Re: [Nagios-devel] Core 4 Remote Workers

Support forum for Nagios Core, Nagios Plugins, NCPA, NRPE, NSCA, NDOUtils and more. Engage with the community of users including those using the open source solutions.
Locked
Guest

Re: [Nagios-devel] Core 4 Remote Workers

Post by Guest »

--_000_4288A518A157EC4C8873FEE74F778BF011315A26WPSDGQFTOPRSTAT_
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable


On Feb 5, 2013, at 10:57 AM, Andreas Ericsson wrote:

Encryption is a must, ofcourse, as the packets will have to contain
passwords some of the time. There's a libssh2 available which we should
be able to use to set up preshared key authentication with security
that even NSA will approve of.
I like the idea of libssh2. SSH is simpler both in concept and
implementation than a PKI.


We could also go with unencrypted at first and just make sure it works
with stunnel or some such. It doesn't really matter, as organizations
large enough to require large-scale distributed setups will have
people who can handle encryption just fine.

In either case, we should definitely have a cleartext option too, for
debugging if nothing else.

I'd agree encryption is a must, well, for me anyway :) But it's always han=
dy to have a cleartext option available when things just aren't working rig=
ht and you need to trace and find out why.

So it almost seems like you could have a remote worker installed on each ho=
st, and just have it check that one host=85other than you'd have a ton of r=
emote workers, what would be the downside of doing that? Removes the need =
for nrpe or other options for remote checking=85

Dan

--_000_4288A518A157EC4C8873FEE74F778BF011315A26WPSDGQFTOPRSTAT_
Content-Type: text/html; charset="Windows-1252"
Content-ID:
Content-Transfer-Encoding: quoted-printable








On Feb 5, 2013, at 10:57 AM, Andreas Ericsson wrote:







Encryption is a must, ofcourse, as the packets wi=
ll have to contain



passwords some of the time. There's a libssh2 ava=
ilable which we should



be able to use to set up preshared key authentica=
tion with security



that even NSA will approve of.


I like the idea of libssh2. SSH is simpler both i=
n concept and

implementation than a PKI.




We could also go with unencrypted at first and just make sure it works
with stunnel or some such. It doesn't really matter, as organizations
large enough to require large-scale distributed setups will have
people who can handle encryption just fine.

In either case, we should definitely have a cleartext option too, for
debugging if nothing else.




I'd agree encryption is a must, well, for me anyway :)  But it's =
always handy to have a cleartext option available when things just aren't w=
orking right and you need to trace and find out why.


So it almost seems like you could have a remote worker installed on ea=
ch host, and just have it check that one host=85other than you'd have a ton=
of remote workers, what would be the downside of doing that?  Removes=
the need for nrpe or other options for
remote checking=85


Dan



--_000_4288A518A157EC4C8873FEE74F778BF011315A26WPSDGQFTOPRSTAT_--






This post was automatically imported from historical nagios-devel mailing list archives
Original poster: daniel.wittenberg.r0ko@statefarm.com
Locked