My company wanted me to combine the projects from the old GitLab servers to the new one. There are many ways on the internet, I tried several ways, finally I found this method worked well.

Download projects from the old server, for example:
# git clone –mirror

Create new projects on the new GitLab server through the website

Modify the config file, change the url to the new one
# cd project1.git/
# vi config
repositoryformatversion = 0
filemode = true
bare = true
[remote “origin”]
url =
fetch = +refs/*:refs/*
mirror = true

Upload the project to the new GitLab server
# git push origin –mirror


Import an existing git project into GitLab?

Posted by: kezhong | March 20, 2014

CloudStack: Statistics Report for Load Balancing

After creating load balancing, and real servers, how to monitor the stats of these servers? I’ll give an answer as below.

First, you should open port 8081 to your company’s IP.

Then launch with your web browser.
username: admin1
password: AdMiN123


Posted by: kezhong | March 10, 2014

CloudStack: Configure Fedora 20 for VPN Access

1. Open the “Settings”
vpn1 2. Click “Network”
vpn2 3. Click “+” vpn3 4. Click “VPN” vpn4 5. Click “Layer 2 Tunneling Protocol (L2TP). Enter the IP address in “Gateway”, enter your username and password, and then Click “IPsec Settings” vpn5 6. Click the checkbox “Enable IPsec tunnel to L2TP host”, paste “Pre-shared key” and Click “OK”, and then click “Add” vpn6 7. Click “ON” vpn7 If you want to know how to use Windows 7 for CloudStack VPN access, you can read Derek Black’s blog CloudStack: Configure Windows 7 for VPN Access

I found that radiusd cannot start at boot time after reboot the server on Fedora 17, but I can start it manually. I checked the log files, and found that mysqld start later than radiusd. So radiusd cannot start, because it needs to connect to mysql.

How to set the sequence of boot services, and make radiusd start after mysqld? After researching and testing, I find the way.

Edit the file /lib/systemd/system/radiusd.service, add mysqld.service at the end of “After” line in “Unit” section, and then reboot the server. The detailed file is as below.

Description=FreeRADIUS high performance RADIUS server. mysqld.service

ExecStartPre=-/bin/chown -R radiusd.radiusd /var/run/radiusd
ExecStartPre=/usr/sbin/radiusd -C
ExecStart=/usr/sbin/radiusd -d /etc/raddb
ExecReload=/usr/sbin/radiusd -C
ExecReload=/bin/kill -HUP $MAINPID


Posted by: kezhong | October 30, 2012

Install brutessh on CentOS 5.8

For security reason, our NOC team should limit ssh access outside from our customers so as to prevent SSH brute force attacks. After tuned the firewall of routers, we need to test if the firewall works. So we installed brutessh to simulate SSH brute force attacks to our test server. Beware, don’t use brutessh to try others’ IPs.

Install the crypto and paramiko for python
# wget
# rpm -ivh python-crypto-2.0.1-1.el5.rf.x86_64.rpm
# wget
# rpm -ivh python-paramiko-1.7.6-1.el5.rf.noarch.rpm

Install brutessh
# wget
# tar xvf brutessh-06.tar
# cd brutessh
# chmod 744 *.py

Make up a passlist file named passlist.txt or you can download the dictionary from John the Ripper as my past post

Simulate SSH brute force attacks
# python -h -u root -d passlist.txt
*SSH Bruteforcer Ver. 0.6           *
*Coded by Christian Martorella      *
*Edge-Security Research             *
*      *

Username: root
Password file: passlist.txt
Trying password…
2/3 password

Times — > Init: 0.02 End: 0.28

On our attacked server, we can check the situation.
# tail -f /var/log/secure

Older Posts »