check_ssh returning Permission denied

Support forum for Nagios Core, Nagios Plugins, NCPA, NRPE, NSCA, NDOUtils and more. Engage with the community of users including those using the open source solutions.
Post Reply
timperkins
Posts: 2
Joined: Wed Sep 07, 2022 11:32 am

check_ssh returning Permission denied

Post by timperkins »

I'm a long time Nagios fan, like 15 years. In one of my environments, I have Nagios and NRPE running on several Linux hosts and everything has been working as expected for several months. I recently added 3 Linux 8 (Rocky) hosts into the environment... All 3 are identically configured, with NRPE installed, and the Nagios server is monitoring 8 of 9 services on all 3 hosts without issue.

But check_ssh is not working on 2 of the 3 hosts. From the Nagios server:

Code: Select all

[root@nagios ~]# /usr/local/nagios/libexec/check_nrpe -H 192.168.0.71 -c check_ssh
SSH OK - OpenSSH_8.0 (protocol 2.0) | time=0.011923s;;;0.000000;10.000000

[root@nagios ~]# /usr/local/nagios/libexec/check_nrpe -H 192.168.0.72 -c check_ssh
connect to address 192.168.0.69 and port 22: Permission denied

[root@nagios ~]# /usr/local/nagios/libexec/check_nrpe -H 192.168.0.73 -c check_ssh
connect to address 192.168.0.69 and port 22: Permission denied
The config on all 3 hosts is the same... same firewalld settings, nrpe.cfg, etc. For the life of me, I can't figure out what's wrong... check_disk, check_load, check_mem, check_procs, check_swap, check_uptime and check_users are all working as expected on all 3 hosts, but check_ssh is only working on 1 of the 3.

Suggestions?
timperkins
Posts: 2
Joined: Wed Sep 07, 2022 11:32 am

Re: check_ssh returning Permission denied

Post by timperkins »

Adding to this, I am able to run check_ssh as root and as the nrpe user on the 2 "bad" hosts:

Code: Select all

[root@192.168.0.72 ~]# /usr/lib64/nagios/plugins/check_ssh -H 192.168.0.69
SSH OK - OpenSSH_8.0 (protocol 2.0) | time=0.011192s;;;0.000000;10.000000
[root@192.168.0.72 ~]# runuser -u nrpe -- /usr/lib64/nagios/plugins/check_ssh -H 192.168.0.69
SSH OK - OpenSSH_8.0 (protocol 2.0) | time=0.010463s;;;0.000000;10.000000

[root@192.168.0.73 ~]# /usr/lib64/nagios/plugins/check_ssh -H 192.168.0.69
SSH OK - OpenSSH_8.0 (protocol 2.0) | time=0.010107s;;;0.000000;10.000000
[root@192.168.0.73 ~]# runuser -u nrpe -- /usr/lib64/nagios/plugins/check_ssh -H 192.168.0.69
SSH OK - OpenSSH_8.0 (protocol 2.0) | time=0.010427s;;;0.000000;10.000000
And there are no problems running ssh between the hosts and nagios (or to any other host in the environment).
Post Reply