Install Nextcloud 13.0.0 on Fedora 27

Donahue

@scottalanmiller said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@JaredBusch said in Install Nextcloud 13.0.0 on Fedora 27:

@DustinB3403 said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@JaredBusch said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@JaredBusch said in Install Nextcloud 13.0.0 on Fedora 27:

mysql -e "CREATE USER 'ncadmin'@'localhost' IDENTIFIED BY 'N@2$#sx67UkIZ^$xsInW0&7Z';"

This is you using an invalid character in a mysql password.

what is the invalid character?

@JaredBusch is probably looking it up, but only numbers and letters are allowed here from what I can find.

They can be complex, but you have risks of them being misinterpreted. Like bash reading it as a variable.

so stick with letters and numbers?

Yup, that's a general rule.

where is this the general rule? Linux? databases?

scottalanmiller

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@scottalanmiller said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@JaredBusch said in Install Nextcloud 13.0.0 on Fedora 27:

@DustinB3403 said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@JaredBusch said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@JaredBusch said in Install Nextcloud 13.0.0 on Fedora 27:

mysql -e "CREATE USER 'ncadmin'@'localhost' IDENTIFIED BY 'N@2$#sx67UkIZ^$xsInW0&7Z';"

This is you using an invalid character in a mysql password.

what is the invalid character?

@JaredBusch is probably looking it up, but only numbers and letters are allowed here from what I can find.

They can be complex, but you have risks of them being misinterpreted. Like bash reading it as a variable.

so stick with letters and numbers?

Yup, that's a general rule.

where is this the general rule? Linux? databases?

Anytime you are scripting passwords, automating passwords, or using passwords in systems you don't know exactly how everything between the keyboard and the final system are going to interpret special codes.

JaredBusch

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@scottalanmiller said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@JaredBusch said in Install Nextcloud 13.0.0 on Fedora 27:

@DustinB3403 said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@JaredBusch said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@JaredBusch said in Install Nextcloud 13.0.0 on Fedora 27:

mysql -e "CREATE USER 'ncadmin'@'localhost' IDENTIFIED BY 'N@2$#sx67UkIZ^$xsInW0&7Z';"

This is you using an invalid character in a mysql password.

what is the invalid character?

@JaredBusch is probably looking it up, but only numbers and letters are allowed here from what I can find.

They can be complex, but you have risks of them being misinterpreted. Like bash reading it as a variable.

so stick with letters and numbers?

Yup, that's a general rule.

where is this the general rule? Linux? databases?

I believe it was actually a requirement in the past. but no longer. I'd have to go search to find when they updated it.

Donahue

TIL, use simple passwords.

JaredBusch

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

TIL, use simple passwords.

Incorrect.

Use long passwords.

JaredBusch

I believe 32 is the limit due to replication or something.

Donahue

I default to 24

Donahue

some places complain if they are too long.

Donahue

hell, our ERP only allows 10

scottalanmiller

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

TIL, use simple passwords.

Simple CHARACTERS in passwords. Special characters aren't complex to a computer, only seem that way to humans.

scottalanmiller

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

hell, our ERP only allows 10

That's a different kind of problem.

Donahue

@scottalanmiller said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

TIL, use simple passwords.

Simple CHARACTERS in passwords. Special characters aren't complex to a computer, only seem that way to humans.

they do add to the list of possible characters to try when brute forcing though.

DustinB3403

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@scottalanmiller said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

TIL, use simple passwords.

Simple CHARACTERS in passwords. Special characters aren't complex to a computer, only seem that way to humans.

they do add to the list of possible characters to try when brute forcing though.

Sure. . . but when your possible list of 24 digit passwords (including upper and lowercase) makes for an extremely long password with some insane number of combinations.

So it's plenty secure.

Donahue

@DustinB3403 said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@scottalanmiller said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

TIL, use simple passwords.

Simple CHARACTERS in passwords. Special characters aren't complex to a computer, only seem that way to humans.

they do add to the list of possible characters to try when brute forcing though.

Sure. . . but when your possible list of 24 digit passwords (including upper and lowercase) makes for an extremely long password with some insane number of combinations.

So it's plenty secure.

It doesn't take any more effort for me to generate a more secure password with symbols added, so why skimp?

scottalanmiller

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@scottalanmiller said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

TIL, use simple passwords.

Simple CHARACTERS in passwords. Special characters aren't complex to a computer, only seem that way to humans.

they do add to the list of possible characters to try when brute forcing though.

Only sort of. Only in the situation where you assume that all non-special character options will be attempted first. Otherwise, it doesn't actually do that.

scottalanmiller

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@DustinB3403 said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@scottalanmiller said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

TIL, use simple passwords.

Simple CHARACTERS in passwords. Special characters aren't complex to a computer, only seem that way to humans.

they do add to the list of possible characters to try when brute forcing though.

Sure. . . but when your possible list of 24 digit passwords (including upper and lowercase) makes for an extremely long password with some insane number of combinations.

So it's plenty secure.

It doesn't take any more effort for me to generate a more secure password with symbols added, so why skimp?

Because it so often results in an inability to login in. Either because the password isn't recorded properly, or because it can't be recorded elsewhere properly, or the worst case, that it results in a very weak password that you do not realize.

Donahue

@scottalanmiller said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@scottalanmiller said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

TIL, use simple passwords.

Simple CHARACTERS in passwords. Special characters aren't complex to a computer, only seem that way to humans.

they do add to the list of possible characters to try when brute forcing though.

Only sort of. Only in the situation where you assume that all non-special character options will be attempted first. Otherwise, it doesn't actually do that.

what nonsense are you saying now? password entropy is a thing. The more possible characters, the harder it is statistically to brute force.

DustinB3403

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@DustinB3403 said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@scottalanmiller said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

TIL, use simple passwords.

Simple CHARACTERS in passwords. Special characters aren't complex to a computer, only seem that way to humans.

they do add to the list of possible characters to try when brute forcing though.

Sure. . . but when your possible list of 24 digit passwords (including upper and lowercase) makes for an extremely long password with some insane number of combinations.

So it's plenty secure.

It doesn't take any more effort for me to generate a more secure password with symbols added, so why skimp?

Because special characters often break when being passed through tunnels. IE the # symbol is often an "comment" indicator and might ruin the rest of your password.

Donahue

@scottalanmiller said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@DustinB3403 said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

@scottalanmiller said in Install Nextcloud 13.0.0 on Fedora 27:

@Donahue said in Install Nextcloud 13.0.0 on Fedora 27:

TIL, use simple passwords.

Simple CHARACTERS in passwords. Special characters aren't complex to a computer, only seem that way to humans.

they do add to the list of possible characters to try when brute forcing though.

Sure. . . but when your possible list of 24 digit passwords (including upper and lowercase) makes for an extremely long password with some insane number of combinations.

So it's plenty secure.

It doesn't take any more effort for me to generate a more secure password with symbols added, so why skimp?

Because it so often results in an inability to login in. Either because the password isn't recorded properly, or because it can't be recorded elsewhere properly, or the worst case, that it results in a very weak password that you do not realize.

that is the real problem

Donahue

@JaredBusch said in Install Nextcloud 13.0.0 on Fedora 27:

Go back to your SSH session and update the NextCloud config.php file to tell it to use redis for the memory cache and file locking.
#add a line to nextcloud config.php to enable memory cache
nano /var/www/html/nextcloud/config/config.php
'memcache.locking' => '\OC\Memcache\Redis',
'memcache.local' => '\OC\Memcache\Redis',
'redis' => array(
'host' => 'localhost',
'port' => 6379,
),

It was good up until this point. Now it gives me an error