Command-Line Introduction

While this guide won’t comprehensively cover each command available, it will give you an overview of the commands you can run as an SDM user. For details on each command, see the reference section for each command.

Logging in and out

$ sdm login
e-mail: letmein@strongdm.com
Please complete logging in at: https://app.strongdm.com/auth/XXXXXXXXXX
authentication successful
$ sdm logout

If your organization uses SSO, it will redirect you to authenticate via the web. The CLI will attempt to open the provided URL in your browser, or you can visit the URL directly.

Locking and unlocking the client

If you have MFA enabled in your organization, you can manually lock and unlock the client from the command line.

$ sdm lock
locked
$ sdm unlock
awaiting confirmation...
unlocked

When in awaiting confirmation... state you will receive an MFA push to complete the unlock process.

Checking status of datasources and servers

$ sdm status
     DATASOURCE NAME           STATUS            PORT      TYPE
     ! mysql 5.6.39            not connected     13311     mysql
     !jsonb-test               not connected     15438     aurora-postgres
     Cache01                   not connected     16379     redis
     CacheM01                  not connected     21211     memcached
     Inventory DB (Heroku)     not connected     15434     postgres
     Marketing DB RW           not connected     15435     postgres
     MySQL 5.6                 not connected     13310     mysql
     Pricing DB RO             not connected     13306     mysql
     Users Profile DB RO       not connected     15436     postgres

     SERVER                    STATUS            PORT      TYPE
     RDP prod server           not connected     13389     rdp
     prod01 sudo               not connected     62609     ssh
     prod02                    not connected     62524     ssh

Connecting to and disconnecting from a datasource

$ sdm connect Marketing
connect successful
$ sdm status
     DATASOURCE NAME           STATUS            PORT      TYPE
     ! mysql 5.6.39            not connected     13311     mysql
     !jsonb-test               not connected     15438     aurora-postgres
     Cache01                   not connected     16379     redis
     CacheM01                  not connected     21211     memcached
     Inventory DB (Heroku)     not connected     15434     postgres
     Marketing DB RW           connected         15435     postgres
     MySQL 5.6                 not connected     13310     mysql
     Pricing DB RO             not connected     13306     mysql
     Users Profile DB RO       not connected     15436     postgres

     SERVER                    STATUS            PORT      TYPE
     RDP prod server           not connected     13389     rdp
     prod01 sudo               not connected     62609     ssh
     prod02                    not connected     62524     ssh
$ psql -h localhost -p 15435 -c 'select 42;'
 ?column?
----------
       42
(1 row)
$ sdm disconnect Marketing
disconnect successful

Connecting to SSH

As described in the SSH connection guide there are several ways to connect to SSH servers. The easiest is to use the sdm ssh aliases. Using this method it is not necessary to run sdm connect before opening the SSH connection.

$ alias|grep sdm
scp='scp -S'\''/usr/local/bin/sdm'\'' -osdmSCP'
ssh='/usr/local/bin/sdm ssh wrapped-run'
$ ssh prod02
Last login: Wed Mar 13 14:23:01 2019 from ip-xx-xx-xx-xx.us-west-2.compute.internal

       __|  __|_  )
       _|  (     /   Amazon Linux 2 AMI
      ___|\___|___|

https://aws.amazon.com/amazon-linux-2/
[ops@ip-xx-xx-xx-xx ~]$ exit
logout
Connection to 127.0.0.1 closed.

Note: This command is not available to Windows CLI users. To connect to SSH servers using Windows and the CLI, run sdm connect <servername> then connect with your preferred ssh client to localhost:<port>.