Nagios - Mod-Gearman - NSclient Encyption
Nagios - Mod-Gearman - NSclient Encyption
I have been tasked to find out how to configure Nagios to work securely with mod-gearman and monitor windows machines which have NSclient installed. At a high level, am I right in thinking that the Nagios server communicates with the mod-gearman workers using it's own encryption? If so what level of encryption is this? Can the worker server then be configured to communicate securely with the NSClients using certs? Apologies if these questions have been answered before.
Re: Nagios - Mod-Gearman - NSclient Encyption
Mod_Gearman uses Rijndael 256 by default I believe:
https://github.com/sni/mod_gearman/blob ... .h#L36-L37
https://github.com/sni/mod_gearman/blob ... rypt.c#L60
Unless the encryption directive in the workers is disabled, then that worker will send it's results un-encrypted. You'd need to verify all of this against the Nagios XI setup script if you used that, I'm not sure what it sets.
https://www.medin.name/blog/2012/12/02/ ... ntication/
But I don't have any direct experience with such a setup.
https://github.com/sni/mod_gearman/blob ... .h#L36-L37
https://github.com/sni/mod_gearman/blob ... rypt.c#L60
Unless the encryption directive in the workers is disabled, then that worker will send it's results un-encrypted. You'd need to verify all of this against the Nagios XI setup script if you used that, I'm not sure what it sets.
That depends on the NSClient++ setup. Following some official NSClient++ documentation, it seems doable:andyb4u wrote:Can the worker server then be configured to communicate securely with the NSClients using certs?
https://www.medin.name/blog/2012/12/02/ ... ntication/
But I don't have any direct experience with such a setup.
Former Nagios employee
https://www.mcapra.com/
https://www.mcapra.com/
Re: Nagios - Mod-Gearman - NSclient Encyption
Be sure to check out our Knowledgebase for helpful articles and solutions!