credentialz

package
v1.2.1 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 5, 2023 License: Apache-2.0 Imports: 9 Imported by: 7

README

gNSI.credentialz

Bootstrap / Assumptions

The gNSI.credentialz API allows for changing of the exisitng credentials only, therefore for it to work the credentials should be set up before any of the RPCs are executed.

The following files are expected to be created during the bootstrap process:

  • Certificate Authority's public key
    • required for certificate-based client authentication
    • used to check if the client's certificate is valid
  • target's certificate
    • required for remote (this) host authentication by the clients
    • presented to the clients who validate it using CA's public key
  • target's public key
    • always required
  • target's private key
    • always required
  • ${system_role_home}/.ssh/authorized_users file for every system account. This file contains a list of principals to validate against for access to the system account.
    • always required
    • used to authorize the username provided by a client to use this system account
  • ${system_role_home}/.ssh/authorized_keys file for every system account
    • always required
    • used to specify SSH keys that clients can use to use this system account

Console access authentication

There are two methods to configure a password:

  • directly on the device
  • using gNSI.credentialz API
Method 1: Directly on the device

To change password execute the following command after logging-in to the device using ssh or directly using a console (for example a RS232-based one or similar method):

$ echo "TeStP_w0rD" | passwd ${account} --stdin
$
Method 2: Using gNSI.credentialz API
  • Start streaming RPC call to the target device.
stream := RotateAccountCredentials()
  • Send a password change request message to the target device.
stream.Send(
    RotateAccountCredentialsRequest {
        password: PasswordRequest {
            accounts: Account {
                account: "user",
                password: Password {
                    value: {
                        plaintext: "password",
                    }
                },
                version: "v1.0",
                created_on: 3214451134,
            }
        }
    }
)

resp := stream.Receive()

  • Check if the new password 'works'

  • Finalize the operation

stream.Send(
    RotateAccountCredentialsRequest {
        finalize: FinalizeRequest {}
    }
)

SSH authentication

There are three authentication methods used with SSH:

  • password
  • public key
  • certificate
Method 1: Password-based

NOTE: The method is strongly discouraged.

Check out the "Console access authentication" section for information how to change account's password.

Method 2: Public key-based

In the case of public key based authentication users are authenticated by:

  • username
  • SSH public key

Provided username is checked against the list of known usernames that are stored in ${system_role_home}/.ssh/authorized_users file.

Provided credentials are checked with the known to the target device public keys that are stored in ${system_role_home}/.ssh/authorized_keys

Update the client's credentials
Update the client's authorized key
  • Start streaming RPC call to the target device.
stream := RotateAccountCredentials()
  • Send a authorized keys change request message to the target device.

NOTE: The current list of authorized keys will be replaced.

stream.Send(
    RotateAccountCredentialsRequest {
        credential: AuthorizedKeysRequest {
            credentials: AccountCredentials {
                account: "user",
                authorized_keys: AuthorizedKey {
                    authorized_key: "A....=",
                },
                authorized_keys: AuthorizedKey {
                    authorized_key: "A....=",
                },
                version: "v1.0",
                created_on: 3214451134,
            }
        }
    }
)

resp := stream.Receive()

  • Check if the new SSH keys 'work'

  • Finalize the operation

stream.Send(
    RotateAccountCredentialsRequest {
        finalize: FinalizeRequest {}
    }
)
Update the account's authorized username list
  • Start streaming RPC call to the target device.
stream := RotateAccountCredentials()
  • Send a authorized username list change request message to the target device.

NOTE: The current list of authorized usernames will be replaced.

stream.Send(
    RotateAccountCredentialsRequest {
        user: AuthorizedUsersRequest {
            policies: UserPolicy {
                account: "user",
                authorized_users: SshAuthorizedUser {
                    authorized_user: "alice",
                },
                authorized_users: SshAuthorizedUser {
                    authorized_user: "bob",
                },
                version: "v1.0",
                created_on: 3214451134,
            }
        }
    }
)

resp := stream.Receive()

  • Check if the new list of authorized usernames 'works'

  • Finalize the operation

stream.Send(
    RotateAccountCredentialsRequest {
        finalize: FinalizeRequest {}
    }
)
Update the host's keys with external keys
  • Start streaming RPC call to the target device.
stream := RotateHostCredentials()
  • Send a server's keys change request message to the target device. The bytes are expected to be base64 encoded.
stream.Send(
    RotateHostCredentialsRequest {
        server_keys: ServerKeysRequest {
            auth_artifacts: []AuthenticationArtifacts{
                private_key: []bytes("...."),
                certificate: []bytes("...."),
            },
            version: "v1.0",
            created_on: 3214451134,
        }
    }
)

resp := stream.Receive()

  • Check if the new keys 'work'

  • Finalize the operation

stream.Send(
    RotateHostCredentialsResponse {
        finalize: FinalizeRequest {}
    }
)
Update the host's keys with generated keys
  • Start streaming RPC call to the target device.
stream := RotateHostCredentials()
  • Send a server's keys change request message to the target device. The bytes are expected to be base64 encoded.
stream.Send(
    RotateHostCredentialsRequest {
        generate_keys: GenerateKeysRequest{
            key_params: KEY_GEN_SSH_KEY_TYPE_RSA_4096,
        }
    }
)
resp, err := stream.Receive()

  • Check if the new keys 'work'

  • Finalize the operation

stream.Send(
    RotateHostCredentialsResponse {
        finalize: FinalizeRequest {}
    }
)
Method 3: Certificate-based

In this method both ends of the connection present a certificate signed by the Certificate Authority. This method is better than the key-based one as both the client and the server can verify the credentials of the remote side.

For this method to work the target's server has to have configured:

  • Certificate Authority public key (certificate) of the CA that has signed the client's certificate
  • A SSH certificate singed by a Certificate Authority trusted by the client
  • server's public key

Similarly, the client has to have the following:

  • Certificate Authority public key (certificate) of the CA that has signed the servers's certificate
  • A SSH certificate singed by a Certificate Authority trusted by the server
  • client's public key
Update the CA certificate
  • Start streaming RPC call to the target device.
stream := RotateHostCredentials()
  • Send a CA certificate change request message to the target device.
stream.Send(
    RotateHostCredentialsRequest {
        ssh_ca_public_key: CaPublicKeyRequest {
            ssh_ca_public_keys: "A....=",
            version: "v1.0",
            created_on: 3214451134,
        }
    }
)

resp := stream.Receive()

  • Check if the new CA certificate 'works'

  • Finalize the operation

stream.Send(
    RotateHostCredentialsResponse {
        finalize: FinalizeRequest {}
    }
)
Update the host's keys and certificate
  • Start streaming RPC call to the target device.
stream := RotateHostCredentials()
  • Send a server's keys and certificate change request message to the target device.
stream.Send(
    RotateHostCredentialsRequest {
        server_keys: ServerKeysRequest {
            certificate: "A....=",
            public_key: "A....=",
            private_key: "A....=",
            version: "v1.0",
            created_on: 3214451134,
        }
    }
)

resp := stream.Receive()

  • Check if the new keys and certificate 'work'

  • Finalize the operation

stream.Send(
    RotateHostCredentialsResponse {
        finalize: FinalizeRequest {}
    }
)

User Journeys

Rotate Certificate based on existing key

The most common operation we are expecting to require on devices is the rotation of certificates used for SSH access for devices. This operation expects to reuse the existing host key on the device.

  • Get the public key configured on the host.

resp, err := c.GetPublicKeys(&GetPublicKeyRequests{})

  • Generate certificate based on key.

  • Rotate certificate on device.

stream.Send(
    RotateHostCredentialsRequest {
        server_keys: ServerKeysRequest {
            certificate: "A....=",
            version: "v1.0",
            created_on: 3214451134,
        }
    }
)

  • Validate that new settings are working as expected.

  • Finalize request.

stream.Send(
    RotateHostCredentialsResponse {
        finalize: FinalizeRequest {}
    }
)
Generate new host key on device and rotate certificate based on the new key

This use case focuses on the rotation of a host key and then generation of the certificate based on the new public key.

  • Send request for generation of new private key.
stream.Send(
    RotateHostCredentialsRequest {
        generate_keys: []GenerateKeysRequest {{
            key_params: KeyGen.KEY_GEN_SSH_KEY_TYPE_EDDSA_ED25519 
        }}
    }
)
  • Get Response containing public key to generate the certificate.
resp, err := stream.Recv()
data := resp.PublicKeys

  • The caller will then use this data to generate a certificate.

  • Send generated cert to device to rotate.

stream.Send(
    RotateHostCredentialsRequest {
        server_keys: ServerKeysRequest {
            certificate: "A....=",
            version: "v1.0",
            created_on: 3214451134,
        }
    }
)
  • Validate the RotateCredentialsResponse.
if _, err := stream.Recv(); err != nil {
    ...
}

  • Validate that new settings are working as expected.

  • Finalize request

stream.Send(
    RotateHostCredentialsResponse {
        finalize: FinalizeRequest {}
    }
)

gNSI.credentialz Telemetry Extension

gnsi-credentialz.yang

An overview of the changes defined in the gnsi-credentialz.yang file are shown below.

module: gnsi-credentialz

  augment /oc-sys:system:
    +--rw console
       +--rw config
       +--ro state
          +--ro counters
             +--ro access-rejects?       oc-yang:counter64
             +--ro last-access-reject?   oc-types:timeticks64
             +--ro access-accepts?       oc-yang:counter64
             +--ro last-access-accept?   oc-types:timeticks64
  augment /oc-sys:system/oc-sys:ssh-server/oc-sys:state:
    +--ro active-trusted-user-ca-keys-version?      version
    +--ro active-trusted-user-ca-keys-created-on?   created-on
    +--ro active-host-certificate-version?          version
    +--ro active-host-certificate-created-on?       created-on
    +--ro active-host-key-version?                  version
    +--ro active-host-key-version-created-on?       created-on
    +--ro counters
       +--ro access-rejects?       oc-yang:counter64
       +--ro last-access-reject?   oc-types:timeticks64
       +--ro access-accepts?       oc-yang:counter64
       +--ro last-access-accept?   oc-types:timeticks64
  augment /oc-sys:system/oc-sys:aaa/oc-sys:authentication/oc-sys:users/oc-sys:user/oc-sys:state:
    +--ro password-version?                   version
    +--ro password-created-on?                created-on
    +--ro authorized-users-list-version?      version
    +--ro authorized-users-list-created-on?   created-on
    +--ro authorized-keys-list-version?       version
    +--ro authorized-keys-list-created-on?    created-on
openconfig-system tree

The openconfig-system subtree after augments defined in the gnsi-credentialz.yang file is shown below.

For interactive version click here.

The diagram of the tree. 
module: openconfig-system
  +--rw system
     +--rw config
     |  +--rw hostname?       oc-inet:domain-name
     |  +--rw domain-name?    oc-inet:domain-name
     |  +--rw login-banner?   string
     |  +--rw motd-banner?    string
     +--ro state
     |  +--ro hostname?           oc-inet:domain-name
     |  +--ro domain-name?        oc-inet:domain-name
     |  +--ro login-banner?       string
     |  +--ro motd-banner?        string
     |  +--ro current-datetime?   oc-yang:date-and-time
     |  +--ro boot-time?          oc-types:timeticks64
     +--rw clock
     |  +--rw config
     |  |  +--rw timezone-name?   timezone-name-type
     |  +--ro state
     |     +--ro timezone-name?   timezone-name-type
     +--rw dns
     |  +--rw config
     |  |  +--rw search*   oc-inet:domain-name
     |  +--ro state
     |  |  +--ro search*   oc-inet:domain-name
     |  +--rw servers
     |  |  +--rw server* [address]
     |  |     +--rw address    -> ../config/address
     |  |     +--rw config
     |  |     |  +--rw address?   oc-inet:ip-address
     |  |     |  +--rw port?      oc-inet:port-number
     |  |     +--ro state
     |  |        +--ro address?   oc-inet:ip-address
     |  |        +--ro port?      oc-inet:port-number
     |  +--rw host-entries
     |     +--rw host-entry* [hostname]
     |        +--rw hostname    -> ../config/hostname
     |        +--rw config
     |        |  +--rw hostname?       string
     |        |  +--rw alias*          string
     |        |  +--rw ipv4-address*   oc-inet:ipv4-address
     |        |  +--rw ipv6-address*   oc-inet:ipv6-address
     |        +--ro state
     |           +--ro hostname?       string
     |           +--ro alias*          string
     |           +--ro ipv4-address*   oc-inet:ipv4-address
     |           +--ro ipv6-address*   oc-inet:ipv6-address
     +--rw ntp
     |  +--rw config
     |  |  +--rw enabled?              boolean
     |  |  +--rw ntp-source-address?   oc-inet:ip-address
     |  |  +--rw enable-ntp-auth?      boolean
     |  +--ro state
     |  |  +--ro enabled?              boolean
     |  |  +--ro ntp-source-address?   oc-inet:ip-address
     |  |  +--ro enable-ntp-auth?      boolean
     |  |  +--ro auth-mismatch?        oc-yang:counter64
     |  +--rw ntp-keys
     |  |  +--rw ntp-key* [key-id]
     |  |     +--rw key-id    -> ../config/key-id
     |  |     +--rw config
     |  |     |  +--rw key-id?      uint16
     |  |     |  +--rw key-type?    identityref
     |  |     |  +--rw key-value?   string
     |  |     +--ro state
     |  |        +--ro key-id?      uint16
     |  |        +--ro key-type?    identityref
     |  |        +--ro key-value?   string
     |  +--rw servers
     |     +--rw server* [address]
     |        +--rw address    -> ../config/address
     |        +--rw config
     |        |  +--rw address?            oc-inet:host
     |        |  +--rw port?               oc-inet:port-number
     |        |  +--rw version?            uint8
     |        |  +--rw association-type?   enumeration
     |        |  +--rw iburst?             boolean
     |        |  +--rw prefer?             boolean
     |        +--ro state
     |           +--ro address?            oc-inet:host
     |           +--ro port?               oc-inet:port-number
     |           +--ro version?            uint8
     |           +--ro association-type?   enumeration
     |           +--ro iburst?             boolean
     |           +--ro prefer?             boolean
     |           +--ro stratum?            uint8
     |           +--ro root-delay?         uint32
     |           +--ro root-dispersion?    uint64
     |           +--ro offset?             uint64
     |           +--ro poll-interval?      uint32
     +--rw ssh-server
     |  +--rw config
     |  |  +--rw enable?             boolean
     |  |  +--rw protocol-version?   enumeration
     |  |  +--rw timeout?            uint16
     |  |  +--rw rate-limit?         uint16
     |  |  +--rw session-limit?      uint16
     |  +--ro state
     |     +--ro enable?                                              boolean
     |     +--ro protocol-version?                                    enumeration
     |     +--ro timeout?                                             uint16
     |     +--ro rate-limit?                                          uint16
     |     +--ro session-limit?                                       uint16
     |     +--ro gnsi-credz:active-trusted-user-ca-keys-version?      version
     |     +--ro gnsi-credz:active-trusted-user-ca-keys-created-on?   created-on
     |     +--ro gnsi-credz:active-host-certificate-version?          version
     |     +--ro gnsi-credz:active-host-certificate-created-on?       created-on
     |     +--ro gnsi-credz:active-host-key-version?                  version
     |     +--ro gnsi-credz:active-host-key-version-created-on?       created-on
     |     +--ro gnsi-credz:counters
     |        +--ro gnsi-credz:access-rejects?       oc-yang:counter64
     |        +--ro gnsi-credz:last-access-reject?   oc-types:timeticks64
     |        +--ro gnsi-credz:access-accepts?       oc-yang:counter64
     |        +--ro gnsi-credz:last-access-accept?   oc-types:timeticks64
     +--rw telnet-server
     |  +--rw config
     |  |  +--rw enable?          boolean
     |  |  +--rw timeout?         uint16
     |  |  +--rw rate-limit?      uint16
     |  |  +--rw session-limit?   uint16
     |  +--ro state
     |     +--ro enable?          boolean
     |     +--ro timeout?         uint16
     |     +--ro rate-limit?      uint16
     |     +--ro session-limit?   uint16
     +--rw logging
     |  +--rw console
     |  |  +--rw config
     |  |  +--ro state
     |  |  +--rw selectors
     |  |     +--rw selector* [facility severity]
     |  |        +--rw facility    -> ../config/facility
     |  |        +--rw severity    -> ../config/severity
     |  |        +--rw config
     |  |        |  +--rw facility?   identityref
     |  |        |  +--rw severity?   syslog-severity
     |  |        +--ro state
     |  |           +--ro facility?   identityref
     |  |           +--ro severity?   syslog-severity
     |  +--rw remote-servers
     |     +--rw remote-server* [host]
     |        +--rw host         -> ../config/host
     |        +--rw config
     |        |  +--rw host?             oc-inet:host
     |        |  +--rw source-address?   oc-inet:ip-address
     |        |  +--rw remote-port?      oc-inet:port-number
     |        +--ro state
     |        |  +--ro host?             oc-inet:host
     |        |  +--ro source-address?   oc-inet:ip-address
     |        |  +--ro remote-port?      oc-inet:port-number
     |        +--rw selectors
     |           +--rw selector* [facility severity]
     |              +--rw facility    -> ../config/facility
     |              +--rw severity    -> ../config/severity
     |              +--rw config
     |              |  +--rw facility?   identityref
     |              |  +--rw severity?   syslog-severity
     |              +--ro state
     |                 +--ro facility?   identityref
     |                 +--ro severity?   syslog-severity
     +--rw aaa
     |  +--rw config
     |  +--ro state
     |  +--rw authentication
     |  |  +--rw config
     |  |  |  +--rw authentication-method*   union
     |  |  +--ro state
     |  |  |  +--ro authentication-method*   union
     |  |  +--rw admin-user
     |  |  |  +--rw config
     |  |  |  |  +--rw admin-password?          string
     |  |  |  |  +--rw admin-password-hashed?   oc-aaa-types:crypt-password-type
     |  |  |  +--ro state
     |  |  |     +--ro admin-password?          string
     |  |  |     +--ro admin-password-hashed?   oc-aaa-types:crypt-password-type
     |  |  |     +--ro admin-username?          string
     |  |  +--rw users
     |  |     +--rw user* [username]
     |  |        +--rw username    -> ../config/username
     |  |        +--rw config
     |  |        |  +--rw username?   string
     |  |        |  +--rw role?       union
     |  |        +--ro state
     |  |           +--ro username?                                      string
     |  |           +--ro password?                                      string
     |  |           +--ro password-hashed?                               oc-aaa-types:crypt-password-type
     |  |           +--ro role?                                          union
     |  |           +--ro gnsi-credz:password-version?                   version
     |  |           +--ro gnsi-credz:password-created-on?                created-on
     |  |           +--ro gnsi-credz:authorized-users-list-version?      version
     |  |           +--ro gnsi-credz:authorized-users-list-created-on?   created-on
     |  |           +--ro gnsi-credz:authorized-keys-list-version?       version
     |  |           +--ro gnsi-credz:authorized-keys-list-created-on?    created-on
     |  +--rw authorization
     |  |  +--rw config
     |  |  |  +--rw authorization-method*   union
     |  |  +--ro state
     |  |  |  +--ro authorization-method*   union
     |  |  +--rw events
     |  |     +--rw event* [event-type]
     |  |        +--rw event-type    -> ../config/event-type
     |  |        +--rw config
     |  |        |  +--rw event-type?   identityref
     |  |        +--ro state
     |  |           +--ro event-type?   identityref
     |  +--rw accounting
     |  |  +--rw config
     |  |  |  +--rw accounting-method*   union
     |  |  +--ro state
     |  |  |  +--ro accounting-method*   union
     |  |  +--rw events
     |  |     +--rw event* [event-type]
     |  |        +--rw event-type    -> ../config/event-type
     |  |        +--rw config
     |  |        |  +--rw event-type?   identityref
     |  |        |  +--rw record?       enumeration
     |  |        +--ro state
     |  |           +--ro event-type?   identityref
     |  |           +--ro record?       enumeration
     |  +--rw server-groups
     |     +--rw server-group* [name]
     |        +--rw name       -> ../config/name
     |        +--rw config
     |        |  +--rw name?   string
     |        |  +--rw type?   identityref
     |        +--ro state
     |        |  +--ro name?   string
     |        |  +--ro type?   identityref
     |        +--rw servers
     |           +--rw server* [address]
     |              +--rw address    -> ../config/address
     |              +--rw config
     |              |  +--rw name?      string
     |              |  +--rw address?   oc-inet:ip-address
     |              |  +--rw timeout?   uint16
     |              +--ro state
     |              |  +--ro name?                  string
     |              |  +--ro address?               oc-inet:ip-address
     |              |  +--ro timeout?               uint16
     |              |  +--ro connection-opens?      oc-yang:counter64
     |              |  +--ro connection-closes?     oc-yang:counter64
     |              |  +--ro connection-aborts?     oc-yang:counter64
     |              |  +--ro connection-failures?   oc-yang:counter64
     |              |  +--ro connection-timeouts?   oc-yang:counter64
     |              |  +--ro messages-sent?         oc-yang:counter64
     |              |  +--ro messages-received?     oc-yang:counter64
     |              |  +--ro errors-received?       oc-yang:counter64
     |              +--rw tacacs
     |              |  +--rw config
     |              |  |  +--rw port?                oc-inet:port-number
     |              |  |  +--rw secret-key?          oc-types:routing-password
     |              |  |  +--rw secret-key-hashed?   oc-aaa-types:crypt-password-type
     |              |  |  +--rw source-address?      oc-inet:ip-address
     |              |  +--ro state
     |              |     +--ro port?                oc-inet:port-number
     |              |     +--ro secret-key?          oc-types:routing-password
     |              |     +--ro secret-key-hashed?   oc-aaa-types:crypt-password-type
     |              |     +--ro source-address?      oc-inet:ip-address
     |              +--rw radius
     |                 +--rw config
     |                 |  +--rw auth-port?             oc-inet:port-number
     |                 |  +--rw acct-port?             oc-inet:port-number
     |                 |  +--rw secret-key?            oc-types:routing-password
     |                 |  +--rw secret-key-hashed?     oc-aaa-types:crypt-password-type
     |                 |  +--rw source-address?        oc-inet:ip-address
     |                 |  +--rw retransmit-attempts?   uint8
     |                 +--ro state
     |                    +--ro auth-port?             oc-inet:port-number
     |                    +--ro acct-port?             oc-inet:port-number
     |                    +--ro secret-key?            oc-types:routing-password
     |                    +--ro secret-key-hashed?     oc-aaa-types:crypt-password-type
     |                    +--ro source-address?        oc-inet:ip-address
     |                    +--ro retransmit-attempts?   uint8
     |                    +--ro counters
     |                       +--ro retried-access-requests?   oc-yang:counter64
     |                       +--ro access-accepts?            oc-yang:counter64
     |                       +--ro access-rejects?            oc-yang:counter64
     |                       +--ro timeout-access-requests?   oc-yang:counter64
     +--rw memory
     |  +--rw config
     |  +--ro state
     |     +--ro physical?   uint64
     |     +--ro reserved?   uint64
     +--ro cpus
     |  +--ro cpu* [index]
     |     +--ro index    -> ../state/index
     |     +--ro state
     |        +--ro index?                union
     |        +--ro total
     |        |  +--ro instant?    oc-types:percentage
     |        |  +--ro avg?        oc-types:percentage
     |        |  +--ro min?        oc-types:percentage
     |        |  +--ro max?        oc-types:percentage
     |        |  +--ro interval?   oc-types:stat-interval
     |        |  +--ro min-time?   oc-types:timeticks64
     |        |  +--ro max-time?   oc-types:timeticks64
     |        +--ro user
     |        |  +--ro instant?    oc-types:percentage
     |        |  +--ro avg?        oc-types:percentage
     |        |  +--ro min?        oc-types:percentage
     |        |  +--ro max?        oc-types:percentage
     |        |  +--ro interval?   oc-types:stat-interval
     |        |  +--ro min-time?   oc-types:timeticks64
     |        |  +--ro max-time?   oc-types:timeticks64
     |        +--ro kernel
     |        |  +--ro instant?    oc-types:percentage
     |        |  +--ro avg?        oc-types:percentage
     |        |  +--ro min?        oc-types:percentage
     |        |  +--ro max?        oc-types:percentage
     |        |  +--ro interval?   oc-types:stat-interval
     |        |  +--ro min-time?   oc-types:timeticks64
     |        |  +--ro max-time?   oc-types:timeticks64
     |        +--ro nice
     |        |  +--ro instant?    oc-types:percentage
     |        |  +--ro avg?        oc-types:percentage
     |        |  +--ro min?        oc-types:percentage
     |        |  +--ro max?        oc-types:percentage
     |        |  +--ro interval?   oc-types:stat-interval
     |        |  +--ro min-time?   oc-types:timeticks64
     |        |  +--ro max-time?   oc-types:timeticks64
     |        +--ro idle
     |        |  +--ro instant?    oc-types:percentage
     |        |  +--ro avg?        oc-types:percentage
     |        |  +--ro min?        oc-types:percentage
     |        |  +--ro max?        oc-types:percentage
     |        |  +--ro interval?   oc-types:stat-interval
     |        |  +--ro min-time?   oc-types:timeticks64
     |        |  +--ro max-time?   oc-types:timeticks64
     |        +--ro wait
     |        |  +--ro instant?    oc-types:percentage
     |        |  +--ro avg?        oc-types:percentage
     |        |  +--ro min?        oc-types:percentage
     |        |  +--ro max?        oc-types:percentage
     |        |  +--ro interval?   oc-types:stat-interval
     |        |  +--ro min-time?   oc-types:timeticks64
     |        |  +--ro max-time?   oc-types:timeticks64
     |        +--ro hardware-interrupt
     |        |  +--ro instant?    oc-types:percentage
     |        |  +--ro avg?        oc-types:percentage
     |        |  +--ro min?        oc-types:percentage
     |        |  +--ro max?        oc-types:percentage
     |        |  +--ro interval?   oc-types:stat-interval
     |        |  +--ro min-time?   oc-types:timeticks64
     |        |  +--ro max-time?   oc-types:timeticks64
     |        +--ro software-interrupt
     |           +--ro instant?    oc-types:percentage
     |           +--ro avg?        oc-types:percentage
     |           +--ro min?        oc-types:percentage
     |           +--ro max?        oc-types:percentage
     |           +--ro interval?   oc-types:stat-interval
     |           +--ro min-time?   oc-types:timeticks64
     |           +--ro max-time?   oc-types:timeticks64
     +--rw processes
     |  +--ro process* [pid]
     |     +--ro pid      -> ../state/pid
     |     +--ro state
     |        +--ro pid?                  uint64
     |        +--ro name?                 string
     |        +--ro args*                 string
     |        +--ro start-time?           oc-types:timeticks64
     |        +--ro cpu-usage-user?       oc-yang:counter64
     |        +--ro cpu-usage-system?     oc-yang:counter64
     |        +--ro cpu-utilization?      oc-types:percentage
     |        +--ro memory-usage?         uint64
     |        +--ro memory-utilization?   oc-types:percentage
     +--ro alarms
     |  +--ro alarm* [id]
     |     +--ro id        -> ../state/id
     |     +--ro config
     |     +--ro state
     |        +--ro id?             string
     |        +--ro resource?       string
     |        +--ro text?           string
     |        +--ro time-created?   oc-types:timeticks64
     |        +--ro severity?       identityref
     |        +--ro type-id?        union
     +--rw messages
     |  +--rw config
     |  |  +--rw severity?   oc-log:syslog-severity
     |  +--ro state
     |  |  +--ro severity?   oc-log:syslog-severity
     |  |  +--ro message
     |  |     +--ro msg?        string
     |  |     +--ro priority?   uint8
     |  |     +--ro app-name?   string
     |  |     +--ro procid?     string
     |  |     +--ro msgid?      string
     |  +--rw debug-entries
     |     +--rw debug-service* [service]
     |        +--rw service    -> ../config/service
     |        +--rw config
     |        |  +--rw service?   identityref
     |        |  +--rw enabled?   boolean
     |        +--ro state
     |           +--ro service?   identityref
     |           +--ro enabled?   boolean
     +--rw license
     |  +--rw licenses
     |     +--rw license* [license-id]
     |        +--rw license-id    -> ../config/license-id
     |        +--rw config
     |        |  +--rw license-id?     string
     |        |  +--rw license-data?   union
     |        |  +--rw active?         boolean
     |        +--ro state
     |           +--ro license-id?        string
     |           +--ro license-data?      union
     |           +--ro active?            boolean
     |           +--ro description?       string
     |           +--ro issue-date?        uint64
     |           +--ro expiration-date?   uint64
     |           +--ro in-use?            boolean
     |           +--ro expired?           boolean
     |           +--ro valid?             boolean
     +--rw oc-sys-grpc:grpc-servers
     |  +--rw oc-sys-grpc:grpc-server* [name]
     |     +--rw oc-sys-grpc:name      -> ../config/name
     |     +--rw oc-sys-grpc:config
     |     |  +--rw oc-sys-grpc:name?                      string
     |     |  +--rw oc-sys-grpc:services*                  identityref
     |     |  +--rw oc-sys-grpc:enable?                    boolean
     |     |  +--rw oc-sys-grpc:port?                      oc-inet:port-number
     |     |  +--rw oc-sys-grpc:transport-security?        boolean
     |     |  +--rw oc-sys-grpc:certificate-id?            string
     |     |  +--rw oc-sys-grpc:metadata-authentication?   boolean
     |     |  +--rw oc-sys-grpc:listen-addresses*          union
     |     |  +--rw oc-sys-grpc:network-instance?          oc-ni:network-instance-ref
     |     +--ro oc-sys-grpc:state
     |        +--ro oc-sys-grpc:name?                      string
     |        +--ro oc-sys-grpc:services*                  identityref
     |        +--ro oc-sys-grpc:enable?                    boolean
     |        +--ro oc-sys-grpc:port?                      oc-inet:port-number
     |        +--ro oc-sys-grpc:transport-security?        boolean
     |        +--ro oc-sys-grpc:certificate-id?            string
     |        +--ro oc-sys-grpc:metadata-authentication?   boolean
     |        +--ro oc-sys-grpc:listen-addresses*          union
     |        +--ro oc-sys-grpc:network-instance?          oc-ni:network-instance-ref
     +--rw gnsi-credz:console
        +--rw gnsi-credz:config
        +--ro gnsi-credz:state
           +--ro gnsi-credz:counters
              +--ro gnsi-credz:access-rejects?       oc-yang:counter64
              +--ro gnsi-credz:last-access-reject?   oc-types:timeticks64
              +--ro gnsi-credz:access-accepts?       oc-yang:counter64
              +--ro gnsi-credz:last-access-accept?   oc-types:timeticks64

