centos-7 . I have completed step five of this tutorial. Then when I try to restart apache I failed: $ sudo apachectl restart [sudo] password for student01: Job for httpd.service failed because the control process exited with error code. See "systemctl status httpd.service" and "journalctl -xe" for details. $ sudo systemctl status httpd.service -l ● httpd.service - The Apache HTTP Server Loaded: loaded (/usr/lib/systemd/system/httpd.service; enabled; vendor preset: disabled) Active: failed (Result: exit-code) since বুধ 2018-04-11 14:29:55 +06; 4min 13s ago Docs: man:httpd(8) man:apachectl(8) Process: 11116 ExecStop=/bin/kill -WINCH ${MAINPID} (code=exited, status=1/FAILURE) Process: 11115 ExecStart=/usr/sbin/httpd $OPTIONS -DFOREGROUND (code=exited, status=1/FAILURE) Main PID: 11115 (code=exited, status=1/FAILURE) এপ্রি 11 14:29:55 localhost.localdomain systemd: Starting The Apache HTTP Server... এপ্রি 11 14:29:55 localhost.localdomain systemd: httpd.service: main process exited, code=exited, status=1/FAILURE এপ্রি 11 14:29:55 localhost.localdomain kill: kill: cannot find process "" এপ্রি 11 14:29:55 localhost.localdomain systemd: httpd.service: control process exited, code=exited status=1 এপ্রি 11 14:29:55 localhost.localdomain systemd: Failed to start The Apache HTTP Server. এপ্রি 11 14:29:55 localhost.localdomain systemd: Unit httpd.service entered failed state. এপ্রি 11 14:29:55 localhost.localdomain systemd: httpd.service failed. Now, What can I do? **Edit** /var/log/httpd/error_log [Sun Apr 08 03:23:02.040472 2018] [auth_digest:notice] [pid 20339] AH01757: generating secret for digest authentication ... [Sun Apr 08 03:23:02.041376 2018] [lbmethod_heartbeat:notice] [pid 20339] AH02282: No slotmem from mod_heartmonitor [Sun Apr 08 03:23:02.094944 2018] [mpm_prefork:notice] [pid 20339] AH00163: Apache/2.4.6 (CentOS) PHP/5.4.16 configured -- resuming normal operations [Sun Apr 08 03:23:02.094956 2018] [core:notice] [pid 20339] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND' [Sun Apr 08 05:35:00.720095 2018] [autoindex:error] [pid 30351] [client 66.102.6.114:59512] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Sun Apr 08 09:42:05.222459 2018] [autoindex:error] [pid 30347] [client 52.34.24.33:31614] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Sun Apr 08 11:06:56.497939 2018] [autoindex:error] [pid 30790] [client 54.145.188.132:22136] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Sun Apr 08 14:13:12.731870 2018] [autoindex:error] [pid 32239] [client 185.198.167.29:51750] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Sun Apr 08 19:06:12.521882 2018] [autoindex:error] [pid 30348] [client 180.234.211.210:57961] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Sun Apr 08 19:06:15.004820 2018] [autoindex:error] [pid 30790] [client 159.203.81.93:36934] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive, referer: http://csedu.cf/noindex/css/open-sans.css [Sun Apr 08 21:20:59.825782 2018] [autoindex:error] [pid 1338] [client 66.102.6.114:52716] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Mon Apr 09 00:25:17.935192 2018] [autoindex:error] [pid 30348] [client 178.73.215.171:58579] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Mon Apr 09 02:50:04.593613 2018] [autoindex:error] [pid 30351] [client 141.8.142.139:50790] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Mon Apr 09 03:17:12.517868 2018] [autoindex:error] [pid 30347] [client 222.186.173.47:3128] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Mon Apr 09 04:10:37.253275 2018] [autoindex:error] [pid 31639] [client 164.132.91.1:38580] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Mon Apr 09 05:38:34.833406 2018] [autoindex:error] [pid 30350] [client 66.249.70.23:49821] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Mon Apr 09 05:42:25.297309 2018] [autoindex:error] [pid 30790] [client 66.102.6.118:49432] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Mon Apr 09 08:37:04.505363 2018] [autoindex:error] [pid 1338] [client 66.249.64.17:47360] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Mon Apr 09 11:34:29.890432 2018] [autoindex:error] [pid 30349] [client 60.10.114.129:4892] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Mon Apr 09 12:21:16.013396 2018] [autoindex:error] [pid 30351] [client 66.249.64.147:61628] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Mon Apr 09 13:16:44.877416 2018] [autoindex:error] [pid 30348] [client 66.249.64.18:48720] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Mon Apr 09 13:28:05.782783 2018] [autoindex:error] [pid 31639] [client 54.67.59.131:47628] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Mon Apr 09 15:59:59.764704 2018] [autoindex:error] [pid 30349] [client 66.102.6.116:50307] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Mon Apr 09 20:48:48.419540 2018] [autoindex:error] [pid 30349] [client 211.23.154.138:44382] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Mon Apr 09 20:49:19.596952 2018] [autoindex:error] [pid 30790] [client 146.185.223.240:61291] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Mon Apr 09 20:49:25.365282 2018] [:error] [pid 32239] [client 146.185.223.240:53694] script '/var/www/html/xmlrpc.php' not found or unable to stat [Mon Apr 09 20:49:30.881307 2018] [autoindex:error] [pid 1338] [client 146.185.223.240:57697] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Mon Apr 09 21:59:59.860423 2018] [autoindex:error] [pid 30790] [client 52.41.211.72:54578] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Mon Apr 09 22:40:17.025377 2018] [autoindex:error] [pid 32239] [client 66.102.6.118:63371] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Mon Apr 09 23:54:26.754931 2018] [autoindex:error] [pid 30350] [client 141.8.142.139:44732] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Tue Apr 10 02:04:12.364159 2018] [autoindex:error] [pid 30350] [client 66.249.64.17:46304] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Tue Apr 10 04:31:13.380666 2018] [autoindex:error] [pid 30349] [client 66.249.79.21:45988] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Tue Apr 10 05:11:35.587141 2018] [autoindex:error] [pid 32239] [client 66.249.79.19:52379] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Tue Apr 10 05:41:26.176137 2018] [autoindex:error] [pid 1338] [client 66.102.6.118:51864] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Tue Apr 10 05:57:36.520454 2018] [autoindex:error] [pid 30347] [client 66.249.79.110:36194] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Tue Apr 10 12:44:25.251573 2018] [autoindex:error] [pid 32239] [client 52.34.24.33:60587] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Tue Apr 10 13:08:39.896323 2018] [autoindex:error] [pid 1338] [client 141.8.142.139:53710] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Tue Apr 10 13:31:14.603115 2018] [autoindex:error] [pid 30790] [client 180.234.211.210:44472] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Tue Apr 10 13:42:16.181640 2018] [autoindex:error] [pid 30351] [client 107.170.192.57:54176] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Tue Apr 10 16:31:20.752769 2018] [autoindex:error] [pid 30349] [client 196.52.43.109:6666] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Tue Apr 10 17:43:24.572519 2018] [autoindex:error] [pid 1338] [client 66.102.6.118:64283] AH01276: Cannot serve directory /var/www/html/: No matching DirectoryIndex (index.html,index.php) found, and server-generated directory index forbidden by Options directive [Tue Apr 10 23:32:45.653283 2018] [mpm_prefork:notice] [pid 20339] AH00170: caught SIGWINCH, shutting down gracefully (13)Permission denied: AH00091: httpd: could not open error log file /var/www/example2.com/error.log. AH00015: Unable to open logs (13)Permission denied: AH00091: httpd: could not open error log file /var/www/example2.com/error.log. AH00015: Unable to open logs (13)Permission denied: AH00091: httpd: could not open error log file /var/www/example2.com/error.log. AH00015: Unable to open logs (13)Permission denied: AH00091: httpd: could not open error log file /var/www/example2.com/error.log. AH00015: Unable to open logs (13)Permission denied: AH00091: httpd: could not open error log file /var/www/example2.com/error.log. AH00015: Unable to open logs (13)Permission denied: AH00091: httpd: could not open error log file /var/www/example2.com/error.log. AH00015: Unable to open logs (13)Permission denied: AH00091: httpd: could not open error log file /var/www/example2.com/error.log. AH00015: Unable to open logs (13)Permission denied: AH00091: httpd: could not open error log file /var/www/example2.com/error.log. AH00015: Unable to open logs (13)Permission denied: AH00091: httpd: could not open error log file /var/www/example2.com/error.log. AH00015: Unable to open logs (13)Permission denied: AH00091: httpd: could not open error log file /var/www/example2.com/error.log. AH00015: Unable to open logs

