Zabbix – SSH checksPosted: April 30, 2012
Zabbix can execute shell commands over SSH and record the results. This ability does not require a Zabbix agent, which is helpful for remote machines.
I use Zabbix SSH checks to verify logins to an SFTP server.
SSH checks in Zabbix are not enabled by default. You’ll have to enable them in the zabbix_server.conf file as well as compiling support into the server when you build it.
To compile support into the server make sure you add –with-ssh2 to your configure. You will probably also have to add libssh2 libraries if you get an error like this during your configure
checking for SSH2 support... no configure: error: SSH2 library not found
I’m running CentOS 5.8 and the repositories I have set up do not have a recent version of 32 bit libssh2. The 64 bit version that installs is libssh2-184.108.40.206, but that’s not good enough for Zabbix.
I found a 220.127.116.11 RPM for 32 bit libssh2 at http://pkgs.repoforge.org/libssh2/. Once installed, the configure completes with the –with-ssh2 flag.
After your Zabbix binaries are built. Edit the zabbix_server.conf configuration file and modify the SSHKeyLocation to set the full path of the folder where your public and private keys are located.
I use the home directory of the zabbix user
Save the modified configuration file and restart the zabbix_server to activate the changes.
Create public and private keys:
# sudo -u zabbix ssh-keygen -t rsa
I did not enter a passphrase for the key pair, but it’s probably best to use a passphrase.
Two files, id_rsa.pub and id_rsa, will be created in the /home/zabbix/.ssh directory and this directory is specified in the zabbix_server.conf file.
Copy the public key to the server you wish to use this check on. There are many methods, but I use this one regularly:
ssh <username>@<server> "mkdir .ssh; chmod 0700 .ssh; chown <username> .ssh" cat .ssh/id_rsa.pub | ssh -l <username> <server> "cat - >>.ssh/authorized_keys" ssh <username>@<server> "chmod 0600 .ssh/authorized_keys; chown <username> .ssh/authorized_keys"
Test your connection after copying SSH key files
sudo -u zabbix ssh <username>@<server>
Create item for your new check
Host c_Template_SSHcheck Description SSH check Type SSH agent Key ssh.run Authentication method Public key User name <username> Public key file id_rsa.pub Private key file id_rsa Password Executed script hostname -s Type of information Text Update interval (in sec) 300 Flexible intervals (sec) No flexible intervals New flexible interval Delay Period Keep history (in days) 7 Status Active New application SSH Applications
Once your item is created, check Latest Data in Zabbix for your new SSH checks. If you don’t see any results be sure to look into the Zabbix logs for more details.
Zabbix SSH checks add simple agentless monitoring to your environment, extending the functionality of Zabbix.