How can I encrypt passwords in configuration files
How can I encrypt passwords in configuration files
All the config files have password that readable to anyone who views them. How can I make it so that they are encrypted.
Re: How can I encrypt passwords in configuration files
Unfortunately there is no way that I'm aware of to encrypt them, you could however use your /usr/local/nagios/etc/resource.cfg file to put your passwords in there and just use the vars to pull them into the commands and use filesystem perms as the best alternative.
Re: How can I encrypt passwords in configuration files
Here's a link to a document that covers the procedure of adding user macros to the resource.cfg file:
https://assets.nagios.com/downloads/nag ... Macros.pdf
https://assets.nagios.com/downloads/nag ... Macros.pdf
Be sure to check out our Knowledgebase for helpful articles and solutions!
Re: How can I encrypt passwords in configuration files
Is there anyway to lock the web interface to specific IP access?
Re: How can I encrypt passwords in configuration files
The web interface of Nagios? One solution is to only allow port 80/443 requests from a particular IP address. Keep in mind that passive checks may stop coming in if they use these ports to contact Nagios XI.
After you have altered your firewall, remove the port 80 and port 443 ACCEPT rules from /etc/sysconfig/iptables and restart iptables.
Code: Select all
iptables -I INPUT -p tcp -s YourIP --dport 80 -j ACCEPT
iptables -I INPUT -p tcp -s YourIP --dport 443 -j ACCEPT
service iptables saveRe: How can I encrypt passwords in configuration files
You could use iptables but you would have to be careful if you are using passive checks (NRDP, etc) and not block localhost as well. But no, there is no feature inherent to XI that would limit it to certain IP addresses. Or maybe look into Apache Access Control: http://httpd.apache.org/docs/2.2/howto/access.html