explainshell.com

VN:F [1.9.22_1171]
Rating: 6.0/10 (1 vote cast)

Match linux command-line arguments to view their help text.

stackshare.io

VN:F [1.9.22_1171]
Rating: 8.0/10 (1 vote cast)

Dev / Production stacks for all to see. Handy tool to see what software is trending today.

aws.amazon.com

VN:F [1.9.22_1171]
Rating: 7.7/10 (3 votes cast)

Amazons’s cloud computing & web hosting service.

Amazon RDS for MySQL announces Innovation Release 9.6 in Amazon RDS Database Preview Environment

29 April 2026 @ 8:37 pm

Amazon RDS for MySQL now supports community MySQL Innovation Release 9.6 in the Amazon RDS Database Preview Environment, allowing you to evaluate the latest Innovation Release on Amazon RDS for MySQL. You can deploy MySQL 9.6 in the Amazon RDS Database Preview Environment which provides the benefits of a fully managed database, making it simpler to set up, operate, and monitor databases. MySQL 9.6 is the latest Innovation Release from the MySQL community. MySQL Innovation releases include bug fixes, security patches, as well as new features. MySQL Innovation releases are supported by the community until the next innovation minor, whereas MySQL Long Term Support (LTS) Releases, such as MySQL 8.0 and MySQL 8.4, are supported by the community for up to eight years. Please refer to the MySQL 9.6 relea

Amazon DocumentDB (with MongoDB compatibility) is Now Available in the Canada West (Calgary) Region

29 April 2026 @ 6:00 pm

Amazon DocumentDB (with MongoDB compatibility) is now available in the Canada West (Calgary) region adding to the list of available regions where you can use Amazon DocumentDB. Amazon DocumentDB is a fully managed, native JSON database that makes it simple and cost-effective to operate critical document workloads at virtually any scale without managing infrastructure. Amazon DocumentDB is designed to give you the scalability and durability you need when operating mission-critical MongoDB workloads. Storage scales automatically up to 128TiB without any impact to your application. In addition, Amazon DocumentDB natively integrates with AWS Database Migration Service (DMS), Amazon CloudWatch, AWS CloudTrail, AWS Lambda, AWS Backup and more. Amazon DocumentDB supports millions of requests per second and can be scaled out to 15 low latency read replicas in minutes with no application d

Amazon CloudFront now supports invalidation by cache tag

29 April 2026 @ 5:06 pm

Amazon CloudFront now allows you to invalidate cached objects by cache tag, enabling you to remove groups of related content from CloudFront edge locations with a single invalidation request. Cache tag invalidation simplifies common operational workflows such as updating product information across multiple pages, managing legal takedown requests, handling regulatory compliance requests, and refreshing content across multi-tenant platforms. Previously, invalidating related objects that didn't share a common URL path required tracking individual URLs or using broad wildcard patterns that could unnecessarily clear unrelated content. With invalidation by cache tag, developers and site reliability engineers can tag cached objects when returning an object by including a specified header in HTTP responses with comma-separated tag values. When needed, they can invalidate all objects sharing a tag in one request, maintaining high cache hit ratios while ensuring end users see fresh c

Gemma 4 models are now available in Amazon SageMaker JumpStart

29 April 2026 @ 5:05 pm

Today, AWS announced the availability of Gemma 4 E4B, Gemma 4 26B-A4B, and Gemma 4 31B in Amazon SageMaker JumpStart, expanding the portfolio of foundation models available to AWS customers. These three instruction-tuned models from Google DeepMind bring multimodal capabilities with configurable reasoning, native function calling, and multilingual support across 140+ languages, enabling customers to build sophisticated AI applications across diverse use cases on AWS infrastructure. All three models share a common set of capabilities that address a broad range of enterprise AI use cases: Thinking - Built-in reasoning mode that lets the model think step-by-step before answering Image Understanding - Object detection, document and PDF parsing, screen and UI understanding, chart comprehension, OCR including multilingual, and handwriting recognition Video Understanding - Analyze video content by processing sequences of frames Interleaved Multimodal

Paraphrase-multilingual-MiniLM-L12-v2, Table Transformer Detection, and Bielik-11B-v3.0-Instruct are now available in Amazon SageMaker JumpStart

