OVH Community, your new community space.

Said I wanted better news - here it is


accordfire
30-08-2013, 22:48
Quote Originally Posted by LinuxGam
:-) I have always slept walked, which was where my idea came from (you know sleepwalkers never use sudo ;-) )

What's funny is I tend to sleep walk more if I haven't had enough sleep for a few nights, I think it's something to do with missing REM.

Glad you with me on the root stuff, I am a bit evil for regularly sudo SU, but at least its me not someone breaking in via SSH :-)

Also I always drop all FORWARDS and INPUTS on IPTables, leave SSH 22 and log drops, then work backwards :-)

Hmm - Sudo SU certainly - I think it's hard not to, as after a few "sudo" everythings, it gets tedious fast in a simpler terminal. Like many of us, if I'm thinking apt-get, being marginally more of a Debian head over the years, also not worrying about test servers floating around internally where I didn't need a disabled root - it's a mental process it's hard to escape from - I mean as far as the server goes, root is god, as I am god, as my users kneel before me lol! No, not really, not even at all - but, they still want it working yesterday!

So security (albeit that's what our business is in the real world) in an IT environment is something I'm later catching up to, but nobody can afford not to now really.

Fail2Ban - yeah, but there are far, far worse things out there....like setting the root password to, oh, passw0rd, or some similar silly thing.

LinuxGam
30-08-2013, 21:18
Oh and install Fail2ban. I know it could be used against me.... however all my break ins are script kiddy scans not a dedicated hacker that hates me.

LinuxGam
30-08-2013, 21:16
Quote Originally Posted by accordfire
Erm. My bad - I meant I was happy it was root enabled for set up really - once the server goes live, root is disabled on everything. We do use certs too though in any case, as it's "out there" at least in some respect. And yes, you're dead right too, root is power and abuse - and even with ports, servers, and whatever else shut down, just like real life, hand someone the keys, don't be surprised when they just walk in (or drive off).

So, once I've done my set up, it's locked down tight - all the basics and the clever bits too

I would sleep walk, I'm sure - it feels like it sometimes tbh - but I understand that sleep is a requirement for sleep walking, which kinda lets me out.
:-) I have always slept walked, which was where my idea came from (you know sleepwalkers never use sudo ;-) )

What's funny is I tend to sleep walk more if I haven't had enough sleep for a few nights, I think it's something to do with missing REM.

Glad you with me on the root stuff, I am a bit evil for regularly sudo SU, but at least its me not someone breaking in via SSH :-)

Also I always drop all FORWARDS and INPUTS on IPTables, leave SSH 22 and log drops, then work backwards :-)

accordfire
30-08-2013, 21:06
Quote Originally Posted by LinuxGam
Do you mean you were happy it was enabled so you didn't have to use Sudo? The first thing I did with my server after the standard apt-get update and upgrade was create an account and disable root.

It's really not a great idea to leave the account enabled with a public SSH unless you are using certificates. Even then it's just way safer to not have it enabled as its the obvious target in all break-ins and you have sudo after all.

You also might sleep walk one night log in and do rm -r * in the root dir.
Erm. My bad - I meant I was happy it was root enabled for set up really - once the server goes live, root is disabled on everything. We do use certs too though in any case, as it's "out there" at least in some respect. And yes, you're dead right too, root is power and abuse - and even with ports, servers, and whatever else shut down, just like real life, hand someone the keys, don't be surprised when they just walk in (or drive off).

So, once I've done my set up, it's locked down tight - all the basics and the clever bits too

I would sleep walk, I'm sure - it feels like it sometimes tbh - but I understand that sleep is a requirement for sleep walking, which kinda lets me out.

andha
30-08-2013, 19:55
kinda tempted to make a new order and see which one turns up first lol

LinuxGam
30-08-2013, 19:48
Quote Originally Posted by accordfire
I didn't have to workaround a disabled root user - done for me by default.
Do you mean you were happy it was enabled so you didn't have to use Sudo? The first thing I did with my server after the standard apt-get update and upgrade was create an account and disable root.

It's really not a great idea to leave the account enabled with a public SSH unless you are using certificates. Even then it's just way safer to not have it enabled as its the obvious target in all break-ins and you have sudo after all.

You also might sleep walk one night log in and do rm -r * in the root dir.

arcadia171e
30-08-2013, 19:42
Ordered and paid for mine on Aug 6.

Still waiting....

accordfire
30-08-2013, 19:19
Quote Originally Posted by andha
When did you order / Pay ? as i ordered an mSP in GRA on the 11th according to CS it was processed on the 14th and i Still have not received it
Oooh... I don't think you're going to like the answer much....

Ordered 21st, mid-dayish on #2199xxxx, paid on the spot, and delivered yesterday 29th around 7am. At the time of order, I didn't know there was a choice of DC either, so it went to whatever the default was, which was seemingly Gravelines at the time.

So, I had an 8 day wait, which I know is a real sight better than very many. I don't think I really bashed Oles or OVH over much - I did send a frowny reply to one of his tweets, and I've tried to take care not to paste the entirety of OVH's staff with Oles coloured paint....

I didn't expect it along when it came though - like most, I had resigned myself to the phantom "end of the week" that never comes. I really don't understand any more than anyone else how the order/delivery at OVH works. Perhaps they've just started throwing darts at the order list, and who's ever it lands on gets theirs. I notice their website is saying nada about delivery times still. Sure the "1Hour" is nowhere near yet though - overall the UK list (if the green numbers are queues) is well over 100 total still for all servers.

andha
30-08-2013, 17:48
When did you order / Pay ? as i ordered an mSP in GRA on the 11th according to CS it was processed on the 14th and i Still have not received it

Tz-OVH
30-08-2013, 17:22
Congrats and always good when people post the good news too

accordfire
30-08-2013, 17:12
Okay, so I've done a few posts in here, and all of them, by the nature of the thing, have been *****ing ones, about what appears by some parts of OVH to have been lamentable customer service, or commendable customer disservice, if you will (see how we can choose to make a negative thing more positive?)

In one of my mutterings, I did ask that OVH gave me something I could see which gave me a reason to write a non-*****ing post. Here it is.

YAY! YES, oh baby, WOO, go on.... Yes, YES, YES!!!! My server came.

In my inbox, yesterday morning, were my login details for my shiny new mSP at GRA. And it works too. I took one look at the pre-requested and hence installed, Owncloud.....and ripped it out of the server. It sucks. OVH does not, in this case.

I have been commendably pleased, so far, with the performance of my server, so much so, that the initial plan I had for it, has now gone through a revision, and will be used for something else - something I've been bale to prove to myself I can do easily with it, which is run the company CRM on it. It is far in excess of the server that sits on now, has great response times, and oodles of space, so what I was trying to do with Owncloud, I can actually do right inside my CRM on the OVH unit.

Well, was it worth the wait? Time will tell, but early indications are good. No issues at all logging in, changing things, seeing what I need to see, getting where I need to go. MOM seems to work. Mostly, I could SSH right on in. Better yet, even with Ubuntu Server, I didn't have to workaround a disabled root user - done for me by default.

If the server holds up to my plans over the coming few weeks, I may, just may, be tempted to join the back of the queue for a couple o Kimfusis as well, as I'm not much into virtualisation yet. I played with Proxmox, and gave up. I know where I am give or take with a headless Ubuntu or Debian server.

So, here it is - OVH, thank you for delivering my server, even though late, and even though the comms were abysmal. I will update further once I know it's as reliable as it seems so far. But first tick is on the card now