About knife user subcommand

Introduction

A knife is a command-line tool connecting the Chef Infra Server and a local chef-repo. The knife is an integral part of the Chef's Workstation. It is a command-line tool.

It acts as an interface between the Chef Infra Server and a local chef-repo.

The knife has many functionalities. It allows the user to manage the following things: Knife helps users to manage:

• Cookbooks and recipes
• Nodes
• Searching for indexed data on the Chef Infra Server
• Resources that are within different cloud environments
• Roles, Environments, and Data Bags

About Knife User

The knife user subcommand is used for managing the list of users and the associated public key pairs with them. It has a plethora of options and plugins available like create, delete, key create, key delete, etc. We are going to look at very popular plugins and subcommands.

Create

The create argument is used to create a new user. The public key will be saved on the Chef Infra Server, whereas the private key will be shown on STDOUT or it can also be written to a named file. And for the named user this process will create an RSA pair key.

1. The private key will be copied to the system as given below: /etc/chef/client.pem.
2. For knife, the private key is copied to ~/.chef/client_name.pem, referenced in the config.rb configuration file.
    

Syntax 

The syntax is given below: 

knife user create USERNAME FIRST_NAME LAST_NAME DISPLAY_NAME EMAIL PASSWORD 

Options 

This has the options given below: 

• Save a private key to the particular file name.
  --file FILE, -f FILE
   
• The user password.
  --password PASSWORD
   
• The path to a file that has the public key.
  --user-key FILENAME
   
• To prevent Chef Infra Server from generating a default key pair for you. It cannot be passed with –user-key.
  -k, --prevent-keygen
   
• The first name of the user
  --first-name FIRST_NAME
   
• The last name of the user
  --last-name LAST_NAME
   
• Email for the user
  --email EMAIL
   
• Prompt for user password
  --prompt-for-password, -p
   

Delete

Use the above command to delete a registered user.

Syntax 

This argument has the following syntax:

knife user delete User_Name

Options 

• Don’t disassociate the user first
  --no-disassociate-user, -d
   
• If the given user is a member of any admin groups(org), attempt to remove them from those groups.
  --remove-from-admin-groups, -R

Edit 

Use this command to edit the user's details. The knife will open the editor when this argument is run. Chef Infra Server will be updated by knife with all the changes once updated all the things.

Syntax 

This argument has the following syntax:

knife user edit UserName

Options 

• Name of file to use for POST and PUT
  ---i FILENAME, input FILENAME
   
• To Write private key to FILENAME
  -- -f FILENAME, filename FILENAME

List

Use the above command to show a list of all registered users.

Syntax 

This argument has the following syntax:

knife user list

Options 

• Show corresponding URIs. 
  -w, --with-uri,

Password 

Use the above command for managing passwords and authentication for a user.

Syntax 

This argument has the following syntax:

knife user password USE [PASSWORD] 

Options 

• To Enable external authentication for this user (such as LDAP).
  --enable_external_auth

Key Create 

Use the key to create an argument to create a public key.

Syntax 

This argument has the following syntax:

knife user key create USER_NAME (options)

Options 

This argument has the following options:

• The expiration date for the public key is specified as a formatted string: 
  -e DATE, --expiration-date DATE (YYYY-MM-DD HH:MM:SS) 
   
• Save a private key to the particular file name.
  -f FILE, --file FILE
   
• The name of the public key.
  --key-name FILE_NAME, -k FILE_NAME 

Key Delete 

Use the above argument to delete a public key.

Syntax 

This argument has the following syntax:

knife user key delete USER_NAME KEY

Key List 

Use the above command to show the named user's public keys.

Syntax 

knife user key list USERNAME (of any given option)

Options 

This argument has the following options:

• To show a list of public keys that have expired.
  --only-expired, -e
   
• To show a list of public keys that have yet to expire.
  --only-non-expired,-n
   
• To show a list of public keys, including expiration status and URIs.
  --with-details, -w

Key Show 

Use the above command to view details for a particular public key.

Syntax 

knife user key show USERNAME KEY_NAME

List 

Use the above argument to view a list of registered users.

Syntax 

This argument has the following syntax:

knife user list (options)

Options 

This argument has the following options:

• Show the corresponding URIs.
  -w, --with-uri

Reregister 

Use the above argument to regenerate an RSA key pair for a user.

Syntax 

This argument has the following syntax:

knife user reregister USER_NAME (options)

 
Options 

This argument has the following options:

• Save a private key to the specified file name. 
  -f FILE_NAME, --file FILE_NAME

Show 

Use the show argument to show the details of a user.

Syntax 

This argument has the following syntax:

knife user show USER_NAME (options)

Options 

This argument has the following options:

• Show the organizations of which the user is a member.
  --with-orgs, -l