monitoring hosts using ssh - can you change default account?

[dwhitfield]

If I run this command from "root" user from XI server, I will have to use "-l nagios" and it will also prompt me for the password.

Why would you do this if you don't have a nagios user account remotely? You should use -l WhateverUserNameYouCreated. By default the nagios account is used. You use -l to change this.

There is no password. That's the entire point of the key generation. If you are being asked for a password that means you did not set up the keys properly. If you want to generate the key on the XI server under the same username, then create that same username on the XI server.

[tgriep]

If you want to setup password less logins between the Nagios XI server and a remote server using a different username, the user account will have to be created on the Nagios XI server as well as the remote server.
Testing of the connection between the XI server and the remote server has to be done on the Nagios server while logged in as that other user account.

Then, when Nagios run the check_by_ssh plugin, it runs it as the nagios user. If the folder where the SSH public ID file is not readable by the nagios user, it will generate an error as it cannot read the ssh key file.

One way to get around this is to copy the ssh ID file in to the /usr/local/nagios/libexec folder, make sure the nagios user can read it and add it to the command by using the -i option.

-i, --identity=KEYFILE
identity of an authorized key [optional]

An example of the command line.

Code: Select all

$USER1$/check_by_ssh -i /usr/local/nagios/libexex/id_rsa -l newremoteusername -H xxxxxx -E 1 -C "/usr/lib/nagios/plugins/check_disk -w 10 -c 20 -e -p /"

Take a look at this link for more details on that plugins command line options.
https://www.monitoring-plugins.org/doc/ ... y_ssh.html

[paulconca]

These posts really helped me, thanks all

I did get this working by following the steps, my question is do you need both the Nagios and alternative account on the client server.

I cannot seem to get any command to work, unless I run it using the alternative account on the Nagios server.

[tgriep]

The -l option is the username the plugin will run on the remote host so if the permissions of the plugins / commands are setup to run as that user account, then the nagios user account would not be needed.

-l, --logname=USERNAME
SSH user name on remote host

[paulconca]

Working now.

Thank you

[tgriep]

Your welcome. If you don's have anymore related questions, shall I close and lock the post?