7.2.4. Installing the SSH key

Whether you use rhnmd or sshd, you must install the Red Hat Network Monitoring Daemon public SSH key on the systems to be monitored to complete the secure connection. To install it:
  1. Navigate to the Monitoring ⇒ Scout Config Push page of the RHN website and click the name of the RHN Server that will monitor the client system. The SSH id_dsa.pub key is visible on the resulting page.
  2. Copy the character string (beginning with ssh-dss and ending with the hostname of the RHN Server).
  3. On the command line of the system to be monitored, switch to the user aligned with the daemon. This is accomplished for rhnmd with the command: 
    su - nocpulse
  4. Paste the key character string into the ~/.ssh/authorized_keys file for the daemon's user. For rhnmd, this is /opt/nocpulse/.ssh/authorized_keys.
    If config management is enabled on the systems to be monitored, you may deploy this file across systems using a config channel. Refer to Section 6.6.6.1, “Preparing Systems for Config Management” for details.

    Note

    If valid entries already exist in authorized_keys, add the daemon key to the file rather than replacing the existing key. To do so, save the copied text to id_dsa.pub in the same .ssh/ directory and then run the following command: cat ~/.ssh/id_dsa.pub >> ~/.ssh/authorized_keys.
  5. Finally, ensure the .ssh/ directory and authorized_keys file have the appropriate permissions set. This can be done as the daemon's user with the following commands: 
    chmod 700 ~/.ssh 
chmod 600 ~/.ssh/authorized_keys
Once the key is in place and accessible, all probes that require it should allow ssh connections between the Monitoring infrastructure and the monitored system. You may then schedule probes requiring the monitoring daemon to run against the newly configured systems.