Rmanager
(→Secure connections (Yate 3+)) |
(→Secure connections (Yate 3+)) |
||
| Line 78: | Line 78: | ||
For Windows clients no simple free connection solution exists. The commercial (with 30 days trial) program [http://www.vandyke.com/products/securecrt/index.html SecureCRT] can be used. If you have a self-signed certificate you will need to go to ''Options -> Session Options -> Connection -> Telnet/SSL -> SSL'' '''[x] Disable certificate verification'''. Also it's nice to enable color - in ''Options -> Session Options -> Terminal -> Emulation'' '''[x] ANSI Color'''. The same program supports SSH/SSH2 (which is a very different protocol) if you need to log in to a Linux box from Windows. | For Windows clients no simple free connection solution exists. The commercial (with 30 days trial) program [http://www.vandyke.com/products/securecrt/index.html SecureCRT] can be used. If you have a self-signed certificate you will need to go to ''Options -> Session Options -> Connection -> Telnet/SSL -> SSL'' '''[x] Disable certificate verification'''. Also it's nice to enable color - in ''Options -> Session Options -> Terminal -> Emulation'' '''[x] ANSI Color'''. The same program supports SSH/SSH2 (which is a very different protocol) if you need to log in to a Linux box from Windows. | ||
| − | Another alternative for both Windows and POSIX systems is to secure the connection with | + | Another alternative for both Windows and POSIX systems is to secure the connection with [http://www.stunnel.org/ stunnel] and connect to it with the default Telnet client. This setup is more elaborate and prone to error. |
=== Remote Manager config file === | === Remote Manager config file === | ||
Revision as of 12:56, 3 October 2012
Contents |
Remote Manager Module
This module allows controlling Yate using a simple telnet client.
telnet 127.0.0.1 5038 Trying 127.0.0.1... Connected to localhost (127.0.0.1). Escape character is '^]'. YATE 3.0.0-alpha3 (http://YATE.null.ro) ready. ? Available commands: quit echo [on|off] help [command] auth password status [overview] [modulename] uptime machine [on|off] output [on|off] color [on|off] debug [module] [level|on|off] coredump [filename] drop {chan|*|all} [reason] call chan target control chan [operation] [param=val] [param=...] reload restart [now] stop [exitcode] module {{load|reload} modulefile|unload modulename|list} callgen {start|stop|drop|pause|resume|single|info|reset|load|save|set paramname[=value]} accounts [reload|{login|logout|...} [account]] sigdump component [filename] |
These commands can be entered by hand. More or less commands may be available depending on the loaded modules.
Entering a question character alone on a line will display the help screen. Entering help commandname or ? commandname will display a short description of that command.
help status status [overview] [modulename] Shows status of all or selected modules or channels |
To exit from Remote Manager type "quit" and press enter.
A list of possble commands is provided on a separate page.
Machine mode
Remote Manager has a special machine mode that is activated by the "machine on" command. In this mode answers are machine parsable and also the messages are dumped just after being dispatched. The message text format is the same with the one from extmodule.
If you want to connect programmatically to rmanager to give it commands consider disabling Telnet negotiation. This will avoid the need of interpreting Telnet escape sequences and will also disable remote echo mode.
Secure connections (Yate 3+)
It is possible to enable SSL encryption by specifying a context= or domain= in the desired listener section. Usually a separate listener is used, bound to a different interface or port number.
The openssl module is required and it needs to have the context or domain properly configured (including a server certificate) in openssl.conf
Suppose a secure listener is set up on port 5050 the telnet-ssl program can be used to connect:
$ telnet-ssl -z ssl 127.0.0.1 5050 Trying 127.0.0.1... SSL: Server has a self-signed certificate SSL: unknown issuer: /C=--/ST=SomeState/L=SomeCity/O=SomeOrganization/OU=SomeOrganizationalUnit /CN=localhost.localdomain/emailAddress=root@localhost.localdomain Connected to 127.0.0.1. Escape character is '^]'. YATE 3.0.0-alpha1 (http://YATE.null.ro) ready. |
For Windows clients no simple free connection solution exists. The commercial (with 30 days trial) program SecureCRT can be used. If you have a self-signed certificate you will need to go to Options -> Session Options -> Connection -> Telnet/SSL -> SSL [x] Disable certificate verification. Also it's nice to enable color - in Options -> Session Options -> Terminal -> Emulation [x] ANSI Color. The same program supports SSH/SSH2 (which is a very different protocol) if you need to log in to a Linux box from Windows.
Another alternative for both Windows and POSIX systems is to secure the connection with stunnel and connect to it with the default Telnet client. This setup is more elaborate and prone to error.
Remote Manager config file
rmanager.conf
[general] ; Each section creates a connection listener in the Remote Manager. ; An empty (all defaults) general section is assumed only in server mode if the ; configuration file is missing. ; port: int: TCP Port to listen on, 0 to disable the listener ;port=5038 ; addr: ipaddress: IP address to bind to ;addr=127.0.0.1 ; header: string: Header string to display on connect
;header=YATE ${version}-${release} (http://YATE.null.ro) ready.
; password: string: Password required to authenticate as admin, default empty! ;password= ; userpass: string: Password to authenticate as observer user, default empty! ;userpass= ; timeout: int: Timeout until authentication succeeds in msec ; Defaults to waiting 30s until closing an unauthenticated connection ; Set to zero to disable else enforced minimum value is 5000 ms (5s) ;timeout=30000 ; telnet: bool: Initiate TELNET negotiation on connect ;telnet=yes ; output: bool: Enable output as soon as connecting ; This setting is ignored if an userpass is set ;output=no ; debug: bool: Enable local debug as soon as connecting ; This setting is ignored if any password is set ;debug=no ; color: bool: Enable colorization debug as soon as connecting ; This setting is ignored if telnet negotiation is disabled ;color=no ; interactive: bool: Disable the TCP coalescing to improve interactivity ; This is almost never required and needs Yate to run as superuser ;interactive=no ; context: string: SSL context to use to secure the connection ; Setting a context enables SSL on the listener and overrides any domain ;context= ; domain: string: Domain used to identify the SSL context to use ; Setting a domain enables SSL on the listener ;domain= ; verify: keyword: SSL handshake client certificate verification type ; For acceptable values see the documentation of the openssl module ; By default no client certificate is required ;verify= |
