{"id":6289,"date":"2021-11-15T19:10:37","date_gmt":"2021-11-15T19:10:37","guid":{"rendered":"https:\/\/www.geekdecoder.com\/?p=6289"},"modified":"2021-11-15T19:10:37","modified_gmt":"2021-11-15T19:10:37","slug":"psk-in-zabbix","status":"publish","type":"post","link":"https:\/\/www.qbytes.cloud\/index.php\/2021\/11\/15\/psk-in-zabbix\/","title":{"rendered":"PSK in Zabbix"},"content":{"rendered":"

Generate a key:<\/p>\n

\n# openssl rand -hex 32\nc68a0164045a04ea2f1d821e3d3275e782d671a166613b3d81c07f99e3b92843\n<\/pre>\n
Configuring PSK for server-agent communication
\nOn the hos, edit the zabbix agent file<\/p>\n
\nnano \/etc\/zabbix\/zabbix_agentd.conf\n<\/pre>\n
Add:<\/p>\n
\n####### TLS-RELATED PARAMETERS #######\nTLSConnect=psk\nTLSAccept=psk\nTLSPSKIdentity=PSK 001\nTLSPSKFile=\/etc\/zabbix\/zabbix.psk\n<\/pre>\n
Create the \/etc\/zabbix\/zabbix.psk file:<\/p>\n
\necho c68a0164045a04ea2f1d821e3d3275e782d671a166613b3d81c07f99e3b92843 > \/etc\/zabbix\/zabbix.psk\n<\/pre>\n
 Restart the agent. <\/p>\n
\nsystemctl restart  zabbix-agent.service\n<\/pre>\n
Now you can test the connection using zabbix_get, for example:<\/p>\n
\n$ zabbix_get -s 127.0.0.1 -k "system.cpu.load[all,avg1]" --tls-connect=psk \\\n            --tls-psk-identity="PSK 001" --tls-psk-file=\/etc\/zabbix\/zabbix.psk\n<\/pre>\n
 Configure PSK encryption for this agent in Zabbix frontend:<\/p>\n
    Go to: Configuration \u2192 Hosts
\n    Select host and click on Encryption tab
\n\"\"<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
Generate a key: # openssl rand -hex 32 c68a0164045a04ea2f1d821e3d3275e782d671a166613b3d81c07f99e3b92843 Configuring PSK for server-agent communication On the hos, edit the zabbix agent file nano \/etc\/zabbix\/zabbix_agentd.conf Add: ####### TLS-RELATED PARAMETERS ####### TLSConnect=psk TLSAccept=psk TLSPSKIdentity=PSK 001 TLSPSKFile=\/etc\/zabbix\/zabbix.psk Create the \/etc\/zabbix\/zabbix.psk file: echo c68a0164045a04ea2f1d821e3d3275e782d671a166613b3d81c07f99e3b92843 > \/etc\/zabbix\/zabbix.psk Restart the agent. systemctl restart zabbix-agent.service Now you can test the connection using … Read more<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[133],"tags":[],"class_list":["post-6289","post","type-post","status-publish","format-standard","hentry","category-zabbix"],"_links":{"self":[{"href":"https:\/\/www.qbytes.cloud\/index.php\/wp-json\/wp\/v2\/posts\/6289","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.qbytes.cloud\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.qbytes.cloud\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.qbytes.cloud\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.qbytes.cloud\/index.php\/wp-json\/wp\/v2\/comments?post=6289"}],"version-history":[{"count":0,"href":"https:\/\/www.qbytes.cloud\/index.php\/wp-json\/wp\/v2\/posts\/6289\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.qbytes.cloud\/index.php\/wp-json\/wp\/v2\/media?parent=6289"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.qbytes.cloud\/index.php\/wp-json\/wp\/v2\/categories?post=6289"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.qbytes.cloud\/index.php\/wp-json\/wp\/v2\/tags?post=6289"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}