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	KeyType_name = map[int32]string{
		0: "KEY_TYPE_UNSPECIFIED",
		1: "KEY_TYPE_ECDSA_P_256",
		2: "KEY_TYPE_ECDSA_P_521",
		3: "KEY_TYPE_ED25519",
		4: "KEY_TYPE_RSA_2048",
		5: "KEY_TYPE_RSA_4096",
	}
	KeyType_value = map[string]int32{
		"KEY_TYPE_UNSPECIFIED": 0,
		"KEY_TYPE_ECDSA_P_256": 1,
		"KEY_TYPE_ECDSA_P_521": 2,
		"KEY_TYPE_ED25519":     3,
		"KEY_TYPE_RSA_2048":    4,
		"KEY_TYPE_RSA_4096":    5,
	}
)

Enum value maps for KeyType.

View Source 
var (
	KeyGen_name = map[int32]string{
		0: "KEY_GEN_SSH_KEY_UNSPECIFIED",
		1: "KEY_GEN_SSH_KEY_TYPE_RSA_2048",
		2: "KEY_GEN_SSH_KEY_TYPE_ECDSA_P_256",
		3: "KEY_GEN_SSH_KEY_TYPE_ECDSA_P_521",
		4: "KEY_GEN_SSH_KEY_TYPE_EDDSA_ED25519",
		5: "KEY_GEN_SSH_KEY_TYPE_RSA_4096",
	}
	KeyGen_value = map[string]int32{
		"KEY_GEN_SSH_KEY_UNSPECIFIED":        0,
		"KEY_GEN_SSH_KEY_TYPE_RSA_2048":      1,
		"KEY_GEN_SSH_KEY_TYPE_ECDSA_P_256":   2,
		"KEY_GEN_SSH_KEY_TYPE_ECDSA_P_521":   3,
		"KEY_GEN_SSH_KEY_TYPE_EDDSA_ED25519": 4,
		"KEY_GEN_SSH_KEY_TYPE_RSA_4096":      5,
	}
)

Enum value maps for KeyGen.

View Source 
var (
	Option_StandardOption_name = map[int32]string{
		0:  "STANDARD_OPTION_UNSPECIFIED",
		1:  "STANDARD_OPTION_AGENT_FORWARDING",
		2:  "STANDARD_OPTION_CERT_ATHORITY",
		3:  "STANDARD_OPTION_COMMAND",
		4:  "STANDARD_OPTION_ENVIRONMENT",
		5:  "STANDARD_OPTION_EXPIRY_TIME",
		6:  "STANDARD_OPTION_FROM",
		7:  "STANDARD_OPTION_NO_AGENT_FORWARDING",
		8:  "STANDARD_OPTION_NO_PORT_FORWARDING",
		9:  "STANDARD_OPTION_NO_PTY",
		10: "STANDARD_OPTION_NO_USER_RC",
		11: "STANDARD_OPTION_NO_X11_FORWARDING",
		12: "STANDARD_OPTION_PERMITLISTEN",
		13: "STANDARD_OPTION_PERMITOPEN",
		14: "STANDARD_OPTION_PORT_FORWARDING",
		15: "STANDARD_OPTION_PRINCIPALS",
		16: "STANDARD_OPTION_PTY",
		17: "STANDARD_OPTION_NO_TOUCH_REQUIRED",
		18: "STANDARD_OPTION_VERIFY_REQUIRED",
		19: "STANDARD_OPTION_RESTRICT",
		20: "STANDARD_OPTION_TUNNEL",
		21: "STANDARD_OPTION_USER_RC",
		22: "STANDARD_OPTION_X11_FORWARDING",
	}
	Option_StandardOption_value = map[string]int32{
		"STANDARD_OPTION_UNSPECIFIED":         0,
		"STANDARD_OPTION_AGENT_FORWARDING":    1,
		"STANDARD_OPTION_CERT_ATHORITY":       2,
		"STANDARD_OPTION_COMMAND":             3,
		"STANDARD_OPTION_ENVIRONMENT":         4,
		"STANDARD_OPTION_EXPIRY_TIME":         5,
		"STANDARD_OPTION_FROM":                6,
		"STANDARD_OPTION_NO_AGENT_FORWARDING": 7,
		"STANDARD_OPTION_NO_PORT_FORWARDING":  8,
		"STANDARD_OPTION_NO_PTY":              9,
		"STANDARD_OPTION_NO_USER_RC":          10,
		"STANDARD_OPTION_NO_X11_FORWARDING":   11,
		"STANDARD_OPTION_PERMITLISTEN":        12,
		"STANDARD_OPTION_PERMITOPEN":          13,
		"STANDARD_OPTION_PORT_FORWARDING":     14,
		"STANDARD_OPTION_PRINCIPALS":          15,
		"STANDARD_OPTION_PTY":                 16,
		"STANDARD_OPTION_NO_TOUCH_REQUIRED":   17,
		"STANDARD_OPTION_VERIFY_REQUIRED":     18,
		"STANDARD_OPTION_RESTRICT":            19,
		"STANDARD_OPTION_TUNNEL":              20,
		"STANDARD_OPTION_USER_RC":             21,
		"STANDARD_OPTION_X11_FORWARDING":      22,
	}
)

Enum value maps for Option_StandardOption.

View Source 
var (
	UserPolicy_AuthorizedPrincipalCheck_Tool_name = map[int32]string{
		0: "TOOL_UNSPECIFIED",
		1: "TOOL_HIBA",
	}
	UserPolicy_AuthorizedPrincipalCheck_Tool_value = map[string]int32{
		"TOOL_UNSPECIFIED": 0,
		"TOOL_HIBA":        1,
	}
)

Enum value maps for UserPolicy_AuthorizedPrincipalCheck_Tool.

View Source 
var (
	PasswordRequest_CryptoHash_HashType_name = map[int32]string{
		0: "HASH_TYPE_UNSPECIFIED",
		1: "HASH_TYPE_CRYPT_MD5",
		2: "HASH_TYPE_CRYPT_SHA_2_512",
	}
	PasswordRequest_CryptoHash_HashType_value = map[string]int32{
		"HASH_TYPE_UNSPECIFIED":     0,
		"HASH_TYPE_CRYPT_MD5":       1,
		"HASH_TYPE_CRYPT_SHA_2_512": 2,
	}
)

Enum value maps for PasswordRequest_CryptoHash_HashType.

