knife user¶
Use the knife user subcommand to manage the list of users and their associated RSA public key-pairs.
Note
Review the list of common options available to this (and all) knife subcommands and plugins.
create¶
Use the create argument to create a user. This process will generate an RSA key pair for the named user. The public key will be stored on the Chef Infra Server and the private key will be displayed on STDOUT or written to a named file.
- For the user, the private key should be copied to the system as
/etc/chef/client.pem. - For knife, the private key is typically copied to
~/.chef/client_name.pemand referenced in the config.rb configuration file.
Syntax¶
This argument has the following syntax:
$ knife user create USERNAME DISPLAY_NAME FIRST_NAME LAST_NAME EMAIL PASSWORD (options)
Options¶
This argument has the following options:
-a,--admin- Create a client as an admin client.
-f FILE_NAME,--file FILE_NAME- Save a private key to the specified file name.
-p PASSWORD,--password PASSWORD- The user password.
--user-key FILE_NAME- The path to a file that contains the public key. If this option is not specified, the Chef Infra Server will generate a public/private key pair.
Note
See config.rb for more information about how to add certain knife options as settings in the config.rb file.
Examples¶
The following examples show how to use this knife subcommand:
Create a user
$ knife user create rbirdman "Radio Birdman" Radio Birdman radio@bird.man -f /keys/radio_birdman
delete¶
Use the delete argument to delete a registered user.
Options¶
This command does not have any specific options.
Examples¶
The following examples show how to use this knife subcommand:
Delete a user
$ knife user delete "Steve Danno"
edit¶
Use the edit argument to edit the details of a user. When this argument is run, knife will open $EDITOR. When finished, knife will update the Chef Infra Server with those changes.
Options¶
This command does not have any specific options.
Examples¶
None.
key create¶
Use the key create argument to create a public key.
Options¶
This argument has the following options:
-e DATE,--expiration-date DATE- The expiration date for the public key, specified as an ISO 8601 formatted string:
YYYY-MM-DDTHH:MM:SSZ. If this option is not specified, the public key will not have an expiration date. For example:2013-12-24T21:00:00Z. -f FILE,--file FILE- Save a private key to the specified file name.
-k NAME,--key-name NAME- The name of the public key.
-p FILE_NAME,--public-key FILE_NAME- The path to a file that contains the public key. If this option is not specified, and only if
--key-nameis specified, the Chef Infra Server will generate a public/private key pair.
Examples¶
None.
key edit¶
Use the key edit argument to modify or rename a public key.
Options¶
This argument has the following options:
-c,--create-key- Generate a new public/private key pair and replace an existing public key with the newly-generated public key. To replace the public key with an existing public key, use
--public-keyinstead. -e DATE,--expiration-date DATE- The expiration date for the public key, specified as an ISO 8601 formatted string:
YYYY-MM-DDTHH:MM:SSZ. If this option is not specified, the public key will not have an expiration date. For example:2013-12-24T21:00:00Z. -f FILE,--file FILE- Save a private key to the specified file name. If the
--public-keyoption is not specified the Chef Infra Server will generate a private key. -k NAME,--key-name NAME- The name of the public key.
-p FILE_NAME,--public-key FILE_NAME- The path to a file that contains the public key. If this option is not specified, and only if
--key-nameis specified, the Chef Infra Server will generate a public/private key pair.
Examples¶
None.
key list¶
Use the key list argument to view a list of public keys for the named user.
Options¶
This argument has the following options:
-e,--only-expired- Show a list of public keys that have expired.
-n,--only-non-expired- Show a list of public keys that have not expired.
-w,--with-details- Show a list of public keys, including URIs and expiration status.
Examples¶
None.
reregister¶
Use the reregister argument to regenerate an RSA key pair for a user. The public key will be stored on the Chef Infra Server and the private key will be displayed on STDOUT or written to a named file.
Note
Running this argument will invalidate the previous RSA key pair, making it unusable during authentication to the Chef Infra Server.
Options¶
This argument has the following options:
-f FILE_NAME,--file FILE_NAME- Save a private key to the specified file name.
Note
See config.rb for more information about how to add certain knife options as settings in the config.rb file.
Examples¶
The following examples show how to use this knife subcommand:
Regenerate the RSA key-pair
$ knife user reregister "Robert Younger"
show¶
Use the show argument to show the details of a user.
Options¶
This argument has the following options:
-a ATTR,--attribute ATTR- The attribute (or attributes) to show.
Examples¶
The following examples show how to use this knife subcommand:
Show user data
To view a user named Dennis Teck, enter:
$ knife user show "Dennis Teck"
to return something like:
chef_type: user
json_class: Chef::User
name: Dennis Teck
public_key:
Show user data as JSON
To view information in JSON format, use the -F common option as part of the command like this:
$ knife user show "Dennis Teck" -F json
(Other formats available include text, yaml, and pp, e.g. -F yaml for YAML.)