SSH Configuration

I'm checking the configuration of SSH on our hosts ESX3.0.3. I looked at the/etc/ssh/sshd_config file but it seems there may be another file or service, affecting SSH (IE, PermitEmptyPasswords is remmed out, #, but I can't SSH with an account that has no password) or denying the need for some settings in SSH. This is the case, or I am looking at the wrong SSH configuration file?

Thanks for your help.

Your answers can be found here

http://UNIXhelp.ed.AC.uk/cgi/man-CGI?sshd_config+5

Tags: VMware

Similar Questions

SSH configuration 11 GR 2
Gurus,

The YES program install ssh for the owner of the grid and the owner of the database during the installation of the grid?

Thank you
As oracle user when installing the database software it is an option through YES to paswordless of SSH configuration automatically.

Thank you
Anthony

SSH configuration view RAID ESXi 5 command

I have several ESXi 5 servers that do not have hard drives. I want to confirm that the disks are in a RAID configuration before I hot swap drives since they are critical production servers and cannot be taken offline. Nobody knows what the command SSH ESXi 5 that will show the RAID configuration? I know there are the vendor specific tools that can help to manage these servers, but I just wanted to confirm quickly the RAID configuration, so I can replace the drives.
Thank you!

If you have HP servers (and the HP bundles installed offline) then you have the hpacucli tool to manage the Smart Array controllers available in a shell.

It is also available through esxcli (esxcli hpacucli).

Xcode Server installation failed (ssl configuration infrastructure)

After the upgrade to Server 5.2 today, I am unable to start the service of Xcode as a result of a mistake.

The first time, I tried to implement the service, after having chosen the Xcode application, I was asked to create a service user account Xcode. So, I followed the guests to create a Xcode Server user account.

Then I saw a message that Xcode Helper should be allowed to make UI script, to which I agreed.

Finally, a progress bar appears where, apparently, that was under the service of Xcode configuration.

And then an error stating:

Xcode Server installation failed (ssl configuration infrastructure)

Try clicking on choose Xcode and selecting a new version of Xcode or upgrade to a newer version of the server.

Given that I had just installed the latest version of Xcode previously, I advanced and checked that Xcode launches without problem, and no message appears.

Then I went to System Preferences > Security & privacy > accessibility and verified that an entry is added for Xcode Helper, and I checked the box next to it to allow access.

Also, I have advanced and connected to the server of Xcode user account and used the fast user switching option to return to my main account.

Unfortunately, trying to start again service results in the same error. I even tried to start the service when you are logged on the server of Xcode user account. Whenever it has failed with the same message.

Whenever I try to start the service, I see this (or very similar) message sequence struck the system log:

20 September 15:50:36 servermgr_xcode Server [867]: getSetXcodePathProgressWithRequest: {}

control = getSetXcodePathProgress;

currentPercentageCompleteRangeMaximum = 10;

currentPercentageCompleteRangeMinimum = 10;

currentStep = 'Xcode stop server';

percentComplete = 10;

status = running;

}

20 September 15:50:37 Server servermgr_xcode [867]: task completed (State 0)

20 September 15:50:37 Server servermgr_xcode [867]: stderr output for the job:

(4 / 6) [START] stop nginx daemon

(3 / 6) Server [START] stop API

(1 / 6) [START] stop CouchDB

(6 / 6) [START] stop builder

(5 / 6) [START] daemon stop control

(2 / 6) [START] stop repeat

(5 / 6) [END - 0.05 S] Stop control daemon

(1 / 6) [END - 0.05 S] Judgment of CouchDB

(2 / 6) [END - 0.05 S] Stopping repeat

(3 / 6) [END - 0.05 S] Stop server API

(4 / 6) [END - 0.14 S] Stop the nginx daemon

(6 / 6) [END - 0.16 S] Stop generator

A successful!

