#!/bin/sh # # Simple SFTP plugin for Nagios # Written by Steven R. Gould (steven.gould@stevengould.org) # Last Modified: 02-22-2011 # # Usage: ./check_sftp_avail [ -p ] -H # # Description: # # This plugin will attempt to get a login prompt via sftp. Unlike the more # complete check_sftp plugin it does not require a user name and password and # therefore does not verify login capability. This plugin is intended to be # used in an environment where protecting login credentials and/or keeping up # with frequently changing passwords can become an administrative headache. As # a result check_sftp_avail merely checks whether the sftp service is running # and that a login prompt is obtainable remotely. # # Another difference between check_sftp_avail and check_sftp is that # check_sftp_avail is completely standalone and does not require the # installation of any other dependencies. # # Output: # # If the sftp service is running and a login prompt is obtainable, # check_sftp_avail returns an OK state with the message, "OK: service # available". # # If the sftp service is running, but the host key validation fails to # authenticate the server, then check_sftp_avail returns a state of "WARNING" # with the message, "WARNING: Host key verification failed - unable to # authenticate server". # # If the connection is refused or cannot be made then check_sftp_avail returns # a state of "CRITICAL" and the message "CRITICAL: service unavailable". # # Finally, if invalid arguments are passed in the usage information is displayed # and a status of "UNKNOWN" is returned. # # Notes: # # If you use this plugin make sure to keep the following in mind: # # 1. If you experience a status of "WARNING" and are not sure why, ensure # that the user account under which nagios runs - usually nagios - has # attempted to connect to the sftp server and accepted the server # certificate. # # Examples: # # Check for sftp service availability on host myhost and port 115 (the default # for sftp): # # check_sftp_avail -H myhost # # Check for sftp service availability on host myotherhost and port 54321 (a # custom port): # # check_sftp_avail -p 54321 -H myotherhost # # Paths to commands used in this script. These # may have to be modified to match your system setup. SFTP="/usr/bin/sftp" RM="/bin/rm" PROGNAME=`/usr/bin/basename $0` PROGPATH=`echo $0 | sed -e 's,[\\/][^\\/][^\\/]*$,,'` REVISION="1.0.0" . $PROGPATH/utils.sh print_usage() { echo "Usage: $PROGNAME [ -p port ] -H host" echo "Usage: $PROGNAME --help" echo "Usage: $PROGNAME --version" } print_help() { print_revision $PROGNAME $REVISION echo "" print_usage echo "" echo "sftp service availability plugin for Nagios" echo "" support } # Make sure the correct number of command line # arguments have been supplied if [ $# -lt 1 ]; then print_usage exit $STATE_UNKNOWN fi port=115 # Default for sftp exitstatus=$STATE_WARNING #default while test -n "$1"; do case "$1" in --help) print_help exit $STATE_OK ;; -h) print_help exit $STATE_OK ;; --version) print_revision $PROGNAME $REVISION exit $STATE_OK ;; -V) print_revision $PROGNAME $REVISION exit $STATE_OK ;; --hostname) box=$2 shift ;; -H) box=$2 shift ;; --port) port=$2 shift ;; -p) port=$2 shift ;; *) echo "Unknown argument: $1" print_usage exit $STATE_UNKNOWN ;; esac shift done # Make sure a hostname and port have been specified if [ -z "$box" -o -z "$port" ]; then print_usage exit $STATE_UNKNOWN fi tempfile=/tmp/check_sftp-$box.tmp exitstatus=$STATE_UNKNOWN $SFTP -b - $box &>$tempfile <