lunar (1) turnadmin.1.gz

Provided by: coturn_4.6.1-1_amd64 bug

GENERAL INFORMATION

       turnadmin is a TURN administration tool. This tool can be used to manage the user accounts
       (add/remove users, generate TURN keys for the users). For  security  reasons,  we  do  not
       recommend storing passwords openly. The better option is to use pre-processed "keys" which
       are then used for authentication. These keys are generated by turnadmin.  Turnadmin  is  a
       link to turnserver binary, but turnadmin performs different functions.

       Options  note:  turnadmin has long and short option names, for most options.  Some options
       have only long form, some options have only short form. Their syntax  somewhat  different,
       if an argument is required:

       The short form must be used as this (for example):

         $ turnadmin -u <username> ...

       The long form equivalent must use the "=" character:

         $ turnadmin --user=<username> ...

       If  this  is  a  flag  option  (no  argument  required) then their usage are the same, for
       example:

        $ turnadmin -k ...

       is equivalent to:

        $ turnadmin --key ...

       You have always the use the -r <realm> option with commands for long  term  credentials  -
       because data for multiple realms can be stored in the same database.

=====================================

   NAME
        turnadmin - a TURN relay administration tool.

   SYNOPSIS
       $ turnadmin [command] [options]

       $ turnadmin [ -h | --help]

   DESCRIPTION
       Commands:

       -P, --generate-encrypted-password
              Generate  and print to the standard output an encrypted form of a password (for web
              admin user or CLI).  The value then can be used as a  safe  key  for  the  password
              storage on disk or in the database. Every invocation for the same password produces
              a   different   result.   The   format    of    the    encrypted    password    is:
              $5$<...salt...>$<...sha256(salt+password)...>.  Salt  is  16 characters, the sha256
              output is 64 characters. Character 5 is the algorithm id (sha256).  Only sha256  is
              supported as the hash function.

       -k, --key
              Generate key for a long-term credentials mechanism user.

       -a, --add
              Add or update a long-term user.

       -A, --add-admin
              Add or update an admin user.

       -d, --delete
              Delete a long-term user.

       -D, --delete-admin
              Delete an admin user.

       -l, --list
              List long-term users in the database.

       -L, --list-admin
              List admin users in the database.

       -s, --set-secret=<value> Add shared secret for TURN REST API

       -S, --show-secret
              Show stored shared secrets for TURN REST API

       -X, --delete-secret=<value> Delete a shared secret.

              --delete-all_secrets
                     Delete all shared secrets for REST API.

       -O, --add-origin
              Add origin-to-realm relation.

       -R, --del-origin
              Delete origin-to-realm relation.

       -I, --list-origins
              List origin-to-realm relations.

       -g, --set-realm-option
              Set realm params: max-bps, total-quota, user-quota.

       -G, --list-realm-options
              List realm params.

       -E, --generate-encrypted-password-aes
              Generate  and  print  to  the  standard  output  an encrypted form of password with
              AES-128

       Options with required values:

       -b, --db, --userdb
              SQLite    user    database    file    name    (default    -    /var/db/turndb    or
              /usr/local/var/db/turndb  or  /var/lib/turn/turndb).   See  the  same option in the
              turnserver section.

       -e, --psql-userdb
              PostgreSQL user database connection string.  See the --psql-userdb  option  in  the
              turnserver section.

       -M, --mysql-userdb
              MySQL  user  database  connection  string.   See  the  --mysql-userdb option in the
              turnserver section.

       -J, --mongo-userdb
              MongoDB user database connection string.   See  the  --mysql-mongo  option  in  the
              turnserver section.

       -N, --redis-userdb
              Redis  user  database  connection  string.   See  the  --redis-userdb option in the
              turnserver section.

       -u, --user
              User name.

       -r, --realm
              Realm.

       -p, --password
              Password.

       -x, --key-path
              Generates a 128 bit key into the given path.

       -f, --file-key-path
              Contains a 128 bit key in the given path.

       -v, --verify
              Verify a given base64 encrypted type password.

       -o, --origin
              Origin

       --max-bps
              Set value of realm's max-bps parameter.

