14.3 Client-side Configuration

The configuration file send_nsca.cfg on the client side must contain the same encryption parameters as the file on the Nagios server:

password=verysecret
decryption_method=10

Since the key is also written here in plain text, it should not be readable for just any user. For this reason it is best to create a user nagios and a group nagios on the client side:

linux:~ # groupadd -g 9000 nagios
linux:~ # useradd -u 9000 -g nagios -d /usr/local/nagios \
       -c "Nagios Admin" nagios

You should now protect the file send_nsca.cfg so that only the user nagios can read it, and ensure, using the SUID mechanism, that the program send_nsca always runs under the user ID of this user. If you now grant execute permission to the group ...

Get Nagios, 2nd Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Nagios, 2nd Edition by

14.3 Client-side Configuration

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly