HI,
I have just rolled out NRPE to 50+ RHEL/CentOS VMs in my environment and they are all working fine except for one of them. On this VM I get the error CHECK_NRPE: Error - Could not complete SSL handshake.
Now when I've had this in the past its an easy fix, either open-ssldevel install, the nrpe config IP address or the nrpe port missing from /etc/services, but this time it doesn't work. I noticed that on this affected VM it has 2 nics, eth0 is a local only network (no access outside the VM) and eth1 is my regular network. I think what is happening is NRPE is hitting the first localonly network and failing, because if I run check_nrpe -h localhost it works, but from my nagios server it errors with the SSL handshake.
I have tried putting the localonly IP into the /etc/xinetd.d/nrpe config as well as also # the only_from section but no joy.
Any ideas?
Andy
NRPE with multiple nics?
Re: NRPE with multiple nics?
First, i want to make you aware (if you are not already) of a document for troubleshooting nrpe:
http://assets.nagios.com/downloads/nagi ... utions.pdf
On the remote host, run check_nrpe again with the -v switch (does nothing, but will force usage to be displayed).
You should see output resembling:
Post the results of the SSL line, fro example:
And also:
http://assets.nagios.com/downloads/nagi ... utions.pdf
On the remote host, run check_nrpe again with the -v switch (does nothing, but will force usage to be displayed).
Code: Select all
./check_nrpe -H localhost -vCode: Select all
NRPE Plugin for Nagios
Copyright (c) 1999-2008 Ethan Galstad ([email protected])
Version: 2.12
Last Modified: 03-10-2008
License: GPL v2 with exemptions (-l for more info)
SSL/TLS Available: Anonymous DH Mode, OpenSSL 0.9.6 or higher requiredCode: Select all
SSL/TLS Available: Anonymous DH Mode, OpenSSL 0.9.6 or higher requiredCode: Select all
which openssl
openssl versionFormer Nagios employee
"It is turtles. All. The. Way. Down. . . .and maybe an elephant or two."
VI VI VI - The editor of the Beast!
Come to the Dark Side.
"It is turtles. All. The. Way. Down. . . .and maybe an elephant or two."
VI VI VI - The editor of the Beast!
Come to the Dark Side.
Re: NRPE with multiple nics?
Thanks, didn't know about that PDF.
Actually just solved the issue but not how I expected. I asked the team who used the VM if they needed a loopback NIC and they said they didn't, so I disabled it and NRPE started working OK.
FWIW the output of that command showed below, but looks like it was the first nic being the loopback which caused it.
Thanks anyway
Actually just solved the issue but not how I expected. I asked the team who used the VM if they needed a loopback NIC and they said they didn't, so I disabled it and NRPE started working OK.
FWIW the output of that command showed below, but looks like it was the first nic being the loopback which caused it.
Code: Select all
SSL/TLS Available: Anonymous DH Mode, OpenSSL 0.9.6 or higher required