NPRE Could not complete SSL handshake.

Tom Trelvik tom at trelvik.net
Thu Aug 24 23:30:28 CEST 2006

Previous message: Showing Down but all service indicators are green
Next message: NPRE Could not complete SSL handshake.
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I'm trying to add some NRPE checks on a couple new remote hosts.  On
the first I tried, I ended up getting this error:

CHECK_NRPE: Error - Could not complete SSL handshake

Googling that quickly turned up this:

http://www.nagios.org/faqs/viewfaq.php?faq_id=191

And made me realize I was allowing the wrong IP in /etc/xinetd.d/nrpe,
and everything started working fine after I'd fixed that.  But when I
moved on to the next host, I got the same problem again, and it's
definitely not the IP this time.  I'm using the same versions on both
ends, so I believe I can rule out solutions 1 & 2.
/etc/xinetd.d/nrpe, /etc/nagios/nrpe.cfg, /dev/random, and
/dev/urandom are all owned by root but world readable, so I don't
think it's a permissions problem.  Which brings me back to solution 5,
the IP.

So I tried changing the allowed IP to localhost, and then did a
"telnet localhost 5666".  That connected, and then waited for input
from me.  But when I changed it back to my nagios monitoring host, and
tried "telnet remotehost 5666" from my nagios host, it established a
TCP connection just fine, but immediately reported "Connection closed
by foreign host" (which is the same behavior I get when trying it from
a disallowed host).  (And yes, I'm restarting xinetd between these
changes.)

For comparison, I tried telneting to port 5666 on the host I set up
just before this one, which is working, and there the connection was
established and then it waited for input from me, as it had in my
localhost test.

Can anybody suggest why it might be immediately closing the
connection, despite the IP being accurate?

Nagios was installed via apt on a Debian system, and npre &
nagios-plugins were installed via rpm on RHEL3 systems.

Thanks a ton!

Tom

-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Previous message: Showing Down but all service indicators are green
Next message: NPRE Could not complete SSL handshake.
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list