[Nut-upsuser] NUT clients - merits of authenticating

Lonnie Abelbeck lists at lonnie.abelbeck.com
Sat Jan 11 22:25:08 UTC 2014 

On Jan 11, 2014, at 2:03 PM, Charles Lepple wrote:

-- snip --
> Authentication does not affect the behavior: in NUT, status is pulled from upsd, not pushed.

Ahhh, thanks much for the clarification, Charles.


>> Are there other merits of authenticating clients ?
> 
> I honestly don't know. Having not written the original code, I see authentication for slave mode as something that is easier to leave in than take out, given that authentication is a little more relevant for the master connections.
> 
> Also, as you point out below, it does limit the mischief a bit.
> 
>> On the flip side, since commercial products like NAS drive implementations use fixed, well known user/pass credentials, all clients would need to be configured with such well known credentials if they were all to authenticate with a common user.
> 
> Why do they need well-known credentials?

If they were to authenticate, NAS equipment such as Synology have hard coded NUT credentials.


-- snip --
>> The NUT /etc/ups/upsd.users file has only one entry:
>> --
>> [monuser]
>> password = superdupersecret
>> upsmon master
>> --
>> Is this a security issue if the password is well known ?  Searching the mailing list I only found the comment: "All a upsmon slave can do, is delay shutting down for a handful of seconds." ... seems like limited mischief.
> 
> If you have "upsmon slave", I would agree with the "limited mischief" comment. The entry above says "upsmon master", which allows setting "fsd". This fools other clients into thinking that the UPS has been commanded to shut down, and if the clients are running upsmon, they too will shut down.

I understand, so for the common case where ups at localhost is the only valid "master", the master password could even be randomly generated as the "superdupersecret" and then the "monuser" password is less important since a slave basically can't do anything.  Such as:

-- upsd.users --
[master]
password = superdupersecret
upsmon master

[monuser]
password = notsosecret
upsmon slave
--

I guess this still begs the question if the "monuser" user is really necessary, other than providing the satisfying feeling of valid logins. :-)


> -- 
> Charles Lepple
> clepple at gmail

Thanks again,

Lonnie

More information about the Nut-upsuser mailing list