Skip to content

Administrate Security


With PLOSSYS CLI you can:

This page gives you a short breakdown of the avaliable security commands. For in-depth description, refer to the use cases listed above.


Requirements

For the requirements for using PLOSSYS CLI, refer to PLOSSYS CLI.


Commands

Usage: plossys security [options] [command]

Options:
  -V, --version               output the version number
  --consul <value>            consul url (https://localhost:8500) (default: "https://localhost:8500")
  --insecure                  accept invalid https certificate from Consul server
  --token <value>             ACL token used to access Consul's key-/value store
  --verbose                   Verbose mode. It prints detailed messages.
  -h, --help                  display help for command

Commands:
  createApiKey <remoteSite>   Creates and shows the authentication codes (Api Key, Decryption Secret, 
                              IV and Encrypted Api Key) for the mainland and the specified remote site. 
                              If the Decryption Secret already exists, it just shows the codes for the remote site.
  createPwdSecret [options]   Creates a new secret for encoding passwords.
  encryptPwd [options] <pwd>  Encrypts the given password using the secret from the specified file or 
                              the secret provided as an option.
  help [command]              display help for command

For all commands, pipe | can be used with the output but needs to be escaped by -, e. g. -|.


createApiKey

createApiKey creates and shows the authentication codes (Api Key, Decryption Secret, IV and Encrypted Api Key) for the mainland and the specified remote site. If the Decryption Secret already exists, it just shows the codes for the remote site. For more information, refer to Create API Keys for Remote Site Clients.

Usage: plossys security createApiKey [options] <remoteSite>

Arguments:

  • remoteSite: the unique name of the remote site

Example:

  • plossys security createApiKey Alabasta --insecure > alabasta.txt

    Creates an API key and exports it into a file


createPwdSecret

createPwdSecret creates a new secret for encoding passwords. The secret is either printed to the console or saved to a file.

Usage: plossys security createPwdSecret [--secretFile <fileName> ]

Options:

  • --secretFile Name of file to save secret to, optional

Examples:

  • plossys security createPwdSecret

    prints a new secret ot console, like "6ad58d51dcee6518f044ffbdd5d03d37".

  • plossys security createPwdSecret --secretFile secret.json

    Save the secret as JSON to the file secret.json.

Hint - environment keys SECRET and SECRET_FILE

For storing the secret, the two environment keys SECRET and SECRET_FILE are available. The Output Engine services will need one of those to decrypt the used passwords.


encryptPwd

encryptPwd encrypts the given password using the secret from the specified file or the secret provided as an option

Usage: plossys security encryptPwd [options] <pwd>

Arguments:

  • pwd: the pasword to encrypt.

Options:

  • --secretFile <fileName> JSON file containing the secret
  • --secret <secret> Secret used for encryption

Either --secretFile or --secret must be provided.

Examples:

  • plossys security encryptPwd myPassword --secret 6ad58d51dcee6518f044ffbdd5d03d37

    Prints the encrypted password on console, like "381e3f31a28e9a477bb3f80dcdb4bdba8bdef26f0c71fc15"

  • plossys security encryptPwd myPassword --secretFile secret.json

    Reads secret from file and prints the encrypted password on console, like "381e3f31a28e9a477bb3f80dcdb4bdba8bdef26f0c71fc15"

Hint - environment keys SECRET and SECRET_FILE

Before encrypting a password, check whether a SECRET or SECRET_FILE has already been specified. The decryption only works with the correct secret.


help

help displays the help for the command.

Usage: plossys ssecurity help [command]


Back to top