[root@junon libexec]# /usr/local/nagios/libexec/check_nrpe -H 127.0.0.1
CHECK_NRPE: Error - Could not complete SSL handshake.
[root@junon libexec]# /usr/local/nagios/libexec/check_nrpe -H 192.168.4.3
Connection refused by host
In /etc/xinetd.d/nrpe connections are allowed from 127.0.0.1
Naios debugging says :
1. Different versions. Make sure you are using the same version of the check_nrpe plugin and the NRPE daemon. Newer versions of NRPE are usually not backward compatible with older versions.
2. SSL is disabled. Make sure both the NRPE daemon and the check_nrpe plugin were compiled with SSL support and that neither are being run without SSL support (using command line switches).
3. Incorrect file permissions. Make sure the NRPE config file (nrpe.cfg) is readable by the user (i.e. nagios) that executes the NRPE binary from inetd/xinetd.
4. Pseudo-random device files are not readable. Greg Haygood noted the following... "After wringing my hair out and digging around with truss, I figured out the problem on my Solaris 8 boxen. The files /devices/pseudo/random* (linked through /dev/*random, and provided by Sun patch 112438) were not readable by the nagios user I use to launch NRPE. Making the character devices world-readable solved it."
5. Unallowed address. If you're running the NRPE daemon under xinetd, make sure that you have a line in the xinetd config file that say "only_from = xxx.xxx.xxx.xxx", where xxx.xxx.xxx.xxx is the IP address that you're connected to the NRPE daemon from.
[root@junon libexec]# netstat -at | grep nrpe
tcp 0 0 :nrpe *: LISTEN
SSL is installed and enabled (how can I check ??)
everyone has read on nrpe.cfg
only_from = 127.0.0.1
So what is going wrong ???
Thanks for the help !
[root@ares snmp]# /usr/local/nagios/libexec/check_nrpe -H 192.168.4.170
ares (192.168.4.3) is the monitoring server with nagios installed)
junon (192.168.4.170) is the server to be monitored
check_nrpe from ares to junon : OK
check_nrpe from junon to ares : connection refused by host