On Sep 10, 2015, at 10:23 AM, d tbsky <[email protected]> wrote: > > Hi: > I found I can setup password for uspmon. but upsc can connect to > any upsd without authentication. although the ups data is not very > confidential, but I would like not to expose it to anyone who can > connect to server. > > is there any method to harden upsd? thanks for hint.
There are a few different approaches. If your version of NUT was build with TCP-wrappers, you can configure NUT to only allow certain clients to connect. However, in most cases where you would consider TCP-wrappers, you would probably be better served with a kernel-level firewall. There is also an option to compile NUT to verify client SSL certificates: http://www.networkupstools.org/docs/user-manual.chunked/ar01s09.html#_upsd_optional_client_authentication -- Charles Lepple clepple@gmail _______________________________________________ Nut-upsuser mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/nut-upsuser
