check_ssh causing log errors on remote servers?

[Ian Chard]

On 03/01/07 16:27, Hari Sekhon wrote:
> I've got check_ssh running against all my *nix boxes, but I have a 
> steady stream of the following in my logs from those servers
> 
> sshd[2742]: Connection closed by ::ffff:192.168.x.x
> sshd[2746]: fatal: Read from socket failed: Connection reset by peer
> sshd[2768]: Connection closed by ::ffff:192.168.x.x
> 
> There are many "Connection closed by..." logs (one for each nagios check 
> every 3 mins by the look of it) with the odd "Read from socket failed" 
> log in between these, roughly after every 10-20 connection closed logs.

This is because check_ssh doesn't actually do any negotiation with the
sshd at the other end.  It just connects, gets the version string sent
by sshd, and disconnects.  Your sshd is moaning that the client
disconnected before entering into an ssh dialogue.

The broader point, I suppose, is that check_ssh only checks that sshd
returns a valid version string.  It doesn't check if, for example, sshd
is misconfigured in such a way as will prevent authentication.

- Ian

-- 
Ian Chard, Senior Unix and Network Admin  |  E: ian.chard at sers.ox.ac.uk
Systems and Electronic Resources Service  |  T:  80587 / (01865) 280587
Oxford University Library Services        |  F:          (01865) 242287

-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys - and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null