The options below may be given on the command line, but may also be placed in a config file located at
$XDG_CONFIG_HOME/mosquitto_rr or $HOME/.config/mosquitto_rr with one pair of -optionvalue per line. The
values in the config file will be used as defaults and can be overridden by using the command line. The
exceptions to this is -t, which if given in the config file will not be overridden. Note also that
currently some options cannot be negated, e.g. -S. Config file lines that have a # as the first
character are treated as comments and not processed any further.
-A
Bind the outgoing connection to a local ip address/hostname. Use this argument if you need to
restrict network communication to a particular interface.
-c, --disable-clean-session
Disable 'clean session' / enable persistent client mode. When this argument is used, the broker will
be instructed not to clean existing sessions for the same client id when the client connects, and
sessions will never expire when the client disconnects. MQTT v5 clients can change their session
expiry interval with the -x argument.
When a session is persisted on the broker, the subscriptions for the client will be maintained after
it disconnects, along with subsequent QoS 1 and QoS 2 messages that arrive. When the client
reconnects and does not clean the session, it will receive all of the queued messages.
If using this option, the client id must be set manually with --id--cafile
Define the path to a file containing PEM encoded CA certificates that are trusted. Used to enable SSL
communication.
See also --capath--capath
Define the path to a directory containing PEM encoded CA certificates that are trusted. Used to
enable SSL communication.
For --capath to work correctly, the certificate files must have ".crt" as the file ending and you
must run "openssl rehash <path to capath>" each time you add/remove a certificate.
See also --cafile--cert
Define the path to a file containing a PEM encoded certificate for this client, if required by the
server.
See also --key and the Encrypted Connections section.
--ciphers
An openssl compatible list of TLS ciphers to support in the client. See ciphers(1) for more
information.
-d, --debug
Enable debug messages.
-D, --property
Use an MQTT v5 property with this publish. If you use this option, the client will be set to be an
MQTT v5 client. This option has two forms:
-Dcommandidentifiervalue-Dcommandidentifiernamevaluecommand is the MQTT command/packet identifier and can be one of CONNECT, PUBACK, PUBREC, PUBCOMP,
SUBSCRIBE, UNSUBSCRIBE, DISCONNECT, AUTH, or WILL. The properties available for each command are
listed in the Properties section.
identifier is the name of the property to add. This is as described in the specification, but with
'-' as a word separator. For example: payload-format-indicator. More details are in the Properties
section.
value is the value of the property to add, with a data type that is property specific.
name is only used for the user-property property as the first of the two strings in the string pair.
In that case, value is the second of the strings in the pair.
-e
Response topic. The client will subscribe to this topic to wait for a response.
-f, --file
Send the contents of a file as the request message.
-F
Specify output printing format. This option allows you to choose what information from each message
is printed to the screen. See the Output Format section below for full details.
This option overrides the -v option, but does not override the -N option.
--help
Display usage information.
-h, --host
Specify the host to connect to. Defaults to localhost.
-i, --id
The id to use for this client. If not given, a client id will be generated depending on the MQTT
version being used. For v3.1.1/v3.1, the client generates a client id in the format
mosq-XXXXXXXXXXXXXXXXXX, where the X are replaced with random alphanumeric characters. For v5.0, the
client sends a zero length client id, and the server will generate a client id for the client.
This option cannot be used at the same time as the --id-prefix argument.
-I, --id-prefix
Provide a prefix that the client id will be built from by appending the process id of the client.
This is useful where the broker is using the clientid_prefixes option. Cannot be used at the same
time as the --id argument.
--insecure
When using certificate based encryption, this option disables verification of the server hostname in
the server certificate. This can be useful when testing initial server configurations but makes it
possible for a malicious third party to impersonate your server through DNS spoofing, for example.
Use this option in testing only. If you need to resort to using this option in a production
environment, your setup is at fault and there is no point using encryption.
-k, --keepalive
The number of seconds between sending PING commands to the broker for the purposes of informing it we
are still connected and functioning. Defaults to 60 seconds.
--key
Define the path to a file containing a PEM encoded private key for this client, if required by the
server.
See also --cert and the Encrypted Connections section.
--keyform
Specifies the type of private key in use when making TLS connections.. This can be "pem" or "engine".
This parameter is useful when a TPM module is being used and the private key has been created with
it. Defaults to "pem", which means normal private key files are used.
See also --tls-engine.
-L, --url
Specify specify user, password, hostname, port and topic at once as a URL. The URL must be in the
form: mqtt(s)://[username[:password]@]host[:port]/topic
If the scheme is mqtt:// then the port defaults to 1883. If the scheme is mqtts:// then the port
defaults to 8883.
-m, --message
Send a single request message from the command line.
-N
Do not append an end of line character to the payload when printing. This allows streaming of payload
data from multiple messages directly to another application unmodified. Only really makes sense when
not using -v.
-n, --null-message
Send a null (zero length) request message.
--nodelay
Disable Nagle's algorithm for the socket. This means that latency of sent messages is reduced, which
is particularly noticeable for small, reasonably infrequent messages. Using this option may result in
more packets being sent than would normally be necessary.
