Red Hat 3.7 Manual

A SERVICE OF

next previous

Chapter 7. Monitoring 121

2. Once subscribed, open the Channel Details Packages tab and ﬁnd the rhnmd package (un-

der ’R’).

3. Click the package name to open the Package Details page. Go to the Target Systems tab, select

the desired systems, and click Install Packages.

4. Install the SSH public key on all client systems to be monitored, as described in Section 7.2.4

Installing the SSH key.

5. Start the Red Hat Network Monitoring Daemon on all client systems using the command:

service rhnmd start

6. When adding probes requiring the daemon, accept the default values for RHNMD User and

RHNMD Port: nocpulse and 4545, respectively.

7.2.3. Conﬁguring SSH

If you wish to avoid installing the Red Hat Network Monitoring Daemon and opening port 4545 on

client systems, you may conﬁgure sshd to provide the encrypted connection required between the

systems and RHN. This may be especially desirable if you already have sshd running. To conﬁgure

the daemon for monitoring use:

1. Ensure the SSH package is installed on the systems to be monitored:

rpm -qi ssh

2. Identify the user to be associated with the daemon. This can be any user available on the system,

as long as the required SSH key can be put in the user’s ~/.ssh/authorized_keys ﬁle.

3. Identify the port used by the daemon, as identiﬁed in its /etc/ssh/sshd_config conﬁgura-

tion ﬁle. The default is port 22.

4. Install the SSH public key on all client systems to be monitored, as described in Section 7.2.4

Installing the SSH key.

5. Start the sshd on all client systems using the command:

service sshd start

6. When adding probes requiring the daemon, insert the values derived from steps 2 and 3 in the

RHNMD User and RHNMD Port ﬁelds.

7.2.4. Installing the SSH key

Whether you use rhnmd or sshd, you must install the Red Hat Network Monitoring Daemon public

SSH key on the systems to be monitored to complete the secure connection. To install it:

1. In the RHNwebsite, navigate to theMonitoring

Scout ConﬁgPush page and click the name

of the RHN Server that will monitor the client system. The SSH id_dsa.pub key is visible on

the resulting page.

2. Copy the character string (beginning with ssh-dss and ending with the hostname of the RHN

Server).

3. On the command line of the system tobe monitored, switch to the user aligned with the daemon.

This is accomplished for rhnmd with the command:

su - nocpulse

4. Paste the key character string into the ~/.ssh/authorized_keys ﬁle for the daemon’s user.

For rhnmd, this is /opt/nocpulse/.ssh/authorized_keys.