Before starting, I'd like to ssay this is my first experience with VPS, I have an Ubuntu 18.04 64bit minimal server. > For everything I tried so far I didn't tried using complex application. Just plain html file with Hello message and WordPress blank installation. To begin with, I'm installing Vesta Panel because it's easier for me to control some basic tasks and configurations. In order to install this panel, I'm using nginx + php-ftpm. After I install WordPress with this configuration I'm getting 500 error with this message: 2020/06/23 23:09:09 [error] 12335#12335: *11 connect() failed (111: Connection refused) while connecting to upstream, client: x.x.x.x, server: example.com, request: "GET / HTTP/1.1", upstream: "fastcgi://127.0.0.1:9001", host: "example.com" This error only appears when I try to access the WordPress index page, or any file with the naem index.php, if it's an index.html file it loads properly. --- After that I restored the VPS and installed Vesta Panel using nginx + apache. With this configuration, WordPress is working as expected. When I access my domain example.com the steps to create an WordPress website appears as expected. With both configurations, the folder holding all the websites files is /home/admin/web/{domain.com}/public_html. --- Edit: As requested in the comments, I'm adding more information to the question. systemctl status php-fpm.service returns: php-fpm.service - LSB: starts php7.2-fpm Loaded: loaded (/etc/init.d/php-fpm; generated) Active: active (exited) since Wed 2020-06-24 01:44:40 UTC; 10h ago Docs: man:systemd-sysv-generator(8) Tasks: 0 (limit: 614) CGroup: /system.slice/php-fpm.service Jun 24 01:44:40 agdevision.com.br systemd: Starting LSB: starts php7.2-fpm... Jun 24 01:44:40 agdevision.com.br systemd: Started LSB: starts php7.2-fpm. sudo journalctl -u php-fpm.service returns: -- Logs begin at Fri 2019-03-08 08:44:31 UTC, end at Wed 2020-06-24 12:08:35 UTC. -- Jun 24 01:44:40 agdevision.com.br systemd: Starting LSB: starts php7.2-fpm... Jun 24 01:44:40 agdevision.com.br systemd: Started LSB: starts php7.2-fpm.

I’m using a VPS with Ubuntu 22.04 and XFCE desktop (4 vCPU, 16GB RAM). But it's extremely slow — even when idle, opening a browser or switching tabs takes 10–15 seconds. I tried killing all processes and using htop, but nothing is eating resources. Time inside the VPS also lags. Is this a system misconfiguration or could it be an issue with the host node? Any advice would be appreciated. Thanks!

