vovsecurity
This program provides security key pair management functions for VOV.
vovsecurity : Usage Message
vovsecurity ACTION {OPTIONS}
vovsecurity - security and key related management commands:
This program provides security key management functions for VOV.
ACTIONS:
keygen Generate a new VOV security key pair and store them in
~/.vov/userkey
getkey Read your VOV public key from ~/.vov/userkey and print to
stdout
getserverkey Show the VOV server public key
addkey Add a user's public key to vovserver
delkey Delete user key from vovserver
listkeys List user's public keys currently registered on vovserver
gettoken Get a token for a given security level and duration
OPTIONS:
-f <filename>
Filename to read or write for API keys.
The default is ~/.vov/userkey
-kv <keyval> Value of public key to add or delete
-kd <keydes> Human readable description of key being added
-sl <securitylevel>
Security level for token
-du <duration>
Duration for token
-y Don't prompt when overwriting existing file
-v Enable verbosity
-a List public keys for all users. Only valid for admins
-stdout Print key to stdout
-u <username>
Specify user whose key you wish to delete. Only valid for
admins
-h Show brief usage
EXAMPLES:
% vovsecurity keygen
% vovsecurity keygen -f keyfile.txt -y
% vovsecurity getkey
% vovsecurity getserverkey
% vovsecurity addkey
% vovsecurity addkey -kv KEYVAL -kd 'My New Key'
% vovsecurity delkey -kv KEYVAL
% vovsecurity delkey -kv KEYVAL -u USERID
% vovsecurity listkeys
% vovsecurity listkeys -a
% vovsecurity listkeys -u USERID
% vovsecurity gettoken -sl SECURITYLEVEL -du DURATIONExamples
| Action | Command |
|---|---|
| Generates a public/private key pair and tries to write to $HOME/.vov/userkey. If the file already exists, you will be asked whether to overwrite the existing file. Overwriting your key file means that the previous keypair stored there will no longer be usable, and thus rendering storage of that public key on any vovserver instances as useless. |
|
| Generates a public/private keypair and writes it into a separate key file named keyfile.txt. |
|
| Reads $HOME/.vov/userkey and echos the public key back to the console. |
|
| Retrieves the public key for the current project. The vovserver’s public key is written in $VOVDIR/local/registry/[system-nc | system-wx | system-lm] folders respectively. Currently, FlowTracer and Allocator projects do not support the system registry. |
|
| Adds a new public key to vovserver, associated with the current user. Interactively prompts for the key value and the key description on the terminal, in addition to the user’s password in order to perform password based authentication. |
|
| Adds a new public key to vovserver associated with the current user. Interactively prompts for the user’s password in order to perform username/password authentication with vovserver. If VOV_PASSWORD is set, the value of this environment variable will be used, and no prompts will be made. |
|
| Deletes a key belonging to the current user. Interactively prompts for the user’s password in order to perform username/password authentication with vovserver. If VOV_PASSWORD is set, the value of this environment variable will be used, and no prompts will be made. |
|
| For users with ADMIN security access on the project, keys belonging to other users can be deleted using this variation. |
|
| Lists all the current user’s public keys which vovserver has stored. Interactively prompts for the user’s password in order to perform username/password authentication with vovserver. If VOV_PASSWORD is set, the value of this environment variable will be used, and no prompts will be made. |
|
| For users with ADMIN access to the project, list all public keys stored in vovserver for the project. Interactively prompts for the user’s password in order to perform username/password authentication with vovserver. If VOV_PASSWORD is set, the value of this environment variable will be used, and no prompts will be made. |
|