Total time: 0.32 seconds

20 September 15:50:37 Server servermgr_xcode [867]: launch/usr/bin/xcrun xcscontrol - initialize - build-service-user xcodeserver

20 September 15:50:37 Server servermgr_xcode [867]: wait for task to leave

20 September 15:50:37 Server lsd [961]: LaunchServices: could not store file lsd-identifiers to /private/var/db/lsd/com.apple.lsdschemes.plist

20 September 15:50:37 Server servermgr_xcode [867]: xcscontrol reported progress: (1/29) checking that Xcode is accessible

20 September 15:50:37 Server sudo [1422]: root: TTY = unknown; PWD =; USER = nobody; /Applications/XCode.app/Contents/developer = / usr/bin/file COMMAND

20 September 15:50:37 Server servermgr_xcode [867]: xcscontrol reported progress: (1/29) checking that Xcode is accessible

20 September 15:50:37 Server servermgr_xcode [867]: xcscontrol reported progress: running (4/29) xcode-selector - /Applications/Xcode.app

20 September 15:50:38 Server servermgr_xcode [867]: xcscontrol reported progress: integration of control to prepare (9/29)

20 September 15:50:38 Server servermgr_xcode [867]: xcscontrol reported progress: (11/29) setting up the config for Redis file

20 September 15:50:38 Server servermgr_xcode [867]: xcscontrol reported progress: (12/29) setting up the config for CouchDB file

20 September 15:50:38 Server servermgr_xcode [867]: xcscontrol reported progress: launchd jobs (13/29) system configuration

20 September 15:50:38 Server servermgr_xcode [867]: xcscontrol reported progress: (14/29) creative group for users of service if required

Note : There was a lot of posts like this that I missed:

20 September 15:50:38 syslogd server [69]: notice of Configuration:

ASL Module 'com.apple.AccountPolicyHelper' claims the selected messages.

These messages may not appear in the standard system log files or in the database of the ASL.

20 September 15:50:38 Server servermgr_xcode [867]: xcscontrol reported progress: configuration record (16/29)

20 September 15:50:38 Server servermgr_xcode [867]: xcscontrol reported progress: users of creative services (17/29) if necessary

20 September 15:50:38 Server servermgr_xcode [867]: xcscontrol reported progress: infrastructure configuration of SSL (18/29)

20 September 15:50:39 Server servermgr_xcode [867]: getSetXcodePathProgressWithRequest: {}

control = getSetXcodePathProgress;

currentPercentageCompleteRangeMaximum = 75;

currentPercentageCompleteRangeMinimum = 20;

currentStep = "Configuring SSL infrastructure."

percentComplete = 54;

status = running;

}

20 September 15:50:41 com.apple.SecurityServer [114 Server]: displaying guest Keychain for Applications/Xcode.app/Contents/Developer/usr/bin/xcscontrol(1421)

20 September 15:50:41 Server servermgr_xcode [867]: xcscontrol reported progress: FAILED (18/29): configuration of SSL infrastructure

20 September 15:50:41 Server servermgr_xcode [867]: task completed (Status 5)

20 September 15:50:41 Server servermgr_xcode [867]: stderr output for the job:

(1/29) [START] make sure Xcode is accessible

(1/29) [END - 0.20 S] Make sure Xcode is accessible

Audit (2/29) [START] version of Xcode is supported

(2/29) [END - 0.00 S] Check if the version of Xcode is supported

Developer mode (5/29) [START] if necessary activation

[START] Running (4/29) xcode-selector - /Applications/Xcode.app

(29/3) [START] check if the server version is supported

(3/29) [END - 0.02 S] Check if the server version is supported

Data directories (6/29) [START] creation by default (if they are missing)

(6/29) [END - 0.00 S] Creation of data directories by default (if they are missing)

(7/29) [START] create a symbolic link to the current path of the Xcode application

Access to the repository (8/29) [START] HTTP configuration

Integration of control (9/29) [STARTED] preparation

Access [START] SSH configuration repository (10/29)

(8/29) [END - 0.12 S] Access to the HTTP repository configuration

(7/29) [END - 0.12 S] Create a symbolic link to the current path of the Xcode application

(10/29) [END - 0.12 S] The access to the repository SSH configuration

(11/29) [START] establishing the file config for Redis

(12/29) [START] set up the config for CouchDB file

(13/29) [START] Setup launchd job system

(5/29) [END - 0.16 S] Enabling developer mode if necessary

(9/29) [END - 0.23 S] Preparation of control integrations

(11/29) [END - 0.16 S] Setting up the config for Redis file

(12/29) [END - 0.20 S] Setting up the config for CouchDB file

(13/29) [END - 0.20 S] Launchd jobs system configuration

Group creation [START] (14/29) for users of service if required

Saving configuration [START] (16/29)