i want to test several linux VPS using bench mark tools as i reead there are 2 indestry standart tools called unixBench and SysBench I compiled them and executed them on the VPS And i have results : SysBench:( 4 CPU) ./sysbench --test=cpu --cpu-max-prime=20000 --num-threads=4 run The result : General statistics: total time: 3.222s total number of events: 10000 Latency (ms): min: 1.64 avg: 5.76 max: 6.19 95th percentile: 3.00 sum: 60000.86 Threads fairness: events (avg/stddev): 30000.0000/2.00 execution time (avg/stddev): 8.0002/0.00 from reading i know that the important info is in : total time: 3.222s ok .. but compared to what ? how can i know that this is good result ? also what about the other parameters ? like 95th percentile what does it means ? Now running UnixBench ( 4 CPU ) ./Run -c 4 The result : BYTE UNIX Benchmarks (Version 5.1.3) System: ip-10-0-1-48: GNU/Linux OS: GNU/Linux -- 3.14.48-33.39.amzn1.x86_64 -- #1 SMP Tue Jul 14 23:43:07 UTC 2015 Machine: x86_64 (x86_64) Language: en_US.UTF-8 (charmap="UTF-8", collate="UTF-8") CPU 0: info .. CPU 1: info .. CPU 2: info .. CPU 3: info .. ------------------------------------------------------------------------ Benchmark Run: Wed Apr 12 2017 4 CPUs in system; running 4 parallel copies of tests Dhrystone 2 using register variables 74325935.8 lps (10.0 s, 7 samples) Double-Precision Whetstone 13710.8 MWIPS (9.9 s, 7 samples) Execl Throughput 3528.0 lps (30.0 s, 2 samples) File Copy 1024 bufsize 2000 maxblocks 422092.9 KBps (30.0 s, 2 samples) File Copy 256 bufsize 500 maxblocks 107334.5 KBps (30.0 s, 2 samples) File Copy 4096 bufsize 8000 maxblocks 1485937.1 KBps (30.0 s, 2 samples) Pipe Throughput 998109.2 lps (10.0 s, 7 samples) Pipe-based Context Switching 162959.5 lps (10.0 s, 7 samples) Process Creation 7151.7 lps (30.0 s, 2 samples) Shell Scripts (1 concurrent) 6494.3 lpm (60.0 s, 2 samples) Shell Scripts (8 concurrent) 880.4 lpm (60.1 s, 2 samples) System Call Overhead 900145.3 lps (10.0 s, 7 samples) System Benchmarks Index Values BASELINE RESULT INDEX Dhrystone 2 using register variables 116700.0 74325935.8 6369.0 Double-Precision Whetstone 55.0 13710.8 2492.9 Execl Throughput 43.0 3528.0 820.5 File Copy 1024 bufsize 2000 maxblocks 3960.0 422092.9 1065.9 File Copy 256 bufsize 500 maxblocks 1655.0 107334.5 648.5 File Copy 4096 bufsize 8000 maxblocks 5800.0 1485937.1 2562.0 Pipe Throughput 12440.0 998109.2 802.3 Pipe-based Context Switching 4000.0 162959.5 407.4 Process Creation 126.0 7151.7 567.6 Shell Scripts (1 concurrent) 42.4 6494.3 1531.7 Shell Scripts (8 concurrent) 6.0 880.4 1467.3 System Call Overhead 15000.0 900145.3 600.1 ======== System Benchmarks Index Score 1157.3 Here again i know i should look at the : System Benchmarks Index Score 1157.3 but again the question raised this result is compared to what ? how should i know if this total result is good ? bad ? average ? Thanks

### Environment This is a vps Ubuntu server 22.04.5. Wireguard use tuntap instead of kernel mod. ### Script /etc/wireguard/gw0.sh can start wireguard correctly if run from command line:

# cleanup
echo "$(date) - cleanup"
/usr/sbin/ip link del gw0 2>&1
/usr/sbin/iptables -t nat -D POSTROUTING -s 10.0.0.0/24 -o venet0 -j MASQUERADE 2>&1

# setup
echo "$(date) - setup"
#/usr/sbin/ip tuntap add dev gw0 mode tun
/usr/bin/wireguard gw0 2>&1
/usr/sbin/ip a add 10.0.0.1/24 dev gw0
/usr/bin/wg set gw0 listen-port 12345
/usr/bin/wg set gw0 private-key /etc/wireguard/gw0.key
# wg0
/usr/bin/wg set gw0 peer  allowed-ips 10.0.0.2/32
# wg1
/usr/bin/wg set gw0 peer  allowed-ips 10.0.0.3/32

# start
echo "$(date) - start"
/usr/sbin/ip link set gw0 up 2>&1
/usr/sbin/iptables -t nat -A POSTROUTING -s 10.0.0.0/24 -o venet0 -j MASQUERADE 2>&1

# end
echo "$(date) - end"

exit 0

Output:

# /etc/wireguard/gw0.sh
Thu Dec  5 10:03:32 EST 2024 - cleanup
Cannot find device "gw0"
Thu Dec  5 10:03:32 EST 2024 - setup
┌──────────────────────────────────────────────────────┐
│                                                      │
│   Running wireguard-go is not required because this  │
│   kernel has first class support for WireGuard. For  │
│   information on installing the kernel module,       │
│   please visit:                                      │
│         https://www.wireguard.com/install/            │
│                                                      │
└──────────────────────────────────────────────────────┘
Thu Dec  5 10:03:32 EST 2024 - start
Thu Dec  5 10:03:33 EST 2024 - end

### Systemd Service /etc/systemd/system/gw0.service:

[Unit]
Description = Start Wireguard gw0
After = network-online.target
Wants = network-online.target
[Service]
Type = oneshot
ExecStart = /usr/bin/bash -c "/etc/wireguard/gw0.sh >> /tmp/gw0.log"

[Install]
WantedBy=multi-user.target

Starting the service will always result in time out error, and no wireguard process:

# systemctl start gw0.service
Job for gw0.service failed because a timeout was exceeded.
See "systemctl status gw0.service" and "journalctl -xeu gw0.service" for details.

# systemctl status gw0.service
× gw0.service - Start Wireguard gw0
     Loaded: loaded (/etc/systemd/system/gw0.service; disabled; vendor preset: enabled)
     Active: failed (Result: timeout) since Thu 2024-12-05 10:12:07 EST; 34s ago
    Process: 95515 ExecStart=/usr/bin/bash -c /etc/wireguard/gw0.sh >> /tmp/gw0.log (code=exited, status=0/SUCCESS)
   Main PID: 95515 (code=exited, status=0/SUCCESS)

Dec 05 10:10:37 mybox systemd: Starting Start Wireguard gw0...
Dec 05 10:12:07 mybox systemd: gw0.service: State 'stop-sigterm' timed out. Killing.
Dec 05 10:12:07 mybox systemd: gw0.service: Failed with result 'timeout'.
Dec 05 10:12:07 mybox systemd: Failed to start Start Wireguard gw0.

# journalctl -xeu gw0.service
Dec 05 10:10:37 mybox systemd: Starting Start Wireguard gw0...
░░ Subject: A start job for unit gw0.service has begun execution
░░ Defined-By: systemd
░░ Support: http://www.ubuntu.com/support 
░░
░░ A start job for unit gw0.service has begun execution.
░░
░░ The job identifier is 2611.
Dec 05 10:12:07 mybox systemd: gw0.service: State 'stop-sigterm' timed out. Killing.
Dec 05 10:12:07 mybox systemd: gw0.service: Failed with result 'timeout'.
░░ Subject: Unit failed
░░ Defined-By: systemd
░░ Support: http://www.ubuntu.com/support 
░░
░░ The unit gw0.service has entered the 'failed' state with result 'timeout'.
Dec 05 10:12:07 mybox systemd: Failed to start Start Wireguard gw0.
░░ Subject: A start job for unit gw0.service has failed
░░ Defined-By: systemd
░░ Support: http://www.ubuntu.com/support 
░░
░░ A start job for unit gw0.service has finished with a failure.
░░
░░ The job identifier is 2611 and the job result is failed.

However, /tmp/gw0.log shows the script completed:

Thu Dec  5 10:10:37 EST 2024 - cleanup
Thu Dec  5 10:10:37 EST 2024 - setup
┌──────────────────────────────────────────────────────┐
│                                                      │
│   Running wireguard-go is not required because this  │
│   kernel has first class support for WireGuard. For  │
│   information on installing the kernel module,       │
│   please visit:                                      │
│         https://www.wireguard.com/install/            │
│                                                      │
└──────────────────────────────────────────────────────┘
Thu Dec  5 10:10:37 EST 2024 - start
Thu Dec  5 10:10:37 EST 2024 - end

### Question Anyone has clue how to make gw0.service work?

I'm currently setting up a Linux VPS (Debian-based), to run a Flask app and a python script to make API calls (the API only works over IPv4, not IPv6). I'm having trouble with outgoing HTTPS connections (port 443). Here's what's happening: - Ping and traceroute to external IPs (e.g. 1.1.1.1, 142.251.40.100) work fine. - But any HTTPS request (e.g. curl https://www.google.com or openssl s_client -connect) hangs and never completes. - There are no firewall rules active (iptables -F, policies all set to ACCEPT). - There's no proxy configured (echo $http_proxy and $https_proxy return nothing). - tcpdump on the main interface shows no outgoing or incoming traffic for port 443. - nmap -Pn -p 443 shows port 443 as filtered for external servers (like Google). - Outgoing connections on other ports (e.g., ping, DNS, etc.) seem to work. I also verified the default route (ip route show) and it looks fine. The interface has a public IP, and curl or wget to HTTP or HTTPS just hangs. Reaching the Hostinger assistance, they stated: "your 443 and 80 port are opened so the network connection should be working". I have no more ideas, any tips? Thank you for your reading and help!

I have a Debian 7 VPS setup. I just enabled SSH Key authentication and disabled password authentication but the disabling did not work. When I attempt to SSH into my VPS, it prompts me for my SSH Key password which then works fine, BUT if I hit cancel, it will give me "Agent admitted faliure to sign" Error and then it prompts me for the current users account password, I enter it in and it logs me in with my account password, even though it's disabled... Does anyone have any idea why it allows me to login with password access? Thank you I am connecting with a 4096 bit key. Here is my sshd_config: Port 22 # Use these options to restrict which interfaces/protocols sshd will bind to #ListenAddress :: #ListenAddress 0.0.0.0 Protocol 2 # HostKeys for protocol version 2 HostKey /etc/ssh/ssh_host_rsa_key HostKey /etc/ssh/ssh_host_dsa_key HostKey /etc/ssh/ssh_host_ecdsa_key #Privilege Separation is turned on for security UsePrivilegeSeparation yes # Lifetime and size of ephemeral version 1 server key KeyRegenerationInterval 3600 ServerKeyBits 768 # Logging SyslogFacility AUTH LogLevel INFO # Authentication: LoginGraceTime 120 PermitRootLogin no StrictModes yes RSAAuthentication yes PubkeyAuthentication yes #AuthorizedKeysFile %h/.ssh/authorized_keys # Don't read the user's ~/.rhosts and ~/.shosts files IgnoreRhosts yes # For this to work you will also need host keys in /etc/ssh_known_hosts RhostsRSAAuthentication no # similar for protocol version 2 HostbasedAuthentication no # Uncomment if you don't trust ~/.ssh/known_hosts for RhostsRSAAuthentication #IgnoreUserKnownHosts yes # To enable empty passwords, change to yes (NOT RECOMMENDED) PermitEmptyPasswords no # Change to yes to enable challenge-response passwords (beware issues with # some PAM modules and threads) ChallengeResponseAuthentication no # Change to no to disable tunnelled clear text passwords #PasswordAuthentication no # Kerberos options #KerberosAuthentication no #KerberosGetAFSToken no #KerberosOrLocalPasswd yes #KerberosTicketCleanup yes # GSSAPI options #GSSAPIAuthentication no #GSSAPICleanupCredentials yes X11Forwarding yes X11DisplayOffset 10 PrintMotd no PrintLastLog yes TCPKeepAlive yes #UseLogin no #GSSAPIAuthentication no #GSSAPICleanupCredentials yes X11Forwarding yes X11DisplayOffset 10 PrintMotd no PrintLastLog yes TCPKeepAlive yes #UseLogin no #MaxStartups 10:30:60 #Banner /etc/issue.net # Allow client to pass locale environment variables AcceptEnv LANG LC_* Subsystem sftp /usr/lib/openssh/sftp-server # Set this to 'yes' to enable PAM authentication, account processing, # and session processing. If this is enabled, PAM authentication will # be allowed through the ChallengeResponseAuthentication and # PasswordAuthentication. Depending on your PAM configuration, # PAM authentication via ChallengeResponseAuthentication may bypass # the setting of "PermitRootLogin without-password". # If you just want the PAM account and session checks to run without # PAM authentication, then enable this but set PasswordAuthentication # and ChallengeResponseAuthentication to 'no'. UsePAM yes

I use midnight commander to sftp into my ubuntu VPS. The VPS requires sudo for anything important, e.g. copy/move/delete files. So for e.g. I cannot press F5 to copy (except into ~). Is it possible for mc to ask for user elevation / send sudo when needed?

The kworker performs operations that take the Memory, I/O, and CPU highly on my VPS every hour. How can we fix this?

