Administrate Security¶
With PLOSSYS CLI you can:
-
Encrypt passwords used for Access to SAP oData Print API or SAP Spool for Windows or Linux
This page gives you a short breakdown of the avaliable security commands. For in-depth description, refer to the use cases listed above.
Requirements¶
For the requirements for using PLOSSYS CLI, refer to PLOSSYS CLI.
Commands¶
Usage: plossys security [options] [command]
Options:
-V, --version output the version number
--consul <value> consul url (https://localhost:8500) (default: "https://localhost:8500")
--insecure accept invalid https certificate from Consul server
--token <value> ACL token used to access Consul's key-/value store
--verbose Verbose mode. It prints detailed messages.
-h, --help display help for command
Commands:
createApiKey <remoteSite> Creates and shows the authentication codes (Api Key, Decryption Secret,
IV and Encrypted Api Key) for the mainland and the specified remote site.
If the Decryption Secret already exists, it just shows the codes for the remote site.
createPwdSecret [options] Creates a new secret for encoding passwords.
encryptPwd [options] <pwd> Encrypts the given password using the secret from the specified file or
the secret provided as an option.
help [command] display help for command
For all commands, pipe |
can be used with the output but needs to be escaped by -
, e. g. -|
.
createApiKey¶
createApiKey
creates and shows the authentication codes (Api Key, Decryption Secret, IV and Encrypted Api Key) for the mainland and the specified remote site. If the Decryption Secret already exists, it just shows the codes for the remote site. For more information, refer to Create API Keys for Remote Site Clients.
Usage: plossys security createApiKey [options] <remoteSite>
Arguments:
remoteSite
: the unique name of the remote site
Example:
-
plossys security createApiKey Alabasta --insecure > alabasta.txt
Creates an API key and exports it into a file
createPwdSecret¶
createPwdSecret
creates a new secret for encoding passwords. The secret is either printed to the console or saved to a file.
Usage: plossys security createPwdSecret [--secretFile <fileName> ]
Options:
--secretFile
Name of file to save secret to, optional
Examples:
-
plossys security createPwdSecret
prints a new secret ot console, like "6ad58d51dcee6518f044ffbdd5d03d37".
-
plossys security createPwdSecret --secretFile secret.json
Save the secret as JSON to the file
secret.json
.
Hint - environment keys SECRET
and SECRET_FILE
For storing the secret, the two environment keys SECRET
and SECRET_FILE
are available. The Output Engine services will need one of those to decrypt the used passwords.
encryptPwd¶
encryptPwd
encrypts the given password using the secret from the specified file or the secret provided as an option
Usage: plossys security encryptPwd [options] <pwd>
Arguments:
pwd
: the pasword to encrypt.
Options:
--secretFile <fileName>
JSON file containing the secret--secret <secret>
Secret used for encryption
Either --secretFile
or --secret
must be provided.
Examples:
-
plossys security encryptPwd myPassword --secret 6ad58d51dcee6518f044ffbdd5d03d37
Prints the encrypted password on console, like "381e3f31a28e9a477bb3f80dcdb4bdba8bdef26f0c71fc15"
-
plossys security encryptPwd myPassword --secretFile secret.json
Reads secret from file and prints the encrypted password on console, like "381e3f31a28e9a477bb3f80dcdb4bdba8bdef26f0c71fc15"
Hint - environment keys SECRET
and SECRET_FILE
Before encrypting a password, check whether a SECRET
or SECRET_FILE
has already been specified. The decryption only works with the correct secret.
help¶
help
displays the help for the command.
Usage: plossys ssecurity help [command]