-
Pandora 1.3 build 070808 and windows agent 1.2.1 ssh issues
Hi all,
I am running Pandora FMS 1.3 build PC070808 on Ubuntu server 7.04 with Apache 2.2.3, MySQL 5.0.38, Php5.2.1 and Perl 5.8.8 for the Pandora servers.
I am running OpenSSH 4.3 with OpenSSL 0.9.8 for data collection and remote logon purposes.
Corporate network consists out of Windows XP boxes, and I intend to use Windows Agent 1.2.1 for the collection of data.
I am trying to connect the Agents to the server, and this is where my current test setup fails. I used the supplied tutorial to generate the keys, added PandoraAgent.exe to the Windows XP firewall exceptions and tested and verified SSH connectivity with Putty, unfortunately the PandoraAgent –test-ssh fails on authentication.
The user pandora is the owner and has full access to the authorized_keys file and has full rights on val/spool/pandora/data_in.
I’ll post my ssh_conf and keyfiles in the post below for added info.
What did I miss?
For some reason my server dislikes my keys, but I cannot see why as they are virtually identical.Any tips, pointers, help, advise, is very welcome.
Thanks in advance for reading.
(and excuse my English)
-
9 Replies
-
-
Sorry, can’t post due to board thinking my keys and conf are URLs(?) please let me know if there is a way I can attach those files, for now, I could PM them.
Try the new Pandora Agent for windows that will be released in a few days, it use FTP and it’s more simple to setup than SSH, and runs better that SSH version.
You can download new binaries and config and replace in your windows machines:
https://pandora.svn.sourceforge.net/svnroot/pandora/trunk/pandora_agents/win32/bin/
1. Replace the new .EXE
2. Copy the new DDL (libcurl.dll)
3. Use the new tokens in your pandora_agent.conftransfer_mode ftp
ftp_password xxxx <- put your pandora ftp user password there. And give a try. -
-
Will this new client require any changes to the pandora server other than installing an FTP server? If so, what do I have to change, and where do I change it?
No changes except in Pandora Windows agent (described above). This has been added because SSH are a frequent issue of problems. So, FTP could be “less” secure, but more easy to setup. Give a try and give your feedback 🙂
-
Installed the new client, installed and set up VSFTP.
PandoraAgent.exe –test-ftp works, logfile shows no errors.
Only problem for now is that the only I can find in /var/spool/pandora/data_in/ is the test file, even though the agent has a timeout of 300 and the log says it copied the file succesfully.
I tried refreshing Pandora FMS Web Console, but so far, I do not detect any changes, as if it doesn’t detect the agent.
How long does it take for Pandora to process agent data?
Is the fact that no files appear in data_in (other than the test file) considdered normal behaviour?
Or is there still something wrong? -
I set the timeout to 1 minute and enabled debug to see any errors in logfile, so far it appears to be working, the agent copies the files to the server, the server gradually removes these files from the data_in directory.
All goes well, except for the fact that nothing seems to change in the Pandora_Console. I even set the timeout for the monitored station to 1 minute, and it seems to do very little.
How many packets does Pandora need to show an agent in the console?
-
-
I set the timeout to 1 minute and enabled debug to see any errors in logfile, so far it appears to be working, the agent copies the files to the server, the server gradually removes these files from the data_in directory.
All goes well, except for the fact that nothing seems to change in the Pandora_Console. I even set the timeout for the monitored station to 1 minute, and it seems to do very little.
How many packets does Pandora need to show an agent in the console?
DEBUG mode in agents makes to do not copy XML file to server, so this could be the problem :-), try to disable it (DEBUB mode).
-
I turned off debug, but the problem was a little deeper.
The Recon server dicovered the nodes in the network with their full DNS suffix, while the client agents read the hostname without the suffix, so the server read the data, but couldn’t combine it with the clients learned through recon, because the names didn’t match.
I fixed it for now by manually changing the names of the clients detected by Recon, but I’ll need some permanent fix, like being able to add a preset suffix in the Agent config file or something.
Any know workaround or solution to this problem?
