Displaying 20 results from an estimated 6000 matches similar to: "Could not complete SSL handshake to Amazon EC2 host"
2015 May 01
5
Could not complete SSL handshake to Amazon EC2 host
Hi Eric,
Thanks for your reply. I do have nrpe running under xinetd on the host I'm
trying to monitor.
And running the nrpe checl locally:
[root at ops:~] #/usr/local/nagios/libexec/check_nrpe -H localhost
NRPE v2.15
[root at ops:~] #grep only_from /etc/xinetd.d/nrpe
only_from = 127.0.0.1 216.120.248.126
And I do have port 5666 open on the security group for this host.
2015 May 01
2
Could not complete SSL handshake to Amazon EC2 host
Oh my mistake. I mean nrpe without parameters. It should say something
about SSL/TLS aktiv or so.
You could test nrpe without SSL. Use nrpe -n - H host
Am 01.05.2015 13:18 schrieb "Eero Volotinen" <eero.volotinen at iki.fi>:
> well. how about trying default setting and running nrped without xinetd.
>
> --
> Eero
>
> 2015-05-01 14:14 GMT+03:00 Tim Dunphy
2015 May 01
2
Could not complete SSL handshake to Amazon EC2 host
Hi
NRPE: Error receiving data from daemon
Seems as this is not a SSL Problem. Do you have a nagios user account? Cat
/etc/passwd
Am 01.05.2015 18:45 schrieb "Tim Dunphy" <bluethundr at gmail.com>:
> >
> > Oh my mistake. I mean nrpe without parameters. It should say something
> > about SSL/TLS aktiv or so.
> > You could test nrpe without SSL. Use nrpe -n -
2015 May 01
2
Could not complete SSL handshake to Amazon EC2 host
> This is strange...
> Do you have SSL aktive on both systems? Run nrpr localy without parameters
> (this should return some nrpe stats) and check ldd for libssl.
I don't seem to have that command.
[root at monitor1:~] #find / -name "*nrpr" 2> /dev/null
[root at monitor1:~] #
And that's on either system.
And if I do an ldd on both, this is what I can tell:
2015 May 03
4
can't disable tcp6 on centos 7
>
> It's listening on both IPv6 and IPv4. Specifically, why is that a problem?
The central problem seems to be that the monitoring host can't hit nrpe on
port 5666 UDP.
[root at monitor1:~] #/usr/local/nagios/libexec/check_nrpe -H
puppet.mydomain.com
CHECK_NRPE: Socket timeout after 10 seconds.
It is listening on the puppet host on port 5666
[root at puppet:~] #lsof -i :5666
2015 May 03
3
can't disable tcp6 on centos 7
hey all,
I tried disabling tcp v6 on a C7 box this way:
[root at puppet:~] #cat /etc/sysctl.conf
# System default settings live in /usr/lib/sysctl.d/00-system.conf.
# To override those settings, enter new settings here, or in an
/etc/sysctl.d/<name>.conf file
#
# For more information, see sysctl.conf(5) and sysctl.d(5).
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6
2015 May 03
2
can't disable tcp6 on centos 7
Tim,
where did you installed this nrpe package? is selinux running enforcing
mode (getenforce command), try disabling with setenforce 0. why you are
running it under xinetd as usual way is to run it as nrped daemon.
test against with check_nrpe, not using telnet.
--
Eero
2015-05-04 2:27 GMT+03:00 Stephen Harris <lists at spuddy.org>:
> On Sun, May 03, 2015 at 07:23:19PM -0400, Tim
2015 May 03
2
can't disable tcp6 on centos 7
>
> is it working on localhost or not???!!! it could be selinux problem also,
> if context is not correct.
It's working on localhost:
[root at puppet:~] #telnet localhost 5666
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
I notice if I stop the firewall on the puppet host (for no more than 2
seconds) and hit NRPE from the monitoring host it works:
2015 May 01
2
Could not complete SSL handshake to Amazon EC2 host
Hi Brian,
Does "iptables -L" show anything of note?
I'm leaving iptables off in this host. Because it's an AWS EC2 host I'm
managing the firewall ports using the AWS security groups.
[root at ops:~] #service iptables status
Firewall is stopped.
But still, there's this...
[root at monitor1:~] #/usr/local/nagios/libexec/check_nrpe -H ops.jokefire.com
CHECK_NRPE:
2015 May 01
0
Could not complete SSL handshake to Amazon EC2 host
>
> Oh my mistake. I mean nrpe without parameters. It should say something
> about SSL/TLS aktiv or so.
