Good Folks,
I have a weird situation here. My remote linux server is nice monitored by Nagios but when I try to run check_nrpe -H I get SSL Handshake error. I don't the same error from Nagios server.
[code]
[root#agent1 ~]# /usr/local/nagios/libexec/check_nrpe -H master
CHECK_NRPE: Error - Could not complete SSL handshake.
[root#agent1 ~]#
[root#master ~]# /usr/local/nagios/libexec/check_nrpe -H agent1
NRPE v2.15
[root#master ~]#
[/code]
Any idea how to resolve it?
Check your nrpe configuration file and your IP in only_from list.
nano /etc/xinetd.d/nrpe
# default: on
# description: NRPE (Nagios Remote Plugin Executor)
service nrpe
{
flags = REUSE
socket_type = stream
port = 5666
wait = no
user = nagios
group = nagios
server = /usr/local/nagios/bin/nrpe
server_args = -c /usr/local/nagios/etc/nrpe.cfg --inetd
log_on_failure += USERID
disable = no
only_from = IP1 IP2 IP3
}
Correct answer is recompiling nrpe with ssl headers.
./configure --enable-ssl
Rest steps which are given in everywhere in general documentation are correct.
Related
I have PostgreSQL running on Ubuntu Server and I want to make remote connection with PostgreSQL running on port 5432.
I've checked if I can ping the public IP of ubuntu server from my machine and that works fine.
Next I've changed two files on ubuntu server first I've changed postgresql.conf which looks as below
#------------------------------------------------------------------------------
# CONNECTIONS AND AUTHENTICATION
#------------------------------------------------------------------------------
# - Connection Settings -
listen_addresses = '*' # what IP address(es) to listen on;
# comma-separated list of addresses;
# defaults to 'localhost'; use '*' for all
# (change requires restart)
port = 5432 # (change requires restart)
Next I've added two lines in pg_hba.conf as below
host all all 0.0.0.0/0 trust
host all all ::/0 trust
Finally I checked if firewall is running by running sudo ufw verbose which outputted inactive.
As per my understanding I've allowed PostgreSQL to accept remote connection and firewall is also not present hence nothing is blocking. Still I get the following error.
psycopg2.OperationalError: connection to server at "XXX.XXX.XXX.XXX", port 5432 failed: Connection timed out (0x0000274C/10060)
Is the server running on that host and accepting TCP/IP connections?
How can I fix this error?
Edit
Although I can ping and ssh to the Ubuntu server using public IP but can not telnet.
I checked if port 5432 is open using this link but it turned out to be closed.
I have wireguard setup on a machine (call it MachineA, with the IP 10.42.0.19). I have my laptop configured with the IP 10.42.0.15, call it LaptopB. I am able to SSH into MachineA from the LaptopB when I connect both peers using ssh root#MachineA. Then, if I wait a while, I can no longer SSH into the MachineA from LaptopB. For example, the same command ssh root#MachineA just hangs.
Using -vvvv shows me this:
$ ssh -vvvv root#10.42.0.19
OpenSSH_8.3p1 Ubuntu-1ubuntu0.1, OpenSSL 1.1.1f 31 Mar 2020
debug1: Reading configuration data /home/xrd/.ssh/config
...
debug2: ssh_connect_direct
debug1: Connecting to 10.42.0.19 [10.42.0.19] port 22.
And, it never connects.
There is a simple fix: from inside the machine, ping any other Wireguard machine on the network. MachineA is a DigitalOcean droplet. If I use the web console to login, and then ping any other peer on the network (say 10.42.0.4), then immediately after the ping starts, the SSH connection completes.
How do I troubleshoot this?
I have not restarted wireguard on either LaptopB nor MachineA. Both appear to be connected.
In my wg0.conf on both ends they are more or less like this:
[Interface]
Address = 10.42.0.19/24
PrivateKey = DontYouWishYouHadThis
DNS = 10.42.0.1,8.8.8.8
[Peer]
PublicKey = SomePublicKeyIsHere
AllowedIPs = 10.42.0.0/24
Endpoint = 33.33.33.33.:51280
On Centos7, following nrpe plugin install steps, when testing the connection between the Nagios server and the remote agent, I got this error...
/usr/local/nagios/libexec/check_nrpe -H 192.168.50.5
CHECK_NRPE: Error - Could not connect to 192.168.50.5: Connection reset by peer
In /etc/xinetd.d/nrpe, I added the Nagios server's IP address to the only_from field.
# default: off
# description: NRPE (Nagios Remote Plugin Executor)
service nrpe
{
disable = no
socket_type = stream
port = 5666
wait = no
user = nagios
group = nagios
server = /usr/local/nagios/bin/nrpe
server_args = -c /usr/local/nagios/etc/nrpe.cfg --inetd
only_from = 127.0.0.1 ::1 {server_IP}
log_on_success =
}
I then restarted the xinetd service; however, upon checking the service status this error log message appeared...
Aug 09 09:32:21 localhost.localdomain xinetd[1448]: bind failed (Address already in use (errno = 98)). service = nrpe
Aug 09 09:32:21 localhost.localdomain xinetd[1448]: Service nrpe failed to start and is deactivated.
The solution was to not only to include the server IP in /etc/xinetd.d/nrpe, but also to stop the nrpe service before restarting the xinetd service.
systemctl stop nrpe
systemctl restart xinetd
It seems restarting xinetd on its own failed to load the nrpe service because it the ports conflicted with the existing nrpe service.
I changed the port in the /etc/mongod.conf file ie
net:
port: 12345
bindIp: 127.0.0.1,123.123.23.255 #localhost and server pub ip
Then I restarted mongo
sudo systemctl restart mongod.service
and checked all ok:
sudo systemctl status mongod
mongod.service - High-performance, schema-free document-oriented database
Loaded: loaded (/lib/systemd/system/mongod.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 2018-07-10 13:35:14 UTC; 16s ago
Docs: https://docs.mongodb.org/manual
Main PID: 1927 (mongod)
Tasks: 23
Memory: 136.3M
CPU: 1.240s
CGroup: /system.slice/mongod.service
└─1927 /usr/bin/mongod --config /etc/mongod.conf
Then I tried to login to mongo:
mongo --username me --password my_password --authenticationDatabase authdb
And got the following error:
MongoDB shell version v3.6.5
connecting to: mongodb://127.0.0.1:27017
2018-07-10T13:29:14.716+0000 W NETWORK [thread1] Failed to connect to 127.0.0.1:27017, in(checking socket for error after poll), reason: Connection refused
2018-07-10T13:29:14.717+0000 E QUERY [thread1] Error: couldn't connect to server 127.0.0.1:27017, connection attempt failed :
I then changed the port back to 27017 in mongod.conf and could login to the db OK.
Any idea why the mongo shell tries 27017 even though mongo port is changed?
You're confusing between mongo server (the server you configure when you change .conf file) and mongo client you used to connect to mongo server. If you changed your port to 12345, then you must precise it when you try to connect, providing it in the connecting command :
mongo --username me --password my_password --authenticationDatabase authdb --port 12345
or
mongo --username me --password my_password --authenticationDatabase authdb --host 127.0.0.1:12345
EDIT : without any port specification in mongo command, default one will be used, so 27017.
I have a website deployed on Apache2. The Apache2 server is setup on a VM.
When I try to access the site using a browser from a remote machine (my laptop), I get a connection timed out error.
When I try to access something deployed on Tomcat on the same VM it works fine. But Apache gives a problem.
Please let me know what I am missing.
Thanks.
1) check that the httpd process is running
ps -ef | grep httpd |grep -v grep
2) make sure you are broadcasting on port 80
netstat -atn |grep :80
3) verify in your conf (/etc/httpd/conf.d/*.conf) file that you are binding Apache to port 80
<virtualhost *:80>
or
<virtualhost xxx.xxx.xxx.xxx:80>
Your Tomcat process may be bound to port 80 and the socket is not available.
on centos run this commands:
iptables -I INPUT 4 -p tcp -m state --state NEW -m tcp --dport 80 -j ACCEPT
/etc/init.d/iptables save