Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

Freebsd 12 and NRPE 3 - SSL issue

https://support.nagios.com/forum/viewtopic.php?t=56838

Page 1 of 1

Freebsd 12 and NRPE 3 - SSL issue

Posted: Tue Dec 17, 2019 5:41 pm
by andregrjp
Hello,

I installed FreeBSD 12, which have NRPE3 in the ports.

NRPE is running:
# ps aux | grep nrpe
nagios 13356 0.0 0.1 14860 5616 - Is 22:11 0:00.00 /usr/local/nagios/bin/nrpe -c /usr/local/nagios/etc/nrpe.cfg -d

[1576622259] Starting up daemon
[1576622259] SETUP_WAIT_CONN FOR: IPv4 address: :: ((null))
[1576622259] Server listening on :: port 5666.
[1576622259] SETUP_WAIT_CONN FOR: IPv4 address: 0.0.0.0 ((null))
[1576622259] Server listening on 0.0.0.0 port 5666.
[1576622259] Warning: Daemon is configured to accept command arguments from clients!
[1576622259] Listening for connections on port 5666
[1576622259] Allowing connections from: 127.0.0.1,::1,86.155.0.252

# openssl version
OpenSSL 1.1.1a-freebsd 20 Nov 2018

However when I am trying to test it, I am getting this error:
CHECK_NRPE: (ssl_err != 5) Error - Could not complete SSL handshake with 127.0.0.1: 1

Is there any known issue with OpenSSL 1.1.x and FreeBSD 12 which affect NRPE3?

I remember when I tried with FreeBSD 11 was working


Thanks
Andrew

Re: Freebsd 12 and NRPE 3 - SSL issue

Posted: Tue Dec 17, 2019 6:51 pm
by Box293
Can you follow this KB article to see if it resolves your issue:

https://support.nagios.com/kb/article/n ... e-615.html

Re: Freebsd 12 and NRPE 3 - SSL issue

Posted: Thu Dec 19, 2019 5:15 pm
by andregrjp
Hello,

I tried the options but didn't work, still getting the same problem. I have seen somewhere that there is a problem with OpenSSL 1.1.x, not sure if is still an issue?


Thanks
Andrew

Re: Freebsd 12 and NRPE 3 - SSL issue

Posted: Thu Dec 19, 2019 5:57 pm
by Box293
How did you install NRPE? Did you follow any specific guide?

Re: Freebsd 12 and NRPE 3 - SSL issue

Posted: Tue Dec 24, 2019 3:29 am
by andregrjp
Initially, I installed it by using ports and I had the issue that mentioned. Later on I tried to install from source by using this guide:

https://www.jordansphere.co.uk/installi ... sd-server/

also this guide:

https://support.nagios.com/kb/article.p ... 06#FreeBSD

but I was getting this error.....

/usr/local/bin/ld: /tmp//cc6TZJfd.o: in function `get_dh2048':
/tmp/nrpe-nrpe-3.2.1/src/./../include/dh.h:42: undefined reference to `DH_set0_pqg'
collect2: error: ld returned 1 exit status
*** Error code 1


Regards,
Andrew

Re: Freebsd 12 and NRPE 3 - SSL issue

Posted: Thu Dec 26, 2019 1:12 pm
by mbellerue
If you're running Nagios on Ubuntu 18.04, it could be that NRPE on FreeBSD is presenting a 512 byte DH key. Ubuntu 18.04 will refuse that key outright. Check out the enhanced security document, and see if it fixes the issue.
https://support.nagios.com/kb/article.php?id=519
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited