xenial (1) nutcpc.1.gz

Provided by: nutcpc_2.4.3-3.3build2_amd64 bug

NAME

       nutcpc - NuFW console-mode client for GNU/Linux and BSD systems

SYNOPSIS

       nutcpc  [  -d   ]  [  -l  ] [ -k  ] [ -c  ] [ -V  ] [ -h  ] [ -q  ] [ -Q  ] [ -N  ] [ -H Nuauth IP ] [ -p
       Nuauth port  ] [ -U UserID ] [ -P UserPassword ] [ -I Interval ] [ -Z Service ] [  -C  CertFile  ]  [  -A
       AuthorityFile ] [ -K KeyFile ] [ -W CertPass ] [ -R CrlFile ] [ -a NuauthDN ]

DESCRIPTION

       This manual page documents the nutcpc command.

       nutcpc  is a console-mode client for the NuFW authenticating firewall. It sends authentication packets to
       the nuauth server. All parameters can be set on commandline but nutcpc can also  be  configured  via  the
       file nuclient.conf(5).

       Original packaging and informations and help can be found from http://www.nufw.org/

OPTIONS

       -d     Debug mode, don't go into background.

       -l     Do not verify whether lock file exists before starting. And do not create lock file.

       -k     Kill existing instances of the program running on our local userID.

       -c     Check if a client is already running. Return error if no client are running.

       -V     Issues program version and exits.

       -h     Issues usage details and exits.

       -q     Do not display running nutcpc options on "ps". Useful when using "-W"

       -H Nuauth IP
              Send authentication packet  to Nuauth IP.

       -p Nuauth port
              Send authentication packet  to Nuauth port.

       -U User ID
              Set nufw userid to User ID.

       -P User Password
              Set nufw password to User Password.

       -I Interval
              Set  connection  list refresh interval to Interval. This option is only useful if nuauth server is
              in POLL mode.

       -Z Service
              Set kerberos service name to Service.

       -C CertFile
              Use certificate file stored in the file CertFile to negotiate the TLS connection to nuauth.

       -A AuthorityFile
              Use authority file stored in AuthorityFile and check the validity of  nuauth  certificate  against
              this authority.  Nutcpc will leave if this is not the case.

       -K KeyFile
              Use key file stored in the file KeyFile to negotiate the TLS connection to nuauth.

       -W CertPass
              Use the passphrase CertPass to decrypt the certificate. Check the -q option if you use this.

       -R CrlFile
              Use certificate revocation list file stored in the file CrlFile to negotiate the TLS connection to
              nuauth. nutcpc reloads this file if it gets disconnected from nuauth and needs to reconnect. Since
              version 2.2.19, nutcpc reloads the CRL file when receiving a HUP signal.

       -a NuauthDN
              Verify  that the certificate given by nuauth has a DN equal to NuauthDN. Nutcpc will leave if this
              is not the case.

       -Q     Suppress warning if no certificate authority is configured.

       -N     Suppress error if server FQDN does not match certificate CN.

LOCK FILE

       By default, the lock file set by nutcpc is at ~/.nufw/nutcpc.

CERTIFICATE AUTHENTICATION

       User authentication can be done using a certificate and a private key. Such a method  will  be  used,  if
       nutcpc  can  find a certificate at ~/.nufw/cert.pem and the corresponding private key at ~/.nufw/key.pem.
       The server identity will be checked if a CA certificate is provided in  ~/.nufw/cacert.pem.  Certificates
       and key can also be provided on command line or via nuclient.conf(5).

SIGNALS

       HUP    When  receiving  this  signal,  nutcpc  attempts  to  immediately  reconnect  to  the  server,  if
              disconnected. The signal is ignored in other cases.

SEE ALSO

       nufw(8)

       nuauth(8)

       nuclient.conf(5)

AUTHOR

       Nuauth was designed and coded by Eric Leblond, aka Regit (<eric@regit.org>) , and  Vincent  Deffontaines,
       aka gryzor (<vincent@gryzor.com>). Original idea in 2001, while working on NSM Ldap support.

       This manual page was written by Eric Leblond.

       Permission  is  granted  to  copy, distribute and/or modify this document under the terms of the GNU Free
       Documentation License, Version 2 as  published  by  the  Free  Software  Foundation;  with  no  Invariant
       Sections, no Front-Cover Texts and no Back-Cover Texts.

                                                14 November 2008                                       NUTCPC(1)