2015-09-11 10:11 GMT+08:00 Charles Lepple <[email protected]>:
> On Sep 10, 2015, at 10:23 AM, d tbsky <[email protected]> wrote:
>>
>> Hi:
>> I found I can setup password for uspmon. but upsc can connect to
>> any upsd without authentication. although the ups data is not very
>> confidential, but I would like not to expose it to anyone who can
>> connect to server.
>>
>> is there any method to harden upsd? thanks for hint.
>
> There are a few different approaches. If your version of NUT was build with
> TCP-wrappers, you can configure NUT to only allow certain clients to connect.
>
> However, in most cases where you would consider TCP-wrappers, you would
> probably be better served with a kernel-level firewall.
>
> There is also an option to compile NUT to verify client SSL certificates:
> http://www.networkupstools.org/docs/user-manual.chunked/ar01s09.html#_upsd_optional_client_authentication
>
> --
> Charles Lepple
> clepple@gmail
thanks for the hint. I guest ssl certificates is the way to go.
although it is over skill for my need (just a password to protect it
is enough for me).
_______________________________________________
Nut-upsuser mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/nut-upsuser
