Universal Data Mover Gateway 2.0.x Utilities Reference Guide

Owned by
Olivier Michaut
Last updated: May 28, 2024 by
Katie Murphy
3 min read

Overview

This page provides detailed information for the Universal Data Mover Gateway utilities, which are installed as part of the UDMG Server package.

udmg-sshkey: SSH Key conversion

UDMG Server only accepts the OpenSSH format for SFTP/SSH public keys. The udmg-sshkey tool enables the conversion from another format to the OpenSSH format.

The supported input formats are:

  • OpenSSH authorized key line
  • PEM encoded formats (PKCS8, PKCS1)
  • SSH wire format (Binary ASN1 DER)

The output of the tool shows the key details and the OpenSSH format that is suitable for use during the setup of SFTP servers on UDMG:

  • Key format
  • Key algorithm
  • Key size (only for RSA)
  • SHA256 fingerprint
  • MD5 fingerprint
  • Conversion to authorized key line format

Command line usage:

udmg-sshkey -h
Usage:
  udmg-sshkey [OPTIONS] <parse | version>
Help Options:
  -h, --help  Show this help message
Available commands:
  parse    Parse an SSH Public key file
  version  Print version and exit
  
udmg-sshkey parse -h
Usage:
  udmg-sshkey [OPTIONS] parse [parse-OPTIONS]
Help Options:
  -h, --help      Show this help message
[parse command options]
      -f, --file= The public key file, accepted formats are PKCS8 (x509), OpenSSH (authorized keys), and SSH wire.

Example with a public key in PEM format (PKCS8):

udmg-sshkey parse -f PKCS8.pub
● Public Key:
        Algorithm:           ssh-rsa
        Bits:                2048
        MD5 fingerprint:     1b:46:00:1a:74:ad:5f:79:02:7c:b8:8d:5b:62:d6:2d
        SHA-256 fingerprint: SHA256:t9VWralQjLpMTmGl8c5lIdp23IyslkxkS/BWU5uKs0Q
        Authorized keys:     ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCm8o2RH5gJqQf+vYEmWWiEjZXm3i6/ycUXiv8GkZk/N7kv6Ano2/Zt351D9DOuv7TbZlH2ZP2sfJtk7/jiFaiXYJlyrDaBN4xTagCutbkZHVGNd8ShfHoVFS38hjSXJqOG6Mdou4sET23bR6rIuaHp6Jvkit9HfTRFJPIku2YmdjZJP34i3s3wI+thSGXp5Cuj/QrbjPuCc6ya4qQQI8Pzaqo3SFcwIs68RvnadMqptZeNmYo0CJmPZEkESbmvFtiRq0wXn77P9AajQlWhCMLR3X8qJlvvrn6L/wWV033iOh49Vu0iw5ez4rDyoQ0Wabvc2GAN4/MEowarj9bFn4xn

icap-client: checking connectivity to an ICAP server


A simple ICAP client tool, icap-client, is provided with the UDMG software package to test the connectivity towards an ICAP server and the validity of the configuration options.


icap-client -h
Usage of /opt/udmg/bin/icap-client:
  -filename string
        Specifies the path of the file.
  -maxSize int
        Specifies the maximum size of a file to use. (default 2048)
  -port int
        Specifies the port to use. (default 1344)
  -previewSize int
        Specifies the preview size to use .
  -retry int
        Specifies the maximum retry to send the file. (default 1)
  -secureConnection
        Use a secure connection.
  -service string
        Specifies the ICAP service name. (default "avscan")
  -timeout duration
        Specifies the time limit to use in minutes. (default 10m0s)
  -to string
        Specifies the address (via DNS or IP) of the ICAP server (default "localhost")
  -vendor string
        Specifies the ICAP service vendor. (default "c-icap")
  -version
        Show Version.


Example for an infected file:

$ /opt/udmg/bin/icap-client -filename eicar.com
2024/03/07 09:30:07 ICAP Status Code: 200
2024/03/07 09:30:07 HTTP Status Code: 403
2024/03/07 09:30:07 Headers: udmg_icap_Istag CI0001-fKM8uYIum6NGTsCfkaivwgAA
2024/03/07 09:30:07 Headers: udmg_icap_X-Infection-Found Type=0; Resolution=2; Threat=Win.Test.EICAR_HDB-1;
2024/03/07 09:30:07 Headers: udmg_icap_X-Violations-Found 1
2024/03/07 09:30:07 Headers: udmg_icap_Encapsulated res-hdr=0, res-body=108
2024/03/07 09:30:07 Headers: udmg_icap_Status OK
2024/03/07 09:30:07 Headers: udmg_icap_Statuscode 200
2024/03/07 09:30:07 Headers: udmg_icap_Server C-ICAP/0.5.3
2024/03/07 09:30:07 Headers: udmg_icap_Connection keep-alive
2024/03/07 09:30:07 Detected

Example for a not-infected file:

$ /opt/udmg/bin/icap-client -filename sample.txt
2024/03/07 09:30:07 Not Detected