29 April 2026 @ 5:05 pm

Today, AWS announced the availability of paraphrase-multilingual-MiniLM-L12-v2, Microsoft Table Transformer Detection, and Bielik-11B-v3.0-Instruct in Amazon SageMaker JumpStart. Paraphrase-multilingual-MiniLM-L12-v2 from Sentence Transformers is a lightweight semantic similarity model that maps sentences and paragraphs to a 384-dimensional dense vector space across 50+ languages. It is well suited for finding semantically similar content within and across languages, making it ideal for cross-lingual semantic search, multilingual document clustering, and sentence similarity scoring without requiring language-specific configuration. Microsoft Table Transformer Detection is a DETR-based object detection model trained on the PubTables-1M dataset, purpose-built for detecting tables in unstructured documents such as PDFs and scanned images. It is well suited for document digitization pipelines and automated data extraction workflows that require

Amazon CloudWatch adds visual agent configuration to the EC2 console

29 April 2026 @ 5:00 pm

Amazon CloudWatch now provides a visual configuration editor for the CloudWatch agent directly in the Amazon EC2 console, enabling you to set up and manage observability for your EC2 instances without hand-editing JSON. The CloudWatch agent collects infrastructure and application metrics, logs, and traces from EC2 instances and sends them to CloudWatch and AWS X-Ray. With the new visual editor, you can build agent configurations graphically, selecting metrics, log sources, and deployment targets, and deploy with a single click. From the EC2 console, you can select one or more instances, install the CloudWatch agent, or create tag-based policies for automated fleet-wide management. From the instance detail page, you can view agent status, update configurations, and troubleshoot agent health. Automated policies automatically apply the correct monitoring settings to every new instance, including those launched by auto-scaling. To get started, navigat

OpenAI GPT OSS and NVIDIA Nemotron Models Available on Amazon Bedrock in AWS GovCloud (US)

29 April 2026 @ 3:18 pm

Amazon Bedrock now supports OpenAI's open-weight GPT OSS models (120B and 20B) and NVIDIA Nemotron (Nano 9B v2, Nano 12B v2, Nano 30B, Super 120B) models expanding your ability to build and scale generative AI applications with diverse, high-performance foundation models. This offers the flexibility to leverage OpenAI's and NVIDIA's latest models alongside other leading AI models through a single, unified API—allowing you to select the best model for each specific use case without changing your application code. OpenAI GPT OSS models deliver powerful language understanding and generation capabilities with open-weight architectures, enabling enterprises to build sophisticated AI applications with transparency and flexibility. NVIDIA Nemotron models offer both small language model (SLM) and large language model (LLM) capabilities delivering high compute efficiency and accuracy that developers can use to build specialized agentic AI systems. The models are fully open with op

Amazon Quick Adds Custom Sort for Filter Controls

29 April 2026 @ 3:00 pm

Quick Sight in Amazon Quick now supports custom sort for filter controls, giving authors control over how values appear in dropdown and list controls. Previously, filter control values were always sorted alphabetically. With custom sort, authors can arrange values to match business logic or rank them by a related metric, so the most relevant options appear first. Custom sort applies to dropdown and list controls, both single-select and multi-select. Authors can choose ascending, descending, or a fully user-defined order for controls with manually entered values. For controls tied to a dataset column, authors can sort by that column or by a different field using aggregation functions like Sum, Average, Count, Min, and Max. For example, a priority field can be ordered as Critical, High, Medium, Low instead of alphabetically, or a list of product categories can be ranked by total revenue so top sellers surface first. This feature is now available in

AWS Transfer Family Terraform module now supports Okta and Microsoft Entra ID integration examples

29 April 2026 @ 10:00 am

AWS Transfer Family Terraform module now includes end-to-end examples for deploying Transfer Family endpoints integrated with Okta and Microsoft Entra ID as custom identity providers (IdP) for authentication and access control. This allows enterprises already using these platforms to automate and streamline the deployment of Transfer Family servers with their existing identity infrastructure. The Terraform module and examples are based on the open source Custom IdP solution, which provides standardized integration with widely used identity providers and includes built-in security controls such as multi-factor authentication, audit logging, and per-user IP all

Amazon RDS for Db2 is now available in the AWS GovCloud (US-East, US-West) Regions

29 April 2026 @ 7:21 am

Amazon Relational Database Service (Amazon RDS) for Db2 is now available in the AWS GovCloud (US-East, US-West) Regions. Amazon RDS for Db2 makes it easy to set up, operate, and scale Db2 databases in the cloud. Customers can deploy a Db2 database in minutes with automatically configured parameters for optimal performance. For databases setup with Multi-AZ configuration, Amazon RDS performs synchronous replication to a standby instance in a different Availability Zone to provide high availability. To use Amazon RDS for Db2, customers can use Bring Your Own License (BYOL) available in Standard and Advanced Editions. Your RDS for Db2 usage may be eligible for Database Savings Plan, a flexible pricing model that offers savings in exchange for a commitment to a specific amount of usage (measured in $/hour) over a 1-year term. You can learn more about eligible usage on the

networkworld.com

VN:F [1.9.22_1171]
Rating: 6.0/10 (1 vote cast)

Information, intelligence and insight for Network and IT Executives.

