<br><font size=2 face="sans-serif">Karl et al,</font>
<br>
<br><font size=2 face="sans-serif">Thanks for your mails. In the end like
you suggested I have implemented checks_by_ssh using null passphrases and
all is working well.</font>
<br>
<br><font size=2 face="sans-serif">Many thanks</font>
<br>
<br><font size=2 face="sans-serif">Matthew</font>
<br><font size=2 face="sans-serif">____________________________________________<br>
</font>
<br>
<br>
<br>
<table width=100%>
<tr valign=top>
<td width=40%><font size=1 face="sans-serif"><b>Karl DeBisschop <karl@debisschop.net></b>
</font>
<br><font size=1 face="sans-serif">Sent by: nagios-users-admin@lists.sourceforge.net</font>
<p><font size=1 face="sans-serif">01/04/2003 03:45</font>
<td width=59%>
<table width=100%>
<tr>
<td>
<div align=right><font size=1 face="sans-serif">To</font></div>
<td valign=top><font size=1 face="sans-serif">"Carroll, Jim P ""[Contractor]"
<jcarro10@sprintspectrum.com></font>
<tr>
<td>
<div align=right><font size=1 face="sans-serif">cc</font></div>
<td valign=top><font size=1 face="sans-serif">Nagios Users <nagios-users@lists.sourceforge.net></font>
<tr>
<td>
<div align=right><font size=1 face="sans-serif">Subject</font></div>
<td valign=top><font size=1 face="sans-serif">RE: [Nagios-users] nrpe questions</font></table>
<br>
<table>
<tr valign=top>
<td>
<td></table>
<br></table>
<br>
<br>
<br><font size=2><tt>On Mon, 2003-03-31 at 12:48, Carroll, Jim P [Contractor]
wrote:<br>
> If it's an option, why not set up a null passphrase for ssh for nagios<br>
> itself? That way, you don't need to pass the passphrase to<br>
> check_by_ssh.<br>
> <br>
> jc<br>
> <br>
> -----Original Message-----<br>
> From: Matthew.Quinney@hollandandholland.com<br>
> [mailto:Matthew.Quinney@hollandandholland.com]<br>
> Sent: Monday, March 31, 2003 4:35 AM<br>
> To: Nagios-Users<br>
> Subject: Re: [Nagios-users] nrpe questions<br>
> <br>
> <br>
> Dear All,<br>
> <br>
> Does anybody know if the check_by_ssh
command can be<br>
> configured to use a passphrase ? I have
found some old links<br>
> on the web but unfortunately they do not
work.<br>
<br>
FWIW, when I wrote it I made no provision to pass any such thing on the<br>
command line. You cannot depend on any such construct being secure from<br>
an ordinary user.<br>
<br>
You can, however, ensure that your filesystem permissions do keep an<br>
ordinary user fron viewing the private key owned by the nagios user.<br>
Thus, the intended mode of operation is to use secured, passpharseless<br>
keys.<br>
<br>
Short of using 'expect' or a similar mechanism, I do not know of a way<br>
to securely provide a passphrase to check_by_ssh. I consider expect in<br>
this case to provide a minimal increment of security (in that it still<br>
all comes down to how well you protect your files from intruders) but a<br>
major increase in administrative work. Thus I have not made any<br>
provisions to support it.<br>
<br>
If you do know of portable and secure way to pass in a pasphrase, I<br>
would be willing to consider it. But failing that, the answer is no,<br>
there are no provisions for providing a passphrase, and any way that you<br>
find to do so would be accidental.<br>
<br>
--<br>
Karl<br>
<br>
<br>
<br>
<br>
<br>
-------------------------------------------------------<br>
This SF.net email is sponsored by: ValueWeb: <br>
Dedicated Hosting for just $79/mo with 500 GB of bandwidth! <br>
No other company gives more support or power for your dedicated server<br>
http://click.atdmt.com/AFF/go/sdnxxaff00300020aff/direct/01/<br>
_______________________________________________<br>
Nagios-users mailing list<br>
Nagios-users@lists.sourceforge.net<br>
https://lists.sourceforge.net/lists/listinfo/nagios-users<br>
::: Please include Nagios version, plugin version (-v) and OS when reporting
any issue. <br>
::: Messages without supporting info will risk being sent to /dev/null<br>
<br>
_____________________________________________________________________<br>
This e-mail has been scanned for viruses by the uuNet Internet Managed
Scanning Service - powered by MessageLabs.<br>
</tt></font>
<br>