Create a new bastion account


--osh accountCreate --account ACCOUNT <--uid UID|--uid-auto> [OPTIONS]

--account NAME

Account name to create, NAME must contain only valid UNIX account name characters

--uid UID

Account system UID, also see --uid-auto


Auto-select an UID from the allowed range (the upper available one will be used)


This account's activation won't be challenged on connection, even if the bastion is globally

configured to check for account activation


This account will only be able to use --osh commands, and can't connect anywhere through the bastion

--max-inactive-days DAYS

Set account expiration policy, overriding the global bastion configuration 'accountMaxInactiveDays',

setting this option to zero disables account expiration.


Deny any subsequent modification of the account key (selfAddKey and selfDelKey are denied)

--comment '"STRING"'

An optional comment when creating the account. Quote it twice as shown if you're under a shell.

--public-key '"KEY"'

Account public SSH key to deposit on the bastion, if not present,

you'll be prompted interactively for it. Quote it twice as shown if your're under a shell.


Don't prompt for an SSH key, no ingress public key will be installed


Time after which the account will be deactivated (amount of seconds, or duration string such as "4d12h15m")