Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

Service check arguments - security question

https://support.nagios.com/forum/viewtopic.php?t=52556

Page 1 of 1

Service check arguments - security question

Posted: Mon Feb 18, 2019 8:59 am
by andyb4u
Hi,

Our security team have asked us if service checks arguments can be encrypted in any way?

For example a service check which uses the check_mysql_health plugin. This check requires user name and password arguments to authenticate against MySQL. Is there any way that these could not be stored on the Nagios server in plain text?

Regards,
Andy

Re: Service check arguments - security question

Posted: Mon Feb 18, 2019 12:17 pm
by benjaminsmith
Hi Andy,

Currently, the best practice for minimizing exposure for password arguments is to define them as macros so they are not visible within Nagios XI or the database. Please see the guideline below.

Nagios XI - Plain Text Password Considerations
https://support.nagios.com/kb/article/n ... s-817.html

As far as encrypting resource.cfg, this is currently an open feature request for Nagios Core.
https://github.com/NagiosEnterprises/na ... issues/367

Let me know if you have any other questions.
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited