nrpe errors (maybe ssl related)

Support forum for Nagios Core, Nagios Plugins, NCPA, NRPE, NSCA, NDOUtils and more. Engage with the community of users including those using the open source solutions.
Locked
Hikerguy86
Posts: 13
Joined: Sun Oct 18, 2015 8:55 am

nrpe errors (maybe ssl related)

Post by Hikerguy86 »

Hi,

i am trying to roll out nrpe across our fleet of Linux servers. I am installing the packages from the EPEL repos (4.x, 5.x, 6.x, 7.x)

on a few servers so far I have noticed different behavior when it comes to connecting, even locally with check_nrpe. On some of the servers, just installing nrpe and then uploading the cfg file and starting the service will work and it comes up ok in Nagios. However on other servers it seems like there are ssl errors.

Code: Select all

tail -1 /var/log/messages
nrpe[12722]: Error: Could not complete SSL handshake. 1
so I added "--no-ssl" to the /etc/sysconfig/nrpe file and restarted nrpe service

Code: Select all

/usr/lib/nagios/plugins/check_nrpe -H 127.0.0.1 -n
NRPE v2.15
so far so good, now let's try a check:

Code: Select all

/usr/lib/nagios/plugins/check_nrpe -H 127.0.0.1 -n -c check_users
NRPE: Unable to read output
ok, what does /var/log/messages say:

Code: Select all

nrpe[12857]: Could not read request from client, bailing out...
notice this is all local, but the same error is received on the remote Nagios host as well. I'm unsure how to resolve it from here. When I don't use the -n option on these problem hosts as compared to the -n option:

Code: Select all

./check_nrpe -H 127.0.0.1 -c check_cpu
CHECK_NRPE: Socket timeout after 10 seconds.

./check_nrpe -H 127.0.0.1 -c check_cpu -n
NRPE: Unable to read output
check times out no matter how long the timeout (-t) is set to without the -n, but with it the check_nrpe fails with "unable to read output" and "Could not read request from client, bailing out..." in /var/log/messages

anyone have any ideas?
Top
User avatar
mcapra
Posts: 3739
Joined: Thu May 05, 2016 3:54 pm

Re: nrpe errors (maybe ssl related)

Post by mcapra »

Hikerguy86 wrote: I am installing the packages from the EPEL repos (4.x, 5.x, 6.x, 7.x)
Unfortunately, we do not maintain/build the packages provided in the EPEL repositories which makes providing support a bit tricky. Here's our official documentation for setting up NRPE (though the documentation says Nagios XI, this applies to Core as well):
https://assets.nagios.com/downloads/nag ... _Agent.pdf

Do you know if this NRPE is running as a stand-alone daemon, or is it running under xinetd?
Former Nagios employee
https://www.mcapra.com/
Top
Hikerguy86
Posts: 13
Joined: Sun Oct 18, 2015 8:55 am

Re: nrpe errors (maybe ssl related)

Post by Hikerguy86 »

Hi,

I am familiar with the guide, unfortunately I am not able to build the agent from source, my company has a policy that no build tools can be installed on qa, uat, prod, dr, etc so I have to use the packages in the repo.

The agent is running as a stand alone daemon.

the oddity is that only some of the machines have this issue, others install from the repo and come up just fine and report 100% ok to nagios, there is no difference in the configurations, init files, or /etc/sysconfig/nrpe files
Top
User avatar
ruffsense
Posts: 140
Joined: Thu Apr 11, 2013 12:40 am

Re: nrpe errors (maybe ssl related)

Post by ruffsense »

maybe you need to use a shebang.

try to run your script after you did this.

sudo sudo -s -u nagios
I don't insult, I diagnose.
Top
User avatar
mcapra
Posts: 3739
Joined: Thu May 05, 2016 3:54 pm

Re: nrpe errors (maybe ssl related)

Post by mcapra »

Did you also install the nagios-plugins package along with NRPE?

Can you share the contents of your NRPE configuration file? It's usually located in /usr/local/nagios/etc/nrpe.cfg, but the package may have placed it elsewhere.
Former Nagios employee
https://www.mcapra.com/
Top
Locked

Return to “Open Source Nagios Projects”