(15/29) [START] configuration CouchDB to use all cores

(14/29) [END - 0.02 S] Creation of service if required users group

Users of creative services [START] (17/29) if necessary

(4/29) [END - 0.41 S] Running xcode - select - switch for /Applications/Xcode.app

(15/29) [END - 0.08] Configuration of CouchDB to use all cores

(16/29) [END - 0.33 S] Configuration of the recording

(17/29) [END - 0.52 S] Creation of users of the service if necessary

Configuration of SSL infrastructure [START] (18/29)

(18/29) [END - 3.03 S] FAILED: SSL infrastructure Configuration

Failed: could not export the certificate of the server API: error Domain = =-25308 Security Code 'user intervention is not permitted.' UserInfo = {NSLocalizedDescription = User interaction is not allowed.}

Total time: 4.13 seconds

The service initialization error: could not export the certificate of the server API: error Domain = =-25308 Security Code 'user intervention is not permitted.' UserInfo = {NSLocalizedDescription = User interaction is not allowed.}

20 September 15:50:41 Server servermgr_xcode [867]: response: {}

error = "Xcode Server Configuration has failed (ssl configuration infrastructure)";

errorCode = "-1";

errorDomain = ServermgrXcodeErrorDomain;

errorLocalizedDescription = "Configuration of Xcode Server failed (ssl configuration infrastructure)";

errorLocalizedFailureReason = "failed to install Service in step: Setup ssl infrastructure";

errorLocalizedRecoverySuggestion = "try clicking on choose Xcode and selecting a new version of Xcode or upgrade to a newer version of the server.

errorString = "Configuration of Xcode Server failed (ssl configuration infrastructure)";

status = 1;

}

20 September 15:50:41 com.apple.xpc.launchd [Server 1] (com.apple.dt.XCSDeviceService [1417]): Service not out 5 seconds after SIGTERM. Sending SIGKILL.

20 September 15:50:42 Server servermgr_xcode [867]: getSetXcodePathProgressWithRequest: {}

control = getSetXcodePathProgress;

currentPercentageCompleteRangeMaximum = 75;

currentPercentageCompleteRangeMinimum = 20;

currentStep = "FAILED: SSL infrastructure configuration ';

error = "Xcode Server Configuration has failed (ssl configuration infrastructure)";

errorCode = "-1";

errorDomain = ServermgrXcodeErrorDomain;

errorLocalizedDescription = "Configuration of Xcode Server failed (ssl configuration infrastructure)";

errorLocalizedFailureReason = "failed to install Service in step: Setup ssl infrastructure";

errorLocalizedRecoverySuggestion = "try clicking on choose Xcode and selecting a new version of Xcode or upgrade to a newer version of the server.

errorString = "Configuration of Xcode Server failed (ssl configuration infrastructure)";

percentComplete = 54;

status = FAILURE;

}

This article is interesting:

20 September 15:50:41 com.apple.SecurityServer [114 Server]: displaying guest Keychain for Applications/Xcode.app/Contents/Developer/usr/bin/xcscontrol(1421)

No prompt was displayed at this time. I had to see a real Keychain prompt? In any case, this article seems to be the cause of the problem:

Failed: could not export the certificate of the server API: error Domain = =-25308 Security Code 'user intervention is not permitted.' UserInfo = {NSLocalizedDescription = User interaction is not allowed.}

Help to get the Xcode service backup and race would be much appreciated!

I had this same problem. I typed in the following in the terminal:

sudo /applications/xcode-beta6.app/contents/developer/usr/bin/xcscontrol--reinitialiser

After the reset, I tried to enable the server to Xcode from the macOS GUI server and it worked

How to use Ssh and Https for PC8164 PC5524

Hello!

How to use SSH and Https to connect to PC8164 and PC5524?

Kind regards!

For SSH configuration, we want to watch the 1651 page controls, user guide.

(config) #crypto console key generate rsa

RSA key generation started, it may take a few minutes...

Complete RSA key generation.

#crypto console key (config) generate dsa

DSA key generation started, it may take a few minutes...

DSA key generation complete.

Console (config) #ip ssh server

For HTTPS orders, we look at page 255, 1770-1778, CLI Guide.

generate a crypto certificate of console (config) # 1

Console (config-crypto-cert) #key - generate

output console(config-crypto-CERT) #.

