List of Key-Management Actions
Following table lists key management actions available through the Key Manager GUI. It lists the name of the action, its corresponding command-line client command, and a brief description of what the action does.
Unless otherwise stated, you can perform actions on objects via the following pages of the Key Manager GUI:
-
Users: User Keys→Users
-
Authorized keys: User Keys→Authorized Keys
-
Private keys: User Keys→Private Keys
-
Authorizations: User Keys→Authorizations
Table 10.1. Key-Management Actions
| Action | Command-line client command | Description |
|---|---|---|
| Add Authorization From/To | add-\authorizations | Add the selected user(s) to the list of authorization sources or destinations on the Home→Add Authorizations page. For more information about adding authorizations, see Adding Authorizations |
| Approve | approve-\authorized-keysapprove-private-\keys | Convert appeared authorized or private keys to present keys to signify that the key in question has been reviewed and approved as a trusted key in the managed environment. |
| Blacklist | blacklist-\authorized-keys | The target authorized or private key(s), and any key with corresponding fingerprint(s) are automatically deleted, and entries matching to these keys are marked as blacklisted. For more information about blacklisting, see Blacklisting User Keys. |
| Edit Custom Fields | modify-\authorized-keymodify-private-\keymodify-user | Associate custom phrases to target user keys, authorizations and users, which helps searching and managing them. |
| Export Public Key | list-authorized-\keyslist-private-keys | For a public key, display the target-key data. For a private key, display the data of its associated public key. For more information about exporting public key data, see Exporting Public-Key Data. |
| Forget Passphrase | forget-private-\key-passphrase | Remove target private key(s') passphrase(s) from Key Manager. For more information about managing passphrases, see Managing User-Key Passphrases. |
| Manage | manage-authorized\-keysmanage-private-\keys | Convert legacy keys, and unmanaged keys to managed keys to signify that the key in question has been reviewed and approved as a trusted key in the managed environment. Note When you convert a user key to a managed key, all keys with the same fingerprint are also converted to the managed state. This includes both the private and the corresponding authorized keys. |
| Provide Passphrase | provide-private-\key-passphrase | Provide an unknown passphrase of a private key to be stored by the Key Manager. For more information about managing passphrases, see Managing User-Key Passphrases. |
| Register External Private Key | register-external\-private-key | Manually add information to an authorization with an unknown private-key component. Key Manager creates an external-private-key entry based on the provided information and associates it to the authorization entries that share the same fingerprint. |
| Remove | remove-authorized\-keysremove-private-\keys | Remove the target user key(s). |
| Renew | renew-private-keys | Replace selected private key(s) and all corresponding authorized keys with newly generated keys as soon as possible. For more information about key renewal, see Renewing Authorizations. |
| Restore | restore-\authorized-keysrestore-private-\keys | Restore removed or missing authorized keys, and removed private keys. Removed private keys can only be restored if you have enabled private-key backups. For more information about backup settings, see Host Settings. |
| Rollback | Revert user-key changes caused by key-management actions, as well as changes detected via host scans. For more information, see Roll Back Changes to User Keys. | |
| Set Label | label-host-keyslabel-authorized-\keyslabel-fingerprintslabel-private-keys | Give a label to the target key(s) or authorization(s). Maximum length 100 characters. |
| Set Notes | Add notes to target key(s). | |
| Set Options | add-authorized-\key-optionsremove-authorized\-key-optionsset-authorized-\key-optionsupdate-authorized\-key-options | Specify options such as where authorizations can be used from, and what the authorization can be used to run. This can be performed on authorized keys. For more information about setting options, see Setting Options for Authorized Keys |
| Set Passphrase | set-private-key-\passphrase | Give the selected private key a passphrase in Key Manager. For more information about managing passphrases, see Managing User-Key Passphrases. |
| Set Validity | Set the validity period of the selected authorized key(s). | |
| Show Passphrase | Display the target private-key passphrase. | |
| Sign-off: Accept/Reject | signoff-accept-\authorized-keysignoff-reject-\authorized-key | Perform signoff and accept or reject the target user key(s). For more information about the key-sign workflow, see the PrivX Key Manager User Portal Manuals |
| Tag | tag-userstag-authorized-\keystag-private-keysuntag-usersuntag-authorized-\keysuntag-private-keys | Add or remove tags from users and user keys, for search and management purposes. |
| View Audit History | View audit-event logs related to the target user, key or authorization. For more information about audit events, see Auditing, Alerting, and Reporting. |