Karl et al, Thanks for your mails. In the end like you suggested I have implemented checks_by_ssh using null passphrases and all is working well. Many thanks Matthew ____________________________________________ <table width=100%> <tr valign=top> <td width=40%>Karl DeBisschop <karl@debisschop.net> Sent by: nagios-users-admin@lists.sourceforge.net 01/04/2003 03:45 <td width=59%> <table width=100%> <tr> <td> <div align=right>To</div> <td valign=top>"Carroll, Jim P ""[Contractor]" <jcarro10@sprintspectrum.com> <tr> <td> <div align=right>cc</div> <td valign=top>Nagios Users <nagios-users@lists.sourceforge.net> <tr> <td> <div align=right>Subject</div> <td valign=top>RE: [Nagios-users] nrpe questions</table> <table> <tr valign=top> <td> <td></table> </table> <tt>On Mon, 2003-03-31 at 12:48, Carroll, Jim P [Contractor] wrote: > If it's an option, why not set up a null passphrase for ssh for nagios > itself? That way, you don't need to pass the passphrase to > check_by_ssh. > > jc > > -----Original Message----- > From: Matthew.Quinney@hollandandholland.com > [mailto:Matthew.Quinney@hollandandholland.com] > Sent: Monday, March 31, 2003 4:35 AM > To: Nagios-Users > Subject: Re: [Nagios-users] nrpe questions > > > Dear All, > > Does anybody know if the check_by_ssh command can be > configured to use a passphrase ? I have found some old links > on the web but unfortunately they do not work. FWIW, when I wrote it I made no provision to pass any such thing on the command line. You cannot depend on any such construct being secure from an ordinary user. You can, however, ensure that your filesystem permissions do keep an ordinary user fron viewing the private key owned by the nagios user. Thus, the intended mode of operation is to use secured, passpharseless keys. Short of using 'expect' or a similar mechanism, I do not know of a way to securely provide a passphrase to check_by_ssh. I consider expect in this case to provide a minimal increment of security (in that it still all comes down to how well you protect your files from intruders) but a major increase in administrative work. Thus I have not made any provisions to support it. If you do know of portable and secure way to pass in a pasphrase, I would be willing to consider it. But failing that, the answer is no, there are no provisions for providing a passphrase, and any way that you find to do so would be accidental. -- Karl ------------------------------------------------------- This SF.net email is sponsored by: ValueWeb: Dedicated Hosting for just $79/mo with 500 GB of bandwidth! No other company gives more support or power for your dedicated server http://click.atdmt.com/AFF/go/sdnxxaff00300020aff/direct/01/ _______________________________________________ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null _____________________________________________________________________ This e-mail has been scanned for viruses by the uuNet Internet Managed Scanning Service - powered by MessageLabs. </tt>