nightmare on ssh street
59 views
Skip to first unread message
Howard White
May 12, 2020, 4:54:22 PM5/12/20
to nlug...@googlegroups.com
Madness continues.
Working in a CentOS environment; connecting to servers. The connection
pair in question has been working for over a year without issues -
specifically querying various Nagios checks over ssh (works great, more
secure than NRPE). Today, remote server (hosted on VMWare), Nagios
checks of VMWare host (not ssh) work fine, guest checks do not.
Troubleshooting:
- ssh from nagios server to all other monitored remote servers = working
- tried ssh login from command line of nagios server = timeout, no connect
- tried ssh login from other CentOS systems to remote server = works
- checked firewall on remote server = not active
- tried restarting sshd on remote server = no change
- nagios server got restarted 8 days ago and ssh worked until remote
server boot this morning
- /var/log/secure gives no activity during attempted ssh connection from
nagios server; /var/log/secure shows activity when ssh connected from
alternate system
- the alternate servers are probably further behind on openssl updates
than the nagios server
- oh yeah, tried ssh connect calling DNS names and IP addresses = no
difference
- ssh from nagios server to remote VMWare host = working
WhaddIdo???
Howard
Working in a CentOS environment; connecting to servers. The connection
pair in question has been working for over a year without issues -
specifically querying various Nagios checks over ssh (works great, more
secure than NRPE). Today, remote server (hosted on VMWare), Nagios
checks of VMWare host (not ssh) work fine, guest checks do not.
Troubleshooting:
- ssh from nagios server to all other monitored remote servers = working
- tried ssh login from command line of nagios server = timeout, no connect
- tried ssh login from other CentOS systems to remote server = works
- checked firewall on remote server = not active
- tried restarting sshd on remote server = no change
- nagios server got restarted 8 days ago and ssh worked until remote
server boot this morning
- /var/log/secure gives no activity during attempted ssh connection from
nagios server; /var/log/secure shows activity when ssh connected from
alternate system
- the alternate servers are probably further behind on openssl updates
than the nagios server
- oh yeah, tried ssh connect calling DNS names and IP addresses = no
difference
- ssh from nagios server to remote VMWare host = working
WhaddIdo???
Howard
Vincent Brown
May 12, 2020, 5:09:53 PM5/12/20
to NLUG
Howard, do you have any previous snapshots of your VMs? If so, does it work in any earlier states?
Vince
Kent Perrier
May 12, 2020, 5:17:34 PM5/12/20
to nlug-talk
- ssh from nagios server to all other monitored remote servers = working
- tried ssh login from command line of nagios server = timeout, no connect
How are these functionally different?
What does tcpdump show? Are the ssh packets from the nagios sever making it to the target CentOS VM? What about ping? Or telneting to the port of another running service on the VM?
Did the VM get vmontioned to a VM host that potentially doesn't have the proper network configuration?
--
--
You received this message because you are subscribed to the Google Groups "NLUG" group.
To post to this group, send email to nlug...@googlegroups.com
To unsubscribe from this group, send email to nlug-talk+...@googlegroups.com
For more options, visit this group at http://groups.google.com/group/nlug-talk?hl=en
---
You received this message because you are subscribed to the Google Groups "NLUG" group.
To unsubscribe from this group and stop receiving emails from it, send an email to nlug-talk+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/nlug-talk/79138c43-a0a9-cf63-5a51-b301ac2b445f%40vcch.com.
Howard White
May 12, 2020, 7:37:14 PM5/12/20
to nlug...@googlegroups.com
Many thanks for the replies. My solution was to walk away from it for a
while.
The good news is that the connection is working again.
The bad news is that I have no idea as to why it quit working - today.
To answer Kent's great question about functionality - the nagios check
runs by the nagios server logging into the remote server with a
pre-defined key, runs the check and then exits. One tests that the
process is working by replicating that login sequence at the command
line. The ssh part of the connection is the same either way.
