LBP/nagios_nrpe @ 9178f8ad038e873f4d7e5a3481d83906bf4b2b20

Нема описа

John C. Frickson 9178f8ad03 Change names for Markdown formatting on Github		пре 10 година
contrib	d8c8f4de25 accept() fix for HP-UX 11.0	пре 22 година
docs	20bc739071 Added OO (source) docs to docs/ subdirectory	пре 18 година
include	47a0bbd880 Initial commit of SSL changes.	пре 10 година
package	8b51c1130f Fixed 2 make commands to be generic $(MAKE) macros	пре 13 година
sample-config	15fb2cffb3 Added listen_queue_size as configuration option (Vadim Antipov, Kaspersky Lab)	пре 12 година
src	47a0bbd880 Initial commit of SSL changes.	пре 10 година
.gitignore	ce6c775650 NRPE uses signals unsafely, hangs, can bring down system	пре 10 година
Changelog	98e155fecd Update Changelog	пре 10 година
LEGAL	cef36584d8 Added log facility option	пре 18 година
Makefile.in	ad8a0f9323 Added support for generating Solaris package.	пре 14 година
README.SSL.md	9178f8ad03 Change names for Markdown formatting on Github	пре 10 година
README.Solaris	ad8a0f9323 Added support for generating Solaris package.	пре 14 година
README.md	9178f8ad03 Change names for Markdown formatting on Github	пре 10 година
SECURITY.md	9178f8ad03 Change names for Markdown formatting on Github	пре 10 година
THANKS	047c49658e Added THANKS file. Let us know if you should be in there but are not	пре 10 година
config.guess	f9d181f8e2 Misc bug fixes, updates	пре 20 година
config.sub	f9d181f8e2 Misc bug fixes, updates	пре 20 година
configure	c235ed0a0d Added directories to the SSL library search.	пре 10 година
configure.ac	c235ed0a0d Added directories to the SSL library search.	пре 10 година
init-script.debian.in	7222595e29 Various bug fixes	пре 22 година
init-script.in	135c113ad3 Bug fixes, spec file and init script changes by James Peterson, added sample xinetd config file	пре 23 година
init-script.suse.in	6ff905f987 Added global command prefix option and ability to reload config files with SIGHUP	пре 20 година
install-sh	c861650004 Initial import into CVS	пре 25 година
nrpe.spec	6357f9318a Prep for new 2.15 release	пре 12 година
nrpe.spec.in	176027a4ca Added support for compiling and building RPMs on AIX	пре 14 година
subst.in	ad8a0f9323 Added support for generating Solaris package.	пре 14 година
update-version	6357f9318a Prep for new 2.15 release	пре 12 година

NRPE With SSL/TLS

NRPE now has the option for Encrypting Network traffic using SSL/TLS from openssl.

The Encryption is done using a set encryption routine of AES-256 Bit Encryption using SHA and Anon-DH. This encrypts all traffic using the NRPE sockets from the client to the server.

Since we are using Anon-DH this allows for an encrypted SSL/TLS Connection without using pre-generated keys or certificates. The key generation information used by the program to dynaically create keys on daemon startup can be found in the dh.h file in the nrpe src directory. This file was created using the command:

openssl dhparam -C 512

which outputs the C code in dh.h. For your own security you can replace that file with your own dhparam generated code.

As of this time you will need to have the latest greatest version of OpenSSL (tested against version 0.9.7a) since not all versions have the AES algorythm in them.

I am not aware that at this time this code is restricted under export restrictions but I leave that verification process up to you.

Thoughts and suggestions are welcome and I can be reached on the Nagios and NagiosPlug Mailing Lists.

- Derrick

README.SSL.md