NAME

nethsm-key - Operate on the keys of a device

SYNOPSIS

DESCRIPTION

Operate on the keys of a device

Supports all relevant cryptographic operations (decrypt, encrypt, sign), certificate handling, importing, generation and ACL management.

Keys may exist in specific scopes: system-wide or in namespaces (see "nethsm namespace"). While system-wide users only have access to system-wide keys, namespaced users only have access to keys in their own namespace.

OPTIONS

-a, --auth-passphrase-file=AUTH_PASSPHRASE_FILE

The path to a file containing a passphrase for authentication

The passphrase provided in the file must be the one for the user chosen for the command.

This option can be provided multiple times, which is needed for commands that require multiple roles at once. With multiple passphrase files ordering matters, as the files are assigned to the respective user provided by the "--user" option.

May also be specified with the NETHSM_AUTH_PASSPHRASE_FILE environment variable.

-c, --config=CONFIG: The path to a custom configuration file
If specified, the custom configuration file is used instead of the default configuration file location.

May also be specified with the NETHSM_CONFIG environment variable.

-l, --label=LABEL: A label uniquely identifying a device in the configuration file
Must be provided if more than one device is setup in the configuration file.

May also be specified with the NETHSM_LABEL environment variable.

-u, --user=USER

A user name which is used for a command

Can be provided, if no user name is setup in the configuration file for a device. Must be provided, if several user names of the same target role are setup in the configuration file for a device.

This option can be provided multiple times, which is needed for commands that require multiple roles at once.

May also be specified with the NETHSM_USER environment variable.

-h, --help: Print help (see a summary with '-h')

SUBCOMMANDS

nethsm-key-cert(1): Operate on certificates for a key
nethsm-key-csr(1): Get a Certificate Signing Request for a key
nethsm-key-decrypt(1): Decrypt a message using a key
nethsm-key-encrypt(1): Encrypt a message using a key
nethsm-key-generate(1): Generate a new key
nethsm-key-get(1): Get information on a key
nethsm-key-import(1): Import a key
nethsm-key-list(1): List all key IDs
nethsm-key-public-key(1): Get the public key for a key
nethsm-key-remove(1): Remove a key
nethsm-key-sign(1): Sign a message using a key
nethsm-key-tag(1): Tag a key
nethsm-key-untag(1): Untag a key
nethsm-key-help(1): Print this message or the help of the given subcommand(s)

nethsm-key