GopherSecurity CLI Commands

This document provides the commands, their arguments, and options, to interface with the GopherSecurity via CLI. Commands can be executed from a shell application on any OS and from any directory within the OS.

When signed in to the GopherSecurity CLI as "root" admin, all Gopher networks configured in the Gopher dashboard Team instance for that root admin are automatically imported to the GopherSecurity CLI.

gopher -h

Where -h and --h are "help" arguments.

Use this command to display all available Gopher commands, arguments and options.

gopher -h
  gopher COMMAND [args...] {OPTIONS}

  OPTIONS:

      --dump=[dump]
      --use=[use]
      --connect=[connect]
      --disconnect=[disconnect]
      --stats=[stats]
      --trace=[trace]
      --node-id=[node-id]
      --ipv4=[ipv4]
      --ipv6=[ipv6]
      arguments
        -h, --help                        Help
        args...                           The command's arguments if needed
        login                             gopher login
        loginkey                          gopher loginkey <access_key_id>
        logout                            gopher logout
        list                              gopher list
        connect                           gopher connect
                                          <network-index|network-id|network-name>
        disconnect                        gopher disconnect
                                          <network-index|network-id|network-name>
        status                            Print current session status
        version                           gopher version
        emailcode                         gopher emailcode
        smscode                           gopher smscode
        clearproxy                        Clear OS proxy settings
        node                              gopher node --dump <node-id>
        team                              gopher team list|--use
                                          <team-index|team-id|team-email>
        user                              gopher user list|add|--use
                                          <user-index|user-id|user-email>
        net                               gopher net list
                                          gopher net --connect
                                          <network-index|network-id|network-name>
                                          gopher net --disconnect
                                          <network-index|network-id|network-name>
                                          gopher net --stats
                                          <network-index|network-id|network-name>
                                          gopher net --dump <network-id>
                                          gopher net
                                           --trace
                                          <network-index|network-id|network-name>
                                           --node-id <node-id>
                                           --ipv4 <ipv4>
                                           --ipv6 <ipv6>
      "--" can be used to terminate flag options and force all following
      arguments to be treated as positional options

Use -h or --h to get help for a specific command.

Example:

gopher net -h
  gopher net

    gopher net list
    gopher net --connect <network-id|network-index|network-name>
    gopher net --disconnect <network-id|network-index|network-name>
    gopher net --stats <network-id|network-index|network-name>
    gopher net --dump <network-id>
    gopher net
     --trace <network-id|network-index|network-name>
     --node-id <node-id>
     --ipv4 <ipv4>
     --ipv6 <ipv6>

  OPTIONS:

To login to the GopherSecurity CLI with username and password, use the following command:

gopher login

The output prompts for the following:

Email:
Password:

gopher loginkey

A login key is a Gopher system generated key that can be used to login to multiple Gopher instances deployed on multiple servers. Good for massive deployment using toolset like Ansible.

To login to the GopherSecurity CLI with a login key, use the following command replacing the <accessKeyId> parameter with the actual key ID.

gopher loginkey <accessKeyId>

gopher logout

Logs the current user, if multiple, out of their Gopher Team, then auto switch another user account, if multiple.

gopher status

Used to get the user ID of the current logged in user, and displays any Gopher Network(s) that have a status of "connected".

gopher status
Current user: m531@gopher.security
Connected: Contractors network

gopher version

Displays the version of GopherSecurity CLI running on the device.

gopher smscode

Only required for user accounts that the Gopher admin has enabled MFA using SMS for authentication.

To enter an SMS generated MFA code, use the following command, replacing the <code> parameter with the actual authentication code:

gopher smscode <SMScode>

gopher emailcode

Only required for user accounts that the Gopher admin has enabled MFA using email for authentication.

To enter an email generated MFA code, use the following command, replacing the <emailcode> parameter with the actual authentication code:

gopher emailcode <emailcode>

Upon successful login, GopherSecurity displays the Team the user is currently logged in to, along with the Team list for the logged in user.

Welcome: m531@gopher.security
Team list:
1. 387183472197898241, m531@gopher.security (Current)

The Team list will populate with additional teams each time the user signs into a different team. (See commands "gopher team list" and "gopher team --use".)

gopher clearproxy

Clears proxy settings in the OS that Gopher may have set after connecting to a Gopher network.

Example of command and output:

gopher clearproxy
Clear OK

gopher node --dump

gopher node --dump <node-id>

A Gopher node is a TUN/IP instance that is created after connecting to a Gopher network. (Refer to the command gopher net --dump to get the node-id.)

Use this command to get detailed information about the Gopher node.

gopher node --dump 503171368616071171 
{
  "accountId": "387183472197898241",
  "channelPublicKey": "1ae4d5e99566ca957d6db8741a3f76e0f05fe8699215e70aaf93fb4c1b2271cf",
  "dataPublicKey": "fded513e6b6e1ceb35206d0b22234bfbefd9819fb0750bb9b40acce9d568d462",
  "deviceId": "568D3361-0FFA-4207-85D9-1FA3B1460AD4",
  "httpProxyPort": 0,
  "ipv4": "10.1.57.1",
  "ipv4Netmask": "255.255.255.192",
  "ipv4SubnetId": "502118811953139713",
  "ipv6": "fd00:0:0:0:8b11:28a9:a46f:e5c1",
  "ipv6PrefixLen": 122,
  "ipv6SubnetId": "502118812108328962",
  "memberId": "503171368616071170",
  "networkDescription": "Remote access to contractor apps",
  "networkId": "502118811902808065",
  "networkName": "Contractors network",
  "networkType": 1,
  "nodeId": "503171368616071171",
  "port": 64327,
  "proxyDomains": [],
  "socksProxyPort": 0,
  "userId": "387183472197898241"
}

gopher user list

Displays the user (including user-index, user-id and user-email) instances that have authenticated to the GopherSecurity CLI and indicates which account the user is currently signed in with.