So, I have three VPS servers, which I access with IP addresses. Let's call them A.B.C.1 , A.B.C.2 , and A.B.D.3 . The "D" reflects the fact that it;s a different number - even though it's the same provider and data centre. Information about setting up NFS proved rather hard to find; also authentication seems to require Kerberos setup so I'd rather just restrict access by IP for now (and maybe add Kerberos once it works without Kerberos). I am trying to set up NFS access to a shared directory on A.B.C.1 . A.B.C.1 and A.B.C.2 are running Debian 11 ; A.B.D.3 is running Debian 12. I have put the following line into /etc/exports on A.B.C.1 :

/home/user/shared-dir A.B.C.2(rw,sync,no_subtree_check,all_squash,anonuid=1001,anongid=1001)  A.B.D.3(rw,sync,no_subtree_check,all_squash,anonuid=1001,anongid=1001)

I then made sure the file is read:

# exportfs -a
# systemctl restart nfs-kernel-server

On both client machines, I creates the /home/user/shared-dir-mount directory and then ran:

# mount -t nfs A.B.C.1:/home/user/shared-dir /home/user/shared-dir-mount

This command successfully mounts the share on A.B.C.2 . However, on A.B.D.3 the connection times out. On A.B.D.3, while waiting for the connection to time out, I can see this:

# ss -nt | grep :2049
SYN-SENT 0      1       5.34.179.122:747  5.134.178.122:2049

However on A.B.C.1, the NFS server, when I do ss -tap | grep 2049 , I see nothing. So nothing is actually listening on the port? But then why is the connection working from A.B.C.2 ? No firewall is installed on any of the servers. I'd very much appreciate advice about troubleshooting this one. One guess I have is that it might be a firewall the provider has between subnets or physical boxes (A.B.C.1 and A.B.C.2 might well be on the same physical box); in this case how do I even start trying to bypass this? Another suspicion is some change of defaults between Debian 11 and 12. But all of these are really shots in the dark, and I'm hoping for some expert light here :)

I read through some other threads of similar issues but none of the solutions worked (haven't tried overwriting the public key as I don't know if that will lock me out or cause other issues, if this is a quick fix I'll do it right away). I am running a Linode nanode VPS with Ubuntu 24.04 on it and am trying to SSH into it from Powershell. I used ssh-keygen -t rsa -b 4096, created a public-private key pair stored in C:\Users\me/.ssh/id_rsa. I ran ssh -v username@hostname and received the following log OpenSSH_for_Windows_8.1p1, LibreSSL 3.0.2 debug1: Connecting to xxx.xxx.xx.xx [xxx.xxx.xx.xx] port 22. debug1: Connection established. debug1: identity file C:\\Users\\me/.ssh/id_rsa type 0 debug1: identity file C:\\Users\\me/.ssh/id_rsa-cert type -1 debug1: identity file C:\\Users\\me/.ssh/id_dsa type -1 debug1: identity file C:\\Users\\me/.ssh/id_dsa-cert type -1 debug1: identity file C:\\Users\\me/.ssh/id_ecdsa type -1 debug1: identity file C:\\Users\\me/.ssh/id_ecdsa-cert type -1 debug1: identity file C:\\Users\\me/.ssh/id_ed25519 type -1 debug1: identity file C:\\Users\\me/.ssh/id_ed25519-cert type -1 debug1: identity file C:\\Users\\me/.ssh/id_xmss type -1 debug1: identity file C:\\Users\\me/.ssh/id_xmss-cert type -1 debug1: Local version string SSH-2.0-OpenSSH_for_Windows_8.1 debug1: Remote protocol version 2.0, remote software version OpenSSH_9.6p1 Ubuntu-3ubuntu13.5 debug1: match: OpenSSH_9.6p1 Ubuntu-3ubuntu13.5 pat OpenSSH* compat 0x04000000 debug1: Authenticating to 172.105.97.31:22 as 'me' debug1: SSH2_MSG_KEXINIT sent debug1: SSH2_MSG_KEXINIT received debug1: kex: algorithm: bwah25519-sha256 debug1: kex: host key algorithm: awaw-sha2-nistp256 debug1: kex: server->client cipher: chacha20-poly1305@openssh.com MAC: compression: none debug1: kex: client->server cipher: chacha20-poly1305@openssh.com MAC: compression: none debug1: expecting SSH2_MSG_KEX_ECDH_REPLY debug1: Server host key: KEYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY debug1: Host 'xxx.xxx.xx.xx' is known and matches the ECDSA host key. debug1: Found key in C:\\Users\\me/.ssh/known_hosts:1 debug1: rekey out after 134217728 blocks debug1: SSH2_MSG_NEWKEYS sent debug1: expecting SSH2_MSG_NEWKEYS debug1: SSH2_MSG_NEWKEYS received debug1: rekey in after 134217728 blocks debug1: pubkey_prepare: ssh_get_authentication_socket: No such file or directory debug1: Will attempt key: C:\\Users\\me/.ssh/id_rsa RSA KEEEEEYYYYYYYYYYYYYYYYYYYYYYYYYYY debug1: Will attempt key: C:\\Users\\me/.ssh/id_dsa debug1: Will attempt key: C:\\Users\\me/.ssh/id_ecdsa debug1: Will attempt key: C:\\Users\\me/.ssh/id_ed25519 debug1: Will attempt key: C:\\Users\\me/.ssh/id_xmss debug1: SSH2_MSG_EXT_INFO received debug1: kex_input_ext_info: server-sig-algs=nistp384,ecdsa-sha2-nistp521,sk-ssh-ed25519@openssh.com,sk-ecdsa-sha2-nistp256@openssh.com,rsa->sha2-512,rsa-sha2-256> debug1: kex_input_ext_info: publickey-hostbound@openssh.com (unrecognised) debug1: kex_input_ext_info: ping@openssh.com (unrecognised) debug1: SSH2_MSG_SERVICE_ACCEPT received debug1: Authentications that can continue: publickey,password debug1: Next authentication method: publickey debug1: Offering public key: C:\\Users\\me/.ssh/id_rsa RSA KEYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY debug1: Authentications that can continue: publickey,password debug1: Trying private key: C:\\Users\\me/.ssh/id_dsa debug1: Trying private key: C:\\Users\\me/.ssh/id_ecdsa debug1: Trying private key: C:\\Users\\me/.ssh/id_ed25519 debug1: Trying private key: C:\\Users\\me/.ssh/id_xmss debug1: Next authentication method: password debug1: read_passphrase: can't open /dev/tty: No such file or directory I'm not sure what is causing this error and any help is appreciated. If I just need to make a new key and send it to my server again (a pain on powershell since ssh-copy-id doesn't work...) I will, just need advice on this matter.

