libnuclient(3) [debian man page]
LIBNUCLIENT(3) LIBNUCLIENT(3) NAME
libnuclient - NUFW client authentication library SYNOPSIS
#include <nuclient.h> NuAuth * nu_client_init (const char *nptr, char *username, unsigned long userid, char * password, char * hostname, unsigned int port, char protocol, char ssl_on); int nu_client_check (NuAuth * session); void nu_client_free (NuAuth *session); DESCRIPTION
This manual page documents the libnuclient library. Use nu_client_init to initialize a authentication session. Then call nu_client_check at regular interval to send authentication packet to the gateway (if needed). When you're finished, call nu_client_free to free the session. Original packaging and informations and help can be found from http://www.nufw.org/ RETURN VALUE
nu_client_init returns an authentication session usable by nu_client_check or nu_client_free. nu_client_check returns the number of packets authenticated to the nuauth server during the call. It returns -1 if an error occur when sending authentication packet. Applications MUST considered that the session is unusable when they receive this error. ERRORS
nu_client_init return NULL it a problem occur during initiation SEE ALSO
nuauth(8) AUTHOR
Nufw was designed and coded by Eric Leblond, aka Regit (<regit@inl.fr>) , and Vincent Deffontaines, aka gryzor (<vincent@inl.fr>). Original idea in 2001, while working on NSM Ldap support. This manual page was written by Eric Leblond Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 2 as published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts and no Back-Cover Texts. 12 mars 2007 LIBNUCLIENT(3)
Check Out this Related Man Page
NUTCPC(1) NUTCPC(1) NAME
nutcpc - NuFW console-mode client for GNU/Linux and BSD systems SYNOPSIS
nutcpc [ -d ] [ -l ] [ -k ] [ -c ] [ -V ] [ -h ] [ -q ] [ -Q ] [ -N ] [ -H Nuauth IP ] [ -p Nuauth port ] [ -U UserID ] [ -P UserPassword ] [ -I Interval ] [ -Z Service ] [ -C CertFile ] [ -A AuthorityFile ] [ -K KeyFile ] [ -W CertPass ] [ -R CrlFile ] [ -a Nuau- thDN ] DESCRIPTION
This manual page documents the nutcpc command. nutcpc is a console-mode client for the NuFW authenticating firewall. It sends authentication packets to the nuauth server. All parameters can be set on commandline but nutcpc can also be configured via the file nuclient.conf(5). Original packaging and informations and help can be found from http://www.nufw.org/ OPTIONS
-d Debug mode, don't go into background. -l Do not verify whether lock file exists before starting. And do not create lock file. -k Kill existing instances of the program running on our local userID. -c Check if a client is already running. Return error if no client are running. -V Issues program version and exits. -h Issues usage details and exits. -q Do not display running nutcpc options on "ps". Useful when using "-W" -H Nuauth IP Send authentication packet to Nuauth IP. -p Nuauth port Send authentication packet to Nuauth port. -U User ID Set nufw userid to User ID. -P User Password Set nufw password to User Password. -I Interval Set connection list refresh interval to Interval. This option is only useful if nuauth server is in POLL mode. -Z Service Set kerberos service name to Service. -C CertFile Use certificate file stored in the file CertFile to negotiate the TLS connection to nuauth. -A AuthorityFile Use authority file stored in AuthorityFile and check the validity of nuauth certificate against this authority. Nutcpc will leave if this is not the case. -K KeyFile Use key file stored in the file KeyFile to negotiate the TLS connection to nuauth. -W CertPass Use the passphrase CertPass to decrypt the certificate. Check the -q option if you use this. -R CrlFile Use certificate revocation list file stored in the file CrlFile to negotiate the TLS connection to nuauth. nutcpc reloads this file if it gets disconnected from nuauth and needs to reconnect. Since version 2.2.19, nutcpc reloads the CRL file when receiving a HUP signal. -a NuauthDN Verify that the certificate given by nuauth has a DN equal to NuauthDN. Nutcpc will leave if this is not the case. -Q Suppress warning if no certificate authority is configured. -N Suppress error if server FQDN does not match certificate CN. LOCK FILE
By default, the lock file set by nutcpc is at ~/.nufw/nutcpc. CERTIFICATE AUTHENTICATION
User authentication can be done using a certificate and a private key. Such a method will be used, if nutcpc can find a certificate at ~/.nufw/cert.pem and the corresponding private key at ~/.nufw/key.pem. The server identity will be checked if a CA certificate is provided in ~/.nufw/cacert.pem. Certificates and key can also be provided on command line or via nuclient.conf(5). SIGNALS
HUP When receiving this signal, nutcpc attempts to immediately reconnect to the server, if disconnected. The signal is ignored in other cases. SEE ALSO
nufw(8) nuauth(8) nuclient.conf(5) AUTHOR
Nuauth was designed and coded by Eric Leblond, aka Regit (<eric@regit.org>) , and Vincent Deffontaines, aka gryzor (<vincent@gryzor.com>). Original idea in 2001, while working on NSM Ldap support. This manual page was written by Eric Leblond. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 2 as published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts and no Back-Cover Texts. 14 November 2008 NUTCPC(1)