Monitoring of Linux Host--Could not complete SSL handshake

Support forum for Nagios Core, Nagios Plugins, NCPA, NRPE, NSCA, NDOUtils and more. Engage with the community of users including those using the open source solutions.
amitgupta19
Posts: 286
Joined: Fri Sep 08, 2017 5:53 am

Monitoring of Linux Host--Could not complete SSL handshake

Post by amitgupta19 »

I am trying to monitor the Linux Hosts using the nrpe and xinetd.

But i am getting the below Error for all the parameters.
"CHECK_NRPE: Error - Could not complete SSL handshake."

But It shows the host as UP.

Please suggest.
bolson

Re: Monitoring of Linux Host--Could not complete SSL handsha

Post by bolson »

Do you have the IP address of your Nagios Core server in the only_from directive in the file /etc/xinetd.d/nrpe?
Also, please run the following and post the output:

Ubuntu or Debian:

Code: Select all

tail -30 /var/log/syslog
CentOS or RHEL:

Code: Select all

tail -30 /var/log/messages
amitgupta19
Posts: 286
Joined: Fri Sep 08, 2017 5:53 am

Re: Monitoring of Linux Host--Could not complete SSL handsha

Post by amitgupta19 »

Hi Boloson,

My Nagios Server is CentOS system.

So i ran the command "tail -30 /var/log/messages" on the remote host. This is giving me the following output:

[rupadhya@labbatchuat01 docs]$ sudo tail -30 /var/log/messages
Oct 2 16:36:27 labbatchuat01 nrpe[31553]: Config file '/usr/local/nagios/etc/nrpe.cfg' contained errors, aborting...
Oct 2 16:36:27 labbatchuat01 xinetd[19140]: EXIT: nrpe status=2 pid=31553 duration=0(sec)
Oct 2 16:36:35 labbatchuat01 xinetd[19140]: START: nrpe pid=31561 from=::ffff:205.143.123.70
Oct 2 16:36:35 labbatchuat01 nrpe[31561]: Unable to open config file '/usr/local/nagios/etc/nrpe.cfg' for reading
Oct 2 16:36:35 labbatchuat01 nrpe[31561]: Config file '/usr/local/nagios/etc/nrpe.cfg' contained errors, aborting...
Oct 2 16:36:35 labbatchuat01 xinetd[19140]: EXIT: nrpe status=2 pid=31561 duration=0(sec)
Oct 2 16:38:05 labbatchuat01 xinetd[19140]: START: nrpe pid=303 from=::ffff:205.143.123.70
Oct 2 16:38:05 labbatchuat01 nrpe[303]: Unable to open config file '/usr/local/nagios/etc/nrpe.cfg' for reading
Oct 2 16:38:05 labbatchuat01 nrpe[303]: Config file '/usr/local/nagios/etc/nrpe.cfg' contained errors, aborting...
Oct 2 16:38:05 labbatchuat01 xinetd[19140]: EXIT: nrpe status=2 pid=303 duration=0(sec)
Oct 2 16:38:28 labbatchuat01 xinetd[19140]: START: nrpe pid=830 from=::ffff:205.143.123.70
Oct 2 16:38:28 labbatchuat01 nrpe[830]: Unable to open config file '/usr/local/nagios/etc/nrpe.cfg' for reading
Oct 2 16:38:28 labbatchuat01 nrpe[830]: Config file '/usr/local/nagios/etc/nrpe.cfg' contained errors, aborting...
Oct 2 16:38:28 labbatchuat01 xinetd[19140]: EXIT: nrpe status=2 pid=830 duration=0(sec)
Oct 2 16:38:38 labbatchuat01 xinetd[19140]: START: nrpe pid=833 from=::ffff:205.143.123.70
Oct 2 16:38:38 labbatchuat01 nrpe[833]: Unable to open config file '/usr/local/nagios/etc/nrpe.cfg' for reading
Oct 2 16:38:38 labbatchuat01 nrpe[833]: Config file '/usr/local/nagios/etc/nrpe.cfg' contained errors, aborting...
Oct 2 16:38:38 labbatchuat01 xinetd[19140]: EXIT: nrpe status=2 pid=833 duration=0(sec)
Oct 2 16:40:16 labbatchuat01 xinetd[19140]: START: nrpe pid=3152 from=::ffff:205.143.123.70
Oct 2 16:40:16 labbatchuat01 nrpe[3152]: Unable to open config file '/usr/local/nagios/etc/nrpe.cfg' for reading
Oct 2 16:40:16 labbatchuat01 nrpe[3152]: Config file '/usr/local/nagios/etc/nrpe.cfg' contained errors, aborting...
Oct 2 16:40:16 labbatchuat01 xinetd[19140]: EXIT: nrpe status=2 pid=3152 duration=0(sec)
Oct 2 16:40:28 labbatchuat01 xinetd[19140]: START: nrpe pid=3676 from=::ffff:205.143.123.70
Oct 2 16:40:28 labbatchuat01 nrpe[3676]: Unable to open config file '/usr/local/nagios/etc/nrpe.cfg' for reading
Oct 2 16:40:28 labbatchuat01 nrpe[3676]: Config file '/usr/local/nagios/etc/nrpe.cfg' contained errors, aborting...
Oct 2 16:40:28 labbatchuat01 xinetd[19140]: EXIT: nrpe status=2 pid=3676 duration=0(sec)
Oct 2 16:40:52 labbatchuat01 xinetd[19140]: START: nrpe pid=3723 from=::ffff:205.143.123.70
Oct 2 16:40:52 labbatchuat01 nrpe[3723]: Unable to open config file '/usr/local/nagios/etc/nrpe.cfg' for reading
Oct 2 16:40:52 labbatchuat01 nrpe[3723]: Config file '/usr/local/nagios/etc/nrpe.cfg' contained errors, aborting...
Oct 2 16:40:52 labbatchuat01 xinetd[19140]: EXIT: nrpe status=2 pid=3723 duration=0(sec)

