Hi there,
Starting off with info..
NEMS on RPi
Version 1.5
Build 7
In cockpit -> logs , seeing error: Could not complete ssl handshake with 192.168.x.x: rc=-1 SSL-error=5.
Have installed the nrpe server on the linux server as the Docs showed.. "apt-get install nagios-nrpe-server nagios-plugins" and changed allow hosts etc..
Could this be a compile issue with the install of nrpe?
Any help would be greatly appreciated with this issue
Regards,
George
nrpe linux monitoring ssl issue
-
- Junior Member
- Posts: 3
- Joined: Wed Mar 13, 2019 6:08 am
nrpe linux monitoring ssl issue
Last edited by george-dudman on Mon Mar 25, 2019 8:23 am, edited 1 time in total.
- Robbie Ferguson
- Posting Freak
- Posts: 835
- Joined: Wed Mar 07, 2012 3:23 pm
- Location: Ontario, Canada
- Contact:
RE: nrpe linux monitoring ssl issue
Hi George,
The docs are a bit out of date for NRPE at this point (since 1.5 is so many miles ahead of 1.3) - but did you follow https://docs.nemslinux.com/usage/nrpe_on_linux ?
I want to know if the docs are no longer true so I can look into fixing them. Unfortunatley I personally am very much focused on the builds until they're all done, so let me & the community know.
The docs are a bit out of date for NRPE at this point (since 1.5 is so many miles ahead of 1.3) - but did you follow https://docs.nemslinux.com/usage/nrpe_on_linux ?
I want to know if the docs are no longer true so I can look into fixing them. Unfortunatley I personally am very much focused on the builds until they're all done, so let me & the community know.
Robbie Ferguson // The Bald Nerd
Did I help you out? Appreciate what I do? Please consider saying thanks:
Did I help you out? Appreciate what I do? Please consider saying thanks:
- Throw something in the tip jar: https://donate.category5.tv
- Support Category5 TV on Patreon: https://patreon.com/category5
- Support NEMS Linux on Patreon: https://patreon.com/nems
-
- Junior Member
- Posts: 3
- Joined: Wed Mar 13, 2019 6:08 am
RE: nrpe linux monitoring ssl issue
Hi Robbie,
Thanks for the reply!
Yes i followed the documentation to a T yielding no results.. (can confirm ports are open and accessible from nems)
Reading up online there are some suggestions that you have to install it from source, otherwise it will compile with the "no-ssl" function.
In adagios seeing connection reset and connection reset by peer on the machine in question.
That is all I could find on the matter.. hope that may help someone investigate further.
Thanks for the reply!
Yes i followed the documentation to a T yielding no results.. (can confirm ports are open and accessible from nems)
Reading up online there are some suggestions that you have to install it from source, otherwise it will compile with the "no-ssl" function.
In adagios seeing connection reset and connection reset by peer on the machine in question.
That is all I could find on the matter.. hope that may help someone investigate further.
Last edited by george-dudman on Tue Apr 02, 2019 5:50 am, edited 1 time in total.
RE: nrpe linux monitoring ssl issue
Did you managed to get this to working?
I'm seeing the exact same error with NRPE on Windows and can't get it to work,
Most related topics with Nagios sugest to change NRPE server settings to sometihng like this:
allow arguments = true
allow nasty_meta chars = true
allowed hosts = 127.0.0.1,xxx.xxx.xxx.xxx
port = 5666
use SSL = 1
ssl options =
verify mode = none
insecure = true
But even with above settings it keeps moaning about the SSL handshake
2019-06-06 09:44:02: error:c:\source\master\include\socket/connection.hpp:276: Failed to establish secure connection: sslv3 alert handshake failure: 1040
I'm seeing the exact same error with NRPE on Windows and can't get it to work,
Most related topics with Nagios sugest to change NRPE server settings to sometihng like this:
allow arguments = true
allow nasty_meta chars = true
allowed hosts = 127.0.0.1,xxx.xxx.xxx.xxx
port = 5666
use SSL = 1
ssl options =
verify mode = none
insecure = true
But even with above settings it keeps moaning about the SSL handshake
2019-06-06 09:44:02: error:c:\source\master\include\socket/connection.hpp:276: Failed to establish secure connection: sslv3 alert handshake failure: 1040
-
- Junior Member
- Posts: 3
- Joined: Wed Mar 13, 2019 6:08 am
RE: nrpe linux monitoring ssl issue
Hi,
I never did get this working, still cannot use NRPE for linux monitoring.
I think the documentation is very out of date as Robbie stated above.
I never did get this working, still cannot use NRPE for linux monitoring.
I think the documentation is very out of date as Robbie stated above.
RE: nrpe linux monitoring ssl issue
I'm having the same issue. I'm pretty sure the NRPE version that is being shipped with NEMS was not compiled with SSL support.
I'm trying to move from an existing, working, Nagios Core installation, so I know NRPE on the client-side is fine.
-Rob
I'm trying to move from an existing, working, Nagios Core installation, so I know NRPE on the client-side is fine.
-Rob
RE: nrpe linux monitoring ssl issue
I solved this problem in my installation.
The check_nrpe executable on NEMS at the time of this writing is version 3.2.1.
It does in fact have SSL compiled into it:
However, in order for check_nrpe to work properly the corresponding NRPE server daemon on the client needs to be the SAME version.
I was running version 2.15. After compiling version 3.2 for my server, the checks started working properly.
-Rob
The check_nrpe executable on NEMS at the time of this writing is version 3.2.1.
It does in fact have SSL compiled into it:
Code: Select all
root@nems:~# /usr/lib/nagios/plugins/check_nrpe --help
NRPE Plugin for Nagios
Version: 3.2.1
Copyright (c) 2009-2017 Nagios Enterprises
1999-2008 Ethan Galstad ([email protected])
Last Modified: 2017-09-01
License: GPL v2 with exemptions (-l for more info)
SSL/TLS Available: OpenSSL 0.9.6 or higher required
However, in order for check_nrpe to work properly the corresponding NRPE server daemon on the client needs to be the SAME version.
I was running version 2.15. After compiling version 3.2 for my server, the checks started working properly.
-Rob