Command Line Interface
- Olivier Michaut
- IT Stonebranch
Overview
The UDMG Command Line Interface (CLI) is implemented by the waarp-gateway client.
In addition to what is supported by the original version of the waarp-gateway v0.6.2 client, the following commands have been added for UDMG:
sb_pgp: PGP Key Managementsb_audit: Audit Management
Authentication
Only Local User Account authentication is supported for the CLI. LDAP authentication is only used for the Graphical User Interface.
See Waarp Gateway Client Connection Settings on how to give the credentials.
Note
The connection settings are already configured on the UDMG terminal environment.
PGP Key Management
PGP key records can be stored in the UDMG database and retrieved with the CLI or the REST API to be used by scripts or by Universal Controller tasks without having to keep them in a local keyring.
Both private and public PGP keys can be stored in the database with AES encryption.
Add key
waarp-gateway sb_pgp add
Adds a new pgp key with the given parameters.
| short option | long option | description |
|---|---|---|
| -n | --name= | The name of the key, must be unique. |
| -u | --pgp-name= | The key user name. |
| -e | --pgp-email= | The associated email. |
| -a | --pgp-algo= | The algorithm that was used for creating the key (free text, for reference). |
| -f | --valid-from= | The valid from date |
| -t | --valid-to= | The expiration date |
| -k | --private-key= | The private key. It must be in ascii armored format. |
| -K | --public-key= | The public key. It must be in ascii armored format. |
| -p | --passphrase= | The passphrase of the private key. |
| -c | --comment= | An additional comment to describe the pgp key. |
Example
To create a public pgp key from a file containing the key that was given by a partner, the syntax is as follows:
waarp-gateway sb_pgp add --name=rhelsec --pgp-name="Red Hat, Inc. (Product Security)" --pgp-email="secalert@redhat.com" --pgp-algo="4096R" --comment="https://access.redhat.com/security/team/contact" --public-key="$(cat dce3823597f5eac4.txt)"
List keys
waarp-gateway sb_pgp list
Displays a list of all keys meeting the criteria below.
| short option | long option | description |
|---|---|---|
| -l | --limit= | The maximum number of keys allowed in the response. Set to 20 by default. |
| -o | --offset= | Index of the first returned entry (default: 0). |
| -s | --sort=[name+|name-] | The setting and order in which keys will be displayed. The possible choices are:
|
Example
waarp-gateway sb_pgp list -l 10 -o 5 -s 'name+'
Get a key
waarp-gateway sb_pgp <key_name>
Retrieve a PGP key details. The private key content is not output on screen.
| short option | long option | description |
|---|---|---|
| -x | --export= | Export PGP Key to a file |
Example
To get the details for a PGP key:
waarp-gateway sb_pgp get test1.key
To get the details for a PGP key and extract the key contents:
waarp-gateway sb_pgp get -x test1.txt test1.key
With this example, two output files are produced:
test1.txt: content of the private key fieldtest1.txt.pub: content of the public key field
Delete a key
waarp-gateway sb_pgp delete <key_name>
Delete the given key.
Example
waarp-gateway sb_pgp delete test1.key
Audit Management
Audit records are automatically stored in the UDMG database after updates pertaining to configuration item: user, server, partner, rule and accounts.
List audit records
waarp-gateway sb_audit list
Displays a list of all audit records meeting the criteria below.
| short option | long option | description |
|---|---|---|
| -l | --limit= | The maximum number of records allowed in the response. Set to 20 by default. |
| -o | --offset= | Index of the first returned entry (default: 0). |
| -s | --sort=[id+|id-] | The setting and order in which records will be displayed. The possible choices are:
|
Example
waarp-gateway sb_audit list -l 10 -o 5 -s 'id+'
Get an audit record
waarp-gateway sb_audit get <id>
Retrieve an audit record details.
Example
To get the details for a PGP key:
waarp-gateway sb_pgp get 12