Synopsis
[Create] |
Description
Creates, sets, or deletes a key pair (public key/private key) to be used by the mjrmtjob command (remote machine command/shell script execution command).
When using the create and getkey options, the public key is output to the specified directory.
A non-RSA key (ECDSA) can be created by setting the MJKEYGEN_KEYTYPE environment variable.
Options
create
Creates a key pair for the effective user of this command or the user specified in the -u option, sets the key for the system and outputs the public key file(user name.mjeskey.pub).
-k <public key storage directory>
Specify the full path of the public key storage directory using up to 64 bytes.
Alphanumeric characters and the following symbols ("\", ".", ":", "-", "_") can be used.
-u <user name>
Specify the user name of the target key pair. Specify any user using up to 64 bytes. Alphanumeric characters and the following symbols ("\", ".", ":", "-", "_") can be used.
This option can be specified only when this command is executed by a system administrator (user belonging to the Administrators group).
A local account cannot be specified when using Active Directory.
Also, the user principal name cannot be specified.
If this option is omitted, the key pair target user will be the effective user of the command.
delete
Deletes the key pair set for the system.
getkey
Outputs the public key (user name.mjeskey.pub) if the key pair is set to the system. This option can be used for cases such as when the public key is deleted by mistake.
chkkey
Checks if the key pair is set to the system.
Environment Variable
Specifies to create a non-RSA key (ECDSA).
Environment Variable | Value (Key Type) |
|---|---|
MJKEYGEN_KEYTYPE | Specify one of the following:
|
Return Values
Return value | Meaning |
|---|---|
0 | The command processing has terminated normally. |
Other than 0 | The command processing has failed. An error message is output. |
Command Location
Windows | <Systemwalker Operation Manager installation directory>\MpWalker.JM\bin |
Cautions
This command configures the settings before executing a command or script deployed on the remote machine using the mjrmtjob command. This command cannot be used for other purposes.
If this command is executed again with the create option while a key pair has already been set, it will return an error. To update, delete the key pair with the delete option and then execute the create option.
For subsystems that the option Execute jobs under the respective job owner's authority is not selected in the Define Operating Information window of the Systemwalker Operation Manager environment setup client, execute the mjkeygen command as a system administrator and create a key pair for the logon account (SYSTEM by default) of the Job Execution Control.
Examples
[Executed by a general user]
Creates and sets a key pair
mjkeygen create -k D:\temp |
Deletes the key pair
mjkeygen delete |
Obtains the public key that has already been set
mjkeygen getkey -k D:\temp |
Checks if the key pair has been set
mjkeygen chkkey |
[Executed by a system administrator]
The system administrator creates and sets a key pair for the user:SYSTEM.(For RSA)
mjkeygen create -k D:\temp -u SYSTEM |
Example of a System Administrator Creating and Configuring a Key Pair for User: SYSTEM (For ECDSA256)
SET MJKEYGEN_KEYTYPE=ecdsa256 mjkeygen create -k D:\temp -u SYSTEM |
The system administrator deletes the key pair for the user:SYSTEM.
mjkeygen delete -u SYSTEM |
The system administrator obtains the public key for the user:SYSTEM that has already been set.
mjkeygen getkey -k D:\temp -u SYSTEM |
The system administrator checks if the key pair for the user:SYSTEM has been set.
mjkeygen chkkey -u SYSTEM |
Output Example
The mjkeygen chkkey command is executed with a key pair set.
exist |
The mjkeygen chkkey command is executed without a key pair set.
not exist |
