check_mysql
Marc Powell
marc at ena.com
Thu Jan 5 23:26:42 CET 2006
> -----Original Message-----
> From: nagios-users-admin at lists.sourceforge.net [mailto:nagios-users-
> admin at lists.sourceforge.net] On Behalf Of Rene Nelson
> Sent: Thursday, January 05, 2006 3:48 PM
> To: nagios-users at lists.sourceforge.net
> Subject: [Nagios-users] check_mysql
>
> I want to check this via check_by_ssh, but do not want to use the root
> user nor password. (not too excited about leaving it in a clear text
.cfg
> file) Is there a way to get the same information using a read-only
user
> with no password? Is there a best practices for Check_MySQL via
> check_by_ssh?
>
check_by_ssh only allows for host-key based authentication methods, not
password so one issue is already taken care of. Create a non-root user
on your mysql system, configure public key authentication and restrict
the command that can be run to check_mysql.
http://www.networknewz.com/networknewz-10-20030707AuthenticatingbyPublic
KeyOpenSSH.html seems to be a pretty good tutorial on setting up basic
public key authentication. When creating the DSA key, leave the
passphrase blank for passwordless authentication. Also look in the sshd
manpage for information about the authorized_keys file format to
restrict access from specific hosts or only allow specific programs to
be run. If you find other tutorials that say the ssh-agent needs to be
running then you're not looking at the right thing.
--
Marc
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_idv37&alloc_id865&op=click
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list