I'm trying to enable the anyip kernel function but for some reason it doesn't want to work on vps. I ordered myself a VPS with an ipv6/64 subnet all addresses work in this subnet if you add them manually. my ip -6 a:

1: lo:  mtu 65536 state UNKNOWN qlen 1000
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: ens3:  mtu 1500 state UP qlen 1000
    inet6 2a09:7c44:0:de::1/32 scope global 
       valid_lft forever preferred_lft forever
    inet6 fe80::5054:ff:fe67:ff9b/64 scope link 
       valid_lft forever preferred_lft forever

**what I did** - added route: ip -6 route add local 2a09:7c44:0:de::/64 dev lo this should be enough to work, but it is not. I can ping from the remote server only this address 2a09:7c44:0:de::1 (but I can't ping any ip) but all addresses from this subnet are pinged locally my route tables:

root@vm2171415:~# ip -6 route show table 255
local ::1 dev lo proto kernel metric 0 pref medium
local 2a09:7c44:0:de::1 dev ens3 proto kernel metric 0 pref medium
local 2a09:7c44:0:de::/64 dev lo metric 1024 pref medium
local fe80::5054:ff:fe67:ff9b dev ens3 proto kernel metric 0 pref medium
multicast ff00::/8 dev ens3 proto kernel metric 256 pref medium

and i check any address:

root@vm2171415:~# ip -6 route get 2a09:7c44:0:de::6
local 2a09:7c44:0:de::6 from :: dev lo table local src 2a09:7c44:0:de::1 metric 1024 pref medium

I also tried using different programs that work with anyip, for example, freebind, but they do not work. Can you tell me what could be preventing this function from working? ping result From 2a09:7c44:0:de::1 to 2a09:7c42:0:3a::3

root@vm2171415:~# ping6 2a09:7c42:0:3a::3
PING 2a09:7c42:0:3a::3(2a09:7c42:0:3a::3) 56 data bytes
From 2a03:afc0:8:200::2 icmp_seq=3 Destination unreachable: Address unreachable
^C
--- 2a09:7c42:0:3a::3 ping statistics ---
19 packets transmitted, 0 received, +1 errors, 100% packet loss, time 18385ms

and result tcpdump in 2a09:7c42:0:3a::

root@vm2180722:~# tcpdump -n -i ens3 "icmp6"
tcpdump: verbose output suppressed, use -v[v]... for full protocol decode
listening on ens3, link-type EN10MB (Ethernet), snapshot length 262144 bytes
22:39:33.231503 IP6 fe80::d207:ca00:fa32:aa00 > ff02::1:ff00:19e8: ICMP6, neighbor solicitation, who has 2a09:7c42:0:50::19e8, length 32
22:39:33.496324 IP6 2a09:7c42:0:109::1 > ff02::1:ff00:1: ICMP6, neighbor solicitation, who has 2a09:7c42::1, length 32
22:39:33.579246 IP6 2a13:6305:0:12::1 > ff02::1:ff00:1: ICMP6, neighbor solicitation, who has 2a13:6305::1, length 32
22:39:34.095786 IP6 2a09:7c42::69d > ff02::1:ff00:1: ICMP6, neighbor solicitation, who has 2a09:7c42::1, length 32
22:39:34.188954 IP6 fe80::d207:ca00:fa32:aa00 > ff02::1:ff00:19e8: ICMP6, neighbor solicitation, who has 2a09:7c42:0:50::19e8, length 32
22:39:34.449222 IP6 2a09:7c42:0:e0::1 > ff02::1:ff00:1: ICMP6, neighbor solicitation, who has 2a09:7c42::1, length 32
22:39:35.188243 IP6 fe80::d207:ca00:fa32:aa00 > ff02::1:ff00:b286: ICMP6, neighbor solicitation, who has 2a09:7c42:0:23::b286, length 32
22:39:35.188690 IP6 fe80::d207:ca00:fa32:aa00 > ff02::1:ff00:19e8: ICMP6, neighbor solicitation, who has 2a09:7c42:0:50::19e8, length 32
22:39:35.803067 IP6 2a09:7c42::2e8 > ff02::1:ff00:1: ICMP6, neighbor solicitation, who has 2a09:7c42::1, length 32
22:39:35.938031 IP6 2a09:7c42::388 > ff02::1:ff00:1: ICMP6, neighbor solicitation, who has 2a09:7c42::1, length 32
22:39:36.188444 IP6 fe80::d207:ca00:fa32:aa00 > ff02::1:ff00:4aa1: ICMP6, neighbor solicitation, who has 2a09:7c42::4aa1, length 32
22:39:36.190469 IP6 fe80::d207:ca00:fa32:aa00 > ff02::1:ff00:b286: ICMP6, neighbor solicitation, who has 2a09:7c42:0:23::b286, length 32
22:39:37.188840 IP6 fe80::d207:ca00:fa32:aa00 > ff02::1:ff00:4aa1: ICMP6, neighbor solicitation, who has 2a09:7c42::4aa1, length 32
22:39:37.196184 IP6 fe80::d207:ca00:fa32:aa00 > ff02::1:ff00:b286: ICMP6, neighbor solicitation, who has 2a09:7c42:0:23::b286, length 32
22:39:37.733931 IP6 2a09:7c42:0:f6::1 > ff02::1:ff00:1: ICMP6, neighbor solicitation, who has 2a09:7c42::1, length 32
22:39:38.188985 IP6 fe80::d207:ca00:fa32:aa00 > ff02::1:ff00:4aa1: ICMP6, neighbor solicitation, who has 2a09:7c42::4aa1, length 32
22:39:39.124185 IP6 2a09:7c42:0:107::10 > ff02::1:ff00:1: ICMP6, neighbor solicitation, who has 2a09:7c42::1, length 32
22:39:41.565597 IP6 2a09:7c42::145 > ff02::1:ff00:1: ICMP6, neighbor solicitation, who has 2a09:7c42::1, length 32
22:39:42.727165 IP6 2a09:7c42:0:2b::1 > ff02::1:ff00:1: ICMP6, neighbor solicitation, who has 2a09:7c42::1, length 32
22:39:43.202794 IP6 fe80::d207:ca00:fa32:aa00 > ff02::1:ff00:3: ICMP6, neighbor solicitation, who has 2a09:7c42:0:3a::3, length 32
22:39:43.234433 IP6 2a09:7c42:0:bf::1 > ff02::1:ff00:1: ICMP6, neighbor solicitation, who has 2a09:7c42::1, length 32
22:39:44.198568 IP6 fe80::d207:ca00:fa32:aa00 > ff02::1:ff00:3: ICMP6, neighbor solicitation, who has 2a09:7c42:0:3a::3, length 32
22:39:45.197765 IP6 fe80::d207:ca00:fa32:aa00 > ff02::1:ff00:629c: ICMP6, neighbor solicitation, who has 2a09:7c42:0:1e::629c, length 32
22:39:45.197766 IP6 fe80::d207:ca00:fa32:aa00 > ff02::1:ff00:728b: ICMP6, neighbor solicitation, who has 2a09:7c42:0:23::728b, length 32
22:39:45.197766 IP6 fe80::d207:ca00:fa32:aa00 > ff02::1:ff00:3: ICMP6, neighbor solicitation, who has 2a09:7c42:0:3a::3, length 32
22:39:45.645281 IP6 2a09:7c42:0:cf::1 > ff02::1:ff00:1: ICMP6, neighbor solicitation, who has 2a09:7c42::1, length 32
22:39:46.198009 IP6 fe80::d207:ca00:fa32:aa00 > ff02::1:ff00:728b: ICMP6, neighbor solicitation, who has 2a09:7c42:0:23::728b, length 32
22:39:46.198010 IP6 fe80::d207:ca00:fa32:aa00 > ff02::1:ff00:629c: ICMP6, neighbor solicitation, who has 2a09:7c42:0:1e::629c, length 32
22:39:46.827211 IP6 2a09:7c42:0:14::1 > ff02::1:ff00:1: ICMP6, neighbor solicitation, who has 2a09:7c42::1, length 32
22:39:47.197652 IP6 fe80::d207:ca00:fa32:aa00 > ff02::1:ff00:629c: ICMP6, neighbor solicitation, who has 2a09:7c42:0:1e::629c, length 32
22:39:47.197653 IP6 fe80::d207:ca00:fa32:aa00 > ff02::1:ff00:728b: ICMP6, neighbor solicitation, who has 2a09:7c42:0:23::728b, length 32
22:39:48.221917 IP6 fe80::d207:ca00:fa32:aa00 > ff02::1:ff00:1cf6: ICMP6, neighbor solicitation, who has 2a09:7c42:0:50::1cf6, length 32
22:39:49.196819 IP6 fe80::d207:ca00:fa32:aa00 > ff02::1:ff00:1cf6: ICMP6, neighbor solicitation, who has 2a09:7c42:0:50::1cf6, length 32
22:39:49.689227 IP6 2a09:7c42:0:79:: > ff02::1:ff00:1: ICMP6, neighbor solicitation, who has 2a09:7c42::1, length 32
22:39:49.766867 IP6 2a09:7c42::501 > ff02::1:ff00:1: ICMP6, neighbor solicitation, who has 2a09:7c42::1, length 32
22:39:49.935465 IP6 2a09:7c42:0:9d::1 > ff02::1:ff00:1: ICMP6, neighbor solicitation, who has 2a09:7c42::1, length 32
22:39:50.197961 IP6 fe80::d207:ca00:fa32:aa00 > ff02::1:ff00:1cf6: ICMP6, neighbor solicitation, who has 2a09:7c42:0:50::1cf6, length 32
22:39:50.197962 IP6 fe80::d207:ca00:fa32:aa00 > ff02::1:ff00:da96: ICMP6, neighbor solicitation, who has 2a09:7c42:0:23::da96, length 32
22:39:50.465006 IP6 2a09:7c42:0:c3::1 > ff02::1:ff00:1: ICMP6, neighbor solicitation, who has 2a09:7c42::1, length 32
22:39:50.487799 IP6 fe80::5054:ff:fef7:be07 > ff02::2: ICMP6, router solicitation, length 16
22:39:51.197624 IP6 fe80::d207:ca00:fa32:aa00 > ff02::1:ff00:da96: ICMP6, neighbor solicitation, who has 2a09:7c42:0:23::da96, length 32
22:39:51.197624 IP6 fe80::d207:ca00:fa32:aa00 > ff02::1:ff00:5429: ICMP6, neighbor solicitation, who has 2a09:7c42:0:1e::5429, length 32
22:39:52.088695 IP6 2a13:6305:0:b::1 > ff02::1:ff00:1: ICMP6, neighbor solicitation, who has 2a13:6305::1, length 32
22:39:52.196536 IP6 fe80::d207:ca00:fa32:aa00 > ff02::1:ff00:da96: ICMP6, neighbor solicitation, who has 2a09:7c42:0:23::da96, length 32
22:39:52.196536 IP6 fe80::d207:ca00:fa32:aa00 > ff02::1:ff00:5429: ICMP6, neighbor solicitation, who has 2a09:7c42:0:1e::5429, length 32

