[Nut-upsuser] why upsc need no authentication?

Charles Lepple clepple at gmail.com
Fri Sep 11 02:11:20 UTC 2015

On Sep 10, 2015, at 10:23 AM, d tbsky <tbskyd at gmail.com> wrote:
> Hi:
>     I  found I can setup password for uspmon. but upsc can connect to
> any upsd without authentication. although the ups data is not very
> confidential, but I would like not to expose it to anyone who can
> connect to server.
>    is there any method to harden upsd? thanks for hint.

There are a few different approaches. If your version of NUT was build with TCP-wrappers, you can configure NUT to only allow certain clients to connect.

However, in most cases where you would consider TCP-wrappers, you would probably be better served with a kernel-level firewall.

There is also an option to compile NUT to verify client SSL certificates: http://www.networkupstools.org/docs/user-manual.chunked/ar01s09.html#_upsd_optional_client_authentication

Charles Lepple
clepple at gmail

More information about the Nut-upsuser mailing list