Knocknoc client (scriptable login)
To gain access to underlying networks and systems, end-usersĀ log in to Knocknoc interactively via the Server component. This provides registered orchestration-Agents information to perform ongoing access provisioning.
If you need to script access in a non-interactive or headless way, such as before a file transfer (eg: SCP/SSH/RSYNC), the knocknoc-client can be utilized.
Install the knocknoc-client package
On Debian / Ubuntu and similar variants:
# update your package information
sudo apt update
# install the client package
sudo apt install knocknoc-client
On Red Hat / CentOS / Oracle Linux:
# update your package information
sudo yum check-update
# on older systems
sudo yum install knocknoc-client
# on newer systems
sudo dnf install knocknoc-client
Once installed, a knocknoc-client binary is located at /usr/bin/knocknoc-client
Using the knocknoc-client
$ /usr/bin/knocknoc-client --help
Usage of knocknoc-client:
Supports two modes of operation:
1. Config file (use -newconfig to generate, then -config to use)
2. CLI params (not recommended as ApiKey could be captured in history/logs etc)
Config file mode:
-newconfig string
Write a new config file to the given location and exit
-config value
Location of config file
-persist
Maintain access to Knocknoc-protected resources
CLI mode:
-ApiKey value
API key to use for authentication (WARNING: extremely insecure)
-ServerInsecureHttps
Allow the client to connect to a server with an invalid TLS certificate
-ServerUrl value
URL of Knocknoc server to contact
-Username value
Username to authenticate as
Other:
-version
Show version information and exit