Console (config) # ip http secure-certificate 1

Console (config) # ip http secure server

Manage the 5512 ASA with SSH via VPN

Hello

We are facing problems with ssh access on our ASA5512 on a Site-2-Site VPN tunnel.

SSH seems to be implemented properly, because we can login from inside and outside on both Interfaces.

But when we try to connect the ASA from a remote location with SSH Putty reports a timeout.

We set up a lot of these configurations with ASA5510 and ASA Image 8.x without any problem, so I guess it must have something to do with the new version of the ASA.

The value by defect-rsa-key was generated successfully.

VPN is ok and log viewer shows:

March 21, 2016

10:21:44

302013

192.168.0.100

51682

192.168.1.1

Built of TCP connections incoming 597903 for outside:192.168.0.100/51682 (192.168.0.100/51682) at inside:192.168.1.1/22 (192.168.1.1/22)

That's how we set up the configuration:

the ssh LOCAL console AAA authentication

SSH 192.168.0.0 255.255.255.0 inside (192.168.0.0 is the remote VPN network)

management-access inside

username privilege 15 PASSWORD USER password

We missed something?

Thank you

Best regards

Dennis

Hi Dennis,

The config looks very good.

Are you able to ping inside the interface through the tunnel.

If not can check you the nat for traffic and adds the route search key word.

If you use not all certificates on the SAA you can use the command for related on the SAA rsa keys:

encryption key tied rsa or try to be specific: related encryption rsa label key<>

Try to remove the SSH configuration and reapply.

I would like to know if it works or not. If this isn't the case, then take debug ssh 255 and part.

Kind regards

Aditya

Please evaluate the useful messages.

Setting up SSH on a 3845 router?

Hello everyone!

Just curious, how you set up SSH on a router cisco 3845? Specifically, how to generate RSA keys?

It seems to be missing the subcommand "generate" to crypto. When I type the encryption key the only sub-commands are lock and unlock. I am familiar with this and do not want to disturb too much as it is a production company.

I'm under c3845-spservicesk9 - mz.124 - 11.T2.bin so I should have the possibility, Yes? Any guidance would be appreciated. I really prefer is not to use telnet.

you have k9 image, it should support crypto commands, are you sure you were in the configuration mode?

try again.., here is a link to configure ssh in IOS.

http://www.Cisco.com/en/us/Tech/tk583/tk617/technologies_tech_note09186a00800949e2.shtml

way to do this is to open telnet sessions to the router, in one sitting, be in the activation mode and the leash the open session. On the other telnet session works with the SSH configuration application. When you are done does not save the config, leave the session and open a new session using ssh to ensure that you can connect and the connection to the router via ssh... If for any reason fails, you still have the other open telnet session to cancel the ssh change or correct them.

also to ensure that telnet sessions do not timeout so that work with configs allow you more time by entering exec-time 60<-- one="" hour="" for="" your="" vty="">

line vty 0 4

exec-timeout 60

You can also do full ssh implementation via the console port as well.

Concerning

All helpful PLS rate messages if this can help

PIX telnet/ssh access to the VPN Lan2Lan

Scenario of several Lan - Lan IPSEC VPN between PIX F/Ws.

I need to remotely access / these PIX via Telnet/SSH & would prefer to do it through the VPN tunnel.

NB, I tried telnet/ssh configuration for both inside/outside of my source but can't hit the PIX.

Because the Tunnel is actually inside-inside I'm trying to connect to the inside interface of the pIX.

You can do it now in 6.3 code with the command "access management". See http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/cmdref/mr.htm#1137951 for more details.

The Management Agent is not configured correctly. How should I do?

Hello
We have a number of constraints to exploit our SGD server:
1. SGC is not connected to the internet.
2. We do not have a user of the host, or a tunnel ssh configured.
I sent an agent manually using agentDeploy.sh, but I encountered a problem with the stage of the officer course (I had the wrong password).
The deployment of the agent stopped there. So, I went to ensure the agent manually.

