GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  KNIFE-SSL-CHECK (1)

NAME

knife-ssl-check - The man page for the knife ssl check subcommand. \$1 \n[an-margin] level \n[rst2man-indent-level] level margin: \n[rst2man-indent\n[rst2man-indent-level]] - \n[rst2man-indent0] \n[rst2man-indent1] \n[rst2man-indent2]

The knife ssl check subcommand is used to verify the SSL configuration for the Enterprise Chef and/or Open Source Chef servers, or at another location specified by a URL or URI.

WARNING: When verification of a remote server\(aqs SSL certificate is disabled, the chef-client will issue a warning similar to "SSL validation of HTTPS requests is disabled. HTTPS connections are still encrypted, but the chef-client is not able to detect forged replies or man-in-the-middle attacks." To configure SSL for the chef-client, set ssl_verify_mode to :verify_peer (recommended) or verify_api_cert to true in the client.rb file.

Syntax

This subcommand has the following syntax:


$ knife ssl check URI


Options

This subcommand has the following options:
-a SSH_ATTR, --attribute SSH_ATTR
  The attribute that is used when opening the SSH connection. The default attribute is the FQDN of the host. Other possible values include a public IP address, a private IP address, or a hostname.
-A, --forward-agent
  Use to enable SSH agent forwarding.
-c CONFIG_FILE, --config CONFIG_FILE
  The configuration file to use.
-C NUM, --concurrency NUM
  The number of allowed concurrent connections.
--chef-zero-port PORT
  The port on which chef-zero will listen.
--[no-]color
  Use to view colored output.
-d, --disable-editing
  Use to prevent the $EDITOR from being opened and to accept data as-is.
--defaults
  Use to have Knife use the default value instead of asking a user to provide one.
-e EDITOR, --editor EDITOR
  The $EDITOR that is used for all interactive commands.
-E ENVIRONMENT, --environment ENVIRONMENT
  The name of the environment. When this option is added to a command, the command will run only against the named environment.
-F FORMAT, --format FORMAT
  The output format: summary (default), text, json, yaml, and pp.
-G GATEWAY, --ssh-gateway GATEWAY
  The SSH tunnel or gateway that is used to run a bootstrap action on a machine that is not accessible from the workstation.
-h, --help Shows help for the command.
-i IDENTITY_FILE, --identity-file IDENTIFY_FILE
  The SSH identity file used for authentication. Key-based authentication is recommended.
-k KEY, --key KEY
  The private key that Knife will use to sign requests made by the API client to the Chef server.
-m, --manual-list
  Use to define a search query as a space-separated list of servers. If there is more than one item in the list, put quotes around the entire list. For example: --manual-list "server01 server 02 server 03"
--[no-]host-key-verify
  Use --no-host-key-verify to disable host key verification. Default setting: --host-key-verify.
OTHER The shell type. Possible values: interactive, screen, tmux, macterm, or cssh. (csshx is deprecated in favor of cssh.)
-p PORT, --ssh-port PORT
  The SSH port.
-P PASSWORD, --ssh-password PASSWORD
  The SSH password. This can be used to pass the password directly on the command line. If this option is not specified (and a password is required) Knife will prompt for the password.
--print-after
  Use to show data after a destructive operation.
-s URL, --server-url URL
  The URL for the Chef server.
SEARCH_QUERY
  The search query used to return a list of servers to be accessed using SSH and the specified SSH_COMMAND. This option uses the same syntax as the search sub-command.
SSH_COMMAND
  The command that will be run against the results of a search query.
-u USER, --user USER
  The user name used by Knife to sign requests made by the API client to the Chef server. Authentication will fail if the user name does not match the private key.
-v, --version
  The version of the chef-client.
-V, --verbose
  Set for more verbose outputs. Use -VV for maximum verbosity.
-x USER_NAME, --ssh-user USER_NAME
  The SSH user name.
-y, --yes Use to respond to all confirmation prompts with "Yes". Knife will not ask for confirmation.
-z, --local-mode
  Use to run the chef-client in local mode. This allows all commands that work against the Chef server to also work against the local chef-repo.

Examples

The following examples show how to use this Knife subcommand:

Verify the SSL configuration for the Chef server


$ knife ssl check


Verify the SSL configuration for the chef-client


$ knife ssl check -c /etc/chef/client.rb


Verify an external server\(aqs SSL certificate


$ knife ssl check URL_or_URI


for example:


$ knife ssl check https://www.getchef.com


CONTENTS

Author

AUTHOR

Chef
Search for    or go to Top of page |  Section 1 |  Main Index


KNIFE-SSL-CHECK (1) Chef 11.14

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.