Good news and bad news; was Re: [nlug] nightmare on ssh street

[Howard White]

Many thanks for the replies.  My solution was to walk away from it for a 
while.

The good news is that the connection is working again.
The bad news is that I have no idea as to why it quit working - today.

To answer Kent's great question about functionality - the nagios check 
runs by the nagios server logging into the remote server with a 
pre-defined key, runs the check and then exits.  One tests that the 
process is working by replicating that login sequence at the command 
line.  The ssh part of the connection is the same either way.

The other answer to Kent's question is that I walked away long enough 
that I didn't have to try to run tcpdump to trace the connection...

Our environments are too simple and too small to be vmotioned. 
Monitoring a production server that, by all appearances, churned away 
merrily whilst I was trying to monitor.

Like I tell the hardware vendors - diagnostics are great until they aren't.

Howard

On 5/12/20 4:17 PM, Kent Perrier wrote:
    - ssh from nagios server to all other monitored remote servers = working
    - tried ssh login from command line of nagios server = timeout, no
    connect


How are these functionally different?

What does tcpdump show? Are the ssh packets from the nagios sever making 
it to the target CentOS VM? What about ping? Or telneting to the port of 
another running service on the VM?

Did the VM get vmontioned to a VM host that potentially doesn't have the 
proper network configuration?

On Tue, May 12, 2020 at 3:54 PM Howard White <hwh...@vcch.com 
<mailto:hwh...@vcch.com>> wrote:

    Madness continues.

    Working in a CentOS environment; connecting to servers.  The connection
    pair in question has been working for over a year without issues -
    specifically querying various Nagios checks over ssh (works great, more
    secure than NRPE).  Today, remote server (hosted on VMWare), Nagios
    checks of VMWare host (not ssh) work fine, guest checks do not.

    Troubleshooting:

    - ssh from nagios server to all other monitored remote servers = working
    - tried ssh login from command line of nagios server = timeout, no
    connect
    - tried ssh login from other CentOS systems to remote server = works
    - checked firewall on remote server = not active
    - tried restarting sshd on remote server = no change
    - nagios server got restarted 8 days ago and ssh worked until remote
    server boot this morning
    - /var/log/secure gives no activity during attempted ssh connection
    from
    nagios server; /var/log/secure shows activity when ssh connected from
    alternate system
    - the alternate servers are probably further behind on openssl updates
    than the nagios server
    - oh yeah, tried ssh connect calling DNS names and IP addresses = no
    difference
    - ssh from nagios server to remote VMWare host = working

    WhaddIdo???

    Howard

    -- 
    -- 
    You received this message because you are subscribed to the Google
    Groups "NLUG" group.
    To post to this group, send email to nlug-talk@googlegroups.com
    <mailto:nlug-talk@googlegroups.com>
    To unsubscribe from this group, send email to
    nlug-talk+unsubscr...@googlegroups.com
    <mailto:nlug-talk%2bunsubscr...@googlegroups.com>
    For more options, visit this group at
    http://groups.google.com/group/nlug-talk?hl=en

    ---
    You received this message because you are subscribed to the Google
    Groups "NLUG" group.
    To unsubscribe from this group and stop receiving emails from it,
    send an email to nlug-talk+unsubscr...@googlegroups.com
    <mailto:nlug-talk%2bunsubscr...@googlegroups.com>.
    To view this discussion on the web visit
    
https://groups.google.com/d/msgid/nlug-talk/79138c43-a0a9-cf63-5a51-b301ac2b445f%40vcch.com.

--
--
You received this message because you are subscribed to the Google 
Groups "NLUG" group.
To post to this group, send email to nlug-talk@googlegroups.com
To unsubscribe from this group, send email to 
nlug-talk+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/nlug-talk?hl=en

---
You received this message because you are subscribed to the Google 
Groups "NLUG" group.
To unsubscribe from this group and stop receiving emails from it, send 
an email to nlug-talk+unsubscr...@googlegroups.com 
<mailto:nlug-talk+unsubscr...@googlegroups.com>.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/nlug-talk/CA%2B6_KC9hmHbKDxY6JgAf3%2BMo-aDYdnnayJBxkF9%2BDZoNZs1MTg%40mail.gmail.com 
<https://groups.google.com/d/msgid/nlug-talk/CA%2B6_KC9hmHbKDxY6JgAf3%2BMo-aDYdnnayJBxkF9%2BDZoNZs1MTg%40mail.gmail.com?utm_medium=email&utm_source=footer>.

--
--
You received this message because you are subscribed to the Google Groups 
"NLUG" group.
To post to this group, send email to nlug-talk@googlegroups.com
To unsubscribe from this group, send email to 
nlug-talk+unsubscr...@googlegroups.com
For more options, visit this group at 
http://groups.google.com/group/nlug-talk?hl=en

--- 
You received this message because you are subscribed to the Google Groups "NLUG" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to nlug-talk+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/nlug-talk/aef50bda-f686-9686-4cfc-8fb796ccf30e%40vcch.com.