QuEra claims quantum error correction breakthrough with 2-to-1 qubit ratio

30 April 2026 @ 2:37 pm

Quantum computers are prone to high error rates, so, to make qubits usable, a lot of redundancy is required. It typically takes hundreds—even thousands—of physical qubits to make one usable, “logical” qubit. This has been a major obstacle to the development of practical quantum computers. If thousands of qubits are needed for a quantum computer to do anything useful, and it takes a thousand physi

HPE expands ProLiant line with rugged edge servers

30 April 2026 @ 1:54 pm

HPE has expanded its Proliant server family with a trio of new boxes aimed at supporting distributed AI and other workloads in all manner of edge locations. The new servers include two Gen12-based boxes known as HPE ProLiant Compute EL2000 chassis and the HPE ProLiant DL145 Gen11 server, all optimized for harsh or remote edge environments across branch offices, retail, manufacturing, factories, power plants, and national security-related operations, the company stated. “Purpose‑built infrastructure is not a feature or a certification. It is a system‑level design approach that accounts for environment, performance, security, and operations together,” wrote

Deconstructing the data center: A massive (and massively liberating) project

30 April 2026 @ 9:00 am

A few years back, Bhaskar Ramachandran read the tea leaves and what he saw was clear: With all the enhancements hyperscalers continuous make, there was no value in having on-premises data centers any longer. “There is just no way for a private company to match that,” says Ramachandran, global vice president and CIO of paints and coatings manufacturer PPG. “This is their business, and they’re really good at it, and it was clear that the size of the hyperscalers is just going to win over the infrastructure game. So it didn’t make sense for us to keep up with the infrastructure.�

Cisco bolsters security, AI support in latest SD-WAN release

29 April 2026 @ 8:57 pm

Cisco has bolstered the security and AI control features in its latest release of SD-WAN software. The company rolled out Cisco SD-WAN 26.1.1 with a number of new features that, for example, let enterprise customers define security policies once and apply them consistently across the network, gain end-to-end visibility, and pivot from a traditional WAN to a high-performance, AI-ready fabric—all without requiring a major ar

The era of chatbot AIOps is fading as agentic AI gains traction

29 April 2026 @ 8:00 pm

New research from Enterprise Management Associates (EMA) suggests that the first wave of AI adoption—centered on chatbots and virtual assistants—is succumbing to an AI agent-driven model. In a survey of 458 IT professionals actively using AI in network operations, EMA found that just 15% prefer traditional chatbot-style interfaces. The same respondents also reported the lowest levels of success with their AI initiatives. Organizations lean

Auvik bets agentic AI can fill the networking skills gap

29 April 2026 @ 5:56 pm

IT teams managing multi-vendor networks are dealing with a growing volume of alerts and a shrinking pool of engineers with the expertise to act on them. AI, and more specifically agentic AI, is increasingly being positioned as the approach to solve that challenge. The latest vendor to embrace agentic AI is Auvik, which has been building out a cloud-based IT and network management platform for the past 15 years. The company was founded with a straightforward mission: bring network management to organizations that couldn’t afford the complexity of traditional

2026 network outage report and internet health check

28 April 2026 @ 4:32 pm

ThousandEyes, a Cisco company, monitors how ISPs, cloud providers and conferencing services are handling any performance challenges and provides Network World with a weekly roundup of events that impact service delivery. Read on to see the latest analysis, and stop back next week for another update on internet and cloud traffic performance. Note: We have archived prior-year outage updates, including our reports from 2025, 2024,

Infected Cisco firewalls need cold start to clear persistent Firestarter backdoor

28 April 2026 @ 3:02 pm

Security researchers have discovered a chilling backdoor aimed at Cisco System firewalls that exploits unpatched vulnerabilities to maintain persistence, even after patching. This means that attackers can continue to access compromised devices without re-exploiting the holes. At risk are devices running Cisco ASA or Firepower software, including certain Firepower and Secure Firewall devices. So far, however, the US Cybersecurity and Infrastructure Security Agency (CISA) has only seen a successful implant of the malware, dubbed Firestarter, in the wild on a Cisco Firepower device running ASA software.

