pluginviewer Command in Linux
The pluginviewer command in Linux lists the loadable Cyrus SASL (Simple Authentication and Security Layer) plugins and their properties. It is used to troubleshoot SASL setups by listing available client, server, and auxprop plugins.
Table of Contents
Here is a comprehensive guide to the options available with the pluginviewer command â
- Installation of pluginviewer Command in Linux
- Syntax of pluginviewer Command
- pluginviewer Command Options
- Examples pluginviewer Command in Linux
Installation of pluginviewer Command in Linux
To use the pluginviewer command in Linux, it must be installed. To install it on Ubuntu, Kali Linux, Debian, and other Debian-based distributions, use the following command −
sudo apt install sasl2-bin
To install it on CentOS, use the following command −
sudo yum install cyrus-sasl
To install it on Fedora, use the command given below −
sudo dnf install cyrus-sasl
To verify the installation, use the following command −
which pluginviewer
In some Linux distributions, it is installed with the name of saslpluginviewer. For example, in Ubuntu, it can be verified using the command mentioned below −
which saslpluginviewer
Syntax of pluginviewer Command
The syntax of the pluginviewer command in Linux is as follows −
pluginviewer [options] saslpluginviewer [options]
In the above syntax, the [options] field is used to specify various options (given in the next section) to modify the commandâs output.
pluginviewer Command Options
The options of the Linux pluginviewer command are listed below −
| Option | Description |
|---|---|
| -a | List auxprop plugins. |
| -s | List server authentication (SASL) plugins. |
| -c | List client authentication (SASL) plugins. |
| -b min=N1,max=N2 | List client authentication plugins with security layer strength in bits (N1 to N2). |
| -e ssf=N,id=ID | Set external security layer with N-bit strength and authentication ID. |
| -m MECHS | Limit listed SASL plugins to those in MECHS (space-separated). |
| -x AUXPROP_MECHS | Limit listed auxprop plugins to those in AUXPROP_MECHS (space-separated). |
| -f FLAGS | Set security flags: noplain, noactive, nodict, forwardsec, passcred, maximum. |
| -p PATH | Specify a colon-separated search path for plugins. |
Examples pluginviewer Command in Linux
This section explains how to use the pluginviewer command in Linux with examples −
Listing All Available SASL Plugins
To list all the available SASL plugins, use the pluginviewer command without any option −
pluginviewer
Or −
saslpluginviewer
The above command displays all loadable SASL plugins as shown in the output image below −
Displaying Auxiliary Property Plugins
To display the auxprop (auxiliary property) plugins, use the -a option with the pluginviewer command. The following command shows available auxiliary property plugins for authentication.
pluginviewer -a
Or −
saslpluginviewer -a
Displaying the Specific Auxiliary Property Plugins
To display only the specific auxprop plugins, use the -x option with the plugin name −
pluginviewer -x "sql sasldb"
Or −
saslpluginviewer -x "sql sasldb"
Displaying Server-Side Authentication Plugins
To display the only server-side authentication plugins, use the -s option −
pluginviewer -s
Or −
saslpluginviewer -s
Displaying Client-Side Authentication Plugins
To display the only server-side authentication plugins, use the -c option with the pluginviewer command −
pluginviewer -c
Or −
saslpluginviewer -c
Displaying Client Authentication Plugins with Security Strength Limits
To display client authentication plugins with security strength limits, use the -b option with minimum and maximum number of bits −
pluginviewer -b min=256,max=512
Or −
saslpluginviewer -b min=256,max=512
Displaying Plugins with Specific SASL Mechanisms
To display plugins only with specific SASL mechanisms, use the -m option −
pluginviewer -m "PLAIN MD5"
Or −
saslpluginviewer -m "PLAIN MD5"
The above command lists plugin with only PLAIN and DIGEST-MD5 mechanisms as shown in the output image below −
Applying Security Flags
To apply the security flags, use the -f option with the pluginviewer command −
pluginviewer -f noactive,noplain
Or −
saslpluginviewer -f noactive,noplain
The above command displays only mechanisms that do not send passwords in plaintext and protect against active attacks. A list of flags and their descriptions are given below −
| Flag | Description |
|---|---|
| noplain | SASL mechanism does not send password in the clear during authentication. |
| noactive | Requires protection from active attacks. |
| nodict | Requires mechanisms secure against passive dictionary attacks. |
| forwardsec | Requires forward secrecy. |
| passcred | Requires mechanisms that can delegate client credentials. |
| maximum | Requires all security flags. |
Specifying the Custom Plugin Path
To specify the custom plugin search path, use the -p option. Multiple paths can also be specified, separating them by a comma −
pluginviewer -p /plugin/path/1,/plugin/path/2
Or −
saslpluginviewer -p /plugin/path/1,/plugin/path/2
Conclusion
The pluginviewer command in Linux helps list and analyze Cyrus SASL plugins, making it useful for troubleshooting authentication setups. This guide covered its installation, syntax, options, and usage examples. Various options allow listing client, server, or auxiliary property plugins, applying security flags, and specifying search paths. Running pluginviewer or saslpluginviewer without options lists all available plugins.