table of contents
| KNIFE-USER(1) | knife user | KNIFE-USER(1) |
NAME¶
knife-user - The man page for the knife user subcommand. The knife user subcommand is used to manage the list of users and their associated RSA public key-pairs.- Note
- This subcommand ONLY works when run against the open source server version 10.x. This subcommand will NOT run against open source server 11, Enterprise Chef (including hosted Enterprise Chef), or Private Chef.
COMMON OPTIONS¶
The following options may be used with any of the arguments available to the knife user subcommand:- --chef-zero-port PORT
- The port on which chef-zero will listen.
- -c CONFIG_FILE, --config CONFIG_FILE
- The configuration file to use.
- -d, --disable-editing
- Indicates that $EDITOR will not be opened; data will be accepted as-is.
- --defaults
- Indicates that Knife will use the default value, instead of asking a user to provide one.
- -e EDITOR, --editor EDITOR
- The $EDITOR that is used for all interactive commands.
- -E ENVIRONMENT, --environment ENVIRONMENT
- The name of the environment. When this option is added to a command, the command will run only against the named environment.
- -F FORMAT, --format FORMAT
- The output format: summary (default), text, json, yaml, and pp.
- -h, --help
- Shows help for the command.
- -k KEY, --key KEY
- The private key that Knife will use to sign requests made by the API client to the server.
- --[no-]color
- Indicates whether colored output will be used.
- --print-after
- Indicates that data will be shown after a destructive operation.
- -s URL, --server-url URL
- The URL for the server.
- -u USER, --user USER
- The user name used by Knife to sign requests made by the API client to the server. Authentication will fail if the user name does not match the private key.
- -V, --verbose
- Set for more verbose outputs. Use -VV for maximum verbosity.
- -v, --version
- The version of the chef-client.
- -y, --yes
- Indicates that the response to all confirmation prompts will be "Yes" (and that Knife will not ask for confirmation).
- -z, --local-mode
- Indicates that the chef-client will be run in local mode, which allows all commands that work against the server to also work against the local chef-repo.
CREATE¶
The create argument is used to create a user. This process will generate an RSA key pair for the named user. The public key will be stored on the server and the private key will be displayed on STDOUT or written to a named file.- •
- For the user, the private key should be copied to the system as /etc/chef/client.pem.
- •
- For Knife, the private key is typically copied to ~/.chef/client_name.pem and referenced in the knife.rb configuration file.
Syntax This argument has the following syntax:
$ knife user create USER_NAME (options)Options This argument has the following options:
- -a, --admin
- Indicates that a client will be created as an admin client. This is required when users of the open source server need to access the Chef Server API as an administrator. This option only works when used with the open source server and will have no effect when used with Enterprise Chef.
- -f FILE_NAME, --file FILE_NAME
- Indicates that the private key will be saved to a specified file name.
- -p PASSWORD, --password PASSWORD
- The user password.
- --user-key FILE_NAME
- All users are assigned a public key. Use to write the public key to a file.
Examples
$ knife user create "Radio Birdman" -f /keys/user_name
DELETE¶
The delete argument is used to delete a registered user. Syntax This argument has the following syntax:$ knife user delete USER_NAMEOptions This command does not have any specific options. Examples
$ knife user delete "Steve Danno"
EDIT¶
The edit argument is used to edit the details of a user. When this argument is run, Knife will open $EDITOR. When finished, Knife will update the server with those changes. Syntax This argument has the following syntax:$ knife user edit USER_NAMEOptions This command does not have any specific options. Examples None.
LIST¶
The list argument is used to view a list of registered users. Syntax This argument has the following syntax:$ knife user list (options)Options This argument has the following options:
- -w, --with-uri
- Indicates that the corresponding URIs will be shown.
Examples None.
REREGISTER¶
The reregister argument is used to regenerate an RSA key pair for a user. The public key will be stored on the server and the private key will be displayed on STDOUT or written to a named file.- Note
- Running this argument will invalidate the previous RSA key pair, making it unusable during authentication to the server.
$ knife user reregister USER_NAME (options)Options This argument has the following options:
- -f FILE_NAME, --file FILE_NAME
- Indicates that the private key will be saved to a specified file name.
Examples
$ knife user reregister "Robert Younger"
SHOW¶
The show argument is used to show the details of a user. Syntax This argument has the following syntax:$ knife user show USER_NAME (options)Options This argument has the following options:
- -a ATTR, --attribute ATTR
- The attribute (or attributes) to show.
Examples To view a user named "Dennis Teck", enter:
$ knife user show "Dennis Teck"to return something like:
chef_type: user json_class: Chef::User name: Dennis Teck public_key:To view information in JSON format, use the -F common option as part of the command like this:
$ knife user show "Dennis Teck" -F json(Other formats available include text, yaml, and pp, e.g. -F yaml for YAML.)
AUTHOR¶
Chef| Chef 11.10.0 |