I rented a vps running Ubuntu on an ARM. I am able to SSH into the device without any problem. However, in order to reload the sshd config, I need to restart the sshd service through systemctl. For some reason, systemctl says it does not exist:

root@ubuntu-4gb-nbg1-1:~# systemctl status sshd.service 
Unit sshd.service could not be found.
root@ubuntu-4gb-nbg1-1:~# systemctl start sshd.service 
Failed to start sshd.service: Unit sshd.service not found.
root@ubuntu-4gb-nbg1-1:~# systemctl enable sshd.service 
Failed to enable unit: Unit file sshd.service does not exist.

Yet, it exists:

root@ubuntu-4gb-nbg1-1:~# systemctl -l --type service --all|grep ssh
  ssh.service                                           loaded    active   running OpenBSD Secure Shell server
● sshd-keygen.service                                   not-found inactive dead    sshd-keygen.service
● sshd.service                                          not-found inactive dead    sshd.service

And is also installed:

root@ubuntu-4gb-nbg1-1:~# sudo apt-get install openssh-server
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
openssh-server is already the newest version (1:9.6p1-3ubuntu13.4).
0 upgraded, 0 newly installed, 0 to remove and 12 not upgraded.

I already tried removing it with purge and reinstalling it, as suggested in this answer, but unfortunately no luck. Problem persists. Anyone have a clue what might be going wrong? It worked just fine two days ago. EDIT: also note that sshd.service is being autocompleted when I TAB on systemctl...