View Source 
var Credentialz_ServiceDesc = grpc.ServiceDesc{
	ServiceName: "gnsi.credentialz.v1.Credentialz",
	HandlerType: (*CredentialzServer)(nil),
	Methods: []grpc.MethodDesc{
		{
			MethodName: "CanGenerateKey",
			Handler:    _Credentialz_CanGenerateKey_Handler,
		},
		{
			MethodName: "GetPublicKeys",
			Handler:    _Credentialz_GetPublicKeys_Handler,
		},
	},
	Streams: []grpc.StreamDesc{
		{
			StreamName:    "RotateAccountCredentials",
			Handler:       _Credentialz_RotateAccountCredentials_Handler,
			ServerStreams: true,
			ClientStreams: true,
		},
		{
			StreamName:    "RotateHostCredentials",
			Handler:       _Credentialz_RotateHostCredentials_Handler,
			ServerStreams: true,
			ClientStreams: true,
		},
	},
	Metadata: "github.com/openconfig/gnsi/credentialz/credentialz.proto",
}

Credentialz_ServiceDesc is the grpc.ServiceDesc for Credentialz service. It's only intended for direct use with grpc.RegisterService, and not to be introspected or modified (even as a copy)

View Source 
var File_github_com_openconfig_gnsi_credentialz_credentialz_proto protoreflect.FileDescriptor

Functions

func RegisterCredentialzServer 

func RegisterCredentialzServer(s grpc.ServiceRegistrar, srv CredentialzServer)

Types

type AccountCredentials 

type AccountCredentials struct {
	Account        string                              `protobuf:"bytes,1,opt,name=account,proto3" json:"account,omitempty"`
	AuthorizedKeys []*AccountCredentials_AuthorizedKey `protobuf:"bytes,2,rep,name=authorized_keys,json=authorizedKeys,proto3" json:"authorized_keys,omitempty"`
	Version        string                              `protobuf:"bytes,3,opt,name=version,proto3" json:"version,omitempty"`
	CreatedOn      uint64                              `protobuf:"varint,4,opt,name=created_on,json=createdOn,proto3" json:"created_on,omitempty"`
	// contains filtered or unexported fields
}

func (*AccountCredentials) Descriptor deprecated 

func (*AccountCredentials) Descriptor() ([]byte, []int)

Deprecated: Use AccountCredentials.ProtoReflect.Descriptor instead.

func (*AccountCredentials) GetAccount 

func (x *AccountCredentials) GetAccount() string

func (*AccountCredentials) GetAuthorizedKeys 

func (x *AccountCredentials) GetAuthorizedKeys() []*AccountCredentials_AuthorizedKey

func (*AccountCredentials) GetCreatedOn 

func (x *AccountCredentials) GetCreatedOn() uint64

func (*AccountCredentials) GetVersion 

func (x *AccountCredentials) GetVersion() string

func (*AccountCredentials) ProtoMessage 

func (*AccountCredentials) ProtoMessage()

func (*AccountCredentials) ProtoReflect 

func (x *AccountCredentials) ProtoReflect() protoreflect.Message

func (*AccountCredentials) Reset 

func (x *AccountCredentials) Reset()

func (*AccountCredentials) String 

func (x *AccountCredentials) String() string

type AccountCredentials_AuthorizedKey 

type AccountCredentials_AuthorizedKey struct {
	AuthorizedKey []byte    `protobuf:"bytes,1,opt,name=authorized_key,json=authorizedKey,proto3" json:"authorized_key,omitempty"`
	Options       []*Option `protobuf:"bytes,2,rep,name=options,proto3" json:"options,omitempty"`
	KeyType       KeyType   `protobuf:"varint,3,opt,name=key_type,json=keyType,proto3,enum=gnsi.credentialz.v1.KeyType" json:"key_type,omitempty"`
	Description   string    `protobuf:"bytes,4,opt,name=description,proto3" json:"description,omitempty"`
	// contains filtered or unexported fields
}

func (*AccountCredentials_AuthorizedKey) Descriptor deprecated 

func (*AccountCredentials_AuthorizedKey) Descriptor() ([]byte, []int)

Deprecated: Use AccountCredentials_AuthorizedKey.ProtoReflect.Descriptor instead.

func (*AccountCredentials_AuthorizedKey) GetAuthorizedKey 

func (x *AccountCredentials_AuthorizedKey) GetAuthorizedKey() []byte

func (*AccountCredentials_AuthorizedKey) GetDescription 

func (x *AccountCredentials_AuthorizedKey) GetDescription() string

func (*AccountCredentials_AuthorizedKey) GetKeyType 

func (x *AccountCredentials_AuthorizedKey) GetKeyType() KeyType

func (*AccountCredentials_AuthorizedKey) GetOptions 

func (x *AccountCredentials_AuthorizedKey) GetOptions() []*Option

func (*AccountCredentials_AuthorizedKey) ProtoMessage 

func (*AccountCredentials_AuthorizedKey) ProtoMessage()

func (*AccountCredentials_AuthorizedKey) ProtoReflect 

func (x *AccountCredentials_AuthorizedKey) ProtoReflect() protoreflect.Message

func (*AccountCredentials_AuthorizedKey) Reset 

func (x *AccountCredentials_AuthorizedKey) Reset()

func (*AccountCredentials_AuthorizedKey) String 

func (x *AccountCredentials_AuthorizedKey) String() string

type AuthorizedKeysRequest 

type AuthorizedKeysRequest struct {
	Credentials []*AccountCredentials `protobuf:"bytes,1,rep,name=credentials,proto3" json:"credentials,omitempty"`
	// contains filtered or unexported fields
}

func (*AuthorizedKeysRequest) Descriptor deprecated 

func (*AuthorizedKeysRequest) Descriptor() ([]byte, []int)

Deprecated: Use AuthorizedKeysRequest.ProtoReflect.Descriptor instead.

func (*AuthorizedKeysRequest) GetCredentials 

func (x *AuthorizedKeysRequest) GetCredentials() []*AccountCredentials

func (*AuthorizedKeysRequest) ProtoMessage 

func (*AuthorizedKeysRequest) ProtoMessage()

func (*AuthorizedKeysRequest) ProtoReflect 

func (x *AuthorizedKeysRequest) ProtoReflect() protoreflect.Message

func (*AuthorizedKeysRequest) Reset 

func (x *AuthorizedKeysRequest) Reset()

func (*AuthorizedKeysRequest) String 

func (x *AuthorizedKeysRequest) String() string

type AuthorizedKeysResponse 

type AuthorizedKeysResponse struct {
	// contains filtered or unexported fields
}

func (*AuthorizedKeysResponse) Descriptor deprecated 

func (*AuthorizedKeysResponse) Descriptor() ([]byte, []int)

Deprecated: Use AuthorizedKeysResponse.ProtoReflect.Descriptor instead.

func (*AuthorizedKeysResponse) ProtoMessage 

func (*AuthorizedKeysResponse) ProtoMessage()

func (*AuthorizedKeysResponse) ProtoReflect 

func (x *AuthorizedKeysResponse) ProtoReflect() protoreflect.Message

func (*AuthorizedKeysResponse) Reset 

func (x *AuthorizedKeysResponse) Reset()

func (*AuthorizedKeysResponse) String 

func (x *AuthorizedKeysResponse) String() string

type AuthorizedUsersRequest 

type AuthorizedUsersRequest struct {
	Policies []*UserPolicy `protobuf:"bytes,1,rep,name=policies,proto3" json:"policies,omitempty"`
	// contains filtered or unexported fields
}

func (*AuthorizedUsersRequest) Descriptor deprecated 

func (*AuthorizedUsersRequest) Descriptor() ([]byte, []int)

Deprecated: Use AuthorizedUsersRequest.ProtoReflect.Descriptor instead.

func (*AuthorizedUsersRequest) GetPolicies 

func (x *AuthorizedUsersRequest) GetPolicies() []*UserPolicy

func (*AuthorizedUsersRequest) ProtoMessage 

func (*AuthorizedUsersRequest) ProtoMessage()

func (*AuthorizedUsersRequest) ProtoReflect 

func (x *AuthorizedUsersRequest) ProtoReflect() protoreflect.Message

func (*AuthorizedUsersRequest) Reset 

func (x *AuthorizedUsersRequest) Reset()

func (*AuthorizedUsersRequest) String 

func (x *AuthorizedUsersRequest) String() string

type AuthorizedUsersResponse 

type AuthorizedUsersResponse struct {
	// contains filtered or unexported fields
}

func (*AuthorizedUsersResponse) Descriptor deprecated 

func (*AuthorizedUsersResponse) Descriptor() ([]byte, []int)

Deprecated: Use AuthorizedUsersResponse.ProtoReflect.Descriptor instead.

func (*AuthorizedUsersResponse) ProtoMessage 

func (*AuthorizedUsersResponse) ProtoMessage()

func (*AuthorizedUsersResponse) ProtoReflect 

func (x *AuthorizedUsersResponse) ProtoReflect() protoreflect.Message

func (*AuthorizedUsersResponse) Reset 

func (x *AuthorizedUsersResponse) Reset()

func (*AuthorizedUsersResponse) String 

func (x *AuthorizedUsersResponse) String() string

type CaPublicKeyRequest 

type CaPublicKeyRequest struct {
	SshCaPublicKeys []*PublicKey `protobuf:"bytes,1,rep,name=ssh_ca_public_keys,json=sshCaPublicKeys,proto3" json:"ssh_ca_public_keys,omitempty"`
	Version         string       `protobuf:"bytes,2,opt,name=version,proto3" json:"version,omitempty"`
	CreatedOn       uint64       `protobuf:"varint,3,opt,name=created_on,json=createdOn,proto3" json:"created_on,omitempty"`
	// contains filtered or unexported fields
}

func (*CaPublicKeyRequest) Descriptor deprecated 

func (*CaPublicKeyRequest) Descriptor() ([]byte, []int)

Deprecated: Use CaPublicKeyRequest.ProtoReflect.Descriptor instead.

func (*CaPublicKeyRequest) GetCreatedOn 

func (x *CaPublicKeyRequest) GetCreatedOn() uint64

func (*CaPublicKeyRequest) GetSshCaPublicKeys 

func (x *CaPublicKeyRequest) GetSshCaPublicKeys() []*PublicKey

func (*CaPublicKeyRequest) GetVersion 

func (x *CaPublicKeyRequest) GetVersion() string

func (*CaPublicKeyRequest) ProtoMessage 

func (*CaPublicKeyRequest) ProtoMessage()

func (*CaPublicKeyRequest) ProtoReflect 

func (x *CaPublicKeyRequest) ProtoReflect() protoreflect.Message

func (*CaPublicKeyRequest) Reset 

func (x *CaPublicKeyRequest) Reset()

func (*CaPublicKeyRequest) String 

func (x *CaPublicKeyRequest) String() string

type CaPublicKeyResponse 

type CaPublicKeyResponse struct {
	// contains filtered or unexported fields
}

func (*CaPublicKeyResponse) Descriptor deprecated 

func (*CaPublicKeyResponse) Descriptor() ([]byte, []int)

Deprecated: Use CaPublicKeyResponse.ProtoReflect.Descriptor instead.

func (*CaPublicKeyResponse) ProtoMessage 

func (*CaPublicKeyResponse) ProtoMessage()

func (*CaPublicKeyResponse) ProtoReflect 

func (x *CaPublicKeyResponse) ProtoReflect() protoreflect.Message

func (*CaPublicKeyResponse) Reset 

func (x *CaPublicKeyResponse) Reset()

func (*CaPublicKeyResponse) String 

func (x *CaPublicKeyResponse) String() string

type CanGenerateKeyRequest 

type CanGenerateKeyRequest struct {
	KeyParams KeyGen `protobuf:"varint,1,opt,name=key_params,json=keyParams,proto3,enum=gnsi.credentialz.v1.KeyGen" json:"key_params,omitempty"`
	// contains filtered or unexported fields
}

func (*CanGenerateKeyRequest) Descriptor deprecated 

func (*CanGenerateKeyRequest) Descriptor() ([]byte, []int)

Deprecated: Use CanGenerateKeyRequest.ProtoReflect.Descriptor instead.

func (*CanGenerateKeyRequest) GetKeyParams 

func (x *CanGenerateKeyRequest) GetKeyParams() KeyGen

func (*CanGenerateKeyRequest) ProtoMessage 

func (*CanGenerateKeyRequest) ProtoMessage()

func (*CanGenerateKeyRequest) ProtoReflect 

func (x *CanGenerateKeyRequest) ProtoReflect() protoreflect.Message

func (*CanGenerateKeyRequest) Reset 

func (x *CanGenerateKeyRequest) Reset()

func (*CanGenerateKeyRequest) String 

func (x *CanGenerateKeyRequest) String() string

type CanGenerateKeyResponse 

type CanGenerateKeyResponse struct {
	CanGenerate bool `protobuf:"varint,1,opt,name=can_generate,json=canGenerate,proto3" json:"can_generate,omitempty"`
	// contains filtered or unexported fields
}

func (*CanGenerateKeyResponse) Descriptor deprecated 

func (*CanGenerateKeyResponse) Descriptor() ([]byte, []int)

Deprecated: Use CanGenerateKeyResponse.ProtoReflect.Descriptor instead.

func (*CanGenerateKeyResponse) GetCanGenerate 

func (x *CanGenerateKeyResponse) GetCanGenerate() bool

func (*CanGenerateKeyResponse) ProtoMessage 

func (*CanGenerateKeyResponse) ProtoMessage()

func (*CanGenerateKeyResponse) ProtoReflect 

func (x *CanGenerateKeyResponse) ProtoReflect() protoreflect.Message

func (*CanGenerateKeyResponse) Reset 

func (x *CanGenerateKeyResponse) Reset()

func (*CanGenerateKeyResponse) String 

func (x *CanGenerateKeyResponse) String() string

type CredentialzClient 

type CredentialzClient interface {
	RotateAccountCredentials(ctx context.Context, opts ...grpc.CallOption) (Credentialz_RotateAccountCredentialsClient, error)
	RotateHostCredentials(ctx context.Context, opts ...grpc.CallOption) (Credentialz_RotateHostCredentialsClient, error)
	CanGenerateKey(ctx context.Context, in *CanGenerateKeyRequest, opts ...grpc.CallOption) (*CanGenerateKeyResponse, error)
	GetPublicKeys(ctx context.Context, in *GetPublicKeysRequest, opts ...grpc.CallOption) (*GetPublicKeysResponse, error)
}

CredentialzClient is the client API for Credentialz service.

