...
Start OpenSSH Server
Code Block language powershell theme RDark C:\ProgramData\checkmk\agent\plugins> net start sshd
.
Create SSH Key pair
Code Block language bash theme RDark C:\ProgramData\checkmk\agent\plugins> ssh-keygen
Code Block language bash theme RDark C:\ProgramData\checkmk\agent\plugins>ssh-keygen Generating public/private rsa key pair. Enter file in which to save the key (C:\Users\IEUser/.ssh/id_rsa): Created directory 'C:\Users\IEUser/.ssh' Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in C: \Users\IEUser/.ssh/id_rsa. Your public key has been saved in C:\Users\IEUser/.ssh/id_rsa.pub. The key fingerprint is: SHA256:dH/h0I/vQ56C5rRIC]bxEgxSRSGs2nVCdx+rasQk₩QU ieuser@MSEDGEWIN1O The key's randomart image is: +---[RSA 2048]----+ | .OE*o | | ..O . . . | | + + = ..O | | ..O | | ..O | | + . 0 | | = = = | | + = = | | ..O . 0 | +----[SHA256]-----| C:\ProgramData\checkmk\agent\plugins>
.
Create the file 'authorized_keys' in C:\Users\<USERNAME>\.ssh\
Code Block language powershell theme RDark fsutil file createnew authorized_keys 2000
- Put in the public key from Checkmk Site User
.
- Put in the public key from Checkmk Site User
Now you can log in without a password to the Windows machine
Code Block language bash theme RDark OMD[mysite]:~$ ssh IEUser@192.168.2.106 Microsoft Windows [Version 10.0.17763.379] (c) 2018 Microsoft Corporation. Alle Rechte vorbehalten. ieuser@MSEDGEWIN10 C:\Users\IEUser>
.
Modify the authorized_keys on the Windows Host and restrict access to the execution on the agent
Code Block language bash theme RDark command="\C":\\Program Files (x86)\\checkmk\\service\\check_mk_agent.exe\" test" ssh-rsa AAAAC3NzaC1lZDI1NTE5AAAAIGb6AaqRPlbEmDnBkeIW3Q6Emb5lr2QEbWEQLmA5pb48 mysite@mycmkserver
.
- Go to Checkmk and configure a special agent for the Windows Hosts
Setup → Agents → Other integrations → Individual program call instead of agent access → Add rule
.
- Modify the Datasource of the Windows Host
Setup → Hosts → Properties of host
.
Now you can stop the Checkmk Agent Service on the Windows Host
Code Block language bash theme RDark net stop CheckMkService
.
Diagnosis
Code Block language bash theme RDark OMD[mysite]:~$ cmk -d Windows_SSH |more <<<check_mk>>> Version: 1.6.0p19 BuildDate: Nov 16 2020 AgentOS: windows Hostname: MSEDGEWIN10 Architecture: 64bit or via SSH OMD[mysite]:~/$ ssh IEUser@192.168.2.128 " " or OMD[mysite]:~/$ ssh -T IEUser@192.168.2.128
...