Categoriearchief: English

Nagios NRPE Server 2.15 Could not complete SSL handshake. 1

CHECK_NRPE: (ssl_err != 5) Error - Could not complete SSL handshake with [ip] 1

Found out it had to do with the major version difference 3.x connecting to 2.x. Adding -2 to the command line made no difference. Disabling SSL was an solution. But not preferred.

I recently upgraded (reinstalled) my vps from Debian Jessie to Debian Buster. I chose to install Nagios4 and NRPE client from Debian repositories. (Previous installation was build from source). I was using Nagios4x already, i guess the nrpe-plugins were a bit older.

On the other side i have an Netgear ReadyNAS Pro 6 to be monitored. This system is still running Debian Jessie. To stay compatible with Netgear updates, i am not doing an dist-upgrade on the OS. Debian Jessie has nagios-nrpe-server 2.x in it’s main repository.

While searching online, i came across a solution that rebuilds nagios-nrpe-server 2.x with a dh 2048 signature.

I tried to do the same thing, with success.

With https://wiki.debian.org/BuildingTutorial as base, i proceeded as following:

# Edit /etc/apt/sources.list, add an deb-src line
deb-src http://mirrors.kernel.org/debian jessie main

Now update apt

sudo apt-get update

Create a working directory and get source code

# Create working directory
mkdir -p src/debian
cd src/debian

# Get source
apt-get source nagios-nrpe-server

# Step into source
cd nagios-nrpe-2.15

# Build without patches, to check that all requirements a met
debuild -b -uc -us

# When build failed, try
sudo apt-get install build-essential fakeroot devscripts
# and
sudo apt-get build-dep nagios-nrpe-server

Now apply some changes to the source code.

Edit ./configure

OLD: $sslbin dhparam -C 512 | awk '/^-----/ {exit} {print}' > include/dh.h
NEW: $sslbin dhparam -C 2048 | awk '/^-----/ {exit} {print}' > include/dh.h

Edit ./configure.in

OLD: $sslbin dhparam -C 512 | awk '/^-----/ {exit} {print}' > include/dh.h
NEW: $sslbin dhparam -C 2048 | awk '/^-----/ {exit} {print}' > include/dh.h

Edit ./src/nrpe.c

OLD: dh=get_dh512();
NEW: dh=get_dh2048();

We can recompile now.

debuild -b -uc -us

If no error occurred, there should be 2 new .deb packages in your working directory.

Install both
sudo dpkg -i nagios-nrpe-plugin_2.15-1.deb
sudo dpkg -i nagios-nrpe-server_2.15-1.deb

LM2576T-5 step down switching regulator

First switching power supply working.

I have an ARM board to be powered, which draws between 0.5 and 1.5 ampere’s on 5 volt. Tried using an standard 7805 (2 ampere spec), but the system would not boot. VOut dropped to 4.5 volts and 7805 was getting to hot with +/- 24 volt VIn.

So i made an circuit based on the LM2576T-5.

Partslist:

Part Price
IC1: LM2576T-5 € 1,60
L1: Inductor 100uH € 1,45
D1: SR504 Recoverd from PC PSU 5.0 Amps Schottky Barrier Rectifier
C1: 470uF 35v Reused from other project
C2: 3300uF 10v Also recovered from PC PSU
F1: Fuse holder and 400mA Stock, price n/a

lm2576t-5-schemaInput voltage is an battery+solar power supply that varies between 23-24 to 29 volts.

Working power supply (left) with active load.
img_20160925_184405_edit

Bad output: (spikes)
What happens if an normal (or to slow) diode is used:
Yellow is regulator V-OUT.
Blue line represents voltage output for load (feedback signal).

img_20160924_194739_edit

Good output:
No load:

noload

100mA load

100ma_load

 

Borrowed lm2576 library for Eagle PCB Design from eaglecentral.ca | LM2576 circuit

Omniksol-4k-TL wifi kit

Capture inverter data yourself? Or want to process generated data? Instead of using the Omnik Portal App?