However, I see that I have no plugins installed. I continued as another deployment, , but it's where I reached my limit::
```
./emcli deploy_plugin_on_agent -agent_names="pdbhost01.company.net:3872" -plugin="oracle.sysman.db"
Prerequisites check failed
For agent : https://pdbhost01.company.net:3872/emd/main/
        The Management Agent is not configured properly. The required host target is not found.
```
I was wondering if it was possible to:
1. Continue the configuration of the agent: what would the step set up the target host?
2. Re-install the agent: what should I do to uninstall it, since I can't do OEM?
Thank you.

You are right. SGD is installed correctly.
We have installed a RAC recently and I'm working on obtaining controlled put up for her.

It took me some time to find the document to help me with this particular problem. It comes to keywords!

That's what helped me to goback on track:

EM 12: Plugin on the deployment Agent of reports 'Agent is incorrectly configured. Requested property not found. "(Doc ID 1541823.1)

I can a little more that necessary, since these steps, I deleted then deleted repository of the WHO agent_inst agent and ran emcli with the Configonly option. As follows:

$/sysman/install/agentDeploy.sh AGENT_BASE_DIR = OMS_HOST = EM_UPLOAD_PORT = AGENT_REGISTRATION_PASSWORD 14511 example.com = 2bornot2b - configOnly

Thank you for your response and time ODatabse_Guy.

retrieve the sshd_config configuration

Hello
I tried to set up passwordless ssh access.
I made a mistake:
/ etc/ssh/Keys-root/authorized_keys-> with my Linux id_dsa.pub
sshd_config-> ChallengeResponseAuthentication no
mkdir /.ssh/authorized_keys (copied from/etc/ssh...)
restart SSH /etc/init.d
... snipped...
debug1: authentication that continue: publickey
debug1: next authentication method: public key
debug1: trying private key: /home/aarquint/.ssh/id_rsa
debug1: offering public DSA key: /home/aarquint/.ssh/id_dsa
debug1: authentication that continue: publickey
debug1: trying private key: /home/aarquint/.ssh/id_ecdsa
debug1: trying private key: /home/aarquint/.ssh/id_ed25519
debug1: no authentication method more to try.
Permission denied (publickey).
How can I get ssh configuration? ' cos I can't connect. Lockout :-(
Help, please
S5

I figured it be myself ;-)

Simply plug DCUI and press 'ALT + F1' and you immediately get shell access.

Registered

Setting UP SSH without PASSWORD fails during the installation of the grid

Hello
The operating system and the virtual machine configuration:
There are 2 physical Oracle servers base (model # 2 - Oracle SPARC Solaris 11.1, T4). On both machine 'Oracle VM for SPARC' software is installed and logical domains are configured with Solaris 11.1. Oracle RAC 2 node cluster is currently Setup between the logical field in each of the servers.
Objective:
We plan to install and configure Oracle RAC 11 g R2 (11.2.0.4) on two machines of Oracle VM. Control script of pre-installation (runcluvfy.sh) on the RAC node is completed without errors/warning.
Question:
During the installation of oracle grid infrastructure, SSH configuration failed and on the shell prompt shows JVM CRASH LIB...
I'm not able to install RAC because of this problem.
Your suggestions/help will be greatly appreciated.
Thank you.

Support of Oracle suggested to commented LD_LIBRARY_PATH to the grid user profile

So I think that you should continue to discuss with Oracle Support.

They are more that we know.

Concerning

Mr. Mahir Quluzade

Without password ssh does not work but the ACR is fine!
Version: 11.2
Operating system platform: AIX 6.1

Background:
For stand-alone installations DB, we use the oracle of the LDAP user as the owner of the Oracle software. This oracle user is not in/etc/passwd

For the CAR, a local user of oracle is mandatory and we created and installed grid and DB several months ago. Everything worked. Today when I made a ssh of Node1 Node2, is asking for password oracle. IE Passwordless ssh does not work

I have connected to the instance1 and ran
```
select instance_name, host_name from gv$instance;
```
This is the list of instance names and host names. How is the feature CAR is still intact without SSH without password?
Hello

So, what you are implying, is that, user equivalence is required for Installation, but not so required for the feature CARS. Right?

RAC will work without problem and CARS not use SSH, but resource "ora.cvu" of Oracle Clusterware using SSH for healthcheck.
When you run '. " "/ cluvfy" is mandatory you have ssh configured with equivalence of the user, the 'ora.cvu' resource is "cluvfy.

So, if someone deletes the directory .ssh mistakenly Oracle $HOME, RAC feature pourrait still work?

