check_by_ssh configuration problem


#1

Hi all,

I’ve already made the 99.9% of Nagios installation/configuration. Now my problem is check_by_ssh configuration.

Here it is the prob:

Nagios server name: Nagiosserver (Ubuntu)
Destination server name: Saturn (AIX)

  1. I’ve successfully installed the plugins in Saturn (/usr/local/nagios/libexec).

  2. In Nagiosserver:
    **# mkdir /etc/nagios/.ssh

    cd /etc/nagios/.ssh

    chown nagios.nagios .ssh

    ssh-keygen -f id_dsa -t dsa**

**“root@nagiosserver:/etc/nagios/.ssh# ssh-keygen -f id_dsa -t dsa
Generating public/private dsa key pair.
Enter passphrase (empty for no passphrase): (I just press enter here)
Enter same passphrase again:
Your identification has been saved in id_dsa.
Your public key has been saved in id_dsa.pub.
The key fingerprint is:
c9:48:8c:17:de:eb:4b:d1:0d:bc:37:5a:43:d5:ad:92 root@nagiosserver”
**
Then the id_dsa and id_dsa.pub are generated fine.

  1. In Saturn user nagios is the only included in nagios group

  2. in Saturn:
    # mkdir /home/nagios/.ssh

  3. From Nagiosserver I copy the publib file to Saturn:
    **# ftp saturn

    put /home/nagios/.ssh/id_dsa.pub /home/nagios/.ssh/authorized_keys**

  4. in Nagiosserver:
    **# chown -R nagios.nagios /home/nagios/.ssh

    chmod 700 /home/nagios/.ssh**

  5. The problem: when test the ssh connection from Nagiosserver to Saturn:

**root@nagiosserver:/etc/nagios/.ssh# ssh -i /home/nagios/.ssh/id_dsa.pub saturn
***** WARNING! ****
Access to this system is restricted to users authorized by Canada Life.
System monitoring is in effect.
Authorized users of this system are bound by
Canada Life’s Acceptable Use of Technology Policy.
Unauthorized use of this system may result in legal action.
Contact your system administrator if you have any questions.

root@saturn’s password:
Permission denied, please try again.
root@saturn’s password:
Permission denied, please try again.
root@saturn’s password:
Permission denied (publickey,password,keyboard-interactive).
root@nagiosserver:/etc/nagios/.ssh#
**
As you can see, first: the motd appears (even I’ve created the /home/nagios/.hushlogin file in Saturn server)
Second: I don’t underestand whay is asking me for the password even though I am giving the id_dsa.pub path. And doesn’t matter which password I enter: it is always wrong and there is no way to move on.

Also when I try to execute check_disk using check_by_ssh, it’s asking me for the password (??) And it fail using nagios, root or anyone else password as same as above example.

**root@nagiosserver:/etc/nagios/.ssh# /usr/local/share/nagios/libexec/check_by_ssh -H saturn -i /etc/nagios/.ssh/id_dsa -C "/usr/local/share/nagios/libexec/check_disk -w 10% -c 5% -e -m"
root@saturn’s password:
root@saturn’s password:
root@saturn’s password:
root@saturn’s password: CRITICAL - Plugin timed out while executing system call

**Can any of you give me an idea about why is this happening?

Thanks a lot !!!


#2

what is the permission of authroized_keys? Make sure it is 644.