Header RSS Feed
 
If you only want to see the articles of a certain category, please click on the desired category below:
ALL Android Backup BSD Database Hacks Hardware Internet Linux Mail MySQL Monitoring Network Personal PHP Proxy Shell Solaris Unix Virtualization VMware Windows Wyse

check_esxi_hardware now reads file for username AND password
Tuesday - Jun 14th 2011 - by - (0 comments)

Busy times these days but I managed to get a user request to be built into the Nagios plugin check_esxi_hardware.
As most of you know, since 20110505 it is possible to use a file as "password-holder", as described in this blog post. 'Robiwan' from Vienna, Austria contacted me with the idea that not only the password but also the username could be read from the file. This allows a central stockage of username and password in a file only accessible by root and nagios (for example).

Todays released version 20110614 allows both. If the parameter -U (--user) contains the path to a file, the first string of the given file will be read and used as user. The second string will be used as password. Both strings must be separated by a space (" "):

# cat /home/nagios/.esxipass
root mypass123

But it is still possible to only use the password from the given file. In this case the first string will be used as password:

# cat /home/nagios/.esxipass
mypass123

As a reminder why this is a good solution: Security !!
If the plugin is launched with the username and password as values (standard), they will be shown in cleartext in the process list on the Nagios server:

# ./check_esxi_hardware.py -H 10.1.1.50 -U root -P myesxipass -V dell

# ps auxf | grep esxi_hardware
\_ /usr/bin/python ./check_esxi_hardware_test.py -H 10.1.1.50 -U root -P myesxipass -V dell -v

But if the plugin is launched to use files as user and/or password values, only the filename will be shown:

./check_esxi_hardware_test.py -H 10.1.1.50 -U file:/home/nagios/.esxipass -P file:/home/nagios/.esxipass -V dell

# ps auxf | grep esxi_hardware
\_ /usr/bin/python ./check_esxi_hardware_test.py -H 10.1.1.50 -U file:/home/nagios/.esxipass -P file:/home/nagios/.esxipass -V dell

Of course the given file needs to have the correct security permissions so only the wanted users are allowed to read the file ;-).

 

Add a comment

Show form to leave a comment

Comments (newest first):

No comments yet.

Go to Homepage home
Linux Howtos how to's
Monitoring Plugins monitoring plugins
Links links

Valid HTML 4.01 Transitional
Valid CSS!
[Valid RSS]

7367 Days
until Death of Computers
Why?