Linux command
systemd-creds 命令
文本
复制后可按需替换文件名、目录或参数。
常用示例
Encrypt
systemd-creds encrypt --name [name] [input] [output]
Decrypt
systemd-creds decrypt [input] [output]
Example
echo -n [text] | systemd-creds encrypt --name [name] - [output]
Example
echo -n [text] | systemd-creds encrypt --name [name] --pretty - - >> [unit.service]
Example
systemd-creds encrypt --not-after "[timestamp]" [input] [output]
说明
systemd-creds manages encrypted credentials for systemd services. Credentials are encrypted secrets that can be securely passed to services via the `$CREDENTIALS_DIRECTORY` mechanism. Credentials can be encrypted with the host key, TPM2, or both. They support time-based expiry and can be embedded directly in unit files using the `--pretty` format.
参数
- --name= _NAME_
- Set credential name
- --pretty
- Output in format suitable for unit files
- --not-after= _TIMESTAMP_
- Set credential expiry time
- --with-key= _TYPE_
- Encryption key source (host, tpm2, etc.)
FAQ
What is the systemd-creds command used for?
systemd-creds manages encrypted credentials for systemd services. Credentials are encrypted secrets that can be securely passed to services via the `$CREDENTIALS_DIRECTORY` mechanism. Credentials can be encrypted with the host key, TPM2, or both. They support time-based expiry and can be embedded directly in unit files using the `--pretty` format.
How do I run a basic systemd-creds example?
Run `systemd-creds encrypt --name [name] [input] [output]` in a terminal, then adjust file names, paths, flags, or remote targets for your system.
What does --name= _NAME_ do in systemd-creds?
Set credential name