Re: [Nagios-users] nrpe won't connect - contradictory messages in log

Wed, 29 Jul 2009 08:07:55 -0700 

Dear Richard,

Thanks for maintaining that. Think I've found a new way to have it go wrong:

---
CHECK_NRPE: Error - Could not complete SSL handshake

This error message could be due to several problems:

1) Different versions.  
   - No, same, compiled from the same source, on identical machines with Ubuntu 
Hardy LTS.

2) SSL is disabled. 
   - No. SSL compiled in both. Daemons started from command line with basic 
switches.

3) Incorrect file permissions. Make sure the NRPE config file (nrpe.cfg) is
   readable by the user (i.e. nagios) that executes the NRPE binary from
   inetd/xinetd. (also rare)
   - Okay, they were owned by root. But changing that to the nagios user and
     restarting doesn't fix it. And I'm not using inetd/xinetd, but running
     standalone daemons

4) Pseudo-random device files are not readable.
   - /dev/urandom and /dev/random are both world readable

5) Unallowed address. 
   - Well, yes according to the client log:

   /var/log/syslog:Jul 29 10:47:16 firewall2 nrpe[11123]: Allowing connections 
from: 127.0.0.1, 192.168.250.1
   /var/log/syslog:Jul 29 10:47:21 firewall2 nrpe[11125]: Host 192.168.250.1 is 
not allowed to talk to us!

   But of course the first line shows the the config file does allow the 
specific address.   

6) libwrap refused connection to nrpe Check for errors in /var/log/syslog by 
greping for xinetd. 
   - N/A, it's stand-alone nrpe
---

So, in the interests of making Richard's document complete, anyone have other 
suggestions?

Thanks,
Whit

------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day 
trial. Simplify your report design, integration and deployment - and focus on 
what you do best, core application coding. Discover what's new with 
Crystal Reports now.  http://p.sf.net/sfu/bobj-july
_______________________________________________
Nagios-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting 
any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Reply via email to