LBP/nagios_nrpe @ 9178f8ad038e873f4d7e5a3481d83906bf4b2b20

Нет описания

John C. Frickson 9178f8ad03 Change names for Markdown formatting on Github		10 лет назад
contrib	d8c8f4de25 accept() fix for HP-UX 11.0	22 лет назад
docs	20bc739071 Added OO (source) docs to docs/ subdirectory	18 лет назад
include	47a0bbd880 Initial commit of SSL changes.	10 лет назад
package	8b51c1130f Fixed 2 make commands to be generic $(MAKE) macros	13 лет назад
sample-config	15fb2cffb3 Added listen_queue_size as configuration option (Vadim Antipov, Kaspersky Lab)	12 лет назад
src	47a0bbd880 Initial commit of SSL changes.	10 лет назад
.gitignore	ce6c775650 NRPE uses signals unsafely, hangs, can bring down system	10 лет назад
Changelog	98e155fecd Update Changelog	10 лет назад
LEGAL	cef36584d8 Added log facility option	18 лет назад
Makefile.in	ad8a0f9323 Added support for generating Solaris package.	14 лет назад
README.SSL.md	9178f8ad03 Change names for Markdown formatting on Github	10 лет назад
README.Solaris	ad8a0f9323 Added support for generating Solaris package.	14 лет назад
README.md	9178f8ad03 Change names for Markdown formatting on Github	10 лет назад
SECURITY.md	9178f8ad03 Change names for Markdown formatting on Github	10 лет назад
THANKS	047c49658e Added THANKS file. Let us know if you should be in there but are not	10 лет назад
config.guess	f9d181f8e2 Misc bug fixes, updates	20 лет назад
config.sub	f9d181f8e2 Misc bug fixes, updates	20 лет назад
configure	c235ed0a0d Added directories to the SSL library search.	10 лет назад
configure.ac	c235ed0a0d Added directories to the SSL library search.	10 лет назад
init-script.debian.in	7222595e29 Various bug fixes	22 лет назад
init-script.in	135c113ad3 Bug fixes, spec file and init script changes by James Peterson, added sample xinetd config file	23 лет назад
init-script.suse.in	6ff905f987 Added global command prefix option and ability to reload config files with SIGHUP	20 лет назад
install-sh	c861650004 Initial import into CVS	25 лет назад
nrpe.spec	6357f9318a Prep for new 2.15 release	12 лет назад
nrpe.spec.in	176027a4ca Added support for compiling and building RPMs on AIX	14 лет назад
subst.in	ad8a0f9323 Added support for generating Solaris package.	14 лет назад
update-version	6357f9318a Prep for new 2.15 release	12 лет назад

NRPE With SSL/TLS

NRPE now has the option for Encrypting Network traffic using SSL/TLS from openssl.

The Encryption is done using a set encryption routine of AES-256 Bit Encryption using SHA and Anon-DH. This encrypts all traffic using the NRPE sockets from the client to the server.

Since we are using Anon-DH this allows for an encrypted SSL/TLS Connection without using pre-generated keys or certificates. The key generation information used by the program to dynaically create keys on daemon startup can be found in the dh.h file in the nrpe src directory. This file was created using the command:

openssl dhparam -C 512

which outputs the C code in dh.h. For your own security you can replace that file with your own dhparam generated code.

As of this time you will need to have the latest greatest version of OpenSSL (tested against version 0.9.7a) since not all versions have the AES algorythm in them.

I am not aware that at this time this code is restricted under export restrictions but I leave that verification process up to you.

Thoughts and suggestions are welcome and I can be reached on the Nagios and NagiosPlug Mailing Lists.

- Derrick

README.SSL.md