Provided by: nut-client_2.8.3-2_amd64 
NAME
nutconf - NUT configuration tool
SYNOPSIS
nutconf --help
nutconf [OPTIONS]
DESCRIPTION
nutconf tool is used to create and manipulate NUT configuration files. It also supports device scanning
(to suggest configuration of devices).
INSTALLATION
The scanning feature depends on the very same compile time and run time dependencies as the nut-scanner.
OPTIONS
-h | -help | --help
Display the help text.
-v | --verbose
Increase output verbosity (may be used multiple times).
--is-configured
Checks whether NUT was configured, before.
--system
System configuration directory shall be used.
--local directory
Sets alternative configuration directory.
--get-mode
Prints current NUT configuration mode
--set-mode mode
Sets NUT configuration mode.
Known modes are:
• standalone
• netserver
• netclient
• controlled
• manual
• none
CONFIGURATION ENTRY SET/ADD OPTIONS
These options mostly have 2 forms: --set-... or --add-....
The difference is that the set options discard previous settings while the add options keep them.
Note that such options may be specified multiple times for one run (to enable setting multiple entries at
once).
--set-monitor | --add-monitor <arguments>
Sets/adds a NUT monitor.
• Arguments:
'<ups_ID>' '<host>[:<port>]' '<power_value>' '<user>' '<passwd>' '(\"master\"|\"slave\")'
--set-listen | --add-listen <address> [<port>]
Sets/adds upsd(8) daemon listen address.
--set-device | --add-device <arguments>
Sets/adds a device (typically a UPS).
• Arguments:
'<ups_ID>' '<driver>' '<port>' '[<attribute>=<value>]*'
The attribute/value pairs follow device configuration syntax. Devices may have very different
configuration attributes depending on the driver. Exhaustive description of them is beyond this
man page and may be found in NUT documentation.
--set-notifyflags | --add-notifyflags <type> <flag>+
Sets/adds notification flags for the notification type.
• Notification types are:
• ONLINE (mains is present)
• ONBATT (mains is gone)
• LOWBATT (remaining battery capacity is low)
• FSD (shutdown was forced)
• COMMOK (communication with device established)
• COMMBAD (lost communication with device)
• SHUTDOWN (system is going down, now)
• REPLBATT (UPS battery needs replacing)
• NOCOMM (device is unavailable)
• NOPARENT (upsmon parent process died, shutdown is impossible)
• CAL (calibration in progress)
• NOTCAL (calibration finished)
• OFF (UPS is administratively OFF or asleep, should wake up on command)
• NOTOFF (UPS is no longer administratively OFF or asleep)
• BYPASS (on bypass = powered, not protecting)
• NOTBYPASS (no longer on bypass)
• ALARM (UPS is in an alarm state (has active alarms))
• NOTALARM (UPS is no longer in an alarm state (no active alarms))
• OVER (overloaded)
• NOTOVER (no longer overloaded)
• TRIM (trimming incoming voltage)
• NOTTRIM (no longer trimming incoming voltage)
• BOOST (boosting incoming voltage)
• NOTBOOST (no longer boosting incoming voltage)
• OTHER (UPS has at least one unclassified status token)
• NOTOTHER (UPS has no unclassified status tokens anymore)
• SUSPEND_STARTING (OS is entering sleep/suspend/hibernate mode)
• SUSPEND_FINISHED (OS just finished sleep/suspend/hibernate mode)
• Notification flags:
• SYSLOG (use syslogd to log the notification)
• WALL (push a message to users' terminals)
• EXEC (execute a command)
• IGNORE (don’t act)
--set-notifymsg <type> <message>
Sets message for the specified notification type.
--set-shutdowncmd <command>
Sets command used to shut the system down.
--set-user | --add-user <arguments>
Sets/adds NUT user.
• Arguments:
• <username> (specifies user name). For upsmon user, it has a special form of
upsmon=(primary|master|secondary|slave) which specifies the monitoring mode.
• password=<passwd> sets password for the user
• actions=<actions> sets actions (SET, FSD are supported)
• instcmds=<command> sets instant commands allowed for the user (may be used multiple times)
SCANNING OPTIONS
Availability of each scanning option depends on availability of various 3rd-party libraries both at
compile time and run time.
Run the tool with the --help option to check which of the --scan-... options are actually supported.
All timeouts are in microseconds.
--scan-snmp <start IP> <stop IP> [<attribute>=<value>]*
Scans for SNMP devices on IP addresses from the specified range.
