.\" Text automatically generated by txt2man .TH TURN 1 "05 June 2021" "" "" .SH GENERAL INFORMATION \fIturnadmin\fP is a TURN administration tool. This tool can be used to manage the user accounts (add/remove users, generate TURN keys for the users). For security reasons, we do not recommend storing passwords openly. The better option is to use pre\-processed "keys" which are then used for authentication. These keys are generated by \fIturnadmin\fP. Turnadmin is a link to \fIturnserver\fP binary, but \fIturnadmin\fP performs different functions. .PP Options note: \fIturnadmin\fP has long and short option names, for most options. Some options have only long form, some options have only short form. Their syntax somewhat different, if an argument is required: .PP The short form must be used as this (for example): .PP .nf .fam C $ turnadmin \-u \.\.\. .fam T .fi The long form equivalent must use the "=" character: .PP .nf .fam C $ turnadmin \-\-user= \.\.\. .fam T .fi If this is a flag option (no argument required) then their usage are the same, for example: .PP .nf .fam C $ turnadmin \-k \.\.\. .fam T .fi is equivalent to: .PP .nf .fam C $ turnadmin \-\-key \.\.\. .fam T .fi You have always the use the \fB\-r\fP option with commands for long term credentials \- because data for multiple realms can be stored in the same database. .SH ===================================== .SS NAME \fB \fBturnadmin \fP\- a TURN relay administration tool. \fB .SS SYNOPSIS .nf .fam C $ \fIturnadmin\fP [\fIcommand\fP] [\fIoptions\fP] $ \fIturnadmin\fP [ \fB\-h\fP | \fB\-\-help\fP] .fam T .fi .fam T .fi .SS DESCRIPTION Commands: .TP .B \fB\-P\fP, \fB\-\-generate\-encrypted\-password\fP Generate and print to the standard output an encrypted form of a password (for web admin user or CLI). The value then can be used as a safe key for the password storage on disk or in the database. Every invocation for the same password produces a different result. The format of the encrypted password is: $5$<\.\.\.salt\.\.\.>$<\.\.\.sha256(salt+password)\.\.\.>. Salt is 16 characters, the sha256 output is 64 characters. Character 5 is the algorithm id (sha256). Only sha256 is supported as the hash function. .TP .B \fB\-k\fP, \fB\-\-key\fP Generate key for a long\-term credentials mechanism user. .TP .B \fB\-a\fP, \fB\-\-add\fP Add or update a long\-term user. .TP .B \fB\-A\fP, \fB\-\-add\-admin\fP Add or update an admin user. .TP .B \fB\-d\fP, \fB\-\-delete\fP Delete a long\-term user. .TP .B \fB\-D\fP, \fB\-\-delete\-admin\fP Delete an admin user. .TP .B \fB\-l\fP, \fB\-\-list\fP List long\-term users in the database. .TP .B \fB\-L\fP, \fB\-\-list\-admin\fP List admin users in the database. .PP \fB\-s\fP, \fB\-\-set\-secret\fP= Add shared secret for TURN REST API .TP .B \fB\-S\fP, \fB\-\-show\-secret\fP Show stored shared secrets for TURN REST API .PP \fB\-X\fP, \fB\-\-delete\-secret\fP= Delete a shared secret. .RS .TP .B \fB\-\-delete\-all_secrets\fP Delete all shared secrets for REST API. .RE .TP .B \fB\-O\fP, \fB\-\-add\-origin\fP Add origin\-to\-realm relation. .TP .B \fB\-R\fP, \fB\-\-del\-origin\fP Delete origin\-to\-realm relation. .TP .B \fB\-I\fP, \fB\-\-list\-origins\fP List origin\-to\-realm relations. .TP .B \fB\-g\fP, \fB\-\-set\-realm\-option\fP Set realm params: max\-bps, total\-quota, user\-quota. .TP .B \fB\-G\fP, \fB\-\-list\-realm\fP\-\fIoptions\fP List realm params. .TP .B \fB\-E\fP, \fB\-\-generate\-encrypted\-password\-aes\fP Generate and print to the standard output an encrypted form of password with AES\-128 .PP Options with required values: .TP .B \fB\-b\fP, \fB\-\-db\fP, \fB\-\-userdb\fP SQLite user database file name (default \- /var/db/turndb or /usr/local/var/db/turndb or /var/lib/turn/turndb). See the same option in the \fIturnserver\fP section. .TP .B \fB\-e\fP, \fB\-\-psql\-userdb\fP PostgreSQL user database connection string. See the \fB\-\-psql\-userdb\fP option in the \fIturnserver\fP section. .TP .B \fB\-M\fP, \fB\-\-mysql\-userdb\fP MySQL user database connection string. See the \fB\-\-mysql\-userdb\fP option in the \fIturnserver\fP section. .TP .B \fB\-J\fP, \fB\-\-mongo\-userdb\fP MongoDB user database connection string. See the \fB\-\-mysql\-mongo\fP option in the \fIturnserver\fP section. .TP .B \fB\-N\fP, \fB\-\-redis\-userdb\fP Redis user database connection string. See the \fB\-\-redis\-userdb\fP option in the \fIturnserver\fP section. .TP .B \fB\-u\fP, \fB\-\-user\fP User name. .TP .B \fB\-r\fP, \fB\-\-realm\fP Realm. .TP .B \fB\-p\fP, \fB\-\-password\fP Password. .TP .B \fB\-x\fP, \fB\-\-key\-path\fP Generates a 128 bit key into the given path. .TP .B \fB\-f\fP, \fB\-\-file\-key\-path\fP Contains a 128 bit key in the given path. .TP .B \fB\-v\fP, \fB\-\-verify\fP Verify a given base64 encrypted type password. .TP .B \fB\-o\fP, \fB\-\-origin\fP Origin .TP .B \fB\-\-max\-bps\fP Set value of realm's max\-bps parameter. .TP .B \fB\-\-total\-quota\fP Set value of realm's total\-quota parameter. .TP .B \fB\-\-user\-quota\fP Set value of realm's user\-quota parameter. .TP .B \fB\-h\fP, \fB\-\-help\fP Help. .PP Command examples: .PP Generate an encrypted form of a password: .PP $ \fIturnadmin\fP \fB\-P\fP \fB\-p\fP .PP Generate a key: .PP $ \fIturnadmin\fP \fB\-k\fP \fB\-u\fP \fB\-r\fP \fB\-p\fP .PP Add/update a user in the in the database: .PP $ \fIturnadmin\fP \fB\-a\fP [\fB\-b\fP | \fB\-e\fP | \fB\-M\fP | \fB\-N\fP ] \fB\-u\fP \fB\-r\fP \fB\-p\fP .PP Delete a user from the database: .PP $ \fIturnadmin\fP \fB\-d\fP [\fB\-b\fP | \fB\-e\fP | \fB\-M\fP | \fB\-N\fP ] \fB\-u\fP \fB\-r\fP .PP List all long\-term users in MySQL database: .PP $ \fIturnadmin\fP \fB\-l\fP \fB\-\-mysql\-userdb\fP="" \fB\-r\fP .PP List all admin users in Redis database: .PP $ \fIturnadmin\fP \fB\-L\fP \fB\-\-redis\-userdb\fP="" .PP Set secret in MySQL database: .PP $ \fIturnadmin\fP \fB\-s\fP \fB\-\-mysql\-userdb\fP="" \fB\-r\fP .PP Show secret stored in PostgreSQL database: .PP $ \fIturnadmin\fP \fB\-S\fP \fB\-\-psql\-userdb\fP="" \fB\-r\fP .PP Set origin\-to\-realm relation in MySQL database: .PP $ \fIturnadmin\fP \fB\-\-mysql\-userdb\fP="" \fB\-r\fP \fB\-o\fP .PP Delete origin\-to\-realm relation from Redis DB: .PP $ \fIturnadmin\fP \fB\-\-redis\-userdb\fP="" \fB\-o\fP .PP List all origin\-to\-realm relations in Redis DB: .PP $ \fIturnadmin\fP \fB\-\-redis\-userdb\fP="" \fB\-I\fP .PP List the origin\-to\-realm relations in PostgreSQL DB for a single realm: .PP $ \fIturnadmin\fP \fB\-\-psql\-userdb\fP="" \fB\-I\fP \fB\-r\fP .PP Create new key file for mysql password encryption: .PP $ \fIturnadmin\fP \fB\-E\fP \fB\-\-key\-path\fP .PP Create encrypted mysql password: .PP $ \fIturnadmin\fP \fB\-E\fP \fB\-\-file\-key\-path\fP \fB\-p\fP .PP Verify/decrypt encrypted password: .PP $ \fIturnadmin\fP \fB\-\-file\-key\-path\fP \fB\-v\fP .RE .PP .RS Help: .PP $ \fIturnadmin\fP \fB\-h\fP .SH ======================================= .SS DOCS After installation, run the \fIcommand\fP: .PP $ man \fIturnadmin\fP .PP or in the project root directory: .PP $ man \fB\-M\fP man \fIturnadmin\fP .PP to see the man page. .SH ===================================== .SS FILES /etc/turnserver.conf .PP /var/db/turndb .PP /usr/local/var/db/turndb .PP /var/lib/turn/turndb .PP /usr/local/etc/turnserver.conf .SH ===================================== .SS DIRECTORIES /usr/local/share/\fIturnserver\fP .PP /usr/local/share/doc/\fIturnserver\fP .PP /usr/local/share/examples/\fIturnserver\fP .SH ====================================== .SS SEE ALSO \fIturnserver\fP, \fIturnutils\fP .SH ====================================== .SS WEB RESOURCES project page: .PP https://github.com/coturn/coturn/ .PP Wiki page: .PP https://github.com/coturn/coturn/wiki .PP forum: .PP https://groups.google.com/forum/?fromgroups=#!forum/turn\-server\-project\-rfc5766\-turn\-server/ .SH ====================================== .SS AUTHORS See the AUTHORS.md file in the coturn source distribution.