All posts by Don Matteo

lebt in der Schweiz, ist System Engineer MCP bei A-Enterprise GmbH. Mitglied des UNBLOG Knowledge Network. Author und Blogger zu den Themen, Tutorials für Linux und Open Source.
Howto Tutorials (EN)

ClamAV ERROR downloadFile Unexpected response

Home
2 Comments

If you receive these error messages from ClamAV, you may need to update ClamAV.

ERROR: downloadFile: Unexpected response (403) from https://database.c1amav.net/daily-26440.cdiff
ERROR: getpatch: Can't download daily-26440.cdiff from https://database.c1amav.net/daily-26440.cdiff
ERROR: downloadFile: Unexpected response (403) from https://database.c1amav.net/daily.cvd
ERROR: getcvd: Can't download daily.cvd from https://database.c1amav.net/daily.cvd
ERROR: Update failed for database: daily
ERROR: Database update process failed: HTTP GET failed (11)
ERROR: Update failed.

Running ClamAV Update on Debian Linux

$ apt update
$ apt upgrade clamav

For ClamAV Versions Check run this command.

$ clamd --version
ClamAV 0.103.5/26441/Wed Feb 2 10:22:13 2022

Run ClamAV Update on CentOS Linux

$ yum update clamav

ClamAV updates are downloaded and installed.

Updated:
  clamav.x86_64 0:0.103.5-1.el7

Dependency Updated:
  clamav-filesystem.noarch 0:0.103.5-1.el7 clamav-lib.x86_64 0:0.103.5-1.el7 clamav-update.x86_64 0:0.103.5-1.el7 clamd.x86_64 0:0.103.5-1.el7

Complete!

After updating ClamAV, update the database.

$ freshclam
ClamAV update process started at Wed Feb 2 10:24:33 2022
daily database available for update (local version: 26439, remote version: 26440)
Current database is 1 version behind.
Downloading database patch # 26440...
Time: 0.2s, ETA: 0.0s [=============================>] 14.13KiB/14.13KiB
Testing database: '/var/lib/clamav/tmp.b7d0e4b52b/clamav-3a8a649f76dca0722c7acef0385a1cc2.tmp-daily.cld' ...
Database test passed.
daily.cld updated (version: 26440, sigs: 1973273, f-level: 90, builder: raynman)
main database available for download (remote version: 62)
Time: 2m 04s, ETA: 0.0s [=============================>] 162.58MiB/162.58MiB
Testing database: '/var/lib/clamav/tmp.b7d0e4b52b/clamav-a0387032c1bad0a864db82c1039625eb.tmp-main.cvd' ...
Database test passed.
main.cvd updated (version: 62, sigs: 6647427, f-level: 90, builder: sigmgr)
bytecode.cld database is up-to-date (version: 333, sigs: 92, f-level: 63, builder: awillia2)

Check ClamAV version.

$ clamd --version
ClamAV 0.103.5/26440/Tue Feb 1 10:22:16 2022
$ freshclam --version
ClamAV 0.103.5/26440/Tue Feb 1 10:22:32 2022

The ClamAV ERROR should be solved

Clam AntiVirus (ClamAV) is a free software, cross-platform antimalware toolkit able to detect many types of malware, including viruses. It was developed for Unix and has third party versions available for AIX, BSD, HP-UX, Linux, macOS, OpenVMS, OSF (Tru64) and Solaris. As of version 0.97.5, ClamAV builds and runs on Microsoft Windows. Both ClamAV and its updates are made available free of charge. One of its main uses is on mail servers as a server-side email virus scanner.

Sourcefire, developer of intrusion detection products and the owner of Snort, announced on 17 August 2007 that it had acquired the trademarks and copyrights to ClamAV from five key developers. Upon joining Sourcefire, the ClamAV team joined the Sourcefire Vulnerability Research Team (VRT). In turn, Cisco acquired Sourcefire in 2013. The Sourcefire VRT became Cisco Talos, and ClamAV development remains there.

