Host key verification for check_by_ssh not working properly
Patrick Morris
patrick.morris at hp.com
Thu Jul 5 23:33:15 CEST 2007
On Thu, 05 Jul 2007, bthayre at physics.ucsd.edu wrote:
> It's been some time since i've had to configure this plugin, so i may be
> doing it improperly. Now one of the command that nagios will run looks
> like this:
> define command{
> command_name check_slash_free
> command_line $USER1$/check_by_ssh -i /var/ssh/nagios-key -l nagios
> -H $HOSTADDRESS$ -C '$USER1$/check_disk -w $\ARG1$ -c $ARG2$ -p
> /'
> }
> So i've created an rsa key pair and placed it in some arbitrary directory
> and i've changed the ownership and permissions so that my nagios user owns
> and is the only user permitted to use the nagios-key. On the host machine
> i've placed the public key in the nagios user */.ssh/authorized_keys file.
> Now switching to my nagios user on the central server i can ssh into the
> host machine all under the nagios user with no problem, but when nagios
> tries it via check_by_ssh i get this:
>
> CURRENT SERVICE STATE: $HOSTADDRESS$.local;SSH Disk
> Check;UNKNOWN;HARD;4;Remote command execution failed: Host key
> verification failed.
When you SSH into the server from the command line, make sure you do it
using the exact same address Nagios uses (i.e., if you're going in by
HOSTADDRESS in Nagios, don't use a DNS name on the command line), and
that you're doing it as the user Nagios runs under.
An entry needs to be in the Nagios user's known_hosts that exactly matches
the address Nagios is using to get to the machine.
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list