-p, --port
Connect to the port specified. If not given, the default of 1883 for plain MQTT or 8883 for MQTT over
TLS will be used.
-P, --pw
Provide a password to be used for authenticating with the broker. Using this argument without also
specifying a username is invalid when using MQTT v3.1 or v3.1.1. See also the --username option.
--pretty
When using the JSON output format %j or %J, the default is to print in an unformatted fashion.
Specifying --pretty prints messages in a prettier, more human readable format.
--proxy
Specify a SOCKS5 proxy to connect through. "None" and "username" authentication types are supported.
The socks-url must be of the form socks5h://[username[:password]@]host[:port]. The protocol prefix
socks5h means that hostnames are resolved by the proxy. The symbols %25, %3A and %40 are URL decoded
into %, : and @ respectively, if present in the username or password.
If username is not given, then no authentication is attempted. If the port is not given, then the
default of 1080 is used.
More SOCKS versions may be available in the future, depending on demand, and will use different
protocol prefixes as described in curl(1).
--psk
Provide the hexadecimal (no leading 0x) pre-shared-key matching the one used on the broker to use
TLS-PSK encryption support. --psk-identity must also be provided to enable TLS-PSK.
--psk-identity
The client identity to use with TLS-PSK support. This may be used instead of a username if the broker
is configured to do so.
-q, --qos
Specify the quality of service desired for the incoming messages, from 0, 1 and 2. Defaults to 0. See
mqtt(7) for more information on QoS.
The QoS is identical for all topics subscribed to in a single instance of mosquitto_rr.
--quiet
If this argument is given, no runtime errors will be printed. This excludes any error messages given
in case of invalid user input (e.g. using --port without a port).
-R
If this argument is given, messages that are received that have the retain bit set will not be
printed. Messages with retain set are "stale", in that it is not known when they were originally
published. When subscribing to a wildcard topic there may be a large number of retained messages.
This argument suppresses their display.
-S
Use SRV lookups to determine which host to connect to. Performs lookups to _mqtt._tcp.<host> when
used in conjunction with -h, otherwise uses _mqtt._tcp.<localdnsdomain>.
-s, --stdin-file
Send a request message read from stdin, sending the entire content as a single message.
-t, --topic
The MQTT topic where the request message will be sent.
--tls-alpn
Provide a protocol to use when connecting to a broker that has multiple protocols available on a
single port, e.g. MQTT and WebSockets.
--tls-engine
A valid openssl engine id. These can be listed with openssl engine command.
See also --keyform.
--tls-engine-kpass-sha1
SHA1 of the private key password when using an TLS engine. Some TLS engines such as the TPM engine
may require the use of a password in order to be accessed. This option allows a hex encoded SHA1 hash
of the password to the engine directly, instead of the user being prompted for the password.
See also --tls-engine.
--tls-use-os-certs
If used, this will load and trust the OS provided CA certificates. This can be used in conjunction
with --cafile and --capath and can be used on its own to enable TLS mode. This will be set by default
if -Lmqtts://... is used, or if port is 8883 and no other certificate options are used.
--tls-version
Choose which TLS protocol version to use when communicating with the broker. Valid options are
tlsv1.3, tlsv1.2 and tlsv1.1. The default value is tlsv1.2. Must match the protocol version used by
the broker.
-u, --username
Provide a username to be used for authenticating with the broker. See also the --pw argument.
--unix
Connect to a broker through a local unix domain socket instead of a TCP socket. This is a replacement
for -h and -L. For example: mosquitto_pub--unix/tmp/mosquitto.sock...
See the socket_domain option in mosquitto.conf(5) to configure Mosquitto to listen on a unix socket.
-v, --verbose
Print received messages verbosely. With this argument, messages will be printed as "topic payload".
When this argument is not given, the messages are printed as "payload".
-V, --protocol-version
Specify which version of the MQTT protocol should be used when connecting to the rmeote broker. Can
be 5, 311, 31, or the more verbose mqttv5, mqttv311, or mqttv31. Defaults to 5.
-W
Provide a timeout as an integer number of seconds. mosquitto_sub will stop processing messages and
disconnect after this number of seconds has passed. The timeout starts just after the client has
connected to the broker.
--will-payload
Specify a message that will be stored by the broker and sent out if this client disconnects
unexpectedly. This must be used in conjunction with --will-topic.
--will-qos
The QoS to use for the Will. Defaults to 0. This must be used in conjunction with --will-topic.
--will-retain
If given, if the client disconnects unexpectedly the message sent out will be treated as a retained
message. This must be used in conjunction with --will-topic.
--will-topic
The topic on which to send a Will, in the event that the client disconnects unexpectedly.
-x
Set the session-expiry-interval property on the CONNECT packet. Applies to MQTT v5 clients only. Set
to 0-4294967294 to specify the session will expire in that many seconds after the client disconnects,
or use -1, 4294967295, or ∞ for a session that does not expire. Defaults to -1 if -c is also given,
or 0 if -c not given.
If the session is set to never expire, either with -x or -c, then a client id must be provided.