For semantics around ctx use and closing/ending streaming RPCs, please refer to https://pkg.go.dev/google.golang.org/grpc/?tab=doc#ClientConn.NewStream.

func NewCredentialzClient 

func NewCredentialzClient(cc grpc.ClientConnInterface) CredentialzClient

type CredentialzServer 

type CredentialzServer interface {
	RotateAccountCredentials(Credentialz_RotateAccountCredentialsServer) error
	RotateHostCredentials(Credentialz_RotateHostCredentialsServer) error
	CanGenerateKey(context.Context, *CanGenerateKeyRequest) (*CanGenerateKeyResponse, error)
	GetPublicKeys(context.Context, *GetPublicKeysRequest) (*GetPublicKeysResponse, error)
	// contains filtered or unexported methods
}

CredentialzServer is the server API for Credentialz service. All implementations must embed UnimplementedCredentialzServer for forward compatibility

type Credentialz_RotateAccountCredentialsClient 

type Credentialz_RotateAccountCredentialsClient interface {
	Send(*RotateAccountCredentialsRequest) error
	Recv() (*RotateAccountCredentialsResponse, error)
	grpc.ClientStream
}

type Credentialz_RotateAccountCredentialsServer 

type Credentialz_RotateAccountCredentialsServer interface {
	Send(*RotateAccountCredentialsResponse) error
	Recv() (*RotateAccountCredentialsRequest, error)
	grpc.ServerStream
}

type Credentialz_RotateHostCredentialsClient 

type Credentialz_RotateHostCredentialsClient interface {
	Send(*RotateHostCredentialsRequest) error
	Recv() (*RotateHostCredentialsResponse, error)
	grpc.ClientStream
}

type Credentialz_RotateHostCredentialsServer 

type Credentialz_RotateHostCredentialsServer interface {
	Send(*RotateHostCredentialsResponse) error
	Recv() (*RotateHostCredentialsRequest, error)
	grpc.ServerStream
}

type FinalizeRequest 

type FinalizeRequest struct {
	// contains filtered or unexported fields
}

func (*FinalizeRequest) Descriptor deprecated 

func (*FinalizeRequest) Descriptor() ([]byte, []int)

Deprecated: Use FinalizeRequest.ProtoReflect.Descriptor instead.

func (*FinalizeRequest) ProtoMessage 

func (*FinalizeRequest) ProtoMessage()

func (*FinalizeRequest) ProtoReflect 

func (x *FinalizeRequest) ProtoReflect() protoreflect.Message

func (*FinalizeRequest) Reset 

func (x *FinalizeRequest) Reset()

func (*FinalizeRequest) String 

func (x *FinalizeRequest) String() string

type GenerateKeysRequest 

type GenerateKeysRequest struct {
	KeyParams []KeyGen `` /* 128-byte string literal not displayed */
	// contains filtered or unexported fields
}

func (*GenerateKeysRequest) Descriptor deprecated 

func (*GenerateKeysRequest) Descriptor() ([]byte, []int)

Deprecated: Use GenerateKeysRequest.ProtoReflect.Descriptor instead.

func (*GenerateKeysRequest) GetKeyParams 

func (x *GenerateKeysRequest) GetKeyParams() []KeyGen

func (*GenerateKeysRequest) ProtoMessage 

func (*GenerateKeysRequest) ProtoMessage()

func (*GenerateKeysRequest) ProtoReflect 

func (x *GenerateKeysRequest) ProtoReflect() protoreflect.Message

func (*GenerateKeysRequest) Reset 

func (x *GenerateKeysRequest) Reset()

func (*GenerateKeysRequest) String 

func (x *GenerateKeysRequest) String() string

type GenerateKeysResponse 

type GenerateKeysResponse struct {
	PublicKeys []*PublicKey `protobuf:"bytes,1,rep,name=public_keys,json=publicKeys,proto3" json:"public_keys,omitempty"`
	// contains filtered or unexported fields
}

func (*GenerateKeysResponse) Descriptor deprecated 

func (*GenerateKeysResponse) Descriptor() ([]byte, []int)

Deprecated: Use GenerateKeysResponse.ProtoReflect.Descriptor instead.

func (*GenerateKeysResponse) GetPublicKeys added in v1.2.1 

func (x *GenerateKeysResponse) GetPublicKeys() []*PublicKey

func (*GenerateKeysResponse) ProtoMessage 

func (*GenerateKeysResponse) ProtoMessage()

func (*GenerateKeysResponse) ProtoReflect 

func (x *GenerateKeysResponse) ProtoReflect() protoreflect.Message

func (*GenerateKeysResponse) Reset 

func (x *GenerateKeysResponse) Reset()

func (*GenerateKeysResponse) String 

func (x *GenerateKeysResponse) String() string

type GetPublicKeysRequest added in v1.2.1 

type GetPublicKeysRequest struct {
	// contains filtered or unexported fields
}

func (*GetPublicKeysRequest) Descriptor deprecated added in v1.2.1 

func (*GetPublicKeysRequest) Descriptor() ([]byte, []int)

Deprecated: Use GetPublicKeysRequest.ProtoReflect.Descriptor instead.

func (*GetPublicKeysRequest) ProtoMessage added in v1.2.1 

func (*GetPublicKeysRequest) ProtoMessage()

func (*GetPublicKeysRequest) ProtoReflect added in v1.2.1 

func (x *GetPublicKeysRequest) ProtoReflect() protoreflect.Message

func (*GetPublicKeysRequest) Reset added in v1.2.1 

func (x *GetPublicKeysRequest) Reset()

func (*GetPublicKeysRequest) String added in v1.2.1 

func (x *GetPublicKeysRequest) String() string

type GetPublicKeysResponse added in v1.2.1 

type GetPublicKeysResponse struct {
	PublicKeys []*PublicKey `protobuf:"bytes,1,rep,name=public_keys,json=publicKeys,proto3" json:"public_keys,omitempty"`
	// contains filtered or unexported fields
}

func (*GetPublicKeysResponse) Descriptor deprecated added in v1.2.1 

func (*GetPublicKeysResponse) Descriptor() ([]byte, []int)

Deprecated: Use GetPublicKeysResponse.ProtoReflect.Descriptor instead.

func (*GetPublicKeysResponse) GetPublicKeys added in v1.2.1 

func (x *GetPublicKeysResponse) GetPublicKeys() []*PublicKey

func (*GetPublicKeysResponse) ProtoMessage added in v1.2.1 

func (*GetPublicKeysResponse) ProtoMessage()

func (*GetPublicKeysResponse) ProtoReflect added in v1.2.1 

func (x *GetPublicKeysResponse) ProtoReflect() protoreflect.Message

func (*GetPublicKeysResponse) Reset added in v1.2.1 

func (x *GetPublicKeysResponse) Reset()

func (*GetPublicKeysResponse) String added in v1.2.1 

func (x *GetPublicKeysResponse) String() string

type KeyGen 

type KeyGen int32
const (
	KeyGen_KEY_GEN_SSH_KEY_UNSPECIFIED        KeyGen = 0
	KeyGen_KEY_GEN_SSH_KEY_TYPE_RSA_2048      KeyGen = 1
	KeyGen_KEY_GEN_SSH_KEY_TYPE_ECDSA_P_256   KeyGen = 2
	KeyGen_KEY_GEN_SSH_KEY_TYPE_ECDSA_P_521   KeyGen = 3
	KeyGen_KEY_GEN_SSH_KEY_TYPE_EDDSA_ED25519 KeyGen = 4
	KeyGen_KEY_GEN_SSH_KEY_TYPE_RSA_4096      KeyGen = 5
)

func (KeyGen) Descriptor 

func (KeyGen) Descriptor() protoreflect.EnumDescriptor

func (KeyGen) Enum 

func (x KeyGen) Enum() *KeyGen

func (KeyGen) EnumDescriptor deprecated 

func (KeyGen) EnumDescriptor() ([]byte, []int)

Deprecated: Use KeyGen.Descriptor instead.

func (KeyGen) Number 

func (x KeyGen) Number() protoreflect.EnumNumber

func (KeyGen) String 

func (x KeyGen) String() string

func (KeyGen) Type 

func (KeyGen) Type() protoreflect.EnumType

type KeyType 

type KeyType int32
const (
	KeyType_KEY_TYPE_UNSPECIFIED KeyType = 0
	KeyType_KEY_TYPE_ECDSA_P_256 KeyType = 1
	KeyType_KEY_TYPE_ECDSA_P_521 KeyType = 2
	KeyType_KEY_TYPE_ED25519     KeyType = 3
	KeyType_KEY_TYPE_RSA_2048    KeyType = 4
	KeyType_KEY_TYPE_RSA_4096    KeyType = 5
)

func (KeyType) Descriptor 

func (KeyType) Descriptor() protoreflect.EnumDescriptor

func (KeyType) Enum 

func (x KeyType) Enum() *KeyType

func (KeyType) EnumDescriptor deprecated 

func (KeyType) EnumDescriptor() ([]byte, []int)

Deprecated: Use KeyType.Descriptor instead.

func (KeyType) Number 

func (x KeyType) Number() protoreflect.EnumNumber

func (KeyType) String 

func (x KeyType) String() string

func (KeyType) Type 

func (KeyType) Type() protoreflect.EnumType

type Option 

type Option struct {

	// Types that are assignable to Key:
	//	*Option_Name
	//	*Option_Id
	Key   isOption_Key `protobuf_oneof:"key"`
	Value string       `protobuf:"bytes,3,opt,name=value,proto3" json:"value,omitempty"`
	// contains filtered or unexported fields
}

func (*Option) Descriptor deprecated 

func (*Option) Descriptor() ([]byte, []int)

Deprecated: Use Option.ProtoReflect.Descriptor instead.

