View previous topic :: View next topic |
Author |
Message |
cdstealer Guru
Joined: 30 Oct 2005 Posts: 431 Location: Leeds
|
Posted: Tue Aug 21, 2018 7:27 am Post subject: [SOLVED] nzbget will not run securely |
|
|
Hi,
For several weeks now my nzbget refuses to run securely. I've tried completely removing all configs and just running on the absolute minimum with the same results. It will run happily on the insecure port (6789).
Here is my config https://pastebin.com/VQHsAWCA
Code: | # netstat -ntlp | grep nzb
tcp 0 0 <ip>:6789 0.0.0.0:* LISTEN 17502/nzbget
tcp 0 0 <ip>:6791 0.0.0.0:* LISTEN 17502/nzbget |
This is all I get in the log (debug) https://pastebin.com/PTdz49xj Nothing stands out to me.
Trying a reload or quit fails. I have to use killall.
Code: | ~ # nzbget -O
Request sent
No response or invalid response (timeout, not nzbget-server or wrong nzbget-server version)
~ # nzbget -Q
Request sent
No response or invalid response (timeout, not nzbget-server or wrong nzbget-server version) |
Any ideas would be awesome. _________________ # touch it
touch: cannot touch `it': Permission denied
Last edited by cdstealer on Thu Aug 23, 2018 3:42 am; edited 2 times in total |
|
Back to top |
|
|
cdstealer Guru
Joined: 30 Oct 2005 Posts: 431 Location: Leeds
|
Posted: Wed Aug 22, 2018 4:31 am Post subject: |
|
|
It helps when you specify the encryption DOH!
Code: | Server1.Cipher=RC4-MD5 |
CD _________________ # touch it
touch: cannot touch `it': Permission denied |
|
Back to top |
|
|
segmentation-fault Tux's lil' helper
Joined: 11 Oct 2016 Posts: 99
|
Posted: Wed Aug 22, 2018 10:29 pm Post subject: |
|
|
Pardon me, but I don't think you are right here - maybe I just don't understand what you mean by "nzbget refuses to run securely"...
The bit you say "it helps" is actually not obligatory. From the comments in nzbget.conf:
Quote: |
# By default (when the option is empty) the underlying encryption library
# chooses the cipher automatically.
|
Whether your nzbget connects 'securely' (read: with an encrypted connection) to the news server, depends on
Code: | Server1.Encryption=yes |
and on setting the correct news server port for 'secure connections', e.g.
For GigaNews, you can use port 563 or 443 for secure connections.
Nothing else is needed IMHO. The port used on your side of the connection by nzbget is irrelevant, as long as the two settings above are correct. It's not you who is trying to set up a secure server for incoming connections - it's a client (nzbget) who is trying to connect securely with an encrypted outgoing connection to a news server. |
|
Back to top |
|
|
cdstealer Guru
Joined: 30 Oct 2005 Posts: 431 Location: Leeds
|
Posted: Thu Aug 23, 2018 2:37 am Post subject: |
|
|
Hi,
Yeah that's what threw me. Everything was working just fine and it must have stopped working when I upgraded to v20. So I did some reading up and then added the cipher line. Then everything worked.
I've just removed the cipher and restarted nzbget and it broke again. Re-added the cipher line and still broken. WTF?
Checked the log and now only see Code: | Thu Aug 23 03:50:45 2018 INFO nzbget 20.0 daemon-mode
Thu Aug 23 03:50:45 2018 ERROR Could not read configuration templates
Thu Aug 23 03:50:45 2018 INFO Stopping, please wait...
Thu Aug 23 03:50:45 2018 INFO Deleting lock file |
Code: | # Example: /usr/local/share/nzbget/nzbget.conf.
ConfigTemplate=/usr/share/nzbget/nzbget.conf |
Code: | $ ls -l /usr/share/nzbget/nzbget.conf
-rw-r--r-- 1 root root 66779 Aug 22 05:26 /usr/share/nzbget/nzbget.conf |
Also it is not removing the lock file. Code: | $ ls -l /var/run/nzbget.lock
-rw-r----- 1 cdstealer cdstealer 6 Aug 23 04:06 /var/run/nzbget.lock |
Configuring it to run as root fixes the lockfile and config template issue, but still does not run.
I'll do some more digging. Thanks for the reply.
CD _________________ # touch it
touch: cannot touch `it': Permission denied |
|
Back to top |
|
|
cdstealer Guru
Joined: 30 Oct 2005 Posts: 431 Location: Leeds
|
Posted: Thu Aug 23, 2018 3:58 am Post subject: |
|
|
HEH.. OK, I think I got to the bottom of it. It turns out that compiling with gnutls was the thing. So left SSL enabled and everything is working.
Thanks again.
CD _________________ # touch it
touch: cannot touch `it': Permission denied |
|
Back to top |
|
|
|