Не получается, зашифровать через PSK
1. Перехожу в папку - home
2. Создаю папку Zabbix
3. Создаю ключ openssl rand -hex 32 > key.psk (права -rw--r--r)
4. Иду в конфиг vim /etc/zabbix/zabbix_agentd.conf
Пишу
TLSConnect=psk
TLSAccept=psk
TLSPSKIdentity=PSK 0.002
TLSPSKFile=/home/zabbix/key.psk
5. systemctl restart zabbix-agent
6. Иду в Zabbix -> узел -> шифрование, выбираю PSK
Идентификатор PSK - PSK 0.002
Ключ ключ - 0cdc269ddacc9b82ff1425428016d62f67eacfa29740212d73 67b87fa196ef32
================================================
Внутри Zabbix WEB вижу ошибку: Received empty response from Zabbix Agent at [123.XXX.XX.XX]. Assuming that agent dropped connection because of access permissions.
Логи Zabbix агента
Zabbix 3.0.12 (revision 73586).
533:20201026:015348.336 **** Enabled features ****
533:20201026:015348.336 IPv6 support: YES
533:20201026:015348.336 TLS support: YES
533:20201026:015348.336 **************************
533:20201026:015348.336 using configuration file: /etc/zabbix/zabbix_agentd.conf
533:20201026:015348.336 agent #0 started [main process]
544:20201026:015348.346 agent #1 started [collector]
545:20201026:015348.347 agent #2 started[listener #1]
546:20201026:015348.350 agent #3 started[listener #2]
548:20201026:015348.350 agent #4 started[listener #3]
Логи из сервера
failed to accept an incoming connection: from 123.XXX.XX.XX: TLS handshake set result code to 1: file ../ssl/statem/statem_srvr.c line 2961: error:1419E0DF:SSL routines:tls_process_cke_psk_preamble
sk identity not found: TLS write fatal alert "unknown PSK identity"
228622:20201027:155330.438 cannot find requested PSK identity "PSK 0.002"
1. Перехожу в папку - home
2. Создаю папку Zabbix
3. Создаю ключ openssl rand -hex 32 > key.psk (права -rw--r--r)
4. Иду в конфиг vim /etc/zabbix/zabbix_agentd.conf
Пишу
TLSConnect=psk
TLSAccept=psk
TLSPSKIdentity=PSK 0.002
TLSPSKFile=/home/zabbix/key.psk
5. systemctl restart zabbix-agent
6. Иду в Zabbix -> узел -> шифрование, выбираю PSK
Идентификатор PSK - PSK 0.002
Ключ ключ - 0cdc269ddacc9b82ff1425428016d62f67eacfa29740212d73 67b87fa196ef32
================================================
Внутри Zabbix WEB вижу ошибку: Received empty response from Zabbix Agent at [123.XXX.XX.XX]. Assuming that agent dropped connection because of access permissions.
Логи Zabbix агента
Zabbix 3.0.12 (revision 73586).
533:20201026:015348.336 **** Enabled features ****
533:20201026:015348.336 IPv6 support: YES
533:20201026:015348.336 TLS support: YES
533:20201026:015348.336 **************************
533:20201026:015348.336 using configuration file: /etc/zabbix/zabbix_agentd.conf
533:20201026:015348.336 agent #0 started [main process]
544:20201026:015348.346 agent #1 started [collector]
545:20201026:015348.347 agent #2 started[listener #1]
546:20201026:015348.350 agent #3 started[listener #2]
548:20201026:015348.350 agent #4 started[listener #3]
Логи из сервера
failed to accept an incoming connection: from 123.XXX.XX.XX: TLS handshake set result code to 1: file ../ssl/statem/statem_srvr.c line 2961: error:1419E0DF:SSL routines:tls_process_cke_psk_preamble
sk identity not found: TLS write fatal alert "unknown PSK identity"228622:20201027:155330.438 cannot find requested PSK identity "PSK 0.002"
Еще раз жму руку!
Comment