Hi all.
we have Vault, at moment for testing purposes, and I stored in k/v secrets, a ssh private key and the ssh config to login onto some servers.
How can I use vault, as CLI, to retrieve the priv ssh key and then connect to a server automatically from a terminal?
Cheers
Hi @alfredodeluca,
I’d rather recommend to use Vault’s SSH backend to manage access, this gives you fine grained control:
Here is also a good presentation on that subject:
Thanks @fhemberger
The problem is that the vault ssh dynamic keys are deprecated and, at the moment, I want to create something for the servers already deployed.
Cheers
Probably the best way is to use signed certificates, so you can always revoke access for single users.
ok thanks. I ll give it a try but still I need to change conf on all the servers.
Thanks anyway