Giving check_by_ssh a password

Misao misaochankun at speakeasy.net
Wed Jun 23 19:24:15 CEST 2004


Not quite as easy as that sounds.

This was done by a Unix admin, and the Unix folks around here are just
getting introduced to ssh, after my insistence. I actually used Nagios to
tempt them into installing it, and I hope to get them off of using telnet
soon too. I don't think they knew any better about the permissions, and
since I am not root, I couldn't check on all this myself normally. I also
had no access to their logs. I really didn't want to have check_by_ssh use
clear text passwords, but I hit a wall with the admins, and they refused to
further troubleshoot the issue. It was deemed Nagios' fault, so I had to do
things on my own with an unprivileged account. I did pass on the info to
them, so now everyone knows a little better. Thanks for helping with the
process though.

-----Original Message-----
From: nagios-users-admin at lists.sourceforge.net
[mailto:nagios-users-admin at lists.sourceforge.net] On Behalf Of Karl
DeBisschop
Sent: Tuesday, June 22, 2004 10:27 PM
To: nagios-users at lists.sourceforge.net
Subject: Re: [Nagios-users] Giving check_by_ssh a password

Misao wrote:
> Hey, that did something. For some reason, the sysadmin that worked on this
> box before had set both the .ssh and the Nagios home directory to 777
> instead of 755.

I hope the sysadmin was terminated for cause.

Here we are worried about allowing passwords cleartext on the cammand 
line for a fraction of a second in check_by_ssh, and your predcessor is 
running in a 777 home dir.

I guess we have another justification for such strict settings in 
check_by_ssh - it reveals weak policy setting in the installed base.

I'm glad your problem is solved.

-- 
Karl


-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 - 
digital self defense, top technical experts, no vendor pitches, 
unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting
any issue. 
::: Messages without supporting info will risk being sent to /dev/null



-------------------------------------------------------
This SF.Net email sponsored by Black Hat Briefings & Training.
Attend Black Hat Briefings & Training, Las Vegas July 24-29 - 
digital self defense, top technical experts, no vendor pitches, 
unmatched networking opportunities. Visit www.blackhat.com
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null





More information about the Users mailing list