NRPE: Could not complete SSL handshake

Andy Shellam andy.shellam-lists at mailnetwork.co.uk
Sun Apr 8 11:14:44 CEST 2007


Hi Jeffrey,

That's what I thought - but as I said, all checks that use NRPE on any 
of these servers are succeeding, plus the times that the errors are 
logged do not correspond to a time that Nagios runs a check.

Andy.

Jeffrey Lensen wrote:
> Hey Andy,
>
> Have you tried running your NRPE checkcommands manually?
> ${NRPE_DIR}/check_nrpe -H ${host} -c ${command} -a 
> ${arguments_if_you_have_any}
> What does this return?
>
> Usually when you get an error like this, it means that you have not 
> specified the ipaddress of the Nagios server (doing the nrpe 
> checkcommands) in the nrpe.cfg on the machine(s) being checked.
> So make sure you have something like this:
>    allowed_hosts=127.0.0.1,${nagios_ip}
>
> Hope this helps,
>
> Jeffrey
>
>
> Andy Shellam wrote:
>> Hi,
>>
>> I'm running NRPE 2.7.1 on a Fedora 6 machine.
>> My Nagios 2.8 server is talking to it fine, and all NRPE checks are 
>> succeeding.
>>
>> However, every 5 minutes I'm getting the following error logged in my 
>> /var/log/messages log on the FC6 machine:
>>
>> Apr  8 08:33:58 acs20aa6 nrpe[23649]: Error: Could not complete SSL 
>> handshake. 5
>>
>> Yet when I look in my /var/log/secure log (which stores every command 
>> run through sudo from NRPE), I cannot match the SSL handshake error 
>> to a time of a check attempt from my Nagios server, e.g. for the 
>> above error:
>>
>> Apr  8 08:31:10 acs20aa6 sudo:   nagios : TTY=unknown ; PWD=/ ; 
>> USER=root ; COMMAND=/usr/local/nagios/libexec/check_uptime
>> Apr  8 08:31:10 acs20aa6 sudo:   nagios : TTY=unknown ; PWD=/ ; 
>> USER=root ; COMMAND=/usr/local/nagios/libexec/check_dns -H 
>> portland-1.andyshellam.eu -a 89.200.137.203 -t 5 -w 3 -c 5
>> Apr  8 08:31:10 acs20aa6 sudo:   nagios : TTY=unknown ; PWD=/ ; 
>> USER=root ; COMMAND=/usr/local/nagios/libexec/check_load -w 5,4,3 -c 
>> 10,8,6
>> Apr  8 08:35:18 acs20aa6 sudo:   nagios : TTY=unknown ; PWD=/ ; 
>> USER=root ; COMMAND=/usr/local/nagios/libexec/check_disk -w 25% -c 
>> 10% -p /
>> Apr  8 08:35:19 acs20aa6 sudo:   nagios : TTY=unknown ; PWD=/ ; 
>> USER=root ; COMMAND=/usr/local/nagios/libexec/check_procs -w 1:1 -c 
>> 1:1 -C named
>> Apr  8 08:35:19 acs20aa6 sudo:   nagios : TTY=unknown ; PWD=/ ; 
>> USER=root ; COMMAND=/usr/local/nagios/libexec/check_swap -w 25% -c 10%
>> Apr  8 08:35:32 acs20aa6 sudo:   nagios : TTY=unknown ; PWD=/ ; 
>> USER=root ; COMMAND=/usr/local/nagios/libexec/check_procs -w 150 -c 200
>>
>> As you can see, there is no check being carried out at 8:33 (the time 
>> of the SSL error.)  Plus there are no failing NRPE checks on the 
>> Nagios server for this host.
>>
>> I'm baffled.
>>
>> I've just checked on 2 of my other machines, which are running NRPE 
>> 2.7.1 on Fedora 4 and FreeBSD 6.1, and they both have the same 
>> problem - a reported SSL handshake error when no checks were being 
>> carried out.
>>
>> Now, on the FreeBSD machine, it has a firewall only letting my Nagios 
>> server talk to port 5666, so I know it's not possible for it to be 
>> another Nagios machine somewhere.
>>
>> Any ideas what could be causing NRPE to fail a connection attempt 
>> every 5 minutes, when it doesn't appear to be Nagios talking to it?
>>
>> Thanks
>>
>> Andy
>>
>> ------------------------------------------------------------------------- 
>>
>> Take Surveys. Earn Cash. Influence the Future of IT
>> Join SourceForge.net's Techsay panel and you'll get the chance to 
>> share your
>> opinions on IT & business topics through brief surveys-and earn cash
>> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV 
>>
>> _______________________________________________
>> Nagios-users mailing list
>> Nagios-users at lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/nagios-users
>> ::: Please include Nagios version, plugin version (-v) and OS when 
>> reporting any issue. ::: Messages without supporting info will risk 
>> being sent to /dev/null
>>   
>
>
> !DSPAM:37,4618b06689291545070445!
>
>


-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null





More information about the Users mailing list