[Nut-upsdev] Common NUT client auth setup
Jim Klimov
jimklimov+nut at gmail.com
Mon Mar 16 08:26:15 GMT 2026
Hello all,
While finalizing the NUT v2.8.5 release, I've stumbled on some issues and
delayed them for the next release cycle(s). One of these is the realization
that very few NUT clients are fully SSL capable (as in saying who they are
and what servers they trust). Due to this most users probably can not
enable CERTVERIFY on servers, as only upsmon of all stock NUT clients would
be able to talk to them.
I have a vague idea to define a configuration file format (with default
locations that clients running with sufficient permissions could read out
of the box) which could convey SSL-related nuances as well as user/pass for
SETVAR/INSTCMD, all potentially per-server. Feedback welcome at
https://github.com/networkupstools/nut/issues/3329
Similarly, further ideas include somehow equalizing the abilities of
OpenSSL and Mozilla NSS backends, so the choice is more of licensing
philosophy than technical constraints:
https://github.com/networkupstools/nut/issues/3331
And taking it a bit further (licensing preferences permitting), why not
build-in both backend supports and let the run-time choose which to use (at
least useful while features differ)?
https://github.com/networkupstools/nut/issues/3332
WDYT?
Jim Klimov
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/nut-upsdev/attachments/20260316/e4f91e06/attachment.htm>
More information about the Nut-upsdev
mailing list