p4 pubkey (graph)
Add, update, or delete an SSH public key on the Helix Core Server.
For depots of type graph only.
Syntax
p4 [g-opts] pubkey -i [-u user] [-s scope] [-f]
p4 [g-opts] pubkey -d -u user | -s scope
Description
The user or the administrator uses this command to:
- upload a user’s public SSH key onto the server
- force an update of the user’s key that overwrites the old key
- delete a user’s key
Scope
When you upload a user’s public SSH key onto the server, if you do not
specify an explicit scope, the key gets default as its implicit scope name.
If a user has more than one computer, and thus more than one SSH key, we
recommend that you assign an explicit scope name for each
key. A typical scope name might be a physical location, such as
home or office, or a computer name, such as
server1, macintosh_laptop, or
Windows_desktop.
When you delete a key associated with the specified user, if you do not
specify an explicit scope, this command deletes the key with the implicit default scope.
You cannot update the scope, but you can delete the key and generate a new key with whatever scope you want.
To get a listing of all the keys and scopes for a specific user, see
the p4 pubkeys topic,
Examples.
Prerequisite for a user to upload a key
The prerequisite to being able to upload a SSH public key on the
Helix Core Server is to have, at a minimum, the list access to a
filename in the protections table. Let us assume that the Helix Core Server administrator wants the protections table to provide only this minimum
access.
As super user, the administrator issues the p4 protect command, which
opens the Protections form.
The administrator fills out the Protections form to specify
that members of a group named repoUsers have
list access to a specific file:
list group repoUsers * //depot/no-file.txt
Note that no-file.txt does not need to be an actual file.
The administrator issues the p4 group command with the repoUsers group name:
p4 group repoUsers
In the Group Specification form, the administrator adds the names of the
users who belong to the repoUsers group.
Options
|
|
Deletes the key for the specified user. If you do not specify a
scope, deletes the specified user’s key that has the
|
|
|
The |
|
|
Uploads the public SSH key from the location specified in a standard input redirect. |
|
|
Assigns a scope to this public key, which is useful if a given
user has more than one key. If you do not use this option to
specify a scope, the scope is set to |
|
-u username |
Administrators can associate the key with a specific user. Note
There is no check to validate whether the specified user actually exists. |
|
|
See Global options. |
Usage notes
| Can File Arguments Use Revision Specifier? | Can File Arguments Use Revision Range? | Minimal Access Level Required |
|---|---|---|
|
N/A |
N/A |
super to update or delete someone else's pubkey, |
Examples
Upload with scope
The user indicates the location of the key with a standard input
redirect. A best practice is to provide an explicit scope that helps the
user identify which computer the key belongs to. The explicit scope also
ensures the user does not inadvertently overwrite the implicit scope,
which has default as its implicit name.
p4 pubkey -i < path/to/your/.ssh/id_rsa.pub -s mac-laptop
The admin can upload the key for the user by including the
-uusername option.
p4 pubkey -i < path/to/your/.ssh/id_rsa.pub -u bruno -s mac-laptop
Force an update to an existing key
If a message appears that is similar to the following:
Public Key for 'bruno/mac-laptop' already exists, use '-f' to replace.
To force the overwrite of an existing key, include the -f
force option.
p4 pubkey -f -u bruno -s mac-laptop -i < path/to/your/.ssh/id_rsa.pub
Delete a key
To delete the SSH public key for the specified user and the
default scope, which is implicit.
p4 pubkey -d -u bruno
To delete the SSH public key for the specified user and scope.
p4 pubkey -d -u bruno -s windows-laptop
Related commands
|
To list the SSH public keys |
