Windows Monitoring over SSH

The ultimate security for invoking a Checkmk-agent is offered by invoking it via Secure Shell – in Linux in the form of an implementation of OpenSSH.  Since Windows 10 and Windows Server 2019 OpenSSH is already included.

Step-by-step guide

1. Start OpenSSH Server

   net start sshd

2. Create SSH Key pair

   ssh-keygen

   
   
   
   

3.  Create the file 'authorized_keys' in C:\Users\<USERNAME>\.ssh\

   fsutil file createnew authorized_keys 2000

   1. Put in the public key from Checkmk Site User

4. Now you can login without Password to the Windows machine

   OMD[nagnis_master]:~$ ssh IEUser@192.168.2.106
   
   Microsoft Windows [Version 10.0.17763.379]
   (c) 2018 Microsoft Corporation. Alle Rechte vorbehalten.
   
   ieuser@MSEDGEWIN10 C:\Users\IEUser>
   
   
   

5. Modify the authorized_keys on the Windows Host and restrict access to the execution on the agent

   command="\C":\\Program Files (x86)\\checkmk\\service\\check_mk_agent.exe\" test" ssh-rsa AAAAC3NzaC1lZDI1NTE5AAAAIGb6AaqRPlbEmDnBkeIW3Q6Emb5lr2QEbWEQLmA5pb48 mysite@mycmkserver

6. Go to Checkmk and configure a special agent for the Windows Hosts

   1. WATO CONFIGURATION → Host & Service Parameters → Datasource Programs → Individual program call instead of agent access
      
      

      

7. Modify the Datasource of the Windows Host
   

   1. WATO CONFIGURATION → Hosts → Edit the properties of this host

      

8. Now you can stop the Checkmk Agent Service on the Windows Host

   net stop CheckMkService

9. Diagnosis

   OMD[nagnis_master]:~$ cmk -d Windows_SSH |more
   <<<check_mk>>>
   Version: 1.6.0p19
   BuildDate: Nov 16 2020
   AgentOS: windows
   Hostname: MSEDGEWIN10
   Architecture: 64bit
   
   or via SSH
   
   OMD[nagnis_master]:~/$ ssh IEUser@192.168.2.128 " "
   or
   OMD[nagnis_master]:~/$ ssh -T IEUser@192.168.2.128
   
   

Related articles