AI data bursts force rethink of data center networking at Backblaze

28 April 2026 @ 2:11 pm

Cloud storage provider Backblaze has been ripping out its 100-gigabit links and replacing them with 400-gigabit links because AI has changed how traffic flows inside their data center. AI workloads running on neocloud providers like CoreWeave and Lambda are creating bursty, unpredictable flows that overwhelm traditional capacity planning models designed for traditional, steady-state cloud traffic. “When we are seeing these large data flows, when they transfer through our network, there may be saturation points,” says

Nvidia’s ‘AI insurance policy’ balances immediate and future AI approaches

27 April 2026 @ 2:32 pm

AI is promising a lot these days, to change how we work, influence how we live, and transform network traffic. It’s interesting, exciting even, but suppose it’s all hype? Wall Street has been increasingly antsy about AI claims, and Nvidia is arguably in the spotlight of their fears, just as it’s in the spotlight of AI. Will our current AI model transform everything, including the financial fortunes of AI giants like Nvidia? It’s a risk, and if you’re facing risk what do you do? Buy insurance…but buy the right kind. Almost all the current AI

forensicswiki.org

VN:F [1.9.22_1171]
Rating: 8.0/10 (1 vote cast)

Computer forensic tools and techniques used by investigators

cyberciti.biz

VN:F [1.9.22_1171]
Rating: 6.0/10 (2 votes cast)

online community of new and seasoned Linux / Unix sysadmins.

Unable to load the feed. Please try again later.

heartinternet.co.uk

VN:F [1.9.22_1171]
Rating: 8.3/10 (3 votes cast)

Hosting packages for an initial web presence

How to Reduce the Bounce Rate of Your WordPress Site

24 April 2026 @ 10:30 am

The post How to Reduce the Bounce Rate of Your WordPress Site appeared first on Heart Internet.

How to Check for Available Domains

31 March 2026 @ 1:48 pm

The post How to Check for Available Domains appeared first on Heart Internet.

SSL Certificates are changing. Here’s what you need to know.

17 March 2026 @ 10:12 am

The rules around SSL certificates are changing across the whole internet. The good news is that for most customers, very little will change on your side. This is an industry-wide... The post SSL Certificates are changing. Here’s what you need to know. appeared first on Heart Internet.

Hosting VPS Linux vs Windows VPS

9 March 2026 @ 3:03 pm

The post Hosting VPS Linux vs Windows VPS appeared first on Heart Internet.

Domain Name Transfer Checklist: Everything You Need to Know

3 March 2026 @ 2:56 pm

The post Domain Name Transfer Checklist: Everything You Need to Know appeared first on Heart Internet.

Heart Internet Win Gapstars Innovation Award 2026

23 February 2026 @ 11:57 am

We’re incredibly proud to celebrate our Site Reliability Engineering team, who have won the Gapstars Innovation Award for their outstanding work improving platform stability, security, and visibility across our shared... The post Heart Internet Win Gapstars Innovation Award 2026 appeared first on Heart Internet.

A/B Testing Explained: A Practical Guide To Better Results | Part 1

20 February 2026 @ 8:32 am

If you want to improve your website you probably need to do A/B testing, otherwise known as split testing. Instead of guessing, A/B testing allows you to experiment more scientifically.... The post A/B Testing Explained: A Practical Guide To Better Results | Part 1 appeared first on Heart Internet.

How to enable two-factor authentication (2FA) on your Heart Internet account

28 January 2026 @ 12:37 pm

Account security matters, and switching on two-factor authentication (2FA) is a quick win. 2FA adds a second check during the sign-in process, so even if someone compromises your password, they still can’t get in.  To enable 2FA:  Step 1: Open your... The post How to enable two-factor authentication (2FA) on your Heart Internet account appeared first on Heart Internet.

How to Choose the Perfect Domain Name for Your Business

9 July 2025 @ 9:30 am

Get Your Name Right – The Internet Never Forgets Choosing a domain name might sound simple – until you realise it’s the online equivalent of naming your child. No pressure.... The post How to Choose the Perfect Domain Name for Your Business appeared first on Heart Internet.

What is a VPS? And is it Time You Got One?

