"No Route to Host" error - ssh-key exchange issue even if plugin checks work?

Jonathan Wiggins jwiggins at salon.com
Wed Nov 10 21:13:06 CET 2010

Previous message: different notification_intervals by contact
Next message: "No Route to Host" error - ssh-key exchange issue even if plugin checks work?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I'm stuck troubleshooting an error message in the Service Status Details, where a monitored host  is being reported as "No Route to Host".

I can do remote plugin tests from the Nagios server to the monitored node without any problems, but referencing this page: http://www.troubleshootingwiki.org/Troubleshooting_Nagios_3.0  I see a paragraph about testing SSH key-exchange. 

Nagios Server = 10.0.100.130
monitored node = 10.0.100.143

when I do an "ssh -vvvv 10.0.100.130" from the monitored node, it goes straight through, no login prompt. When the reverse is attempted: "ssh -vvvv 10.0.100.143" from Nagios box, I consistently get prompted for login. I was recommended to use DSA instead of RSA, but that made no difference. 

I've appended the contents of both id_rsa.pub and id_dsa.pub to the "authorized_keys" (and "known_hosts") files the exact same way to and from each box respectively.  Of course my tests on 2 test systems worked perfectly, but I'm missing something with this setup.

Additionally, if I do an NRPE check from Nagios > monitored node, it completes successfully.

/usr/local/nagios/libexec/check_tcp -H 10.0.100.143 -p 5666
TCP OK - 0.000 second response time on port 5666|time=0.000361s;0.000000;0.000000;0.000000;10.000000

checking logs on monitored node:

grep nrpe  /var/log/messages


/var/log/messages:Nov 10 12:01:26 monitorednode xinetd[5672]: START: nrpe pid=8607 from=10.0.100.130
/var/log/messages:Nov 10 12:01:26 monitorednode nrpe[8607]: Error: Could not complete SSL handshake. 5 
/var/log/messages:Nov 10 12:01:26 monitorednode xinetd[5672]: EXIT: nrpe status=0 pid=8607 duration=0(sec)
/var/log/messages:Nov 10 12:03:29 monitorednode xinetd[5672]: START: nrpe pid=9220 from=10.0.100.130
/var/log/messages:Nov 10 12:03:29 monitorednode nrpe[9220]: Error: Could not complete SSL handshake. 5 
/var/log/messages:Nov 10 12:03:29 monitorednode xinetd[5672]: EXIT: nrpe status=0 pid=9220 duration=0(sec)

"Error could  not complete SSL handshake" seems to confirm my suspicions about the SSH key-exchange

i'm quite junior on this so I really appreciate everyones patience and thanks in advance
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.monitoring-lists.org/archive/users/attachments/20101110/90c69108/attachment.html>
-------------- next part --------------
------------------------------------------------------------------------------
The Next 800 Companies to Lead America's Growth: New Video Whitepaper
David G. Thomson, author of the best-selling book "Blueprint to a 
Billion" shares his insights and actions to help propel your 
business during the next growth cycle. Listen Now!
http://p.sf.net/sfu/SAP-dev2dev
-------------- next part --------------
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null

Previous message: different notification_intervals by contact
Next message: "No Route to Host" error - ssh-key exchange issue even if plugin checks work?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Users mailing list