compiling nsca-2.1 under Solaris8
Fred Im
fim32 at yahoo.com
Fri Aug 16 21:34:40 CEST 2002
certainly that is an option. and it actually works out pretty well (the
previous monitoring system we were using did a similar kind of thing using ssh.
cons:
1) scalability, when nagios (or any other monitoring server) has to open an ssh
session any time it wants to get data, it uses a pretty good amount of cpu
time...
2) security, seems funny, i know. to use any scripted ssh daemon, you either
have to put the passphrase somewhere or the password. neither is a favorable
way to go. and the user you're logging in as on the remote host has to have
login access, something you don't need for the nrpe daemon.
simply put, using ssh, you have encrypted the traffic, but the user can run
anything. with nrpe, someone may see some odd traffic to the effect of "Test
OK [5% of 6MB]", but they can only run what you've let them run in the nrpe.cfg
file.
fred
>Fred Im wrote:
>> ok... i'll describe how i set up each of the pieces here
>> (yes, i use both) to
>> give some basis to how it looks to me...
>
>[snip]
>
>Alright, I can see that.
>
>Now here's a curve ball: Why not just use check_by_ssh instead of NRPE?
__________________________________________________
Do You Yahoo!?
HotJobs - Search Thousands of New Jobs
http://www.hotjobs.com
-------------------------------------------------------
This sf.net email is sponsored by: OSDN - Tired of that same old
cell phone? Get a new here for FREE!
https://www.inphonic.com/r.asp?r=sourceforge1&refcode1=vs3390
More information about the Users
mailing list