check_by_ssh failing - host key verification failed
O'Donnell, Robert L
robert.l.odonnell at intel.com
Wed Apr 21 01:18:05 CEST 2010
No joy in Mudville.
I can ssh interactive as user nagios with both the ip address and the name of the target machine.
Also, my .cfg file does define the host name and address
Define host{
Use linux-server
Host_name (machine_name)
Alias (machine_name)
Address (machine_ip)
Notes xxxxx
Notes_url (internal_wiki_web_link)
I also tried to change the command.cfg command_line to check_by_ssh -H $HOSTADDRESS$ ... to $HOSTNAME$ with no impact.
Any help would be GREATLY appreciated, as I have been banging my head on this for over a week. That said, I know a LOT more about ssh and DSA security than I did last week.
================
Hi O'Donnell,!
On Wed, 14 Apr 2010, O'Donnell, Robert L wrote:
> Giorgio,
>
> Yes.
>
> Ssh (remote_machine_ip) -l nagios ?I /etc/nagios/.ssh/id_dsa
>
> logs me in with prompt ?nagios@(remote_machine_name):~>? and
> whoami returns nagios.
I see that you're logging in by IP, but in the config snippet you
included previously there was no IP defined in the host definition, so
$HOSTADDRESS$ will expand to the same value as host_name. You'll need
to log in using the same exact address (in this case, name) Nagios will
be using to create an entry in your known_hosts file that matches what
Nagios will be using.
==================
If u try an ssh login from Nagios box to the remote box, u can login without been asked for a password?
Ciao,
Giorgio
Il giorno 14/apr/2010, alle ore 23.15, "O'Donnell, Robert L" <robert.l.odonnell at intel.com> ha scritto:
Running nagios 3.0.6 on OpenSUSE and trying to get info from a SUSE enterprise machine.
Chk_by_ssh returns UNKNOWN and "Remote command execution failed: Host key verification failed", check_ping works.
I have played with every combo of options I could think of, but same results. This is my first setup with remote checks on a linux machine (windows machine checks working fine), so it could be a newb problem.
(from commands.cfg)
# check_ssh_dummy command definition
define command{
command_name check_ssh_dummy
command_line $USER1$/check_by_ssh -H $HOSTADDRESS$ -l nagios -2 \
-I /etc/nagios/.ssh/id_dsa -C "/usr/lib/nagios/plugins/check_dummy 0"
}
I took out the desired response text to eliminate possible double quote issues, but it made no difference
===================
Running nagios 3.0.6 on OpenSUSE and trying to get info from a SUSE enterprise machine.
Chk_by_ssh returns UNKNOWN and "Remote command execution failed: Host key verification failed", check_ping works.
I have played with every combo of options I could think of, but same results. This is my first setup with remote checks on a linux machine (windows machine checks working fine), so it could be a newb problem.
(from commands.cfg)
# check_ssh_dummy command definition
define command{
command_name check_ssh_dummy
command_line $USER1$/check_by_ssh -H $HOSTADDRESS$ -l nagios -2 \
-I /etc/nagios/.ssh/id_dsa -C "/usr/lib/nagios/plugins/check_dummy 0"
}
I took out the desired response text to eliminate possible double quote issues, but it made no difference
(from object config)
define service{
use local-service
host_name (machine_name)
service_description PING
check_command check_ping!100.0,20%!500.o,60%
}
define_service{
use local-service
host_name (machine_name)
service_description check_ssh_dummy!
}
>From the command line, I run:
/usr/lib/nagios/plugins/check_by_ssh -H (machine_ip) -l nagios -i /etc/nagios.ssh/id_dsa -C "usr/lib/nagios/plugins/check_dummy 0"
It returns OK
I am having the same issue with check_ssh_disk. I do not have a MOTD for the shell, I have tried putting explicit paths in place of USER1, putting in the actual address for HOSTADDRESS, and many options on the
Robert L. O'Donnell
Advanced Equipment Engineering, IMO
------------------------------------------------------------------------------
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue.
::: Messages without supporting info will risk being sent to /dev/null
More information about the Users
mailing list