Monitoring solaris server without installing any plugin
Mrutyunjaya Dash
mdash at juniper.net
Fri Feb 24 14:05:34 CET 2006
Hi Peter,
I followed the steps as explained by you to configure the monitoring and
monitored host for the trusted ssh communication. But still if I do ssh
to the monitored host from the monitoring host, it is prompting for the
password. Might be something wrong somewhere I am doing.
Regards,
Dash
-----Original Message-----
From: nagios-users-admin at lists.sourceforge.net
[mailto:nagios-users-admin at lists.sourceforge.net] On Behalf Of Peter L.
Berghold
Sent: Thursday, February 23, 2006 10:11 PM
To: James E. Pratt
Cc: nagios-users at lists.sourceforge.net
Subject: Re: [Nagios-users] Monitoring solaris server without installing
any plugin
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
James E. Pratt wrote:
> Hi i have a similar problem where no matter how i try and compile on
> either sol8 or sol9 (sparc) using the software from sunfreeware (gcc,
> openssl etc etc), i just cannot get NRPE ssl handshakes to work via
> inetd... I've tried everything, and triple-checked everything
countless
> times, but always get the "Failed to complete ssl handshake" message..
>
> Can anyone give me any insight, or has seen this issue before?
I've seen this in a couple of different cases:
1) trust relationship between the nagios user on the monitoring
host and the monitored host is not set up.
To do this you need to generate a pair of ssh keys. I always (and I
forget why) generate both a dsa key and an rsa key. To do this is
pretty simple:
a) log in as the user nagios on your monitoring host.
b) run ssh-keygen -t rsa ; and answer the questions/prompts
accordingly.
c) run ssh-keygen -t dsa ; and do the same as (b)
d) cd ~/.ssh
e) cat *.pub > exported-keys.txt
f) scp exported-keys.txt nagios at monitored-host:
(note the trailing colon (:) above)
g) log on as nagios on the monitored host.
f) cat exported-keys.txt >> .ssh/authorized_keys
g) cat exported-keys.txt >> .ssh/authorized_keys2
Now, having said all that one of the shortcuts I have on some of my
systems is authorized_keys and authorized_keys2 are the same file with
one of them being a sym-link to the other.
2) no SSH on the monitored host at all
Well.. put it there and and then follow the steps above.
3) nrpe is not being started from inetd (xinetd) AND is not
running as a daemon.
Then you need to either configure inetd (xinted) accordingly or enable
nrpe to be started up from init during system reboot. (or start it
manually... whatever floats your boat.)
Clear as mud?
- --
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
Peter L. Berghold Peter at Berghold.Net
"Those who fail to learn from history are condemned to repeat it."
AIM: redcowdawg Yahoo IM: blue_cowdawg ICQ: 11455958
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Using GnuPG with Red Hat - http://enigmail.mozdev.org
iD8DBQFD/eWPUM9/01RIhaARAvMzAJ9m01XznSLrU8ZLoEXsZxcKGrAm0gCfch6J
hlNIo7ZI9dw6usurIkonkJA=
=dEf8
-----END PGP SIGNATURE-----
-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid�0944&bid$1720&dat�1642
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list