| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350 | .\" Text automatically generated by txt2man.TH TURN 1 "05 June 2021" "" "".SH GENERAL INFORMATION\fIturnadmin\fP is a TURN administration tool. This tool can be used to managethe user accounts (add/remove users, generateTURN keys for the users). For security reasons, we do not recommendstoring passwords openly. The better option is to use pre\-processed "keys"which are then used for authentication. These keys are generated by \fIturnadmin\fP.Turnadmin is a link to \fIturnserver\fP binary, but \fIturnadmin\fP performs differentfunctions..PPOptions note: \fIturnadmin\fP has long and short option names, for most options.Some options have only long form, some options have only short form. Their syntaxsomewhat different, if an argument is required:.PPThe short form must be used as this (for example):.PP.nf.fam C  $ turnadmin \-u <username> \.\.\..fam T.fiThe long form equivalent must use the "=" character:.PP.nf.fam C  $ turnadmin \-\-user=<username> \.\.\..fam T.fiIf this is a flag option (no argument required) then their usage are the same, for example:.PP.nf.fam C $ turnadmin \-k \.\.\..fam T.fiis equivalent to:.PP.nf.fam C $ turnadmin \-\-key \.\.\..fam T.fiYou have always the use the \fB\-r\fP <realm> option with commands for long term credentials \-because data for multiple realms can be stored in the same database..SH =====================================.SS  NAME\fB\fBturnadmin \fP\- a TURN relay administration tool.\fB.SS  SYNOPSIS.nf.fam C$ \fIturnadmin\fP [\fIcommand\fP] [\fIoptions\fP]$ \fIturnadmin\fP [ \fB\-h\fP | \fB\-\-help\fP].fam T.fi.fam T.fi.SS  DESCRIPTIONCommands:.TP.B\fB\-P\fP, \fB\-\-generate\-encrypted\-password\fPGenerate and print to the standardoutput an encrypted form of a password (for web admin user or CLI).The value then can be used as a safe key for the passwordstorage on disk or in the database. Every invocation for the same passwordproduces a different result. The format of the encrypted password is:$5$<\.\.\.salt\.\.\.>$<\.\.\.sha256(salt+password)\.\.\.>. Salt is 16 characters,the sha256 output is 64 characters. Character 5 is the algorithm id (sha256).Only sha256 is supported as the hash function..TP.B\fB\-k\fP, \fB\-\-key\fPGenerate key for a long\-term credentials mechanism user..TP.B\fB\-a\fP, \fB\-\-add\fPAdd or update a long\-term user..TP.B\fB\-A\fP, \fB\-\-add\-admin\fPAdd or update an admin user..TP.B\fB\-d\fP, \fB\-\-delete\fPDelete a long\-term user..TP.B\fB\-D\fP, \fB\-\-delete\-admin\fPDelete an admin user..TP.B\fB\-l\fP, \fB\-\-list\fPList long\-term users in the database..TP.B\fB\-L\fP, \fB\-\-list\-admin\fPList admin users in the database..PP\fB\-s\fP, \fB\-\-set\-secret\fP=<value> Add shared secret for TURN REST API.TP.B\fB\-S\fP, \fB\-\-show\-secret\fPShow stored shared secrets for TURN REST API.PP\fB\-X\fP, \fB\-\-delete\-secret\fP=<value> Delete a shared secret..RS.TP.B\fB\-\-delete\-all_secrets\fPDelete all shared secrets for REST API..RE.TP.B\fB\-O\fP, \fB\-\-add\-origin\fPAdd origin\-to\-realm relation..TP.B\fB\-R\fP, \fB\-\-del\-origin\fPDelete origin\-to\-realm relation..TP.B\fB\-I\fP, \fB\-\-list\-origins\fPList origin\-to\-realm relations..TP.B\fB\-g\fP, \fB\-\-set\-realm\-option\fPSet realm params: max\-bps, total\-quota, user\-quota..TP.B\fB\-G\fP, \fB\-\-list\-realm\fP\-\fIoptions\fPList realm params..TP.B\fB\-E\fP, \fB\-\-generate\-encrypted\-password\-aes\fPGenerate and print to the standard outputan encrypted form of password with AES\-128.PPOptions with required values:.TP.B\fB\-b\fP, \fB\-\-db\fP, \fB\-\-userdb\fPSQLite user database file name (default \- /var/db/turndb or/usr/local/var/db/turndb or /var/lib/turn/turndb).See the same option in the \fIturnserver\fP section..TP.B\fB\-e\fP, \fB\-\-psql\-userdb\fPPostgreSQL user database connection string.See the \fB\-\-psql\-userdb\fP option in the \fIturnserver\fP section..TP.B\fB\-M\fP, \fB\-\-mysql\-userdb\fPMySQL user database connection string.See the \fB\-\-mysql\-userdb\fP option in the \fIturnserver\fP section..TP.B\fB\-J\fP, \fB\-\-mongo\-userdb\fPMongoDB user database connection string.See the \fB\-\-mysql\-mongo\fP