<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
This feature would please my managers a lot, getting all traffic
encrypted.<br>
To me it seems like all the stones are there like SSL, xymond isn't
that just an RPC?<br>
Just need to put it together. (sounds easy doesn't it)<br>
<br>
I had another thought that I haven't played around with yet.<br>
Could you create an ssh tunnel and just pipe all xymon traffic
through it?<br>
<br>
client % ssh -N -g -f -L 1984:xymonserver.local:1984
xymonserver.local -l roland<br>
And let XYMSRV be localhost:1984<br>
or something similar...<br>
<br>
I don't have a test rig to test it out right now.<br>
<br>
- Roland<br>
<br>
<br>
On 11/10/11 08:07 AM, Ralph Mitchell wrote:
<blockquote
cite="mid:CAAEjoCWFGxNAeLJH3p4CAfZNasAVFV5X=qSpXqV+UVj6yg8ufA@mail.gmail.com"
type="cite">
<meta http-equiv="Content-Type" content="text/html;
charset=ISO-8859-1">
<div class="gmail_quote">On Mon, Oct 10, 2011 at 4:53 PM, Rob
Munsch <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:Munsch@phillycarshare.org">Munsch@phillycarshare.org</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt
0.8ex; border-left: 1px solid rgb(204, 204, 204);
padding-left: 1ex;">
<div class="im"> > At present, I have a work-around.
Instead of using<br>
> bin/xymon to send<br>
> > messages, I'm using curl to post the message file
to<br>
> > <a moz-do-not-send="true"
href="https://server.domain.com/xymon/upload.php"
target="_blank">https://server.domain.com/xymon/upload.php</a>.
On the server<br>
> side, the<br>
> > upload.php script simply drops the message file
into<br>
> xymon's incoming<br>
> > stream, just as if it were delivered over the net
by bin/xymon.<br>
><br>
> Good idea. I almost can copy this approach.<br>
><br>
> > The client side has the server's CA cert to
validate the connection<br>
> > and the data flow is encrypted in transit. I
could use<br>
> client certificates as well.<br>
><br>
> But I think this approach only works for Linux xymon
client,<br>
> since curl is readily available.<br>
> Preparing curl for other Unix(say HP-UX) and Windows
will be<br>
> a big challenge.<br>
<br>
</div>
Actually....<br>
<br>
<a moz-do-not-send="true"
href="http://curl.haxx.se/download.html" target="_blank">http://curl.haxx.se/download.html</a><br>
<br>
Wanna run it on Haiku? How about an Amiga? :)<br>
</blockquote>
</div>
<br>
Beat me to it... :-) We've got the script running on some IBM
AIX boxes here. I think the curl version is something ridiculous,
like curl-7.9, but it still delivers. That particular version is
not built with SSL, so it won't do secure connections. We have
HP-UX as well, but no Xymon client on that (yet).<br>
<br>
I've lost *some* functionality, because I'm only installing the
shell scripts, not any compiled binaries. That way, if I have to,
I can show that it's just a script using utilities supplied along
with the OS, same as anyone can type in to discover machine
status. Plus it's easier for other people to maintain.<br>
<br>
Ralph Mitchell<br>
<br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
Xymon mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Xymon@xymon.com">Xymon@xymon.com</a>
<a class="moz-txt-link-freetext" href="http://lists.xymon.com/mailman/listinfo/xymon">http://lists.xymon.com/mailman/listinfo/xymon</a>
</pre>
</blockquote>
</body>
</html>