func (*Option) GetId 

func (x *Option) GetId() Option_StandardOption

func (*Option) GetKey 

func (m *Option) GetKey() isOption_Key

func (*Option) GetName 

func (x *Option) GetName() string

func (*Option) GetValue 

func (x *Option) GetValue() string

func (*Option) ProtoMessage 

func (*Option) ProtoMessage()

func (*Option) ProtoReflect 

func (x *Option) ProtoReflect() protoreflect.Message

func (*Option) Reset 

func (x *Option) Reset()

func (*Option) String 

func (x *Option) String() string

type Option_Id 

type Option_Id struct {
	Id Option_StandardOption `protobuf:"varint,2,opt,name=id,proto3,enum=gnsi.credentialz.v1.Option_StandardOption,oneof"`
}

type Option_Name 

type Option_Name struct {
	Name string `protobuf:"bytes,1,opt,name=name,proto3,oneof"`
}

type Option_StandardOption 

type Option_StandardOption int32
const (
	Option_STANDARD_OPTION_UNSPECIFIED         Option_StandardOption = 0
	Option_STANDARD_OPTION_AGENT_FORWARDING    Option_StandardOption = 1
	Option_STANDARD_OPTION_CERT_ATHORITY       Option_StandardOption = 2
	Option_STANDARD_OPTION_COMMAND             Option_StandardOption = 3
	Option_STANDARD_OPTION_ENVIRONMENT         Option_StandardOption = 4
	Option_STANDARD_OPTION_EXPIRY_TIME         Option_StandardOption = 5
	Option_STANDARD_OPTION_FROM                Option_StandardOption = 6
	Option_STANDARD_OPTION_NO_AGENT_FORWARDING Option_StandardOption = 7
	Option_STANDARD_OPTION_NO_PORT_FORWARDING  Option_StandardOption = 8
	Option_STANDARD_OPTION_NO_PTY              Option_StandardOption = 9
	Option_STANDARD_OPTION_NO_USER_RC          Option_StandardOption = 10
	Option_STANDARD_OPTION_NO_X11_FORWARDING   Option_StandardOption = 11
	Option_STANDARD_OPTION_PERMITLISTEN        Option_StandardOption = 12
	Option_STANDARD_OPTION_PERMITOPEN          Option_StandardOption = 13
	Option_STANDARD_OPTION_PORT_FORWARDING     Option_StandardOption = 14
	Option_STANDARD_OPTION_PRINCIPALS          Option_StandardOption = 15
	Option_STANDARD_OPTION_PTY                 Option_StandardOption = 16
	Option_STANDARD_OPTION_NO_TOUCH_REQUIRED   Option_StandardOption = 17
	Option_STANDARD_OPTION_VERIFY_REQUIRED     Option_StandardOption = 18
	Option_STANDARD_OPTION_RESTRICT            Option_StandardOption = 19
	Option_STANDARD_OPTION_TUNNEL              Option_StandardOption = 20
	Option_STANDARD_OPTION_USER_RC             Option_StandardOption = 21
	Option_STANDARD_OPTION_X11_FORWARDING      Option_StandardOption = 22
)

func (Option_StandardOption) Descriptor 

func (Option_StandardOption) Descriptor() protoreflect.EnumDescriptor

func (Option_StandardOption) Enum 

func (x Option_StandardOption) Enum() *Option_StandardOption

func (Option_StandardOption) EnumDescriptor deprecated 

func (Option_StandardOption) EnumDescriptor() ([]byte, []int)

Deprecated: Use Option_StandardOption.Descriptor instead.

func (Option_StandardOption) Number 

func (x Option_StandardOption) Number() protoreflect.EnumNumber

func (Option_StandardOption) String 

func (x Option_StandardOption) String() string

func (Option_StandardOption) Type 

func (Option_StandardOption) Type() protoreflect.EnumType

type PasswordRequest 

type PasswordRequest struct {
	Accounts []*PasswordRequest_Account `protobuf:"bytes,1,rep,name=accounts,proto3" json:"accounts,omitempty"`
	// contains filtered or unexported fields
}

func (*PasswordRequest) Descriptor deprecated 

func (*PasswordRequest) Descriptor() ([]byte, []int)

Deprecated: Use PasswordRequest.ProtoReflect.Descriptor instead.

func (*PasswordRequest) GetAccounts 

func (x *PasswordRequest) GetAccounts() []*PasswordRequest_Account

func (*PasswordRequest) ProtoMessage 

func (*PasswordRequest) ProtoMessage()

func (*PasswordRequest) ProtoReflect 

func (x *PasswordRequest) ProtoReflect() protoreflect.Message

func (*PasswordRequest) Reset 

func (x *PasswordRequest) Reset()

func (*PasswordRequest) String 

func (x *PasswordRequest) String() string

type PasswordRequest_Account 

type PasswordRequest_Account struct {
	Account   string                    `protobuf:"bytes,1,opt,name=account,proto3" json:"account,omitempty"`
	Password  *PasswordRequest_Password `protobuf:"bytes,2,opt,name=password,proto3" json:"password,omitempty"`
	Version   string                    `protobuf:"bytes,3,opt,name=version,proto3" json:"version,omitempty"`
	CreatedOn uint64                    `protobuf:"varint,4,opt,name=created_on,json=createdOn,proto3" json:"created_on,omitempty"`
	// contains filtered or unexported fields
}

func (*PasswordRequest_Account) Descriptor deprecated 

func (*PasswordRequest_Account) Descriptor() ([]byte, []int)

Deprecated: Use PasswordRequest_Account.ProtoReflect.Descriptor instead.

func (*PasswordRequest_Account) GetAccount 

func (x *PasswordRequest_Account) GetAccount() string

func (*PasswordRequest_Account) GetCreatedOn 

func (x *PasswordRequest_Account) GetCreatedOn() uint64

func (*PasswordRequest_Account) GetPassword 

func (x *PasswordRequest_Account) GetPassword() *PasswordRequest_Password

func (*PasswordRequest_Account) GetVersion 

func (x *PasswordRequest_Account) GetVersion() string

func (*PasswordRequest_Account) ProtoMessage 

func (*PasswordRequest_Account) ProtoMessage()

func (*PasswordRequest_Account) ProtoReflect 

func (x *PasswordRequest_Account) ProtoReflect() protoreflect.Message

func (*PasswordRequest_Account) Reset 

func (x *PasswordRequest_Account) Reset()

func (*PasswordRequest_Account) String 

func (x *PasswordRequest_Account) String() string

type PasswordRequest_CryptoHash 

type PasswordRequest_CryptoHash struct {
	HashType  PasswordRequest_CryptoHash_HashType `` /* 147-byte string literal not displayed */
	HashValue string                              `protobuf:"bytes,2,opt,name=hash_value,json=hashValue,proto3" json:"hash_value,omitempty"`
	// contains filtered or unexported fields
}

func (*PasswordRequest_CryptoHash) Descriptor deprecated 

func (*PasswordRequest_CryptoHash) Descriptor() ([]byte, []int)

Deprecated: Use PasswordRequest_CryptoHash.ProtoReflect.Descriptor instead.

func (*PasswordRequest_CryptoHash) GetHashType 

func (x *PasswordRequest_CryptoHash) GetHashType() PasswordRequest_CryptoHash_HashType

func (*PasswordRequest_CryptoHash) GetHashValue 

func (x *PasswordRequest_CryptoHash) GetHashValue() string

func (*PasswordRequest_CryptoHash) ProtoMessage 

func (*PasswordRequest_CryptoHash) ProtoMessage()

func (*PasswordRequest_CryptoHash) ProtoReflect 

func (x *PasswordRequest_CryptoHash) ProtoReflect() protoreflect.Message

func (*PasswordRequest_CryptoHash) Reset 

func (x *PasswordRequest_CryptoHash) Reset()

func (*PasswordRequest_CryptoHash) String 

func (x *PasswordRequest_CryptoHash) String() string

type PasswordRequest_CryptoHash_HashType 

type PasswordRequest_CryptoHash_HashType int32
const (
	PasswordRequest_CryptoHash_HASH_TYPE_UNSPECIFIED     PasswordRequest_CryptoHash_HashType = 0
	PasswordRequest_CryptoHash_HASH_TYPE_CRYPT_MD5       PasswordRequest_CryptoHash_HashType = 1
	PasswordRequest_CryptoHash_HASH_TYPE_CRYPT_SHA_2_512 PasswordRequest_CryptoHash_HashType = 2
)

func (PasswordRequest_CryptoHash_HashType) Descriptor 

func (PasswordRequest_CryptoHash_HashType) Descriptor() protoreflect.EnumDescriptor

func (PasswordRequest_CryptoHash_HashType) Enum 

func (x PasswordRequest_CryptoHash_HashType) Enum() *PasswordRequest_CryptoHash_HashType

func (PasswordRequest_CryptoHash_HashType) EnumDescriptor deprecated 

func (PasswordRequest_CryptoHash_HashType) EnumDescriptor() ([]byte, []int)

Deprecated: Use PasswordRequest_CryptoHash_HashType.Descriptor instead.

func (PasswordRequest_CryptoHash_HashType) Number 

func (x PasswordRequest_CryptoHash_HashType) Number() protoreflect.EnumNumber

func (PasswordRequest_CryptoHash_HashType) String 

func (x PasswordRequest_CryptoHash_HashType) String() string

func (PasswordRequest_CryptoHash_HashType) Type 

func (PasswordRequest_CryptoHash_HashType) Type() protoreflect.EnumType

type PasswordRequest_Password 

type PasswordRequest_Password struct {

	// Types that are assignable to Value:
	//	*PasswordRequest_Password_Plaintext
	//	*PasswordRequest_Password_CryptoHash
	Value isPasswordRequest_Password_Value `protobuf_oneof:"value"`
	// contains filtered or unexported fields
}

func (*PasswordRequest_Password) Descriptor deprecated 

func (*PasswordRequest_Password) Descriptor() ([]byte, []int)

Deprecated: Use PasswordRequest_Password.ProtoReflect.Descriptor instead.

func (*PasswordRequest_Password) GetCryptoHash 

func (x *PasswordRequest_Password) GetCryptoHash() *PasswordRequest_CryptoHash

func (*PasswordRequest_Password) GetPlaintext 

func (x *PasswordRequest_Password) GetPlaintext() string

func (*PasswordRequest_Password) GetValue 

func (m *PasswordRequest_Password) GetValue() isPasswordRequest_Password_Value

func (*PasswordRequest_Password) ProtoMessage 

func (*PasswordRequest_Password) ProtoMessage()

func (*PasswordRequest_Password) ProtoReflect 

func (x *PasswordRequest_Password) ProtoReflect() protoreflect.Message

func (*PasswordRequest_Password) Reset 

func (x *PasswordRequest_Password) Reset()

func (*PasswordRequest_Password) String 

func (x *PasswordRequest_Password) String() string

type PasswordRequest_Password_CryptoHash 

type PasswordRequest_Password_CryptoHash struct {
	CryptoHash *PasswordRequest_CryptoHash `protobuf:"bytes,2,opt,name=crypto_hash,json=cryptoHash,proto3,oneof"`
}

type PasswordRequest_Password_Plaintext 

type PasswordRequest_Password_Plaintext struct {
	Plaintext string `protobuf:"bytes,1,opt,name=plaintext,proto3,oneof"`
}

type PasswordResponse 

type PasswordResponse struct {
	// contains filtered or unexported fields
}

func (*PasswordResponse) Descriptor deprecated 

func (*PasswordResponse) Descriptor() ([]byte, []int)

Deprecated: Use PasswordResponse.ProtoReflect.Descriptor instead.

func (*PasswordResponse) ProtoMessage 

func (*PasswordResponse) ProtoMessage()

func (*PasswordResponse) ProtoReflect 

func (x *PasswordResponse) ProtoReflect() protoreflect.Message

func (*PasswordResponse) Reset 

func (x *PasswordResponse) Reset()

func (*PasswordResponse) String 

func (x *PasswordResponse) String() string

type PublicKey 

type PublicKey struct {
	PublicKey   []byte  `protobuf:"bytes,1,opt,name=public_key,json=publicKey,proto3" json:"public_key,omitempty"`
	KeyType     KeyType `protobuf:"varint,2,opt,name=key_type,json=keyType,proto3,enum=gnsi.credentialz.v1.KeyType" json:"key_type,omitempty"`
	Description string  `protobuf:"bytes,3,opt,name=description,proto3" json:"description,omitempty"`
	// contains filtered or unexported fields
}

func (*PublicKey) Descriptor deprecated 

func (*PublicKey) Descriptor() ([]byte, []int)

Deprecated: Use PublicKey.ProtoReflect.Descriptor instead.

func (*PublicKey) GetDescription 

func (x *PublicKey) GetDescription() string

func (*PublicKey) GetKeyType 

func (x *PublicKey) GetKeyType() KeyType

func (*PublicKey) GetPublicKey 

func (x *PublicKey) GetPublicKey() []byte

func (*PublicKey) ProtoMessage 

func (*PublicKey) ProtoMessage()

func (*PublicKey) ProtoReflect 

func (x *PublicKey) ProtoReflect() protoreflect.Message

func (*PublicKey) Reset 

func (x *PublicKey) Reset()

func (*PublicKey) String 

func (x *PublicKey) String() string

type RotateAccountCredentialsRequest 

type RotateAccountCredentialsRequest struct {

	// Types that are assignable to Request:
	//	*RotateAccountCredentialsRequest_Credential
	//	*RotateAccountCredentialsRequest_User
	//	*RotateAccountCredentialsRequest_Password
	//	*RotateAccountCredentialsRequest_Finalize
	Request isRotateAccountCredentialsRequest_Request `protobuf_oneof:"request"`
	// contains filtered or unexported fields
}

func (*RotateAccountCredentialsRequest) Descriptor deprecated 

func (*RotateAccountCredentialsRequest) Descriptor() ([]byte, []int)

