nagios core | nagios plugins | nagios ssh
for remote check_by_ssh checks to work, first make sure there’s an available user shell
on the nagios agent
chsh -s /bin/bash nagios
then proceed with the key-pair
on the nagios server
grep ^nagios-cmd /etc/passwd
mkdir /var/nagios/.ssh/
ssh-keygen -f /var/nagios/.ssh/id_ed25519 -t ed25519
chown -R nagios-cmd:nagios-cmd /var/nagios/.ssh/
vi /var/nagios/.ssh/id_ed25519.pub
... nagios-cmd@...
cat /var/nagios/.ssh/id_ed25519.pub
on the nagios agent
grep ^nagios /etc/passwd
mkdir /usr/libexec/nagios/.ssh/
vi /usr/libexec/nagios/.ssh/authorized_keys
(copy/paste)
chown -R nagios:nagios /usr/libexec/nagios/.ssh/
chmod 600 /usr/libexec/nagios/.ssh/authorized_keys
either add that flag when calling check_by_ssh
-E, --skip-stderr[=n]
Ignore all or (if specified) first n lines on STDERR [optional]
or simply make sure there’s absolutely no stderr
vi /var/nagios/.ssh/config
host *
visualhostkey no
UNKNOWN - check_by_ssh: Remote command execution failed: Host key fingerprint is SHA256:...
==> make sure there’s no sdterr when calling the remote hosts
https://www.techrepublic.com/article/remotely-monitor-servers-with-the-nagios-check-by-ssh-plugin/ ===> THAT WAS HELPFUL
https://exchange.nagios.org/directory/Plugins/*-Remote-Check-Tunneling ==> THAT ALSO