The other answer to Kent's question is that I walked away long enough
that I didn't have to try to run tcpdump to trace the connection...
Our environments are too simple and too small to be vmotioned.
Monitoring a production server that, by all appearances, churned away
merrily whilst I was trying to monitor.
Like I tell the hardware vendors - diagnostics are great until they aren't.
Howard
> <mailto:nlug...@googlegroups.com>
> <mailto:nlug-talk%2Bunsu...@googlegroups.com>
> <https://groups.google.com/d/msgid/nlug-talk/CA%2B6_KC9hmHbKDxY6JgAf3%2BMo-aDYdnnayJBxkF9%2BDZoNZs1MTg%40mail.gmail.com?utm_medium=email&utm_source=footer>.
while.
The good news is that the connection is working again.
The bad news is that I have no idea as to why it quit working - today.
To answer Kent's great question about functionality - the nagios check
runs by the nagios server logging into the remote server with a
pre-defined key, runs the check and then exits. One tests that the
process is working by replicating that login sequence at the command
line. The ssh part of the connection is the same either way.
The other answer to Kent's question is that I walked away long enough
that I didn't have to try to run tcpdump to trace the connection...
Our environments are too simple and too small to be vmotioned.
Monitoring a production server that, by all appearances, churned away
merrily whilst I was trying to monitor.
Like I tell the hardware vendors - diagnostics are great until they aren't.
Howard
> <mailto:nlug-talk%2Bunsu...@googlegroups.com>
> For more options, visit this group at
> http://groups.google.com/group/nlug-talk?hl=en
>
> ---
> You received this message because you are subscribed to the Google
> Groups "NLUG" group.
> To unsubscribe from this group and stop receiving emails from it,
> send an email to nlug-talk+...@googlegroups.com
> <mailto:nlug-talk%2Bunsu...@googlegroups.com>.
> http://groups.google.com/group/nlug-talk?hl=en
>
> ---
> You received this message because you are subscribed to the Google
> Groups "NLUG" group.
> To unsubscribe from this group and stop receiving emails from it,
> send an email to nlug-talk+...@googlegroups.com
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/nlug-talk/79138c43-a0a9-cf63-5a51-b301ac2b445f%40vcch.com.
>
> https://groups.google.com/d/msgid/nlug-talk/79138c43-a0a9-cf63-5a51-b301ac2b445f%40vcch.com.
>
> --
> --
> You received this message because you are subscribed to the Google
> Groups "NLUG" group.
> To post to this group, send email to nlug...@googlegroups.com
> To unsubscribe from this group, send email to
> nlug-talk+...@googlegroups.com
> For more options, visit this group at
> http://groups.google.com/group/nlug-talk?hl=en
>
> ---
> You received this message because you are subscribed to the Google
> Groups "NLUG" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to nlug-talk+...@googlegroups.com
> <mailto:nlug-talk+...@googlegroups.com>.
> --
> You received this message because you are subscribed to the Google
> Groups "NLUG" group.
> To post to this group, send email to nlug...@googlegroups.com
> To unsubscribe from this group, send email to
> nlug-talk+...@googlegroups.com
> For more options, visit this group at
> http://groups.google.com/group/nlug-talk?hl=en
>
> ---
> You received this message because you are subscribed to the Google
> Groups "NLUG" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to nlug-talk+...@googlegroups.com
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/nlug-talk/CA%2B6_KC9hmHbKDxY6JgAf3%2BMo-aDYdnnayJBxkF9%2BDZoNZs1MTg%40mail.gmail.com
> <https://groups.google.com/d/msgid/nlug-talk/CA%2B6_KC9hmHbKDxY6JgAf3%2BMo-aDYdnnayJBxkF9%2BDZoNZs1MTg%40mail.gmail.com?utm_medium=email&utm_source=footer>.
Reply all
Reply to author
Forward
0 new messages