table of contents
| CF-KEY(8) | System Manager's Manual | CF-KEY(8) |
NAME¶
cf-key - make private/public key-pairs for CFEngine authentication
SYNOPSIS¶
cf-key [OPTION]...
DESCRIPTION¶
The CFEngine key generator makes key pairs for remote authentication.
OPTIONS¶
- --help, -h
- Print the help message
- --inform, -I
- Print basic information about key generation
- --debug, -d
- Enable debugging output
- --verbose, -v
- Output verbose information about the behaviour of cf-key
- --version, -V
- Output the version of the software
- --log-level, -g value
- Specify how detailed logs should be. Possible values: 'error', 'warning', 'notice', 'info', 'verbose', 'debug'
- --output-file, -f value
- Specify an alternative output file than the default.
- --key-type, -T value
- Specify a RSA key size in bits, the default value is 2048.
- --show-hosts, -s
- Show lastseen hostnames and IP addresses
- --no-truncate, -N
- Don't truncate -s / --show-hosts output
- --remove-keys, -r value
- Remove keys for specified hostname/IP/MD5/SHA (cf-key -r SHA=12345, cf-key -r MD5=12345, cf-key -r host001, cf-key -r 203.0.113.1)
- --force-removal, -x
- Force removal of keys
- --install-license, -l value
- Install license file on Enterprise server (CFEngine Enterprise Only)
- --print-digest, -p value
- Print digest of the specified public key
- --trust-key, -t value
- Make cf-serverd/cf-agent trust the specified public key. Argument value is of the form [[USER@]IPADDR:]FILENAME where FILENAME is the local path of the public key for client at IPADDR address.
- --color, -C value
- Enable colorized output. Possible values: 'always', 'auto', 'never'. If option is used, the default value is 'auto'
- --timestamp, -Ò
- Log timestamps on each line of log output
- --numeric, -n
- Do not lookup host names
CFENGINE¶
CFEngine provides automated configuration management of
large-scale computer systems. A system administrator describes the desired
state of a system using CFEngine policy code. The program cf-agent
reads policy code and attempts to bring the current system state to the
desired state described. Policy code is downloaded by cf-agent from a
cf-serverd daemon. The daemon cf-execd is responsible for
running cf-agent periodically.
Documentation for CFEngine is available at https://docs.cfengine.com/.
PROMISE THEORY¶
CFEngine is built on principles from promise theory, proposed by
Mark Burgess in 2004. Promise theory is a model of voluntary cooperation
between individual, autonomous actors or agents who publish their intentions
to one another in the form of promises. A promise is a declaration of intent
whose purpose is to increase the recipient's certainty about a claim of
past, present or future behaviour. For a promise to increase certainty, the
recipient needs to trust the promiser, but trust can also be built on the
verification that previous promises have been kept, thus trust plays a
symbiotic relationship with promises.
For an introduction to promise theory, please see
http://arxiv.org/abs/0810.3294/
AVAILABILITY¶
cf-key is part of CFEngine.
Binary packages may be downloaded from https://cfengine.com/download/.
The source code is available at https://github.com/cfengine/
BUGS¶
Please see the public bug-tracker at
https://northerntech.atlassian.net/projects/CFE/.
GitHub pull-requests may be submitted to
https://github.com/cfengine/core/.
SEE ALSO¶
cf-promises(8), cf-agent(8), cf-serverd(8), cf-execd(8), cf-monitord(8), cf-runagent(8), cf-key(8)
AUTHOR¶
Mark Burgess and Northern.tech AS
| CFEngine | System Administration |