users command

Use this command to access all user accounts and their authority levels.

The users command is used to access all user accounts and their authority levels, and to create new user accounts and modify or clear existing accounts.

Syntax:

users -[user_account] [-options]

Table 1. users options
Option	Description	Values
-[user_account]	User account number.	The user account number, user_account, is specified as an integer from 1 to 1 in the command option.
-l	Display password expiration days
-n	User account name	Unique string containing only numbers, letters, periods, and underscores. Minimum of 4 characters and maximum of 16 characters.
-p	User account password	String that contains at least one alphabetic and one non-alphabetic character. Minimum of 6 characters and maximum of 255 characters. Null creates an account without a password that the user must set during their first login.
-shp	Set hash password	Total 64 characters
-ssalt	Set salt	Limited to 64 characters
-ghp	Get hashpassword
-gsalt	Get salt
-r	Role name	Administrator, Operator, ReadOnly, or customized roles. As listed in roles command command.
-clear	Erase specified user account	User account index number to erase must be specified, following the form: `users -clear -[user_account]` Note If you are authorized, you can remove your own account or the account of other users, even if they are currently logged in, unless it is the only account remaining with User Account Management privileges. Sessions that are already in progress when user accounts are deleted will not be automatically terminated.
-curr	Display users currently logged in
-ai	User accessible Interface	web, ssh, redfish, ipmi, snmp, all Note A default value (web\|ssh\|redfish) will be set if there is no -ai option.
-sauth	SNMPv3 authentication protocol	none, HMAC-SHA, HMAC_SHA224, HMAC_SHA256, HMAC_SHA384, HMAC_SHA512
-spriv	SNMPv3 privacy protocol	none, CBC_DES, AES, AES192, AES256, AES192C, AES256C
-spw	SNMPv3 privacy password	Valid password
-sacc	SNMPv3 access type (only supports gets)	get
-pk	Display SSH public key for user	User account index number. Note Each SSH key assigned to the user is displayed, along with an identifying key index number. When using the SSH public key options, the -pk option must be used after the user index (-userindex option), of the form: users -2 -pk. All keys are in OpenSSH format.
The following options are used along with -pk
-e	Display entire SSH key in OpenSSH format (SSH public key option)	This option takes no arguments and must be used exclusive of all other users -pk options. Note When using the SSH public key options, the -pk option must be used after the user index (-userindex option), of the form: users -2 -pk -e.
-remove	Remove SSH public key from user (SSH public key option)	Public key index number to remove must be given as a specific -key_index or -all for all keys assigned to the user. Note When using the SSH public key options, the -pk option must be used after the user index (-userindex option), of the form: users -2 -pk -remove -1.
-add	Add SSH public key for user (SSH public key option)	Quote-delimited key in OpenSSH format Note The -add option is used exclusive of all other users -pk command options. When using the SSH public key options, the -pk option must be used after the user index (-userindex option), of the form: users -2 -pk -add "AAAAB3NzC1yc2EAAAABIwAAA QEAvfnTUzRF7pdBuaBy4dO/aIFasa/Gtc+o/wlZnuC4aD HMA1UmnMyLOCiIaNOy4OOICEKCqjKEhrYymtAoVtfKApv Y39GpnSGRC/qcLGWLM4cmirKL5kxHNOqIcwbT1NPceoKH j46X7E+mqlfWnAhhjDpcVFjagM3Ek2y7w/tBGrwGgN7DP HJU1tzcJy68mEAnIrzjUoR98Q3/B9cJD77ydGKe8rPdI2 hIEpXR5dNUiupA1Yd8PSSMgdukASKEd3eRRZTBl3SAtMu cUsTkYjlXcqex1OQz4+N50R6MbNcwlsx+mTEAvvcpJhug a70UNPGhLJMl6k7jeJiQ8Xd2p XbOZQ=="
-upld	Upload an SSH public key in OpenSSH or RFC4716 format (SSH public key option)	Requires the -i and -l options to specify key location. Note The -upld option is used exclusive of all other users -pk command options (except for -i and -l). To replace a key with a new key, you must specify a -key_index. To add a key to the end of the list of current keys, do not specify a key index. When using the SSH public key options, the -pk option must be used after the user index (-userindex option), of the form: users -2 -pk -upld -i tftp://9.72.216.40/ -l file.key.
-dnld	Download the specified SSH public key to a TFTP/SFTP server (SSH public key option)	Requires a -key_index to specify the key to download and the -i and -l options to specify the download location on another computer running a TFTP server. Note The -dnld option is used exclusive of all other users -pk command options (except for -i, -l, and -key_index). When using the SSH public key options, the -pk option must be used after the user index (-userindex option), of the form: users -2 -pk -dnld -1 -i tftp://9.72.216.40/ -l file.key.
-i	IP address of TFTP/SFTP server for uploading or downloading a key file (SSH public key option)	Valid IP address Note The -i option is required by the users -pk -upld and users -pk -dnld command options.
-pn	Port number of TFTP/SFTP server (SSH public key option)	Valid port number (default 69/22) Note An optional parameter for the users -pk -upld and users -pk -dnld command options.
-u	User name for SFTP server (SSH public key option)	Valid user name Note An optional parameter for the users -pk -upld and users -pk -dnld command options.
-pw	Password for SFTP server (SSH public key option)	Valid password Note An optional parameter for the users -pk -upld and users -pk -dnld command options.
-l	File name for uploading or downloading a key file via TFTP or SFTP (SSH public key option)	Valid file name Note The -l option is required by the users -pk -upld and users -pk -dnld command options.
-af	Accept connections from host (SSH public key option)	A comma-separated list of hostnames and IP addresses, limited to 511 characters. Valid characters include: alphanumeric, comma, asterisk, question mark, exclamation point, period, hyphen, colon and percent sign.
-cm	Comment (SSH public key option)	Quote-delimited string of up to 255 characters. Note When using the SSH public key options, the -pk option must be used after the user index (-userindex option), of the form: users -2 -pk -cm "This is my comment.".

Example:

system> users
Login ID    Name      Advanced Attribute       Role             Password Expires
---------      ----         ------------------            ----              ----------------
1      USERID      redfish|ssh|web      Administrator       Password doesn't expire
system> users -1
-n: USERID
-ai: redfish|ssh|web
-r: Administrator
-l: Password doesn't expire
-sauth: HMAC-SHA
-spriv: AES
-sacc: gets

system> hashpw –sw enabled –re enabled
system> users -5 –n guest5 –shp 292bcbc41bb078cf5bd258db60b63a4b337c8c954409442cfad7148bc6428fee –ssalt abc –r  Adminis-trator
system> users -5 ghp
292bcbc41bb078cf5bd258db60b63a4b337c8c954409442cfad7148bc6428fee 
system> users -5 gsalt
abc
system> users -2 -n sptest -p Passw0rd12 -r Administrator
The user is required to change the password when the user logs in to the management serv-er for the first time
ok
system> users
 Account      Login ID      Advanced Attribute                       Role              Password Expires
 -------      --------      ------------------                       ------            ----------------
    1           USERID                  Native                Administrator                   90 day(s)
2           sptest                  Native                Administrator            Password expired 

system> users -2 -pk all
Key 1
ssh-rsa 2048 bit HA256:ka6jcTanehALAO3mo3qFhzCo164RFCWcj+NWAQYOg4M root@localhost.localdomain
-af 10.2.4.6
-cm root@localhost.localdomain
Key 2
ssh-rsa 2048 bit HA256:ka6jcTanehALAO3mo3qFhzCo164RFCWcj+NWAQYOg4M root@localhost.localdomain
-af

Give documentation feedback