Nagios Support Forum

Hello All,

I have been searching Google and these forums for a while trying to solve my NSCA Problem. Ideally we are working to implement Nagios Core for monitoring our clients servers, which it works like a champ when doing active checks but to spare processor time. I have core up and running and ran the install for NSCA and then setup the first server. I was using encryption and decryption method 8 which worked on a later version of all the software. Now I get the following message on the server when a NSCA Check is received:

Nov 10 14:01:45 natasharomanov xinetd[1175]: START: nsca pid=1291 from=::ffff:[IPofClient]
Nov 10 14:01:45 natasharomanov nsca[1291]: Invalid decryption method (2) in config file '/usr/local/nagios/etc/nsca.cfg' - Line 202
Nov 10 14:01:45 natasharomanov nsca[1291]: Daemon was not compiled with mcrypt library, so decryption is unavailable.
Nov 10 14:01:45 natasharomanov xinetd[1175]: EXIT: nsca status=2 pid=1291 duration=0(sec)

From the Client side I see this error/message:

**Checks Information**
2016-11-10 13:02:42: debug:modules\NSCAAgent\NSCAThread.cpp:272: Sending to server...
2016-11-10 13:02:42: debug:modules\NSCAAgent\NSCAThread.cpp:279: Looked up [IPofServer] to [IPofServer]
2016-11-10 13:02:42: message:modules\NSCAAgent\NSCAThread.cpp:305: Could not read a full NSCA hdr packet from socket, only got: 0

Can anyone help me understand what I did wrong?

hey,

You have to install libmcrypt. then re-compile NSCA so that it will work with encryption.

Thanks @lesnikov!

@thecountrylife08 Does this resolve the problem for you?

Yes, thank you @lesnikov!!

@avandemore, I will be home in a few hours and let you guys know, this makes a lot of sense and in theory would do it. Can't wait to see!

So unfortunately this did not solve the problem, that error did go away but has now been replaced with

Nov 10 22:36:26 natasharomanov xinetd[551]: START: nsca pid=807 from=::ffff:162.250.124.104
Nov 10 22:36:26 natasharomanov nsca[807]: Invalid decryption method (2) in config file '/usr/local/nagios/etc/nsca.cfg' - Line 202
Nov 10 22:36:26 natasharomanov nsca[807]: Daemon was not compiled with mcrypt library, so decryption is unavailable.
Nov 10 22:36:26 natasharomanov xinetd[551]: EXIT: nsca status=2 pid=807 duration=0(sec)

So is libmcrypt not the same as mcrypt?

"The companion to MCrypt is Libmcrypt, which contains the actual encryption functions themselves, and provides a standardized mechanism for accessing them."

after you install mcrypt and libmcrypt re-compile NSCA and check for any errors. please check if it was compiled without any errors. if there is any error please past it here.

lesnikov wrote:"The companion to MCrypt is Libmcrypt, which contains the actual encryption functions themselves, and provides a standardized mechanism for accessing them."

after you install mcrypt and libmcrypt re-compile NSCA and check for any errors. please check if it was compiled without any errors. if there is any error please past it here.

Okay so I found the problem with it, the file was not being overwritten when I hit the make all command. So I had to execute a RM on the formerly compiled nsca and then remake it. So now it appears to be working on the server side but I am getting what I think is a client error?

Nov 11 09:09:22 natasharomanov xinetd[551]: START: nsca pid=824 from=::ffff:162.250.124.104
Nov 11 09:09:23 natasharomanov nsca[824]: Dropping packet with invalid CRC32 - possibly due to client using wrong password or crypto algorithm?
Nov 11 09:09:23 natasharomanov xinetd[551]: EXIT: nsca status=0 pid=824 duration=1(sec)

What version are you using? Are the sender and receiver the same version?

Did you read over the SECURITY file included in the source?

So when I check the server is running version 2.9 and the client is on 0.3.9. I have not read the security file yet, I tested it with no security because I figured everything is setup by iptables so unless someone gets direct access to the server or tries really hard to spoof their data then I am okay. With the encryption option set to 0 on both ends I get

Nov 11 13:51:32 natasharomanov xinetd[551]: START: nsca pid=2658 from=::ffff:162.250.124.104
Nov 11 13:51:33 natasharomanov nsca[2658]: Dropping packet with invalid CRC32 - possibly due to client using wrong password or crypto algorithm?
Nov 11 13:51:33 natasharomanov xinetd[551]: EXIT: nsca status=0 pid=2658 duration=1(sec)

I'm speaking of the version NSCA, there is a server and client instance for passive checks. Do they match?

0.3.9 is likely the version of NSClient which we don't care about at this point.

What are the contents of files:
/usr/local/nagios/etc/nsca.cfg
/usr/local/nagios/etc/send_nsca.cfg

The latter needs to be the configuration file from the sending system.