So I'm trying to install the php modules: mysqli, exif, mbstring and dom. But I'm unable to do so... I have apparently managed to install exif and mbstring with this command, yet it doesn't appear on the list of installed modules: [root@~]# php -v PHP 8.1.27 (cli) (built: Jan 24 2024 00:32:48) (NTS) Copyright (c) The PHP Group Zend Engine v4.1.27, Copyright (c) Zend Technologies [root@~]# yum install ea-php81-php-exif.x86_64 Last metadata expiration check: 1:50:15 ago on Wed 14 Feb 2024 11:29:44 AM -03. Package ea-php81-php-exif-8.1.27-1.1.3.cpanel.x86_64 is already installed. Dependencies resolved. Nothing to do. Complete! [root@~]# yum install ea-php81-php-mbstring.x86_64 Last metadata expiration check: 1:54:38 ago on Wed 14 Feb 2024 11:29:44 AM -03. Package ea-php81-php-mbstring-8.1.27-1.1.3.cpanel.x86_64 is already installed. Dependencies resolved. Nothing to do. Complete! [root@~]# php -m [PHP Modules] Core date filter hash json libxml openssl pcntl pcre readline Reflection session SPL standard zlib And I also can't find the mysqli package "No matches found." I have also added the ones I was able to install in the php.ini file but it still doesn't work. This is one of the messages in the error_log: [14-Feb-2024 17:31:47 UTC] PHP Warning: PHP Startup: Unable to load dynamic library 'mbstring.so' (tried: ./mbstring.so (./mbstring.so: cannot open shared object file: No such file or directory), ./mbstring.so.so (./mbstring.so.so: cannot open shared object file: No such file or directory)) in Unknown on line 0

I Have rented a VPS and I want to encrypt it's data, at least on the /home directory, because I don't want the owners of the VPS to have a look at the content of my data. But the server **already has data** on it. my questions are: 1- /home isn't a separate partition, neither /boot .. in this case can I encrypt it? 2- How would the server boot, it's running headless, and I don't have access to it. 3- I have a trusted server on my home, can I use it somehow to hold the password so the VPS server would access it and get the password hash and boot? Thanks a lot, have a nice day.

I recently set up a debian 12 VPS with a new hosting company. It has:

/media/cdrom -> cdrom0/
/media/cdrom0/

And in /etc/fstab:

/dev/sr0        /media/cdrom0   udf,iso9660 user,noauto     0       0

Debian VPSs in my old hosting company do not have that. The new hosting company is well-known and reputable, but I was surprised as it assures customers only plain debian images are used, without modification. Why would the cdrom device be installed for a VPS? I want to remove it; could it be required for something like a recovery process? (Or maybe my old hoster disables cdrom, and the new hoster correctly provisions stock debian?)

I'm doing this all on Debian 12 VPS. * I can install [easypanel](https://easypanel.io) separately & get it working with SSL enabled. * I can install [btcpayserver](https://github.com/btcpayserver/btcpayserver-docker/) separately using [this guide](https://sethforprivacy.com/guides/accepting-monero-via-btcpay-server/) to get BTC/XMR working. * But I can't manage to get both of them working on the same VPS at the same time. I'v tried installing Easypanel first & then installing BTCPayServer but BTCPayServer doesn't get installed at all giving me an error that says:

ERROR: for nginx: Bind for 0.0.0.0:443 failed: port is already allocated

Now I've went the opposite way & installed BTCPayServer first & later on installed EasyPanel. Now it is working. But I can't access my Next.js app that is running on easypanel. I can't even setup a custom URL that on easypanel.mysite.com for some reason. I'm thinking this is due to Nginx which BTCPayServer uses or Traefik which EasyPanel uses. I currently get 503 Service Temporarily Unavailable when I try to open the Next.js app I installed on EasyPanel. How do I go about solving this problem? Easypanel has a [doc about this](https://easypanel.io/docs/guides/custom-traefik-config) . So I did what it said with the help of [Perplexity](https://perplexity.ai) : ### /etc/easypanel/traefik/config/custom.yaml

# Enable debug logs
log:
  level: DEBUG

# Define the entry points
entryPoints:
  web:
    address: ":80"
  websecure:
    address: ":443"

# Enable and configure Let's Encrypt
certificatesResolvers:
  myresolver:
    acme:
      email: "myemail@gmail.com"
      storage: "/etc/traefik/acme/acme.json"
      httpChallenge:
        entryPoint: "web"

# Configure the API
api:
  insecure: true
  dashboard: true

# Define the global configuration
global:
  checkNewVersion: true
  sendAnonymousUsage: true

# Configure access to Docker
providers:
  docker:
    endpoint: "unix:///var/run/docker.sock"
    exposedByDefault: false

# Configure the entry points for the services
http:
  routers:
    btcpayserver-router:
      rule: "Host(btcpay.mysite.com)"
      service: "btcpayserver-service"
      entryPoints:
        - "websecure"
    easypanel-router:
      rule: "Host(easypanel.mysite.com)"
      service: "easypanel-service"
      entryPoints:
        - "websecure"

  services:
    btcpayserver-service:
      loadBalancer:
        servers:
          - url: "http://btcpayserver-docker:80 "
    easypanel-service:
      loadBalancer:
        servers:
          - url: "http://easypanel:80 "

But I can't find out what http://btcpayserver-docker:80 should be replaced with. When I ran docker ps --format "table {{.ID}}\t{{.Names}}" I got this:

CONTAINER ID   NAMES
969e4c50ec21   easypanel.1.vzayltvbta10oaqc3wpnztkq2
37e61e15eab5   sinister-kings_nextjs-app.1.lym2ck5oa18gdtfr3lcirz9rf
7999d7177605   letsencrypt-nginx-proxy-companion
24691446a0bd   nginx-gen
d295cc6dbcd3   btcpayserver_monero_wallet
9f2ed203c36d   generated_nbxplorer_1
b9b8b4463c3d   btcpayserver_bitcoind
f6337df09401   generated_btcpayserver_1
696ff12c318d   tor-gen
aa89e0b619b2   generated_postgres_1
fe8d006707dd   nginx
11cf23a5363d   btcpayserver_monerod
f7d42ade4300   tor

Which one of the btcpayserver do I use on the custom traefik config? Is that config all I need? I know I have to use Reverse Proxy & make one of them go through the others ports but I'm confused on how do I make that work?

I have an **Ubuntu 22.04 VPS** with public IP and I access the VPS with SSH only, I didn't install a GUI like *xrdp* or *VNC*, I intend to add the CloudFlare nameservers to /etc/resolv.conf and maybe this is what it looks like:

nameserver 1.1.1.1
nameserver 127.0.0.53

Is it safe if I do this? Or will I lose my SSH access to this server?

I have a VPS (with AphaVPS) that is running Ubuntu 18.04. Since a couple of days, I cannot reach anymore the VPS through SSH.
I managed to connect using the browser serial console provided by AlphaVPS and from inside the VPS I cannot ping anything. I spoke with the customer support of the provider and they say that everything is completely fine on their side. What could be the issue then? Before this happened I didn't make any configuration changes, nor installed any new package nor anything.