25 June 2025 @ 9:30 am

Discover what a VPS server is, how VPS hosting works, and why it’s ideal for small businesses. Learn the benefits and explore VPS plans with Heart Internet. The post What is a VPS? And is it Time You Got One? appeared first on Heart Internet.

serverfault.com

VN:F [1.9.22_1171]
Rating: 6.0/10 (1 vote cast)

Common Server issues – FAQs and answers from those in the know

Setting up Hysteria 2 tunnel on 3X-UI + v2rayN (PC)

29 April 2026 @ 6:10 pm

Goal: To bypass China's Great Firewall. Use Hysteria for all UDP traffic to increase speed for streaming videos and games. Then use VLESS for everything else (TCP). I got VLESS + Reality set up and working with help mostly from Gemini AI: 3X-UI on Ubuntu 24 on a Hong Kong server with CN2 GIA (optimized connection) to China No firewalls or security groups on the server v2rayN on Windows 11 But I want to take it the next step and also add Hysteria 2, but it's hard to get the correct info from AI and unfortunately there is very little info on setup guides (there are some Chinese videos, but no auto-translation). So far what I got for Hysteria 2 Inbound on 3X-UI: Port 4443 (3X-UI won't let me use 443 since VLESS is using that) I clicked "Set Cert from Panel" to fill in the public/private keys Everything else blank or default like blank SNI, uTLS=chrome, ALPN=h3, etc.

Does an MTU of 65202 make sense in a PCIe-based cluster network?

27 April 2026 @ 3:40 pm

I'm migrating from an old stand-alone server to a 4-way cluster, whose nodes (and control board, which also acts as a router to the outside world) are networked by a backplane with PCI Express packet switch (see the datasheet for details). Whilst fighting slow operation and instabilities, I found out that the manufacturer had set the MTU of the PCIe link to 65202, which is maybe normal for loopback connections, but not for a "real" network interface (irrelevant entries omitted): mixtile@blade3n3:~$ ip addr show […] 6: pci0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 65202 qdisc fq_codel state UP group default qlen 50000 link/ether 02:b9:24:b7:73:0a brd ff:ff:ff:ff:ff:ff inet 10.20.0.13/24 metric 100 brd 10.20.0.255 scope global pci0 valid_lft forever preferred_lft forever inet6 fe80::b9:24ff:feb7:730a/64 scope link valid_lft f

What permissions is my user lacking for zfs send pool replication?

27 April 2026 @ 2:52 pm

Sending from a zraid0-1 on TrueNAS 26.0.0-BETA.1 (zfs-2.4.1-1 zfs-kmod-2.4.1-1) to a zfs zraid0-1 array on Zima's CasaOS (zfs-2.3.2-1 zfs-kmod-2.3.2-1). I'm probably going to install TrueNAS 26.0.0-BETA.1 on the Zima (Zima is a hardware brand) host if I can't figure this out today. Thanks for any suggestions. On the target (recipient host) I set these permissions. zfs allow -u supdog -d receive,create,mount,dedup,snapdir,copies,userprop,keyformat,keylocation,pbkdf2iters zima/xool Then I sent using this command: zfs send -w -c -R xool@rebalance | ssh [email protected] zfs receive -s -F zima/xool The transfer ran for several hours and towards the end I started seeing these errors. cannot receive org.freenas:description property on zima/xool/supdog: permission denied cannot receive copies property on zima/xool/supdog: permission denied cannot receive snapdir property on zima/xool/.system: permission denied cannot receive readonly property on zima/x

Scheduled Task set to run every X minutes does not work after server reboot

27 April 2026 @ 1:46 pm

I have a script set to run every 5 minutes in the Windows 2019 task scheduler, and after a server reboot it never just resumes at the next expected interval. To fix it I have to edit the schedule, set it to the next expected runtime, then save (and re-enter the domain account password). What's going on here? Is it not maintaining the saved credentials across the reboot? Do I have some checkbox set wrong on the "Conditions" or "Settings" tab? Am I missing a role? To clarify, I'm using a scheduled trigger, set to "daily" at an arbitrary time (say midnight), with "repeat task every 5 minutes". If it ran at 10am, is rebooted at 10:02am, shouldn't it know that it was next scheduled to run at 10:05am? (This is how schedules work in SQL Server Agent, for example.) Or will it not run until the following midnight?

