Network UPS Tools User Manual
Network UPS Tools User Manual
Network UPS Tools User Manual
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
<strong>Network</strong> <strong>UPS</strong> <strong>Tools</strong> <strong>User</strong> <strong>Manual</strong> 37 / 84<br />
8.5 Other type of devices<br />
As mentioned in the introduction, some other devices can be considered and managed like PDUs. This is the case in most blade<br />
systems, where the blade chassis offers power management services.<br />
This way, you can control remotely each blade server as if it were a PDU outlet.<br />
This category of devices is generally called Remote Power Controls - RPC in NUT.<br />
9 Notes on securing NUT<br />
The NUT Team is very interested in providing the highest security level to its users.<br />
Many internal and external mechanisms exist to secure NUT. And several steps are needed to ensure that your NUT setup meets<br />
your security requirements.<br />
This chapter will present you these mechanisms, by increasing order of security level. This means that the more security you<br />
need, the more mechanisms you will have to apply.<br />
Note<br />
you may want to have a look at NUT Quality Assurance, since some topics are related to NUT security and reliability.<br />
9.1 How to verify the NUT source code signature<br />
In order to verify the NUT source code signature for releases, perform the following steps:<br />
• Retrieve the NUT source code (nut-X.Y.Z.tar.gz) and the matching signature (nut-X.Y.Z.tar.gz.sig)<br />
• Retrieve the NUT maintainer’s signature:<br />
$ gpg --fetch-keys http://www.networkupstools.org/source/nut-key.gpg<br />
Note<br />
As of NUT 2.7.3, a new release key is used. In order to verify previous release, please use NUT old maintainer’s signature<br />
• Launch the GPG checking using the following command:<br />
$ gpg --verify nut-X.Y.Z.tar.gz.sig<br />
• You should see a message mentioning a "Good signature", like:<br />
gpg: Signature made Wed Apr 15 15:55:30 2015 CEST using RSA key ID 55CA5976<br />
gpg: Good signature from "Arnaud Quette ..."<br />
...<br />
Note<br />
the previously used maintainer’s signature would output:<br />
+ gpg: Signature made Thu Jul 5 16:15:05 2007 CEST using DSA key ID 204DDF1B gpg: Good signature from "Arnaud Quette<br />
. . . " . . .