Well as you might notice from my message the keybased authentication is working well, no problem but I wasn't using sudo so I tried adding that line to my sudo config with no success. It still asks for a passphrase or password when I use check_by_ssh but if I "ssh remotecomputer" I go right in or if I scp so that seems to be working well but something about check_by_ssh isn't seeing the key exchange or something. I went ahead and generated an rsa key and tried that as well and still I can ssh or scp into the boxes passwordless but not with check_by_ssh
Any ideas? James wrote: > Robert Cole wrote: >> I tried the multiple v's: >> >> [EMAIL PROTECTED] ~ $ /usr/nagios/libexec/check_by_ssh -H remotecomputer -i >> -vvvv ~/.ssh/id_dsa -C "/usr/nagios/plugins/check_swap -w 50% -c 10%" >> Enter passphrase for key '/home/nagios/.ssh/id_dsa': >> [EMAIL PROTECTED]'s password: >> >> Didn't give me anymore output but as I mentioned doing it via just >> ssh works: >> >> [EMAIL PROTECTED] ~ $ ssh -i .ssh/id_dsa remotecomputer >> "/usr/nagios/plugins/check_swap -w 50% -c 10%" >> SWAP OK - 100% free (1996 MB out of 1996 MB) |swap=1996MB;998;199;0;1996 >> [EMAIL PROTECTED] ~ $ >> >> -rw-r--r-- 1 nagios nagios 615 Jun 8 07:03 authorized_keys >> -rw------- 1 nagios nagios 736 Jun 8 05:12 id_dsa >> -rw-r--r-- 1 nagios nagios 614 Jun 8 05:12 id_dsa.pub >> -rw-r--r-- 1 nagios nagios 1270 Jun 15 10:21 known_hosts >> >> and I did try doing /home/nagios/.ssh/id_dsa and it didn't make a >> difference. It looks like a problem with check_by_ssh itself doesn't it? >> > here's the exact procedure i use for check_by_ssh > > 1. As root user on nagios server: > shell> sudo -u nagios ssh-keygen > create the rsa keys in /home/nagios/.ssh/id_rsa > make sure when prompted to put a password to user you leave it blank > > 2. As root user on nagios server: > shell> sudo -u nagios ssh [EMAIL PROTECTED] > This will give the remotehost the signature of the local nagios > user in the machine. > > 3. As user on remote host: > shell> ssh-keygen > create the ssh keys in /home/user/.ssh/id_rsa > shell> touch /home/user/.ssh/authorized_keys2 > > 4. Copy identity key from nagios server to remote host: > From nagios server: > shell> scp /home/nagios/id_rsa.pub [EMAIL PROTECTED]:/home/user/ > <mailto:[EMAIL PROTECTED]:/home/remotecmd/> > From remote server: > shell> cat /home/user/id_rsa.pub >> /home/user/.ssh/authorized_keys2 > > As root on remote server: > shell> visudo > Now enter the sudo line for user to the command you wish nagios to > run: > Example: > user ALL = NOPASSWD: /usr/local/nagios/libexec/check_ping > > 5. Make a new Nagios command: > /usr/local/nagios/libexec/check_by_ssh -H $HOSTADDRESS$ -l user -i > '/home/nagios/.ssh/id_rsa' -C 'path of nagios plugin on remote host' > Example: > /usr/local/nagios/libexec/check_by_ssh -H $HOSTADDRESS$ -l user -i > '/home/nagios/.ssh/id_rsa' -C \ > '/usr/local/nagios/libexec/check_graph_uptime.pl -H $HOSTADDRESS$ > -C $ARG1$ -g -f -w -S $ARG2$ -c $ARG3$' > > ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
