Install Nextcloud 13.0.0 on Fedora 27

JaredBusch

@DustinB3403 said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@DustinB3403 said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@DustinB3403 said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

Does this show root? I just left the password blank.

So you didn't set a root password at all if where it says "Enter password:" you just tapped enter and were logged in.

That should be updated to be secured with a password.

correct. that makes me think it didnt take the password earlier, because of bad characters.

You would've set the password when you ran mysql_secure_installation

I didnt run that, I followed the script.

hrm, yeah just looking. @JaredBusch is there a reason to not run mysql_secure_installation ?

Because that is what those mysql -e commands do.

DustinB3403

@JaredBusch said in Install Nextcloud 13.0.0 on Fedora 27:

@DustinB3403 said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@DustinB3403 said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@DustinB3403 said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

Does this show root? I just left the password blank.

So you didn't set a root password at all if where it says "Enter password:" you just tapped enter and were logged in.

That should be updated to be secured with a password.

correct. that makes me think it didnt take the password earlier, because of bad characters.

You would've set the password when you ran mysql_secure_installation

I didnt run that, I followed the script.

hrm, yeah just looking. @JaredBusch is there a reason to not run mysql_secure_installation ?

Because that is what those mysql -e commands do.

Ah never knew that.

scottalanmiller

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@JaredBusch said in Install Nextcloud 13.0.0 on Fedora 27:

@DustinB3403 said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@JaredBusch said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@JaredBusch said in Install Nextcloud 13.0.0 on Fedora 27:

mysql -e "CREATE USER 'ncadmin'@'localhost' IDENTIFIED BY 'N@2$#sx67UkIZ^$xsInW0&7Z';"

This is you using an invalid character in a mysql password.

what is the invalid character?

@JaredBusch is probably looking it up, but only numbers and letters are allowed here from what I can find.

They can be complex, but you have risks of them being misinterpreted. Like bash reading it as a variable.

so stick with letters and numbers?

Yup, that's a general rule.

Donahue

@scottalanmiller said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@JaredBusch said in Install Nextcloud 13.0.0 on Fedora 27:

@DustinB3403 said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@JaredBusch said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@JaredBusch said in Install Nextcloud 13.0.0 on Fedora 27:

mysql -e "CREATE USER 'ncadmin'@'localhost' IDENTIFIED BY 'N@2$#sx67UkIZ^$xsInW0&7Z';"

This is you using an invalid character in a mysql password.

what is the invalid character?

@JaredBusch is probably looking it up, but only numbers and letters are allowed here from what I can find.

They can be complex, but you have risks of them being misinterpreted. Like bash reading it as a variable.

so stick with letters and numbers?

Yup, that's a general rule.

where is this the general rule? Linux? databases?

scottalanmiller

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@scottalanmiller said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@JaredBusch said in Install Nextcloud 13.0.0 on Fedora 27:

@DustinB3403 said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@JaredBusch said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@JaredBusch said in Install Nextcloud 13.0.0 on Fedora 27:

mysql -e "CREATE USER 'ncadmin'@'localhost' IDENTIFIED BY 'N@2$#sx67UkIZ^$xsInW0&7Z';"

This is you using an invalid character in a mysql password.

what is the invalid character?

@JaredBusch is probably looking it up, but only numbers and letters are allowed here from what I can find.

They can be complex, but you have risks of them being misinterpreted. Like bash reading it as a variable.

so stick with letters and numbers?

Yup, that's a general rule.

where is this the general rule? Linux? databases?

Anytime you are scripting passwords, automating passwords, or using passwords in systems you don't know exactly how everything between the keyboard and the final system are going to interpret special codes.

JaredBusch

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@scottalanmiller said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@JaredBusch said in Install Nextcloud 13.0.0 on Fedora 27:

@DustinB3403 said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@JaredBusch said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@JaredBusch said in Install Nextcloud 13.0.0 on Fedora 27:

mysql -e "CREATE USER 'ncadmin'@'localhost' IDENTIFIED BY 'N@2$#sx67UkIZ^$xsInW0&7Z';"

This is you using an invalid character in a mysql password.

what is the invalid character?

@JaredBusch is probably looking it up, but only numbers and letters are allowed here from what I can find.

They can be complex, but you have risks of them being misinterpreted. Like bash reading it as a variable.

so stick with letters and numbers?

Yup, that's a general rule.

where is this the general rule? Linux? databases?

I believe it was actually a requirement in the past. but no longer. I'd have to go search to find when they updated it.

Donahue

TIL, use simple passwords.

JaredBusch

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

TIL, use simple passwords.

Incorrect.

Use long passwords.

JaredBusch

I believe 32 is the limit due to replication or something.

Donahue

I default to 24

Donahue

some places complain if they are too long.

Donahue

hell, our ERP only allows 10

scottalanmiller

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

TIL, use simple passwords.

Simple CHARACTERS in passwords. Special characters aren't complex to a computer, only seem that way to humans.

scottalanmiller

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

hell, our ERP only allows 10

That's a different kind of problem.

Donahue

@scottalanmiller said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

TIL, use simple passwords.

Simple CHARACTERS in passwords. Special characters aren't complex to a computer, only seem that way to humans.

they do add to the list of possible characters to try when brute forcing though.

DustinB3403

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@scottalanmiller said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

TIL, use simple passwords.

Simple CHARACTERS in passwords. Special characters aren't complex to a computer, only seem that way to humans.

they do add to the list of possible characters to try when brute forcing though.

Sure. . . but when your possible list of 24 digit passwords (including upper and lowercase) makes for an extremely long password with some insane number of combinations.

So it's plenty secure.

Donahue

@DustinB3403 said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@scottalanmiller said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

TIL, use simple passwords.

Simple CHARACTERS in passwords. Special characters aren't complex to a computer, only seem that way to humans.

they do add to the list of possible characters to try when brute forcing though.

Sure. . . but when your possible list of 24 digit passwords (including upper and lowercase) makes for an extremely long password with some insane number of combinations.

So it's plenty secure.

It doesn't take any more effort for me to generate a more secure password with symbols added, so why skimp?

scottalanmiller

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@scottalanmiller said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

TIL, use simple passwords.

Simple CHARACTERS in passwords. Special characters aren't complex to a computer, only seem that way to humans.

they do add to the list of possible characters to try when brute forcing though.

Only sort of. Only in the situation where you assume that all non-special character options will be attempted first. Otherwise, it doesn't actually do that.

scottalanmiller

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@DustinB3403 said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@scottalanmiller said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

TIL, use simple passwords.

Simple CHARACTERS in passwords. Special characters aren't complex to a computer, only seem that way to humans.

they do add to the list of possible characters to try when brute forcing though.

Sure. . . but when your possible list of 24 digit passwords (including upper and lowercase) makes for an extremely long password with some insane number of combinations.

So it's plenty secure.

It doesn't take any more effort for me to generate a more secure password with symbols added, so why skimp?

Because it so often results in an inability to login in. Either because the password isn't recorded properly, or because it can't be recorded elsewhere properly, or the worst case, that it results in a very weak password that you do not realize.

Donahue

@scottalanmiller said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@scottalanmiller said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

TIL, use simple passwords.

Simple CHARACTERS in passwords. Special characters aren't complex to a computer, only seem that way to humans.

they do add to the list of possible characters to try when brute forcing though.

Only sort of. Only in the situation where you assume that all non-special character options will be attempted first. Otherwise, it doesn't actually do that.

what nonsense are you saying now? password entropy is a thing. The more possible characters, the harder it is statistically to brute force.