Does eyaml CLI have options to specify the private/public key paths?

343 views
Skip to first unread message

Larry Fast

unread,
Feb 6, 2014, 4:37:55 PM2/6/14
to puppet...@googlegroups.com
The default value for the private key path in the eyaml CLI is ./keys/private_key.pkcs7.pem.  Is there an CLI option to override the default?

james.e...@fasthosts.com

unread,
Feb 7, 2014, 4:19:37 AM2/7/14
to puppet...@googlegroups.com
On Thursday, 6 February 2014 21:37:55 UTC, Larry Fast wrote:
The default value for the private key path in the eyaml CLI is ./keys/private_key.pkcs7.pem.  Is there an CLI option to override the default?

yep :)

$ eyaml --help
Hiera-eyaml is a backend for Hiera which provides OpenSSL encryption/decryption for Hiera properties

Usage:
  eyaml [options] 
  eyaml -i file.eyaml       # edit a file
  eyaml -e -s some-string   # encrypt a string
  eyaml -e -p               # encrypt a password 
  eyaml -e -f file.txt      # encrypt a file
  cat file.txt | eyaml -e   # encrypt a file on a pipe

Options:  
             --createkeys, -c:   Create public and private keys for use encrypting properties
                --decrypt, -d:   Decrypt something
                --encrypt, -e:   Encrypt something
               --edit, -i <s>:   Decrypt, Edit, and Reencrypt
              --eyaml, -y <s>:   Source input is an eyaml file
               --password, -p:   Source input is a password entered on the terminal
             --string, -s <s>:   Source input is a string provided as an argument
               --file, -f <s>:   Source input is a file
                      --stdin:   Source input is taken from stdin
     --encrypt-method, -n <s>:   Override default encryption and decryption method (default is PKCS7) (default: pkcs7)
             --output, -o <s>:   Output format of final result (examples, block, string) (default: examples)
              --label, -l <s>:   Apply a label to the encrypted result
                      --debug:   Be more verbose
                      --quiet:   Be less verbose
   --pkcs7-public-key, -k <s>:   Public key directory (default: ./keys/public_key.pkcs7.pem)
  --pkcs7-private-key, -r <s>:   Private key directory (default: ./keys/private_key.pkcs7.pem)
                --version, -v:   Print version and exit
                   --help, -h:   Show this message

Larry Fast

unread,
Feb 7, 2014, 5:38:50 AM2/7/14
to puppet...@googlegroups.com
Thanks James.  --help should have been blindingly obvious but it slipped my flu infested mind.  Cheers!  

Larry Fast

unread,
Feb 7, 2014, 11:28:38 AM2/7/14
to puppet...@googlegroups.com
And now I see why I hadn't found --help helpful.  In 2.0.0 eyaml --help does not give a dump of options.  You have to run eyaml <cmd> --help to see a list of options for that command.  Don't know if that's good or bad.  IMO it would be nice to see more information in top level help.
Reply all
Reply to author
Forward
0 new messages