I know the .dev top-level domain requires all sites to support only encrypted HTTPS connections, disallowing any HTTP connections.
Are there other such TLDs?
I want every URL coming into my Tomcat web server to carry the www subdomain prefix.
How can I have Tomcat alter an incoming URL such as this:
http://Example.com/whatever
…to include the www subdomain prefix:
http://www.Example.com/whatever
The goal is that my Java Servlets receive URLs that always carry the www prefix.
I have been told that DNS is not the place to do this. Supposedly, the web server is the proper place to adjust from bare domain to subdomain.
Is URL redirection what I need? If so, how do I configure Tomcat for that?
As an alternative to making an ssh connection to your Droplet on DigitalOcean, they offer a "Console" which is a VNC connection, akin to plugging a monitor and keyboard into your virtual server.
When opening such a Console window, I am prompted for a login and then password.
Having created my Droplet with a SSH key, I do not know what the login might be, nor what the password might be.
➥ How does one login via the Console to a Droplet on DigitalOcean?
My Droplet is running FreeBSD 12, if that matters.
I have seen the documentation page, How to Regain Access to Droplets using the DigitalOcean Droplet Console. That page does have a section Log In with the Console. But little explanation of the login name or password is given. It mentions:
At the login prompt, enter the user you want to log in as. This will typically be the root user or a user configured with sudo privileges.
But for my new FreeBSD droplet, root did not work as a login name.
If I use the freebsd user, I am stuck at the prompt for a password. There is no password established, so Catch-22.
login: freebsd
Password:
Login incorrect
login:
…and on it goes.
I have been using FreeBSD running an a virtual machine at DigitalOcean.com.
I use Secure Shell (SSH) from my Mac to remote into a console session on the VM. I used ssh-keygen to create the pair of encryption keys.
I deployed the public one copied to the FreeBSD SSH server. I did so via a back-door web-page supplied by Digital Ocean, pasting the text contents of the public key to a text field in a form.
That works well, logging me in for both root and freebsd users present by default on my new FreeBSD VM. When I connect via either the root or freebsd user accounts via ssh, I am prompted to provide the passphrase protecting my local private key.
ssh [email protected]
…or…
ssh [email protected]
Then I installed the Postgres database system onto this FreeBSD server. As part of the scripts used to build and install Postgres, a third user account is added to the FreeBSD machine. By convention, the new account is named postgres. I gave that user a password using the passwd utility.
When I connect to the FreeBSD server as that user:
ssh [email protected]
…I am prompted for that postgres user’s own password. I am not prompted for the password protecting my local private encryption key.
➥ Why is the postgres user treated differently than root & freebsd with regard to using the public/private SSH keys to log me in?
FYI, I never touched any authorized_keys file on the remote SSH server (my FreeBSD VM).
My Question here may be a duplicate of Public SSH keys not working for all users on same server, I’m not sure.
Having built Postgres 11.1 on my FreeBSD 11.2 machine, where might I find the logs output from Postgres.
Specifically, when attempting to start Postgres for the first time, I get an error message from pg_ctl telling me to example the logs for an explanation of the problem.
$ /usr/local/bin/pg_ctl -D /var/db/postgres/data11 -l logfile start
pg_ctl: another server might be running; trying to start server anyway
waiting for server to start.... stopped waiting
pg_ctl: could not start server
Examine the log output.
When building Postgres, the final output mentions:
NB. FreeBSD's PostgreSQL port logs to syslog by default
See ~pgsql/data/postgresql.conf for more info
When I look in that file, the only entry on logging is:
log_destination = 'syslog'
➥ How do I query syslog for my Postgres logs?
How to get a list of usernames assigned to a group in FreeBSD 11.1?
This Question asks for a list of users or a list of groups.
This Question asks for users who happen to be members of multiple specific groups.
➥ But how to ask simply for a list of users currently assigned to a single specific group, such wheel?
I prefer a solution in a single command if possible. But if not feasible, a script would be useful and educational.
When I look to my up-to-date Ports collection:
cd /usr/ports/java && ls -d openjdk*
… I see only versions 6, 7, and 8 of Java in the OpenJDK releases:
openjdk6 openjdk6-jre openjdk7 openjdk7-jre openjdk8 openjdk8-jre
➥ How does one obtain and install an open-source versions of the Java platform later than 8? That would be versions 9, 10, 11, or 12 of Java? Preferably at least 11, that being the LTS (long-term support) release.
The FreeBSD Java® Project page is suspiciously quiet about anything since Java 8.
I know there are various sources for Java such as:
- Azul Systems
- AdoptOpenJDK
- OpenJ9 by Eclipse
- IBM
- Oracle
- Red Hat
- Amazon Corretto
But none of these offer a BSD-specific release, not that I could find.
Use Java for Linux?
Some of those sources do offer Linux releases. Does Java for Linux run on a FreeBSD machine using the Linux® Binary Compatibility feature?
Is that the usual way to run Java on FreeBSD nowadays?
Previous Questions on this topic
My question here is an updated version of questions such as these listed below. (Much has changed in the Java world since these were posted!)
When first connecting via SSH with keys to a newly minted Digital Ocean droplet VM running FreeBSD (per this tutorial), we get a message about “The authenticity of host blah-blah can’t be established”. I understand this means my computer has no stored fingerprint against which to compare. So my SSH client has no way of knowing if the SSH server on the other side is legitimate or not.
At this point, we have two choices:
- We can blindly forge on by accepting this connection per the TOFU “Trust On First Use” anti‑security model. If we are the subject of a Man in the Middle attack, we are falling prey to their trap.
- Or we can discover the fingerprint of the server by some other means, to compare against the fingerprint being presented here in this first connection.
Amazon provides such a mechanism for their EC2 instances, to learn the new server’s fingerprint, as discussed here.
➥ Is there such a mechanism for a Digital Ocean “droplet” virtual machine instance, to learn the server’s fingerprint?
I edited the "server.xml" file in Tomcat 8’s conf folder. I added a new Host tag for a new web site.
Must I restart the Tomcat server?
Can I get Tomcat to parse and apply the newly edited server.xml?