Deprecated: Use RotateAccountCredentialsRequest.ProtoReflect.Descriptor instead.

func (*RotateAccountCredentialsRequest) GetCredential 

func (x *RotateAccountCredentialsRequest) GetCredential() *AuthorizedKeysRequest

func (*RotateAccountCredentialsRequest) GetFinalize 

func (x *RotateAccountCredentialsRequest) GetFinalize() *FinalizeRequest

func (*RotateAccountCredentialsRequest) GetPassword 

func (x *RotateAccountCredentialsRequest) GetPassword() *PasswordRequest

func (*RotateAccountCredentialsRequest) GetRequest 

func (m *RotateAccountCredentialsRequest) GetRequest() isRotateAccountCredentialsRequest_Request

func (*RotateAccountCredentialsRequest) GetUser 

func (x *RotateAccountCredentialsRequest) GetUser() *AuthorizedUsersRequest

func (*RotateAccountCredentialsRequest) ProtoMessage 

func (*RotateAccountCredentialsRequest) ProtoMessage()

func (*RotateAccountCredentialsRequest) ProtoReflect 

func (x *RotateAccountCredentialsRequest) ProtoReflect() protoreflect.Message

func (*RotateAccountCredentialsRequest) Reset 

func (x *RotateAccountCredentialsRequest) Reset()

func (*RotateAccountCredentialsRequest) String 

func (x *RotateAccountCredentialsRequest) String() string

type RotateAccountCredentialsRequest_Credential 

type RotateAccountCredentialsRequest_Credential struct {
	Credential *AuthorizedKeysRequest `protobuf:"bytes,1,opt,name=credential,proto3,oneof"`
}

type RotateAccountCredentialsRequest_Finalize 

type RotateAccountCredentialsRequest_Finalize struct {
	Finalize *FinalizeRequest `protobuf:"bytes,4,opt,name=finalize,proto3,oneof"`
}

type RotateAccountCredentialsRequest_Password 

type RotateAccountCredentialsRequest_Password struct {
	Password *PasswordRequest `protobuf:"bytes,3,opt,name=password,proto3,oneof"`
}

type RotateAccountCredentialsRequest_User 

type RotateAccountCredentialsRequest_User struct {
	User *AuthorizedUsersRequest `protobuf:"bytes,2,opt,name=user,proto3,oneof"`
}

type RotateAccountCredentialsResponse 

type RotateAccountCredentialsResponse struct {

	// Types that are assignable to Response:
	//	*RotateAccountCredentialsResponse_Credential
	//	*RotateAccountCredentialsResponse_User
	//	*RotateAccountCredentialsResponse_Password
	Response isRotateAccountCredentialsResponse_Response `protobuf_oneof:"response"`
	// contains filtered or unexported fields
}

func (*RotateAccountCredentialsResponse) Descriptor deprecated 

func (*RotateAccountCredentialsResponse) Descriptor() ([]byte, []int)

Deprecated: Use RotateAccountCredentialsResponse.ProtoReflect.Descriptor instead.

func (*RotateAccountCredentialsResponse) GetCredential 

func (x *RotateAccountCredentialsResponse) GetCredential() *AuthorizedKeysResponse

func (*RotateAccountCredentialsResponse) GetPassword 

func (x *RotateAccountCredentialsResponse) GetPassword() *PasswordResponse

func (*RotateAccountCredentialsResponse) GetResponse 

func (m *RotateAccountCredentialsResponse) GetResponse() isRotateAccountCredentialsResponse_Response

func (*RotateAccountCredentialsResponse) GetUser 

func (x *RotateAccountCredentialsResponse) GetUser() *AuthorizedUsersResponse

func (*RotateAccountCredentialsResponse) ProtoMessage 

func (*RotateAccountCredentialsResponse) ProtoMessage()

func (*RotateAccountCredentialsResponse) ProtoReflect 

func (x *RotateAccountCredentialsResponse) ProtoReflect() protoreflect.Message

func (*RotateAccountCredentialsResponse) Reset 

func (x *RotateAccountCredentialsResponse) Reset()

func (*RotateAccountCredentialsResponse) String 

func (x *RotateAccountCredentialsResponse) String() string

type RotateAccountCredentialsResponse_Credential 

type RotateAccountCredentialsResponse_Credential struct {
	Credential *AuthorizedKeysResponse `protobuf:"bytes,1,opt,name=credential,proto3,oneof"`
}

type RotateAccountCredentialsResponse_Password 

type RotateAccountCredentialsResponse_Password struct {
	Password *PasswordResponse `protobuf:"bytes,3,opt,name=password,proto3,oneof"`
}

type RotateAccountCredentialsResponse_User 

type RotateAccountCredentialsResponse_User struct {
	User *AuthorizedUsersResponse `protobuf:"bytes,2,opt,name=user,proto3,oneof"`
}

type RotateHostCredentialsRequest 

type RotateHostCredentialsRequest struct {

	// Types that are assignable to Request:
	//	*RotateHostCredentialsRequest_SshCaPublicKey
	//	*RotateHostCredentialsRequest_ServerKeys
	//	*RotateHostCredentialsRequest_Finalize
	//	*RotateHostCredentialsRequest_GenerateKeys
	Request isRotateHostCredentialsRequest_Request `protobuf_oneof:"request"`
	// contains filtered or unexported fields
}

func (*RotateHostCredentialsRequest) Descriptor deprecated 

func (*RotateHostCredentialsRequest) Descriptor() ([]byte, []int)

Deprecated: Use RotateHostCredentialsRequest.ProtoReflect.Descriptor instead.

func (*RotateHostCredentialsRequest) GetFinalize 

func (x *RotateHostCredentialsRequest) GetFinalize() *FinalizeRequest

func (*RotateHostCredentialsRequest) GetGenerateKeys added in v1.2.1 

func (x *RotateHostCredentialsRequest) GetGenerateKeys() *GenerateKeysRequest

func (*RotateHostCredentialsRequest) GetRequest 

func (m *RotateHostCredentialsRequest) GetRequest() isRotateHostCredentialsRequest_Request

func (*RotateHostCredentialsRequest) GetServerKeys 

func (x *RotateHostCredentialsRequest) GetServerKeys() *ServerKeysRequest

func (*RotateHostCredentialsRequest) GetSshCaPublicKey 

func (x *RotateHostCredentialsRequest) GetSshCaPublicKey() *CaPublicKeyRequest

func (*RotateHostCredentialsRequest) ProtoMessage 

func (*RotateHostCredentialsRequest) ProtoMessage()

func (*RotateHostCredentialsRequest) ProtoReflect 

func (x *RotateHostCredentialsRequest) ProtoReflect() protoreflect.Message

func (*RotateHostCredentialsRequest) Reset 

func (x *RotateHostCredentialsRequest) Reset()

func (*RotateHostCredentialsRequest) String 

func (x *RotateHostCredentialsRequest) String() string

type RotateHostCredentialsRequest_Finalize 

type RotateHostCredentialsRequest_Finalize struct {
	Finalize *FinalizeRequest `protobuf:"bytes,3,opt,name=finalize,proto3,oneof"`
}

type RotateHostCredentialsRequest_GenerateKeys added in v1.2.1 

type RotateHostCredentialsRequest_GenerateKeys struct {
	GenerateKeys *GenerateKeysRequest `protobuf:"bytes,4,opt,name=generate_keys,json=generateKeys,proto3,oneof"`
}

type RotateHostCredentialsRequest_ServerKeys 

type RotateHostCredentialsRequest_ServerKeys struct {
	ServerKeys *ServerKeysRequest `protobuf:"bytes,2,opt,name=server_keys,json=serverKeys,proto3,oneof"`
}

type RotateHostCredentialsRequest_SshCaPublicKey 

type RotateHostCredentialsRequest_SshCaPublicKey struct {
	SshCaPublicKey *CaPublicKeyRequest `protobuf:"bytes,1,opt,name=ssh_ca_public_key,json=sshCaPublicKey,proto3,oneof"`
}

type RotateHostCredentialsResponse 

type RotateHostCredentialsResponse struct {

	// Types that are assignable to Response:
	//	*RotateHostCredentialsResponse_SshCaPublicKey
	//	*RotateHostCredentialsResponse_ServerKeys
	//	*RotateHostCredentialsResponse_GenerateKeys
	Response isRotateHostCredentialsResponse_Response `protobuf_oneof:"response"`
	// contains filtered or unexported fields
}

func (*RotateHostCredentialsResponse) Descriptor deprecated 

func (*RotateHostCredentialsResponse) Descriptor() ([]byte, []int)

Deprecated: Use RotateHostCredentialsResponse.ProtoReflect.Descriptor instead.

func (*RotateHostCredentialsResponse) GetGenerateKeys added in v1.2.1 

func (x *RotateHostCredentialsResponse) GetGenerateKeys() *GenerateKeysResponse

func (*RotateHostCredentialsResponse) GetResponse 

func (m *RotateHostCredentialsResponse) GetResponse() isRotateHostCredentialsResponse_Response

func (*RotateHostCredentialsResponse) GetServerKeys 

func (x *RotateHostCredentialsResponse) GetServerKeys() *ServerKeysResponse

func (*RotateHostCredentialsResponse) GetSshCaPublicKey added in v1.2.1 

func (x *RotateHostCredentialsResponse) GetSshCaPublicKey() *CaPublicKeyResponse

func (*RotateHostCredentialsResponse) ProtoMessage 

func (*RotateHostCredentialsResponse) ProtoMessage()

func (*RotateHostCredentialsResponse) ProtoReflect 

func (x *RotateHostCredentialsResponse) ProtoReflect() protoreflect.Message

func (*RotateHostCredentialsResponse) Reset 

func (x *RotateHostCredentialsResponse) Reset()

func (*RotateHostCredentialsResponse) String 

func (x *RotateHostCredentialsResponse) String() string

type RotateHostCredentialsResponse_GenerateKeys added in v1.2.1 

type RotateHostCredentialsResponse_GenerateKeys struct {
	GenerateKeys *GenerateKeysResponse `protobuf:"bytes,3,opt,name=generate_keys,json=generateKeys,proto3,oneof"`
}

type RotateHostCredentialsResponse_ServerKeys 

type RotateHostCredentialsResponse_ServerKeys struct {
	ServerKeys *ServerKeysResponse `protobuf:"bytes,2,opt,name=server_keys,json=serverKeys,proto3,oneof"`
}

type RotateHostCredentialsResponse_SshCaPublicKey added in v1.2.1 

type RotateHostCredentialsResponse_SshCaPublicKey struct {
	SshCaPublicKey *CaPublicKeyResponse `protobuf:"bytes,1,opt,name=ssh_ca_public_key,json=sshCaPublicKey,proto3,oneof"`
}

type ServerKeysRequest 

type ServerKeysRequest struct {
	AuthArtifacts []*ServerKeysRequest_AuthenticationArtifacts `protobuf:"bytes,1,rep,name=auth_artifacts,json=authArtifacts,proto3" json:"auth_artifacts,omitempty"`
	Version       string                                       `protobuf:"bytes,2,opt,name=version,proto3" json:"version,omitempty"`
	CreatedOn     uint64                                       `protobuf:"varint,3,opt,name=created_on,json=createdOn,proto3" json:"created_on,omitempty"`
	// contains filtered or unexported fields
}

func (*ServerKeysRequest) Descriptor deprecated 

func (*ServerKeysRequest) Descriptor() ([]byte, []int)

Deprecated: Use ServerKeysRequest.ProtoReflect.Descriptor instead.

func (*ServerKeysRequest) GetAuthArtifacts 

func (x *ServerKeysRequest) GetAuthArtifacts() []*ServerKeysRequest_AuthenticationArtifacts

func (*ServerKeysRequest) GetCreatedOn 

func (x *ServerKeysRequest) GetCreatedOn() uint64

func (*ServerKeysRequest) GetVersion 

func (x *ServerKeysRequest) GetVersion() string

func (*ServerKeysRequest) ProtoMessage 

func (*ServerKeysRequest) ProtoMessage()

func (*ServerKeysRequest) ProtoReflect 

func (x *ServerKeysRequest) ProtoReflect() protoreflect.Message

func (*ServerKeysRequest) Reset 

func (x *ServerKeysRequest) Reset()

func (*ServerKeysRequest) String 

func (x *ServerKeysRequest) String() string

type ServerKeysRequest_AuthenticationArtifacts 

type ServerKeysRequest_AuthenticationArtifacts struct {
	PrivateKey  []byte `protobuf:"bytes,1,opt,name=private_key,json=privateKey,proto3" json:"private_key,omitempty"`
	Certificate []byte `protobuf:"bytes,2,opt,name=certificate,proto3" json:"certificate,omitempty"`
	// contains filtered or unexported fields
}

func (*ServerKeysRequest_AuthenticationArtifacts) Descriptor deprecated 

func (*ServerKeysRequest_AuthenticationArtifacts) Descriptor() ([]byte, []int)

