Hi. I installed the check_nrpe plugin on the Nagios server and NRPE running as daemon on the host I have to monitor, both compiled with SSL support and the dh.h file created and saved in the include/ directory on the NRPE host.
[r...@monitored-host ~]# /opt/nrpe/bin/nrpe NRPE - Nagios Remote Plugin Executor Copyright (c) 1999-2008 Ethan Galstad ([email protected]) Version: 2.12 Last Modified: 03-10-2008 License: GPL v2 with exemptions (-l for more info) SSL/TLS Available: Anonymous DH Mode, OpenSSL 0.9.6 or higher required TCP Wrappers Available nagios-server:/# /usr/local/nagios/libexec/check_nrpe Incorrect command line arguments supplied NRPE Plugin for Nagios Copyright (c) 1999-2008 Ethan Galstad ([email protected]) Version: 2.12 Last Modified: 03-10-2008 License: GPL v2 with exemptions (-l for more info) SSL/TLS Available: Anonymous DH Mode, OpenSSL 0.9.6 or higher required The IP address of the Nagios server is specified in the "allowed_hosts" declaration in the nrpe.cfg file: [r...@monitored-host ~]# grep allowed_hosts /opt/nrpe/etc/nrpe.cfg allowed_hosts=192.168.10.250 The problem is that if I try to execute the check_nrpe command to test the NRPE daemon on the monitored host, I receive this error: nagios-server:/# /usr/local/nagios/libexec/check_nrpe -H 192.168.10.18 CHECK_NRPE: Error - Could not complete SSL handshake. On the monitored host I see that the IP address of the Nagios server is allowed and then refused: [r...@monitored-host ~]# tail /var/log/messages Dec 16 01:24:27 monitored-host nrpe[25047]: INFO: SSL/TLS initialized. All network traffic will be encrypted. Dec 16 01:24:27 monitored-host nrpe[25048]: Starting up daemon Dec 16 01:24:27 monitored-host nrpe[25048]: Warning: Daemon is configured to accept command arguments from clients! Dec 16 01:24:27 monitored-host nrpe[25048]: Listening for connections on port 5666 Dec 16 01:24:27 monitored-host nrpe[25048]: Allowing connections from: 192.168.10.250 Dec 16 01:27:01 monitored-host nrpe[25063]: refused connect from 192.168.10.250 (192.168.10.250) What is the problem? It is not a firewall problem because the connection works, and it does not seems to be a SSL related problem because it does not work even if I try the check command disabling SSL with -n (and the NRPE daemon runned with -n also), and it is quite curious to have two opposite log messages. Could you help me please? I worked all the afternoon trying to let it work, but it does not work... Thank you very much!! Bye. ------------------------------------------------------------------------------ This SF.Net email is sponsored by the Verizon Developer Community Take advantage of Verizon's best-in-class app development support A streamlined, 14 day to market process makes app distribution fast and easy Join now and get one step closer to millions of Verizon customers http://p.sf.net/sfu/verizon-dev2dev _______________________________________________ Nagios-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