Clarification on MACC Eligibility & Reference Architecture for Hybrid SaaS (Azure Marketplace)

27 April 2026 @ 12:43 pm

We are currently in the process of listing our hybrid SaaS solution on the Azure Marketplace as a transactable offer and would like clarification on the path toward MACC eligibility. Our understanding of the progression is: Publish SaaS offer on Azure Marketplace Achieve Co-sell Ready status Qualify for Azure IP Co-sell eligibility Become eligible for MACC-aligned deals We have a few specific questions regarding hybrid SaaS scenarios: Reference Architecture Diagram (RAD) Requirements For Azure IP Co-sell eligibility, we understand that a Reference Architecture Diagram demonstrating Azure service utilization is required. In our case, the product is a hybrid SaaS solution with limited direct Azure workload hosting. Most of our Azure interaction is through: Azure APIs / integration endpoints Azure Marketplace SaaS fulfillment A

On Rocky Linux, how can I know *before* installing it if updating a package will require a reboot?

27 April 2026 @ 8:08 am

After updating one or more packages with dnf, I usually use the needs-restarting command to find out if the server needs a reboot, but when the dnf update command finishes, the update has already been done and I have to reboot. What I'd like to do is know before installing a package if that update will require a reboot. The reason is simple: to keep the system updated automatically and postpone updates that require a reboot until a later manual intervention. I'd need something like: [user@host ~]# needs-a-reboot-after <PackageName> [enter] If you install/update "<PackageName>", you'll need to reboot the server. [user@host ~]# Is there already something out there that does this? Thanks everyone...

Ceph web dashboard can't display OSDs and devices

26 April 2026 @ 11:58 am

I've now got my Ceph cluster almost ready to use, but in the web dashboard, I don't see any of the four OSDs I've created. Neither do I find any of my NVMe drives the OSDs reside on: Expand cluster → OSDs Error message: No devices (HDD, SSD or NVME) were found. Creation of OSDs will remain disabled until devices are added. Here is what I get on the command line: mixtile@blade3n1:~$ sudo ceph osd tree [sudo] password for mixtile: ID CLASS WEIGHT TYPE NAME STATUS REWEIGHT PRI-AFF -1 29.80798 root default -9 7.45200 host blade3n1 3 ssd 7.45200 osd.3 up 1.00000 1.00000 -7 7.45200 host blade3n2 2 ssd 7.45200 osd.2 up 1.

AWS PA-VM with GWLB gets no packets

24 April 2026 @ 1:39 pm

I have a Palo Alto PA-VM in AWS set up for a "bump-in-the-wire" firewall for traffic in the same region but different VPC and different account with a Gateway Load-Balancer (GWLB) in between. The short version of this question: does a proper GWLB setup (same region, different accounts) for a "hairpin", "bump-on-the-wire", "north-south" traffic inspection require extra pieces (such as a TGW or other intermediary step) for packets to actually reach the firewall? Is there another technical limitation I'm overlooking? I tried this same setup in my test environment first (all in the same region using different VPCs, main difference was everything on the same account) and it worked fine. I'm cheap, so I swapped the PA-VM for a Linux EC2 at that time. The current setup will have traffic moving as follows: random internet client --> IGW (data vpc) --> VPCendpoint (data vpc, for GWLB) --> GWLB (fw vpc) -->

Updating dynamically a resource record using DoT

15 April 2026 @ 2:09 pm

I am trying to update resource records on a primary DNS bind9 server from a client using nsupdate. There is no issue when using the default 53 port. An issue appears when using DoT (DNS over TLS) over the port 853. The primary DNS bind9 server configuration includes: # named.conf.options tls tls-configuration { cert-file "/path/to/full_chain_cert_file"; cipher-suites "list_of_cipher_suites"; key-file "/path/to/key_file"; prefer-server-ciphers yes; protocols { TLSv1.3; }; session-tickets no; }; options { ... listen-on port 853 tls tls-configuration { !172.16.0.0/12; any; }; listen-on-v6 port 853 tls tls-configuration { !fe80::/10; any; }; ... }; Verifying the DNS server certificate from the client: $ openssl s_client -conne

How to use certbot certificates for exim TLS? How to set permissions?

10 January 2026 @ 7:25 am

I have certbot that keep a valid certificate and key in its folder /etc/letsencrypt/archive/ The cert is public (644) and key is restricted to root (600). I'm wondering how can I let exim read as TLS certificate. Exim doesn't run as root and cannot read the key. I imagine is not a good idea to change key permission to a group with exim use, what is the best practice? Does certbot like to change its key permission? What happen at key renewal?

poundhost.com

VN:F [1.9.22_1171]
Rating: 6.7/10 (3 votes cast)

Cheap dedicated server hosting

tagadab.com

VN:F [1.9.22_1171]
Rating: 8.0/10 (1 vote cast)

Cheap developer VPS hosting from £10