       --total-quota
              Set value of realm's total-quota parameter.

       --user-quota
              Set value of realm's user-quota parameter.

       -h, --help
              Help.

       Command examples:

       Generate an encrypted form of a password:

       $ turnadmin -P -p <password>

       Generate a key:

       $ turnadmin -k -u <username> -r <realm> -p <password>

       Add/update a user in the in the database:

       $ turnadmin -a [-b <userdb-file> | -e <db-connection-string> | -M <db-connection-string> |
       -N <db-connection-string> ] -u <username> -r <realm> -p <password>

       Delete a user from the database:

       $ turnadmin -d [-b <userdb-file> | -e <db-connection-string> | -M <db-connection-string> |
       -N <db-connection-string> ] -u <username> -r <realm>

       List all long-term users in MySQL database:

       $ turnadmin -l --mysql-userdb="<db-connection-string>" -r <realm>

       List all admin users in Redis database:

       $ turnadmin -L --redis-userdb="<db-connection-string>"

       Set secret in MySQL database:

       $ turnadmin -s <secret> --mysql-userdb="<db-connection-string>" -r <realm>

       Show secret stored in PostgreSQL database:

       $ turnadmin -S --psql-userdb="<db-connection-string>" -r <realm>

       Set origin-to-realm relation in MySQL database:

       $ turnadmin --mysql-userdb="<db-connection-string>" -r <realm> -o <origin>

       Delete origin-to-realm relation from Redis DB:

       $ turnadmin --redis-userdb="<db-connection-string>" -o <origin>

       List all origin-to-realm relations in Redis DB:

       $ turnadmin --redis-userdb="<db-connection-string>" -I

       List the origin-to-realm relations in PostgreSQL DB for a single realm:

       $ turnadmin --psql-userdb="<db-connection-string>" -I -r <realm>

       Create new key file for mysql password encryption:

       $ turnadmin -E --key-path <key-file>

       Create encrypted mysql password:

       $ turnadmin -E --file-key-path <key-file> -p <secret>

       Verify/decrypt encrypted password:

       $ turnadmin --file-key-path <key-file> -v <encrypted>

              Help:

              $ turnadmin -h

=======================================

   DOCS
       After installation, run the command:

       $ man turnadmin

       or in the project root directory:

       $ man -M man turnadmin

       to see the man page.

=====================================

   FILES
       /etc/turnserver.conf

       /var/db/turndb

       /usr/local/var/db/turndb

       /var/lib/turn/turndb

       /usr/local/etc/turnserver.conf

=====================================

   DIRECTORIES
       /usr/local/share/turnserver

       /usr/local/share/doc/turnserver

       /usr/local/share/examples/turnserver

======================================

   SEE ALSO
       turnserver, turnutils

======================================

   WEB RESOURCES
       project page:

       https://github.com/coturn/coturn/

       Wiki page:

       https://github.com/coturn/coturn/wiki

       forum:

       https://groups.google.com/forum/?fromgroups=#!forum/turn-server-project-rfc5766-turn-server/

======================================

   AUTHORS
       Oleg Moskalenko <mom040267@gmail.com>

       Gabor Kovesdan http://kovesdan.org/

       Daniel Pocock http://danielpocock.com/

       John Selbie (jselbie@gmail.com)

       Lee Sylvester <lee@designrealm.co.uk>

       Erik Johnston <erikj@openmarket.com>

       Roman Lisagor <roman@demonware.net>

       Vladimir Tsanev <tsachev@gmail.com>

       Po-sheng Lin <personlin118@gmail.com>

       Peter Dunkley <peter.dunkley@acision.com>

       Mutsutoshi Yoshimoto <mutsutoshi.yoshimoto@mixi.co.jp>

       Federico Pinna <fpinna@vivocha.com>

       Bradley T. Hughes <bradleythughes@fastmail.fm>

       Mihály Mészáros <misi@majd.eu>

   ACTIVE MAINTAINERS
       Mihály Mészáros <misi@majd.eu>

                                           05 June 2021                                   TURN(1)