• Known attributes are:
• timeout device scan timeout
• community SNMP community (default: public)
• sec-level security level (SNMPv3); one of noAuthNoPriv authNoPriv, authPriv
• sec-name security name (SNMPv3); mandatory companion of sec-level
• auth-password authentication password (SNMPv3); mandatory for authNoPriv and authPriv
• priv-password privacy password (SNMPv3); mandatory for authPriv
• auth-protocol authentication protocol (SNMPv3): MD5 or SHA, MD5 is the default
• priv-protocol priv. protocol (SNMPv3): DES or AES, DES is the default
• peer-name peer name
--scan-usb
Scans the USB bus for known devices
--scan-xml-http [<timeout>]
Scans for XML/HTTP devices on the network.
--scan-nut <start IP> <stop IP> <port> [<timeout>]
Scans for NUT (pseudo-)devices on the network.
--scan-avahi [<timeout>]
Scans for Avahi devices.
--scan-ipmi <start IP> <stop IP> [<attribute>=<value>]*
Scans for IPMI devices on IP addresses from the specified range.
• Known attributes are:
• username username (mandatory for IPMI/LAN)
• password user password (mandatory for IPMI/LAN)
• auth-type authentication type (see below)
• cipher-suite-id cipher suite ID (see below)
• K-g-BMC-key optional second key (???)
• priv-level priv. level
• workaround-flags
• version (1.5 or 2.0)
• Authentication types:
Specifies the IPMI 1.5 authentication type to use (NONE, STRAIGHT_PASSWORD_KEY, MD2, and MD5)
with the remote host (default=MD5). This forces connection through the lan IPMI interface, thus
in IPMI 1.5 mode.
• none (authentication is disabled)
• MD2
• MD5 (default)
• plain-password (no ciphering used for password sending)
• OEM
• RMCPplus
• Cipher suite IDs:
Specifies the IPMI 2.0 cipher suite ID to use.
The Cipher Suite ID identifies a set of authentication, integrity, and confidentiality algorithms
to use for IPMI 2.0 communication.
The authentication algorithm identifies the algorithm to use for session setup, the integrity
algorithm identifies the algorithm to use for session packet signatures, and the confidentiality
algorithm identifies the algorithm to use for payload encryption (default=3).
The following cipher suite IDs are currently supported:
┌──────┬────────────────┬─────────────────┬─────────────────┐
│ Code │ Authentication │ Integrity │ Confidentiality │
├──────┼────────────────┼─────────────────┼─────────────────┤
│ 0 │ None │ None │ None │
├──────┼────────────────┼─────────────────┼─────────────────┤
│ 1 │ HMAC-SHA1 │ None │ None │
├──────┼────────────────┼─────────────────┼─────────────────┤
│ 2 │ HMAC-SHA1 │ HMAC-SHA1-96 │ None │
├──────┼────────────────┼─────────────────┼─────────────────┤
│ 3 │ HMAC-SHA1 │ HMAC-SHA1-96 │ AES-CBC-128 │
├──────┼────────────────┼─────────────────┼─────────────────┤
│ 6 │ HMAC-MD5 │ None │ None │
├──────┼────────────────┼─────────────────┼─────────────────┤
│ 7 │ HMAC-MD5 │ HMAC-MD5-128 │ None │
├──────┼────────────────┼─────────────────┼─────────────────┤
│ 8 │ HMAC-MD5 │ HMAC-MD5-128 │ AES-CBC-128 │
├──────┼────────────────┼─────────────────┼─────────────────┤
│ 11 │ HMAC-MD5 │ MD5-128 │ None │
├──────┼────────────────┼─────────────────┼─────────────────┤
│ 12 │ HMAC-MD5 │ MD5-128 │ AES-CBC-128 │
├──────┼────────────────┼─────────────────┼─────────────────┤
│ 15 │ HMAC-SHA256 │ None │ None │
├──────┼────────────────┼─────────────────┼─────────────────┤
│ 16 │ HMAC-SHA256 │ HMAC_SHA256_128 │ None │
├──────┼────────────────┼─────────────────┼─────────────────┤
│ 17 │ HMAC-SHA256 │ HMAC_SHA256_128 │ AES-CBC-128 │
└──────┴────────────────┴─────────────────┴─────────────────┘
--scan-serial <port>*
Scans for serial devices (of supported types) on the specified serial port(s).
EXAMPLES
To set alternative directory for configuration files:
:; nutconf --local ~/test/nut/etc
To add another user (keeping the existing ones):
:; nutconf --add-user bart password=qwerty
To scan USB devices and serial devices (on the first two ports):
:; nutconf --scan-usb --scan-serial /dev/ttyS1 /dev/ttyS2
SEE ALSO
ups.conf(5) nut-scanner(8)
INTERNET RESOURCES
The NUT (Network UPS Tools) home page: http://www.networkupstools.org/
Network UPS Tools 2.8.3 07/08/2025 NUTCONF(8)