[ZBX-15382] Zabbix "unknown PSK identity" Created: 2018 Dec 28  Updated: 2019 Mar 18  Resolved: 2018 Dec 28

Status: Closed
Project: ZABBIX BUGS AND ISSUES
Component/s: Agent (G), Server (S)
Affects Version/s: 3.0.24
Fix Version/s: 3.0.23

Type: Incident report Priority: Critical
Reporter: Tien The PHAN Assignee: Unassigned
Resolution: Fixed Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

Ubuntu 18.04 LTS, zabbix-frontend-php 3.4.15, zabbix-server-mysql 3.4.15, php7.0


Attachments: PNG File Capture.PNG     PNG File Capture.PNG     PNG File Capture1.PNG     PNG File Screen Shot 2018-12-28 at 2.57.19 PM.png    

 Description   

Steps to reproduce:

On Zabbix-client, I create a psk 

skylab@zabbix-client:~$ sudo sh -c "openssl rand -hex 32 > /etc/zabbix/zabbix_agentd.psk"
skylab@zabbix-client:~$
skylab@zabbix-client:~$ cat /etc/zabbix/zabbix_agentd.psk
b9b82ded68b781b73e83801ec54e0dbd4837b4b6631e5631e58e4145a22000e1

Then I changed the configuration of zabbix

 

/etc/zabbix/zabbix_agentd.conf

 

TLSConnect=psk

TLSAccept=psk

TLSPSKIdentity=PSK 001

TLSPSKFile=/etc/zabbix/zabbix_agentd.psk

 

 

 

Next I restart zabbix agent

skylab@zabbix-client:/etc/zabbix$ sudo systemctl restart zabbix-agent

and here is zabbix path location

skylab@zabbix-client:/etc/zabbix$ ls -lrt /etc/zabbix/
total 32
drwxr-xr-x 2 root root 4096 Oct 29 2017 zabbix_agentd.conf.d
rw-rr- 1 root root 10295 Dec 28 11:18 zabbix_agentd.conf.orig
rw-rr- 1 root root 65 Dec 28 13:49 zabbix_agentd.psk
rw-rr- 1 root root 10309 Dec 28 14:28 zabbix_agentd.conf

 

Then I input the value to zabbix front end at Configuration/ Host

Host name: zabbix-client

IP address: 10.10.1.91

Templates: Template OS Linux

Encryption: PSK; PSK identity: PSK 001, PSK: /etc/zabbix/zabbix_agentd.psk

 

Click Add button and alert appears: 

  • Incorrect value for field "tls_psk": an even number of hexadecimal characters is expected.
    Check log server, I found

19682:20181228:141632.514 cannot send list of active checks to "127.0.0.1": host [Zabbix server] not monitored
19682:20181228:141715.503 failed to accept an incoming connection: from 10.10.1.91: TLS handshake set result code to 1: file ../ssl/statem/statem_srvr.c line 2077: error:1419E0DF:SSL routines:tls_process_cke_psk_preamble:psk identity not found: TLS write fatal alert "unknown PSK identity"

 

But, the PSK was generated correct. So I don't know why? Could you please help me fix it? or give me any advices for this case?

Thank you so much!
 
 

 Comments   
Comment by Tien The PHAN [ 2018 Dec 28 ]

The issue was solved. This is my mistake. I did put the value of PSK file /etc/zabbix/zabbix_agentd.psk to PSK box. 

Comment by Tien The PHAN [ 2018 Dec 28 ]

The issue was solved. This is my mistake. I did put the value of PSK file /etc/zabbix/zabbix_agentd.psk to PSK box. 

Comment by Hung Vo [ 2019 Mar 14 ]

Hi,

    Don't know why i did checked all step corrected but still get error 

  • Incorrect value for field "tls_psk": an even number of hexadecimal characters is expected.
     please help
    Thanks
     
Comment by Tien The PHAN [ 2019 Mar 14 ]

in fact, you did get an issue when you put the path of PSK file. Don't do like that, please put the content of PSK file.

so, put "b9b82ded68b781b73e83801ec54e0dbd4837b4b6631e5631e58e4145a22000e1" to PSK box in zabbix fronend.

 

Comment by Hung Vo [ 2019 Mar 14 ]

Thanks Tien The Pham, it's worked but another issue when i created dashboard still not show any data in that host

 

Thanks Again

Comment by Tien The PHAN [ 2019 Mar 18 ]

please put the screenshot. Also you need to make sure the communication between two hosts is good.

Comment by Hung Vo [ 2019 Mar 18 ]

Hi Tien,

 

   Here is captured of it, i did config SNMP on all host but still not see data

Thanks

Generated at Thu Apr 25 18:18:25 EEST 2024 using Jira 9.12.4#9120004-sha1:625303b708afdb767e17cb2838290c41888e9ff0.