While all of the previous recipes in this chapter show that NRPE can be very effectively tied down and secured, it may be that we require some means of authentication to a target host in order to run the appropriate Nagios plugins on it. The
nrpe daemon does not require any authentication to return information about the host's state; as long as the IP addresses all match and the command is defined for running, it will return information.
If you already use SSH keys for a public key infrastructure in your network, then you may find it preferable to use the
check_by_ssh plugin instead, which allows you to use public keys to authenticate with a target host before running any commands. This is only suitable if the target host runs a secure shell daemon.
In this recipe, we'll repeat the setup for the
check_load plugin as done in the first recipe in this chapter, Monitoring local services on a remote machine with NRPE, but we'll use the...