man gsasl (Commandes) - SASL library command line interface
NAME
gsasl - SASL library command line interface
SYNOPSIS
gsasl [OPTION...]
DESCRIPTION
GNU SASL (gsasl) -- Command line interface to libgsasl.
- Commands:
- -c, --client
- Act as client.
- --client-mechanisms
- Write name of supported client mechanisms separated by space to stdout.
- -s, --server
- Act as server.
- --server-mechanisms
- Write name of supported server mechanisms separated by space to stdout.
- Network parameters:
- --connect=HOSTNAME[:SERVICE]
- Connect to TCP server and negotiate on stream instead of stdin/stdout. SERVICE is the protocol service, or an integer denoting the port, and defaults to 143 (imap) if not specified. Also sets the --hostname default.
- Miscellaneous options:
- --application-data
- After authentication, read data from stdin and run it through the mechanism's security layer and print it base64 encoded to stdout. The default is to terminate after authentication.
- --imap
- Use a IMAP-like logon procedure (client only). Also sets the --service default to "imap".
- -m, --mechanism=STRING
- Mechanism to use.
- --no-client-first
- Disallow client to send data first (client only).
- SASL mechanism options (prompted for if unspecified and needed):
- -a, --authentication-id=STRING
- Identity of credential owner.
- --disable-cleartext-validate
- Disable cleartext validate hook, forcing server to prompt for password.
- --enable-cram-md5-validate
- Validate CRAM-MD5 challenge and response interactively.
- --hostname=STRING
- Set the name of the server with the requested service.
- -n, --anonymous-token=STRING
- Token for anonymous authentication, usually mail address (ANONYMOUS only).
- -p, --password=STRING
- Password for authentication (insecure for non-testing purposes).
- --passcode=NUMBER
- Passcode for authentication (SECURID only).
- --quality-of-protection=<auth | auth-int | auth-conf>
- How application payload will be protected. "auth" means no protection, "auth-int" means integrity protection, "auth-conf" means integrity and confidentialiy protection. Currently only used by DIGEST-MD5, where the default is "auth-conf".
- -r, --realm=STRING
- Realm (may be given more than once iff server). Defaults to hostname.
- --service=STRING
- Set the requested service name (should be a registered GSSAPI host based service name).
- --service-name=STRING
- Set the generic server name in case of a replicated server (DIGEST-MD5 only).
- -x, --maxbuf=NUMBER
- Indicate maximum buffer size (DIGEST-MD5 only).
- -z, --authorization-id=STRING
- Identity to request service for.
- Other options:
- -q, --quiet, --silent
- Don't produce any diagnostic output.
- -v, --verbose
- Produce verbose output.
- -?, --help
- Give this help list
- --usage
- Give a short usage message
- -V, --version
- Print program version
Mandatory or optional arguments to long options are also mandatory or optional for any corresponding short options.
REPORTING BUGS
Report bugs to bug-gsasl@gnu.org.
SEE ALSO
The full documentation for gsasl is maintained as a Texinfo manual in the libgsasl1-dev Debian package. If the info and libgsasl1-dev packages are properly installed at your site, the command
- info gsasl
should give you access to the complete manual.