check time syncronization

Marc Powell marc at ena.com
Thu Feb 21 21:05:11 CET 2008



> -----Original Message-----
> From: nagios-users-bounces at lists.sourceforge.net [mailto:nagios-users-
> bounces at lists.sourceforge.net] On Behalf Of Hari Sekhon
> Sent: Thursday, February 21, 2008 1:52 PM
> To: mark.potter at academy.com
> Cc: nagios-users at lists.sourceforge.net
> Subject: Re: [Nagios-users] check time syncronization
> 
> mark.potter at academy.com wrote:
> > Another option would to be used check_by_ssh. I am, of course,
> > assuming they are allowed to use ssh but a machine with no remote
> > connectivity is a problem to begin with. check_by_ssh isn't quite as
> > nice as nrpe but it would accomplish the checks in question. One
could
> > also write a pretty simple wrapper to check the time on both
servers,
> > compare it, and account for the lag between the checks. It wouldn't
be
> > pretty but it would work for the most part.
> check_by_ssh? I'd avoid that at any cost, ssh is too powerful, it's
the
> equivalent of nrpe with the "don't blame me flag if you get hacked".
If

I call FUD. If you're super lazy about your configuration, then perhaps,
but it certainly doesn't have to be that way. You can get so restrictive
that only connections from a particular host with a specific key can
receive output from a specific command that you've configured to be run
when that session connects, no matter what else they try to do. Man sshd
and /authorized_keys. 

> you can't use nrpe, then you certainly can't give out ssh access.
> 
> Also, I'm not sure it's worth writing any wrapper, since any which way
> you'd still need a remote execution mechanism. By the time you have
any
> remote execution mechanism, then surely you should use the standard
> check_ntp plugin...
> 
> I think that SNMP, NSCA would be your best bets, but if you can't have

OMG. SNMP can be used to execute programs remotely and reboot machines.
I'd avoid that at all costs, even if I needed to turn the machine off to
not use it.

I'm kidding of course but my point is that the tools are only as open as
you make them.

--
Marc


-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null





More information about the Users mailing list