> You could test nrpe without SSL. Use nrpe -n - H host
This is what I see about ssl if I just run nrpe on the client without any
flags:
[root at ops:~] #nrpe| head -8
NRPE - Nagios Remote Plugin Executor
Copyright (c) 1999-2008 Ethan Galstad (nagios at nagios.org)
Version: 2.15
2015 May 01
0
Could not complete SSL handshake to Amazon EC2 host
Hi Eric,
> NRPE: Error receiving data from daemon
> Seems as this is not a SSL Problem. Do you have a nagios user account? Cat
> /etc/passwd
Yep! Both hosts have nagios user accounts.
Demonstrating from the client:
[root at ops:~] #id nagios
uid=2002(nagios) gid=2002(nagios) groups=2002(nagios),2008(nagioscmd)
And this is from the monitoring server:
[root at monitor1:~] #id
2015 May 01
0
Could not complete SSL handshake to Amazon EC2 host
This is strange...
Do you have SSL aktive on both systems? Run nrpr localy without parameters
(this should return some nrpe stats) and check ldd for libssl.
Am 01.05.2015 07:32 schrieb "Tim Dunphy" <bluethundr at gmail.com>:
> Hi Eric,
>
> Thanks for your reply. I do have nrpe running under xinetd on the host I'm
> trying to monitor.
>
> And running the
2015 May 01
0
Could not complete SSL handshake to Amazon EC2 host
well. how about trying default setting and running nrped without xinetd.
--
Eero
2015-05-01 14:14 GMT+03:00 Tim Dunphy <bluethundr at gmail.com>:
> > This is strange...
> > Do you have SSL aktive on both systems? Run nrpr localy without
> parameters
> > (this should return some nrpe stats) and check ldd for libssl.
>
>
> I don't seem to have that command.
2015 May 01
0
Could not complete SSL handshake to Amazon EC2 host
Hi
Does the deamon run under xinetd? Then you have to configure the only_from
in */etc/**xinetd.d**/**nrpe* to.
Regards
Eric
Am 01.05.2015 06:46 schrieb "Tim Dunphy" <bluethundr at gmail.com>:
> Hello,
>
> I am trying to monitor a host in the Amazon EC2 cloud.
>
> Yet when I try to check NRPE from the monitoring host I am getting an SSL
> handshake error:
2015 May 03
1
Could not complete SSL handshake to Amazon EC2 host
On Sat, May 02, 2015 at 06:26:47PM -0400, Tim Dunphy wrote:
> >
> > Not just /var/log/messages. Doesn't nrpe have a log file? Maybe even
> > secure.
>
>
> Hmmm I don't find any log specific to nrpe. In other words I don't see
> /var/log/nrpe.log or whatever. :)
>
> And when I tail -f /var/log/secure or /var/log/messages I don't see any
>
2015 May 04
1
can't disable tcp6 on centos 7
On Sun, May 03, 2015 at 08:25:45PM -0400, Tim Dunphy wrote:
> Rather than a yum install. If I install the nrpe package from yum I don't
> find a check_nrpe script on the system for some reason!
That's because the 'check_nrpe' command isn't in the nrpe package.
It's in the nagios-plugins-nrpe package. The executable is installed,
along side all other nagios check
2015 May 03
0
can't disable tcp6 on centos 7
is it working on localhost or not???!!! it could be selinux problem also,
if context is not correct.
--
Eero
2015-05-04 1:55 GMT+03:00 Tim Dunphy <bluethundr at gmail.com>:
> >
> > It's listening on both IPv6 and IPv4. Specifically, why is that a
> problem?
>
>
> The central problem seems to be that the monitoring host can't hit nrpe on
> port 5666 UDP.
2015 May 04
0
can't disable tcp6 on centos 7
Eero,
where did you installed this nrpe package? is selinux running enforcing
> mode (getenforce command), try disabling with setenforce 0. why you are
> running it under xinetd as usual way is to run it as nrped daemon.
>
For NRPE I usually do a source install with these flags:
./configure
make all
make install-plugin
make install-daemon
make install-daemon-config
make install-xinetd
2015 May 02
0
Could not complete SSL handshake to Amazon EC2 host
>
> Not just /var/log/messages. Doesn't nrpe have a log file? Maybe even
> secure.
Hmmm I don't find any log specific to nrpe. In other words I don't see
/var/log/nrpe.log or whatever. :)
And when I tail -f /var/log/secure or /var/log/messages I don't see any
entries turning up in them when I hit the client with check_nrpe. I was
checking the logs on the client
2015 May 14
3
nagios check_local_disk failing
Hey all,
I have a local disk check defined which is giving me an error:
Current Status:
UNKNOWN
(for 0d 0h 1m 38s)Status Information:Unknown argument
Usage:
check_disk -w limit -c limit [-W limit] [-K limit] {-p pathPerformance Data:-x
device} [-C] [-E] [-e] [-f] [-g group ] [-k] [-l] [-M] [-m] [-R path ] [-r
path ] [-t timeout] [-u unit] [-v] [-X type] [-N type] [-n]
I have a local check