kbsecret-new(1) - create a new kbsecret(1) record

kbsecret-new(1)
KBSecret Manual
kbsecret-new(1)

NAME

kbsecret-new - create a new kbsecret(1) record

SYNOPSIS

kbsecret new [options] <type> <record>

DESCRIPTION

kbsecret new creates a new kbsecret record.

Each kbsecret record has a type, a label (the record's identifier), and a list of fields whose length depends on the type. For example, the login type has two fields: a username and a password, in that order.

Fields can be input interactively (the default), or in a terse format via -x, --terse.

type can be abbreviated, where unambiguous. The list of available types can be found via kbsecret-types(1).

OPTIONS

-s, --session <session>

The session to create the record under.

If unspecified, the default session is assumed.

-f, --force

Force record creation, even if overwriting another record with the same label.

-e, --echo

Echo all input to the terminal. By default, like passwd(1), sensitive input fields are not echoed.

This only applies when the user is on an interactive terminal and has not passed -x, --terse.

-G, --generate

Generate sensitive fields instead of prompting for them.

This only applies during interactive, non-terse usage.

-g, --generator <generator>

Use the given generator profile to generate sensitive fields.

If unspecified, the default generator is assumed.

-x, --terse

Read fields from input in a terse format, similar to the formats emitted by kbsecret-login(1) and kbsecret-dump-fields(1).

The field separator can be modified via the -i/--ifs option.

-i, --ifs <separator>

The string used to separate fields when -x, --terse is also used.

The default field separator is read from $IFS, falling back to ":" if $IFS is not set.

ENVIRONMENT

The $IFS environment variable provides a default for -i, --ifs.

EXAMPLES

$ kbsecret new login -e netflix
Username? bob
Password? hunter2

$ kbsecret new login -G yahoo
Username? alice

$ kbsecret new login youtube -G -g special-generator

$ kbsecret new login -x men-in-black <<< "agent_smith:ihateroaches"

$ echo "agent_jay^cricketgun" | kbsecret new login -i '^' -x men-in-black-2

# note the abbreviated type!
$ kbsecret new env my-api-key

SECURITY CONSIDERATIONS

Enabling terminal echo with -e, --echo is less secure than the default interactive input, unless you know for a fact that nobody is looking over your shoulder.