In Checkmk version 2.1 the monitoring data sent from the monitored host to the monitoring server is TLS encrypted and compressed by default.
This is realized by a new component on the monitored hosts:
The Checkmk agent controller cmk-agent-ctl.
The added executable is called cmk-agent-ctl.
On Linux systems, the agent controller will be run as a dedicated user cmk-agent, which is added during installation.
As a result the process listening on the TCP port will have limited privileges, and the agent output is not available to any other local user.
While upgraded setups will continue to work as before, in order to enable TLS encryption an additional registration step is required.
More information on the registration step, the installation and the provided commands can be found in our online documentation.
Zur Liste aller Werks