cf-key(8)

make private/public key-pairs for CFEngine authentication

Section 8 cfengine3 bookworm source

Description

CF-KEY

NAME

cf-key - make private/public key-pairs for CFEngine authentication

SYNOPSIS

cf-key [OPTION]...

DESCRIPTION

The CFEngine key generator makes key pairs for remote authentication.

OPTIONS

--help, -h

Print the help message

--inform, -I

Print basic information about key generation

--debug, -d

Enable debugging output

--verbose, -v

Output verbose information about the behaviour of cf-key

--version, -V

Output the version of the software

--log-level, -g value

Specify how detailed logs should be. Possible values: ’error’, ’warning’, ’notice’, ’info’, ’verbose’, ’debug’

--output-file, -f value

Specify an alternative output file than the default.

--key-type, -T value

Specify a RSA key size in bits, the default value is 2048.

--show-hosts, -s

Show lastseen hostnames and IP addresses

--no-truncate, -N

Don’t truncate -s / --show-hosts output

--remove-keys, -r value

Remove keys for specified hostname/IP/MD5/SHA (cf-key -r SHA=12345, cf-key -r MD5=12345, cf-key -r host001, cf-key -r 203.0.113.1)

--force-removal, -x

Force removal of keys

--install-license, -l value

Install license file on Enterprise server (CFEngine Enterprise Only)

--print-digest, -p value

Print digest of the specified public key

--trust-key, -t value

Make cf-serverd/cf-agent trust the specified public key. Argument value is of the form [[USER@]IPADDR:]FILENAME where FILENAME is the local path of the public key for client at IPADDR address.

--color, -C value

Enable colorized output. Possible values: ’always’, ’auto’, ’never’. If option is used, the default value is ’auto’

--timestamp, -Ã

Log timestamps on each line of log output

--numeric, -n

Do not lookup host names

CFENGINE

CFEngine provides automated configuration management of large-scale computer systems. A system administrator describes the desired state of a system using CFEngine policy code. The program cf-agent reads policy code and attempts to bring the current system state to the desired state described. Policy code is downloaded by cf-agent from a cf-serverd daemon. The daemon cf-execd is responsible for running cf-agent periodically.
Documentation for CFEngine is available at https://docs.cfengine.com/.

PROMISE THEORY

CFEngine is built on principles from promise theory, proposed by Mark Burgess in 2004. Promise theory is a model of voluntary cooperation between individual, autonomous actors or agents who publish their intentions to one another in the form of promises. A promise is a declaration of intent whose purpose is to increase the recipient’s certainty about a claim of past, present or future behaviour. For a promise to increase certainty, the recipient needs to trust the promiser, but trust can also be built on the verification that previous promises have been kept, thus trust plays a symbiotic relationship with promises.
For an introduction to promise theory, please see http://arxiv.org/abs/0810.3294/

AVAILABILITY

cf-key is part of CFEngine.
Binary packages may be downloaded from https://cfengine.com/download/.
The source code is available at https://github.com/cfengine/

BUGS

Please see the public bug-tracker at https://tracker.mender.io/projects/CFE/.
GitHub pull-requests may be submitted to https://github.com/cfengine/core/.

SEE ALSO

cf-promises(8), cf-agent(8), cf-serverd(8), cf-execd(8), cf-monitord(8), cf-runagent(8), cf-key(8)

AUTHOR

Mark Burgess and Northern.tech AS