I am trying to monitor a host in the Amazon EC2 cloud.
Yet when I try to check NRPE from the monitoring host I am getting an SSL
[root@monitor1:~] #/usr/local/nagios/libexec/check_nrpe -H ops.jokefire.com CHECK_NRPE: Error – Could not complete SSL handshake.
And if I telnet into the host on port 5666 to see if the FW port is open, the connection closes right away:
[root@monitor1:~] #telnet ops.somewhere.com 5666
Trying 184.108.40.206… Connected to ops.somewhere.com. Escape character is ‘^]’. Connection closed by foreign host.
You can see there it connects, but then it closes immediately after the connection.
I have NRPE running on the host I want to monitor:
[root@ops:~] #lsof -i :5666
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
xinetd 1434 root 5u IPv4 4063 TCP *:nrpe (LISTEN)
And I have the IP of my nagios server listed in the xinetd conf file:
[root@ops:~] #cat /etc/xinetd.d/nrpe
# default: on
# description: NRPE (Nagios Remote Plugin Executor)
flags = REUSE
socket_type = stream
port = 5666
wait = no
user = nagios
group = nagios
server = /usr/local/nagios/bin/nrpe
server_args = -c /usr/local/nagios/etc/nrpe.cfg –inetd
log_on_failure += USERID
disable = no
only_from = 127.0.0.1 xx.xx.xx.xx # <- representing my real nagios server IP
And I have my default security group for that host open on port 5666 to the world for this experiment. I plan on locking that down again to the single IP of my monitoring host once I get this resolved.
Does anyone have any suggestions on how I can get that problem solved?