Nagios Support Forum

MOD EDIT: this user split from https://support.nagios.com/forum/viewto ... 999#bottom

I have defined the host server on the remote server and I still get an SSL handshake issue when trying to run NRPE. All of the statuses show unknown.

From the install.log file from the other post, is looks like SSL was compiled in so lets try running the check_nrpe from the Nagios XI server both ways and see if one of them works.
Login to the XI server, run the following and post the output. Replace xxx.xxx.xxx.xxx with the remote server. Lets see if port 5666 is open to the XI server, run this and post the output Then, on the remote system, run the following and post the output. Post this file from the remote system.

here are the outputs and PMed the cfg file.

There is one error in the nrpe.cfg file. Change this from to Save the file and restart the NRPE Agent. Then run these commands from the Nagios server to see if one of them work. Replace xxx.xxx.xxx.xxx with the remote servers IP. Also, I need to see the output from these 2 commands that are run on the remote system

nrpe 27421 1 0 07:18 ? 00:00:00 /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
root 27443 27254 0 07:19 pts/0 00:00:00 grep nrpe

NRPE - Nagios Remote Plugin Executor
Copyright (c) 1999-2008 Ethan Galstad ([email protected])
Version: 2.15
Last Modified: 09-06-2013
License: GPL v2 with exemptions (-l for more info)
SSL/TLS Available: Anonymous DH Mode, OpenSSL 0.9.6 or higher required

***************************************************************
** POSSIBLE SECURITY RISK - COMMAND ARGUMENTS ARE SUPPORTED! **
** Read the NRPE SECURITY file for more information **
***************************************************************

***************************************************************
** POSSIBLE SECURITY RISK - TCP WRAPPERS ARE NOT AVAILABLE! **
** Read the NRPE SECURITY file for more information **
***************************************************************

Usage: nrpe [-n] -c <config_file> [-4|-6] <mode>

Options:
-n = Do not use SSL
<config_file> = Name of config file to use
-4 = use ipv4 only
-6 = use ipv6 only
<mode> = One of the following operating modes:
-i = Run as a service under inetd or xinetd
-d = Run as a standalone daemon
-d -s = Run as a subsystem under AIX

Notes:
This program is designed to process requests from the check_nrpe
plugin on the host(s) running Nagios. It can run as a service
under inetd or xinetd (read the docs for info on this), or as a
standalone daemon. Once a request is received from an authorized
host, NRPE will execute the command/plugin (as defined in the
config file) and return the plugin output and return code to the
check_nrpe plugin.

The output of the ps -ef |grep nrpe command that you ran is looks like it is not running the compiled version of the NRPE Agent from your previous post.
This of not the default path the NRPE agent gets installed to if using the NRPE Installer from the XI GUI. I am guessing that the above agent is causing the issue so you should remove it and stop the daemon from running.
Then the compiled version should start up from the xinetd daemon and hopefully the NRPE Agent will start to function.

I uninstalled the agent. I ran a check and I still get CHECK_NRPE: Error - Could not complete SSL handshake.

Try installing the latest version of NRPE Agent by following the instructions in the KB article below. If you see any errors when compiling ot installing it, please post them here.

I think the problem is that I still have two versions of nrpe running. B/c I followed the install instructions from the KB and when I test nrpe I get version 2.15 instead of version 3.01. I believe this box was originally setup for Nagios Core. Also I get can not complete the ssl handshake.

When you ran the test and received the version number, post how you ran the command and which server did you run the command on?
When you received the SSL handshake error, post how you ran the command and which server did you run the command on?
When you ran the command and received the SSL error, there should be a log entry on the server running the NRPE agent. Take a look in the /var/log/messages file to see what the error is and post that as well.