Can't get the sftp check to work. I put in the server name, port (8022) and credentials. Check keeps saying that it can't connect. I put it in the checks of server 1, who makes this connection daily to store backup. (sftp is on server2)
Checked everything ten times and I can connect from command line from server1 to server2 no problem.
Check_MK version as well as the agent are latest, 1.5.0p11
Anyone else encoutered this? any tips would be greatly appreciated.
Can you go over more detail on your setup and the steps you used?
Are you making the check from a computer other than the check_mk server?
···
On Jan 29, 2019, at 2:09 PM, Avalon IT | Sander Brouwer <support@avalon-it.nl> wrote:
Hi all,
Can't get the sftp check to work. I put in the server name, port (8022) and credentials. Check keeps saying that it can't connect. I put it in the checks of server 1, who makes this connection daily to store backup. (sftp is on server2)
Checked everything ten times and I can connect from command line from server1 to server2 no problem.
Check_MK version as well as the agent are latest, 1.5.0p11
Anyone else encoutered this? any tips would be greatly appreciated.
the check is done as active check directly from CMK site, not from
server1. Maybe the CMK server is not allowed to connect the port by
network or local firewalls...
BR,
Marcel
···
Am Di., 29. Jan. 2019 um 21:38 Uhr schrieb Avalon IT | Sander Brouwer <support@avalon-it.nl>:
Hi all,
Can't get the sftp check to work. I put in the server name, port (8022)
and credentials. Check keeps saying that it can't connect. I put it in
the checks of server 1, who makes this connection daily to store backup.
(sftp is on server2)
Checked everything ten times and I can connect from command line from
server1 to server2 no problem.
Check_MK version as well as the agent are latest, 1.5.0p11
Anyone else encoutered this? any tips would be greatly appreciated.
That’s what had me confused so far. Sander, can you ensure it’s available from the monitoring server?
···
On Jan 29, 2019, at 4:04 PM, Marcel Schulte <schulte.marcel@gmail.com> wrote:
Hi Sander,
the check is done as active check directly from CMK site, not from
server1. Maybe the CMK server is not allowed to connect the port by
network or local firewalls...
BR,
Marcel
Am Di., 29. Jan. 2019 um 21:38 Uhr schrieb Avalon IT | Sander Brouwer > <support@avalon-it.nl>:
Hi all,
Can't get the sftp check to work. I put in the server name, port (8022)
and credentials. Check keeps saying that it can't connect. I put it in
the checks of server 1, who makes this connection daily to store backup.
(sftp is on server2)
Checked everything ten times and I can connect from command line from
server1 to server2 no problem.
Check_MK version as well as the agent are latest, 1.5.0p11
Anyone else encoutered this? any tips would be greatly appreciated.
Made a new check to external sftp service-> Works as expected
SFTP check to my own sftp server: still not working (sftp server and check_mk server in same lan, using local IP, check assigned to check_mk server)
changed the port of my own sftp from 8022 to 22 -> works!
So it looks like the check can’t handle a different port? I would expect to click the ‘port’ box and just type the new port 8022 but that is not working.
Anything else i should do?
Has anyone else tried this on different port with failure/ success?
Made a new check to external sftp service-> Works as expected
SFTP check to my own sftp server: still not working (sftp server and check_mk server in same lan, using local IP, check assigned to check_mk server)
changed the port of my own sftp from 8022 to 22 → works!
So it looks like the check can’t handle a different port? I would expect to click the ‘port’ box and just type the new port 8022 but that is not working.
Anything else i should do?
Has anyone else tried this on different port with failure/ success?
If i go to : host & service parameters -active checks - check sftp service and make a new rule, there is a checkbox for Port where i supposedly can enter the portnumber it should find the sftp service on.
What is this for then?
What you describe looks like i’ll be redefining the way check_mk looks if the host is there, instead of checking a service
Made a new check to external sftp service-> Works as expected
SFTP check to my own sftp server: still not working (sftp server and check_mk server in same lan, using local IP, check assigned to check_mk server)
changed the port of my own sftp from 8022 to 22 -> works!
So it looks like the check can’t handle a different port? I would expect to click the ‘port’ box and just type the new port 8022 but that is not working.
Anything else i should do?
Has anyone else tried this on different port with failure/ success?
Ok, if that’s the rule you’re using and you’ve defined 8022 there, then yes, it should work just fine.
Are you able to connect to that port from the monitoring server OUTSIDE of Check_MK?
I didn’t go over the entire thread when replying, so I see the rule you’re using.
Makes no difference if you’re on the same LAN as your SFTP server - please ensure you can connect via other means, like, say:
nmap -sT -p 8022 HOSTIP
Does it respond from the server you’re running the Check_MK instance on?
If you can connect to it successfully, then sure, maybe a Check_MK setting is off and would have to be diagnosed.
If i go to : host & service parameters -active checks - check sftp service and make a new rule, there is a checkbox for Port where i supposedly can enter the portnumber it should find the sftp service on.
What is this for then?
What you describe looks like i’ll be redefining the way check_mk looks if the host is there, instead of checking a service
Made a new check to external sftp service-> Works as expected
SFTP check to my own sftp server: still not working (sftp server and check_mk server in same lan, using local IP, check assigned to check_mk server)
changed the port of my own sftp from 8022 to 22 → works!
So it looks like the check can’t handle a different port? I would expect to click the ‘port’ box and just type the new port 8022 but that is not working.
Anything else i should do?
Has anyone else tried this on different port with failure/ success?
click the service description of your SFTP service to open the service details.
Scroll down till the 'service check command' row.
Note the arguments shown after the exclamation mark and try to execute
this command as siteuser - what's the outcome?
~/lib/nagios/plugins/check_sftp NOTED_ARGUMENTS
BR,
Marcel
···
Am Di., 5. Feb. 2019 um 22:22 Uhr schrieb Avalon IT <support@avalon-it.nl>:
Yes, i can do a comandline sftp -oPort=8022 user@ip from the check_mk server. It will connect normally
Since the Check_MK rule will work when i change the port of the sftp server back to 22, it must have something to do with the port
It is specified in the rule values though: IP, user, Password, ******,Port: 8022
Can anyone assist me please in troubleshouting this issue?
Check_mk sftp check to sftp server on port 8022 failes.
When i change the server to listen on port 22, it works
I can do commandline sftp to the server from the check_mk server
Thank you kindly
Sander
05-02-2019 22:22 (Europe/Amsterdam) - Avalon IT schreef:
Yes, i can do a comandline sftp -oPort=8022 user@ip from the check_mk server. It will connect normally
Since the Check_MK rule will work when i change the port of the sftp server back to 22, it must have something to do with the port
It is specified in the rule values though: IP, user, Password, ******,Port: 8022