I've done some more digging. It's definitely related to the upgrade from v2 to v3. My syslog from the nagios server reports errors such as: check_nrpe: Error: (!log_opts) Could not complete SSL handshake with xxx.xxx.xxx.xxx: dh key too small
This page describes the compatibility of v3: https://support.nagios.com/kb/article/nrpe-v3-compatibility-with- previous-versions-516.html. It states: "A 2048-bit DH key is used instead of a 512-bit key" which very likely is the cause of the issue. The same pages provides a workaround: "Force the plugin to send v2 packets Using the -2 argument will force the plugin to connect with v2 packets /usr/local/nagios/libexec/check_nrpe -2 -H centos12" This workaround doesn't work on 18.04. I also tried with -P 1024 as suggested in some other places, to no avail. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1782650 Title: nrpe plugin in bionic fails with "Error - Could not complete SSL handshake" To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/nagios-nrpe/+bug/1782650/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
