user¶
Usages
passhport-admin user list
passhport-admin user search [<pattern>]
passhport-admin user show [<name>]
passhport-admin user create [((<name> <sshkey>) [--comment=<comment>])]
passhport-admin user edit [(<name> [--newname=<name>] [--newsshkey=<sshkey>] [--newcomment=<comment>])]
passhport-admin user delete [([-f | --force] <name>)]
list¶
passhport-admin target list affiche l'ensemble des users configurées.
Exemple :
admin@bastion:~$ passhport-admin user list
admin1@compagny.com
admin2@compagny.com
alice@compagny.com
bob@compagny.com
admin@bastion:~$
search¶
passhport-admin user search [<PATTERN>] cherche dans la liste des user un utilisateur dont le nom correspond au modèle <PATTERN>.
Exemple :
admin@bastion:~# passhport-admin user search admin
admin1@compagny.comi
admin2@compagny.com
admin@bastion:~#
Si aucun modèle (PATTERN), l'utilisateur entre en mode interactif.
Exemple :
admin@bastion:~# passhport-admin user search
Pattern: alice
alice@compagny.com
admin@bastion:~#
show¶
passhport-admin target show <NAME> affiche toutes les informations au sujet d'un user nommé <NAME>.
Exemple :
admin@bastion:~# passhport-admin user show alice@compagny.com
Email: alice@compagny.com
SSH key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDFOU5Saf+epkm79BeSniE7VtYMexJeL6BvXUsKUb7m8W4gnD3YTBW93uykO/6ovi9TfYdm+4nKQ9gUGUgzNyD8o7zW8w6wKogoL24UbJKmkZOCU1IgHJSt1QYIs/qHQZ2MR6S6K2f/1J1joYINPtGpQJ475OZfYQbP79fEdRdylupC8L+fvxkka4C0Uxj0I1VjDCVJCjO0md5oXzN75I2aw+RFWuiiL5P/gHRu+2iff2rdhebJZs4ux8u76LQLzYsG9a85Xlagw6N7/aXWnUZ/9gqoF/qVUHfS8ggesTwEJyNnY7EpPcKRUcwnlonn5CIS++Yo8iqjLd93RjFxShUqXlw9Cct4hdh/clW/QYsJRMfN9860mZ9v9dEitM2X1w8HCCD5NAHGqRRrtONM99kZRxmkCQ/Tb+jXvJ+VAl4qffuPPdxY+Bev7wygm4rVnjF2Ac5ioWb4Zd+zIb712VTQDQlRxsu73yWtHSodeSgPpgCWTjCwW/841QbPGkclnE6DKIwQ/vxC0ggSXouc5G6j0gHu90eQ24XL6Gurqr2C11w9saRyzrYRRlS0Ihkp3rMSteVcvrb1Qi4UGmJCHHSBhvP8jRFH4mbdkSGyzsxtjr8puJc8DiQ1UKG3O9X12m8nbOYeNdIofTw615k0YitoQ/60fdEELQyX+kNFQ2VoCw== alice@compagny.com
Comment:
Accessible target list:
Details in access:
Accessible directly:
Accessible through usergroups:
Accessible through targetgroups:
admin@bastion:~#
Si aucun modèle (PATTERN), l'utilisateur entre en mode interactif.