option in the \fIturnserver\fP section..TP.B\fB\-N\fP, \fB\-\-redis\-userdb\fPRedis user database connection string.See the \fB\-\-redis\-userdb\fP option in the \fIturnserver\fP section..TP.B\fB\-u\fP, \fB\-\-user\fPUser name..TP.B\fB\-r\fP, \fB\-\-realm\fPRealm..TP.B\fB\-p\fP, \fB\-\-password\fPPassword..TP.B\fB\-x\fP, \fB\-\-key\-path\fPGenerates a 128 bit key into the given path..TP.B\fB\-f\fP, \fB\-\-file\-key\-path\fPContains a 128 bit key in the given path..TP.B\fB\-v\fP, \fB\-\-verify\fPVerify a given base64 encrypted type password..TP.B\fB\-o\fP, \fB\-\-origin\fPOrigin.TP.B\fB\-\-max\-bps\fPSet value of realm's max\-bps parameter..TP.B\fB\-\-total\-quota\fPSet value of realm's total\-quota parameter..TP.B\fB\-\-user\-quota\fPSet value of realm's user\-quota parameter..TP.B\fB\-h\fP, \fB\-\-help\fPHelp..PPCommand examples:.PPGenerate an encrypted form of a password:.PP$ \fIturnadmin\fP \fB\-P\fP \fB\-p\fP <password>.PPGenerate a key:.PP$ \fIturnadmin\fP \fB\-k\fP \fB\-u\fP <username> \fB\-r\fP <realm> \fB\-p\fP <password>.PPAdd/update a user in the in the database:.PP$ \fIturnadmin\fP \fB\-a\fP [\fB\-b\fP <userdb\-file> | \fB\-e\fP <db\-connection\-string> | \fB\-M\fP <db\-connection\-string> | \fB\-N\fP <db\-connection\-string> ] \fB\-u\fP <username> \fB\-r\fP <realm> \fB\-p\fP <password>.PPDelete a user from the database:.PP$ \fIturnadmin\fP \fB\-d\fP [\fB\-b\fP <userdb\-file> | \fB\-e\fP <db\-connection\-string> | \fB\-M\fP <db\-connection\-string> | \fB\-N\fP <db\-connection\-string> ] \fB\-u\fP <username> \fB\-r\fP <realm>.PPList all long\-term users in MySQL database:.PP$ \fIturnadmin\fP \fB\-l\fP \fB\-\-mysql\-userdb\fP="<db\-connection\-string>" \fB\-r\fP <realm>.PPList all admin users in Redis database:.PP$ \fIturnadmin\fP \fB\-L\fP \fB\-\-redis\-userdb\fP="<db\-connection\-string>".PPSet secret in MySQL database:.PP$ \fIturnadmin\fP \fB\-s\fP <secret> \fB\-\-mysql\-userdb\fP="<db\-connection\-string>" \fB\-r\fP <realm>.PPShow secret stored in PostgreSQL database:.PP$ \fIturnadmin\fP \fB\-S\fP \fB\-\-psql\-userdb\fP="<db\-connection\-string>" \fB\-r\fP <realm>.PPSet origin\-to\-realm relation in MySQL database:.PP$ \fIturnadmin\fP \fB\-\-mysql\-userdb\fP="<db\-connection\-string>" \fB\-r\fP <realm> \fB\-o\fP <origin>.PPDelete origin\-to\-realm relation from Redis DB:.PP$ \fIturnadmin\fP \fB\-\-redis\-userdb\fP="<db\-connection\-string>" \fB\-o\fP <origin>.PPList all origin\-to\-realm relations in Redis DB:.PP$ \fIturnadmin\fP \fB\-\-redis\-userdb\fP="<db\-connection\-string>" \fB\-I\fP.PPList the origin\-to\-realm relations in PostgreSQL DB for a single realm:.PP$ \fIturnadmin\fP \fB\-\-psql\-userdb\fP="<db\-connection\-string>" \fB\-I\fP \fB\-r\fP <realm>.PPCreate new key file for mysql password encryption:.PP$ \fIturnadmin\fP \fB\-E\fP \fB\-\-key\-path\fP <key\-file>.PPCreate encrypted mysql password:.PP$ \fIturnadmin\fP \fB\-E\fP \fB\-\-file\-key\-path\fP <key\-file> \fB\-p\fP <secret>.PPVerify/decrypt encrypted password:.PP$ \fIturnadmin\fP \fB\-\-file\-key\-path\fP <key\-file> \fB\-v\fP <encrypted>.RE.PP.RSHelp:.PP$ \fIturnadmin\fP \fB\-h\fP.SH =======================================.SS  DOCSAfter installation, run the \fIcommand\fP:.PP$ man \fIturnadmin\fP.PPor in the project root directory:.PP$ man \fB\-M\fP man \fIturnadmin\fP.PPto see the man page..SH =====================================.SS  FILES/etc/turnserver.conf.PP/var/db/turndb.PP/usr/local/var/db/turndb.PP/var/lib/turn/turndb.PP/usr/local/etc/turnserver.conf.SH =====================================.SS  DIRECTORIES/usr/local/share/\fIturnserver\fP.PP/usr/local/share/doc/\fIturnserver\fP.PP/usr/local/share/examples/\fIturnserver\fP.SH ======================================.SS  SEE ALSO\fIturnserver\fP, \fIturnutils\fP.SH ======================================.SS  WEB RESOURCESproject page:.PPhttps://github.com/coturn/coturn/.PPWiki page:.PPhttps://github.com/coturn/coturn/wiki.PPforum:.PPhttps://groups.google.com/forum/?fromgroups=#!forum/turn\-server\-project\-rfc5766\-turn\-server/.SH ======================================.SS  AUTHORSSee the AUTHORS.md file in the coturn source distribution.
 |