How To Fix SSH Permission Denied From macOS Ventura To Amazon Linux

Author: , Posted on Tuesday, May 9th, 2023 at 9:55:13am

I have been using RSA SSH keys forever to login to my various AWS EC2 instances.

With macOS Ventura 13.3.1 ssh failed with the “Permission Denied” error. Using ssh -vvv, I saw that the RSA key was now being rejected.

After much research, I decided to implement new keys on the client (Ventura) side using ed25519, like this:

I then placed the new contents into the ~/.ssh/authorized_keys files on the target nodes, and everything started working!

How To Get rsync To Work With macOS Ventura – Getting Error “Operation not permitted”

Author: , Posted on Friday, May 5th, 2023 at 12:59:06pm

I have a new iMac running macOS Ventura 13.3.1.

I tried to rsync some files from another host and got the following error:

In order to get rsync to have access to the hard drive in macOS Ventura, you need to add rsync and other programs to the Full Disk Access panel under Privacy & Security in System Settings.

First click on System Settings

Next locate Privacy & Security at the bottom of the same block as General in the left menu bar and click on it
Next, click on Full Disk Access
Then open a Finder window and navigate to the top-level ‘Macintosh HD’ and look for the usr directory, select it, then select bin. Finally, drag & drop the rsync command into the Full Disk Access window in true Apple style.
Finish adding all of the below commands and rsync will work

This is the list of files to add via Drag & Drop to the Full Disk Access panel under Privacy & Security:

R.I.P Gordon Lightfoot

Author: , Posted on Tuesday, May 2nd, 2023 at 7:14:02am

Born: November 17, 1938, Orillia, Canada
Died: May 1, 2023, Sunnybrook hospital, Toronto, Canada, 84 years old

How To Expand an EBS Volume After a Disk Resize on Amazon Linux

Author: , Posted on Monday, April 17th, 2023 at 9:51:50am

First, use the AWS Console to modify the volume to the desired size, in our example we want to go from 10GB to 25GB for the root filesystem

For a Xen ext4 root volume

For NVMe

First, use lsblk to see the raw partitions:

Note how the partition at 259:1 is only 20GB, while the entire disk at 259:0 is 40GB. A partition resize is required in this case.

For an EXT4 filesystem, use the resize2fs command instead:

For more information, please visit the AWS Docs:

How To Fix WordPress Gateway Timeout Errors Running Apache with PHP-FPM

Author: , Posted on Tuesday, April 11th, 2023 at 6:31:31pm


I was seeing the following error when trying to do a plugin update, and an error in my WordPress logs:

Update failed: 504 Gateway Timeout Gateway Timeout The gateway did not receive a timely response from the upstream server or application.

[Tue Apr 11 22:12:01.373709 2023] [proxy_fcgi:error] [pid 26878] (70007)The timeout specified has expired: [client] AH01075: Error dispatching request to : (polling), referer:

and getting variations of any of the following strings:

504 Gateway Timeout
HTTP 504
Gateway Timeout (504)
HTTP Error 504 – Gateway Timeout
Gateway Timeout Error


How To List All Tags With The Message In git

Author: , Posted on Tuesday, April 11th, 2023 at 10:09:00am

How To Get SSH Logins Working Again In macOS Ventura

Author: , Posted on Friday, February 24th, 2023 at 12:29:58pm

SSH login from older hosts running OS X Yosemite 10.10.5 to macOS Ventura 13.2.1 was not working.

SSH failed with a “No hostkey alg” error.

Be sure to stop and start Remote Login under System Settings -> General -> Sharing

R.I.P. David Crosby

Author: , Posted on Thursday, January 19th, 2023 at 7:38:38pm

David Crosby, Born 1941, Died Jan 18th, 2023 at 81 years old

How To Use AWS CloudTrail For Intrusion Detection To Monitor Your AWS Account For Unwanted Activity

Author: , Posted on Friday, December 30th, 2022 at 11:46:21am


Use AWS CloudTrail as the basis for a simple Intrusion Detection System to monitor your AWS account for unwanted activity.


While I follow best practices for security, it is always possible that a bad actor could obtain my credentials and gain access to my AWS account.

Once access is gained, such criminals could launch new, maximum-sized instances all over the world and proceed to harness them for nefarious purposes, often for DDoS attacks and crypto-mining.

These instances can accrue enormous charges in a short time given the cost per instance times the quantity launched.

Attacks like this can cripple an organization financially, especially because Amazon Web Services are NOT flexible about refunding such charges if they happen more than once.

AWS-based Solutions

AWS itself offers a number of paid services to assist with account security, including CloudWatch and Trusted Advisor.

While they are no doubt excellent offerings, I was reluctant to pay more than I had to, and the CloudWatch tool seemed like overkill in terms of complexity.

Chosen Solution

While CloudWatch did not work for me, the underlying CloudTrail service in fact was the answer, when used with the aws command-line tool to query the associated event data periodically via cron for non-Read-Only events.

This solution required me to roll my own tool (in Perl) to interpret the data and alert via email under the desired circumstances.

Solution Steps

Example CLI Call

Example Crontab Entry

Example Parsing Logic (Perl)

List of AWS Regions


Tungsten Clustering: Plugging the Holes – Risk Mitigation Through Best Practices

Author: , Posted on Wednesday, December 7th, 2022 at 2:52:03pm
Tungsten Clustering depends on a number of prerequisites and best practices to function optimally. In this blog post, we explore a critical, yet easily-overlooked step when installing a Tungsten Cluster node - setting up start at boot, ideally under `systemd` control.