check_by_ssh

Andreas Ericsson ae at op5.se
Tue May 4 11:41:32 CEST 2004

Previous message: check_by_ssh
Next message: alerts not been sent
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

David Peer wrote:
> Can some help about to create the non-interactive login to remot host using 
> check_by_ssh.
> 
> all the keys i have generated didn't help me.
> 
> After all that the remot host tells me :
> 
> Connection closed by 10.1.235.19
> 
Let's make a few assumptions here. Your Nagios server is called HostA, 
and the user nagios is running as is called UserA. The server you want 
to monitor is called HostB, and the user you want to run the check as is 
called UserB.

On HostB:
In your /etc/ssh/sshd_config (or wherever your distro places it) make 
sure these lines are present and uncommented;

Protocol 2
PubKeyAuthentication yes
AuthorizedKeysFile %h/.ssh/authorized_keys

Protocol can actually read 1,2 or 2,1 as well, as long as the 2 is in 
there somewhere. When these changes are done, restart the ssh server 
(not required if run from inetd or xinetd).

On HostA:
Make sure the /etc/ssh/ssh_config (or wherever your distro places it) 
contains the following lines. They are somewhat default, but depend a 
bit on compilation options and your distro might do things differently, 
so it's best to enable it specifically;

IdentityFile ~/.ssh/id_dsa
Protocol 2

Protocol can actually read 2,1 as well (but not 1,2 since client selects 
protocol by order).

On HostA, as UserA, run this command
ssh-keygen -t dsa -b 768
and slam enter three times.
Still on HostA, as UserA, run this command
scp ~/.ssh/id_dsa.pub UserB at HostB:.ssh/authorized_keys
and enter the password.

Now, test it with running
ssh UserB at HostB
and you MUST be logged in without entering a password. If not, you 
haven't followed instructions correctly or either the ssh-client on 
HostA or ssh-server on HostB is unable to handle SSHv2 protocol.

> Thanks  
> 
You're welcome.

-- 
Mvh / Best Regards
Sourcerer / Andreas Ericsson
OP5 AB
+46 (0)733 709032
andreas.ericsson at op5.se

-------------------------------------------------------
This SF.Net email is sponsored by: Oracle 10g
Get certified on the hottest thing ever to hit the market... Oracle 10g. 
Take an Oracle 10g class now, and we'll give you the exam FREE.
http://ads.osdn.com/?ad_id=3149&alloc_id=8166&op=click
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Previous message: check_by_ssh
Next message: alerts not been sent
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list