14.3 Client-side Configuration
The configuration file send_nsca.cfg
on the client side must contain the same encryption parameters as the file on the Nagios server:
password=verysecret decryption_method=10
Since the key is also written here in plain text, it should not be readable for just any user. For this reason it is best to create a user nagios
and a group nagios
on the client side:
linux:~ # groupadd -g 9000 nagios linux:~ # useradd -u 9000 -g nagios -d /usr/local/nagios \ -c "Nagios Admin" nagios
You should now protect the file send_nsca.cfg
so that only the user nagios
can read it, and ensure, using the SUID mechanism, that the program send_nsca
always runs under the user ID of this user. If you now grant execute permission to the group ...
Get Nagios, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.