CHECK_NRPE: Response packet had invalid CRC32

[pamuro01]

This is:

>/usr/local/nagios/libexec/check_nrpe -H localhost
CHECK_NRPE: Error - Could not complete SSL handshake.


>/usr/local/nagios/libexec/check_nrpe -H localhost -n
CHECK_NRPE: Response packet had invalid CRC32.

[abrist]

Run an nmap on the nrpe port:

Code: Select all

nmap localhost -p 5666

Also, what version of open ssl are you running?

Code: Select all

$(which openssl) version

Lets make sure there is not more than one nrpe daemon currently running:

Code: Select all

ps -aef | grep nrpe

Additionally, the allowed_hosts directive in nrpe.cfg should be *comma-delimited*:

Code: Select all

allowed_hosts=127.0.0.1,192.168.100.20,192.168.100.45,192.168.1.202

If you are using xinetd, lets check to make sure nrpe was declared in /etc/services:

Code: Select all

grep nrpe /etc/services

It should resemble:

Code: Select all

nrpe    5666/tcp

Also remember to restart the daemon after making any changes to the configuration.

[pamuro01]

Shipping answers.
thanks

>nmap localhost -p 5666
Starting Nmap 5.00 ( http://nmap.org ) at 2014-04-24 11:11 CLST
Interesting ports on localhost (127.0.0.1):
PORT STATE SERVICE
5666/tcp open nrpe

Nmap done: 1 IP address (1 host up) scanned in 0.10 seconds

>(which openssl) version
OpenSSL 0.9.8o 01 Jun 2010

>ps -aef | grep nrpe
root 4146 24831 0 11:13 pts/0 00:00:00 grep nrpe

>Additionally, the allowed_hosts directive in nrpe.cfg should be *comma-delimited*:
ups, I've already changed

>grep nrpe /etc/services
nrpe 5666/tcp # Nagios Remote Plugin Executor
nrpe 5666/tcp #NRPE

I restarted and:
>/usr/local/nagios/libexec/check_nrpe -H localhost -n
CHECK_NRPE: Response packet had invalid CRC32.

[abrist]

>(which openssl) version
OpenSSL 0.9.8o 01 Jun 2010

Is upgrading openssl a possibility? (should be done anyways due to heartbleed . . .)

[pamuro01]

resolved after upgrading opnessl

Thanks and sorry for the delay in my response