Category Archives: Maintenance

Unused accounts

Two years and a couple of months ago Prosody’s hashed backend has been activated. Users that have logged in since automatically started using the security improvements it brought (hashed passwords on the server).

Users that haven’t logged in since still have their (old, unhashed) password file on the server and likely don’t use the service anymore. While I usually don’t see a reason to remove accounts at server level (users have the ability to delete their accounts themselves), I see one in this case as it removes the possibility for someone who gained unauthorized access to the server to gain possession of those unprotected password files.

If you haven’t logged in for more than two years and would like to keep your account, simply log in during the next ~30 days. Thank you.

A couple of certificates need to be renewed

I’m working on renewing the certificates. The new ones should be StartSSL™ Verified, which brings a couple of advantages (valid for two years, multiple domains in one cert etc.) and a slight disadvantage (they are not free anymore).

Update: The new certificate is in place. It’s valid for 2 years and has the following fingerprints:
SHA1: A8:22:15:A3:18:3D:AF:07:43:24:9C:9E:83:95:50:AC:15:17:90:53
MD5: D4:2F:D9:5F:70:BC:FD:AA:C4:EB:8F:F5:63:10:BA:3D

Certificate renewal – thiessen.im

A certificate will be replaced this week since it has been expired.

This is a list of fingerprints in order to make sure you know it’s safe to accept the new one:

thiessen.im:
SHA1 Fingerprint=9F:57:4E:D7:14:74:8B:99:C7:57:5D:DD:DF:79:DE:34:27:FF:61:8A
MD5 Fingerprint=93:B2:7E:AB:C2:6D:05:F0:50:20:89:9C:7B:FD:97:4B

This post will be updated once the new certificate is in place. As always, please let us know if you encounter any kind of problems.

Update: Done

Certificate renewal

A couple of certificates will be replaced today since they have been expired.

This is a list of fingerprints in order to make sure you know it’s safe to accept the new ones:

thiessen.it and im.thiessen.it:
SHA1 Fingerprint=B6:61:1A:41:6E:94:1F:11:C1:CD:53:EE:66:BB:DF:36:B9:1E:BA:01
MD5 Fingerprint=35:D0:93:20:86:89:A5:4D:FE:5F:F6:E8:7F:3F:80:B0

jabber.thiessen.it:
SHA1 Fingerprint=5D:72:1C:D2:15:5A:64:5C:73:9A:68:6A:04:4C:A0:3E:B3:BD:29:D0
MD5 Fingerprint=28:81:BD:CB:0E:68:08:1F:E9:B5:6B:1F:C2:A7:47:CB

thiessen.org:
SHA1 Fingerprint=0F:C4:17:FE:1D:CB:46:0E:39:A8:BF:69:F3:87:8D:57:4E:B8:42:EC
MD5 Fingerprint=8C:FA:B4:E8:2B:41:02:0C:61:2E:83:47:7B:7F:6A:CB

This post will be updated once the new certificates are in place. As always, please let us know if you encounter any kind of problems.

Update: The new certificates have been applied.

Planned maintenance work

The provider hosting our machines recently informed us about planned maintenance work. We expect they won’t be reachable a couple of times during late night hours CET (UTC +1).

Tonight this will affect de2.xmpp.thiessen.org which is currently hosting:

  • thiessen.im and its conference
  • thiessen.org
  • conference.spectrum.im

On sunday, november 1st de1.xmpp.thiessen.org will be affected which is currently hosting:

  • thiessen.it and its subdomains jabber.thiessen.it and im.thiessen.it
  • icq.im.thiessen.it
  • msn.im.thiessen.it

We are sorry for the inconvinience.

Planned downtime on Saturday, August 29 (Server Migration)

On Saturday, August 29 between 11:00 pm and 12:00 midnight (CEST) we will switch from ejabberd to Prosody.
We are also upgrading the host system from Debian Etch to Debian Lenny.

During this window, the domains thiessen.it, im.thiessen.it and jabber.thiessen.it won’t be available.

If you have any questions or encounter problems after the migration process
please join our support channel.

Update: Please login using your username in lowercase. Fixed, thanks Tobias Markmann.

Maintenance work on Tuesday, June 2

On Tuesday, June 2 between 8:00 am and 9:00 am (CEST) we will be performing maintenance work in our production environment.

During this window, the ‘thiessen.it’ domains won’t be available.

Update: The service is back up and running. From now on the ‘thiessen.it’ domains also listen on port 80 and 443. Please notify us if you encounter any problems.

ejabberd update (2.0.4 -> 2.0.5)

Today we updated ejabberd to version 2.0.5 which has been released on april, 3rd. We didn’t encounter any problems during the process.

The main changes are:

  • Fix two problems introduced in ejabberd 2.0.4: subscription request produced many authorization requests with some clients and transports; and subscription requests were not stored for later delivery when receiver was offline.
  • Fix warning in expat_erl.c about implicit declaration of x_fix_buff
  • HTTP-Bind (BOSH): Fix a missing stream:error in the returned remote-stream-error stanza