[Nagiosplug-help] check_by_ssh with cluster

[Horváth Tamás]

Hi List Members!

My cluster consists of two Solaris 9 hosts: clnode1 and clnode2. This
cluster provides a logical Oracle database host: efrirdb. I use check_by_ssh
against efrirdb to run the check_oracle plugin. I use the identity (-i)
option to login via public RSA keys.

Until now it worked very well. However yesterday the Oracle database has
stopped on clnode1 host and started to run on clnode2. This is normal
operation of a cluster, but after that the check_by_ssh plugin give me the
following output:

"@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
@    WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!     @
@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
IT IS POSSIBLE THAT SOMEONE IS DOING SOMETHING NASTY!
Someone could be eavesdropping on you right now (man-in-the-middle attack)!
It is also possible that the RSA host key has just been changed.
The fingerprint for the RSA key sent by the remote host is
08:4e:05:5c:db:22:95:94:47:f2:d3:9d:3f:bf:80:8d.
Please contact your system administrator.
Add correct host key in /root/.ssh/known_hosts to get rid of this message.
Offending key in /root/.ssh/known_hosts:10
Password authentication is disabled to avoid man-in-the-middle attacks."

I turned of the relevant variables on ssh_config file. After it I can login
via ssh client to efrirdb, but the same output appeared again.

HOW CAN I RESOLVE THIS ISSUE WITH check_by_ssh?

As I think, If I'll put the key of clnode2 to the /root/.ssh/known_hosts I
would give back the same output when the database stareted tor un on clnode1
again.

Another problem: states of database services changed to warning with a
PLUGIN OUTPUT: "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"

HOW CAN I IGNORE IT?

Versions:
Nagios 1.2 on Debian 3.1
check_by_ssh (nagios-plugins 1.3.1) 1.9

Thanks in advance!

Bye, Tamas!