.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.TH nethsm-env-add-credentials 1  "nethsm-env-add-credentials " 
.SH NAME
nethsm\-env\-add\-credentials \- Add credentials for a device in the configuration
.SH SYNOPSIS
\fBnethsm env add credentials\fR [\fB\-p\fR|\fB\-\-passphrase\-file\fR] [\fB\-w\fR|\fB\-\-with\-passphrase\fR] [\fB\-a\fR|\fB\-\-auth\-passphrase\-file\fR] [\fB\-c\fR|\fB\-\-config\fR] [\fB\-l\fR|\fB\-\-label\fR] [\fB\-u\fR|\fB\-\-user\fR] [\fB\-h\fR|\fB\-\-help\fR] <\fINAME\fR> [\fIROLE\fR] 
.SH DESCRIPTION
Add credentials for a device in the configuration
.PP
By default credentials in the configuration file only contain user name and role.
In this scenario the passphrase of a user is prompted for interactively, once it is needed.
.PP
Optionally, it is possible to also persist a passphrase for a given user name to allow non\-interactive use.
This use is discouraged as it persists the passphrase in an unencrypted configuration file.
.SH OPTIONS
.TP
\fB\-p\fR, \fB\-\-passphrase\-file\fR=\fIPASSPHRASE_FILE\fR
The path to a file containing the passphrase
.RS
May also be specified with the \fBNETHSM_PASSPHRASE_FILE\fR environment variable. 
.RE
.TP
\fB\-w\fR, \fB\-\-with\-passphrase\fR
Whether to prompt for and store a passphrase for the user

The passphrase is persisted in the configuration file. Use with caution!
.RS
May also be specified with the \fBNETHSM_WITH_PASSPHRASE\fR environment variable. 
.RE
.TP
\fB\-a\fR, \fB\-\-auth\-passphrase\-file\fR=\fIAUTH_PASSPHRASE_FILE\fR
The path to a file containing a passphrase for authentication

The passphrase provided in the file must be the one for the user chosen for the command.

This option can be provided multiple times, which is needed for commands that require multiple roles at once.
With multiple passphrase files ordering matters, as the files are assigned to the respective user provided by the "\-\-user" option.
.RS
May also be specified with the \fBNETHSM_AUTH_PASSPHRASE_FILE\fR environment variable. 
.RE
.TP
\fB\-c\fR, \fB\-\-config\fR=\fICONFIG\fR
The path to a custom configuration file

If specified, the custom configuration file is used instead of the default configuration file location.
.RS
May also be specified with the \fBNETHSM_CONFIG\fR environment variable. 
.RE
.TP
\fB\-l\fR, \fB\-\-label\fR=\fILABEL\fR
A label uniquely identifying a device in the configuration file

Must be provided if more than one device is setup in the configuration file.
.RS
May also be specified with the \fBNETHSM_LABEL\fR environment variable. 
.RE
.TP
\fB\-u\fR, \fB\-\-user\fR=\fIUSER\fR
A user name which is used for a command

Can be provided, if no user name is setup in the configuration file for a device.
Must be provided, if several user names of the same target role are setup in the configuration file for a device.

This option can be provided multiple times, which is needed for commands that require multiple roles at once.

.RS
May also be specified with the \fBNETHSM_USER\fR environment variable. 
.RE
.TP
\fB\-h\fR, \fB\-\-help\fR
Print help (see a summary with \*(Aq\-h\*(Aq)
.TP
<\fINAME\fR>
The name of the user on the target device
.RS
May also be specified with the \fBNETHSM_USER_NAME\fR environment variable. 
.RE
.TP
[\fIROLE\fR]
The optional role of the user on the target device

One of ["Administrator", "Backup", "Metrics", "Operator"] (defaults to "Operator").
.RS
May also be specified with the \fBNETHSM_USER_ROLE\fR environment variable. 
.RE