I found out that it is possible to configure the wifi kit to send TCP/UDP packets to an remote server. After that i started googling around. With some minimal data i started write a small C program.

Some other related project on the internet:

  1. GitHub – Woutrrr / Omnik-Data-Logger | Language: Python | Found first
  2. GitHub – micromys / Omnik | Language: PHP
  3. GitHub – arjenv / omnikstatus | Language: C | Found after completing my own script 🙁

Those scripts are polling the inverter each few minutes. When my research started, i found out, by configuring the web interface, that Omnik also offers the possibility to push TCP or UDP packets to an specified server. With this enabled i started testing en developing.

Reading the message (which byte means what?) was based on the GitHub projects. So someone else did the hard work 😉

Getting started… (read on)
Lees verder

ReadyNAS Pro 6 – Serial Console Port

The ReadyNAS Pro 6 has an serial port at RS232 level.

First tried to connect with an USB to TTL adapter. No luck. After some more reading and searching on the internet i just tried to connect with an USB to RS232 adapter. With positive results!

Counting from the USB ports:

  • 1 – GND  (pin 5 on RS232 / DB9 adapter)
  • 2 – TX (RX / pin 2 on RS232 / DB9 adapter)
  • 3 – RX (TX / pin 3 on RS232 / DB9 adapter)
  1. Use PuTTY or Minicom and configure it with: 9600n8.
  2. Hookup an USB keyboard to the ReadyNAS. (i use an usb port on the backside)
  3. Power On the ReadyNAS, see PuTTY of Minicom showing the device booting up ! 🙂 (printscreen follows)
  4. With the USB keyboard you can hit F3 and enter the BIOS.
  5. Screen information will by sent to PuTTY or Minicom.

Note, there is also an VGA pin header on the main board. I will try that later, because i have to order some parts. (SUB-D 15 female for an flatcable, and an 16 pin flatcable connector)

Please have a look at these sites to:

 

ReadyNAS Pro 6 - Serial pin out

ReadyNAS Pro 6 – Serial pin out

IMG_20140908_191517

ReadyNAS Pro 6 – Breakout board – NIC, USB, COM

IMG_20140908_191543

ReadyNAS Pro 6 – COM Pin header

Apache 2.4 – mod_auth_form

Still a ‘wordpress  draft’, but published already.
It should bring you to an working solution.

I prefer webserver authentication above and php/coded authentication script. This because the webserver can also protect stylesheets, javascript files and, more important, images or other attachments. Within php you can only protect the called page.

Of course, in apache, you can easily use basic authentication. But then the browser shows you an ‘static’ login window. Apache2 has now an module which helps you with form authentication. You can make in now more fancy :).

Please leave comments if necessary 🙂
note… in my test setup this is compiled and running next to system default Apache2 instance.
so 2 apache-bin directories are on the system.

Downloading and extracting Apache 2.4

# cd /opt/src/
# wget http://ftp.tudelft.nl/apache/httpd/httpd-2.4.10.tar.gz
# tar xf httpd-2.4.10.tar.gz
# cd httpd-2.4.10/

Downloaden and extracting Apache 2.4 requirements. Check requirements here

# cd srclib
# wget http://apache.mirror.triple-it.nl/apr/apr-1.5.1.tar.gz
# wget http://apache.mirror.triple-it.nl/apr/apr-util-1.5.3.tar.gz
# tar xf apr-1.5.1.tar.gz
# tar xf apr-util-1.5.3.tar.gz
# mv apr-1.5.1 apr
# mv apr-util-1.5.3 apr-util
# cd .. (/opt/src/httpd-2.4.10/)
# apt-get install libpcre3 libpcre3-dev (if not already installed)

Configuring source tree. (option –with-ssl is optional, decide for yourself if needed)

# ./configure --prefix=/opt/apache2 --with-included-apr --with-ssl --enable-auth-form

Lees verder