Note: check_nt on nagios works fine. In case that helps clear up any networking issues.
I’ve read as many forum posts and articles as I can. I’ve done everything I can think of and I am completely stuck. I’m having all kinds of issues with SSL.
This is for my home network, I don’t need SSL or anything like that. I just want it to work. I’m running Nagios on a Raspberry Pi.
I downloaded, compiled and installed the latest version of the check_nrpe plugin (3.2.1) and installed it in the /usr/local/nagios/libexec directory.
I installed NSClient++ on my Windows 10 PC.
I’ve spent hours messing with the NSClient config file and haven’t made any progress.
Here is my nsclient.ini contents:
[/settings/default] password = [password] allowed hosts = 127.0.0.1,192.168.0.0/24 [/settings/NRPE/server] ssl options = no-sslv2,no-sslv3 verify mode = peer-cert allowed hosts = 127.0.0.1,192.168.0.0/24 insecure = false [/modules] CheckExternalScripts = enabled CheckHelpers = disabled CheckEventLog = disabled CheckNSCP = disabled WEBServer = enabled NSClientServer = enabled NRPEServer = enabled CheckSystem = enabled CheckDisk = enabled [/settings/NSClient/server] allowed hosts = 127.0.0.1,192.168.0.0/24 [/settings/WEB/server] allowed hosts = 127.0.0.1,192.168.0.0/24
With the config as shown, I get the following errors, running check_nrpe from the nagios host:
./check_nrpe -H 192.168.0.111 CHECK_NRPE: (ssl_err != 5) Error - Could not complete SSL handshake with 192.168.0.111: 1 ./check_nrpe -H 192.168.0.111 -n CHECK_NRPE: Receive header underflow - only 0 bytes received (4 expected).
And I get the same error messages every time regardless of what I have “verify mode” or “insecure” settings set to.
I have also tried running check_nrpe.exe locally.
With the current config, I get:
.\check_nrpe.exe address=192.168.0.111 insecure Error: Failed to connect to: 192.168.0.111:5666 :short read
But if I change the config to this, then it works:
;verify mode = peer-cert ; commented out insecure = true
I get this:
.\check_nrpe.exe address=192.168.0.111 insecure I (0.5.2.35 2018-01-28) seem to be doing fine...