p4 pubkey (graph)
Add, update, or delete an SSH public key on the Helix Server.
For depots of type graph
only.
Syntax
p4 [g-opts] pubkey -i [-u user] [-s scope] [-f]
p4 [g-opts] pubkey -d -u user | -s scope
Description
The user or the administrator uses this command to:
- upload a user’s public SSH key onto the server
- force an update of the user’s key that overwrites the old key
- delete a user’s key
Scope
When you upload a user’s public SSH key onto the server, if you do not
specify an explicit scope, the key gets default
as its implicit scope name.
If a user has more than one computer, and thus more than one SSH key, we
recommend that you assign an explicit scope
name for each
key. A typical scope name might be a physical location, such as
home
or office
, or a computer name, such as
server1
, macintosh_laptop
, or
Windows_desktop
.
When you delete a key associated with the specified user, if you do not
specify an explicit scope, this command deletes the key with the implicit default
scope.
You cannot update the scope, but you can delete the key and generate a new key with whatever scope you want.
To get a listing of all the keys and scopes for a specific user, see
the p4 pubkeys
topic,
Examples.
Prerequisite for a user to upload a key
The prerequisite to being able to upload a SSH public key on the
Helix Server is to have, at a minimum, the list
access to a
filename in the protections table. Let us assume that the Helix Server administrator wants the protections table to provide only this minimum
access.
As super user, the administrator issues the p4 protect
command, which
opens the Protections
form.
The administrator fills out the Protections
form to specify
that members of a group named repoUsers
have
list
access to a specific file:
list group repoUsers * //depot/no-file.txt
Note that no-file.txt
does not need to be an actual file.
The administrator issues the p4 group
command with the repoUsers
group name:
$ p4 group repoUsers
In the Group Specification form, the administrator adds the names of the
users who belong to the repoUsers
group.
Options
|
Deletes the key for the specified user. If you do not specify a
scope, deletes the specified user’s key that has the
|
|
The |
|
Uploads the public SSH key from the location specified in a standard input redirect. |
|
Assigns a scope to this public key, which is useful if a given
user has more than one key. If you do not use this option to
specify a scope, the scope is set to |
-u username |
Administrators can associate the key with a specific user. Note
There is no check to validate whether the specified user actually exists. |
|
See Global options. |
Usage Notes
Can File Arguments Use Revision Specifier? | Can File Arguments Use Revision Range? | Minimal Access Level Required |
---|---|---|
N/A |
N/A |
super to update or delete someone else's pubkey, |
Examples
Upload with scope
The user indicates the location of the key with a standard input
redirect. A best practice is to provide an explicit scope that helps the
user identify which computer the key belongs to. The explicit scope also
ensures the user does not inadvertently overwrite the implicit scope,
which has default
as its implicit name.
p4 pubkey -i < path/to/your/.ssh/id_rsa.pub -s mac-laptop
The admin can upload the key for the user by including the
-u
username option.
p4 pubkey -i < path/to/your/.ssh/id_rsa.pub -u bruno -s mac-laptop
Force an update to an existing key
If a message appears that is similar to the following:
Public Key for 'bruno/mac-laptop' already exists, use '-f' to replace.
To force the overwrite of an existing key, include the -f
force option.
p4 pubkey -f -u bruno -s mac-laptop -i < path/to/your/.ssh/id_rsa.pub
Delete a key
To delete the SSH public key for the specified user and the
default
scope, which is implicit.
p4 pubkey -d -u bruno
To delete the SSH public key for the specified user and scope.
p4 pubkey -d -u bruno -s windows-laptop
Related Commands
To list the SSH public keys |