ClamAV includes a command-line scanner, automatic database updater, and a scalable multi-threaded daemon running on an anti-virus engine from a shared library. The application features a Milter interface for sent mail and on-demand scanning.

The ClamAV virus database is updated at least every four hours and as of 10 February 2017 contained over 5,760,000 virus signatures[citation needed] with the daily update Virus DB number at 23040.

Howto Tutorials (EN)

ssh-keygen how it works

Home
Leave a comment

Easy authentication with SSH keys using ssh-keygen on Linux, Windows and macOS, secure connection to SSH host without a password. This tutorial shows how to create a private key and store the corresponding public key on the Web Server.

How to use SSH keygen

SSH keys eliminate the need to enter passwords when connecting via SSH. Especially for the administration of several accounts, this can bring a lot of time savings. The following describes how to creating SSH keys with ssh-keygen on Linux, Windows and macOS. To do this, open a terminal and ran the following command.

$ ssh-keygen -t rsa -b 4096

Generate SSH key with ssh-keygen

ssh-keygen now asks in which file the SSH key should be stored, preferably create a new unique file. The default is that the key is stored in the default file (id_rsa), which is confusing, and the folder “.ssh” is also hidden.

$ ssh-keygen -t rsa -b 4096
Generating public/private rsa key pair.
Enter file in which to save the key (/home/mike/.ssh/id_rsa): my-key
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in my-key.
Your public key has been saved in my-key.pub.
The key fingerprint is:
SHA256:7oBofs25Wz2b03V2+5daXFUAq8ClijSfSjUog/3sVwo mike@thinkpad
The key's randomart image is:
+---[RSA 4096]----+
|          . .....|
| o   . . o   .  .|
|. + + o +   .   .|
|   * = + . .    .|
|    E + S .     .|
|   + + + .    o =|
|  o +o+.o o. . =+|
| o  ..++  .+. .o.|
|  ..  oo. o. .. +|
+---- SHA256 -----+

A SSH key is created by ssh-keygen using the RSA cryptosystem with a length of 4096 bits. This means that the SSH key can hardly be cracked by brute force.

The same command allows a file name to be passed for the key.

$ ssh-keygen -t rsa -b 4096 -f my-key

A passphrase can now also be assigned for even more security, but this is not absolutely necessary. If you want to use a passphrase for the SSH key, you can type in one and then confirm it. Otherwise, you can skip this option with hit Enter. We create a key pair at this point without additional passphrase.

  That’s it: The key pair is created and is in the specified file. These can be opened with a text editor in the terminal with vi or nano, and with macOS with any editor to view the key pair, but nothing may be changed, even no blank lines may be inserted.

my-key
my-key.pub

The output is shown similar to this one.

ssh-rsa AAAAB3NzaC1yc2EAAADAQABACQCuA1tumTMG/sa7OpjxbuL5vz7R..
...
VOOpjavLDM0iZjWbRc3KeKuEIu9Lw== mike@thinkpad

  The content of my-key.pub in abbreviated form are similar to this.

Bring a public SSH key to the server

Now there is the last step to store the public SSH key on the desired Server. The best way to do it is on the server with “ssh-copy-id”. Since the creation took place on the “control computer”, i.e. the laptop, the public key still has to be copied to the Server. First, you log in to the server and then store the key there. To do this, the necessary command in the terminal is as follows.

$ ssh-copy-id -i ~/.ssh/my-key mike@webserver.org

Alternatively, if you do not want to use “ssh-copy-id”, the contents of the local file ~/.ssh/my-key.pub can be copied to the Server in the file ~/.ssh/authorized_keys. To do this, run the command in the shell on the control computer.

$ cat ~/.ssh/my-key.pub | ssh mike@webserver.org "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"
chmod 0600 ~/.ssh/authorized_keys

Alternatively, the public SSH key can also be saved directly in the file authorized_keys via copy paste.

  The private key my-key must remain secret, so do not place it on the server.

  On Windows, OpenSSH can be deployed, under Settings – Apps and Features – Optional Features, or PuTTY (puttygen) is used.