Please suggest what to do?
kyang

Re: Monitoring of Linux Host--Could not complete SSL handsha

Post by kyang »

Could you post your nrpe.cfg so we can take a look?

Code: Select all

cat /usr/local/nagios/etc/nrpe.cfg
Looks like it says the nrpe.cfg contained errors.
amitgupta19
Posts: 286
Joined: Fri Sep 08, 2017 5:53 am

Re: Monitoring of Linux Host--Could not complete SSL handsha

Post by amitgupta19 »

nrpe.cfg file does not exist on the system.
kyang

Re: Monitoring of Linux Host--Could not complete SSL handsha

Post by kyang »

Also what does your xinetd.d/nrpe file look like?

Code: Select all

cat /etc/xinetd.d/nrpe
amitgupta19
Posts: 286
Joined: Fri Sep 08, 2017 5:53 am

Re: Monitoring of Linux Host--Could not complete SSL handsha

Post by amitgupta19 »

Please find here with the output.

[trathi@labbatchuat01 ~]$ cat /etc/xinetd.d/nrpe
# default: on
# description: NRPE (Nagios Remote Plugin Executor)
service nrpe
{
flags = REUSE
socket_type = stream
port = 5666
wait = no
user = nagios
group = nagios
server = /usr/local/nagios/bin/nrpe
server_args = -c /usr/local/nagios/etc/nrpe.cfg --inetd
log_on_failure += USERID
disable = no
only_from = 127.0.0.1 205.143.123.70
}
amitgupta19
Posts: 286
Joined: Fri Sep 08, 2017 5:53 am

Re: Monitoring of Linux Host--Could not complete SSL handsha

Post by amitgupta19 »

Is it ok i copy the nrpe.cfg file from a working remote host to the problematic Host?

If Yes, how do i ensure that it does not gets missed next time when in install the nrpe.cfg file on a new remote host.
kyang

Re: Monitoring of Linux Host--Could not complete SSL handsha

Post by kyang »

Which documentation did you use when installing the NRPE?
It's strange that you don't have a nrpe.cfg file? Was it deleted?

Try copying over the nrpe.cfg into that exact path.

Code: Select all

/usr/local/nagios/etc/nrpe.cfg
Then run this command from your Nagios server to see if you can connect to the linux host.

Code: Select all

/usr/local/nagios/libexec/check_nrpe -H <IPaddress>
amitgupta19
Posts: 286
Joined: Fri Sep 08, 2017 5:53 am

Re: Monitoring of Linux Host--Could not complete SSL handsha

Post by amitgupta19 »

I used the steps mentioned at the link
"https://www.tecmint.com/how-to-add-linu ... ng-server/"

Please let me know if anything wrong here.

This file was not deleted.

After copying the nrpe.cfg file and restarting xinetd service it has started communicating.

But i found that one command was missing, and i had to copy the command as well. Now everything is working.

Now my point is that how do i ensure that next time when install the client on other Linux host, i do not run into same situation again.
I have to monitor the 100 linux servers. So this workout may not be possible.
Locked