1NUTCPC(1) NUTCPC(1)
2
6 nutcpc - NuFW console-mode client for GNU/Linux and BSD systems
7
9 nutcpc [ -d ] [ -l ] [ -k ] [ -c ] [ -V ] [ -h ] [ -q ] [ -Q ]
10 [ -N ] [ -H Nuauth IP ] [ -p Nuauth port ] [ -U UserID ] [ -P User‐
11 Password ] [ -I Interval ] [ -Z Service ] [ -C CertFile ] [ -A Authori‐
12 tyFile ] [ -K KeyFile ] [ -W CertPass ] [ -R CrlFile ] [ -a NuauthDN ]
13
16 This manual page documents the nutcpc command.
17 nutcpc is a console-mode client for the NuFW authenticating firewall.
19 It sends authentication packets to the nuauth server. All parameters
20 can be set on commandline but nutcpc can also be configured via the
21 file nuclient.conf(5).
22 Original packaging and informations and help can be found from
24 http://www.nufw.org/
25
27 -d Debug mode, don't go into background.
28 -l Do not verify whether lock file exists before starting. And do
30 not create lock file.
31 -k Kill existing instances of the program running on our local
33 userID.
34 -c Check if a client is already running. Return error if no client
36 are running.
37 -V Issues program version and exits.
39 -h Issues usage details and exits.
41 -q Do not display running nutcpc options on "ps". Useful when using
43 "-W"
44 -H Nuauth IP
46 Send authentication packet to Nuauth IP.
47 -p Nuauth port
49 Send authentication packet to Nuauth port.
50 -U User ID
52 Set nufw userid to User ID.
53 -P User Password
55 Set nufw password to User Password.
56 -I Interval
58 Set connection list refresh interval to Interval. This option is
59 only useful if nuauth server is in POLL mode.
60 -Z Service
62 Set kerberos service name to Service.
63 -C CertFile
65 Use certificate file stored in the file CertFile to negotiate
66 the TLS connection to nuauth.
67 -A AuthorityFile
69 Use authority file stored in AuthorityFile and check the valid‐
70 ity of nuauth certificate against this authority. Nutcpc will
71 leave if this is not the case.
72 -K KeyFile
74 Use key file stored in the file KeyFile to negotiate the TLS
75 connection to nuauth.
76 -W CertPass
78 Use the passphrase CertPass to decrypt the certificate. Check
79 the -q option if you use this.
80 -R CrlFile
82 Use certificate revocation list file stored in the file CrlFile
83 to negotiate the TLS connection to nuauth. nutcpc reloads this
84 file if it gets disconnected from nuauth and needs to reconnect.
85 Since version 2.2.19, nutcpc reloads the CRL file when receiving
86 a HUP signal.
87 -a NuauthDN
89 Verify that the certificate given by nuauth has a DN equal to
90 NuauthDN. Nutcpc will leave if this is not the case.
91 -Q Suppress warning if no certificate authority is configured.
93 -N Suppress error if server FQDN does not match certificate CN.
95
97 By default, the lock file set by nutcpc is at ~/.nufw/nutcpc.
98
100 User authentication can be done using a certificate and a private key.
101 Such a method will be used, if nutcpc can find a certificate at
102 ~/.nufw/cert.pem and the corresponding private key at ~/.nufw/key.pem.
103 The server identity will be checked if a CA certificate is provided in
104 ~/.nufw/cacert.pem. Certificates and key can also be provided on com‐
105 mand line or via nuclient.conf(5).
106
108 HUP When receiving this signal, nutcpc attempts to immediately
109 reconnect to the server, if disconnected. The signal is ignored
110 in other cases.
111
113 nufw(8)
114 nuauth(8)
116 nuclient.conf(5)
118
120 Nuauth was designed and coded by Eric Leblond, aka Regit
121 (<eric@regit.org>) , and Vincent Deffontaines, aka gryzor (<vin‐
122 cent@gryzor.com>). Original idea in 2001, while working on NSM Ldap
123 support.
124 This manual page was written by Eric Leblond.
126 Permission is granted to copy, distribute and/or modify this document
128 under the terms of the GNU Free Documentation License, Version 2 as
129 published by the Free Software Foundation; with no Invariant Sections,
130 no Front-Cover Texts and no Back-Cover Texts.
131 14 November 2008 NUTCPC(1)