Exemple :
admin@bastion:~# passhport-admin user show
Name: alice@compagny.com
Email: alice@compagny.com
SSH key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDFOU5Saf+epkm79BeSniE7VtYMexJeL6BvXUsKUb7m8W4gnD3YTBW93uykO/6ovi9TfYdm+4nKQ9gUGUgzNyD8o7zW8w6wKogoL24UbJKmkZOCU1IgHJSt1QYIs/qHQZ2MR6S6K2f/1J1joYINPtGpQJ475OZfYQbP79fEdRdylupC8L+fvxkka4C0Uxj0I1VjDCVJCjO0md5oXzN75I2aw+RFWuiiL5P/gHRu+2iff2rdhebJZs4ux8u76LQLzYsG9a85Xlagw6N7/aXWnUZ/9gqoF/qVUHfS8ggesTwEJyNnY7EpPcKRUcwnlonn5CIS++Yo8iqjLd93RjFxShUqXlw9Cct4hdh/clW/QYsJRMfN9860mZ9v9dEitM2X1w8HCCD5NAHGqRRrtONM99kZRxmkCQ/Tb+jXvJ+VAl4qffuPPdxY+Bev7wygm4rVnjF2Ac5ioWb4Zd+zIb712VTQDQlRxsu73yWtHSodeSgPpgCWTjCwW/841QbPGkclnE6DKIwQ/vxC0ggSXouc5G6j0gHu90eQ24XL6Gurqr2C11w9saRyzrYRRlS0Ihkp3rMSteVcvrb1Qi4UGmJCHHSBhvP8jRFH4mbdkSGyzsxtjr8puJc8DiQ1UKG3O9X12m8nbOYeNdIofTw615k0YitoQ/60fdEELQyX+kNFQ2VoCw== alice@compagny.com
Comment:
Accessible target list:
Details in access:
Accessible directly:
Accessible through usergroups:
Accessible through targetgroups:
admin@bastion:~#
create¶
passhport-admin user create [((<name> <sshkey>) [--comment=<comment>])] crée un nouveau user
| Argument | Description |
|---|---|
| <name> | Nom du user à éditer |
| <sshkey> | La clef SSH du user (bien utiliser des apostrophes pour entourer la clé) |
| --comment | Commentaire concernant le user (optionnel) |
Exemple :
admin@bastion:~$ passhport-admin user create bob@compagny.com "ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAHTlnhl23T9NiHn06wWaDpT1aJqEY0aOW7E4dfu7kQJsmRqg2SWMld6H8Q+bggwCLSkRKubOWyoJkprAfwOP8OArAGPCIr9PeQfC581EVqaev/yJYbKwwPQEaHpiQoHMaBfsgA2BYS5cNVcrOpLk8nHgKSJGEcdYipbZZxqDrLaeX3lBA== bob@mydesktop"
OK: "bob@compagny.com" -> created
admin@bastion:~$
Si aucun argument n'est donné, l'utilisateur entre en mode interactif.
Exemple :
admin@bastion:~$ passhport-admin user create bob@compagny.com "ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAHTlnhl23T9NiHn06wWaDpT1aJqEY0aOW7E4dfu7kQJsmRqg2SWMld6H8Q+bggwCLSkRKubOWyoJkprAfwOP8OArAGPCIr9PeQfC581EVqaev/yJYbKwwPQEaHpiQoHMaBfsgA2BYS5cNVcrOpLk8nHgKSJGEcdYipbZZxqDrLaeX3lBA== bob@mydesktop"
OK: "bob@compagny.com" -> created
admin@bastion:~$ passhport-admin user create
Email (user name): john@ext-compagny.com
SSH Key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCs9YpOfP9vgViYa1SSntrydEBLGyWGAr9nvEjqHcMwHQb9JEmhIjvk1ctb8+Kns3/52F0hBrxic6k6UPvvvjbtJX33muFv5dd0k1W4lLcYe4ONTFwLOqCph4Is5r9lbZ5KXxhN/8YC/08jBJow0CoYdc+Yr7MlA51+tEQFwPbuB5vHMUteye0IgmaH9MLzXes/j5BUhnBjDscWVQSvNHY4/PKtHvIdvoI1uKAplstuHI6CDqnb0aJ5P9wME3P1lhRwcVDTm48/AMcfmpp5s+DwOmyDGfGXf+hE0cu7ulAkwHBhR6ciJJg1pz4DqraglxyVyrt+PFq6KDeV/7WwoNEP yann@mylaptop.com
Comment: John is a extern expert.
OK: "john@ext-compagny.com" -> created
admin@bastion:~$
edit¶
passhport-admin user edit [(<name> [--newname=<name>] [--newsshkey=<sshkey>] [--newcomment=<comment>])] édite un user existant.
| Argument | Description |
|---|---|
| <name> | Nom du user à éditer |
| --newname | Nouveau nom du user que l'on souhaite renommer (optionnel) |
| --newsshkey | La nouvelle clef SSH du user (bien utiliser des apostrophes pour entourer la clé) |
| --newcomment | Nouveau commentaire concernant le user (optionel) |
Exemple :
admin@bastion:~$ passhport-admin user edit john@ext-compagny.com --newname=john.doe@ext-compagny.com --newcomment="John is a extern expert, he'll be here until january 18th."
OK: "john@ext-compagny.com" -> edited
admin@bastion:~$
Si aucun argument n'est donné, l'utilisateur entre en mode interactif. Un tableau montrant l'ensemble des paramètre de configuration est d'abord affiché, puis, ligne par ligne, chaque argument modifiable est affiché. L'utilisateur peut conserver chaque paramètre présenté au dessus en appuyant sur "Entrer". La seule exception est pour le champs "comment" : si l'utilisateur souhaite enlever le commentaire, il tape alors "Entrer", puis il lui sera demandé s'il veut supprimer le commentaire, ou non.