Deprecated: Use ServerKeysRequest_AuthenticationArtifacts.ProtoReflect.Descriptor instead.

func (*ServerKeysRequest_AuthenticationArtifacts) GetCertificate 

func (x *ServerKeysRequest_AuthenticationArtifacts) GetCertificate() []byte

func (*ServerKeysRequest_AuthenticationArtifacts) GetPrivateKey 

func (x *ServerKeysRequest_AuthenticationArtifacts) GetPrivateKey() []byte

func (*ServerKeysRequest_AuthenticationArtifacts) ProtoMessage 

func (*ServerKeysRequest_AuthenticationArtifacts) ProtoMessage()

func (*ServerKeysRequest_AuthenticationArtifacts) ProtoReflect 

func (x *ServerKeysRequest_AuthenticationArtifacts) ProtoReflect() protoreflect.Message

func (*ServerKeysRequest_AuthenticationArtifacts) Reset 

func (x *ServerKeysRequest_AuthenticationArtifacts) Reset()

func (*ServerKeysRequest_AuthenticationArtifacts) String 

func (x *ServerKeysRequest_AuthenticationArtifacts) String() string

type ServerKeysResponse 

type ServerKeysResponse struct {
	// contains filtered or unexported fields
}

func (*ServerKeysResponse) Descriptor deprecated 

func (*ServerKeysResponse) Descriptor() ([]byte, []int)

Deprecated: Use ServerKeysResponse.ProtoReflect.Descriptor instead.

func (*ServerKeysResponse) ProtoMessage 

func (*ServerKeysResponse) ProtoMessage()

func (*ServerKeysResponse) ProtoReflect 

func (x *ServerKeysResponse) ProtoReflect() protoreflect.Message

func (*ServerKeysResponse) Reset 

func (x *ServerKeysResponse) Reset()

func (*ServerKeysResponse) String 

func (x *ServerKeysResponse) String() string

type UnimplementedCredentialzServer 

type UnimplementedCredentialzServer struct {
}

UnimplementedCredentialzServer must be embedded to have forward compatible implementations.

func (UnimplementedCredentialzServer) CanGenerateKey 

func (UnimplementedCredentialzServer) CanGenerateKey(context.Context, *CanGenerateKeyRequest) (*CanGenerateKeyResponse, error)

func (UnimplementedCredentialzServer) GetPublicKeys added in v1.2.1 

func (UnimplementedCredentialzServer) GetPublicKeys(context.Context, *GetPublicKeysRequest) (*GetPublicKeysResponse, error)

func (UnimplementedCredentialzServer) RotateAccountCredentials 

func (UnimplementedCredentialzServer) RotateAccountCredentials(Credentialz_RotateAccountCredentialsServer) error

func (UnimplementedCredentialzServer) RotateHostCredentials 

func (UnimplementedCredentialzServer) RotateHostCredentials(Credentialz_RotateHostCredentialsServer) error

type UnsafeCredentialzServer 

type UnsafeCredentialzServer interface {
	// contains filtered or unexported methods
}

UnsafeCredentialzServer may be embedded to opt out of forward compatibility for this service. Use of this interface is not recommended, as added methods to CredentialzServer will result in compilation errors.

type UserPolicy 

type UserPolicy struct {
	Account string `protobuf:"bytes,1,opt,name=account,proto3" json:"account,omitempty"`
	// Types that are assignable to UserAuthorization:
	//	*UserPolicy_AuthorizedUsers
	//	*UserPolicy_PrincipalCheck
	UserAuthorization isUserPolicy_UserAuthorization `protobuf_oneof:"user_authorization"`
	Version           string                         `protobuf:"bytes,4,opt,name=version,proto3" json:"version,omitempty"`
	CreatedOn         uint64                         `protobuf:"varint,5,opt,name=created_on,json=createdOn,proto3" json:"created_on,omitempty"`
	// contains filtered or unexported fields
}

func (*UserPolicy) Descriptor deprecated 

func (*UserPolicy) Descriptor() ([]byte, []int)

Deprecated: Use UserPolicy.ProtoReflect.Descriptor instead.

func (*UserPolicy) GetAccount 

func (x *UserPolicy) GetAccount() string

func (*UserPolicy) GetAuthorizedUsers 

func (x *UserPolicy) GetAuthorizedUsers() *UserPolicy_SshAuthorizedUsers

func (*UserPolicy) GetCreatedOn 

func (x *UserPolicy) GetCreatedOn() uint64

func (*UserPolicy) GetPrincipalCheck 

func (x *UserPolicy) GetPrincipalCheck() *UserPolicy_AuthorizedPrincipalCheck

func (*UserPolicy) GetUserAuthorization 

func (m *UserPolicy) GetUserAuthorization() isUserPolicy_UserAuthorization

func (*UserPolicy) GetVersion 

func (x *UserPolicy) GetVersion() string

func (*UserPolicy) ProtoMessage 

func (*UserPolicy) ProtoMessage()

func (*UserPolicy) ProtoReflect 

func (x *UserPolicy) ProtoReflect() protoreflect.Message

func (*UserPolicy) Reset 

func (x *UserPolicy) Reset()

func (*UserPolicy) String 

func (x *UserPolicy) String() string

type UserPolicy_AuthorizedPrincipalCheck 

type UserPolicy_AuthorizedPrincipalCheck struct {
	Tool    UserPolicy_AuthorizedPrincipalCheck_Tool `` /* 128-byte string literal not displayed */
	Options []*Option                                `protobuf:"bytes,2,rep,name=options,proto3" json:"options,omitempty"`
	// contains filtered or unexported fields
}

func (*UserPolicy_AuthorizedPrincipalCheck) Descriptor deprecated 

func (*UserPolicy_AuthorizedPrincipalCheck) Descriptor() ([]byte, []int)

Deprecated: Use UserPolicy_AuthorizedPrincipalCheck.ProtoReflect.Descriptor instead.

func (*UserPolicy_AuthorizedPrincipalCheck) GetOptions 

func (x *UserPolicy_AuthorizedPrincipalCheck) GetOptions() []*Option

func (*UserPolicy_AuthorizedPrincipalCheck) GetTool 

func (x *UserPolicy_AuthorizedPrincipalCheck) GetTool() UserPolicy_AuthorizedPrincipalCheck_Tool

func (*UserPolicy_AuthorizedPrincipalCheck) ProtoMessage 

func (*UserPolicy_AuthorizedPrincipalCheck) ProtoMessage()

func (*UserPolicy_AuthorizedPrincipalCheck) ProtoReflect 

func (x *UserPolicy_AuthorizedPrincipalCheck) ProtoReflect() protoreflect.Message

func (*UserPolicy_AuthorizedPrincipalCheck) Reset 

func (x *UserPolicy_AuthorizedPrincipalCheck) Reset()

func (*UserPolicy_AuthorizedPrincipalCheck) String 

func (x *UserPolicy_AuthorizedPrincipalCheck) String() string

type UserPolicy_AuthorizedPrincipalCheck_Tool 

type UserPolicy_AuthorizedPrincipalCheck_Tool int32
const (
	UserPolicy_AuthorizedPrincipalCheck_TOOL_UNSPECIFIED UserPolicy_AuthorizedPrincipalCheck_Tool = 0
	UserPolicy_AuthorizedPrincipalCheck_TOOL_HIBA        UserPolicy_AuthorizedPrincipalCheck_Tool = 1
)

func (UserPolicy_AuthorizedPrincipalCheck_Tool) Descriptor 

func (UserPolicy_AuthorizedPrincipalCheck_Tool) Descriptor() protoreflect.EnumDescriptor

func (UserPolicy_AuthorizedPrincipalCheck_Tool) Enum 

func (x UserPolicy_AuthorizedPrincipalCheck_Tool) Enum() *UserPolicy_AuthorizedPrincipalCheck_Tool

func (UserPolicy_AuthorizedPrincipalCheck_Tool) EnumDescriptor deprecated 

func (UserPolicy_AuthorizedPrincipalCheck_Tool) EnumDescriptor() ([]byte, []int)

Deprecated: Use UserPolicy_AuthorizedPrincipalCheck_Tool.Descriptor instead.

func (UserPolicy_AuthorizedPrincipalCheck_Tool) Number 

func (x UserPolicy_AuthorizedPrincipalCheck_Tool) Number() protoreflect.EnumNumber

func (UserPolicy_AuthorizedPrincipalCheck_Tool) String 

func (x UserPolicy_AuthorizedPrincipalCheck_Tool) String() string

func (UserPolicy_AuthorizedPrincipalCheck_Tool) Type 

func (UserPolicy_AuthorizedPrincipalCheck_Tool) Type() protoreflect.EnumType

type UserPolicy_AuthorizedUsers 

type UserPolicy_AuthorizedUsers struct {
	AuthorizedUsers *UserPolicy_SshAuthorizedUsers `protobuf:"bytes,2,opt,name=authorized_users,json=authorizedUsers,proto3,oneof"`
}

type UserPolicy_PrincipalCheck 

type UserPolicy_PrincipalCheck struct {
	PrincipalCheck *UserPolicy_AuthorizedPrincipalCheck `protobuf:"bytes,3,opt,name=principal_check,json=principalCheck,proto3,oneof"`
}

type UserPolicy_SshAuthorizedUser 

type UserPolicy_SshAuthorizedUser struct {
	AuthorizedUser string    `protobuf:"bytes,1,opt,name=authorized_user,json=authorizedUser,proto3" json:"authorized_user,omitempty"`
	Options        []*Option `protobuf:"bytes,2,rep,name=options,proto3" json:"options,omitempty"`
	// contains filtered or unexported fields
}

func (*UserPolicy_SshAuthorizedUser) Descriptor deprecated 

func (*UserPolicy_SshAuthorizedUser) Descriptor() ([]byte, []int)

Deprecated: Use UserPolicy_SshAuthorizedUser.ProtoReflect.Descriptor instead.

func (*UserPolicy_SshAuthorizedUser) GetAuthorizedUser 

func (x *UserPolicy_SshAuthorizedUser) GetAuthorizedUser() string

func (*UserPolicy_SshAuthorizedUser) GetOptions 

func (x *UserPolicy_SshAuthorizedUser) GetOptions() []*Option

func (*UserPolicy_SshAuthorizedUser) ProtoMessage 

func (*UserPolicy_SshAuthorizedUser) ProtoMessage()

func (*UserPolicy_SshAuthorizedUser) ProtoReflect 

func (x *UserPolicy_SshAuthorizedUser) ProtoReflect() protoreflect.Message

func (*UserPolicy_SshAuthorizedUser) Reset 

func (x *UserPolicy_SshAuthorizedUser) Reset()

func (*UserPolicy_SshAuthorizedUser) String 

func (x *UserPolicy_SshAuthorizedUser) String() string

type UserPolicy_SshAuthorizedUsers 

type UserPolicy_SshAuthorizedUsers struct {
	AuthorizedUsers []*UserPolicy_SshAuthorizedUser `protobuf:"bytes,2,rep,name=authorized_users,json=authorizedUsers,proto3" json:"authorized_users,omitempty"`
	// contains filtered or unexported fields
}

func (*UserPolicy_SshAuthorizedUsers) Descriptor deprecated 

func (*UserPolicy_SshAuthorizedUsers) Descriptor() ([]byte, []int)

Deprecated: Use UserPolicy_SshAuthorizedUsers.ProtoReflect.Descriptor instead.

func (*UserPolicy_SshAuthorizedUsers) GetAuthorizedUsers 

func (x *UserPolicy_SshAuthorizedUsers) GetAuthorizedUsers() []*UserPolicy_SshAuthorizedUser

func (*UserPolicy_SshAuthorizedUsers) ProtoMessage 

func (*UserPolicy_SshAuthorizedUsers) ProtoMessage()

func (*UserPolicy_SshAuthorizedUsers) ProtoReflect 

func (x *UserPolicy_SshAuthorizedUsers) ProtoReflect() protoreflect.Message

func (*UserPolicy_SshAuthorizedUsers) Reset 

func (x *UserPolicy_SshAuthorizedUsers) Reset()

func (*UserPolicy_SshAuthorizedUsers) String 

func (x *UserPolicy_SshAuthorizedUsers) String() string

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.