NRPE: Could not complete SSL handshake. 1

Peter Kaagman p.kaagman at atlascollege.nl
Wed May 21 13:49:03 CEST 2003


Hi there list,

After writing my own, simple, pingtest script in perl someone told me
"Why not use nagios". Looked at it and decided to throw out my own script
and started setting up nagios.

I've come a long way..... at least I believe so :D

I've got a slack 9.0 box with nagios-1.0 and plugins. Local services run
well. So do remote checks lile ping and http.

Even got the remote commands working after I gave nobody permission to
write to the var/rw directory.

So I started working on checking private resources on remote hosts.
Installed check_nrpe on the local hosts as follows.....

root at sysop-2:/usr/local/nagios/libexec# ls check_nrpe -l
-rwxr-xr-x    1 nagios   nagios     125467 May 21 11:26 check_nrpe*
root at sysop-2:/usr/local/nagios/libexec#

Made a command entry in etc/misccommands.cfg as follows
# check-nrpe command
define command{
        command_name    check_nrpe
        command_line    /usr/local/nagios/libexec/check_nrpe -H $HOSTADDRESS$ -c $ARG1$
        }

and made an entry in etc/services.cfg
# Service definition
define service{
        use                             generic-service
        host_name                       ntcsg2
        service_description             Total Processes
        is_volatile                     0
        check_period                    24x7
        max_check_attempts              3
        normal_check_interval           5
        retry_check_interval            2
        contact_groups                  cb-admins
        notification_interval           240
        notification_period             24x7
        notification_options            w,u,c,r
        check_command                   check_nrpe!check_total_procs
        }

Installed check_nrpe on the remote host as follows

placed the binairy in /usr/sbin
root at ntcsg2:/etc# ls -l /usr/sbin/nrpe
-rwxr-xr-x    1 root     root       138887 May 21 11:43 /usr/sbin/nrpe*
root at ntcsg2:/etc#

placed the nrpe.cfg in /etc
root at ntcsg2:/etc# ls -l /etc/nrpe.cfg
-rw-r--r--    1 nagios   nagios       5134 May 21 11:59 /etc/nrpe.cfg
root at ntcsg2:/etc#
(There was a mention off a same sort off error in the mailing list
archive, so I changed ownership off this file to nagios.nagios)

I made sure there was a command check_total_procs in this file
root at ntcsg2:/etc# grep check_total_procs nrpe.cfg
command[check_total_procs]=/usr/local/nagios/libexec/check_procs -w 150 -c
200
root at ntcsg2:/etc#

Added nrpe to services
root at ntcsg2:/etc# grep nrpe services
nrpe            5666/tcp   # NRPE, Nagios remote daemon
root at ntcsg2:/etc#


and made an entry in /etc/inetd.conf
root at ntcsg2:/etc# grep nrpe inetd.conf
nrpe stream tcp nowait nagios /usr/sbin/tcpd /usr/sbin/nrpe -c
/etc/nrpe.cfg --inetd
root at ntcsg2:/etc#

Offcourse I restarted inetd :D

I did not bother with tcpwrappers yest, hosts.deny does not have an nrpe
entry so I should be in the clear.

>From the commandline on the localhost it seems to work......
root at sysop-2:/usr/local/nagios/libexec# ./check_nrpe -H ntcsg2 -c
check_total_procs
OK - 108 processes running
root at sysop-2:/usr/local/nagios/libexec#


But in the interface (and in the email I got) nagios states the remote
hosts refused the connection.

On the remote hosts I find the following entry in /var/log/syslog
root at ntcsg2:/etc# grep nrpe /var/log/syslog
May 21 12:34:11 ntcsg2 nrpe[19464]: Error: Could not complete SSL
handshake. 1
May 21 12:44:55 ntcsg2 nrpe[19502]: Error: Could not complete SSL
handshake. 1
root at ntcsg2:/etc#

I guess this has something to do with my problem, hence the title off this
post :D

Any help??

regards

Peter Kaagman

p.kaagman at atlascollege.nl
bilbo at nedlinux.nl
-- 
Air is water with holes in it


-------------------------------------------------------
This SF.net email is sponsored by: ObjectStore.
If flattening out C++ or Java code to make your application fit in a
relational database is painful, don't do it! Check out ObjectStore.
Now part of Progress Software. http://www.objectstore.net/sourceforge
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null





More information about the Users mailing list