Dear Whit, I have actually seen this contradictory error in the log before but in my case I was in a new location installing new versions of NRPE (along with Nagios 3.0.6) and while the existing NRPE on the host claimed to be the same version as the one I was using on the Nagios host, there was still some sort of inherent incompatibility. In my case I was guessing that my predecessor had taken some liberties with the source code. I had the luxury of having another existing NRPE client that was working and so I copied the nrpe binary from the working NRPE client over to the non-working NRPE client and then they both worked, and unfortunately, I never got to the bottom of it.
Richard Blauvelt wrote: > Dear Richard, > > Thanks for maintaining that. Think I've found a new way to have it go wrong: > > --- > CHECK_NRPE: Error - Could not complete SSL handshake > > This error message could be due to several problems: > > 1) Different versions. > - No, same, compiled from the same source, on identical machines with > Ubuntu Hardy LTS. > > 2) SSL is disabled. > - No. SSL compiled in both. Daemons started from command line with basic > switches. > > 3) Incorrect file permissions. Make sure the NRPE config file (nrpe.cfg) is > readable by the user (i.e. nagios) that executes the NRPE binary from > inetd/xinetd. (also rare) > - Okay, they were owned by root. But changing that to the nagios user and > restarting doesn't fix it. And I'm not using inetd/xinetd, but running > standalone daemons > > 4) Pseudo-random device files are not readable. > - /dev/urandom and /dev/random are both world readable > > 5) Unallowed address. > - Well, yes according to the client log: > > /var/log/syslog:Jul 29 10:47:16 firewall2 nrpe[11123]: Allowing > connections from: 127.0.0.1, 192.168.250.1 > /var/log/syslog:Jul 29 10:47:21 firewall2 nrpe[11125]: Host 192.168.250.1 > is not allowed to talk to us! > > But of course the first line shows the the config file does allow the > specific address. > > 6) libwrap refused connection to nrpe Check for errors in /var/log/syslog by > greping for xinetd. > - N/A, it's stand-alone nrpe > --- > > So, in the interests of making Richard's document complete, anyone have other > suggestions? > > Thanks, > Whit > > ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Nagios-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
