couchdb-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tim Tisdall <tisd...@gmail.com>
Subject Re: CouchDB not reachable (beginner's question)
Date Mon, 15 Apr 2013 14:15:24 GMT
What's wrong with ssh'ing as root?


On Mon, Apr 15, 2013 at 10:08 AM, Keith Gable <ziggy@ignition-project.com>wrote:

> But you're SSHing as root, which is probably worse than opening CouchDB to
> the world with no password.
>
> ---
> Keith Gable
> A+, Network+, and Storage+ Certified Professional
> Apple Certified Technical Coordinator
> Mobile Application Developer / Web Developer
>
>
> On Mon, Apr 15, 2013 at 8:45 AM, Tim Tisdall <tisdall@gmail.com> wrote:
>
> > Instead of opening CouchDB to the world, I simply access it by
> > port-forwarding through ssh when I connect to the machine.  Like this:
> >
> > ssh -L 5984:127.0.0.1:5984 root@mymachine.com
> >
> > Then on my local machine I can simply access
> http://localhost:5984/_utils/and
> > up comes futon.  It depends on your use-case, but this works well for me.
> >
> >
> >
> > On Mon, Apr 15, 2013 at 7:14 AM, Stefan Reich <
> > stefan.reich.maker.of.eye@googlemail.com> wrote:
> >
> > > Hmm... maybe you guys can help me solve the rest of the problem?
> (Access
> > to
> > > couchdb from outside)
> > >
> > > These are the last iptables rules in chain INPUT:;
> > >
> > > MY_REJECT  all  --  anywhere             anywhere
> > > ACCEPT     tcp  --  anywhere             anywhere            tcp
> dpt:5984
> > >
> > > Is that not what it should be...? Says "anywhere"... everywhere. Heh.
> > >
> > > Cheers,
> > > Stefan
> > >
> > >
> > > On Mon, Apr 15, 2013 at 1:08 PM, Stefan Reich <
> > > stefan.reich.maker.of.eye@googlemail.com> wrote:
> > >
> > > > OK, thanks for all the answers, folks. It was indeed iptables that
> > > blocked
> > > > the port. This stuff should be designed (much) better in operating
> > > systems.
> > > >
> > > > Actually it's a project of mine to make that better (LuaOS and its
> > > > follow-ups).
> > > >
> > > > I got iptables to allow access locally now. Weirdly, it still doesn't
> > > work
> > > > over the Internet. And no, the server is not behind a firewall... :)
> > > >
> > > > Thanks,
> > > > Stefan
> > > >
> > > >
> > > > On Thu, Apr 11, 2013 at 3:30 AM, Andrey Kuprianov <
> > > > andrey.kouprianov@gmail.com> wrote:
> > > >
> > > >> See if your local.ini bind_address is set to 0.0.0.0 so that you can
> > > >> access
> > > >> it locally and remotely.
> > > >>
> > > >>
> > > >> On Thu, Apr 11, 2013 at 2:54 AM, Stanley Iriele <
> siriele2x3@gmail.com
> > > >> >wrote:
> > > >>
> > > >> > A simple cat of etc/hosts... Should let you know!... And maybe
> > > nsswitch
> > > >> > just to be sure
> > > >> > On Apr 10, 2013 11:22 AM, "Robert Newson" <rnewson@apache.org>
> > wrote:
> > > >> >
> > > >> > > Are you sure localhost == 127.0.0.1 on your machine?
> debian/ubuntu
> > > are
> > > >> > > notorious for changing that convention.
