[CentOS] Could not complete SSL handshake to Amazon EC2 host

Fri May 1 04:46:06 UTC 2015
Tim Dunphy <bluethundr at gmail.com>

Hello,

 I am trying to monitor a host in the Amazon EC2 cloud.

Yet when I try to check NRPE from the monitoring host I am getting an SSL
handshake error:

[root at monitor1:~] #/usr/local/nagios/libexec/check_nrpe -H ops.jokefire.com
CHECK_NRPE: Error - Could not complete SSL handshake.

And if I telnet into the host on port 5666 to see if the FW port is open,
the connection closes right away:

[root at monitor1:~] #telnet ops.somewhere.com 5666
Trying 54.225.218.125...
Connected to ops.somewhere.com.
Escape character is '^]'.
Connection closed by foreign host.

You can see there it connects, but then it closes immediately after the
connection.

 I have NRPE running on the host I want to monitor:

[root at ops:~] #lsof -i :5666
COMMAND  PID USER   FD   TYPE DEVICE SIZE NODE NAME
xinetd  1434 root    5u  IPv4   4063       TCP *:nrpe (LISTEN)

And I have the IP of my nagios server listed in the xinetd conf file:

[root at ops:~] #cat /etc/xinetd.d/nrpe
# default: on
# description: NRPE (Nagios Remote Plugin Executor)
service nrpe
{
        flags           = REUSE
        socket_type     = stream
        port            = 5666
        wait            = no
        user            = nagios
        group           = nagios
        server          = /usr/local/nagios/bin/nrpe
        server_args     = -c /usr/local/nagios/etc/nrpe.cfg --inetd
        log_on_failure  += USERID
        disable         = no
        only_from       = 127.0.0.1 xx.xx.xx.xx   # <- representing my real
nagios server IP
}



And I have my default security group for that host open on port 5666 to the
world for this experiment.  I plan on locking that down again to the single
IP of my monitoring host once I get this resolved.

Does anyone have any suggestions on how I can get that problem solved?

Thanks,
Tim

-- 
GPG me!!

gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B