Home > HowTo, Nagios > Install NRPE in Linux

Install NRPE in Linux

November 6th, 2008 Leave a comment Go to comments

Overview of NRPE:

Installing and Configuring Nagios NRPE in Linux:

# cd /tmp
# wget http://internap.dl.sourceforge.net/sourceforge/nagios/nrpe-2.12.tar.gz
# tar -zxvf nrpe-2.12.tar.gz
# cd nrpe-2.12
# ./configure –enable-ssl –enable-command-args

(should create users/groups)
General Options:
NRPE port: 5666
NRPE user: nagios
NRPE group: nagios
Nagios user: nagios
Nagios group: nagios

# make
# make install
# make install-daemon
# make install-daemon-CONFIG
# make install-xinetd

Install XInetD (Debian)
# apt-get install xinetd

# vim /etc/services
nrpe 5666/tcp

Allow Nagios user to execute commands (sudoers)
# visudo
nagios ALL=(ALL) NOPASSWD: /usr/local/nagios/libexec/

Configure xinetd to start on boot(debian)
# update-rc.d xinetd defaults

Configure Xinetd
# vim /etc/inetd.conf

Start xinetd(nrpe)
# /etc/init.d/xinetd start

# vim /etc/xinetd.d/nrpe
only_from =

# vim /usr/local/nagios/etc/nrpe.cfg

The commands configured to run by NRPE should be in here:

# vim /usr/local/nagios/etc/command_def.cfg
#Nagios Remote Commands Definition File
command[check_users]=/usr/local/nagios/libexec/check_users -w $ARG1$ -c $ARG2$
command[check_load]=/usr/local/nagios/libexec/check_load -w $ARG1$ -c $ARG2$
command[check_disk]=/usr/local/nagios/libexec/check_disk -w $ARG1$ -c $ARG2$ -p $ARG3$

with no arguments option set:
command[check_users]=/usr/local/nagios/libexec/check_users -w 2 -c 5
command[check_load]=/usr/local/nagios/libexec/check_load -w 10,20,30 -c 50,70,90
command[check_disk]=/usr/local/nagios/libexec/check_disk -w 80 -c 90 -p /

ref. http://docs.cslabs.clarkson.edu/wiki/Monitor_a_Remote_Red_Hat_Based_Linux_Server_with_Nagios#Install_Needed_Packages


Log Files:

Set debug to 1 in :
# vim /usr/local/nagios/etc/nrpe.cfg

open another terminal and execute:
# tail -f /var/log/syslog

then start querying the server with check_nrpe commands

CHECK_NRPE: Error – Could not complete SSL handshake
is error message could be due to several problems:

1.Different versions. Make sure you are using the same version of the check_nrpe plugin and the NRPE daemon.
Newer versions of NRPE are usually not backward compatible with older versions.
2.SSL is disabled. Make sure both the NRPE daemon and the check_nrpe plugin were compiled with SSL support
and that neither are being run without SSL support (using command line switches).
3.Incorrect file permissions. Make sure the NRPE config file (nrpe.cfg) is readable by the user (i.e. nagios)
that executes the NRPE binary from inetd/xinetd.
4. Pseudo-random device files are not readable.Solaris 8 The files /devices/pseudo/random*
(linked through /dev/*random, and provided by Sun patch 112438) were not readable by the nagios
user I use to launch NRPE. Making the character devices world-readable solved it.”
5. Unallowed address. If you’re running the NRPE daemon under xinetd, make sure that you have a line in
the xinetd config file that say “only_from = xxx.xxx.xxx.xxx”, where xxx.xxx.xxx.xxx is the IP
address that you’re connected to the NRPE daemon from.

In my case it was none of this, I was missing the sudoers, and I was sending arguments (i had forgotten to compile with enable-args).


  1. Steve G
    December 1st, 2008 at 07:19 | #1

    There seems to be a problem with your suggested setting
    # vim /etc/xinetd.d/nrpe
    only_from =
    unless I am misunderstanding your meaning. The man page for xinetd.conf says: “Specifying this attribute without a value makes the service available to nobody.”

  2. April 25th, 2010 at 08:08 | #2

    Thank you. This information helped me a lot.

  3. Luis
    October 18th, 2011 at 22:09 | #3

    In my case, the problem was that I had:

    allowed_hosts =

    once I removed the everything worked

  1. No trackbacks yet.