Hi everyone, I don't usually make form posts but I've hit a dead end here.
I'm trying to set up SSH checks on my Zabbix 7.0.4 instance, but I keep getting the error "Cannot access public key file /home/zabbix/.ssh/id_rsa.pub" when testing the item.
I set up passwordless SSH from my Zabbix server to the test host, and I can SSH through the CLI with no problem.
Some steps I've taken to set this up:
1. created /home/zabbix/.ssh/
2. created zabbix user on both hosts
3. set perms on dirs and id_rsa files
4. copy id_rsa.pub to authorized keys on target host
- again, ssh from cli works
5. set ssh key location in /etc/zabbix/zabbix_server.conf
6. reboot both hosts after setting all configs
7. can run "su - zabbix" "ssh <hostname>" perfectly fine.
One thing i did notice is I have the following line a lot in audits.log from SELinux:
grep zabbix /var/log/audit/audit.log | grep denied:
"type=AVC msg=audit(1727357767.191:14137): avc: denied { name_connect } for pid=294356 comm="zabbix_server" dest=22 scontext=system_u:system_r:zabbix_t:s0 tcontext=system_u
bject_r:ssh_port_t:s0 tclass=tcp_socket permissive=1"
But I set setenforce 0 and it still doesn't work.
No other forms on this topic seems to offer a solution, any help is appreciated.
I'm trying to set up SSH checks on my Zabbix 7.0.4 instance, but I keep getting the error "Cannot access public key file /home/zabbix/.ssh/id_rsa.pub" when testing the item.
I set up passwordless SSH from my Zabbix server to the test host, and I can SSH through the CLI with no problem.
Some steps I've taken to set this up:
1. created /home/zabbix/.ssh/
2. created zabbix user on both hosts
3. set perms on dirs and id_rsa files
4. copy id_rsa.pub to authorized keys on target host
- again, ssh from cli works
5. set ssh key location in /etc/zabbix/zabbix_server.conf
6. reboot both hosts after setting all configs
7. can run "su - zabbix" "ssh <hostname>" perfectly fine.
One thing i did notice is I have the following line a lot in audits.log from SELinux:
grep zabbix /var/log/audit/audit.log | grep denied:
"type=AVC msg=audit(1727357767.191:14137): avc: denied { name_connect } for pid=294356 comm="zabbix_server" dest=22 scontext=system_u:system_r:zabbix_t:s0 tcontext=system_u
bject_r:ssh_port_t:s0 tclass=tcp_socket permissive=1"But I set setenforce 0 and it still doesn't work.
No other forms on this topic seems to offer a solution, any help is appreciated.
Comment