Red Hat SummitChapter 3. Hammer authentication
A Satellite user must prove their identity to Red Hat Satellite when entering hammer commands. Hammer commands can be run manually or automatically. In either case, hammer requires Satellite credentials for authentication. There are three methods of hammer authentication:
- Hammer authentication session
- Storing credentials in the hammer configuration file
- Providing credentials with each hammer command
The hammer configuration file method is recommended when running commands automatically. For example, running Satellite maintenance commands from a cron job. When running commands manually, Red Hat recommends using the hammer authentication session and providing credentials with each command.
3.1. Authenticating Hammer using a configuration file
If you ran the Satellite installation with --foreman-initial-admin-username and --foreman-initial-admin-password options, credentials you entered are stored in the ~/.hammer/cli.modules.d/foreman.yml configuration file on Satellite Server. Hammer does not prompt for your credentials when you run it on Satellite Server.
If you run a standalone Hammer, add your credentials to the Hammer configuration file.
If you change your credentials on Satellite Server, you must update the configuration file manually. The installer does not overwrite the configuration file.
Procedure
Add your credentials to the
~/.hammer/cli.modules.d/foreman.ymlconfiguration file::foreman: :username: 'username' :password: 'password'Use only spaces for indentation in Hammer configuration files, do not use tabs.
3.2. Authenticating Hammer using CLI options
If you do not have your Satellite credentials saved in the ~/.hammer/cli.modules.d/foreman.yml configuration file, Hammer prompts you for them each time you enter a command.
Examples in this guide assume that you have saved credentials in the configuration file or are using a Hammer authentication session.
Procedure
Specify your credentials when executing a command as follows:
$ hammer -u username -p password subcommands
3.3. Authenticating Hammer using sessions
The Hammer authentication session is a cache that stores your credentials, and you have to provide them only once, at the beginning of the session. This method is suited to running several Hammer commands in succession, for example a script containing Hammer commands. In this scenario, you enter your Satellite credentials once, and the script runs as expected. By using the Hammer authentication session, you avoid storing your credentials in the script itself and in the ~/.hammer/cli.modules.d/foreman.yml Hammer configuration file.
Prerequisites
You have enabled sessions by adding
:use_sessions: trueto the~/.hammer/cli.modules.d/foreman.ymlfile::foreman: :use_sessions: trueNote that if you enable sessions, credentials stored in the configuration file will be ignored.
Optional: You can change the length of a session, for example, to 30 minutes:
$ hammer settings set \ --name idle_timeout \ --value 30The default length is 60 minutes.
Procedure
Start a session:
$ hammer auth loginYou are prompted for your Satellite credentials, and logged in. You will not be prompted for the credentials again until your session expires.
Verification
View the current status of the session:
$ hammer auth status
Next steps
End the session:
$ hammer auth logout
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}