It's definitely related to the upgrade from v2 to v3. My syslog from the nagios server reports errors such as:
check_nrpe: Error: (!log_opts) Could not complete SSL handshake with xxx.xxx.xxx.xxx: dh key too small
"A 2048-bit DH key is used instead of a 512-bit key"
which very likely is the cause of the issue. The same pages provides a workaround:
"Force the plugin to send v2 packets
Using the -2 argument will force the plugin to connect with v2 packets
/usr/local/nagios/libexec/check_nrpe -2 -H centos12"
This workaround doesn't work on 18.04. I also tried with -P 1024 as suggested in some other places, to no avail.
I've done some more digging.
It's definitely related to the upgrade from v2 to v3. My syslog from the nagios server reports errors such as:
check_nrpe: Error: (!log_opts) Could not complete SSL handshake with xxx.xxx.xxx.xxx: dh key too small
This page describes the compatibility of v3: https:/ /support. nagios. com/kb/ article/ nrpe-v3- compatibility- with-previous- versions- 516.html. It states:
"A 2048-bit DH key is used instead of a 512-bit key"
which very likely is the cause of the issue. The same pages provides a workaround:
"Force the plugin to send v2 packets nagios/ libexec/ check_nrpe -2 -H centos12"
Using the -2 argument will force the plugin to connect with v2 packets
/usr/local/
This workaround doesn't work on 18.04. I also tried with -P 1024 as suggested in some other places, to no avail.