Exemple :
admin@bastion:~$ passhport-admin user edit
Name of the user you want to modify: john.doe@ext-compagny.com
Email: john.doe@ext-compagny.com
SSH key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCs9YpOfP9vgViYa1SSntrydEBLGyWGAr9nvEjqHcMwHQb9JEmhIjvk1ctb8+Kns3/52F0hBrxic6k6UPvvvjbtJX33muFv5dd0k1W4lLcYe4ONTFwLOqCph4Is5r9lbZ5KXxhN/8YC/08jBJow0CoYdc+Yr7MlA51+tEQFwPbuB5vHMUteye0IgmaH9MLzXes/j5BUhnBjDscWVQSvNHY4/PKtHvIdvoI1uKAplstuHI6CDqnb0aJ5P9wME3P1lhRwcVDTm48/AMcfmpp5s+DwOmyDGfGXf+hE0cu7ulAkwHBhR6ciJJg1pz4DqraglxyVyrt+PFq6KDeV/7WwoNEP yann@mylaptop.com
Comment: John is a extern expert, he'll be here until january 18th.
Accessible target list:
Details in access:
Accessible directly:
Accessible through usergroups:
Accessible through targetgroups:
New name:
New SSH key:
New comment: John is a extern expert, he'll be here until february 2nd
OK: "john.doe@ext-compagny.com" -> edited
admin@bastion:~$
Comme montré ci-dessus, seule l'entrée "New comment" a été modifiée. Si une entrée est simplement remplie par "Entrer", la valeur précédente est conservée.
delete¶
passhport-admin target delete [([-f | --force] <name>)] supprime un user.
| Argument | Description |
|---|---|
| <name> | Nom du user à supprimer |
| -f ou --force | Si utilisé, aucune confirmation ne sera demandé à l'utilisateur |
Exemple :
admin@bastion:~$ passhport-admin user delete john.doe@ext-compagny.com
Email: john.doe@ext-compagny.com
SSH key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCs9YpOfP9vgViYa1SSntrydEBLGyWGAr9nvEjqHcMwHQb9JEmhIjvk1ctb8+Kns3/52F0hBrxic6k6UPvvvjbtJX33muFv5dd0k1W4lLcYe4ONTFwLOqCph4Is5r9lbZ5KXxhN/8YC/08jBJow0CoYdc+Yr7MlA51+tEQFwPbuB5vHMUteye0IgmaH9MLzXes/j5BUhnBjDscWVQSvNHY4/PKtHvIdvoI1uKAplstuHI6CDqnb0aJ5P9wME3P1lhRwcVDTm48/AMcfmpp5s+DwOmyDGfGXf+hE0cu7ulAkwHBhR6ciJJg1pz4DqraglxyVyrt+PFq6KDeV/7WwoNEP yann@mylaptop.com
Comment: John is a extern expert, he'll be here until february 2nd
Accessible target list:
Details in access:
Accessible directly:
Accessible through usergroups:
Accessible through targetgroups:
Are you sure you want to delete john.doe@ext-compagny.com? [y/N] y
OK: "john.doe@ext-compagny.com" -> deleted
admin@bastion:~$
Si aucun argument n'est donné, l'utilisateur entre en mode interactif.
Exemple :
admin@bastion:~$ passhport-admin user delete
Name: bob@compagny.com
Email: bob@compagny.com
SSH key: ecdsa-sha2-nistp521 AAAAE2VjZHNhLXNoYTItbmlzdHA1MjEAAAAIbmlzdHA1MjEAAACFBAHTlnhl23T9NiHn06wWaDpT1aJqEY0aOW7E4dfu7kQJsmRqg2SWMld6H8Q+bggwCLSkRKubOWyoJkprAfwOP8OArAGPCIr9PeQfC581EVqaev/yJYbKwwPQEaHpiQoHMaBfsgA2BYS5cNVcrOpLk8nHgKSJGEcdYipbZZxqDrLaeX3lBA== bob@mydesktop
Comment:
Accessible target list:
Details in access:
Accessible directly:
Accessible through usergroups:
Accessible through targetgroups:
Are you sure you want to delete bob@compagny.com? [y/N] y
OK: "bob@compagny.com" -> deleted
admin@bastion:~$