Back
Featured image of post Using encryption between Zabbix agent & server

Using encryption between Zabbix agent & server

Using a pre-shared key (PSK) to secure communication between Zabbix server and zabbix agent

Zabbix agent

Move to the zabbix directory :

cd /etc/zabbix

Switch to root, generate the key and leave root :

sudo -s
openssl rand -hex 32 > zabbix_agentd.psk
exit

Set up the rights and permissions :

sudo chown zabbix:zabbix zabbix_agentd.psk && sudo chmod 640 zabbix_agentd.psk

Edit the agent configuration file :

sudo vim /etc/zabbix/zabbix_agentd.conf

Modify the following

...
TLSConnect=psk
...
TLSAccept=psk
...
TLSPSKFile=/home/zabbix/zabbix_agentd.psk
...
TLSPSKIdentity=PSK 001
...

Zabbix server configuration

On the server, just configure encryption in Configuration > Host > Encryption.

  • Connections to host : PSK
  • Connections from host : PSK
  • PSK Identity : The value of the TLSPSKIdentity in zabbix agent configuration.
  • PSK : The content of the zabbix_agentd.psk file on zabbix agent.
Built with Hugo
Theme Stack designed by Jimmy