NRPE: Could not complete SSL handshake

Andy Shellam andy.shellam-lists at mailnetwork.co.uk
Sun Apr 8 16:11:55 CEST 2007


Hi Hugo,

I've ran tcpdump to only capture packets on port 5666, and I can confirm 
that there is only my Nagios server talking to NRPE on the FreeBSD 
machine.  I've ran it until I saw one of these such errors in the logs, 
and tcpdump reported 2 conversations from my Nagios server to NRPE, so I 
can confirm it is my Nagios server that's trying to communicate.

However I've just realised what this is - I have a tcp check which looks 
to see if the NRPE agent is up and running (with other NRPE-based 
services set up as a dependency of it, so if NRPE goes down I don't get 
a flood of notifications.)  The check uses check_tcp to connect to port 
5666 then exits.  NRPE reports this as an SSL handshake failed, because 
it's connecting then disconnecting without doing anything!

Thanks for the help, at least I know what it is now!

Andy.

Hugo van der Kooij wrote:
> On Sun, 8 Apr 2007, Andy Shellam wrote:
>
>   
>> Yes, and the last log entry was at 05:56 this morning when one of my
>> client servers was rebooted.
>>
>> Can I just stress that NO checks within Nagios are failing.  ALL checks
>> that use NRPE are currently sitting with an OK state.  This is not
>> causing a problem with any checks, that's why I want to know what's
>> causing this error to be logged every 5 minutes when there's no problem
>> anywhere.
>>
>> It's almost as if there's another Nagios server somewhere trying to talk
>> to my 3 machines - but I know this isn't the case because there's a
>> firewall on one of them that only allows my Nagios server on that port.
>>     
>
> Be careful about what you 'know'. Assumptions have a tendency to backfire 
> when you least expect it.
>
> Can you run tcpdump on the machine and let it collect for something like 
> 10 minutes? It may show you the source of the unexpected connection.
>
> Hugo.
>
>   


-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null





More information about the Users mailing list