Yes... CARS doesn't always work. SSH and Oracle Clusterware, Oracle Clusterware also still works without problem, have a low dependency.

As RAC FAQ mentioned is mandatory present an equivalent user (ssh, etc.) set up after the installation of the PAP/GRID.

Kind regards
Levi Pereira

Published by: Levi Pereira December 14, 2011 12:42

The upgrade device VSM of the EPA at the GA

Hi all

I'm missing something. I need to upgrade a VSM of... 169 to... 179. pretty easy, the documentation says SSH in to allow it. However, everything I make PuTTY is working in the menu and these seem to be shell commands any. SCP does not work either.

SSH root @[address IP of VSM device] "(sed-i de ^ echo \"Upgrade Disabled\ "^ applianceUpdate;)" echo"press on [enter] to continue... "; (Entrez lire ^ g' /usr/local/asmve/plugin/setup.sh) ".

So I > PuTTY [email protected] and get a menu

If I > [email protected] Putty and add the entire string, I get an error.

CTRL-C, pause, etc. do not appear to clear the menu and lead me to a command prompt

What Miss me?

Charlie

I had the same problem and thought of it.

Putty, to enter

(sed-i of ^ echo \"Upgrade Disabled\" ^ applianceUpdate; echo "press on [enter] to continue..." ") « ; Enter read ^ g' usr/local/asmve/plugin/setup.sh)

under the connection, the page of SSH configuration in the remote command: field blank.

As long as you already have the IP entered in the Session page, you can hit open on the page of connection/SSH.

It should appear in the Terminal, enter your login and password and the windows terminal is close instantly.

Worked for me, once I figured out that the command could not be entered in any other way.

Again, you must put the remote command in Putty before establishing the connection with the device.

Defense Center blocks Openssh

Hello world

I'm trying to ssh from my PC box.

The flow of traffic through the Internal interface sensor in - inside out.

When I check on DC I see ssh connection as Intrusion event

Impact 2

Message ssh_event_respoverflow(128:))

When I go to events by priority and rank, it shows

Political intrusion - C1

-Intrusion Prevention default access control policy

Internal IP - access control rule

Need to know how I can fix this problem?

Concerning

Mahesh

Hello Manu,

What version of Sourcefire Defense Center do you use?

It seems that your SSH preprocessor (GID 128) hit when it detects the SSH connection. You can view or change the behavior of the SSH preprocessor.

In version 5.4, you can manage thought the following menu:
```
 Policies -> Access Control -> Network Analysis Policy
```
Then, to change your 'network policy analysis' (remember to edit the right thing), then click on 'Settings' in the navigation panel on the left and select "SSH Configuration.

In version 5.2, you can manage it through the following menu:
```
 Policies -> Intrusion -> Intrusion Policy
```
Then, to change your strategy of intrusion and click "Advanced settings" in the navigation panel on the left. Now, in the right panel, change "SSH configuration.

You should read the online help to understand each options for the preprocessor "SSH" and finally understand why the drop occurred on your SSH connection.

Or, for testing, you can try to disable the rules by using the following in your intrusion policy filter:
```
 GID:"128"
```
Best regards

Integration with the PIX IDS firewall

I read the Release Notes for Cisco Intrusion Detection System Sensor Version 3.0 S4 (1), and tripped on the new features of this version it pretends the integration with the PIX firewall

How do implement you this? What kind of integration offer?

Instructions for the sensor and the basic configuration of PIX can be found here:

http://www.Cisco.com/univercd/CC/TD/doc/product/iaabu/csids/csids8/13870_01.htm#xtocid23

Instructions for sensor and PIX SSH configuration can be found here:

http://www.Cisco.com/univercd/CC/TD/doc/product/iaabu/csids/csids8/13870_01.htm#xtocid16

You can configure the sensor to connect to the PIX via telnet when

using the PIX inside interface, otherwise you have to use SSH.

SSH with 3des encryption is supported in version 3.0 or later

sensors for connections of PIX.

Warning: If you use telnet with a version 6.2.1 or PIX more late or if

you want to use SSH with encryption on any PIX, so you

need a patch for your sensor. If so, open a case of TAC and demand

the latest version of nr.managed engineering. Reference

[email protected] / * / for any question.

SSH Configuration

Similar Questions

Maybe you are looking for