Example:

gopher user list
User list:
1. 387183472197898241, m531@gopher.security (Current)

gopher user add

Used to login with a different user account that has already been created in the Gopher dashboard, and switches that user to the current logged in user. Follow the prompts to login.

Example:

gopher user add
Email: m530@gmail.com
Password:
Welcome: m530@gmail.com
Team list:
1. 387183472197898241, m531@gopher.security (Current)

One person can have multiple user accounts, which are very convenient to work across teams and/or organizations.

gopher user --use

Used to switch to a different user

Once a user has logged in with a different account, they can use the command "gopher user --use" to switch back and forth between accounts, without being prompted for a login password again.

Example:

gopher user list
User list:
1. 387183472197898241, m531@gopher.security (Current)
2. 502053371352584193, m530@gmail.com

gopher user --use m530@gmail.com
Switch User OK
Current User: m530@gmail.com

gopher team list

Displays the Team list for the logged in user as well as any other teams which the user has signed into from the GopherSecurity CLI. The team list includes the teamId and team-email parameters, and shows which team the user is currently logged in to with the following output:

Team list:
1. 387183472197898241, m531@gopher.security (Current)
2. 397815435874413298, m532@gopher.security
3. 378121784156314765, m533@gopher.security

gopher team --use

gopher team -use <team-id|team-index|team-email>

Use the command "gopher team list" to get the <team-id> and <team-email>.

Used to switch Gopher teams

In the following example, the <team-id> is used to specify the team.

gopher team --use 3978154354874413298

If the command is successful, the output will display the new Team email address and Team list.

Welcome: m532@gopher.security
Team list:
1. 3978154354874413298, m532@gopher.security (Current)

gopher net list

Displays the network-id and network-name for all networks for the team the user is currently logged in to, and specifies the network(s) the user is currently connected to.

Example:

gopher net list
1. 502118811902808065, Contractors network (Connected)
2. 516236294142169089, VM network
3. 516236470726561794, HR network

gopher net --connect

gopher net --connect <network-id|network-index|network-name>

Use the command "gopher net list" to get the network-id and network-name.

Used to connect to a Gopher network.

gopher net --connect 502118811902808065

If the connection is successful, the following output will be displayed:

Connected: 502118811902808065

gopher net --disconnect

gopher net --disconnect <network-id|network-index|network-name>

Use the command "gopher net list" for the network-id and network-name of the connected Gopher network(s).

This command is used to disconnect from a Gopher network. In the following example, the <network-id> is used to identify the network:

gopher net --disconnect 502118811902808065
Disconnected

gopher net --stats

gopher net --stats <network-id|network-index|network-name>

gopher net --stats 502118811902808065
Network data stats:
- addr-req-count: 0
- fwd-in-bytes: 0
- fwd-in-packets: 0
- fwd-out-bytes: 0
- fwd-out-packets: 0
- in-bytes: 4671822
- in-packets: 5647
- out-bytes: 406243
- out-packets: 4566
- tun-packets-drop: 147
- tun-packets-error: 1
- udp-packets-drop: 0
- udp-packets-error: 0

gopher net --dump

gopher net --dump <network-id>

Used to get detailed information about the local node and Gopher network the user has connected to.

gopher net --dump 502118811902808065
{
  "accountId": "387183472197898241",
  "confUpdate": {
    "nodeStatus": 1,
    "updateForwardConf": true,
    "updateIndexConf": true,
    "updateLogOptionConf": true,
    "updateMdsConf": true,
    "updateMemberConf": true,
    "updateProxyConf": true,
    "updateSubnetConf": true,
    "updateWebsocketConf": true
  }
  ......
 }

gopher net --trace

gopher net --trace <network-id|network-index|network-name> --node-id|--ipv4|--ipv6

Used to trace the route to another node in the same Gopher network that the user is connected to.

Example:

gopher net list
1. 502118811902808065, Contractors network (Connected)
2. 516236294142169089, VM network (Connected)
3. 516236470726561794, HR network

gopher net --trace 502118811902808065 --ipv4 10.10.134.195
Trace Data:
{
  "dst-node-id": 419609895206260739,
  "end-time": "2024-09-04 06:22:35",
  "hop-count": 1,
  "hop-list": [
    {
      "dst-ipv4-address": "10.10.134.195",
      "dst-ipv6-address": "fd00:0:0:0:62a1:96e2:e39f:15c5",
      "dst-node-id": 419609895206260739,
      "latency-ms": 100,
      "src-ipv4-address": "10.10.134.193",
      "src-ipv6-address": "fd00:0:0:0:62a1:96e2:e39f:15c3",
      "src-node-id": 404323578310430723
    }
  ],
  "src-node-id": 404323578310430723,
  "start-time": "2024-09-04 06:22:35",
  "trace-status": "Completed"
}

PreviousGopherSecurity App Installation Guide for Linux

Last updated 2 months ago