> > > >> > >
> > > >> > > On 10 April 2013 14:20, Stanley Iriele <siriele2x3@gmail.com>
> > > wrote:
> > > >> > > > Why are you telneting to it?...try curling it and see
whatviy
> > > >> responds
> > > >> > > with
> > > >> > > > On Apr 10, 2013 10:47 AM, "Stefan Reich" <
> > > >> > > > stefan.reich.maker.of.eye@googlemail.com> wrote:
> > > >> > > >
> > > >> > > >> Oops, bad copy&paste - here's the actual process
info:
> > > >> > > >>
> > > >> > > >> root@pussy-riot-germany:~/luastuff# ps -aef|grep
7651
> > > >> > > >> couchdb   7651  7650  0 19:44 pts/0    00:00:00
> > > >> > > >> /usr/lib/erlang/erts-5.8/bin/beam.smp -Bd -K true
-- -root
> > > >> > > /usr/lib/erlang
> > > >> > > >> -progname erl -- -home /var/lib/couchdb -- -noshell
-noinput
> > > -sasl
> > > >> > > >> errlog_type error -couch_ini /etc/couchdb/default.ini
> > > >> > > >> /etc/couchdb/local.ini /etc/couchdb/default.ini
> > > >> /etc/couchdb/local.ini
> > > >> > > -s
> > > >> > > >> couch -pidfile /var/run/couchdb/couchdb.pid -heart
> > > >> > > >> couchdb   7682  7651  0 19:44 ?        00:00:00
heart -pid
> 7651
> > > >> -ht 11
> > > >> > > >>
> > > >> > > >> Cheers,
> > > >> > > >> Stefan
> > > >> > > >>
> > > >> > > >>
> > > >> > > >> On Wed, Apr 10, 2013 at 7:46 PM, Stefan Reich <
> > > >> > > >> stefan.reich.maker.of.eye@googlemail.com> wrote:
> > > >> > > >>
> > > >> > > >> > Hi there!
> > > >> > > >> >
> > > >> > > >> > I'd like to start using CouchDB for my projects.
> > > >> > > >> >
> > > >> > > >> > This is on a Linux host. CouchDB installed
from standard
> > Debian
> > > >> > > package,
> > > >> > > >> > no settings altered. But it doesn't start
properly:
> > > >> > > >> >
> > > >> > > >> > root@pussy-riot-germany:~/luastuff# uname
-a
> > > >> > > >> > Linux pussy-riot-germany 2.6.32-042stab068.8
#1 SMP Fri
> Dec 7
> > > >> > 17:06:14
> > > >> > > >> MSK
> > > >> > > >> > 2012 i686 GNU/Linux
> > > >> > > >> > root@pussy-riot-germany:~/luastuff# /etc/init.d/couchdb
> > start
> > > >> > > >> > Starting database server: couchdb.
> > > >> > > >> > root@pussy-riot-germany:~/luastuff# /etc/init.d/couchdb
> > status
> > > >> > > >> > Apache CouchDB is running as process 7651,
time to relax.
> > > >> > > >> > root@pussy-riot-germany:~/luastuff# telnet
localhost 5984
> > > >> > > >> > Trying ::1...
> > > >> > > >> > Trying 127.0.0.1...
> > > >> > > >> > telnet: Unable to connect to remote host:
Connection
> refused
> > > >> > > >> >
> > > >> > > >> > Connection refused?
> > > >> > > >> >
> > > >> > > >> > Here's the process info:
> > > >> > > >> >
> > > >> > > >> > root@pussy-riot-germany:~/luastuff# uname
-a
> > > >> > > >> > Linux pussy-riot-germany 2.6.32-042stab068.8
#1 SMP Fri
> Dec 7
> > > >> > 17:06:14
> > > >> > > >> MSK
> > > >> > > >> > 2012 i686 GNU/Linux
> > > >> > > >> > root@pussy-riot-germany:~/luastuff# /etc/init.d/couchdb
> > start
> > > >> > > >> > Starting database server: couchdb.
> > > >> > > >> > root@pussy-riot-germany:~/luastuff# /etc/init.d/couchdb
> > status
> > > >> > > >> > Apache CouchDB is running as process 7651,
time to relax.
> > > >> > > >> > root@pussy-riot-germany:~/luastuff# telnet
localhost 5984
> > > >> > > >> > Trying ::1...
> > > >> > > >> > Trying 127.0.0.1...
> > > >> > > >> > telnet: Unable to connect to remote host:
Connection
> refused
> > > >> > > >> >
> > > >> > > >> > Please help, dear experts... :)
> > > >> > > >> >
> > > >> > > >> > Cheers,
> > > >> > > >> > Stefan
> > > >> > > >> >
> > > >> > > >> >
> > > >> > > >>
> > > >> > >
> > > >> >
> > > >>
> > > >
> > > >
> > >
> >
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message